From 4ceaa2f34db289805d7c4a92f26c44046595caaf Mon Sep 17 00:00:00 2001 From: hr2904 Date: Mon, 2 Dec 2024 23:53:13 +0530 Subject: [PATCH 01/13] Optmisation using a simple cache table. --- .../store/graph/AtlasEntityStore.java | 9 ++ .../store/graph/v2/AtlasEntityStoreV2.java | 119 ++++++++++++++++++ .../org/apache/atlas/web/rest/EntityREST.java | 91 +------------- 3 files changed, 129 insertions(+), 90 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java index 5a647ed8c0..b5224a5dfa 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasEntityStore.java @@ -374,4 +374,13 @@ EntityMutationResponse deleteByUniqueAttributes(List objectIds) void unlinkBusinessPolicy(String policyId, Set unlinkGuids) throws AtlasBaseException; void moveBusinessPolicies(Set policyId, String assetId, String type) throws AtlasBaseException; + + /** + * + * @param entities + * @throws AtlasBaseException + * + * For evaluations of policies + */ + List evaluatePolicies(List entities) throws AtlasBaseException; } diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index f48d206653..ccfc315441 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -96,6 +96,8 @@ import static java.lang.Boolean.FALSE; import static org.apache.atlas.AtlasConfiguration.STORE_DIFFERENTIAL_AUDITS; +import static org.apache.atlas.AtlasErrorCode.BAD_REQUEST; +import static org.apache.atlas.authorize.AtlasPrivilege.*; import static org.apache.atlas.bulkimport.BulkImportResponse.ImportStatus.FAILED; import static org.apache.atlas.model.instance.AtlasEntity.Status.ACTIVE; import static org.apache.atlas.model.instance.EntityMutations.EntityOperation.*; @@ -758,6 +760,123 @@ public EntityMutationResponse deleteByUniqueAttributes(AtlasEntityType entityTyp return ret; } + private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityId, String entityType) throws AtlasBaseException { + AtlasEntityHeader entityHeader = null; + + if (StringUtils.isNotEmpty(entityGuid)) { + AtlasEntityWithExtInfo ret = getByIdWithoutAuthorization(entityGuid); + entityHeader = new AtlasEntityHeader(ret.getEntity()); + } else if (StringUtils.isNotEmpty(entityId) && StringUtils.isNotEmpty(entityType)) { + try { + entityHeader = getAtlasEntityHeaderWithoutAuthorization(null, entityId, entityType); + } catch (AtlasBaseException abe) { + if (abe.getAtlasErrorCode() == AtlasErrorCode.INSTANCE_BY_UNIQUE_ATTRIBUTE_NOT_FOUND) { + Map attributes = new HashMap<>(); + attributes.put(QUALIFIED_NAME, entityId); + entityHeader = new AtlasEntityHeader(entityType, attributes); + } + } + } else { + throw new AtlasBaseException(BAD_REQUEST, "requires entityGuid or typeName and qualifiedName for entity authorization"); + } + return entityHeader; + } + + @Override + public List evaluatePolicies(List entities) throws AtlasBaseException { + List response = new ArrayList(); + HashMap atlasEntityHeaderCache = new HashMap<>(); + for (int i = 0; i < entities.size(); i++) { + AtlasEvaluatePolicyRequest entity = entities.get(i); + String action = entity.getAction(); + + if (action == null) { + throw new AtlasBaseException(BAD_REQUEST, "action is null"); + } + AtlasEntityHeader entityHeader = null; + + if (ENTITY_READ.name().equals(action) || ENTITY_CREATE.name().equals(action) || ENTITY_UPDATE.name().equals(action) + || ENTITY_DELETE.name().equals(action) || ENTITY_UPDATE_BUSINESS_METADATA.name().equals(action)) { + + try { + if (atlasEntityHeaderCache.containsKey(entity.getEntityGuid())) { + entityHeader = atlasEntityHeaderCache.get(entity.getEntityGuid()); + } else { + entityHeader = getAtlasEntityHeader(entity.getEntityGuid(), entity.getEntityId(), entity.getTypeName()); + atlasEntityHeaderCache.put(entity.getEntityGuid(), entityHeader); + } + + AtlasEntityAccessRequest.AtlasEntityAccessRequestBuilder requestBuilder = new AtlasEntityAccessRequest.AtlasEntityAccessRequestBuilder(typeRegistry, AtlasPrivilege.valueOf(entities.get(i).getAction()), entityHeader); + if (entities.get(i).getBusinessMetadata() != null) { + requestBuilder.setBusinessMetadata(entities.get(i).getBusinessMetadata()); + } + + AtlasEntityAccessRequest entityAccessRequest = requestBuilder.build(); + + AtlasAuthorizationUtils.verifyAccess(entityAccessRequest, entities.get(i).getAction() + "guid=" + entities.get(i).getEntityGuid()); + response.add(new AtlasEvaluatePolicyResponse(entities.get(i).getTypeName(), entities.get(i).getEntityGuid(), entities.get(i).getAction(), entities.get(i).getEntityId(), true, null , entities.get(i).getBusinessMetadata())); + } catch (AtlasBaseException e) { + AtlasErrorCode code = e.getAtlasErrorCode(); + String errorCode = code.getErrorCode(); + response.add(new AtlasEvaluatePolicyResponse(entities.get(i).getTypeName(), entities.get(i).getEntityGuid(), entities.get(i).getAction(), entities.get(i).getEntityId(), false, errorCode, entities.get(i).getBusinessMetadata())); + } + + } else if (ENTITY_REMOVE_CLASSIFICATION.name().equals(action) || ENTITY_ADD_CLASSIFICATION.name().equals(action) || ENTITY_UPDATE_CLASSIFICATION.name().equals(action)) { + + if (entities.get(i).getClassification() == null) { + throw new AtlasBaseException(BAD_REQUEST, "classification needed for " + action + " authorization"); + } + try { + if (atlasEntityHeaderCache.containsKey(entity.getEntityGuid())) { + entityHeader = atlasEntityHeaderCache.get(entity.getEntityGuid()); + } else { + entityHeader = getAtlasEntityHeader(entity.getEntityGuid(), entity.getEntityId(), entity.getTypeName()); + atlasEntityHeaderCache.put(entity.getEntityGuid(), entityHeader); + } + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.valueOf(entities.get(i).getAction()), entityHeader, new AtlasClassification(entities.get(i).getClassification()))); + response.add(new AtlasEvaluatePolicyResponse(entities.get(i).getTypeName(), entities.get(i).getEntityGuid(), entities.get(i).getAction(), entities.get(i).getEntityId(), entities.get(i).getClassification(), true, null)); + + } catch (AtlasBaseException e) { + AtlasErrorCode code = e.getAtlasErrorCode(); + String errorCode = code.getErrorCode(); + response.add(new AtlasEvaluatePolicyResponse(entities.get(i).getTypeName(), entities.get(i).getEntityGuid(), entities.get(i).getAction(), entities.get(i).getEntityId(), entities.get(i).getClassification(), false, errorCode)); + } + + } else if (RELATIONSHIP_ADD.name().equals(action) || RELATIONSHIP_REMOVE.name().equals(action) || RELATIONSHIP_UPDATE.name().equals(action)) { + + if (entities.get(i).getRelationShipTypeName() == null) { + throw new AtlasBaseException(BAD_REQUEST, "RelationShip TypeName needed for " + action + " authorization"); + } + + try { + AtlasEntityHeader end1Entity; + if (atlasEntityHeaderCache.containsKey(entity.getEntityGuid())) { + end1Entity = atlasEntityHeaderCache.get(entity.getEntityGuid()); + } else { + end1Entity = getAtlasEntityHeader(entity.getEntityGuidEnd1(), entity.getEntityIdEnd1(), entity.getEntityTypeEnd1()); + atlasEntityHeaderCache.put(entity.getEntityGuid(), entityHeader); + } + AtlasEntityHeader end2Entity; + if (atlasEntityHeaderCache.containsKey(entity.getEntityGuid())) { + end2Entity = atlasEntityHeaderCache.get(entity.getEntityGuid()); + } else { + end2Entity = getAtlasEntityHeader(entity.getEntityGuidEnd2(), entity.getEntityIdEnd2(), entity.getEntityTypeEnd2()); + atlasEntityHeaderCache.put(entity.getEntityGuid(), entityHeader); + } + AtlasAuthorizationUtils.verifyAccess(new AtlasRelationshipAccessRequest(typeRegistry, AtlasPrivilege.valueOf(action), entities.get(i).getRelationShipTypeName(), end1Entity, end2Entity)); + response.add(new AtlasEvaluatePolicyResponse(action, entities.get(i).getRelationShipTypeName(), entities.get(i).getEntityTypeEnd1(), entities.get(i).getEntityGuidEnd1(), entities.get(i).getEntityIdEnd1(), entities.get(i).getEntityTypeEnd2(), entities.get(i).getEntityGuidEnd2(), entities.get(i).getEntityIdEnd2(), true, null)); + } catch (AtlasBaseException e) { + AtlasErrorCode code = e.getAtlasErrorCode(); + String errorCode = code.getErrorCode(); + response.add(new AtlasEvaluatePolicyResponse(action, entities.get(i).getRelationShipTypeName(), entities.get(i).getEntityTypeEnd1(), entities.get(i).getEntityGuidEnd1(), entities.get(i).getEntityIdEnd1(), entities.get(i).getEntityTypeEnd2(), entities.get(i).getEntityGuidEnd2(), entities.get(i).getEntityIdEnd2(), false, errorCode)); + } + } + } + return response; + } + + @Override @GraphTransaction public EntityMutationResponse deleteByUniqueAttributes(List objectIds) throws AtlasBaseException { diff --git a/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java b/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java index 5333d63e7b..83a428a873 100644 --- a/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java +++ b/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java @@ -164,74 +164,7 @@ public List evaluatePolicies(List getAccessors(List atlas return ret; } - private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityId, String entityType) throws AtlasBaseException { - AtlasEntityHeader entityHeader = null; - - if (StringUtils.isNotEmpty(entityGuid)) { - AtlasEntityWithExtInfo ret = entitiesStore.getByIdWithoutAuthorization(entityGuid); - entityHeader = new AtlasEntityHeader(ret.getEntity()); - } else if (StringUtils.isNotEmpty(entityId) && StringUtils.isNotEmpty(entityType)) { - try { - entityHeader = entitiesStore.getAtlasEntityHeaderWithoutAuthorization(null, entityId, entityType); - } catch (AtlasBaseException abe) { - if (abe.getAtlasErrorCode() == AtlasErrorCode.INSTANCE_BY_UNIQUE_ATTRIBUTE_NOT_FOUND) { - Map attributes = new HashMap<>(); - attributes.put(QUALIFIED_NAME, entityId); - entityHeader = new AtlasEntityHeader(entityType, attributes); - } - } - } else { - throw new AtlasBaseException(BAD_REQUEST, "requires entityGuid or typeName and qualifiedName for entity authorization"); - } - return entityHeader; - } - /** * Get entity header given its GUID. From 7c3395b7bbc33f50d24716c480395fd38ef70875 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Mon, 2 Dec 2024 23:54:20 +0530 Subject: [PATCH 02/13] custom image gh action update --- .github/workflows/maven.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index f8a09b5589..028f80807b 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -25,7 +25,7 @@ on: - beta - development - master - - lineageondemand + - dg1869dev jobs: build: @@ -64,7 +64,7 @@ jobs: - name: Build with Maven run: | branch_name=${{ steps.get_branch.outputs.branch }} - if [[ $branch_name == 'main' || $branch_name == 'master' || $branch_name == 'lineageondemand' ]] + if [[ $branch_name == 'main' || $branch_name == 'master' || $branch_name == 'dg1869dev' ]] then echo "build without dashboard" chmod +x ./build.sh && ./build.sh build_without_dashboard From 1e98ce3e53c001d06406fbd547765d041a1954c8 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Tue, 3 Dec 2024 00:27:45 +0530 Subject: [PATCH 03/13] Added minor fixes --- .../store/graph/v2/AtlasEntityStoreV2.