This is an automated email from the ASF dual-hosted git repository.
dhavalshah9131 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 227c45b RANGER-3615 : Issue with exported audit json builder while
writing events to log4j
227c45b is described below
commit 227c45b5ccea6d9d0d546c1882a805b0f0b7b617
Author: Dhaval Shah <[email protected]>
AuthorDate: Tue Feb 22 19:32:08 2022 +0530
RANGER-3615 : Issue with exported audit json builder while writing events
to log4j
---
.../ranger/plugin/audit/RangerDefaultAuditHandler.java | 10 ++++++----
.../ranger/authorization/hadoop/RangerHdfsAuthorizer.java | 15 +++++++--------
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
index 838cfad..c99465d 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
@@ -30,6 +30,7 @@ import org.apache.ranger.audit.model.AuthzAuditEvent;
import org.apache.ranger.audit.provider.AuditHandler;
import org.apache.ranger.audit.provider.MiscUtil;
import org.apache.ranger.authorization.hadoop.constants.RangerHadoopConstants;
+import org.apache.ranger.authorization.utils.JsonUtils;
import org.apache.ranger.plugin.contextenricher.RangerTagForEval;
import org.apache.ranger.plugin.policyengine.*;
import org.apache.ranger.plugin.service.RangerBasePlugin;
@@ -266,11 +267,12 @@ public class RangerDefaultAuditHandler implements
RangerAccessResultProcessor {
if (StringUtils.isBlank(request.getRemoteIPAddress()) &&
CollectionUtils.isEmpty(request.getForwardedAddresses())) {
return null;
}
- StringBuilder sb = new StringBuilder();
-
sb.append("{\"remote-ip-address\":").append(request.getRemoteIPAddress())
- .append(",
\"forwarded-ip-addresses\":[").append(StringUtils.join(request.getForwardedAddresses(),
", ")).append("]");
+ Map<String,String> addInfomap=new HashMap<String,String>();
+ addInfomap.put("forwarded-ip-addresses", "[" +
StringUtils.join(request.getForwardedAddresses(), ", ") + "]");
+ addInfomap.put("remote-ip-address",
request.getRemoteIPAddress());
+ String addInfojsonStr = JsonUtils.mapToJson(addInfomap);
+ return addInfojsonStr;
- return sb.toString();
}
private String generateNextAuditEventId() {
diff --git
a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
index 8940f36..4445bc9 100644
---
a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
+++
b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
@@ -48,6 +48,7 @@ import org.apache.hadoop.hdfs.util.ReadOnlyList;
import org.apache.hadoop.ipc.CallerContext;
import org.apache.hadoop.ipc.Server;
import org.apache.hadoop.security.AccessControlException;
+import org.apache.ranger.authorization.utils.JsonUtils;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.ranger.audit.model.AuthzAuditEvent;
import org.apache.ranger.authorization.hadoop.config.RangerPluginConfig;
@@ -1059,18 +1060,16 @@ class RangerHdfsAuditHandler extends
RangerDefaultAuditHandler {
@Override
public String getAdditionalInfo(RangerAccessRequest request) {
- StringBuilder sb = null;
String additionalInfo = super.getAdditionalInfo(request);
- if (additionalInfo == null) {
- sb = new StringBuilder("");
- } else {
- sb = new StringBuilder(additionalInfo);
+ Map addInfoMap =
JsonUtils.jsonToMapStringString(additionalInfo);
+ if(addInfoMap == null || addInfoMap.isEmpty()) {
+ addInfoMap = new HashMap<String,String>();
}
String accessTypes = getAccessTypesAsString(request);
- if (accessTypes != null) {
- sb.append(",
\"accessTypes\":[").append(accessTypes).append("]");
+ if (addInfoMap != null && accessTypes != null) {
+ addInfoMap.put("accessTypes", "[" + accessTypes + "]");
}
- return sb.toString();
+ return JsonUtils.mapToJson(addInfoMap);
}
public void logHadoopEvent(String path, FsAction action, boolean
accessGranted) {