-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74705/
-----------------------------------------------------------
Review request for ranger, Anand Nadar, Ankita Sinha, Madhan Neethiraj, Monika
Kachhadiya, and Prashant Satam.
Bugs: RANGER-4486
https://issues.apache.org/jira/browse/RANGER-4486
Repository: ranger
Description
-------
Following issues are noticed in the zone-v2 PUT API -
/service/public/v2/api/zones-v2/{zone-id}/partial:
1. If adminsToRemove or auditorsToRemove have some principal that doesn't
exist, response is true (updated to throw exception in this case).
2. If tagServicesToRemove have some tag service name that doesn't exist,
response is true (updated to throw exception in this case).
3. If resourcesToRemove have some resource that doesn't exist, response is true
(updated to throw exception in this case).
4. If the resource, is updated, the audit data i.e. createdBy and createTime is
overwritten,
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/util/RangerSecurityZoneHelper.java
fbdacd4a6
security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
f45cdd396
Diff: https://reviews.apache.org/r/74705/diff/1/
Testing
-------
Validations done:
1.Tried to remove resources (one valid and one invalid) from a zone using
partial PUT API - error thrown.
2.Tried to remove tag services (one valid and one invalid) from a zone using
partial PUT API - error thrown.
3.Tried to remove user (one valid and one invalid) from a zone using partial
PUT API - error thrown.
4.Updated resource using zone-v2 PUT API - createdBy/createTime available in
updated resource in the zone.
Thanks,
Subhrat Chaudhary
