This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push: new 805a9615d RANGER-4469: updated dataset summary API to not fail for users having VIEW permission 805a9615d is described below commit 805a9615d44f76efa92d616e516d89e4cacbd3fa Author: Subhrat Chaudhary <such...@yahoo.com> AuthorDate: Tue Oct 10 11:28:08 2023 -0700 RANGER-4469: updated dataset summary API to not fail for users having VIEW permission Signed-off-by: Madhan Neethiraj <mad...@apache.org> --- .../java/org/apache/ranger/biz/GdsDBStore.java | 56 ++++++++++++---------- 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java index 9901ed79b..5a566288a 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java @@ -1247,22 +1247,24 @@ public class GdsDBStore extends AbstractGdsStore { datasetSummary.setVersion(dataset.getVersion()); datasetSummary.setPermissionForCaller(permissionForCaller); - if (!gdsPermission.equals(GdsPermission.LIST)) { - datasetSummary.setProjectsCount(getDIPCountForDataset(dataset.getId())); - datasetSummary.setPrincipalsCount(getPrincipalCountForDataset(dataset.getId())); - - SearchFilter filter = new SearchFilter(SearchFilter.DATASET_ID, dataset.getId().toString()); - RangerDataShareList dataShares = dataShareService.searchDataShares(filter); - List<DataShareInDatasetSummary> dataSharesSummary = getDataSharesSummary(dataShares, filter); - - datasetSummary.setDataShares(dataSharesSummary); - datasetSummary.setTotalResourceCount(dataSharesSummary.stream() - .map(DataShareInDatasetSummary::getResourceCount) - .mapToLong(Long::longValue) - .sum()); + ret.add(datasetSummary); + + if (gdsPermission.equals(GdsPermission.LIST)) { + continue; } - ret.add(datasetSummary); + datasetSummary.setProjectsCount(getDIPCountForDataset(dataset.getId())); + datasetSummary.setPrincipalsCount(getPrincipalCountForDataset(dataset)); + + SearchFilter filter = new SearchFilter(SearchFilter.DATASET_ID, dataset.getId().toString()); + RangerDataShareList dataShares = dataShareService.searchDataShares(filter); + List<DataShareInDatasetSummary> dataSharesSummary = getDataSharesSummary(dataShares, filter); + + datasetSummary.setDataShares(dataSharesSummary); + datasetSummary.setTotalResourceCount(dataSharesSummary.stream() + .map(DataShareInDatasetSummary::getResourceCount) + .mapToLong(Long::longValue) + .sum()); } return ret; @@ -1319,17 +1321,23 @@ public class GdsDBStore extends AbstractGdsStore { return datasetInProjectService.getDatasetsInProjectCount(datasetId); } - private Map<PrincipalType, Integer> getPrincipalCountForDataset(Long datasetId) throws Exception { + private Map<PrincipalType, Integer> getPrincipalCountForDataset(RangerDataset dataset) throws Exception { Map<PrincipalType, Integer> ret = new HashMap<>(); - Set<String> users = new HashSet<>(); - Set<String> groups = new HashSet<>(); - Set<String> roles = new HashSet<>(); - - for (RangerPolicy policy : getDatasetPolicies(datasetId)) { - for (RangerPolicyItem policyItem : policy.getPolicyItems()) { - users.addAll(policyItem.getUsers()); - groups.addAll(policyItem.getGroups()); - roles.addAll(policyItem.getRoles()); + Set<String> users = Collections.emptySet(); + Set<String> groups = Collections.emptySet(); + Set<String> roles = Collections.emptySet(); + + if (validator.hasPermission(dataset.getAcl(), GdsPermission.AUDIT)) { + users = new HashSet<>(); + groups = new HashSet<>(); + roles = new HashSet<>(); + + for (RangerPolicy policy : getDatasetPolicies(dataset.getId())) { + for (RangerPolicyItem policyItem : policy.getPolicyItems()) { + users.addAll(policyItem.getUsers()); + groups.addAll(policyItem.getGroups()); + roles.addAll(policyItem.getRoles()); + } } }