> On Oct. 31, 2020, 1:30 a.m., Madhan Neethiraj wrote:
> > security-admin/src/main/java/org/apache/ranger/db/XXRMSServiceResourceDao.java
> > Line 158 (original), 158 (patched)
> > <https://reviews.apache.org/r/72997/diff/1/?file=2241756#file2241756line158>
> >
> > Only resourceElements is currently handled by
> > serializtation/deserialization; 'ownerName' field is not handled:-(
> >
> > I suggest to consider a DB patch, to update existing values in
> > XXRMSServiceResource.serviceResourceElements column to hold following
> > structure (instead of directly Map<String, RangerPolicyResource>):
> >
> >
> > public static StoredServiceResource implements java.io.Serializable {
> > private Map<String, RangerPolicyResource> resourceElements;
> > private String ownerName;
> > private Map<String, String> additonalInfo;
> > }
> >
> > This will help avoid parsing for
> > SERVICE_RESOURCE_ADDITIONAL_INFO_DELIMITER_STRING during every read here
> > after.
>
> Abhay Kulkarni wrote:
> Should this be done for the XXServiceResourceDao class as well? If so, a
> java patch will be equired to update more tables.
Updates to XXServiceResource can be handled in a separate patch. Given there
could be large number of entries in this table, it might be useful to not
perform migration, and handle it dynamically by looking for a prefix like "v2:"
(similar to the current patch that looks for presence of
RangerServiceResource.SERVICE_RESOURCE_ADDITIONAL_INFO_DELIMITER_STRING) :
String serializedStringFromDb =
xxServiceResource.getServiceResourceElements();
if (serializedStringFromDb.beginsWith("v2:")) {
StoredServiceResource storedServiceResource =
gsonBuilder.fromJson(serializedStringFromDb.substring("v2:".length,
STORED_SERVICE_RESOURCE_TYPE);
ret.setResourceElements(storedServiceResource.getResourceElements());
ret.setOwnerName(storedServiceResource.getOwnerName());
ret.setAdditionalInfo(storedServiceResource.getAdditionalInfo());
} else {
Map<String, RangerPolicy.RangerPolicyResource> serviceResourceElements =
gsonBuilder.fromJson(serializedStringFromDb, subsumedDataType);
ret.setResourceElements(serviceResourceElements);
}
While saving the data, add prefix "v2:"
- Madhan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72997/#review222153
-----------------------------------------------------------
On Oct. 31, 2020, 12:42 a.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72997/
> -----------------------------------------------------------
>
> (Updated Oct. 31, 2020, 12:42 a.m.)
>
>
> Review request for ranger and Madhan Neethiraj.
>
>
> Bugs: RANGER-3065
> https://issues.apache.org/jira/browse/RANGER-3065
>
>
> Repository: ranger
>
>
> Description
> -------
>
> RangerServiceResource model class represents, in Ranger, an entity that may
> be authorized by Ranger. It is useful to have it store, in a generic way, any
> additional information that may be useful during authorization.
>
>
> Diffs
> -----
>
>
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java
> bdd3e544c
>
> security-admin/src/main/java/org/apache/ranger/db/XXRMSServiceResourceDao.java
> 8938e6df2
>
>
> Diff: https://reviews.apache.org/r/72997/diff/1/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Abhay Kulkarni
>
>
