From 831166f3f891b9db1d7ce22846318cd3cfff830d Mon Sep 17 00:00:00 2001 From: Nikhil P Bonte Date: Fri, 19 Jan 2024 12:24:22 +0530 Subject: [PATCH] Revert abac_policy loading in cache --- .../plugin/service/RangerBasePlugin.java | 2 +- .../atlas/plugin/util/ServicePolicies.java | 14 ----------- .../CachePolicyTransformerImpl.java | 25 ------------------- 3 files changed, 1 insertion(+), 40 deletions(-) diff --git a/auth-agents-common/src/main/java/org/apache/atlas/plugin/service/RangerBasePlugin.java b/auth-agents-common/src/main/java/org/apache/atlas/plugin/service/RangerBasePlugin.java index 4f81dd7db3..393fb09b94 100644 --- a/auth-agents-common/src/main/java/org/apache/atlas/plugin/service/RangerBasePlugin.java +++ b/auth-agents-common/src/main/java/org/apache/atlas/plugin/service/RangerBasePlugin.java @@ -303,7 +303,7 @@ public void setPolicies(ServicePolicies policies) { if (policies != null) { List resourcePolicies = policies.getPolicies(); List tagPolicies = policies.getTagPolicies().getPolicies(); - List abacPolicies = policies.getAbacPolicies().getPolicies(); + List abacPolicies = new ArrayList<>(); PoliciesStore.getInstance().setResourcePolicies(resourcePolicies); PoliciesStore.getInstance().setTagPolicies(tagPolicies); diff --git a/auth-agents-common/src/main/java/org/apache/atlas/plugin/util/ServicePolicies.java b/auth-agents-common/src/main/java/org/apache/atlas/plugin/util/ServicePolicies.java index e7055c24ce..7c5110ce0e 100644 --- a/auth-agents-common/src/main/java/org/apache/atlas/plugin/util/ServicePolicies.java +++ b/auth-agents-common/src/main/java/org/apache/atlas/plugin/util/ServicePolicies.java @@ -55,7 +55,6 @@ public class ServicePolicies implements java.io.Serializable { private RangerServiceDef serviceDef; private String auditMode = RangerPolicyEngine.AUDIT_DEFAULT; private TagPolicies tagPolicies; - private AbacPolicies abacPolicies; private Map securityZones; private List policyDeltas; private Map serviceConfig; @@ -161,19 +160,6 @@ public void setTagPolicies(TagPolicies tagPolicies) { this.tagPolicies = tagPolicies; } - /** - * @return the abacPolicies - */ - public AbacPolicies getAbacPolicies() { - return abacPolicies; - } - /** - * @param abacPolicies the tagPolicies to set - */ - public void setAbacPolicies(AbacPolicies abacPolicies) { - this.abacPolicies = abacPolicies; - } - public Map getSecurityZones() { return securityZones; } public void setSecurityZones(Map securityZones) { diff --git a/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java b/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java index 52a046f7b2..8d0761bfcd 100644 --- a/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java +++ b/auth-agents-common/src/main/java/org/apache/atlas/policytransformer/CachePolicyTransformerImpl.java @@ -170,45 +170,20 @@ public ServicePolicies getPolicies(String serviceName, String pluginId, Long las } } - //Process abac based policies - String abacServiceName = (String) service.getAttribute(ATTR_SERVICE_ABAC_SERVICE); - if (StringUtils.isNotEmpty(abacServiceName)) { - AtlasEntityHeader abacService = getServiceEntity(abacServiceName); - - if (abacService != null) { - allPolicies.addAll(getServicePolicies(abacService)); - - ServicePolicies.AbacPolicies abacPolicies = new ServicePolicies.AbacPolicies(); - - abacPolicies.setServiceName(abacServiceName); - abacPolicies.setPolicyUpdateTime(new Date()); - abacPolicies.setServiceId(abacService.getGuid()); - abacPolicies.setPolicyVersion(-1L); - - String abacServiceDefName = String.format(RESOURCE_SERVICE_DEF_PATTERN, abacService.getAttribute(NAME)); - abacPolicies.setServiceDef(getResourceAsObject(abacServiceDefName, RangerServiceDef.class)); - - servicePolicies.setAbacPolicies(abacPolicies); - } - } - AtlasPerfMetrics.MetricRecorder recorderFilterPolicies = RequestContext.get().startMetricRecord("filterPolicies"); //filter out policies based on serviceName List policiesA = new ArrayList<>(); List policiesB = new ArrayList<>(); - List policiesC = new ArrayList<>(); try { policiesA = allPolicies.stream().filter(x -> serviceName.equals(x.getService())).collect(Collectors.toList()); policiesB = allPolicies.stream().filter(x -> tagServiceName.equals(x.getService())).collect(Collectors.toList()); - policiesC = allPolicies.stream().filter(x -> abacServiceName.equals(x.getService())).collect(Collectors.toList()); } catch (NullPointerException exception) {} servicePolicies.setPolicies(policiesA); servicePolicies.getTagPolicies().setPolicies(policiesB); - servicePolicies.getAbacPolicies().setPolicies(policiesC); RequestContext.get().endMetricRecord(recorderFilterPolicies);