You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by co...@apache.org on 2016/04/19 12:01:57 UTC
incubator-ranger git commit: RANGER-911 - Updating patch
Repository: incubator-ranger
Updated Branches:
refs/heads/master 259fad12b -> 953326ebc
RANGER-911 - Updating patch
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/953326eb
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/953326eb
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/953326eb
Branch: refs/heads/master
Commit: 953326ebc5db810488532e2a617cab149352d3d9
Parents: 259fad1
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Apr 15 11:35:29 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Apr 19 11:01:26 2016 +0100
----------------------------------------------------------------------
.../ranger/audit/provider/DbAuditProvider.java | 4 ++--
.../ranger/plugin/model/RangerServiceDef.java | 2 +-
dev-support/ranger-pmd-ruleset.xml | 1 -
.../hadoop/RangerHdfsAuthorizer.java | 12 ++++++------
.../agent/HadoopAuthClassTransformer.java | 4 ++--
.../hive/authorizer/RangerHiveAuthorizer.java | 12 ++++--------
.../solr/authorizer/RangerSolrAuthorizer.java | 6 ++----
.../java/org/apache/ranger/biz/KmsKeyMgr.java | 14 +++++++-------
.../org/apache/ranger/biz/RangerBizUtil.java | 10 ++++------
.../java/org/apache/ranger/biz/XUserMgr.java | 10 ----------
.../apache/ranger/common/RangerSearchUtil.java | 4 ++--
.../org/apache/ranger/common/db/BaseDao.java | 20 ++------------------
.../org/apache/ranger/rest/ServiceREST.java | 4 ++--
13 files changed, 34 insertions(+), 69 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
index 8319d36..34de6f7 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
@@ -104,7 +104,7 @@ public class DbAuditProvider extends AuditDestination {
boolean isSuccess = false;
try {
- if(preCreate(event)) {
+ if(preCreate()) {
DaoManager daoMgr = daoManager;
if(daoMgr != null) {
@@ -313,7 +313,7 @@ public class DbAuditProvider extends AuditDestination {
return ret;
}
- private boolean preCreate(AuditEventBase event) {
+ private boolean preCreate() {
boolean ret = true;
if(!isDbConnected()) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
index 0f0e5ee..f6931b3 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -2004,7 +2004,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
this(itemId, name, evaluator, evaluatorOptions, null, null, null, null, null, null, null, null);
}
- public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String, String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint, String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage) {
+ public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String, String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint, String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage) { //NOPMD
setItemId(itemId);
setName(name);
setEvaluator(evaluator);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/dev-support/ranger-pmd-ruleset.xml
----------------------------------------------------------------------
diff --git a/dev-support/ranger-pmd-ruleset.xml b/dev-support/ranger-pmd-ruleset.xml
index f82d831..96f566a 100644
--- a/dev-support/ranger-pmd-ruleset.xml
+++ b/dev-support/ranger-pmd-ruleset.xml
@@ -35,7 +35,6 @@
<exclude name="OverrideBothEqualsAndHashcode" />
</rule>
<rule ref="rulesets/java/unusedcode.xml">
- <exclude name="UnusedFormalParameter" />
<exclude name="UnusedLocalVariable" />
<exclude name="UnusedPrivateField" />
<exclude name="UnusedPrivateMethod" />
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
index b463da3..93dca87 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
@@ -234,7 +234,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
}
if(nodeToCheck != null) {
- authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups, fsOwner, superGroup, plugin, auditHandler);
+ authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups, plugin, auditHandler);
}
}
@@ -250,21 +250,21 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
if(authzStatus == AuthzStatus.ALLOW && ancestorAccess != null && ancestor != null) {
INodeAttributes ancestorAttribs = inodeAttrs.length > ancestorIndex ? inodeAttrs[ancestorIndex] : null;
- authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups, fsOwner, superGroup, plugin, auditHandler);
+ authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups, plugin, auditHandler);
}
