This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 44d517e RANGER-3341 External user's role creation may fail in certain
version of MariaDB
44d517e is described below
commit 44d517e8276c9db765772fbe31f925c3e5e8a110
Author: pradeep <[email protected]>
AuthorDate: Wed Jul 14 18:23:50 2021 +0530
RANGER-3341 External user's role creation may fail in certain version of
MariaDB
---
.../java/org/apache/ranger/biz/RoleDBStore.java | 3 ++-
.../main/java/org/apache/ranger/biz/UserMgr.java | 23 +++++++++++-----------
.../org/apache/ranger/service/XGroupService.java | 5 +++--
.../java/org/apache/ranger/biz/TestUserMgr.java | 16 +++++++++------
4 files changed, 27 insertions(+), 20 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
index 6483bbe..df3fabb 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
@@ -121,7 +121,8 @@ public class RoleDBStore implements RoleStore {
Runnable roleVersionUpdater = new RoleVersionUpdater(daoMgr);
transactionSynchronizationAdapter.executeOnTransactionCommit(roleVersionUpdater);
- RangerRole createdRole = roleService.create(role);
+ roleService.create(role);
+ RangerRole createdRole = getRole(role.getName());
if (createdRole == null) {
throw new Exception("Cannot create role:[" + role + "]");
}
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 318c4ee..e72a7a7 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -29,6 +29,8 @@ import java.util.List;
import javax.persistence.Query;
import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.authorization.hadoop.config.RangerAdminConfig;
@@ -157,21 +159,20 @@ public class UserMgr {
String saltEncodedpasswd = encrypt(user.getLoginId(),
user.getPassword());
user.setPassword(saltEncodedpasswd);
- user = daoManager.getXXPortalUser().create(user);
-
- // Create the UserRole for this user
- List<XXPortalUserRole> gjUserRoleList = new
ArrayList<XXPortalUserRole>();
- if (userRoleList != null) {
- for (String userRole : userRoleList) {
- XXPortalUserRole gjUserRole =
addUserRole(user.getId(),
- userRole);
- if (gjUserRole != null) {
- gjUserRoleList.add(gjUserRole);
+ daoManager.getXXPortalUser().create(user);
+ XXPortalUser xXPortalUser =
daoManager.getXXPortalUser().findByLoginId(user.getLoginId());
+ // Create the XXPortalUserRole entries for this user
+ if (xXPortalUser != null && xXPortalUser.getId() != null) {
+ if (CollectionUtils.isNotEmpty(userRoleList)) {
+ for (String userRole : userRoleList) {
+ addUserRole(xXPortalUser.getId(),
userRole);
}
}
+ } else {
+ logger.error("XXPortalUser user creation failed for
user=" + user.getLoginId());
}
- return user;
+ return xXPortalUser;
}
public XXPortalUser createUser(VXPortalUser userProfile, int
userStatus) {
diff --git
a/security-admin/src/main/java/org/apache/ranger/service/XGroupService.java
b/security-admin/src/main/java/org/apache/ranger/service/XGroupService.java
index 24cb43e..44eebcf 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XGroupService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XGroupService.java
@@ -125,10 +125,11 @@ public class XGroupService extends
XGroupServiceBase<XXGroup, VXGroup> {
xxGroup.setUpdatedByUserId(createdByUserId);
}
if (groupExists) {
- xxGroup = getDao().update(xxGroup);
+ getDao().update(xxGroup);
} else {
- xxGroup = getDao().create(xxGroup);
+ getDao().create(xxGroup);
}
+ xxGroup =
daoManager.getXXGroup().findByGroupName(vxGroup.getName());
vxGroup = postCreate(xxGroup);
return vxGroup;
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
index 202a113..931a9ad 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
@@ -228,7 +228,8 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
