You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ranger.apache.org by rm...@apache.org on 2019/08/30 16:06:48 UTC

[ranger] branch master updated: RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information

This is an automated email from the ASF dual-hosted git repository.

rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 59b33c5  RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information
59b33c5 is described below

commit 59b33c505a4393bd014f5c24639dac578f921d68
Author: rmani <rm...@hortonworks.com>
AuthorDate: Thu Aug 29 16:13:36 2019 -0700

    RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information
    
    Change-Id: Ia1cb14705b1d54b1654737c6c6219e46e52b36d9
    
    Signed-off-by: rmani <rm...@hortonworks.com>
---
 .../authorization/hive/authorizer/RangerHiveAuthorizer.java       | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index bb015c5..dec39e4 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -1064,9 +1064,11 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 
 			if(isRowFilterEnabled(result)) {
 				ret = result.getFilterExpr();
+				auditHandler.flushAudit();
 			}
-		} finally {
+		} catch (Exception e){
 			auditHandler.flushAudit();
+			LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
 		}
 
 		if(LOG.isDebugEnabled()) {
@@ -1127,6 +1129,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 					columnTransformer = transformer.replace("{col}", columnName);
 				}
 
+				auditHandler.flushAudit();
 				/*
 				String maskCondition = result.getMaskCondition();
 
@@ -1135,8 +1138,9 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 				}
 				*/
 			}
-		} finally {
+		} catch (Exception e){
 			auditHandler.flushAudit();
+			LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
 		}
 
 		columnTransformers.add(columnTransformer);