This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push: new 67ebb5aec RANGER-4466: Update approver when request status is updated 67ebb5aec is described below commit 67ebb5aecc8eef5f42003e6d810651322e6baeb7 Author: Subhrat Chaudhary <such...@yahoo.com> AuthorDate: Tue Oct 10 18:16:52 2023 -0700 RANGER-4466: Update approver when request status is updated Signed-off-by: Madhan Neethiraj <mad...@apache.org> --- .../java/org/apache/ranger/biz/GdsDBStore.java | 15 +++++++++++++ .../ranger/validation/RangerGdsValidator.java | 26 ++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java index 5a566288a..eaa335753 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java @@ -1022,6 +1022,17 @@ public class GdsDBStore extends AbstractGdsStore { validator.validateCreate(dataShareInDataset); + switch (dataShareInDataset.getStatus()) { + case GRANTED: + case DENIED: + case ACTIVE: + dataShareInDataset.setApprover(bizUtil.getCurrentUserLoginId()); + break; + default: + dataShareInDataset.setApprover(null); + break; + } + if (StringUtils.isBlank(dataShareInDataset.getGuid())) { dataShareInDataset.setGuid(guidUtil.genGUID()); } @@ -1043,6 +1054,8 @@ public class GdsDBStore extends AbstractGdsStore { validator.validateUpdate(dataShareInDataset, existing); + dataShareInDataset.setApprover(validator.needApproverUpdate(existing.getStatus(), dataShareInDataset.getStatus()) ? bizUtil.getCurrentUserLoginId() : existing.getApprover()); + RangerDataShareInDataset ret = dataShareInDatasetService.update(dataShareInDataset); dataShareInDatasetService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); @@ -1137,6 +1150,8 @@ public class GdsDBStore extends AbstractGdsStore { validator.validateUpdate(datasetInProject, existing); + datasetInProject.setApprover(validator.needApproverUpdate(existing.getStatus(), datasetInProject.getStatus()) ? bizUtil.getCurrentUserLoginId() : existing.getApprover()); + RangerDatasetInProject ret = datasetInProjectService.update(datasetInProject); datasetInProjectService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java index 03e04e794..ebffd654e 100755 --- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java +++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java @@ -26,6 +26,7 @@ import org.apache.ranger.common.RangerConstants; import org.apache.ranger.plugin.errors.ValidationErrorCode; import org.apache.ranger.plugin.model.RangerGds; import org.apache.ranger.plugin.model.RangerGds.GdsPermission; +import org.apache.ranger.plugin.model.RangerGds.GdsShareStatus; import org.apache.ranger.plugin.model.RangerGds.RangerDataShareInDataset; import org.apache.ranger.plugin.model.RangerGds.RangerDataShare; import org.apache.ranger.plugin.model.RangerGds.RangerDatasetInProject; @@ -619,6 +620,31 @@ public class RangerGdsValidator { return ret; } + public boolean needApproverUpdate(GdsShareStatus existing, GdsShareStatus updated) { + boolean ret = !existing.equals(updated); + + if (ret) { + switch (updated) { + case DENIED: + case GRANTED: + break; + + case ACTIVE: + if (!existing.equals(GdsShareStatus.NONE) && !existing.equals(GdsShareStatus.REQUESTED)) { + ret = false; + } + break; + + case NONE: + case REQUESTED: + ret = false; + break; + } + } + + return ret; + } + private void validateDatasetAdmin(RangerDataset dataset, ValidationResult result) { if (!dataProvider.isAdminUser()) { validateAdmin(dataProvider.getCurrentUserLoginId(), "dataset", dataset.getName(), dataset.getAcl(), result);