Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Subtask] Create a role, delete a role and recreate a role, it will throw an exception #5129

Closed
Tracked by #5115
jerqi opened this issue Oct 14, 2024 · 1 comment
Closed
Tracked by #5115

[Subtask] Create a role, delete a role and recreate a role, it will throw an exception #5129

jerqi opened this issue Oct 14, 2024 · 1 comment
Labels
subtask Subtasks of umbrella issue

Comments

@jerqi
Copy link
Collaborator

jerqi commented Oct 14, 2024
edited by xunliu
Loading

Describe the subtask

    "code": 1002,
    "type": "RuntimeException",
    "message": "Failed to operate object [role1] operation [CREATE] under [metalake_demo], reason [Ranger API org.apache.ranger.RangerClient$API@59a7c963 failed: statusCode=400, status=Bad Request, response:{\"statusCode\":1,\"msgDesc\":\"(0) Validation failure: error code[3006], reason[Another policy already exists for this name: policy-id=[19], service=[hiveDev]], field[policy name], subfield[null], type[semantically incorrect] \

I run the command

import requests
import json

url = "http://gravitino:8090/api/metalakes/metalake_demo/roles"
headers = {
    "Accept": "application/vnd.gravitino.v1+json",
    "Content-Type": "application/json",
}
data = {
    "name": "role1",
    "properties": {"k1": "v1"},
    "securableObjects": [
        {
            "fullName": "catalog_hive.access_control",
            "type": "SCHEMA",
            "privileges": [
                {
                    "name": "CREATE_TABLE",
                    "condition": "ALLOW"
                },
                {
                    "name": "MODIFY_TABLE",
                    "condition": "ALLOW"
                },
                {
                    "name": "SELECT_TABLE",
                    "condition": "ALLOW"
                }
            ]    
        }
    ]
}

response = requests.post(url, headers=headers, data=json.dumps(data))

print(response.text)

import requests
import json

url = "http://gravitino:8090/api/metalakes/metalake_demo/permissions/users/root/grant"
headers = {
    "Accept": "application/vnd.gravitino.v1+json",
    "Content-Type": "application/json",
}
data = {
    "roleNames": ["role1"]
}

response = requests.put(url, headers=headers, data=json.dumps(data))

# print status code and response text
print(response.status_code)
print(response.text)

import requests
import json

url = "http://gravitino:8090/api/metalakes/metalake_demo/roles"
headers = {
    "Accept": "application/vnd.gravitino.v1+json",
    "Content-Type": "application/json",
}
data = {
    "name": "role1",
    "properties": {"k1": "v1"},
    "securableObjects": [
        {
            "fullName": "catalog_hive.access_control",
            "type": "SCHEMA",
            "privileges": [
                {
                    "name": "SELECT_TABLE",
                    "condition": "ALLOW"
                }
            ]    
        }
    ]
}

response = requests.post(url, headers=headers, data=json.dumps(data))

print(response.text)

Parent issue

#5115
@jerqi jerqi added the subtask Subtasks of umbrella issue label Oct 14, 2024
@jerqi jerqi mentioned this issue Oct 14, 2024
Open
13 tasks
@jerqi
Copy link
Collaborator Author

jerqi commented Oct 15, 2024

Because I modify the policy parameter.

@jerqi jerqi closed this as completed Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
subtask Subtasks of umbrella issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jerqi