This is an automated email from the ASF dual-hosted git repository.

mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new ceffbc5  RANGER-3037 1. Import policy API is not returning proper 
response in case pre authorization fails. 2. Similar changes done for other pre 
authorization method.
ceffbc5 is described below

commit ceffbc5ad6b42a842194a17f21ed7125dea8ab4c
Author: Dineshkumar Yadav <[email protected]>
AuthorDate: Thu Oct 29 17:10:31 2020 +0530

    RANGER-3037 1. Import policy API is not returning proper response in case 
pre authorization fails. 2. Similar changes done for other pre authorization 
method.
    
    Signed-off-by: Mehul Parikh <[email protected]>
---
 .../security/context/RangerPreAuthSecurityHandler.java  | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
 
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
index a4bf694..fd5a3a4 100644
--- 
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
@@ -31,6 +31,7 @@ import org.apache.ranger.common.ContextUtil;
 import org.apache.ranger.common.RESTErrorUtil;
 import org.apache.ranger.common.UserSessionBase;
 import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.view.VXResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -92,8 +93,10 @@ public class RangerPreAuthSecurityHandler {
                                }
                        }
                }
-
-               throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is 
not allowed to access the API", true);
+               VXResponse gjResponse = new VXResponse();
+        gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
+        gjResponse.setMsgDesc("User is not allowed to access the API");
+        throw restErrorUtil.generateRESTException(gjResponse);
        }
 
        public boolean isAPISpnegoAccessible(){
@@ -103,7 +106,10 @@ public class RangerPreAuthSecurityHandler {
                 }else if(userSession != null && (userSession.isUserAdmin() || 
userSession.isKeyAdmin() || userSession.isAuditKeyAdmin())){
                        return true;
                }
-               throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is 
not allowed to access the API", true);
+        VXResponse gjResponse = new VXResponse();
+        gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
+        gjResponse.setMsgDesc("User is not allowed to access the API");
+        throw restErrorUtil.generateRESTException(gjResponse);
        }
        
        public boolean isAdminOrKeyAdminRole(){
@@ -111,6 +117,9 @@ public class RangerPreAuthSecurityHandler {
                if (userSession != null && (userSession.isKeyAdmin() || 
userSession.isUserAdmin())) {
                        return true;
                }
-               throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_UNAUTHORIZED, "User is 
not allowed to access the API", true);
+               VXResponse gjResponse = new VXResponse();
+        gjResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
+        gjResponse.setMsgDesc("User is not allowed to access the API");
+        throw restErrorUtil.generateRESTException(gjResponse);
        }
 }

Reply via email to