Repository: incubator-ranger Updated Branches: refs/heads/master 259fad12b -> 953326ebc
RANGER-911 - Updating patch Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/953326eb Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/953326eb Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/953326eb Branch: refs/heads/master Commit: 953326ebc5db810488532e2a617cab149352d3d9 Parents: 259fad1 Author: Colm O hEigeartaigh <[email protected]> Authored: Fri Apr 15 11:35:29 2016 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Apr 19 11:01:26 2016 +0100 ---------------------------------------------------------------------- .../ranger/audit/provider/DbAuditProvider.java | 4 ++-- .../ranger/plugin/model/RangerServiceDef.java | 2 +- dev-support/ranger-pmd-ruleset.xml | 1 - .../hadoop/RangerHdfsAuthorizer.java | 12 ++++++------ .../agent/HadoopAuthClassTransformer.java | 4 ++-- .../hive/authorizer/RangerHiveAuthorizer.java | 12 ++++-------- .../solr/authorizer/RangerSolrAuthorizer.java | 6 ++---- .../java/org/apache/ranger/biz/KmsKeyMgr.java | 14 +++++++------- .../org/apache/ranger/biz/RangerBizUtil.java | 10 ++++------ .../java/org/apache/ranger/biz/XUserMgr.java | 10 ---------- .../apache/ranger/common/RangerSearchUtil.java | 4 ++-- .../org/apache/ranger/common/db/BaseDao.java | 20 ++------------------ .../org/apache/ranger/rest/ServiceREST.java | 4 ++-- 13 files changed, 34 insertions(+), 69 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java index 8319d36..34de6f7 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java @@ -104,7 +104,7 @@ public class DbAuditProvider extends AuditDestination { boolean isSuccess = false; try { - if(preCreate(event)) { + if(preCreate()) { DaoManager daoMgr = daoManager; if(daoMgr != null) { @@ -313,7 +313,7 @@ public class DbAuditProvider extends AuditDestination { return ret; } - private boolean preCreate(AuditEventBase event) { + private boolean preCreate() { boolean ret = true; if(!isDbConnected()) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java index 0f0e5ee..f6931b3 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java @@ -2004,7 +2004,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S this(itemId, name, evaluator, evaluatorOptions, null, null, null, null, null, null, null, null); } - public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String, String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint, String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage) { + public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String, String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint, String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage) { //NOPMD setItemId(itemId); setName(name); setEvaluator(evaluator); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/dev-support/ranger-pmd-ruleset.xml ---------------------------------------------------------------------- diff --git a/dev-support/ranger-pmd-ruleset.xml b/dev-support/ranger-pmd-ruleset.xml index f82d831..96f566a 100644 --- a/dev-support/ranger-pmd-ruleset.xml +++ b/dev-support/ranger-pmd-ruleset.xml @@ -35,7 +35,6 @@ <exclude name="OverrideBothEqualsAndHashcode" /> </rule> <rule ref="rulesets/java/unusedcode.xml"> - <exclude name="UnusedFormalParameter" /> <exclude name="UnusedLocalVariable" /> <exclude name="UnusedPrivateField" /> <exclude name="UnusedPrivateMethod" /> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java index b463da3..93dca87 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java @@ -234,7 +234,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider { } if(nodeToCheck != null) { - authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups, fsOwner, superGroup, plugin, auditHandler); + authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups, plugin, auditHandler); } } @@ -250,21 +250,21 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider { if(authzStatus == AuthzStatus.ALLOW && ancestorAccess != null && ancestor != null) { INodeAttributes ancestorAttribs = inodeAttrs.length > ancestorIndex ? inodeAttrs[ancestorIndex] : null; - authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups, fsOwner, superGroup, plugin, auditHandler); + authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups, plugin, auditHandler); } // checkParentAccess if(authzStatus == AuthzStatus.ALLOW && parentAccess != null && parent != null) { INodeAttributes parentAttribs = inodeAttrs.length > 1 ? inodeAttrs[inodeAttrs.length - 2] : null; - authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, fsOwner, superGroup, plugin, auditHandler); + authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, plugin, auditHandler); } // checkINodeAccess if(authzStatus == AuthzStatus.ALLOW && access != null && inode != null) { INodeAttributes inodeAttribs = inodeAttrs.length > 0 ? inodeAttrs[inodeAttrs.length - 1] : null; - authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, fsOwner, superGroup, plugin, auditHandler); + authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, plugin, auditHandler); } // checkSubAccess @@ -278,7 +278,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider { if (!