You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2020/09/15 20:50:22 UTC

[ranger] branch master updated: RANGER-2997: Fixed role assignment code to assign only one role to a user

This is an automated email from the ASF dual-hosted git repository.

spolavarapu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new d99134e  RANGER-2997: Fixed role assignment code to assign only one role to a user
d99134e is described below

commit d99134e7faa30f4f69156045cf10bd1cfdfec38d
Author: Sailaja Polavarapu <sp...@cloudera.com>
AuthorDate: Tue Sep 15 13:23:42 2020 -0700

    RANGER-2997: Fixed role assignment code to assign only one role to a user
---
 .../main/java/org/apache/ranger/biz/XUserMgr.java  | 26 +++++++++++-----------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 323d3d3..ca492fe 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -28,6 +28,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Set;
+import java.util.Collections;
 
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
@@ -1548,26 +1549,25 @@ public class XUserMgr extends XUserMgrBase {
 				logger.info(userName + " doesn't exist and hence ignoring role assignments");
 				continue;
 			}
-			Set<String> userRoleList = new HashSet<>();
+			String userRole = RangerConstants.ROLE_USER;
 			Map<String, String> userMap = ugRoleAssignments.getUserRoleAssignments();
 			if (!userMap.isEmpty() && userMap.containsKey(userName)) {
 				// Add the user role that is defined in user role assignments
-				userRoleList.add(userMap.get(userName));
-			}
-			Map<String, String> groupMap = ugRoleAssignments.getGroupRoleAssignments();
+				userRole = userMap.get(userName);
+			} else {
+				Map<String, String> groupMap = ugRoleAssignments.getGroupRoleAssignments();
 
-			if (!groupMap.isEmpty()) {
-				for (String group : getGroupsForUser(userName)) {
-					String value = groupMap.get(group);
-					if (value != null) {
-						userRoleList.add(value);
+				if (!groupMap.isEmpty()) {
+					for (String group : getGroupsForUser(userName)) {
+						String value = groupMap.get(group);
+						if (value != null) {
+							userRole = value;
+						}
 					}
 				}
 			}
-			if (userRoleList.isEmpty()) {
-				userRoleList.add(RangerConstants.ROLE_USER);
-			}
-			String updatedUser = setRolesByUserName(userName, new ArrayList<>(userRoleList));
+
+			String updatedUser = setRolesByUserName(userName, Collections.singletonList(userRole));
 			if (updatedUser != null) {
 				updatedUsers.add(updatedUser);
 			}