You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2022/01/19 10:59:03 UTC

[ranger] branch master updated: Revert "RANGER-3589 : Ranger java patches failing due to admin privilege checks"

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 2925289  Revert "RANGER-3589 : Ranger java patches failing due to admin privilege checks"
2925289 is described below

commit 292528968560429624667fb5ec254eed40e52a52
Author: pradeep <pr...@apache.org>
AuthorDate: Wed Jan 19 16:28:39 2022 +0530

    Revert "RANGER-3589 : Ranger java patches failing due to admin privilege checks"
    
    This reverts commit 65798673112e037d2f884f78eaeb05588dbf0659.
---
 .../src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java     | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 00c0809..6c99df4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -168,6 +168,8 @@ public class PolicyRefUpdater {
 		}
 		daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
 
+		final boolean isAdmin = rangerBizUtil.checkAdminAccess();
+
 		List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
 		for (String role : roleNames) {
 			if (StringUtils.isBlank(role)) {
@@ -175,7 +177,7 @@ public class PolicyRefUpdater {
 			}
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.ROLE, role, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (rangerBizUtil.checkAdminAccess()) {
+				if (isAdmin) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();
@@ -195,7 +197,7 @@ public class PolicyRefUpdater {
 
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.GROUP, group, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (rangerBizUtil.checkAdminAccess()) {
+				if (isAdmin) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();
@@ -212,7 +214,7 @@ public class PolicyRefUpdater {
 			}
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.USER, user, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (rangerBizUtil.checkAdminAccess()) {
+				if (isAdmin) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();