xunliu commented on code in PR #5113:
URL: https://github.com/apache/gravitino/pull/5113#discussion_r1806686267
##########
authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java:
##########
@@ -78,41 +82,34 @@ protected RangerAuthorizationPlugin(Map<String, String>
config) {
// Apache Ranger Password should be minimum 8 characters with min one
alphabet and one numeric.
String password = config.get(AuthorizationPropertiesMeta.RANGER_PASSWORD);
rangerServiceName =
config.get(AuthorizationPropertiesMeta.RANGER_SERVICE_NAME);
- RangerHelper.check(rangerUrl != null, "Ranger admin URL is required");
- RangerHelper.check(authType != null, "Ranger auth type is required");
- RangerHelper.check(rangerAdminName != null, "Ranger username is required");
- RangerHelper.check(password != null, "Ranger password is required");
- RangerHelper.check(rangerServiceName != null, "Ranger service name is
required");
+ Preconditions.checkArgument(rangerUrl != null, "Ranger admin URL is
required");
+ Preconditions.checkArgument(authType != null, "Ranger auth type is
required");
+ Preconditions.checkArgument(rangerAdminName != null, "Ranger username is
required");
+ Preconditions.checkArgument(password != null, "Ranger password is
required");
+ Preconditions.checkArgument(rangerServiceName != null, "Ranger service
name is required");
rangerClient = new RangerClientExtension(rangerUrl, authType,
rangerAdminName, password);
rangerHelper =
new RangerHelper(
rangerClient,
rangerAdminName,
rangerServiceName,
- privilegesMappingRule(),
ownerMappingRule(),
policyResourceDefinesRule());
}
- /**
- * Translate the privilege name to the corresponding privilege name in the
Ranger
- *
- * @param name The privilege name to translate
- * @return The corresponding Ranger privilege name in the underlying
permission system
- */
- public Set<String> translatePrivilege(Privilege.Name name) {
- return rangerHelper.translatePrivilege(name);
- }
-
/**
* Create a new role in the Ranger. <br>
* 1. Create a policy for metadata object. <br>
* 2. Save role name in the Policy items. <br>
*/
@Override
public Boolean onRoleCreated(Role role) throws RuntimeException {
- rangerHelper.createRangerRoleIfNotExists(role.name());
+ if (!validAuthorizationOperation(role.securableObjects())) {
+ return false;
Review Comment:
Tells the caller that the execution succeeded or failed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
