You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ranger.apache.org by ma...@apache.org on 2021/09/23 18:28:52 UTC

[ranger] branch master updated: RANGER-3444: fixed isAccessAllowed() return to reference the same request object given by the caller

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new f40dc24  RANGER-3444: fixed isAccessAllowed() return to reference the same request object given by the caller
f40dc24 is described below

commit f40dc241bccf4a2a369b578a7624d1df8e7abee4
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Thu Sep 23 09:13:07 2021 -0700

    RANGER-3444: fixed isAccessAllowed() return to reference the same request object given by the caller
---
 .../apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
index b6ab72c..4962db1 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
@@ -671,12 +671,14 @@ public class RangerPolicyEngineImpl implements RangerPolicyEngine {
 			LOG.debug("==> RangerPolicyEngineImpl.evaluatePoliciesNoAudit(" + request + ", policyType =" + policyType + ", zoneName=" + zoneName + ")");
 		}
 
-		RangerAccessResult ret = createAccessResult(request, policyType);
+		final RangerAccessResult ret;
 
 		if (request.isAccessTypeAny()) {
 			RangerAccessResult denyResult  = null;
 			RangerAccessResult allowResult = null;
 
+			ret = createAccessResult(request, policyType);
+
 			List<RangerServiceDef.RangerAccessTypeDef> allAccessDefs = getServiceDef().getAccessTypes();
 
 			for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : allAccessDefs) {
@@ -700,9 +702,9 @@ public class RangerPolicyEngineImpl implements RangerPolicyEngine {
 			}
 
 			if (allowResult != null) {
-				ret = allowResult;
+				ret.setAccessResultFrom(allowResult);
 			} else if (denyResult != null) {
-				ret = denyResult;
+				ret.setAccessResultFrom(denyResult);
 			}
 		} else {
 			ret = evaluatePoliciesForOneAccessTypeNoAudit(request, policyType, zoneName, policyRepository, tagPolicyRepository);