Repository: incubator-ranger Updated Branches: refs/heads/master 09b52b939 -> 24a100081
RANGER-1124 : Good coding practices in Ranger recommended by static code analysis - medium impact Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/24a10008 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/24a10008 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/24a10008 Branch: refs/heads/master Commit: 24a100081eb05276bca7aa07b3a8c2255646c21a Parents: 09b52b9 Author: rmani <[email protected]> Authored: Fri Jul 29 23:09:19 2016 -0700 Committer: rmani <[email protected]> Committed: Fri Jul 29 23:09:19 2016 -0700 ---------------------------------------------------------------------- .../audit/destination/SolrAuditDestination.java | 127 ++++++++++--------- .../apache/ranger/audit/provider/MiscUtil.java | 6 +- .../ranger/audit/queue/AuditFileSpool.java | 2 +- .../services/hbase/client/HBaseClient.java | 11 +- .../ranger/services/hdfs/client/HdfsClient.java | 4 +- .../hive/authorizer/RangerHiveAuthorizer.java | 5 +- .../kafka/authorizer/RangerKafkaAuthorizer.java | 40 +++--- .../solr/authorizer/RangerSolrAuthorizer.java | 14 +- .../RangerPluginClassLoaderUtil.java | 2 +- 9 files changed, 115 insertions(+), 96 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java b/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java index 46f33a5..738c091 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java @@ -54,7 +54,7 @@ public class SolrAuditDestination extends AuditDestination { public static final String DEFAULT_COLLECTION_NAME = "ranger_audits"; public static final String PROP_JAVA_SECURITY_AUTH_LOGIN_CONFIG = "java.security.auth.login.config"; - SolrClient solrClient = null; + private volatile SolrClient solrClient = null; public SolrAuditDestination() { } @@ -74,77 +74,80 @@ public class SolrAuditDestination extends AuditDestination { } synchronized void connect() { - if (solrClient == null) { - if (solrClient == null) { - String urls = MiscUtil.getStringProperty(props, propPrefix - + "." + PROP_SOLR_URLS); - if (urls != null) { - urls = urls.trim(); - } - if (urls != null && urls.equalsIgnoreCase("NONE")) { - urls = null; - } - - List<String> solrURLs = new ArrayList<String>(); - String zkHosts = null; - solrURLs = MiscUtil.toArray(urls, ","); - zkHosts = MiscUtil.getStringProperty(props, propPrefix + "." - + PROP_SOLR_ZK); - if (zkHosts != null && zkHosts.equalsIgnoreCase("NONE")) { - zkHosts = null; - } - - String collectionName = MiscUtil.getStringProperty(props, - propPrefix + "." + PROP_SOLR_COLLECTION); - if (collectionName == null - || collectionName.equalsIgnoreCase("none")) { - collectionName = DEFAULT_COLLECTION_NAME; - } - - LOG.info("Solr zkHosts=" + zkHosts + ", solrURLs=" + urls - + ", collectionName=" + collectionName); - - if (zkHosts != null && !zkHosts.isEmpty()) { - LOG.info("Connecting to solr cloud using zkHosts=" - + zkHosts); - try { - // Instantiate - HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer()); - CloudSolrClient solrCloudClient = new CloudSolrClient( - zkHosts); - solrCloudClient.setDefaultCollection(collectionName); - solrClient = solrCloudClient; - } catch (Throwable t) { - LOG.fatal("Can't connect to Solr server. ZooKeepers=" - + zkHosts, t); + SolrClient me = solrClient; + if (me == null) { + synchronized(SolrAuditDestination.class) { + me = solrClient; + if (solrClient == null) { + String urls = MiscUtil.getStringProperty(props, propPrefix + + "." + PROP_SOLR_URLS); + if (urls != null) { + urls = urls.trim(); } - finally { - resetInitializerInSOLR() ; + if (urls != null && urls.equalsIgnoreCase("NONE")) { + urls = null; } - } else if (solrURLs != null && !solrURLs.isEmpty()) { - try { - LOG.info("Connecting to Solr using URLs=" + solrURLs); - HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer()); - LBHttpSolrClient