You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by zs...@apache.org on 2018/03/28 07:04:57 UTC

ranger git commit: RANGER-2035 : fix handling of null implClass in servicedefs (Oracle returns null for stored empty strings)

Repository: ranger
Updated Branches:
  refs/heads/master e6c7afaa8 -> 6da244d6f


RANGER-2035 : fix handling of null implClass in servicedefs (Oracle returns null for stored empty strings)


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/6da244d6
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/6da244d6
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/6da244d6

Branch: refs/heads/master
Commit: 6da244d6f7f6f43e98e702d83fc3c768b1713f0e
Parents: e6c7afa
Author: Zsombor Gegesy <zs...@apache.org>
Authored: Fri Mar 23 10:09:40 2018 +0100
Committer: Zsombor Gegesy <zs...@apache.org>
Committed: Wed Mar 28 09:04:26 2018 +0200

----------------------------------------------------------------------
 .../org/apache/ranger/biz/RangerBizUtil.java    | 45 ++++++++------------
 1 file changed, 17 insertions(+), 28 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/6da244d6/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index d7e9e33..a0477fb 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -1464,28 +1464,24 @@ public class RangerBizUtil {
 
 		boolean isKeyAdmin = session.isKeyAdmin();
 		boolean isSysAdmin = session.isUserAdmin();
-                boolean isAuditor =  session.isAuditUserAdmin();
-                boolean isAduitorKeyAdmin = session.isAuditKeyAdmin();
+		boolean isAuditor =  session.isAuditUserAdmin();
+		boolean isAuditorKeyAdmin = session.isAuditKeyAdmin();
 		boolean isUser = false;
 
 		List<String> roleList = session.getUserRoleList();
-                if (roleList.contains(RangerConstants.ROLE_USER) ) {
+		if (roleList.contains(RangerConstants.ROLE_USER) ) {
 			isUser = true;
 		}
 
 		if (xxDbBase != null && xxDbBase instanceof XXServiceDef) {
 			XXServiceDef xServiceDef = (XXServiceDef) xxDbBase;
-			String implClass = xServiceDef.getImplclassname();
-			if (implClass == null) {
-				return false;
-			}
-
-			if (isKeyAdmin && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-				return true;
-            } else if (isAduitorKeyAdmin && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-                    return true;
-            } else if ((isSysAdmin || isUser || isAuditor) && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-				return true;
+			final String implClass = xServiceDef.getImplclassname();
+			if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
+				// KMS case
+				return isKeyAdmin || isAuditorKeyAdmin;
+			} else {
+				// Other cases - implClass can be null!
+				return isSysAdmin || isUser || isAuditor;
 			}
 		}
 
@@ -1493,27 +1489,20 @@ public class RangerBizUtil {
 
 			// TODO: As of now we are allowing SYS_ADMIN to create/update/read/delete all the
 			// services including KMS
-                        if (isSysAdmin || isAuditor) {
+			if (isSysAdmin || isAuditor) {
 				return true;
 			}
 
 			XXService xService = (XXService) xxDbBase;
 			XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(xService.getType());
 			String implClass = xServiceDef.getImplclassname();
-			if (implClass == null) {
-				return false;
-			}
-
-			if (isKeyAdmin && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-				return true;
-                        } else if (isAduitorKeyAdmin && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-                                return true;
-			} else if (isUser && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
-				return true;
+			if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
+				// KMS case
+				return isKeyAdmin || isAuditorKeyAdmin;
+			} else {
+				// Other cases - implClass can be null!
+				return isUser;
 			}
-			// else if ((isSysAdmin || isUser) && !implClass.equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME)) {
-			// return true;
-			// }
 		}
 		return false;
 	}