You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2020/08/27 22:13:03 UTC
[ranger] 01/02: RANGER-2973: NPE check in audit generation in
RangerHDFSPlugin to avoid possible issues
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch ranger-2.1
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 84e0bbd28ff000a3d018f9a939dc41c7991e3aac
Author: Ramesh Mani <ra...@gmail.com>
AuthorDate: Thu Aug 27 12:56:23 2020 -0700
RANGER-2973: NPE check in audit generation in RangerHDFSPlugin to avoid possible issues
(cherry picked from commit 84c39cbfe3f014d89feabb27748ffe3618fa7d2c)
---
.../authorization/hadoop/RangerHdfsAuthorizer.java | 44 +++++++++++-----------
1 file changed, 23 insertions(+), 21 deletions(-)
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
index b7ace87..d8bcac7 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
@@ -914,32 +914,34 @@ class RangerHdfsAuditHandler extends RangerDefaultAuditHandler {
LOG.debug("==> RangerHdfsAuditHandler.logAudit(" + result + ")");
}
- if(! isAuditEnabled && result.getIsAudited()) {
- isAuditEnabled = true;
- }
+ if (result != null) {
+ if(! isAuditEnabled && result.getIsAudited()) {
+ isAuditEnabled = true;
+ }
- if (auditEvent == null) {
- auditEvent = super.getAuthzEvents(result);
- }
+ if (auditEvent == null) {
+ auditEvent = super.getAuthzEvents(result);
+ }
- if (auditEvent != null) {
- RangerAccessRequest request = result.getAccessRequest();
- RangerAccessResource resource = request.getResource();
- String resourcePath = resource != null ? resource.getAsString() : null;
+ if (auditEvent != null) {
+ RangerAccessRequest request = result.getAccessRequest();
+ RangerAccessResource resource = request.getResource();
+ String resourcePath = resource != null ? resource.getAsString() : null;
- // Overwrite fields in original auditEvent
- auditEvent.setEventTime(request.getAccessTime() != null ? request.getAccessTime() : new Date());
- auditEvent.setAccessType(request.getAction());
- auditEvent.setResourcePath(this.pathToBeValidated);
- auditEvent.setResultReason(resourcePath);
+ // Overwrite fields in original auditEvent
+ auditEvent.setEventTime(request.getAccessTime() != null ? request.getAccessTime() : new Date());
+ auditEvent.setAccessType(request.getAction());
+ auditEvent.setResourcePath(this.pathToBeValidated);
+ auditEvent.setResultReason(resourcePath);
- auditEvent.setAccessResult((short) (result.getIsAllowed() ? 1 : 0));
- auditEvent.setPolicyId(result.getPolicyId());
- auditEvent.setPolicyVersion(result.getPolicyVersion());
+ auditEvent.setAccessResult((short) (result.getIsAllowed() ? 1 : 0));
+ auditEvent.setPolicyId(result.getPolicyId());
+ auditEvent.setPolicyVersion(result.getPolicyVersion());
- Set<String> tags = getTags(request);
- if (tags != null) {
- auditEvent.setTags(tags);
+ Set<String> tags = getTags(request);
+ if (tags != null) {
+ auditEvent.setTags(tags);
+ }
}
}