You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2018/08/01 21:21:41 UTC
Review Request 68153: RANGER-2180: Handle token replacement correctly
when token is not defined in the request context
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68153/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-2180
https://issues.apache.org/jira/browse/RANGER-2180
Repository: ranger
Description
-------
When a policy resource contains a token (such as {USER}), and request context does not have an entry for the token (in this case, USER), then the replacement fails and the expanded policy resource is set to null. A null policy-resource will not match any policy, and may cause NPE.
In such case, the original policy resource string should be returned as the expanded policy resource string.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/util/StringTokenReplacer.java 2ec809cee
agents-common/src/test/resources/resourcematcher/test_resourcematcher_dynamic.json 5237d4773
agents-common/src/test/resources/resourcematcher/test_resourcematcher_wildcards_as_delimiters.json c907f414e
Diff: https://reviews.apache.org/r/68153/diff/1/
Testing
-------
Passes all unit tests
Thanks,
Abhay Kulkarni
Re: Review Request 68153: RANGER-2180: Handle token replacement
correctly when token is not defined in the request context
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68153/#review206777
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On Aug. 1, 2018, 9:21 p.m., Abhay Kulkarni wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68153/
> -----------------------------------------------------------
>
> (Updated Aug. 1, 2018, 9:21 p.m.)
>
>
> Review request for ranger and Madhan Neethiraj.
>
>
> Bugs: RANGER-2180
> https://issues.apache.org/jira/browse/RANGER-2180
>
>
> Repository: ranger
>
>
> Description
> -------
>
> When a policy resource contains a token (such as {USER}), and request context does not have an entry for the token (in this case, USER), then the replacement fails and the expanded policy resource is set to null. A null policy-resource will not match any policy, and may cause NPE.
>
> In such case, the original policy resource string should be returned as the expanded policy resource string.
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/util/StringTokenReplacer.java 2ec809cee
> agents-common/src/test/resources/resourcematcher/test_resourcematcher_dynamic.json 5237d4773
> agents-common/src/test/resources/resourcematcher/test_resourcematcher_wildcards_as_delimiters.json c907f414e
>
>
> Diff: https://reviews.apache.org/r/68153/diff/1/
>
>
> Testing
> -------
>
> Passes all unit tests
>
>
> Thanks,
>
> Abhay Kulkarni
>
>