This is an automated email from the ASF dual-hosted git repository.

spolavarapu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 3af3415  RANGER-3297: Updating user source when same user exists as an 
internal & later added from external source
3af3415 is described below

commit 3af3415f6fae4f655d46ffd80dd8c2ad1c8c1dec
Author: Sailaja Polavarapu <[email protected]>
AuthorDate: Wed May 26 10:25:46 2021 -0700

    RANGER-3297: Updating user source when same user exists as an internal & 
later added from external source
---
 .../main/java/org/apache/ranger/biz/XUserMgr.java   |  4 ++--
 .../process/PolicyMgrUserGroupBuilder.java          | 21 +++++++++++----------
 2 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index b903955..fad332a 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -3028,7 +3028,7 @@ public class XUserMgr extends XUserMgrBase {
                } else {
                        vXPortalUser.setPublicScreenName(vXUser.getName());
                }
-               vXPortalUser.setUserSource(oldUserProfile.getUserSource());
+               vXPortalUser.setUserSource(vXUser.getUserSource());
 
                String hiddenPasswordString = 
PropertiesUtil.getProperty("ranger.password.hidden", "*****");
                String password = vXUser.getPassword();
@@ -3038,7 +3038,7 @@ public class XUserMgr extends XUserMgrBase {
                }
                else if(oldUserProfile != null && 
oldUserProfile.getUserSource() == RangerCommonEnums.USER_EXTERNAL && password 
!= null){
                        vXPortalUser.setPassword(oldUserProfile.getPassword());
-                       logger.debug("User is trrying to change external user 
password which we are not allowing it to change");
+                       logger.debug("User is trying to change external user 
password which we are not allowing it to change");
                }
                else if(password != null){
                        validatePassword(vXUser);
diff --git 
a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
 
b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
index cb071cd..65e26fe 100644
--- 
a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
+++ 
b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
@@ -624,11 +624,11 @@ public class PolicyMgrUserGroupBuilder extends 
AbstractUserGroupSource implement
                                        String oldGroupAttrsStr = 
oldGroup.getOtherAttributes();
                                        if 
(!StringUtils.equalsIgnoreCase(oldGroupAttrsStr, newGroupAttrsStr)) {
                                                Map<String, String> 
oldGroupAttrs = oldGroup.getOtherAttrsMap();
-                                               String oldGroupDN = 
oldGroupAttrs.get(UgsyncCommonConstants.FULL_NAME);
-                                               if 
(StringUtils.equalsIgnoreCase(groupDN, oldGroupDN)
+                                               String oldGroupDN = 
oldGroupAttrs != null ? oldGroupAttrs.get(UgsyncCommonConstants.FULL_NAME) : 
groupName;
+                                               if (oldGroupAttrs == null || 
(StringUtils.equalsIgnoreCase(groupDN, oldGroupDN)
                                                                && 
(StringUtils.isEmpty(oldGroupAttrs.get(UgsyncCommonConstants.SYNC_SOURCE))
                                                                || 
StringUtils.equalsIgnoreCase(oldGroupAttrs.get(UgsyncCommonConstants.SYNC_SOURCE),
-                                                               
newGroupAttrs.get(UgsyncCommonConstants.SYNC_SOURCE)))) {
+                                                               
newGroupAttrs.get(UgsyncCommonConstants.SYNC_SOURCE))))) {
                                                        
oldGroup.setOtherAttributes(newGroupAttrsStr);
                                                        
oldGroup.setOtherAttrsMap(newGroupAttrs);
                                                        
deltaGroups.put(groupName, oldGroup);
@@ -680,13 +680,14 @@ public class PolicyMgrUserGroupBuilder extends 
AbstractUserGroupSource implement
                                        String oldUserAttrsStr = 
oldUser.getOtherAttributes();
                                        if 
(!StringUtils.equalsIgnoreCase(oldUserAttrsStr, newUserAttrsStr)) {
                                                Map<String, String> 
oldUserAttrs = oldUser.getOtherAttrsMap();
-                                               String oldUserDN = 
oldUserAttrs.get(UgsyncCommonConstants.FULL_NAME);
-                                               if 
(StringUtils.equalsIgnoreCase(userDN, oldUserDN)
+                                               String oldUserDN = oldUserAttrs 
!= null ? oldUserAttrs.get(UgsyncCommonConstants.FULL_NAME) : userName;
+                                               if (oldUserAttrs == null || 
(StringUtils.equalsIgnoreCase(userDN, oldUserDN)
                                                                && 
(StringUtils.isEmpty(oldUserAttrs.get(UgsyncCommonConstants.SYNC_SOURCE))
                                                                || 
StringUtils.equalsIgnoreCase(oldUserAttrs.get(UgsyncCommonConstants.SYNC_SOURCE),
-                                                               
newUserAttrs.get(UgsyncCommonConstants.SYNC_SOURCE)))) {
+                                                               
newUserAttrs.get(UgsyncCommonConstants.SYNC_SOURCE))))) {
                                                        
oldUser.setOtherAttributes(newUserAttrsStr);
                                                        
oldUser.setOtherAttrsMap(newUserAttrs);
+                                                       
oldUser.setUserSource(SOURCE_EXTERNAL);
                                                        
deltaUsers.put(userName, oldUser);
                                                        noOfModifiedUsers++;
                                                        userNameMap.put(userDN, 
userName);
@@ -1640,8 +1641,8 @@ public class PolicyMgrUserGroupBuilder extends 
AbstractUserGroupSource implement
                                        && 
StringUtils.equalsIgnoreCase(groupOtherAttrs.get(UgsyncCommonConstants.SYNC_SOURCE),
 currentSyncSource)
                                        && 
StringUtils.equalsIgnoreCase(groupOtherAttrs.get(UgsyncCommonConstants.LDAP_URL),
 ldapUrl)) {
                                if (groupInfo.getIsVisible() != ISHIDDEN) {
-                                       groupInfo.setIsVisible(ISHIDDEN);
-                                       deletedGroups.put(groupInfo.getName(), 
groupInfo);
+                               groupInfo.setIsVisible(ISHIDDEN);
+                               deletedGroups.put(groupInfo.getName(), 
groupInfo);
                                } else {
                                        LOG.info("group " + groupInfo.getName() 
+ " already marked for delete ");
                                }
@@ -1761,8 +1762,8 @@ public class PolicyMgrUserGroupBuilder extends 
AbstractUserGroupSource implement
                                        && 
StringUtils.equalsIgnoreCase(userOtherAttrs.get(UgsyncCommonConstants.SYNC_SOURCE),
 currentSyncSource)
                                        && 
StringUtils.equalsIgnoreCase(userOtherAttrs.get(UgsyncCommonConstants.LDAP_URL),
 ldapUrl)) {
                                if (userInfo.getIsVisible() != ISHIDDEN) {
-                                       userInfo.setIsVisible(ISHIDDEN);
-                                       deletedUsers.put(userInfo.getName(), 
userInfo);
+                               userInfo.setIsVisible(ISHIDDEN);
+                               deletedUsers.put(userInfo.getName(), userInfo);
                                } else {
                                        LOG.info("user " + userInfo.getName() + 
" already marked for delete ");
                                }

Reply via email to