rest - 如何在 Ranger API 的 PUT 操作中保留现有的组级别权限?
问题描述
在尝试使用 REST API 更新现有 Ranger 策略时,我想保留现有的权限组和新的权限组以进行附加。
示例: 如果 Ranger Policy 存在 id 为 1234 且具有权限组(“X”、“Y”)。如果我忽略现有组并仅提及新组(“Z”)执行更新操作,我想保留以前的组和新组。预期(“X”、“Y”和“Z”)。但是,以下命令不会发生这种情况。
附加到现有的权限组是否可行?如果是这样,如何实现这一目标?谢谢!
获取请求
curl --negotiate -u : -X GET http://ranger-portal:8080/service/public/api/policy/1234
具有权限组的响应(“X”、“Y”)
{"id":1234,"createDate":"2021-05-04T01:01:01Z","updateDate":"2021-05-04T01:01:01Z","owner":"sudouser sudouser","updatedBy":"sudouser sudouser","policyName":"Ranger-Policy-Hive-View","resourceName":"/hive_test_db/GLOBAL_VW/*","description":"Ranger Policy for Hive View","repositoryName":"cluster_hive","repositoryType":"hive","permMapList":[{"userList":[],"groupList":["X","Y"],"permList":["select"]}],"tables":"GLOBAL_VW","columns":"*","databases":"hive_test_db","tableType":"Inclusion","columnType":"Inclusion","isEnabled":true,"isRecursive":false,"isAuditEnabled":true,"version":"1","replacePerm":false}
使用新策略“Z”更新操作
curl -o /tmp/ranger-log --negotiate -u : -H "Content-Type: application/json" -X PUT http://ranger-portal:8080/service/public/api/policy/1234 -d '{"repositoryName":"cluster_hive","repositoryType":"hive","tableType":"Inclusion","columnType":"Inclusion","isEnabled":true,"isRecursive":false,"isAuditEnabled":true,"policyName":"Ranger-Policy-Hive-View","description":"Ranger Policy for Hive View","databases":"hive_test_db","columns":"*","tables":"GLOBAL_VW","permMapList":[{"groupList":["Z"],"permList":["select"]}]}'
响应用新的权限组覆盖旧的权限组
{"id":1234,"createDate":"2021-05-04T01:01:01Z","updateDate":"2021-05-04T02:02:02Z","owner":"sudouser sudouser","updatedBy":"sudouser sudouser","policyName":"Ranger-Policy-Hive-View","resourceName":"/hive_test_db/GLOBAL_VW/*","description":"Ranger Policy for Hive View","repositoryName":"cluster_hive","repositoryType":"hive","permMapList":[{"userList":[],"groupList":["Z"],"permList":["select"]}],"tables":"GLOBAL_VW","columns":"*","databases":"hive_test_db","tableType":"Inclusion","columnType":"Inclusion","isEnabled":true,"isRecursive":false,"isAuditEnabled":true,"version":"2","replacePerm":false}
解决方案
推荐阅读
- php - 覆盖postgresql表php中的数据
- windows - 在 Windows 上安装 secp256k1 库时出错
- mysql - 一个复合索引或多个外键索引?
- drools - Drools:为什么 indexOf() 在 LHS 中不起作用?
- mysql - Yii2 MySQL如何防止重复选择查询
- sql - 如何提高运行 SQL Server 数据库的 django 站点的数据库查询性能?
- java - Jackson 总是序列化完整对象或总是序列化 id
- java - sybase java DB连接问题
- php - 防止 HTML 输出到 STDOUT - Google App Engine 开发环境
- python - ODEINT 错误:ValueError:使用序列设置数组元素