-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74686/
-----------------------------------------------------------
(Updated Oct. 20, 2023, noon)
Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika
Kachhadiya, and Prashant Satam.
Changes
-------
Addressed review comments
Bugs: RANGER-4486
https://issues.apache.org/jira/browse/RANGER-4486
Repository: ranger
Description
-------
The PUT API - /service/public/v2/api/zones-v2/{zoneId}/partial allows addition
of duplicate principals (admin and auditor UGR) and tagServices.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerSecurityZoneHelper.java
facc305fe
Diff: https://reviews.apache.org/r/74686/diff/2/
Changes: https://reviews.apache.org/r/74686/diff/1-2/
Testing
-------
Validated the PUT API - /service/public/v2/api/zones-v2/{zoneId}/partial, by
passing duplicate tagService and adminUser in request repeatedly:
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697718906796,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServicesToAdd": [
"tag1", "tag1"
],
"adminsToAdd": [
{
"type": "USER",
"name": "mark"
},
{
"type": "USER",
"name": "mark"
}
]
}
The zone is updated with single adminUser and tagService:
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697775464068,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServices": [
"tag1"
],
"admins": [
{
"type": "USER",
"name": "mark"
}
],
"auditors": [
{
"type": "USER",
"name": "mark"
}
]
}
Thanks,
Subhrat Chaudhary
