Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
In RANGER-4398 , we added support for incremental updates with the PUT API - /service/public/v2/api/zones-v2/{zoneId}/partial. This allows addition of duplicate principals (admin and auditor UGR) and tagServices.
Steps to reproduce. Create a security-zone and update with above PUT API:
{ "id": 5, "isEnabled": true, "createdBy": "Admin", "updatedBy": "Admin", "createTime": 1697718906795, "updateTime": 1697718906796, "name": "zone10", "services": { "hive1": { "resources": [ { "id": 1, "resource": { "database": [ "db10" ] } } ] } }, "tagServicesToAdd": [ "tag1" ], "adminsToAdd": [ { "type": "USER", "name": "mark" } ] }
If we call the same API with same request again, it creates duplicate adminUser and tagService as below:
{ "id": 5, "isEnabled": true, "createdBy": "Admin", "updatedBy": "Admin", "createTime": 1697718906795, "updateTime": 1697719001243, "name": "zone10", "services": { "hive1": { "resources": [ { "id": 1, "resource": { "database": [ "db10" ] } } ] } }, "tagServices": [ "tag1", "tag1" ], "admins": [ { "type": "USER", "name": "mark" }, { "type": "USER", "name": "mark" } ], "auditors": [ { "type": "USER", "name": "mark" } ] }