ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gautam Borad (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-205) Delete rest api of User not deleting user completely from system
Date Mon, 05 Jan 2015 09:41:34 GMT

    [ https://issues.apache.org/jira/browse/RANGER-205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14264410#comment-14264410

Gautam Borad commented on RANGER-205:

What we have found is we have 2 types of users in ranger, one is portal user created from
Ranger portal (External) and other (Internal) is inserted by ranger sync service. Please find
the comments inline:
Correction. Ranger portal users are referred to as internal and synced users are referred
to as external.

We could do it either way, but throwing an error would force user to delete or update groups
at all places. So we prefer to go with option 1.
In my opinion, we should warn the user about policies being present which refer to those groups.
Consider a case where there are two admin users : AdminX and AdminY and both have policies
referring to GroupX and GroupY resp. If we go with option 1, AdminX will delete GroupY and
this will affect all policies that AdminY created.

To avoid such scenarios, it would be better to warn the user.

Do let me know your thoughts.

> Delete rest api of User not deleting user completely from system
> ----------------------------------------------------------------
>                 Key: RANGER-205
>                 URL: https://issues.apache.org/jira/browse/RANGER-205
>             Project: Ranger
>          Issue Type: Bug
>    Affects Versions: 0.4.0
>            Reporter: Hanish Bansal
> Delete rest api of user is removing entry from x_user table of database and not from
x_portal_user table so user get invisible from UI and api return success status.
> Due to which if a user is updated to have username/email-id of deleted user, it will
error message that this username/email-id already exists.
> Also if a new user is created with user-name of deleted user, user get successfully created
but his/her details are mapped with deleted user.
> Rest apis used are:
> {quote}
> DELETE http://<ip>:6080/service/xusers/users/userName/<username>
> DELETE http://<ip>:6080/service/xusers/users/<id>
> {quote}
> Expected result:
> Apis should remove entry from both tables x_user and x_portal_user.

This message was sent by Atlassian JIRA

View raw message