You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2022/01/19 04:58:27 UTC

[ranger] 02/02: RANGER-3589 : Ranger java patches failing due to admin privilege checks

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 65798673112e037d2f884f78eaeb05588dbf0659
Author: mateenmansoori <ma...@gmail.com>
AuthorDate: Tue Jan 18 14:43:18 2022 +0530

    RANGER-3589 : Ranger java patches failing due to admin privilege checks
    
    Signed-off-by: pradeep <pr...@apache.org>
---
 .../src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java     | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 6c99df4..00c0809 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -168,8 +168,6 @@ public class PolicyRefUpdater {
 		}
 		daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
 
-		final boolean isAdmin = rangerBizUtil.checkAdminAccess();
-
 		List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
 		for (String role : roleNames) {
 			if (StringUtils.isBlank(role)) {
@@ -177,7 +175,7 @@ public class PolicyRefUpdater {
 			}
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.ROLE, role, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (isAdmin) {
+				if (rangerBizUtil.checkAdminAccess()) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();
@@ -197,7 +195,7 @@ public class PolicyRefUpdater {
 
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.GROUP, group, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (isAdmin) {
+				if (rangerBizUtil.checkAdminAccess()) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();
@@ -214,7 +212,7 @@ public class PolicyRefUpdater {
 			}
 			PolicyPrincipalAssociator associator = new PolicyPrincipalAssociator(PRINCIPAL_TYPE.USER, user, xPolicy);
 			if (!associator.doAssociate(false)) {
-				if (isAdmin) {
+				if (rangerBizUtil.checkAdminAccess()) {
 					rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
 				} else {
 					VXResponse gjResponse = new VXResponse();