You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2021/09/23 18:28:52 UTC
[ranger] branch master updated: RANGER-3444: fixed
isAccessAllowed() return to reference the same request object given by the
caller
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new f40dc24 RANGER-3444: fixed isAccessAllowed() return to reference the same request object given by the caller
f40dc24 is described below
commit f40dc241bccf4a2a369b578a7624d1df8e7abee4
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Thu Sep 23 09:13:07 2021 -0700
RANGER-3444: fixed isAccessAllowed() return to reference the same request object given by the caller
---
.../apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
index b6ab72c..4962db1 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
@@ -671,12 +671,14 @@ public class RangerPolicyEngineImpl implements RangerPolicyEngine {
LOG.debug("==> RangerPolicyEngineImpl.evaluatePoliciesNoAudit(" + request + ", policyType =" + policyType + ", zoneName=" + zoneName + ")");
}
- RangerAccessResult ret = createAccessResult(request, policyType);
+ final RangerAccessResult ret;
if (request.isAccessTypeAny()) {
RangerAccessResult denyResult = null;
RangerAccessResult allowResult = null;
+ ret = createAccessResult(request, policyType);
+
List<RangerServiceDef.RangerAccessTypeDef> allAccessDefs = getServiceDef().getAccessTypes();
for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : allAccessDefs) {
@@ -700,9 +702,9 @@ public class RangerPolicyEngineImpl implements RangerPolicyEngine {
}
if (allowResult != null) {
- ret = allowResult;
+ ret.setAccessResultFrom(allowResult);
} else if (denyResult != null) {
- ret = denyResult;
+ ret.setAccessResultFrom(denyResult);
}
} else {
ret = evaluatePoliciesForOneAccessTypeNoAudit(request, policyType, zoneName, policyRepository, tagPolicyRepository);