This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch ranger-2.8
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.8 by this push:
new 20288436d RANGER-5212: roles lookup API updated to apply role name
filter for role-membership as well
20288436d is described below
commit 20288436d3a9b07dce41ab62b365e080a9d6e55c
Author: Rakesh Gupta <[email protected]>
AuthorDate: Wed Dec 31 00:53:46 2025 +0530
RANGER-5212: roles lookup API updated to apply role name filter for
role-membership as well
(cherry picked from commit b22d25890818aa75ddc049e433fc217296beef37)
---
.../java/org/apache/ranger/biz/RoleDBStore.java | 83 +++++++++++-----------
.../org/apache/ranger/biz/TestRoleDBStore.java | 24 ++++---
2 files changed, 57 insertions(+), 50 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
index d7875601f..43a739a64 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java
@@ -300,64 +300,46 @@ public List<RangerRole> getRoles(SearchFilter filter)
throws Exception {
}
public RangerRoleList getRoles(SearchFilter filter, RangerRoleList
rangerRoleList) throws Exception {
- List<RangerRole> roles = new ArrayList<RangerRole>();
- List<XXRole> xxRoles =
(List<XXRole>)roleService.searchResources(filter, roleService.searchFields,
roleService.sortFields, rangerRoleList);
+ List<RangerRole> roles = getRoles(filter);
- if (CollectionUtils.isNotEmpty(xxRoles)) {
- for (XXRole xxRole : xxRoles) {
- roles.add(roleService.read(xxRole.getId()));
- }
- }
+ setPaginatedResult(roles, filter, rangerRoleList);
- rangerRoleList.setRoleList(roles);
- return rangerRoleList;
+ return rangerRoleList;
}
public RangerRoleList getRolesForUser(SearchFilter filter, RangerRoleList
rangerRoleList) throws Exception {
- List<RangerRole> roles = new ArrayList<RangerRole>();
- List<XXRole> xxRoles = null;
- UserSessionBase userSession =
ContextUtil.getCurrentUserSession();
+ if (filter == null) {
+ filter = new SearchFilter();
+ }
+
+ List<RangerRole> roles;
+ UserSessionBase userSession =
ContextUtil.getCurrentUserSession();
+
if (userSession != null && userSession.getUserRoleList().size()
== 1
&&
userSession.getUserRoleList().contains(RangerConstants.ROLE_USER)
&& userSession.getLoginId() != null) {
- VXUser loggedInVXUser =
xUserService.getXUserByUserName(userSession.getLoginId());
- xxRoles =
daoMgr.getXXRole().findByUserId(loggedInVXUser.getId());
+ VXUser loggedInVXUser =
xUserService.getXUserByUserName(userSession.getLoginId());
+ List<XXRole> xxRoles =
daoMgr.getXXRole().findByUserId(loggedInVXUser.getId());
+
+ roles = new ArrayList<>();
if (CollectionUtils.isNotEmpty(xxRoles)) {
for (XXRole xxRole : xxRoles) {
roles.add(roleService.read(xxRole.getId()));
}
}
- if (predicateUtil != null && filter != null &&
!filter.isEmpty()) {
- List<RangerRole> copy = new ArrayList<>(roles);
- predicateUtil.applyFilter(copy, filter);
- roles = copy;
- }
- int totalCount = roles.size();
- int startIndex = filter.getStartIndex();
- int pageSize = filter.getMaxRows();
- int toIndex = Math.min(startIndex + pageSize,
totalCount);
- if (CollectionUtils.isNotEmpty(roles)) {
- roles = roles.subList(startIndex, toIndex);
- rangerRoleList.setResultSize(roles.size());
- rangerRoleList.setPageSize(filter.getMaxRows());
- rangerRoleList.setSortBy(filter.getSortBy());
-
rangerRoleList.setSortType(filter.getSortType());
-
rangerRoleList.setStartIndex(filter.getStartIndex());
- rangerRoleList.setTotalCount(totalCount);
- }
- } else {
- xxRoles = (List<XXRole>)
roleService.searchResources(filter, roleService.searchFields,
- roleService.sortFields, rangerRoleList);
+ if (predicateUtil != null && !filter.isEmpty()) {
+ List<RangerRole> copy = new ArrayList<>(roles);
- if (CollectionUtils.isNotEmpty(xxRoles)) {
- for (XXRole xxRole : xxRoles) {
