You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2021/01/02 12:37:39 UTC
[ranger] 01/03: RANGER-3135: optimze log print for querying roles
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 5797bb9541c1bfa84fbfd9bd19dbd635c4928b6f
Author: rujia1019 <82...@163.com>
AuthorDate: Tue Dec 29 20:21:26 2020 +0800
RANGER-3135: optimze log print for querying roles
Signed-off-by: pradeep <pr...@apache.org>
---
.../main/java/org/apache/ranger/rest/RoleREST.java | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java b/security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java
index 86cda07..20db16d 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java
@@ -280,6 +280,9 @@ public class RoleREST {
if (ret == null) {
throw restErrorUtil.createRESTException("User doesn't have permissions to get details for " + roleName);
}
+ if (ret.getName() == null) {
+ throw restErrorUtil.createRESTException("Role with name: " + roleName + " does not exist");
+ }
} catch(WebApplicationException excp) {
throw excp;
@@ -931,16 +934,17 @@ public class RoleREST {
effectiveUser = loggedInUser;
}
try {
- if (!bizUtil.isUserRangerAdmin(effectiveUser)) {
- existingRole = roleStore.getRole(roleName);
- ensureRoleAccess(effectiveUser, userGroups, existingRole);
-
- } else {
- existingRole = roleStore.getRole(roleName);
+ existingRole = roleStore.getRole(roleName);
+ if (!ensureRoleAccess(effectiveUser, userGroups, existingRole)) {
+ LOG.error("User does not have permission for this operation");
+ return null;
}
} catch (Exception ex) {
- LOG.error(ex.getMessage());
- return null;
+ if (bizUtil.isUserRangerAdmin(effectiveUser)) {
+ return new RangerRole();
+ } else {
+ return null;
+ }
}
return existingRole;