You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2023/02/05 05:30:26 UTC
[ranger] branch master updated: RANGER-4057: updated resetCache() APIs to handle invalid service-name with status code 400
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 380ca0bd0 RANGER-4057: updated resetCache() APIs to handle invalid service-name with status code 400
380ca0bd0 is described below
commit 380ca0bd03a181a1b2b750f27bd1446724ab70f0
Author: Ramachandran Krishnan <ra...@gmail.com>
AuthorDate: Tue Jan 24 11:12:33 2023 +0530
RANGER-4057: updated resetCache() APIs to handle invalid service-name with status code 400
Signed-off-by: Madhan Neethiraj <ma...@apache.org>
---
.../java/org/apache/ranger/rest/ServiceREST.java | 12 ++++-
.../main/java/org/apache/ranger/rest/TagREST.java | 12 ++++-
.../org/apache/ranger/rest/TestServiceREST.java | 57 +++++++++++++++++++++-
.../java/org/apache/ranger/rest/TestTagREST.java | 46 +++++++++++++++++
4 files changed, 124 insertions(+), 3 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index ec02f47f7..e02b0ea42 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -2004,13 +2004,23 @@ public class ServiceREST {
throw restErrorUtil.createRESTException("Required parameter [serviceName] is missing.", MessageEnums.INVALID_INPUT_DATA);
}
+ RangerService rangerService = null;
+ try {
+ rangerService = svcStore.getServiceByName(serviceName);
+ } catch (Exception e) {
+ LOG.error( HttpServletResponse.SC_BAD_REQUEST + "No Service Found for ServiceName:" + serviceName );
+ }
+
+ if (rangerService == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST , "Invalid service name", true);
+ }
+
// check for ADMIN access
if (!bizUtil.isAdmin()) {
boolean isServiceAdmin = false;
String loggedInUser = bizUtil.getCurrentUserLoginId();
try {
- RangerService rangerService = svcStore.getServiceByName(serviceName);
isServiceAdmin = bizUtil.isUserServiceAdmin(rangerService, loggedInUser);
} catch (Exception e) {
LOG.warn("Failed to find if user [" + loggedInUser + "] has service admin privileges on service [" + serviceName + "]", e);
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
index 443188f9a..6d0019f70 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
@@ -623,13 +623,23 @@ public class TagREST {
throw restErrorUtil.createRESTException("Required parameter [serviceName] is missing.", MessageEnums.INVALID_INPUT_DATA);
}
+ RangerService rangerService = null;
+ try {
+ rangerService = svcStore.getServiceByName(serviceName);
+ } catch (Exception e) {
+ LOG.error( HttpServletResponse.SC_BAD_REQUEST + "No Service Found for ServiceName:" + serviceName );
+ }
+
+ if (rangerService == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST , "Invalid service name", true);
+ }
+
// check for ADMIN access
if (!bizUtil.isAdmin()) {
boolean isServiceAdmin = false;
String loggedInUser = bizUtil.getCurrentUserLoginId();
try {
- RangerService rangerService = svcStore.getServiceByName(serviceName);
isServiceAdmin = bizUtil.isUserServiceAdmin(rangerService, loggedInUser);
} catch (Exception e) {
LOG.warn("Failed to find if user [" + loggedInUser + "] has service admin privileges on service [" + serviceName + "]", e);
diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
index 8fdcc43c8..5e3b1908d 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
@@ -2311,13 +2311,22 @@ public class TestServiceREST {
}
@Test
- public void test67ResetPolicyCache(){
+ public void test67ResetPolicyCacheForAdmin(){
boolean res = true;
String serviceName = "HDFS_1";
Mockito.when(bizUtil.isAdmin()).thenReturn(true);
+ RangerService rangerService = rangerService();
+ try {
+ Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(rangerService);
+ } catch (Exception e) {
+ }
Mockito.when(svcStore.resetPolicyCache(serviceName)).thenReturn(res);
boolean isReset = serviceREST.resetPolicyCache(serviceName);