-
roles.add(roleService.read(xxRole.getId()));
- }
+ predicateUtil.applyFilter(copy, filter);
+ roles = copy;
}
+ } else {
+ roles = getRoles(filter);
}
- rangerRoleList.setRoleList(roles);
+
+ setPaginatedResult(roles, filter, rangerRoleList);
return rangerRoleList;
}
@@ -476,6 +458,27 @@ public boolean roleExists(String name) throws Exception {
XXRole role = daoMgr.getXXRole().findByRoleName(name);
return role != null;
}
+
+ private void setPaginatedResult(List<RangerRole> roles, SearchFilter
filter, RangerRoleList result) {
+ int totalCount = roles.size();
+ int startIndex = filter.getStartIndex();
+ int pageSize = filter.getMaxRows();
+ int toIndex = Math.min(startIndex + pageSize, totalCount);
+
+ if (CollectionUtils.isNotEmpty(roles)) {
+ roles = roles.subList(startIndex, toIndex);
+
+ result.setResultSize(roles.size());
+ result.setPageSize(filter.getMaxRows());
+ result.setSortBy(filter.getSortBy());
+ result.setSortType(filter.getSortType());
+ result.setStartIndex(filter.getStartIndex());
+ result.setTotalCount(totalCount);
+ }
+
+ result.setRoleList(roles);
+ }
+
public static class RoleVersionUpdater implements Runnable {
diff --git
a/security-admin/src/test/java/org/apache/ranger/biz/TestRoleDBStore.java
b/security-admin/src/test/java/org/apache/ranger/biz/TestRoleDBStore.java
index e92c79b8d..28a7a9dde 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestRoleDBStore.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestRoleDBStore.java
@@ -145,16 +145,18 @@ public void testGetRoleByRoleId() throws Exception {
@Test
public void testGetRolesBySearchFilter() throws Exception {
- RangerRole rangerRole = getRangerRole();
- RangerRoleList rangerRoleList = new
RangerRoleList(Collections.singletonList(rangerRole));
- XXRole xxRole = getTestRole();
- List<XXRole> xxRoles = Collections.singletonList(xxRole);
- SearchFilter searchFilter = new SearchFilter();
+ XXRoleDao xxRoleDao = Mockito.mock(XXRoleDao.class);
+ XXRole xxRole = getTestRole();
+ List<XXRole> xxRoles = Collections.singletonList(xxRole);
+ SearchFilter searchFilter = new SearchFilter();
+ RangerRole rangerRole = getRangerRole();
+
- Mockito.when(roleService.searchResources(searchFilter,
roleService.searchFields, roleService.sortFields ,
rangerRoleList)).thenReturn(xxRoles);
+ Mockito.when(daoMgr.getXXRole()).thenReturn(xxRoleDao);
+ Mockito.when(xxRoleDao.getAll()).thenReturn(xxRoles);
Mockito.when(roleService.read(xxRole.getId())).thenReturn(rangerRole);
- RangerRoleList rangerRoleListInDB = roleDBStore.getRoles(searchFilter,
rangerRoleList);
+ RangerRoleList rangerRoleListInDB = roleDBStore.getRoles(searchFilter,
new RangerRoleList());
Assert.assertNotNull(rangerRoleListInDB);
Assert.assertEquals(1, rangerRoleListInDB.getList().size());
@@ -162,13 +164,15 @@ public void testGetRolesBySearchFilter() throws Exception
{
@Test
public void testGetRolesForUser_WithoutUserSession() throws Exception {
- RangerRole rangerRole = getRangerRole();
- RangerRoleList rangerRoleList = new
RangerRoleList(Collections.singletonList(rangerRole));
+ RangerRole rangerRole = getRangerRole();
+ RangerRoleList rangerRoleList = new RangerRoleList();
XXRole xxRole = getTestRole();
List<XXRole> xxRoles = Collections.singletonList(xxRole);
SearchFilter searchFilter = new SearchFilter();
+ XXRoleDao xxRoleDao = Mockito.mock(XXRoleDao.class);
- Mockito.when(roleService.searchResources(searchFilter,
roleService.searchFields, roleService.sortFields ,
rangerRoleList)).thenReturn(xxRoles);
+ Mockito.when(daoMgr.getXXRole()).thenReturn(xxRoleDao);
+ Mockito.when(xxRoleDao.getAll()).thenReturn(xxRoles);
Mockito.when(roleService.read(xxRole.getId())).thenReturn(rangerRole);
RangerContextHolder.setSecurityContext(null);
