You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2020/01/23 11:13:31 UTC

[ranger] branch master updated: RANGER-2708 Ranger public group check uses wrong comparison for equality

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 3a4bb32  RANGER-2708 Ranger public group check uses wrong comparison for equality
3a4bb32 is described below

commit 3a4bb32abe0a24628f1c16f1eedf792b37906372
Author: Lars Francke <la...@gmail.com>
AuthorDate: Tue Jan 21 13:11:53 2020 +0100

    RANGER-2708 Ranger public group check uses wrong comparison for equality
    
    Signed-off-by: Pradeep <pr...@apache.org>
---
 .../src/main/java/org/apache/ranger/biz/RangerBizUtil.java  | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 21308b1..ebc72cf 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -29,8 +29,8 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-
 import javax.servlet.http.HttpServletResponse;
+
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.io.IOCase;
@@ -905,10 +905,8 @@ public class RangerBizUtil {
 	private boolean checkUsrPermForPolicy(Long xUserId, int permission,
 			Long resourceId) {
 		// this snippet load user groups and permission map list from DB
-		List<XXGroup> userGroups = new ArrayList<XXGroup>();
-		List<XXPermMap> permMapList = new ArrayList<XXPermMap>();
-		userGroups = daoManager.getXXGroup().findByUserId(xUserId);
-		permMapList = daoManager.getXXPermMap().findByResourceId(resourceId);
+		List<XXGroup> userGroups = daoManager.getXXGroup().findByUserId(xUserId);
+		List<XXPermMap> permMapList = daoManager.getXXPermMap().findByResourceId(resourceId);
 		Long publicGroupId = getPublicGroupId();
 		boolean matchFound = false;
 		for (XXPermMap permMap : permMapList) {
@@ -916,9 +914,8 @@ public class RangerBizUtil {
 				if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
 					// check whether permission is enabled for public group or a
 					// group to which user belongs
-					matchFound = (publicGroupId != null && publicGroupId == permMap
-							.getGroupId())
-							|| isGroupInList(permMap.getGroupId(), userGroups);
+					matchFound = (publicGroupId != null && publicGroupId.equals(permMap.getGroupId())) ||
+											 isGroupInList(permMap.getGroupId(), userGroups);
 				} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
 					// check whether permission is enabled to user
 					matchFound = permMap.getUserId().equals(xUserId);