[jira] [Updated] (RANGER-4767) Deleted policies are still taking effect if all policies for a security zone are deleted

Fri, 21 Jun 2024 08:15:04 -0700 


     [ 
https://issues.apache.org/jira/browse/RANGER-4767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-4767:
-------------------------------------
    Fix Version/s: 3.0.0
                   2.5.0

> Deleted policies are still taking effect if all policies for a security zone 
> are deleted
> ----------------------------------------------------------------------------------------
>
>                 Key: RANGER-4767
>                 URL: https://issues.apache.org/jira/browse/RANGER-4767
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>            Reporter: Abhishek
>            Assignee: Abhay Kulkarni
>            Priority: Major
>             Fix For: 3.0.0, 2.5.0
>
>
> If all the policies for a security zone are deleted, then still the previous 
> policies are taking effect.
> If there are no policies in the repo, then the following error is seen in the 
> logs
> while syncing the policies, and the previously existing policies are still 
> taking effect and operations are allowed through those policies
> {code:java|bgColor=#f4f5f7}
> 2024-04-02T16:09:42.913Z      ERROR   
> PolicyRefresher(serviceName=cm_trino)-233       
> org.apache.ranger.plugin.service.RangerBasePlugin       setPolicies: policy 
> engine initialization failed!  Leaving current policy engine as-is. Exception 
> : 
> java.lang.NullPointerException: Cannot invoke "java.util.List.iterator()" 
> because "this.policies" is null
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyRepository.init(RangerPolicyRepository.java:887)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyRepository.<init>(RangerPolicyRepository.java:229)
>       at 
> org.apache.ranger.plugin.policyengine.PolicyEngine.<init>(PolicyEngine.java:264)
>       at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.<init>(RangerPolicyEngineImpl.java:104)
>       at 
> org.apache.ranger.plugin.service.RangerBasePlugin.setPolicies(RangerBasePlugin.java:363)
>       at 
> org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:264)
>       at 
> org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:210) 
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to