Skip to content

Commit

Permalink
Merge pull request #2771 from atlanhq/revert-abacc_policy
Browse files Browse the repository at this point in the history
Revert abac_policy loading in cache
  • Loading branch information
sumandas0 authored Jan 19, 2024
2 parents 84f075d + 831166f commit 63ee026
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 40 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -303,7 +303,7 @@ public void setPolicies(ServicePolicies policies) {
if (policies != null) {
List<RangerPolicy> resourcePolicies = policies.getPolicies();
List<RangerPolicy> tagPolicies = policies.getTagPolicies().getPolicies();
List<RangerPolicy> abacPolicies = policies.getAbacPolicies().getPolicies();
List<RangerPolicy> abacPolicies = new ArrayList<>();

PoliciesStore.getInstance().setResourcePolicies(resourcePolicies);
PoliciesStore.getInstance().setTagPolicies(tagPolicies);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@ public class ServicePolicies implements java.io.Serializable {
private RangerServiceDef serviceDef;
private String auditMode = RangerPolicyEngine.AUDIT_DEFAULT;
private TagPolicies tagPolicies;
private AbacPolicies abacPolicies;
private Map<String, SecurityZoneInfo> securityZones;
private List<RangerPolicyDelta> policyDeltas;
private Map<String, String> serviceConfig;
Expand Down Expand Up @@ -161,19 +160,6 @@ public void setTagPolicies(TagPolicies tagPolicies) {
this.tagPolicies = tagPolicies;
}

/**
* @return the abacPolicies
*/
public AbacPolicies getAbacPolicies() {
return abacPolicies;
}
/**
* @param abacPolicies the tagPolicies to set
*/
public void setAbacPolicies(AbacPolicies abacPolicies) {
this.abacPolicies = abacPolicies;
}

public Map<String, SecurityZoneInfo> getSecurityZones() { return securityZones; }

public void setSecurityZones(Map<String, SecurityZoneInfo> securityZones) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -170,45 +170,20 @@ public ServicePolicies getPolicies(String serviceName, String pluginId, Long las
}
}

//Process abac based policies
String abacServiceName = (String) service.getAttribute(ATTR_SERVICE_ABAC_SERVICE);
if (StringUtils.isNotEmpty(abacServiceName)) {
AtlasEntityHeader abacService = getServiceEntity(abacServiceName);

if (abacService != null) {
allPolicies.addAll(getServicePolicies(abacService));

ServicePolicies.AbacPolicies abacPolicies = new ServicePolicies.AbacPolicies();

abacPolicies.setServiceName(abacServiceName);
abacPolicies.setPolicyUpdateTime(new Date());
abacPolicies.setServiceId(abacService.getGuid());
abacPolicies.setPolicyVersion(-1L);

String abacServiceDefName = String.format(RESOURCE_SERVICE_DEF_PATTERN, abacService.getAttribute(NAME));
abacPolicies.setServiceDef(getResourceAsObject(abacServiceDefName, RangerServiceDef.class));

servicePolicies.setAbacPolicies(abacPolicies);
}
}

AtlasPerfMetrics.MetricRecorder recorderFilterPolicies = RequestContext.get().startMetricRecord("filterPolicies");
//filter out policies based on serviceName

List<RangerPolicy> policiesA = new ArrayList<>();
List<RangerPolicy> policiesB = new ArrayList<>();
List<RangerPolicy> policiesC = new ArrayList<>();

try {
policiesA = allPolicies.stream().filter(x -> serviceName.equals(x.getService())).collect(Collectors.toList());
policiesB = allPolicies.stream().filter(x -> tagServiceName.equals(x.getService())).collect(Collectors.toList());
policiesC = allPolicies.stream().filter(x -> abacServiceName.equals(x.getService())).collect(Collectors.toList());
}
catch (NullPointerException exception) {}

servicePolicies.setPolicies(policiesA);
servicePolicies.getTagPolicies().setPolicies(policiesB);
servicePolicies.getAbacPolicies().setPolicies(policiesC);

RequestContext.get().endMetricRecord(recorderFilterPolicies);

Expand Down

0 comments on commit 63ee026

Please sign in to comment.