Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review221142 --- Ship it! Ship It! - Pradeep Agrawal On July 2, 2020, 5:23 p.m., Bill Ricky wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > --- > > (Updated July 2, 2020, 5:23 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > --- > > A policy should be deleted if it has no policyItems > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java > 564a2e764 > security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java > 4862442c9 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 2a507dd8e > > > Diff: https://reviews.apache.org/r/72588/diff/2/ > > > Testing > --- > > 1.Compilation OK > 2.Already used in production environment > > > File Attachments > > > RANGER-2856.patch > > https://reviews.apache.org/media/uploaded/files/2020/06/14/e6fee3bc-4d58-41e9-9efd-b07d0b47646e__RANGER-2856.patch > > > Thanks, > > Bill Ricky > >
Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/ --- (Updated 七月 2, 2020, 5:23 p.m.) Review request for ranger. Bugs: RANGER-2856 https://issues.apache.org/jira/browse/RANGER-2856 Repository: ranger Description --- A policy should be deleted if it has no policyItems Diffs (updated) - security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 564a2e764 security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java 4862442c9 security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 2a507dd8e Diff: https://reviews.apache.org/r/72588/diff/2/ Changes: https://reviews.apache.org/r/72588/diff/1-2/ Testing --- 1.Compilation OK 2.Already used in production environment File Attachments RANGER-2856.patch https://reviews.apache.org/media/uploaded/files/2020/06/14/e6fee3bc-4d58-41e9-9efd-b07d0b47646e__RANGER-2856.patch Thanks, Bill Ricky
Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review220999 --- Why you want to delete such policies. Can you give more details on your side use case or the problem you are facing here. Also there could be many users who want such policies as madhan explained above. So if you really want this fix in your environment i would suggest to make it configurable through either approach: 1) At the service level through service config page and add a custom property there. if the value of that property is set to true then only your code shall delete the policy. by default property shall not be there so its value will be false and in that case policies should not be deleted. or 2) The same configuration can be added at the application level in ranger-admin-default-site.xml and default value shall be false and in that case policies should not be deleted. - Pradeep Agrawal On June 11, 2020, 5:51 p.m., Haoxiang Ma wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > --- > > (Updated June 11, 2020, 5:51 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > --- > > A policy should be deleted if it has no policyItems > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 9be61f2eb > > > Diff: https://reviews.apache.org/r/72588/diff/1/ > > > Testing > --- > > 1.Compilation OK > 2.Already used in production environment > > > Thanks, > > Haoxiang Ma > >
Re: Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/#review220997 --- The side effect is deleting such policies is potential skipping of audit logs for the resources covered by the policy i.e. if there is no audit-enabled policy that matches the accessed resource, Ranger plugins would not generate audit logs. I suggest to not delete policies having no items automatically. - Madhan Neethiraj On June 11, 2020, 5:51 p.m., Haoxiang Ma wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/72588/ > --- > > (Updated June 11, 2020, 5:51 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2856 > https://issues.apache.org/jira/browse/RANGER-2856 > > > Repository: ranger > > > Description > --- > > A policy should be deleted if it has no policyItems > > > Diffs > - > > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 9be61f2eb > > > Diff: https://reviews.apache.org/r/72588/diff/1/ > > > Testing > --- > > 1.Compilation OK > 2.Already used in production environment > > > Thanks, > > Haoxiang Ma > >
Review Request 72588: RANGER-2856: A policy should be deleted if it has no policyItems
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/72588/ --- Review request for ranger. Bugs: RANGER-2856 https://issues.apache.org/jira/browse/RANGER-2856 Repository: ranger Description --- A policy should be deleted if it has no policyItems Diffs - security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 9be61f2eb Diff: https://reviews.apache.org/r/72588/diff/1/ Testing --- 1.Compilation OK 2.Already used in production environment Thanks, Haoxiang Ma
