-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70397/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Pradeep Agrawal, and Ramesh Mani.
Bugs: RANGER-2396
https://issues.apache.org/jira/browse/RANGER-2396
Repository: ranger
Description
-------
Create or Delete Policy operations in a disabled Ranger service causes
policy-cache for the service to out of sync with the policy database. One
manifestation of this is as seen in this scenario.
Disable a Ranger service
Delete a policy in the service
Operation is shown as successful, however, the policy listing page still lists
deleted policy, and viewing the policy causes error: 'Policy does not exist'.
The root cause of this was that policy-cache was not updated when service was
disabled.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
5e10e0d33
agents-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java
3ce92125e
security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
4b1c0c41a
security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
86b3c004f
Diff: https://reviews.apache.org/r/70397/diff/1/
Testing
-------
Tested the scenario described in a cluster and ensured that the policy listing
page is updated correctly, and deleted policy is not listed on it.
Thanks,
Abhay Kulkarni
