[ranger] branch RANGER-3923 updated: RANGER-4466: Update approver when request status is updated

Tue, 10 Oct 2023 18:17:20 -0700 

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/RANGER-3923 by this push:
     new 67ebb5aec RANGER-4466: Update approver when request status is updated
67ebb5aec is described below

commit 67ebb5aecc8eef5f42003e6d810651322e6baeb7
Author: Subhrat Chaudhary <such...@yahoo.com>
AuthorDate: Tue Oct 10 18:16:52 2023 -0700

    RANGER-4466: Update approver when request status is updated
    
    Signed-off-by: Madhan Neethiraj <mad...@apache.org>
---
 .../java/org/apache/ranger/biz/GdsDBStore.java     | 15 +++++++++++++
 .../ranger/validation/RangerGdsValidator.java      | 26 ++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
index 5a566288a..eaa335753 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
@@ -1022,6 +1022,17 @@ public class GdsDBStore extends AbstractGdsStore {
 
         validator.validateCreate(dataShareInDataset);
 
+        switch (dataShareInDataset.getStatus()) {
+            case GRANTED:
+            case DENIED:
+            case ACTIVE:
+                
dataShareInDataset.setApprover(bizUtil.getCurrentUserLoginId());
+                break;
+            default:
+                dataShareInDataset.setApprover(null);
+                break;
+        }
+
         if (StringUtils.isBlank(dataShareInDataset.getGuid())) {
             dataShareInDataset.setGuid(guidUtil.genGUID());
         }
@@ -1043,6 +1054,8 @@ public class GdsDBStore extends AbstractGdsStore {
 
         validator.validateUpdate(dataShareInDataset, existing);
 
+        
dataShareInDataset.setApprover(validator.needApproverUpdate(existing.getStatus(),
 dataShareInDataset.getStatus()) ? bizUtil.getCurrentUserLoginId() : 
existing.getApprover());
+
         RangerDataShareInDataset ret = 
dataShareInDatasetService.update(dataShareInDataset);
 
         dataShareInDatasetService.createObjectHistory(ret, existing, 
RangerServiceService.OPERATION_UPDATE_CONTEXT);
@@ -1137,6 +1150,8 @@ public class GdsDBStore extends AbstractGdsStore {
 
         validator.validateUpdate(datasetInProject, existing);
 
+        
datasetInProject.setApprover(validator.needApproverUpdate(existing.getStatus(), 
datasetInProject.getStatus()) ? bizUtil.getCurrentUserLoginId() : 
existing.getApprover());
+
         RangerDatasetInProject ret = 
datasetInProjectService.update(datasetInProject);
 
         datasetInProjectService.createObjectHistory(ret, existing, 
RangerServiceService.OPERATION_UPDATE_CONTEXT);
diff --git 
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
 
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
index 03e04e794..ebffd654e 100755
--- 
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
@@ -26,6 +26,7 @@ import org.apache.ranger.common.RangerConstants;
 import org.apache.ranger.plugin.errors.ValidationErrorCode;
 import org.apache.ranger.plugin.model.RangerGds;
 import org.apache.ranger.plugin.model.RangerGds.GdsPermission;
+import org.apache.ranger.plugin.model.RangerGds.GdsShareStatus;
 import org.apache.ranger.plugin.model.RangerGds.RangerDataShareInDataset;
 import org.apache.ranger.plugin.model.RangerGds.RangerDataShare;
 import org.apache.ranger.plugin.model.RangerGds.RangerDatasetInProject;
@@ -619,6 +620,31 @@ public class RangerGdsValidator {
         return ret;
     }
 
+    public boolean needApproverUpdate(GdsShareStatus existing, GdsShareStatus 
updated) {
+        boolean ret = !existing.equals(updated);
+
+        if (ret) {
+            switch (updated) {
+                case DENIED:
+                case GRANTED:
+                    break;
+
+                case ACTIVE:
+                    if (!existing.equals(GdsShareStatus.NONE) && 
!existing.equals(GdsShareStatus.REQUESTED)) {
+                        ret = false;
+                    }
+                    break;
+
+                case NONE:
+                case REQUESTED:
+                    ret = false;
+                    break;
+            }
+        }
+
+        return ret;
+    }
+
     private void validateDatasetAdmin(RangerDataset dataset, ValidationResult 
result) {
         if (!dataProvider.isAdminUser()) {
             validateAdmin(dataProvider.getCurrentUserLoginId(), "dataset", 
dataset.getName(), dataset.getAcl(), result);

Reply via email to