// checkParentAccess
if(authzStatus == AuthzStatus.ALLOW && parentAccess != null && parent != null) {
INodeAttributes parentAttribs = inodeAttrs.length > 1 ? inodeAttrs[inodeAttrs.length - 2] : null;
- authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, fsOwner, superGroup, plugin, auditHandler);
+ authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, plugin, auditHandler);
}
// checkINodeAccess
if(authzStatus == AuthzStatus.ALLOW && access != null && inode != null) {
INodeAttributes inodeAttribs = inodeAttrs.length > 0 ? inodeAttrs[inodeAttrs.length - 1] : null;
- authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, fsOwner, superGroup, plugin, auditHandler);
+ authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, plugin, auditHandler);
}
// checkSubAccess
@@ -278,7 +278,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
if (!(cList.isEmpty() && ignoreEmptyDir)) {
INodeAttributes dirAttribs = dir.getSnapshotINode(snapshotId);
- authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, fsOwner, superGroup, plugin, auditHandler);
+ authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, plugin, auditHandler);
if(authzStatus != AuthzStatus.ALLOW) {
break;
@@ -369,7 +369,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
}
}
- private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction access, String user, Set<String> groups, String fsOwner, String superGroup, RangerHdfsPlugin plugin, RangerHdfsAuditHandler auditHandler) {
+ private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction access, String user, Set<String> groups, RangerHdfsPlugin plugin, RangerHdfsAuditHandler auditHandler) {
AuthzStatus ret = null;
String path = inode != null ? inode.getFullPathName() : null;
String pathOwner = inodeAttribs != null ? inodeAttribs.getUserName() : null;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
index ace400b..68867df 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
@@ -40,7 +40,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer {
byte[] result = transformedClassByteCode;
if (result == null) {
- byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassLoader, aClassName, aClassBeingRedefined, aProtectionDomain, aClassFileBuffer);
+ byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassName);
if(injectedClassCode != null) {
synchronized (HadoopAuthClassTransformer.class) {
@@ -60,7 +60,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer {
return ret;
}
- private static byte[] injectFSPermissionCheckerHooks(ClassLoader aClassLoader, String aClassName, Class<?> aClassBeingRedefined, ProtectionDomain aProtectionDomain, byte[] aClassFileBuffer) throws IllegalClassFormatException {
+ private static byte[] injectFSPermissionCheckerHooks(String aClassName) throws IllegalClassFormatException {
byte[] ret = null;
System.out.println("Injection code is Invoked in JVM [" + Runtime.getRuntime() + "] for class [" + aClassName + "] ....");
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index dbd1201..3c922c9 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -232,7 +232,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
}
if(hiveOpType == HiveOperationType.DFS) {
- handleDfsCommand(hiveOpType, inputHObjs, outputHObjs, context, sessionContext, user, groups, auditHandler);
+ handleDfsCommand(hiveOpType, inputHObjs, user, auditHandler);
return;
}
@@ -251,7 +251,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
String path = hiveObj.getObjectName();
FsAction permission = FsAction.READ;
- if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf())) {
+ if(!isURIAccessAllowed(user, permission, path, getHiveConf())) {
throw new HiveAccessControlException(String.format("Permission denied: user [%s] does not have [%s] privilege on [%s]", user, permission.name(), path));
}
@@ -295,7 +295,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
String path = hiveObj.getObjectName();
FsAction permission = FsAction.WRITE;
- if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf())) {
+ if(!isURIAccessAllowed(user, permission, path, getHiveConf())) {
throw new HiveAccessControlException(String.format("Permission denied: user [%s] does not have [%s] privilege on [%s]", user, permission.name(), path));
}
@@ -936,7 +936,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
return accessType;
}
- private boolean isURIAccessAllowed(String userName, Set<String> groups, FsAction action, String uri, HiveConf conf) {
