This is an automated email from the ASF dual-hosted git repository.
rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new f570226 RANGER-2556:RangerHivePlugin Row filtering and Column Masking
auditing gives inconsistent audit information - addon
f570226 is described below
commit f57022645db36054d2c63f1af503b82363999b47
Author: rmani <[email protected]>
AuthorDate: Fri Aug 30 13:38:27 2019 -0700
RANGER-2556:RangerHivePlugin Row filtering and Column Masking auditing
gives inconsistent audit information - addon
---
.../authorization/hive/authorizer/RangerHiveAuditHandler.java | 2 +-
.../authorization/hive/authorizer/RangerHiveAuthorizer.java | 8 ++------
2 files changed, 3 insertions(+), 7 deletions(-)
diff --git
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
index bf4d6c1..765da59 100644
---
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
+++
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
@@ -108,7 +108,7 @@ public class RangerHiveAuditHandler extends
RangerDefaultAuditHandler {
ret = createAuditEvent(result, result.getMaskType(),
resourcePath);
} else if (policyType == RangerPolicy.POLICY_TYPE_ROWFILTER) {
ret = createAuditEvent(result, ACCESS_TYPE_ROWFILTER,
resourcePath);
- } else {
+ } else if (policyType == RangerPolicy.POLICY_TYPE_ACCESS) {
String accessType = null;
if (request instanceof RangerHiveAccessRequest) {
diff --git
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index dec39e4..bb015c5 100644
---
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -1064,11 +1064,9 @@ public class RangerHiveAuthorizer extends
RangerHiveAuthorizerBase {
if(isRowFilterEnabled(result)) {
ret = result.getFilterExpr();
- auditHandler.flushAudit();
}
- } catch (Exception e){
+ } finally {
auditHandler.flushAudit();
-
LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
}
if(LOG.isDebugEnabled()) {
@@ -1129,7 +1127,6 @@ public class RangerHiveAuthorizer extends
RangerHiveAuthorizerBase {
columnTransformer =
transformer.replace("{col}", columnName);
}
- auditHandler.flushAudit();
/*
String maskCondition =
result.getMaskCondition();
@@ -1138,9 +1135,8 @@ public class RangerHiveAuthorizer extends
RangerHiveAuthorizerBase {
}
*/
}
- } catch (Exception e){
+ } finally {
auditHandler.flushAudit();
-
LOG.error("RangerHiveAuthoriser.applyRowFilterAndColumnMasking() failed...", e);
}
columnTransformers.add(columnTransformer);
