[
https://issues.apache.org/jira/browse/RANGER-2866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17139224#comment-17139224
]
Abhishek Shukla commented on RANGER-2866:
-----------------------------------------
[~madhan]
This is was a mistake from my end, I forgot enabling the recursive flag on the
volume resource in my duplicate policy, and that's why ranger allowed creating
the duplicate policy as it has different resource values.
So just to confirm Ranger only checks :
* resources dict [resource values, isExcludes, isRecursive flags]
* policyPriority
* isEnabled
* validitySchedules
* global options/conditions for all policies
if in the new policy all these configs values are the same as any existing
policy, new policy creation is denied otherwise it's allowed.
[other configs like policyItems etc are not compared]
> Ozone service should not allow creation of duplicate policies with same
> resources
> ---------------------------------------------------------------------------------
>
> Key: RANGER-2866
> URL: https://issues.apache.org/jira/browse/RANGER-2866
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 2.1.0
> Reporter: Abhishek Shukla
> Priority: Major
>
> Observed that ozone service in ranger allows the creation of duplicate
> policies with the same resources, while with other older services [hdfs etc]
> we are not allowed to do that and we get the error message that there is an
> existing policy with the same resources.
>
> Creating this Jira for fixing this issue in ozone ranger service.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
