----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74292/#review225503 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java Lines 1575 (patched) <https://reviews.apache.org/r/74292/#comment314070> This loop calls roleStore.getRoles(filter) repeatedly after PARAM_ROLE_NAME param is removed from the filter, and adding it back with a name in roleNameList once for each name in the roleNameList. Consider a roleNameList as {"a", "b" }. First iteration will not contain any role with name "a" but it will contain role with name "b". Next iteration will do inverse of this, with the result that roleLists will eventually contain roles with names "a" as well as "b". Consider calling getRoles(filter) only once and then iterating over all roles returned to remove any role that has a name in the roleNameList. security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java Line 1643 (original), 1644 (patched) <https://reviews.apache.org/r/74292/#comment314069> This test only ensures that the backward compatibility is maintained (by passing a parameter JSON_FILE_NAME_TYPE.POLICY). The new functionality for testing the roles is not tested (it could be tested by passing parameter JSON_FILE_NAME_TYPE.ROLE). - Abhay Kulkarni On May 31, 2023, 8:14 a.m., Rakesh Gupta wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74292/ > ----------------------------------------------------------- > > (Updated May 31, 2023, 8:14 a.m.) > > > Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > sanket shelar, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-4025 > https://issues.apache.org/jira/browse/RANGER-4025 > > > Repository: ranger > > > Description > ------- > > Provide API for Roles import/export. > > > Diffs > ----- > > agents-common/src/main/java/org/apache/ranger/plugin/model/RangerRole.java > 682bbd640 > security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java > c19e3e1a1 > security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java > 421b2312d > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 04aee289e > security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 4f0edd2b0 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 3447eb20e > > security-admin/src/main/java/org/apache/ranger/view/RangerExportRoleList.java > PRE-CREATION > security-admin/src/main/java/org/apache/ranger/view/RangerPolicyList.java > 4799b3f03 > security-admin/src/main/java/org/apache/ranger/view/RangerRoleList.java > adbe93db6 > security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java > 9d17553a4 > > > Diff: https://reviews.apache.org/r/74292/diff/8/ > > > Testing > ------- > > Tested the below Rest API's for Roles import/export to make sure everything > works fine. > > RoleREST Rest API :GET /roles/roles/exportJson > RoleREST Rest API :GET > /roles/roles/exportJson?roleName={rolename},{rolename},.... > > RoleREST Rest API :GET /roles/roles/importRolesFromFile > RoleREST Rest API :GET /roles/roles/importRolesFromFile?updateIfExists=true > RoleREST Rest API :GET > /roles/roles/importRolesFromFile?createNonExistUserGroupRole=true > > > Thanks, > > Rakesh Gupta > >
