(ranger) branch master updated: RANGER-5294: FileUtils.isOwnerOfFileHierarchy doesn’t have the recurse parameter

Mon, 22 Sep 2025 04:55:45 -0700 

This is an automated email from the ASF dual-hosted git repository.

maheshbandal pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new bc9b02972 RANGER-5294: FileUtils.isOwnerOfFileHierarchy doesn’t have 
the recurse parameter
bc9b02972 is described below

commit bc9b02972b349e5624db0fc8832a6703d890a8f9
Author: Mahesh Bandal <[email protected]>
AuthorDate: Tue Sep 9 21:49:09 2025 +0530

    RANGER-5294: FileUtils.isOwnerOfFileHierarchy doesn’t have the recurse 
parameter
---
 .../authorization/hive/authorizer/RangerHiveAuthorizer.java      | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index 8ff5a4219..2b53c4afd 100644
--- 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -97,6 +97,7 @@
 public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
     private static final Logger LOG                       = 
LoggerFactory.getLogger(RangerHiveAuthorizer.class);
     private static final Logger PERF_HIVEAUTH_REQUEST_LOG = 
RangerPerfTracer.getPerfLogger("hiveauth.request");
+    private static final Logger PERF_HIVEAUTH_COARSEURI_LOG = 
RangerPerfTracer.getPerfLogger("hiveauth.coarsecheck");
 
     private static final char        COLUMN_SEP                    = ',';
     private static final String      HIVE_CONF_VAR_QUERY_STRING    = 
"hive.query.string";
@@ -2271,6 +2272,11 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
         boolean ret;
         boolean recurse = !coarseCheck;
 
+        RangerPerfTracer perf = null;
+        if (RangerPerfTracer.isPerfTraceEnabled(PERF_HIVEAUTH_COARSEURI_LOG)) {
+            perf = RangerPerfTracer.getPerfTracer(PERF_HIVEAUTH_COARSEURI_LOG, 
"RangerHiveAuthorizer.isURIAccessAllowed(userName=" + userName + " filePath=" + 
filePath + " coarseCheck=" + coarseCheck + ")");
+        }
+
         if (action == FsAction.NONE) {
             ret = true;
         } else {
@@ -2281,7 +2287,7 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
                     boolean isDenied = false;
 
                     for (FileStatus file : filestat) {
-                        if (FileUtils.isOwnerOfFileHierarchy(fs, file, 
userName) || FileUtils.isActionPermittedForFileHierarchy(fs, file, userName, 
action, recurse)) {
+                        if (FileUtils.isOwnerOfFileHierarchy(fs, file, 
userName, recurse) || FileUtils.isActionPermittedForFileHierarchy(fs, file, 
userName, action, recurse)) {
                             continue;
                         } else {
                             isDenied = true;
@@ -2304,6 +2310,7 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
             }
         }
 
+        RangerPerfTracer.log(perf);
         return ret;
     }

Reply via email to