assert isReset == res;
+ try {
+ Mockito.verify(svcStore).getServiceByName(serviceName);
+ } catch (Exception e) {
+ }
}
@Test
@@ -2620,4 +2629,50 @@ public class TestServiceREST {
Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
Mockito.verify(svcStore).getPolicy(rangerPolicy.getGuid(), null, null);
}
+
+ @Test
+ public void test78ResetPolicyCacheByServiceNameForServiceAdmin() {
+ boolean isAdmin = false;
+ boolean res = true;
+ RangerService rangerService = rangerService();
+ String serviceName = rangerService.getName();
+ Mockito.when(bizUtil.isAdmin()).thenReturn(isAdmin);
+ String userName = "admin";
+ Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
+ try {
+ Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(rangerService);
+ } catch (Exception e) {
+ }
+ Mockito.when(bizUtil.isUserServiceAdmin(Mockito.any(RangerService.class), Mockito.anyString())).thenReturn(true);
+ try {
+ Mockito.when(svcStore.resetPolicyCache(serviceName)).thenReturn(true);
+ } catch (Exception e) {
+ }
+ boolean isReset =serviceREST.resetPolicyCache(serviceName);
+ assert isReset == res;
+ Mockito.verify(bizUtil).isAdmin();
+ Mockito.verify(bizUtil).isUserServiceAdmin(Mockito.any(RangerService.class), Mockito.anyString());
+ try {
+ Mockito.verify(svcStore).getServiceByName(serviceName);
+ } catch (Exception e) {
+ }
+ try {
+ Mockito.verify(svcStore).resetPolicyCache(serviceName);
+ } catch (Exception e) {
+ }
+
+ }
+
+ @Test
+ public void test79ResetPolicyCacheWhenServiceNameIsInvalid(){
+ String serviceName = "HDFS_1";
+ try {
+ Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(null);
+ } catch (Exception e) {
+ }
+ Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(), Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+ serviceREST.resetPolicyCache(serviceName);
+ Mockito.verify(restErrorUtil).createRESTException(Mockito.anyInt(), Mockito.anyString(), Mockito.anyBoolean());
+ }
}
diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java
index 5986d5182..570ce874b 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestTagREST.java
@@ -1823,4 +1823,50 @@ public class TestTagREST {
}
Mockito.verify(restErrorUtil).createRESTException(Mockito.anyInt(), Mockito.anyString(), Mockito.anyBoolean());
}
+
+ @Test
+ public void test58resetTagCacheByServiceNameForServiceAdmin() {
+ boolean isAdmin = false;
+ boolean res = true;
+ RangerService rangerService = new RangerService();
+ rangerService.setId(id);
+ rangerService.setName(serviceName);
+ String userName = "admin";
+ Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
+
+ Mockito.when(bizUtil.isAdmin()).thenReturn(isAdmin);
+ try {
+ Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(rangerService);
+ } catch (Exception e) {
+ }
+ Mockito.when(bizUtil.isUserServiceAdmin(Mockito.any(RangerService.class), Mockito.anyString())).thenReturn(true);
+ try {
+ Mockito.when(tagStore.resetTagCache(serviceName)).thenReturn(true);
+ } catch (Exception e) {
+ }
+ boolean isReset = tagREST.resetTagCache(serviceName);
+ assert isReset == res;
+ Mockito.verify(bizUtil).isAdmin();
+ Mockito.verify(bizUtil).isUserServiceAdmin(Mockito.any(RangerService.class), Mockito.anyString());
+ try {
+ Mockito.verify(svcStore).getServiceByName(serviceName);
+ } catch (Exception e) {
+ }
+
+ try {
+ Mockito.verify(tagStore).resetTagCache(serviceName);
+ } catch (Exception e) {
+ }
+ }
+ @Test
+ public void test59resetTagCacheWhenServiceNameIsInvalid() {
+ try {
+ Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(null);
+ } catch (Exception e) {
+ }
+ Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(), Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+ tagREST.resetTagCache(serviceName);
+ Mockito.verify(restErrorUtil).createRESTException(Mockito.anyInt(), Mockito.anyString(), Mockito.anyBoolean());
+ }
}