You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by rm...@apache.org on 2019/08/30 16:06:48 UTC
[ranger] branch master updated: RANGER-2556:RangerHivePlugin Row
filtering and Column Masking auditing gives inconsistent audit information
This is an automated email from the ASF dual-hosted git repository.
rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 59b33c5 RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information
59b33c5 is described below
commit 59b33c505a4393bd014f5c24639dac578f921d68
Author: rmani <rm...@hortonworks.com>
AuthorDate: Thu Aug 29 16:13:36 2019 -0700
RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information
Change-Id: Ia1cb14705b1d54b1654737c6c6219e46e52b36d9
Signed-off-by: rmani <rm...@hortonworks.com>
---
.../authorization/hive/authorizer/RangerHiveAuthorizer.java | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index bb015c5..dec39e4 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -1064,9 +1064,11 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
if(isRowFilterEnabled(result)) {
ret = result.getFilterExpr();
+ auditHandler.flushAudit();
}
- } finally {
+ } catch (Exception e){
auditHandler.flushAudit();
+ LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
}
if(LOG.isDebugEnabled()) {
@@ -1127,6 +1129,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
columnTransformer = transformer.replace("{col}", columnName);
}
+ auditHandler.flushAudit();
/*
String maskCondition = result.getMaskCondition();
@@ -1135,8 +1138,9 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
}
*/
}
- } finally {
+ } catch (Exception e){
auditHandler.flushAudit();
+ LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
}
columnTransformers.add(columnTransformer);