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index ccfc315441..e2e8213bbd 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -851,18 +851,18 @@ public List evaluatePolicies(List Date: Tue, 3 Dec 2024 00:50:53 +0530 Subject: [PATCH 04/13] Added minor fixes #2 --- .../store/graph/v2/AtlasEntityStoreV2.java | 36 ++++++++++--------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index e2e8213bbd..83172bcb8c 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -806,24 +806,24 @@ public List evaluatePolicies(List evaluatePolicies(List evaluatePolicies(List Date: Tue, 3 Dec 2024 13:29:06 +0530 Subject: [PATCH 05/13] Improved caching and metrics. --- .../store/graph/v2/AtlasEntityStoreV2.java | 67 +++++++++++++------ 1 file changed, 47 insertions(+), 20 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index 83172bcb8c..d59a6bebe5 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -92,6 +92,7 @@ import javax.inject.Inject; import java.io.InputStream; import java.util.*; +import java.util.concurrent.atomic.AtomicReference; import java.util.stream.Collectors; import static java.lang.Boolean.FALSE; @@ -761,6 +762,8 @@ public EntityMutationResponse deleteByUniqueAttributes(AtlasEntityType entityTyp } private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityId, String entityType) throws AtlasBaseException { + // Metric logs + AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("getAtlasEntityHeader"); AtlasEntityHeader entityHeader = null; if (StringUtils.isNotEmpty(entityGuid)) { @@ -779,6 +782,7 @@ private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityI } else { throw new AtlasBaseException(BAD_REQUEST, "requires entityGuid or typeName and qualifiedName for entity authorization"); } + RequestContext.get().endMetricRecord(metric); return entityHeader; } @@ -786,8 +790,7 @@ private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityI public List evaluatePolicies(List entities) throws AtlasBaseException { List response = new ArrayList(); HashMap atlasEntityHeaderCache = new HashMap<>(); - for (int i = 0; i < entities.size(); i++) { - AtlasEvaluatePolicyRequest entity = entities.get(i); + for (AtlasEvaluatePolicyRequest entity : entities) { String action = entity.getAction(); if (action == null) { @@ -799,11 +802,16 @@ public List evaluatePolicies(List evaluatePolicies(List evaluatePolicies(List evaluatePolicies(List Date: Tue, 3 Dec 2024 13:33:47 +0530 Subject: [PATCH 06/13] edge case fix --- .../store/graph/v2/AtlasEntityStoreV2.java | 43 +++++++++---------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index d59a6bebe5..d097322f1c 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -788,7 +788,7 @@ private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityI @Override public List evaluatePolicies(List entities) throws AtlasBaseException { - List response = new ArrayList(); + List response = new ArrayList<>(); HashMap atlasEntityHeaderCache = new HashMap<>(); for (AtlasEvaluatePolicyRequest entity : entities) { String action = entity.getAction(); @@ -802,8 +802,8 @@ public List evaluatePolicies(List evaluatePolicies(List evaluatePolicies(List Date: Tue, 3 Dec 2024 13:39:02 +0530 Subject: [PATCH 07/13] reverted gh action custom image --- .github/workflows/maven.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 028f80807b..f8a09b5589 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -25,7 +25,7 @@ on: - beta - development - master - - dg1869dev + - lineageondemand jobs: build: @@ -64,7 +64,7 @@ jobs: - name: Build with Maven run: | branch_name=${{ steps.get_branch.outputs.branch }} - if [[ $branch_name == 'main' || $branch_name == 'master' || $branch_name == 'dg1869dev' ]] + if [[ $branch_name == 'main' || $branch_name == 'master' || $branch_name == 'lineageondemand' ]] then echo "build without dashboard" chmod +x ./build.sh && ./build.sh build_without_dashboard From 0313b3a9a654774edd93159de95e58dc3f4a3a67 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Wed, 11 Dec 2024 13:23:16 +0530 Subject: [PATCH 08/13] Fixed PR comments --- .../store/graph/v2/AtlasEntityStoreV2.java | 58 ++++--------------- .../java/org/apache/atlas/RequestContext.java | 21 +++++-- 2 files changed, 25 insertions(+), 54 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java index d097322f1c..2f98abf25a 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java @@ -765,7 +765,11 @@ private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityI // Metric logs AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("getAtlasEntityHeader"); AtlasEntityHeader entityHeader = null; - + String cacheKey = generateCacheKey(entityGuid, entityId, entityType); + entityHeader = RequestContext.get().getCachedEntityHeader(cacheKey); + if(Objects.nonNull(entityHeader)){ + return entityHeader; + } if (StringUtils.isNotEmpty(entityGuid)) { AtlasEntityWithExtInfo ret = getByIdWithoutAuthorization(entityGuid); entityHeader = new AtlasEntityHeader(ret.getEntity()); @@ -782,6 +786,7 @@ private AtlasEntityHeader getAtlasEntityHeader(String entityGuid, String entityI } else { throw new AtlasBaseException(BAD_REQUEST, "requires entityGuid or typeName and qualifiedName for entity authorization"); } + RequestContext.get().setEntityHeaderCache(cacheKey, entityHeader); RequestContext.get().endMetricRecord(metric); return entityHeader; } @@ -802,18 +807,7 @@ public List evaluatePolicies(List evaluatePolicies(List evaluatePolicies(List deletedEdgesIds = new HashSet<>(); private