+ private boolean isURIAccessAllowed(String userName, FsAction action, String uri, HiveConf conf) {
boolean ret = false;
if(action == FsAction.NONE) {
@@ -964,11 +964,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
private void handleDfsCommand(HiveOperationType hiveOpType,
List<HivePrivilegeObject> inputHObjs,
- List<HivePrivilegeObject> outputHObjs,
- QueryContext context,
- HiveAuthzSessionContext sessionContext,
String user,
- Set<String> groups,
RangerHiveAuditHandler auditHandler)
throws HiveAuthzPluginException, HiveAccessControlException {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
index 151f23e..b49cdc0 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
@@ -186,7 +186,7 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin {
List<RangerAccessRequestImpl> requestsForCollection = createRequests(
userName, userGroups, ip, eventTime, context,
- collectionRequest, requestData);
+ collectionRequest);
rangerRequests.addAll(requestsForCollection);
}
if (logger.isDebugEnabled()) {
@@ -290,13 +290,11 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin {
* @param eventTime
* @param context
* @param collectionRequest
- * @param requestData
* @return
*/
private List<RangerAccessRequestImpl> createRequests(String userName,
Set<String> userGroups, String ip, Date eventTime,
- AuthorizationContext context, CollectionRequest collectionRequest,
- String requestData) {
+ AuthorizationContext context, CollectionRequest collectionRequest) {
List<RangerAccessRequestImpl> requests = new ArrayList<RangerAccessRequestImpl>();
String accessType = mapToRangerAccessType(context);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
index 551ec2e..3647bb1 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
@@ -137,7 +137,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
}else{
- Subject sub = getSubjectForKerberos(repoName, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(repoName);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -232,7 +232,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);}
else{
- Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(provider);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -282,7 +282,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.delete(String.class) ;
}else{
- Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(provider);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -333,7 +333,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
}else{
- Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(provider);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -383,7 +383,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
}else{
- Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(provider);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -420,7 +420,7 @@ public class KmsKeyMgr {
if(!isKerberos){
response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
}else{
- Subject sub = getSubjectForKerberos(repoName, currentUserLoginId);
+ Subject sub = getSubjectForKerberos(repoName);
response = Subject.doAs(sub, new PrivilegedAction<String>() {
@Override
public String run() {
@@ -523,7 +523,7 @@ public class KmsKeyMgr {
return providers;
}
- private Subject getSubjectForKerberos(String provider, String currentUserLoginId) throws Exception{
+ private Subject getSubjectForKerberos(String provider) throws Exception{
String userName = getKMSUserName(provider);
String password = getKMSPassword(provider);
if (KerberosName.getRules() == null) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 5905fc9..2980e51 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -494,7 +494,7 @@ public class RangerBizUtil {
String[] requestResNameList = resourceNames.split(",");
for (String resourceName : requestResNameList) {
boolean matchFound = matchKnoxPolicy(resourceName,
- xResourceList, vXResponse, xUserId, permission);
+ xResourceList, xUserId, permission);
if (!matchFound) {
vXResponse.setMsgDesc("You're not permitted to perform "
+ "the action for resource path : " + resourceName);
@@ -508,7 +508,7 @@ public class RangerBizUtil {
String[] requestResNameList = resourceNames.split(",");
for (String resourceName : requestResNameList) {
boolean matchFound = matchStormPolicy(resourceName,
- xResourceList, vXResponse, xUserId, permission);
+ xResourceList, xUserId, permission);
if (!matchFound) {
