[ranger] branch master updated: RANGER-3353:Show roles is not listing all roles

[rmani]

This is an automated email from the ASF dual-hosted git repository.

rmani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 1cd7da9  RANGER-3353:Show roles is not listing all roles
1cd7da9 is described below

commit 1cd7da91719bc7e63089c47238e76cbedf114c91
Author: Ramesh Mani <rm...@cloudera.com>
AuthorDate: Wed Jul 28 23:58:10 2021 -0700

    RANGER-3353:Show roles is not listing all roles
    
    Signed-off-by: Ramesh Mani <rm...@cloudera.com>
---
 .../hive/authorizer/RangerHiveAuthorizer.java         | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index efe1ff7..7d3a63a 100644
--- 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -343,7 +343,7 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
                if (LOG.isDebugEnabled()) {
                        LOG.debug("==> RangerHiveAuthorizer.getAllRoles()");
                }
-               List<String>           ret          = null;
+               List<String>           ret          = new ArrayList<>();
                RangerHiveAuditHandler auditHandler = new 
RangerHiveAuditHandler();
                List<String>               userNames    = null;
                boolean                result       = false;
@@ -360,13 +360,20 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
 
                try {
                        if (!hivePlugin.isServiceAdmin(currentUserName)) {
-                               throw new 
HiveAccessControlException("RangerHiveAuthorizer.getPrincipalGrantInfoForRole():
 User information not available...");
+                               throw new 
HiveAccessControlException("RangerHiveAuthorizer.getAllRoles(): User not 
authorized to run show roles...");
                        }
 
-                       Set<String> groups = 
Sets.newHashSet(ugi.getGroupNames());
-                       userNames          = Arrays.asList(currentUserName);
-                       Set<String> roles  = 
hivePlugin.getRolesFromUserAndGroups(currentUserName, groups);
-                       ret = new ArrayList<>(roles);
+                       userNames = Arrays.asList(currentUserName);
+
+                       RangerRoles rangerRoles = hivePlugin.getRangerRoles();
+                       if (rangerRoles != null) {
+                               Set<RangerRole> roles = 
rangerRoles.getRangerRoles();
+                               if (CollectionUtils.isNotEmpty(roles)) {
+                                       for (RangerRole rangerRole : roles) {
+                                               ret.add(rangerRole.getName());
+                                       }
+                               }
+                       }
                        result = true;
 
                } catch(Exception excp) {