final Set processGuidIds = new HashSet<>(); + private Map evaluateEntityHeaderCache = null; private final AtlasPerfMetrics metrics = isMetricsEnabled ? new AtlasPerfMetrics() : null; private final List applicationMetrics = new ArrayList<>(); private List entityGuidInRequest = null; @@ -567,17 +568,17 @@ public void cacheDifferentialEntity(AtlasEntity entity) { } } - public void setEntityHeaderCache(AtlasEntityHeader headerCache){ - if(headerCache != null && headerCache.getGuid() != null){ - entityHeaderCache.put(headerCache.getGuid(), headerCache); + public void setEntityHeaderCache(String cacheKey, AtlasEntityHeader headerCache){ + if(headerCache != null && StringUtils.isNotEmpty(cacheKey)){ + entityHeaderCache.put(cacheKey, headerCache); } } - public AtlasEntityHeader getCachedEntityHeader(String guid){ - if(guid == null){ + public AtlasEntityHeader getCachedEntityHeader(String cacheKey){ + if(cacheKey == null){ return null; } - return entityHeaderCache.get(guid); + return entityHeaderCache.getOrDefault(cacheKey,null); } public AtlasEntity getDifferentialEntity(String guid) { @@ -753,6 +754,14 @@ public void setClientOrigin(String clientOrigin) { this.clientOrigin = StringUtils.isEmpty(this.clientOrigin) ? "other" :clientOrigin; } + public Map getEvaluateEntityHeaderCache() { + return evaluateEntityHeaderCache; + } + + public void setEvaluateEntityHeaderCache(Map evaluateEntityHeaderCache) { + this.evaluateEntityHeaderCache = evaluateEntityHeaderCache; + } + public class EntityGuidPair { private final Object entity; private final String guid; From 52022184bdbb7fc243c7c722275ab9d30289410c Mon Sep 17 00:00:00 2001 From: sriram-atlan Date: Tue, 7 Jan 2025 18:53:24 +0530 Subject: [PATCH 09/13] change log levels from info to debug --- .../atlas/service/redis/RedisServiceImpl.java | 2 +- .../janus/AtlasJanusGraphDatabase.java | 12 +++++----- .../apache/atlas/kafka/KafkaNotification.java | 4 ++-- .../graph/GraphBackedSearchIndexer.java | 12 +++++----- .../store/graph/v1/DeleteHandlerDelegate.java | 2 +- .../store/graph/v2/AtlasGraphUtilsV2.java | 2 +- .../EntityNotificationSender.java | 4 ++-- .../util/AccessAuditLogsIndexCreator.java | 22 +++++++++---------- .../atlas/web/listeners/LoginProcessor.java | 4 ++-- .../apache/atlas/web/setup/SetupSteps.java | 2 +- 10 files changed, 33 insertions(+), 33 deletions(-) diff --git a/common/src/main/java/org/apache/atlas/service/redis/RedisServiceImpl.java b/common/src/main/java/org/apache/atlas/service/redis/RedisServiceImpl.java index 48f199473e..1f1c97c492 100644 --- a/common/src/main/java/org/apache/atlas/service/redis/RedisServiceImpl.java +++ b/common/src/main/java/org/apache/atlas/service/redis/RedisServiceImpl.java @@ -19,7 +19,7 @@ public class RedisServiceImpl extends AbstractRedisService{ public void init() throws AtlasException { redisClient = Redisson.create(getProdConfig()); redisCacheClient = Redisson.create(getCacheImplConfig()); - LOG.info("Sentinel redis client created successfully."); + LOG.debug("Sentinel redis client created successfully."); } @Override diff --git a/graphdb/janus/src/main/java/org/apache/atlas/repository/graphdb/janus/AtlasJanusGraphDatabase.java b/graphdb/janus/src/main/java/org/apache/atlas/repository/graphdb/janus/AtlasJanusGraphDatabase.java index db69d77ee3..0d96b0e839 100644 --- a/graphdb/janus/src/main/java/org/apache/atlas/repository/graphdb/janus/AtlasJanusGraphDatabase.java +++ b/graphdb/janus/src/main/java/org/apache/atlas/repository/graphdb/janus/AtlasJanusGraphDatabase.java @@ -225,7 +225,7 @@ public static void configureTxLogBasedIndexRecovery() { updateGlobalConfiguration(properties); - LOG.info("Tx Log-based Index Recovery: {}!", recoveryEnabled ? "Enabled" : "Disabled"); + LOG.debug("Tx Log-based Index Recovery: {}!", recoveryEnabled ? "Enabled" : "Disabled"); } catch (Exception e) { LOG.error("Error: Failed!", e); } @@ -243,7 +243,7 @@ private static void updateGlobalConfiguration(Map map) { managementSystem.set(entry.getKey(), entry.getValue()); } - LOG.info("Global properties updated!: {}", map); + LOG.debug("Global properties updated!: {}", map); } catch (Exception ex) { LOG.error("Error updating global configuration: {}", map, ex); } finally { @@ -358,7 +358,7 @@ public AtlasGraph getGraphBulkLoading() { } private static void startEmbeddedSolr() throws AtlasException { - LOG.info("==> startEmbeddedSolr()"); + LOG.debug("==> startEmbeddedSolr()"); try { Class localSolrRunnerClz = Class.forName("org.apache.atlas.runner.LocalSolrRunner"); @@ -371,11 +371,11 @@ private static void startEmbeddedSolr() throws AtlasException { throw new AtlasException("startEmbeddedSolr(): failed", excp); } - LOG.info("<== startEmbeddedSolr()"); + LOG.debug("<== startEmbeddedSolr()"); } private static void stopEmbeddedSolr() throws AtlasException { - LOG.info("==> stopEmbeddedSolr()"); + LOG.debug("==> stopEmbeddedSolr()"); try { Class localSolrRunnerClz = Class.forName("org.apache.atlas.runner.LocalSolrRunner"); @@ -388,7 +388,7 @@ private static void stopEmbeddedSolr() throws AtlasException { throw new AtlasException("stopEmbeddedSolr(): failed", excp); } - LOG.info("<== stopEmbeddedSolr()"); + LOG.debug("<== stopEmbeddedSolr()"); } public static boolean isEmbeddedSolr() { diff --git a/notification/src/main/java/org/apache/atlas/kafka/KafkaNotification.java b/notification/src/main/java/org/apache/atlas/kafka/KafkaNotification.java index 676a917f96..190bb23b0d 100644 --- a/notification/src/main/java/org/apache/atlas/kafka/KafkaNotification.java +++ b/notification/src/main/java/org/apache/atlas/kafka/KafkaNotification.java @@ -104,7 +104,7 @@ public class KafkaNotification extends AbstractNotification implements Service { public KafkaNotification(Configuration applicationProperties) throws AtlasException { super(applicationProperties); - LOG.info("==> KafkaNotification()"); + LOG.debug("==> KafkaNotification()"); Configuration kafkaConf = ApplicationProperties.getSubsetConfiguration(applicationProperties, PROPERTY_PREFIX); @@ -138,7 +138,7 @@ public KafkaNotification(Configuration applicationProperties) throws AtlasExcept KafkaUtils.setKafkaJAASProperties(applicationProperties, properties); - LOG.info("<== KafkaNotification()"); + LOG.debug("<== KafkaNotification()"); } @VisibleForTesting diff --git a/repository/src/main/java/org/apache/atlas/repository/graph/GraphBackedSearchIndexer.java b/repository/src/main/java/org/apache/atlas/repository/graph/GraphBackedSearchIndexer.java index a8bacbbb5f..8d736e35d2 100755 --- a/repository/src/main/java/org/apache/atlas/repository/graph/GraphBackedSearchIndexer.java +++ b/repository/src/main/java/org/apache/atlas/repository/graph/GraphBackedSearchIndexer.java @@ -298,24 +298,24 @@ private void initialize(AtlasGraph graph) throws RepositoryException, IndexExcep AtlasGraphManagement management = graph.getManagementSystem(); try { - LOG.info("Creating indexes for graph."); + LOG.debug("Creating indexes for graph."); if (management.getGraphIndex(VERTEX_INDEX) == null) { management.createVertexMixedIndex(VERTEX_INDEX, BACKING_INDEX, Collections.emptyList()); - LOG.info("Created index : {}", VERTEX_INDEX); + LOG.debug("Created index : {}", VERTEX_INDEX); } if (management.getGraphIndex(EDGE_INDEX) == null) { management.createEdgeMixedIndex(EDGE_INDEX, BACKING_INDEX, Collections.emptyList()); - LOG.info("Created index : {}", EDGE_INDEX); + LOG.debug("Created index : {}", EDGE_INDEX); } if (management.getGraphIndex(FULLTEXT_INDEX) == null) { management.createFullTextMixedIndex(FULLTEXT_INDEX, BACKING_INDEX, Collections.emptyList()); - LOG.info("Created index : {}", FULLTEXT_INDEX); + LOG.debug("Created index : {}", FULLTEXT_INDEX); } HashMap ES_DATE_FIELD = new HashMap<>(); @@ -443,7 +443,7 @@ private void initialize(AtlasGraph graph) throws RepositoryException, IndexExcep commit(management); - LOG.info("Index creation for global keys complete."); + LOG.debug("Index creation for global keys complete."); } catch (Throwable t) { LOG.error("GraphBackedSearchIndexer.initialize() failed", t); @@ -850,7 +850,7 @@ public String createVertexIndex(AtlasGraphManagement management, String property } indexFieldName = management.addMixedIndex(VERTEX_INDEX, propertyKey, isStringField, indexTypeESConfig, indexTypeESFields); - LOG.info("Created backing index for vertex property {} of type {} ", propertyName, propertyClass.getName()); + LOG.debug("Created backing index for vertex property {} of type {} ", propertyName, propertyClass.getName()); } if(indexFieldName == null && isIndexApplicable(propertyClass, cardinality)) { diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerDelegate.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerDelegate.java index f1a98fd526..cb04d4f58e 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerDelegate.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerDelegate.java @@ -81,7 +81,7 @@ private DeleteHandlerV1 getDefaultConfiguredHandler(AtlasTypeRegistry typeRegist try { Class handlerFromProperties = AtlasRepositoryConfiguration.getDeleteHandlerV1Impl(); - LOG.info("Default delete handler set to: {}", handlerFromProperties.getName()); + LOG.debug("Default delete handler set to: {}", handlerFromProperties.getName()); ret = (DeleteHandlerV1) handlerFromProperties.getConstructor(AtlasGraph.class, AtlasTypeRegistry.class, TaskManagement.class) .newInstance(this.graph, typeRegistry, taskManagement); diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasGraphUtilsV2.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasGraphUtilsV2.java index 42d30d39ca..a719d4cfbb 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasGraphUtilsV2.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasGraphUtilsV2.java @@ -94,7 +94,7 @@ public class AtlasGraphUtilsV2 { } catch (Exception excp) { LOG.error("Error reading configuration", excp); } finally { - LOG.info("atlas.use.index.query.to.find.entity.by.unique.attributes=" + USE_INDEX_QUERY_TO_FIND_ENTITY_BY_UNIQUE_ATTRIBUTES); + LOG.debug("atlas.use.index.query.to.find.entity.by.unique.attributes=" + USE_INDEX_QUERY_TO_FIND_ENTITY_BY_UNIQUE_ATTRIBUTES); } } diff --git a/webapp/src/main/java/org/apache/atlas/notification/EntityNotificationSender.java b/webapp/src/main/java/org/apache/atlas/notification/EntityNotificationSender.java index ece56f294e..61666f454f 100644 --- a/webapp/src/main/java/org/apache/atlas/notification/EntityNotificationSender.java +++ b/webapp/src/main/java/org/apache/atlas/notification/EntityNotificationSender.java @@ -45,11 +45,11 @@ public EntityNotificationSender(NotificationInterface notificationInterface, Con public EntityNotificationSender(NotificationInterface notificationInterface, boolean sendPostCommit) { if (sendPostCommit) { - LOG.info("EntityNotificationSender: notifications will be sent after transaction commit"); + LOG.debug("EntityNotificationSender: notifications will be sent after transaction commit"); this.notificationSender = new PostCommitNotificationSender(notificationInterface); } else { - LOG.info("EntityNotificationSender: notifications will be sent inline (i.e. not waiting for transaction to commit)"); + LOG.debug("EntityNotificationSender: notifications will be sent inline (i.e. not waiting for transaction to commit)"); this.notificationSender = new InlineNotificationSender(notificationInterface); } diff --git a/webapp/src/main/java/org/apache/atlas/util/AccessAuditLogsIndexCreator.java b/webapp/src/main/java/org/apache/atlas/util/AccessAuditLogsIndexCreator.java index f5786cf7d3..07b693f8b6 100644 --- a/webapp/src/main/java/org/apache/atlas/util/AccessAuditLogsIndexCreator.java +++ b/webapp/src/main/java/org/apache/atlas/util/AccessAuditLogsIndexCreator.java @@ -89,7 +89,7 @@ public class AccessAuditLogsIndexCreator extends Thread { private boolean is_completed = false; public AccessAuditLogsIndexCreator(Configuration configuration) throws IOException { - LOG.info("Starting Ranger audit schema setup in ElasticSearch."); + LOG.debug("Starting Ranger audit schema setup in ElasticSearch."); time_interval = configuration.getLong(ES_TIME_INTERVAL, DEFAULT_ES_TIME_INTERVAL_MS); user = configuration.getString(ES_CONFIG_USERNAME); @@ -124,14 +124,14 @@ private String connectionString() { @Override public void run() { - LOG.info("Started run method"); + LOG.debug("Started run method"); if (CollectionUtils.isNotEmpty(hosts)) { - LOG.info("Elastic search hosts=" + hosts + ", index=" + index); + LOG.debug("Elastic search hosts=" + hosts + ", index=" + index); while (!is_completed && (max_retry == TRY_UNTIL_SUCCESS || retry_counter < max_retry)) { try { - LOG.info("Trying to acquire elastic search connection"); + LOG.debug("Trying to acquire elastic search connection"); if (connect()) { - LOG.info("Connection to elastic search established successfully"); + LOG.debug("Connection to elastic search established successfully"); if (createIndex()) { is_completed = true; break; @@ -232,18 +232,18 @@ private boolean createIndex() { int statusCode = response.getStatusLine().getStatusCode(); if (statusCode == 200) { - LOG.info("Entity audits index exists!"); + LOG.debug("Entity audits index exists!"); exists = true; } else { - LOG.info("Entity audits index does not exist!"); + LOG.debug("Entity audits index does not exist!"); exists = false; } } catch (Exception e) { - LOG.info("Index " + this.index + " not available."); + LOG.warn("Index " + this.index + " not available."); } if (!exists) { - LOG.info("Index does not exist. Attempting to create index:" + this.index); + LOG.debug("Index does not exist. Attempting to create index:" + this.index); try { HttpEntity entity = new NStringEntity(es_ranger_audit_schema_json, ContentType.APPLICATION_JSON); Request request = new Request("PUT", index); @@ -257,7 +257,7 @@ private boolean createIndex() { Response response = client.performRequest(request); if (response != null && response.getStatusLine().getStatusCode() == 200) { - LOG.info("Index " + this.index + " created successfully."); + LOG.debug("Index " + this.index + " created successfully."); exists = true; } } catch (Exception e) { @@ -265,7 +265,7 @@ private boolean createIndex() { e.printStackTrace(); } } else { - LOG.info("Index " + this.index + " is already created."); + LOG.debug("Index " + this.index + " is already created."); } } return exists; diff --git a/webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java b/webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java index cc2ef8acc1..2a836b1049 100644 --- a/webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java +++ b/webapp/src/main/java/org/apache/atlas/web/listeners/LoginProcessor.java @@ -74,7 +74,7 @@ protected void doServiceLogin(Configuration hadoopConfig, getServerPrincipal(configuration.getString(AUTHENTICATION_PRINCIPAL), bindAddress), configuration.getString(AUTHENTICATION_KEYTAB)); } - LOG.info("Logged in user {}", UserGroupInformation.getLoginUser()); + LOG.debug("Logged in user {}", UserGroupInformation.getLoginUser()); } catch (IOException e) { throw new IllegalStateException(String.format("Unable to perform %s login.", authenticationMethod), e); } @@ -99,7 +99,7 @@ protected void setupHadoopConfiguration(Configuration hadoopConfig, org.apache.c String kerberosAuthNEnabled = configuration != null ? configuration.getString(AUTHENTICATION_KERBEROS_METHOD) : null; // getString may return null, and would like to log the nature of the default setting if (kerberosAuthNEnabled == null || kerberosAuthNEnabled.equalsIgnoreCase("false")) { - LOG.info("No authentication method configured. Defaulting to simple authentication"); + LOG.debug("No authentication method configured. Defaulting to simple authentication"); authMethod = "simple"; } else if (kerberosAuthNEnabled.equalsIgnoreCase("true")) { authMethod = "kerberos"; diff --git a/webapp/src/main/java/org/apache/atlas/web/setup/SetupSteps.java b/webapp/src/main/java/org/apache/atlas/web/setup/SetupSteps.java index cfb49b6bf7..e06f451c30 100644 --- a/webapp/src/main/java/org/apache/atlas/web/setup/SetupSteps.java +++ b/webapp/src/main/java/org/apache/atlas/web/setup/SetupSteps.java @@ -186,7 +186,7 @@ public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) LOG.warn("Running setup per configuration {}.", ATLAS_SERVER_RUN_SETUP_KEY); return true; } else { - LOG.info("Not running setup per configuration {}.", ATLAS_SERVER_RUN_SETUP_KEY); + LOG.debug("Not running setup per