Mockito.when(roleDao.findByUserId(userId)).thenReturn(list);
Mockito.doNothing().when(rangerBizUtil).blockAuditorRoleUser();
- XXPortalUser dbxxPortalUser = userMgr.createUser(userProfile,
1,userRoleList);
+
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(user);
+ XXPortalUser dbxxPortalUser = userMgr.createUser(userProfile,
1, userRoleList);
Assert.assertNotNull(dbxxPortalUser);
userId = dbxxPortalUser.getId();
@@ -240,7 +241,7 @@ public class TestUserMgr {
Assert.assertEquals(userProfile.getEmailAddress(),dbxxPortalUser.getEmailAddress());
Assert.assertEquals(userProfile.getPassword(),dbxxPortalUser.getPassword());
- Mockito.verify(daoManager).getXXPortalUser();
+ Mockito.verify(daoManager,
Mockito.atLeast(1)).getXXPortalUser();
Mockito.verify(daoManager).getXXPortalUserRole();
}
@@ -276,6 +277,7 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
Mockito.when(roleDao.findByUserId(userId)).thenReturn(list);
Mockito.doNothing().when(rangerBizUtil).blockAuditorRoleUser();
+
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(user);
XXPortalUser dbxxPortalUser = userMgr.createUser(userProfile,
1);
userId = dbxxPortalUser.getId();
@@ -288,7 +290,7 @@ public class TestUserMgr {
Assert.assertEquals(userProfile.getEmailAddress(),dbxxPortalUser.getEmailAddress());
Assert.assertEquals(userProfile.getPassword(),dbxxPortalUser.getPassword());
- Mockito.verify(daoManager).getXXPortalUser();
+ Mockito.verify(daoManager,
Mockito.atLeast(1)).getXXPortalUser();
Mockito.verify(daoManager).getXXPortalUserRole();
}
@@ -728,6 +730,7 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
Mockito.doNothing().when(rangerBizUtil).blockAuditorRoleUser();
+
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(user);
VXPortalUser dbVXPortalUser = userMgr.createUser(userProfile);
Assert.assertNotNull(dbVXPortalUser);
Assert.assertEquals(user.getId(), dbVXPortalUser.getId());
@@ -737,7 +740,7 @@ public class TestUserMgr {
Assert.assertEquals(user.getEmailAddress(),dbVXPortalUser.getEmailAddress());
Assert.assertEquals(user.getPassword(),
dbVXPortalUser.getPassword());
- Mockito.verify(daoManager).getXXPortalUser();
+ Mockito.verify(daoManager,
Mockito.atLeast(1)).getXXPortalUser();
Mockito.verify(daoManager).getXXUserPermission();
Mockito.verify(daoManager).getXXGroupPermission();
}
@@ -797,7 +800,7 @@ public class TestUserMgr {
list.add(XXPortalUserRole);
Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
-
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(null);
+
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(null, user);
Mockito.when(userDao.findByEmailAddress(Mockito.anyString())).thenReturn(null);
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
Mockito.when(userDao.create((XXPortalUser)
Mockito.any())).thenReturn(user);
@@ -1387,6 +1390,7 @@ public class TestUserMgr {
Mockito.when(userDao.create((XXPortalUser)
Mockito.any())).thenReturn(user);
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
Mockito.when(roleDao.findByUserId(userId)).thenReturn(list);
+
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(user);
XXPortalUser dbxxPortalUser = userMgr.createUser(userProfile,
1,userRoleList);
Assert.assertNotNull(dbxxPortalUser);
userId = dbxxPortalUser.getId();
@@ -1398,7 +1402,7 @@ public class TestUserMgr {
Assert.assertEquals(userProfile.getEmailAddress(),dbxxPortalUser.getEmailAddress());
Assert.assertEquals(encryptedPwd,dbxxPortalUser.getPassword());
- Mockito.verify(daoManager).getXXPortalUser();
+ Mockito.verify(daoManager,
Mockito.atLeast(1)).getXXPortalUser();
Mockito.verify(daoManager).getXXPortalUserRole();
}