vXResponse.setMsgDesc("You're not permitted to perform "
+ "the action for resource path : " + resourceName);
@@ -849,13 +849,12 @@ public class RangerBizUtil {
*
* @param resourceName
* @param xResourceList
- * @param vXResponse
* @param xUserId
* @param permission
* @return
*/
private boolean matchKnoxPolicy(String resourceName,
- List<XXResource> xResourceList, VXResponse vXResponse,
+ List<XXResource> xResourceList,
Long xUserId, int permission) {
String[] splittedResources = stringUtil.split(resourceName,
@@ -937,13 +936,12 @@ public class RangerBizUtil {
*
* @param resourceName
* @param xResourceList
- * @param vXResponse
* @param xUserId
* @param permission
* @return
*/
private boolean matchStormPolicy(String resourceName,
- List<XXResource> xResourceList, VXResponse vXResponse,
+ List<XXResource> xResourceList,
Long xUserId, int permission) {
String[] splittedResources = stringUtil.split(resourceName,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 5226f49..96ddf3f 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -1076,11 +1076,6 @@ public class XUserMgr extends XUserMgrBase {
}
public VXPermMapList searchXPermMaps(SearchCriteria searchCriteria) {
- VXPermMapList vXPermMapList = super.searchXPermMaps(searchCriteria);
- return applyDelegatedAdminAccess(vXPermMapList, searchCriteria);
- }
-
- private VXPermMapList applyDelegatedAdminAccess(VXPermMapList vXPermMapList, SearchCriteria searchCriteria) {
VXPermMapList returnList;
UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
@@ -1126,11 +1121,6 @@ public class XUserMgr extends XUserMgrBase {
}
public VXAuditMapList searchXAuditMaps(SearchCriteria searchCriteria) {
- VXAuditMapList vXAuditMapList = xAuditMapService.searchXAuditMaps(searchCriteria);
- return applyDelegatedAdminAccess(vXAuditMapList, searchCriteria);
- }
-
- private VXAuditMapList applyDelegatedAdminAccess(VXAuditMapList vXAuditMapList, SearchCriteria searchCriteria) {
VXAuditMapList returnList;
UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index cf66fc1..74431df 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -218,11 +218,11 @@ public class RangerSearchUtil extends SearchUtil {
}
private StringBuilder buildWhereClause(SearchFilter searchCriteria, List<SearchField> searchFields) {
- return buildWhereClause(searchCriteria, searchFields, false, false);
+ return buildWhereClause(searchCriteria, searchFields, false);
}
private StringBuilder buildWhereClause(SearchFilter searchCriteria,
- List<SearchField> searchFields, boolean isNativeQuery,
+ List<SearchField> searchFields,
boolean excludeWhereKeyword) {
StringBuilder whereClause = new StringBuilder(excludeWhereKeyword ? "" : "WHERE 1 = 1 ");
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
index c25b989..13607d3 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
@@ -165,24 +165,8 @@ public abstract class BaseDao<T> {
return rtrnList;
}
- /**
- * @param clazz
- * @param query
- * @param b
- * @return
- */
- private Long executeCountQueryInSecurityContext(Class<T> clazz,
- Query query, boolean userPrefFilter) {
- // boolean filterEnabled = false;
- Long rtrnObj = null;
- // filterEnabled = enableVisiblityFilters(clazz, userPrefFilter);
- rtrnObj = (Long) query.getSingleResult();
-
- return rtrnObj;
- }
-
- public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) {
- return executeCountQueryInSecurityContext(clazz, query, true);
+ public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) { //NOPMD
+ return (Long) query.getSingleResult();
}
public List<T> getAll() {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index ad25817..c999f86 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1557,7 +1557,7 @@ public class ServiceREST {
httpCode = HttpServletResponse.SC_BAD_REQUEST;
logMsg = excp.getMessage();
} finally {
- createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, ret, httpCode, request);
+ createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, httpCode, request);
RangerPerfTracer.log(perf);
}
@@ -1575,7 +1575,7 @@ public class ServiceREST {
return ret;
}
- private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String pluginId, ServicePolicies policies, int httpRespCode, HttpServletRequest request) {
+ private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String pluginId, int httpRespCode, HttpServletRequest request) {
try {
String ipAddress = request.getHeader("X-FORWARDED-FOR");