You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2020/09/15 20:50:22 UTC
[ranger] branch master updated: RANGER-2997: Fixed role assignment
code to assign only one role to a user
This is an automated email from the ASF dual-hosted git repository.
spolavarapu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new d99134e RANGER-2997: Fixed role assignment code to assign only one role to a user
d99134e is described below
commit d99134e7faa30f4f69156045cf10bd1cfdfec38d
Author: Sailaja Polavarapu <sp...@cloudera.com>
AuthorDate: Tue Sep 15 13:23:42 2020 -0700
RANGER-2997: Fixed role assignment code to assign only one role to a user
---
.../main/java/org/apache/ranger/biz/XUserMgr.java | 26 +++++++++++-----------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 323d3d3..ca492fe 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -28,6 +28,7 @@ import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
+import java.util.Collections;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
@@ -1548,26 +1549,25 @@ public class XUserMgr extends XUserMgrBase {
logger.info(userName + " doesn't exist and hence ignoring role assignments");
continue;
}
- Set<String> userRoleList = new HashSet<>();
+ String userRole = RangerConstants.ROLE_USER;
Map<String, String> userMap = ugRoleAssignments.getUserRoleAssignments();
if (!userMap.isEmpty() && userMap.containsKey(userName)) {
// Add the user role that is defined in user role assignments
- userRoleList.add(userMap.get(userName));
- }
- Map<String, String> groupMap = ugRoleAssignments.getGroupRoleAssignments();
+ userRole = userMap.get(userName);
+ } else {
+ Map<String, String> groupMap = ugRoleAssignments.getGroupRoleAssignments();
- if (!groupMap.isEmpty()) {
- for (String group : getGroupsForUser(userName)) {
- String value = groupMap.get(group);
- if (value != null) {
- userRoleList.add(value);
+ if (!groupMap.isEmpty()) {
+ for (String group : getGroupsForUser(userName)) {
+ String value = groupMap.get(group);
+ if (value != null) {
+ userRole = value;
+ }
}
}
}
- if (userRoleList.isEmpty()) {
- userRoleList.add(RangerConstants.ROLE_USER);
- }
- String updatedUser = setRolesByUserName(userName, new ArrayList<>(userRoleList));
+
+ String updatedUser = setRolesByUserName(userName, Collections.singletonList(userRole));
if (updatedUser != null) {
updatedUsers.add(updatedUser);
}