configuration {}.", ATLAS_SERVER_RUN_SETUP_KEY); } } catch (AtlasException e) { LOG.error("Unable to read config to determine if setup is needed. Not running setup."); From 298470af652e610a20ecb02cd4cf3bb63ede5484 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Tue, 14 Jan 2025 14:27:13 +0530 Subject: [PATCH 10/13] init commit - Added flag for one time check in authRemoveRelation if request is from WF. --- .../repository/store/graph/v1/DeleteHandlerV1.java | 12 ++++++++++++ .../store/graph/v1/HardDeleteHandlerV1.java | 5 ++++- .../store/graph/v1/SoftDeleteHandlerV1.java | 5 +++-- .../main/java/org/apache/atlas/RequestContext.java | 10 ++++++++++ 4 files changed, 29 insertions(+), 3 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java index 68c6dacd9c..fe0b4f185e 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java @@ -514,6 +514,9 @@ public List addTagPropagation(AtlasVertex classificationVertex, Lis public void authorizeRemoveRelation(AtlasEdge edge) throws AtlasBaseException { AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("authoriseRemoveRelation"); + if(isRequestFromWF()){ + RequestContext.get().setAuthorisedRemoveRelation(true); + } AtlasEntityHeader end1Entity, end2Entity; String relationShipType = getTypeName(edge); AtlasRelationshipDef relationshipDef = typeRegistry.getRelationshipDefByName(relationShipType); @@ -529,6 +532,15 @@ public void authorizeRemoveRelation(AtlasEdge edge) throws AtlasBaseException { RequestContext.get().endMetricRecord(metric); } + private boolean isRequestFromWF() { + String workflowID = RequestContext.get().getRequestContextHeaders().getOrDefault("x-atlan-agent-workflow-id", ""); + boolean ret = workflowID.isEmpty(); + if(ret){ + LOG.info("Authorised one time request for workflow with id : {} ", workflowID); + } + return ret; + } + public Map> removeTagPropagation(AtlasEdge edge) throws AtlasBaseException { AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("removeTagPropagationEdge"); diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java index b3942d0582..06a3a04884 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java @@ -18,6 +18,7 @@ package org.apache.atlas.repository.store.graph.v1; +import org.apache.atlas.RequestContext; import org.apache.atlas.annotation.ConditionalOnAtlasProperty; import org.apache.atlas.exception.AtlasBaseException; import org.apache.atlas.repository.graph.GraphHelper; @@ -56,7 +57,9 @@ protected void deleteEdge(AtlasEdge edge, boolean force) throws AtlasBaseExcepti } boolean isRelationshipEdge = isRelationshipEdge(edge); - authorizeRemoveRelation(edge); + if(!RequestContext.get().isAuthorisedRemoveRelation()) { + authorizeRemoveRelation(edge); + } if (DEFERRED_ACTION_ENABLED) { createAndQueueClassificationRefreshPropagationTask(edge); diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java index ed103e2402..ad68ef5863 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java @@ -73,8 +73,9 @@ protected void deleteEdge(AtlasEdge edge, boolean force) throws AtlasBaseExcepti LOG.debug("==> SoftDeleteHandlerV1.deleteEdge({}, {})", GraphHelper.string(edge), force); } boolean isRelationshipEdge = isRelationshipEdge(edge); - - authorizeRemoveRelation(edge); + if(!RequestContext.get().isAuthorisedRemoveRelation()) { + authorizeRemoveRelation(edge); + } if (DEFERRED_ACTION_ENABLED && RequestContext.get().getCurrentTask() == null) { if (CollectionUtils.isNotEmpty(getPropagatableClassifications(edge))) { diff --git a/server-api/src/main/java/org/apache/atlas/RequestContext.java b/server-api/src/main/java/org/apache/atlas/RequestContext.java index 45e63641c5..ba1d2fc5c8 100644 --- a/server-api/src/main/java/org/apache/atlas/RequestContext.java +++ b/server-api/src/main/java/org/apache/atlas/RequestContext.java @@ -87,6 +87,9 @@ public class RequestContext { private int attemptCount = 1; private boolean isImportInProgress = false; private boolean isInNotificationProcessing = false; + + + private boolean authorisedRemoveRelation = false; private boolean isInTypePatching = false; private boolean createShellEntityForNonExistingReference = false; private boolean skipFailedEntities = false; @@ -204,6 +207,13 @@ public void clearEntityCache() { this.entityCache.clear(); } + public boolean isAuthorisedRemoveRelation() { + return authorisedRemoveRelation; + } + + public void setAuthorisedRemoveRelation(boolean authorisedRemoveRelation) { + this.authorisedRemoveRelation = authorisedRemoveRelation; + } public Set getRelationAttrsForSearch() { return relationAttrsForSearch; } From fa069267d1a8f4dbd90198de411409d966c32811 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Tue, 14 Jan 2025 17:08:50 +0530 Subject: [PATCH 11/13] added a missing boolean inverse --- .../apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java index fe0b4f185e..327128960b 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java @@ -534,7 +534,7 @@ public void authorizeRemoveRelation(AtlasEdge edge) throws AtlasBaseException { private boolean isRequestFromWF() { String workflowID = RequestContext.get().getRequestContextHeaders().getOrDefault("x-atlan-agent-workflow-id", ""); - boolean ret = workflowID.isEmpty(); + boolean ret = !workflowID.isEmpty(); if(ret){ LOG.info("Authorised one time request for workflow with id : {} ", workflowID); } From c623c4d7ff8f88d9a4b467fb34133c068d92ee89 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Wed, 15 Jan 2025 23:25:26 +0530 Subject: [PATCH 12/13] PR Fixes --- .../store/graph/v1/DeleteHandlerV1.java | 35 ++++++++++--------- .../store/graph/v1/HardDeleteHandlerV1.java | 4 +-- .../store/graph/v1/SoftDeleteHandlerV1.java | 5 ++- 3 files changed, 21 insertions(+), 23 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java index 327128960b..0770db2223 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java @@ -514,31 +514,32 @@ public List addTagPropagation(AtlasVertex classificationVertex, Lis public void authorizeRemoveRelation(AtlasEdge edge) throws AtlasBaseException { AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("authoriseRemoveRelation"); - if(isRequestFromWF()){ - RequestContext.get().setAuthorisedRemoveRelation(true); - } - AtlasEntityHeader end1Entity, end2Entity; - String relationShipType = getTypeName(edge); - AtlasRelationshipDef relationshipDef = typeRegistry.getRelationshipDefByName(relationShipType); - if (relationshipDef == null) { - return; - } - - end1Entity = entityRetriever.toAtlasEntityHeaderWithClassifications(edge.getOutVertex()); - end2Entity = entityRetriever.toAtlasEntityHeaderWithClassifications(edge.getInVertex()); + if(!RequestContext.get().isAuthorisedRemoveRelation()) { + if (isRequestFromWorkFlow()) { + RequestContext.get().setAuthorisedRemoveRelation(true); + } + AtlasEntityHeader end1Entity, end2Entity; + String relationShipType = getTypeName(edge); + AtlasRelationshipDef relationshipDef = typeRegistry.getRelationshipDefByName(relationShipType); + if (relationshipDef == null) { + return; + } - AtlasAuthorizationUtils.verifyAccess(new AtlasRelationshipAccessRequest(typeRegistry, AtlasPrivilege.RELATIONSHIP_REMOVE, relationShipType, end1Entity, end2Entity )); + end1Entity = entityRetriever.toAtlasEntityHeaderWithClassifications(edge.getOutVertex()); + end2Entity = entityRetriever.toAtlasEntityHeaderWithClassifications(edge.getInVertex()); + AtlasAuthorizationUtils.verifyAccess(new AtlasRelationshipAccessRequest(typeRegistry, AtlasPrivilege.RELATIONSHIP_REMOVE, relationShipType, end1Entity, end2Entity)); + } RequestContext.get().endMetricRecord(metric); } - private boolean isRequestFromWF() { + private boolean isRequestFromWorkFlow() { String workflowID = RequestContext.get().getRequestContextHeaders().getOrDefault("x-atlan-agent-workflow-id", ""); - boolean ret = !workflowID.isEmpty(); - if(ret){ + boolean isWorkFlowRequest = !workflowID.isEmpty(); + if(isWorkFlowRequest){ LOG.info("Authorised one time request for workflow with id : {} ", workflowID); } - return ret; + return isWorkFlowRequest; } public Map> removeTagPropagation(AtlasEdge edge) throws AtlasBaseException { diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java index 06a3a04884..40cda3be61 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/HardDeleteHandlerV1.java @@ -57,9 +57,7 @@ protected void deleteEdge(AtlasEdge edge, boolean force) throws AtlasBaseExcepti } boolean isRelationshipEdge = isRelationshipEdge(edge); - if(!RequestContext.get().isAuthorisedRemoveRelation()) { - authorizeRemoveRelation(edge); - } + authorizeRemoveRelation(edge); if (DEFERRED_ACTION_ENABLED) { createAndQueueClassificationRefreshPropagationTask(edge); diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java index ad68ef5863..8a9bd6cea7 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/SoftDeleteHandlerV1.java @@ -73,9 +73,8 @@ protected void deleteEdge(AtlasEdge edge, boolean force) throws AtlasBaseExcepti LOG.debug("==> SoftDeleteHandlerV1.deleteEdge({}, {})", GraphHelper.string(edge), force); } boolean isRelationshipEdge = isRelationshipEdge(edge); - if(!RequestContext.get().isAuthorisedRemoveRelation()) { - authorizeRemoveRelation(edge); - } + authorizeRemoveRelation(edge); + if (DEFERRED_ACTION_ENABLED && RequestContext.get().getCurrentTask() == null) { if (CollectionUtils.isNotEmpty(getPropagatableClassifications(edge))) { From 7a8add066822e3ac9b022dbcecf574c26002c258 Mon Sep 17 00:00:00 2001 From: hr2904 Date: Thu, 16 Jan 2025 16:02:33 +0530 Subject: [PATCH 13/13] PR Fixes #2 --- .../store/graph/v1/DeleteHandlerV1.java | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java index 0770db2223..c32aa1f190 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/DeleteHandlerV1.java @@ -533,14 +533,6 @@ public void authorizeRemoveRelation(AtlasEdge edge) throws AtlasBaseException { RequestContext.get().endMetricRecord(metric); } - private boolean isRequestFromWorkFlow() { - String workflowID = RequestContext.get().getRequestContextHeaders().getOrDefault("x-atlan-agent-workflow-id", ""); - boolean isWorkFlowRequest = !workflowID.isEmpty(); - if(isWorkFlowRequest){ - LOG.info("Authorised one time request for workflow with id : {} ", workflowID); - } - return isWorkFlowRequest; - } public Map> removeTagPropagation(AtlasEdge edge) throws AtlasBaseException { AtlasPerfMetrics.MetricRecorder metric = RequestContext.get().startMetricRecord("removeTagPropagationEdge"); @@ -1581,6 +1573,14 @@ public void resetHasLineageOnInputOutputDelete(Collection removedEdge } RequestContext.get().endMetricRecord(metricRecorder); } + private boolean isRequestFromWorkFlow() { + String workflowID = RequestContext.get().getRequestContextHeaders().getOrDefault("x-atlan-agent-workflow-id", ""); + boolean isWorkFlowRequest = !workflowID.isEmpty(); + if(isWorkFlowRequest){ + LOG.info("Authorised one time request for workflow with id : {} ", workflowID); + } + return isWorkFlowRequest; + } private String getLabel(String guid, String label){ return guid + ":" + label;