Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
In RANGER-4398 , we added support for incremental updates with the PUT API - /service/public/v2/api/zones-v2/{zoneId}/partial. This allows addition of duplicate principals (admin and auditor UGR) and tagServices.
Steps to reproduce. Create a security-zone and update with above PUT API:
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697718906796,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServicesToAdd": [
"tag1"
],
"adminsToAdd": [
{
"type": "USER",
"name": "mark"
}
]
}
If we call the same API with same request again, it creates duplicate adminUser and tagService as below:
{
"id": 5,
"isEnabled": true,
"createdBy": "Admin",
"updatedBy": "Admin",
"createTime": 1697718906795,
"updateTime": 1697719001243,
"name": "zone10",
"services": {
"hive1": {
"resources": [
{
"id": 1,
"resource": {
"database": [
"db10"
]
}
}
]
}
},
"tagServices": [
"tag1",
"tag1"
],
"admins": [
{
"type": "USER",
"name": "mark"
},
{
"type": "USER",
"name": "mark"
}
],
"auditors": [
{
"type": "USER",
"name": "mark"
}
]
}