Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RANGER-4783: remove duplicates for users/groups/roles during policy validation #311

Merged
merged 2 commits into from
May 6, 2024
Merged

RANGER-4783: remove duplicates for users/groups/roles during policy validation #311

merged 2 commits into from
May 6, 2024

Conversation

fateh288
Copy link
Contributor

What changes were proposed in this pull request?

De-duplicate the users/groups/roles during policy validation when policy created/updated via REST (duplicates are prevented via ranger UI already)

How was this patch tested?

Local Docker container with master branch
Unzip the attached scripts folder - the folder contains some payloads which have duplicate users/groups/roles.
Run bash create-policies.sh "/service/public/v2/api/policy" command and wait for the script to finish
Login to Ranger Admin and check policies created in Hive - duplicate users/groups/roles are de-duplicated.
scripts 3.zip

@kumaab kumaab requested a review from mneethiraj April 26, 2024 19:07
@kumaab kumaab assigned kulkabhay and unassigned kulkabhay Apr 26, 2024
@kumaab kumaab requested a review from kulkabhay April 26, 2024 19:07
mneethiraj
mneethiraj reviewed May 3, 2024
View reviewed changes
...ts-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
return;
}
Iterator<String> itr = values.iterator();
HashSet<String> uniqueElements = new HashSet<>();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider replacing #965 to #975 with the following:

Set<String> uniqueElements = new HashSet<>();

for (Iterator<String> iter = values.iterator(); iter.hasNext(); ) {
  if (!uniqueElements.add(iter.next())) {
    iter.remove();
  }
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider this version as well:

Set<String> uniqueElements = new HashSet<>();

values.removeIf(e -> !uniqueElements.add(e));

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in latest patch

@fateh288 fateh288 requested a review from mneethiraj May 5, 2024 18:30
@mneethiraj mneethiraj merged commit e6b83f3 into apache:master May 6, 2024
mneethiraj pushed a commit that referenced this pull request Jun 20, 2024
@fateh288 @mneethiraj
RANGER-4783: remove duplicate entries of users/groups/roles during in…
8fa7de8 
… policy (#311)

(cherry picked from commit e6b83f3)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mneethiraj mneethiraj mneethiraj approved these changes

@kulkabhay kulkabhay Awaiting requested review from kulkabhay

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@fateh288 @mneethiraj @kulkabhay