[
https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133923#comment-17133923
]
Madhan Neethiraj commented on RANGER-2856:
------------------------------------------
[~RickyMa] - instead of handling such optimization in lower level
{{updatePolicy()}} method, which is called from many different contexts, I
suggest to consider adding a new REST API to purge empty policies, like:
{code:java}
public class PublicAPIsv2 {
...
@DELETE
@Path("/api/server/purgepolicies/{serviceName}")
@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
public List<RangerPolicy> purgeEmptyPolicies(@PathParam("serviceName",
@Context HttpServletRequest request) String serviceName) {
...
}
...
}
{code}
> A policy should be deleted if it has no policyItems
> ---------------------------------------------------
>
> Key: RANGER-2856
> URL: https://issues.apache.org/jira/browse/RANGER-2856
> Project: Ranger
> Issue Type: Bug
> Components: admin, Ranger
> Affects Versions: master
> Reporter: RickyMa
> Priority: Minor
> Fix For: master
>
> Attachments: RANGER-2856.patch
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Condition: A policy contains only one policyItem and the policyItem only sets
> one user and no groups.
> Action: Delete the user in the policyItem using API:
> '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,]
> Result: The policy still exists, but it has no policyItems. A policy with no
> policyItems is completely meaningless and it should be deleted.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
