You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ranger.apache.org by rm...@apache.org on 2016/12/14 17:08:03 UTC

[2/2] incubator-ranger git commit: RANGER-1254 : HiveAuthorizer should deny access to URI operations if there are any exceptions - fix PMD error with previous commit

RANGER-1254 : HiveAuthorizer should deny access to URI operations if there are any exceptions - fix PMD error with previous commit


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/043daf31
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/043daf31
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/043daf31

Branch: refs/heads/ranger-0.6
Commit: 043daf31b3310d7a2f7bab1f81cfbeb99232bb35
Parents: 200dd5a
Author: rmani <rm...@hortonworks.com>
Authored: Tue Dec 13 15:18:59 2016 -0800
Committer: rmani <rm...@hortonworks.com>
Committed: Wed Dec 14 09:07:41 2016 -0800

----------------------------------------------------------------------
 .../authorization/hive/authorizer/RangerHiveAuthorizer.java     | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/043daf31/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index 92e8c87..7dd4c90 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -1015,9 +1015,10 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
                         if (FileUtils.isOwnerOfFileHierarchy(fs, file, userName) ||
 							FileUtils.isActionPermittedForFileHierarchy(fs, file, userName, action)) {
 								continue;
+						} else {
+							isDenied = true;
+							break;
 						}
-						isDenied = true;
-						break;
                      }
                      ret = !isDenied;
                 } else { // if given path does not exist then check for parent