You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2020/01/23 11:13:31 UTC
[ranger] branch master updated: RANGER-2708 Ranger public group
check uses wrong comparison for equality
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 3a4bb32 RANGER-2708 Ranger public group check uses wrong comparison for equality
3a4bb32 is described below
commit 3a4bb32abe0a24628f1c16f1eedf792b37906372
Author: Lars Francke <la...@gmail.com>
AuthorDate: Tue Jan 21 13:11:53 2020 +0100
RANGER-2708 Ranger public group check uses wrong comparison for equality
Signed-off-by: Pradeep <pr...@apache.org>
---
.../src/main/java/org/apache/ranger/biz/RangerBizUtil.java | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 21308b1..ebc72cf 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -29,8 +29,8 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
-
import javax.servlet.http.HttpServletResponse;
+
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.io.IOCase;
@@ -905,10 +905,8 @@ public class RangerBizUtil {
private boolean checkUsrPermForPolicy(Long xUserId, int permission,
Long resourceId) {
// this snippet load user groups and permission map list from DB
- List<XXGroup> userGroups = new ArrayList<XXGroup>();
- List<XXPermMap> permMapList = new ArrayList<XXPermMap>();
- userGroups = daoManager.getXXGroup().findByUserId(xUserId);
- permMapList = daoManager.getXXPermMap().findByResourceId(resourceId);
+ List<XXGroup> userGroups = daoManager.getXXGroup().findByUserId(xUserId);
+ List<XXPermMap> permMapList = daoManager.getXXPermMap().findByResourceId(resourceId);
Long publicGroupId = getPublicGroupId();
boolean matchFound = false;
for (XXPermMap permMap : permMapList) {
@@ -916,9 +914,8 @@ public class RangerBizUtil {
if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
// check whether permission is enabled for public group or a
// group to which user belongs
- matchFound = (publicGroupId != null && publicGroupId == permMap
- .getGroupId())
- || isGroupInList(permMap.getGroupId(), userGroups);
+ matchFound = (publicGroupId != null && publicGroupId.equals(permMap.getGroupId())) ||
+ isGroupInList(permMap.getGroupId(), userGroups);
} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
// check whether permission is enabled to user
matchFound = permMap.getUserId().equals(xUserId);