(cList.isEmpty() && ignoreEmptyDir)) { INodeAttributes dirAttribs = dir.getSnapshotINode(snapshotId); - authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, fsOwner, superGroup, plugin, auditHandler); + authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, plugin, auditHandler); if(authzStatus != AuthzStatus.ALLOW) { break; @@ -369,7 +369,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider { } } - private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction access, String user, Set<String> groups, String fsOwner, String superGroup, RangerHdfsPlugin plugin, RangerHdfsAuditHandler auditHandler) { + private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction access, String user, Set<String> groups, RangerHdfsPlugin plugin, RangerHdfsAuditHandler auditHandler) { AuthzStatus ret = null; String path = inode != null ? inode.getFullPathName() : null; String pathOwner = inodeAttribs != null ? inodeAttribs.getUserName() : null; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java index ace400b..68867df 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java @@ -40,7 +40,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer { byte[] result = transformedClassByteCode; if (result == null) { - byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassLoader, aClassName, aClassBeingRedefined, aProtectionDomain, aClassFileBuffer); + byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassName); if(injectedClassCode != null) { synchronized (HadoopAuthClassTransformer.class) { @@ -60,7 +60,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer { return ret; } - private static byte[] injectFSPermissionCheckerHooks(ClassLoader aClassLoader, String aClassName, Class<?> aClassBeingRedefined, ProtectionDomain aProtectionDomain, byte[] aClassFileBuffer) throws IllegalClassFormatException { + private static byte[] injectFSPermissionCheckerHooks(String aClassName) throws IllegalClassFormatException { byte[] ret = null; System.out.println("Injection code is Invoked in JVM [" + Runtime.getRuntime() + "] for class [" + aClassName + "] ...."); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java index dbd1201..3c922c9 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java @@ -232,7 +232,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { } if(hiveOpType == HiveOperationType.DFS) { - handleDfsCommand(hiveOpType, inputHObjs, outputHObjs, context, sessionContext, user, groups, auditHandler); + handleDfsCommand(hiveOpType, inputHObjs, user, auditHandler); return; } @@ -251,7 +251,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { String path = hiveObj.getObjectName(); FsAction permission = FsAction.READ; - if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf())) { + if(!isURIAccessAllowed(user, permission, path, getHiveConf())) { throw new HiveAccessControlException(String.format("Permission denied: user [%s] does not have [%s] privilege on [%s]", user, permission.name(), path)); } @@ -295,7 +295,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { String path = hiveObj.getObjectName(); FsAction permission = FsAction.WRITE; - if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf())) { + if(!isURIAccessAllowed(user, permission, path, getHiveConf())) { throw new HiveAccessControlException(String.format("Permission denied: user [%s] does not have [%s] privilege on [%s]", user, permission.name(), path)); } @@ -936,7 +936,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { return accessType; } - private boolean isURIAccessAllowed(String userName, Set<String> groups, FsAction action, String uri, HiveConf conf) { + private boolean isURIAccessAllowed(String userName, FsAction action, String uri, HiveConf conf) { boolean ret = false; if(action == FsAction.NONE) { @@ -964,11 +964,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { private void handleDfsCommand(HiveOperationType hiveOpType, List<HivePrivilegeObject> inputHObjs, - List<HivePrivilegeObject> outputHObjs, - QueryContext context, - HiveAuthzSessionContext sessionContext, String user, - Set<String> groups, RangerHiveAuditHandler auditHandler) throws HiveAuthzPluginException, HiveAccessControlException { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java index 151f23e..b49cdc0 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java +++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java @@ -186,7 +186,7 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin { List<RangerAccessRequestImpl> requestsForCollection = createRequests( userName, userGroups, ip, eventTime, context, - collectionRequest, requestData); + collectionRequest); rangerRequests.addAll(requestsForCollection); } if (logger.isDebugEnabled()) { @@ -290,13 +290,11 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin { * @param eventTime * @param context * @param collectionRequest - * @param requestData * @return */ private List<RangerAccessRequestImpl> createRequests(String userName, Set<String> userGroups, String ip, Date eventTime, - AuthorizationContext context, CollectionRequest collectionRequest, - String requestData) { + AuthorizationContext context, CollectionRequest collectionRequest) { List<RangerAccessRequestImpl> requests = new ArrayList<RangerAccessRequestImpl>(); String accessType = mapToRangerAccessType(context); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java index 551ec2e..3647bb1 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java @@ -137,7 +137,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class); }else{ - Subject sub = getSubjectForKerberos(repoName, currentUserLoginId); + Subject sub = getSubjectForKerberos(repoName); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -232,7 +232,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);} else{ - Subject sub = getSubjectForKerberos(provider, currentUserLoginId); + Subject sub = getSubjectForKerberos(provider); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -282,7 +282,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.delete(String.class) ; }else{ - Subject sub = getSubjectForKerberos(provider, currentUserLoginId); + Subject sub = getSubjectForKerberos(provider); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -333,7 +333,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString); }else{ - Subject sub = getSubjectForKerberos(provider, currentUserLoginId); + Subject sub = getSubjectForKerberos(provider); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -383,7 +383,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class); }else{ - Subject sub = getSubjectForKerberos(provider, currentUserLoginId); + Subject sub = getSubjectForKerberos(provider); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -420,7 +420,7 @@ public class KmsKeyMgr { if(!isKerberos){ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class); }else{ - Subject sub = getSubjectForKerberos(repoName, currentUserLoginId); + Subject sub = getSubjectForKerberos(repoName); response = Subject.doAs(sub, new PrivilegedAction<String>() { @Override public String run() { @@ -523,7 +523,7 @@ public class KmsKeyMgr { return providers; } - private Subject getSubjectForKerberos(String provider, String currentUserLoginId) throws Exception{ + private Subject getSubjectForKerberos(String provider) throws Exception{ String userName = getKMSUserName(provider); String password = getKMSPassword(provider); if (KerberosName.getRules() == null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java index 5905fc9..2980e51 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java @@ -494,7 +494,7 @@ public class RangerBizUtil { String[] requestResNameList = resourceNames.split(","); for (String resourceName : requestResNameList) { boolean matchFound = matchKnoxPolicy(resourceName, - xResourceList, vXResponse, xUserId, permission); + xResourceList, xUserId, permission); if (!matchFound) { vXResponse.setMsgDesc("You're not permitted to perform " + "the action for resource path : " + resourceName); @@ -508,7 +508,7 @@ public class RangerBizUtil { String[] requestResNameList = resourceNames.split(","); for (String resourceName : requestResNameList) { boolean matchFound = matchStormPolicy(resourceName, - xResourceList, vXResponse, xUserId, permission); + xResourceList, xUserId, permission); if (!matchFound) { vXResponse.setMsgDesc("You're not permitted to perform " + "the action for resource path : " + resourceName); @@ -849,13 +849,12 @@ public class RangerBizUtil { * * @param resourceName * @param xResourceList - * @param vXResponse * @param xUserId * @param permission * @return */ private boolean matchKnoxPolicy(String resourceName, - List<XXResource> xResourceList, VXResponse vXResponse, + List<XXResource> xResourceList, Long xUserId, int permission) { String[] splittedResources = stringUtil.split(resourceName, @@ -937,13 +936,12 @@ public class RangerBizUtil { * * @param resourceName * @param xResourceList - * @param vXResponse * @param xUserId * @param permission * @return */ private boolean matchStormPolicy(String resourceName, - List<XXResource> xResourceList, VXResponse vXResponse, + List<XXResource> xResourceList, Long xUserId, int permission) { String[] splittedResources = stringUtil.split(resourceName, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 5226f49..96ddf3f 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -1076,11 +1076,6 @@ public class XUserMgr extends XUserMgrBase { } public VXPermMapList searchXPermMaps(SearchCriteria searchCriteria) { - VXPermMapList vXPermMapList = super.searchXPermMaps(searchCriteria); - return applyDelegatedAdminAccess(vXPermMapList, searchCriteria); - } - - private VXPermMapList applyDelegatedAdminAccess(VXPermMapList vXPermMapList, SearchCriteria searchCriteria) { VXPermMapList returnList; UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession(); @@ -1126,11 +1121,6 @@ public class XUserMgr extends XUserMgrBase { } public VXAuditMapList searchXAuditMaps(SearchCriteria searchCriteria) { - VXAuditMapList vXAuditMapList = xAuditMapService.searchXAuditMaps(searchCriteria); - return applyDelegatedAdminAccess(vXAuditMapList, searchCriteria); - } - - private VXAuditMapList applyDelegatedAdminAccess(VXAuditMapList vXAuditMapList, SearchCriteria searchCriteria) { VXAuditMapList returnList; UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java index cf66fc1..74431df 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java @@ -218,11 +218,11 @@ public class RangerSearchUtil extends SearchUtil { } private StringBuilder buildWhereClause(SearchFilter searchCriteria, List<SearchField> searchFields) { - return buildWhereClause(searchCriteria, searchFields, false, false); + return buildWhereClause(searchCriteria, searchFields, false); } private StringBuilder buildWhereClause(SearchFilter searchCriteria, - List<SearchField> searchFields, boolean isNativeQuery, + List<SearchField> searchFields, boolean excludeWhereKeyword) { StringBuilder whereClause = new StringBuilder(excludeWhereKeyword ? "" : "WHERE 1 = 1 "); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java index c25b989..13607d3 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java +++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java @@ -165,24 +165,8 @@ public abstract class BaseDao<T> { return rtrnList; } - /** - * @param clazz - * @param query - * @param b - * @return - */ - private Long executeCountQueryInSecurityContext(Class<T> clazz, - Query query, boolean userPrefFilter) { - // boolean filterEnabled = false; - Long rtrnObj = null; - // filterEnabled = enableVisiblityFilters(clazz, userPrefFilter); - rtrnObj = (Long) query.getSingleResult(); - - return rtrnObj; - } - - public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) { - return executeCountQueryInSecurityContext(clazz, query, true); + public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) { //NOPMD + return (Long) query.getSingleResult(); } public List<T> getAll() { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index ad25817..c999f86 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -1557,7 +1557,7 @@ public class ServiceREST { httpCode = HttpServletResponse.SC_BAD_REQUEST; logMsg = excp.getMessage(); } finally { - createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, ret, httpCode, request); + createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, httpCode, request); RangerPerfTracer.log(perf); } @@ -1575,7 +1575,7 @@ public class ServiceREST { return ret; } - private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String pluginId, ServicePolicies policies, int httpRespCode, HttpServletRequest request) { + private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String pluginId, int httpRespCode, HttpServletRequest request) { try { String ipAddress = request.getHeader("X-FORWARDED-FOR");
