RANGER-2919 : Source policies gets deleted after importing policy with deleteIfExists parameter
Signed-off-by: Mehul Parikh <mehul@apache.org>
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 18abc29..4ef9abe 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -170,6 +170,7 @@
final static public String PARAM_UPDATE_IF_EXISTS = "updateIfExists";
final static public String PARAM_MERGE_IF_EXISTS = "mergeIfExists";
final static public String PARAM_DELETE_IF_EXISTS = "deleteIfExists";
+ final static public String PARAM_IMPORT_IN_PROGRESS = "importInProgress";
public static final String Allowed_User_List_For_Download = "policy.download.auth.users";
public static final String Allowed_User_List_For_Grant_Revoke = "policy.grantrevoke.auth.users";
@@ -1658,12 +1659,14 @@
if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.createPolicy(policyName=" + policy.getName() + ")");
}
-
if(request != null) {
boolean deleteIfExists=("true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_DELETE_IF_EXISTS)))) ? true : false ;
if(deleteIfExists) {
- List<RangerPolicy> policies=new ArrayList<RangerPolicy>() { { add(policy); } };
- deleteExactMatchPolicyForResource(policies, request.getRemoteUser(), null);
+ boolean importInProgress=("true".equalsIgnoreCase(StringUtils.trimToEmpty(String.valueOf(request.getAttribute(PARAM_IMPORT_IN_PROGRESS))))) ? true : false ;
+ if (!importInProgress) {
+ List<RangerPolicy> policies=new ArrayList<RangerPolicy>() { { add(policy); } };
+ deleteExactMatchPolicyForResource(policies, request.getRemoteUser(), null);
+ }
}
boolean updateIfExists=("true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_UPDATE_IF_EXISTS)))) ? true : false ;
boolean mergeIfExists = "true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_MERGE_IF_EXISTS))) ? true : false;
@@ -2201,6 +2204,7 @@
String metaDataInfo = null;
List<XXTrxLog> trxLogListError = new ArrayList<XXTrxLog>();
XXTrxLog xxTrxLogError = new XXTrxLog();
+ request.setAttribute(PARAM_IMPORT_IN_PROGRESS, true);
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
@@ -2312,9 +2316,6 @@
}
String destinationZoneName = getDestinationZoneName(destinationZones,zoneNameInJson);
- if (deleteIfExists) {
- deleteExactMatchPolicyForResource(policies, request.getRemoteUser(), destinationZoneName);
- }
if (isOverride && !updateIfExists && StringUtils.isEmpty(polResource)) {
if (LOG.isDebugEnabled()) {
LOG.debug("Deleting Policy from provided services in servicesMapJson file...");
@@ -2345,6 +2346,10 @@
policiesMap);// zone Info is also sent for creating policy map
}
}
+ if (deleteIfExists) {
+ //deleting target policies if already exist
+ deleteExactMatchPolicyForResource(policies, request.getRemoteUser(), destinationZoneName);
+ }
}
totalPolicyCreate = createPolicesBasedOnPolicyMap(request,policiesMap, serviceNameList, updateIfExists, totalPolicyCreate);