Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Update policy REST request fails

Update policy REST request fails

New Contributor

I have created a policy object in Ranger with

curl -iv -u admin:admin  -H "Content-Type: application/json" -d @hdfs-create-policy.payload -X POST http://192.168.26.111:6080/service/public/v2/api/policy

and I'm trying to modify that entry (adding permissions) using the update policy by service-name and policy-name which fails.

 # curl -iv -u admin:admin  -H "Content-Type: application/json" -d @hdfs-update-policy-by-name.payload -X PUT http://192.168.26.111:6080/service/public/v2/api/Sandbox_hdfs/policy/appaccess
* About to connect() to 192.168.26.111 port 6080 (#0)
*   Trying 192.168.26.111... connected
* Connected to 192.168.26.111 (192.168.26.111) port 6080 (#0)
* Server auth using Basic with user 'admin'
> PUT /service/public/v2/api/Sandbox_hdfs/policy/appaccess HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 192.168.26.111:6080
> Accept: */*
> Content-Type: application/json
> Content-Length: 760
>
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Server: Apache-Coyote/1.1
Server: Apache-Coyote/1.1
< Set-Cookie: JSESSIONID=125E35576B917EC0F85ED9BEAC80DF72; Path=/; HttpOnly
Set-Cookie: JSESSIONID=125E35576B917EC0F85ED9BEAC80DF72; Path=/; HttpOnly
< X-Frame-Options: DENY
X-Frame-Options: DENY
< Content-Length: 0
Content-Length: 0
< Date: Tue, 19 Jul 2016 18:47:53 GMT
Date: Tue, 19 Jul 2016 18:47:53 GMT
<
* Connection #0 to host 192.168.26.111 left intact
* Closing connection #0

There is nothing at all helpful in the log. Can someone suggest what is the issue here? I'm at total loss :( TIA.

The payload for policy creation is:

{
    "isEnabled":true,
    "version":1,
    "service":"Sandbox_hdfs",
    "name":"appaccess",
    "description":"This policy to test Apache Ranger API",
    "isAuditEnabled":true,
    "resources":{
         "path":{
            "isRecursive":true,
            "values":["/app/*"],
            "isExcludes":false
         }
    },
    "policyItems":[
       {
         "users":[],
         "groups":["public","hadoop"],
         "delegateAdmin":true,
         "accesses":[
             {"isAllowed":true,"type":"read"},
             {"isAllowed":true,"type":"write"},
             {"isAllowed":true,"type":"execute"}
         ],
         "conditions":[]
       }
    ]
}

The payload for modify request is:

{
    "isEnabled":true,
    "version":1,
    "service":"Sandbox_hdfs",
    "name":"appaccess",
    "description":"This policy to test Apache Ranger API",
    "isAuditEnabled":true,
    "resources":{
         "path":{
            "isRecursive":true,
            "values":["/app/*"],
            "isExcludes":false
         }
    },
    "policyItems":[
        {
            "users":[],
            "groups":["hadoop"],
            "delegateAdmin":true,
            "accesses":[
                {"isAllowed":true,"type":"read"},
                {"isAllowed":true,"type":"write"},
                {"isAllowed":true,"type":"execute"}
                ]
            ,"conditions":[]
        }
        {
            "users":[],
            "groups":["users"],
            "delegateAdmin":true,
            "accesses":[
                {"isAllowed":true,"type":"read"}
                ]
            ,"conditions":[]
        }
    ]
}
2 REPLIES 2
Highlighted

Re: Update policy REST request fails

New Contributor

I just noticed that the delete by service-name and policy-name also fails:

#  curl -iv -u admin:admin -X DELETE  http://192.168.26.111:6080/service/public/v2/api/Sandbox_hdfs/policy/appaccess
* About to connect() to 192.168.26.111 port 6080 (#0)
*   Trying 192.168.26.111... connected
* Connected to 192.168.26.111 (192.168.26.111) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/public/v2/api/Sandbox_hdfs/policy/appaccess HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 192.168.26.111:6080
> Accept: */*
>
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Server: Apache-Coyote/1.1
Server: Apache-Coyote/1.1
< Set-Cookie: JSESSIONID=1F27D7099E3B3134E02F888400F5C202; Path=/; HttpOnly
Set-Cookie: JSESSIONID=1F27D7099E3B3134E02F888400F5C202; Path=/; HttpOnly
< X-Frame-Options: DENY
X-Frame-Options: DENY
< Content-Length: 0
Content-Length: 0
< Date: Tue, 19 Jul 2016 19:17:51 GMT
Date: Tue, 19 Jul 2016 19:17:51 GMT
<
* Connection #0 to host 192.168.26.111 left intact
* Closing connection #0
Highlighted

Re: Update policy REST request fails

Explorer

Hi, did you try with this URL ?

service/public/v2/api/service/{service-name}/policy/{policy-name}
Don't have an account?
Coming from Hortonworks? Activate your account here