This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new ceffbc5 RANGER-3037 1. Import policy API is not returning proper
response in case pre authorization fails. 2. Similar changes done for other pre
authorization method.
ceffbc5 is described below
commit ceffbc5ad6b42a842194a17f21ed7125dea8ab4c
Author: Dineshkumar Yadav <[email protected]>
AuthorDate: Thu Oct 29 17:10:31 2020 +0530
RANGER-3037 1. Import policy API is not returning proper response in case
pre authorization fails. 2. Similar changes done for other pre authorization
method.
Signed-off-by: Mehul Parikh <[email protected]>
---
.../security/context/RangerPreAuthSecurityHandler.java | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
index a4bf694..fd5a3a4 100644
---
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
+++
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
@@ -31,6 +31,7 @@ import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.UserSessionBase;
import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.view.VXResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -92,8 +93,10 @@ public class RangerPreAuthSecurityHandler {
}
}
}
-
- throw
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is
not allowed to access the API", true);
+ VXResponse gjResponse = new VXResponse();
+ gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
+ gjResponse.setMsgDesc("User is not allowed to access the API");
+ throw restErrorUtil.generateRESTException(gjResponse);
}
public boolean isAPISpnegoAccessible(){
@@ -103,7 +106,10 @@ public class RangerPreAuthSecurityHandler {
}else if(userSession != null && (userSession.isUserAdmin() ||
userSession.isKeyAdmin() || userSession.isAuditKeyAdmin())){
return true;
}
- throw
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is
not allowed to access the API", true);
+ VXResponse gjResponse = new VXResponse();
+ gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
+ gjResponse.setMsgDesc("User is not allowed to access the API");
+ throw restErrorUtil.generateRESTException(gjResponse);
}
public boolean isAdminOrKeyAdminRole(){
@@ -111,6 +117,9 @@ public class RangerPreAuthSecurityHandler {
if (userSession != null && (userSession.isKeyAdmin() ||
userSession.isUserAdmin())) {
return true;
}
- throw
restErrorUtil.createRESTException(HttpServletResponse.SC_UNAUTHORIZED, "User is
not allowed to access the API", true);
+ VXResponse gjResponse = new VXResponse();
+ gjResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
+ gjResponse.setMsgDesc("User is not allowed to access the API");
+ throw restErrorUtil.generateRESTException(gjResponse);
}
}