This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch ranger-2.1 in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 84e0bbd28ff000a3d018f9a939dc41c7991e3aac Author: Ramesh Mani <[email protected]> AuthorDate: Thu Aug 27 12:56:23 2020 -0700 RANGER-2973: NPE check in audit generation in RangerHDFSPlugin to avoid possible issues (cherry picked from commit 84c39cbfe3f014d89feabb27748ffe3618fa7d2c) --- .../authorization/hadoop/RangerHdfsAuthorizer.java | 44 +++++++++++----------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java index b7ace87..d8bcac7 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java @@ -914,32 +914,34 @@ class RangerHdfsAuditHandler extends RangerDefaultAuditHandler { LOG.debug("==> RangerHdfsAuditHandler.logAudit(" + result + ")"); } - if(! isAuditEnabled && result.getIsAudited()) { - isAuditEnabled = true; - } + if (result != null) { + if(! isAuditEnabled && result.getIsAudited()) { + isAuditEnabled = true; + } - if (auditEvent == null) { - auditEvent = super.getAuthzEvents(result); - } + if (auditEvent == null) { + auditEvent = super.getAuthzEvents(result); + } - if (auditEvent != null) { - RangerAccessRequest request = result.getAccessRequest(); - RangerAccessResource resource = request.getResource(); - String resourcePath = resource != null ? resource.getAsString() : null; + if (auditEvent != null) { + RangerAccessRequest request = result.getAccessRequest(); + RangerAccessResource resource = request.getResource(); + String resourcePath = resource != null ? resource.getAsString() : null; - // Overwrite fields in original auditEvent - auditEvent.setEventTime(request.getAccessTime() != null ? request.getAccessTime() : new Date()); - auditEvent.setAccessType(request.getAction()); - auditEvent.setResourcePath(this.pathToBeValidated); - auditEvent.setResultReason(resourcePath); + // Overwrite fields in original auditEvent + auditEvent.setEventTime(request.getAccessTime() != null ? request.getAccessTime() : new Date()); + auditEvent.setAccessType(request.getAction()); + auditEvent.setResourcePath(this.pathToBeValidated); + auditEvent.setResultReason(resourcePath); - auditEvent.setAccessResult((short) (result.getIsAllowed() ? 1 : 0)); - auditEvent.setPolicyId(result.getPolicyId()); - auditEvent.setPolicyVersion(result.getPolicyVersion()); + auditEvent.setAccessResult((short) (result.getIsAllowed() ? 1 : 0)); + auditEvent.setPolicyId(result.getPolicyId()); + auditEvent.setPolicyVersion(result.getPolicyVersion()); - Set<String> tags = getTags(request); - if (tags != null) { - auditEvent.setTags(tags); + Set<String> tags = getTags(request); + if (tags != null) { + auditEvent.setTags(tags); + } } }
