-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74974/
-----------------------------------------------------------
Review request for ranger, Anand Nadar, Asit Vadhavkar, Madhan Neethiraj,
Monika Kachhadiya, and Siddhesh Phatak.
Bugs: RANGER-4789
https://issues.apache.org/jira/browse/RANGER-4789
Repository: ranger
Description
-------
In security-zone when resource name is updated, admin audit is generated for
same, with details about old and new value.
When the json data compression is enabled in the security-zone with the
property:
ranger.admin.store.security.zone.compress.json_data
the old and new value in the generated admin audit is blank, when only the
resource name is changed. The reason for this is, if compression is enabled,
only the resource count is added in the new and old values. Hence if the
resource count does not change, change details in the admin audit is blank.
In the code flow to update security-zone, when no change is noticed in the new
and old values, a dummy admin audit is being added with null for old and new
values. In this fix, removing the that code block.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
5534c8056
security-admin/src/main/java/org/apache/ranger/service/RangerSecurityZoneServiceService.java
a6cb2ae74
Diff: https://reviews.apache.org/r/74974/diff/1/
Testing
-------
Validations done:
1. For the change only in security-zone resource name (resource count of the
zone is same), admin audit is not generated.
2. For above case x_service_version_info.policy_version is incremented (same as
existing behavior).
3. If a resource is added or removed from the security-zone, admin audit is
generated for same.
4. All the existing Junits are passing
Thanks,
Subhrat Chaudhary
