incubator-ranger git commit: RANGER-849: Good coding practice: fix potentil Null Pointer dereference

madhan Tue, 16 Feb 2016 13:31:46 -0800

Repository: incubator-ranger
Updated Branches:
  refs/heads/master 91b10ac8e -> db3f7ceb5



RANGER-849: Good coding practice: fix potentil Null Pointer dereference

Signed-off-by: Madhan Neethiraj <[email protected]>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/db3f7ceb
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/db3f7ceb
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/db3f7ceb

Branch: refs/heads/master
Commit: db3f7ceb5f2be9f2d788c868ae4d61664795d9fb
Parents: 91b10ac
Author: Abhay Kulkarni <[email protected]>
Authored: Mon Feb 15 15:42:53 2016 -0800
Committer: Madhan Neethiraj <[email protected]>
Committed: Tue Feb 16 13:21:50 2016 -0800

----------------------------------------------------------------------
 .../plugin/store/AbstractServiceStore.java      | 10 ++---
 .../org/apache/ranger/rest/ServiceREST.java     | 44 ++++++++++++--------
 2 files changed, 31 insertions(+), 23 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/db3f7ceb/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
----------------------------------------------------------------------
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
index 0dead8a..f231b09 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java
@@ -68,7 +68,7 @@ public abstract class AbstractServiceStore implements 
ServiceStore {
        public PList<RangerServiceDef> getPaginatedServiceDefs(SearchFilter 
filter) throws Exception {
                List<RangerServiceDef> resultList = getServiceDefs(filter);
 
-               return new PList<RangerServiceDef>(resultList, 0, 
resultList.size(),
+               return CollectionUtils.isEmpty(resultList) ? new 
PList<RangerServiceDef>() : new PList<RangerServiceDef>(resultList, 0, 
resultList.size(),
                                (long)resultList.size(), resultList.size(), 
filter.getSortType(), filter.getSortBy());
        }
 
@@ -76,7 +76,7 @@ public abstract class AbstractServiceStore implements 
ServiceStore {
        public PList<RangerService> getPaginatedServices(SearchFilter filter) 
throws Exception {
                List<RangerService> resultList = getServices(filter);
 
-               return new PList<RangerService>(resultList, 0, 
resultList.size(), (long)resultList.size(),
+               return CollectionUtils.isEmpty(resultList) ? new 
PList<RangerService>() : new PList<RangerService>(resultList, 0, 
resultList.size(), (long)resultList.size(),
                                resultList.size(), filter.getSortType(), 
filter.getSortBy());
        }
 
@@ -84,7 +84,7 @@ public abstract class AbstractServiceStore implements 
ServiceStore {
        public  PList<RangerPolicy> getPaginatedPolicies(SearchFilter filter) 
throws Exception {
                List<RangerPolicy> resultList = getPolicies(filter);
 
-               return new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
+               return CollectionUtils.isEmpty(resultList) ? new 
PList<RangerPolicy>() : new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
                                resultList.size(), filter.getSortType(), 
filter.getSortBy());
        }
 
@@ -92,7 +92,7 @@ public abstract class AbstractServiceStore implements 
ServiceStore {
        public PList<RangerPolicy> getPaginatedServicePolicies(Long serviceId, 
SearchFilter filter) throws Exception {
                List<RangerPolicy> resultList = getServicePolicies(serviceId, 
filter);
 
-               return new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
+               return CollectionUtils.isEmpty(resultList) ? new 
PList<RangerPolicy>() : new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
                                resultList.size(), filter.getSortType(), 
filter.getSortBy());
        }
 
@@ -100,7 +100,7 @@ public abstract class AbstractServiceStore implements 
ServiceStore {
        public  PList<RangerPolicy> getPaginatedServicePolicies(String 
serviceName, SearchFilter filter) throws Exception {
                List<RangerPolicy> resultList = getServicePolicies(serviceName, 
filter);
 
-               return new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
+               return CollectionUtils.isEmpty(resultList) ? new 
PList<RangerPolicy>() : new PList<RangerPolicy>(resultList, 0, 
resultList.size(), (long)resultList.size(),
                                resultList.size(), filter.getSortType(), 
filter.getSortBy());
        }
 

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/db3f7ceb/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git 
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 4d84532..684f882 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1893,32 +1893,40 @@ public class ServiceREST {
        void ensureAdminAccess(String serviceName, Map<String, 
RangerPolicyResource> resources) {
                boolean isAdmin = bizUtil.isAdmin();
                boolean isKeyAdmin = bizUtil.isKeyAdmin();
-
-               XXService xService = 
daoManager.getXXService().findByName(serviceName);
-               XXServiceDef xServiceDef = 
daoManager.getXXServiceDef().getById(xService.getType());
+               String userName = bizUtil.getCurrentUserLoginId();
 
                if(!isAdmin && !isKeyAdmin) {
+                       boolean isAllowed = false;
+
                        RangerPolicyEngine policyEngine = 
getPolicyEngine(serviceName);
-                       String             userName     = 
bizUtil.getCurrentUserLoginId();
-                       Set<String>        userGroups   = 
userMgr.getGroupsForUser(userName);
 
-                       boolean isAllowed = hasAdminAccess(policyEngine, 
userName, userGroups, resources);
+                       if (policyEngine != null) {
+                               Set<String> userGroups = 
userMgr.getGroupsForUser(userName);
 
-                       if(!isAllowed) {
+                               isAllowed = hasAdminAccess(policyEngine, 
userName, userGroups, resources);
+                       }
+
+                       if (!isAllowed) {
                                throw 
restErrorUtil.createRESTException(HttpServletResponse.SC_UNAUTHORIZED,
                                                "User '" + userName + "' does 
not have delegated-admin privilege on given resources", true);
                        }
-               } else if (isAdmin) {
-                       if 
(xServiceDef.getImplclassname().equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME))
 {
-                               throw restErrorUtil.createRESTException(
-                                               "KMS 
Policies/Services/Service-Defs are not accessible for logged in user.",
-                                               
MessageEnums.OPER_NO_PERMISSION);
-                       }
-               } else if (isKeyAdmin) {
-                       if 
(!xServiceDef.getImplclassname().equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME))
 {
-                               throw restErrorUtil.createRESTException(
-                                               "Only KMS 
Policies/Services/Service-Defs are accessible for logged in user.",
-                                               
MessageEnums.OPER_NO_PERMISSION);
+               } else {
+
+                       XXService xService = 
daoManager.getXXService().findByName(serviceName);
+                       XXServiceDef xServiceDef = 
daoManager.getXXServiceDef().getById(xService.getType());
+
+                       if (isAdmin) {
+                               if 
(xServiceDef.getImplclassname().equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME))
 {
+                                       throw restErrorUtil.createRESTException(
+                                                       "KMS 
Policies/Services/Service-Defs are not accessible for user '" + userName + "'.",
+                                                       
MessageEnums.OPER_NO_PERMISSION);
+                               }
+                       } else if (isKeyAdmin) {
+                               if 
(!xServiceDef.getImplclassname().equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME))
 {
+                                       throw restErrorUtil.createRESTException(
+                                                       "Only KMS 
Policies/Services/Service-Defs are accessible for user '" + userName + "'.",
+                                                       
MessageEnums.OPER_NO_PERMISSION);
+                               }
                        }
                }
        }

incubator-ranger git commit: RANGER-849: Good coding practice: fix potentil Null Pointer dereference

Reply via email to