[ranger] 02/02: RANGER-3589 : Ranger java patches failing due to admin privilege checks

[pradeep]

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 65798673112e037d2f884f78eaeb05588dbf0659
Author: mateenmansoori <ma3naus...@gmail.com>
AuthorDate: Tue Jan 18 14:43:18 2022 +0530

    RANGER-3589 : Ranger java patches failing due to admin privilege checks
    
    Signed-off-by: pradeep <prad...@apache.org>
---
 .../src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java     | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 6c99df4..00c0809 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -168,8 +168,6 @@ public class PolicyRefUpdater {
                }
                daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
 
-               final boolean isAdmin = rangerBizUtil.checkAdminAccess();
-
                List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
                for (String role : roleNames) {
                        if (StringUtils.isBlank(role)) {
@@ -177,7 +175,7 @@ public class PolicyRefUpdater {
                        }
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.ROLE, role, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (isAdmin) {
+                               if (rangerBizUtil.checkAdminAccess()) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();
@@ -197,7 +195,7 @@ public class PolicyRefUpdater {
 
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.GROUP, group, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (isAdmin) {
+                               if (rangerBizUtil.checkAdminAccess()) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();
@@ -214,7 +212,7 @@ public class PolicyRefUpdater {
                        }
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.USER, user, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (isAdmin) {
+                               if (rangerBizUtil.checkAdminAccess()) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();