lbSolrClient = new LBHttpSolrClient( - solrURLs.get(0)); - lbSolrClient.setConnectionTimeout(1000); + List<String> solrURLs = new ArrayList<String>(); + String zkHosts = null; + solrURLs = MiscUtil.toArray(urls, ","); + zkHosts = MiscUtil.getStringProperty(props, propPrefix + "." + + PROP_SOLR_ZK); + if (zkHosts != null && zkHosts.equalsIgnoreCase("NONE")) { + zkHosts = null; + } + String collectionName = MiscUtil.getStringProperty(props, + propPrefix + "." + PROP_SOLR_COLLECTION); + if (collectionName == null + || collectionName.equalsIgnoreCase("none")) { + collectionName = DEFAULT_COLLECTION_NAME; + } + + LOG.info("Solr zkHosts=" + zkHosts + ", solrURLs=" + urls + + ", collectionName=" + collectionName); - for (int i = 1; i < solrURLs.size(); i++) { - lbSolrClient.addSolrServer(solrURLs.get(i)); + if (zkHosts != null && !zkHosts.isEmpty()) { + LOG.info("Connecting to solr cloud using zkHosts=" + + zkHosts); + try { + // Instantiate + HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer()); + CloudSolrClient solrCloudClient = new CloudSolrClient( + zkHosts); + solrCloudClient.setDefaultCollection(collectionName); + me = solrClient = solrCloudClient; + } catch (Throwable t) { + LOG.fatal("Can't connect to Solr server. ZooKeepers=" + + zkHosts, t); + } + finally { + resetInitializerInSOLR() ; + } + } else if (solrURLs != null && !solrURLs.isEmpty()) { + try { + LOG.info("Connecting to Solr using URLs=" + solrURLs); + HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer()); + LBHttpSolrClient lbSolrClient = new LBHttpSolrClient( + solrURLs.get(0)); + lbSolrClient.setConnectionTimeout(1000); + + for (int i = 1; i < solrURLs.size(); i++) { + lbSolrClient.addSolrServer(solrURLs.get(i)); + } + me = solrClient = lbSolrClient; + } catch (Throwable t) { + LOG.fatal("Can't connect to Solr server. URL=" + + solrURLs, t); + } + finally { + resetInitializerInSOLR() ; } - solrClient = lbSolrClient; - } catch (Throwable t) { - LOG.fatal("Can't connect to Solr server. URL=" - + solrURLs, t); - } - finally { - resetInitializerInSOLR() ; } } } } } + private void resetInitializerInSOLR() { javax.security.auth.login.Configuration solrConfig = javax.security.auth.login.Configuration.getConfiguration(); String solrConfigClassName = solrConfig.getClass().getName() ; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java index 8ad4616..28dceb4 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java @@ -184,7 +184,9 @@ public class MiscUtil { } public static String getJvmInstanceId() { - String ret = Integer.toString(Math.abs(sJvmID.toString().hashCode())); + Integer val = Integer.valueOf(sJvmID.toString().hashCode()); + long longVal = val.longValue(); + String ret = Long.toString(Math.abs(longVal)); return ret; } @@ -730,7 +732,7 @@ public class MiscUtil { } } catch (Throwable t) { - logger.error("Failed to login as [" + spnegoPrincipals + "]", t); + logger.error("Failed to login with given keytab and principal", t); } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java b/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java index 17ddab9..8e3c992 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java @@ -663,7 +663,7 @@ public class AuditFileSpool implements Runnable { } }); - if (logFiles.length > maxArchiveFiles) { + if (logFiles != null && logFiles.length > maxArchiveFiles) { int filesToDelete = logFiles.length - maxArchiveFiles; BufferedReader br = new BufferedReader(new FileReader( indexDoneFile)); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java ---------------------------------------------------------------------- diff --git a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java index 65e7be6..443eb01 100644 --- a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java +++ b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java @@ -251,10 +251,9 @@ public class HBaseClient extends BaseClient { HBaseAdmin.checkHBaseAvailable(conf); LOG.info("getTableList: no exception: HbaseAvailability true"); admin = new HBaseAdmin(conf) ; - for (HTableDescriptor htd : admin.listTables(tableNameMatching)) { - if (htd == null) { - LOG.error("getTableList: null HTableDescription received from HBaseAdmin.listTables"); - } else { + HTableDescriptor [] htds = admin.listTables(tableNameMatching); + if (htds != null) { + for (HTableDescriptor htd : admin.listTables(tableNameMatching)) { String tableName = htd.getNameAsString(); if (existingTableList != null && existingTableList.contains(tableName)) { continue; @@ -262,7 +261,9 @@ public class HBaseClient extends BaseClient { tableList.add(htd.getNameAsString()); } } - } + } else { + LOG.error("getTableList: null HTableDescription received from HBaseAdmin.listTables"); + } } catch (ZooKeeperConnectionException zce) { String msgDesc = "getTableList: Unable to connect to `ZooKeeper` " + "using given config parameters."; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java index bc98d24..bfc2628 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java @@ -87,7 +87,7 @@ public class HdfsClient extends BaseClient { FileStatus[] fileStats = fs.listStatus(basePath) ; if(LOG.isDebugEnabled()) { - LOG.debug("<== HdfsClient fileStatus : " + fileStats + " PathList :" + pathList) ; + LOG.debug("<== HdfsClient fileStatus : " + fileStats.length + " PathList :" + pathList) ; } if (fileStats != null) { @@ -185,7 +185,7 @@ public class HdfsClient extends BaseClient { String baseDir = args[1] ; String fileNameToMatch = (args.length == 2 ? null : args[2]) ; - HdfsClient fs = new HdfsClient(repositoryName, null) ; + HdfsClient fs = new HdfsClient(repositoryName, new HashMap<String,String>()) ; List<String> fsList = null; try { fsList = fs.listFiles(baseDir, fileNameToMatch,null); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java index bfe1891..166e95a 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java @@ -681,7 +681,10 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { if(isDataMaskEnabled(result)) { String maskType = result.getMaskType(); RangerDataMaskTypeDef maskTypeDef = result.getMaskTypeDef(); - String transformer = maskTypeDef.getTransformer(); + String transformer = null; + if (maskTypeDef != null) { + transformer = maskTypeDef.getTransformer(); + } if(StringUtils.equalsIgnoreCase(maskType, MASK_TYPE_NULL)) { ret = "NULL"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java index 1afedd5..452698b 100644 --- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java +++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java @@ -75,27 +75,31 @@ public class RangerKafkaAuthorizer implements Authorizer { */ @Override public void configure(Map<String, ?> configs) { - if (rangerPlugin == null) { - try { - LoginManager loginManager = LoginManager.acquireLoginManager(LoginType.SERVER, true, configs); - Subject subject = loginManager.subject(); - UserGroupInformation ugi = MiscUtil - .createUGIFromSubject(subject); - if (ugi != null) { - MiscUtil.setUGILoginUser(ugi, subject); + RangerBasePlugin me = rangerPlugin; + if (me == null) { + synchronized(RangerKafkaAuthorizer.class) { + me = rangerPlugin; + if (me == null) { + try { + LoginManager loginManager = LoginManager.acquireLoginManager(LoginType.SERVER, true, configs); + Subject subject = loginManager.subject(); + UserGroupInformation ugi = MiscUtil + .createUGIFromSubject(subject); + if (ugi != null) { + MiscUtil.setUGILoginUser(ugi, subject); + } + logger.info("LoginUser=" + MiscUtil.getUGILoginUser()); + } catch (Throwable t) { + logger.error("Error getting principal.", t); + } + me = rangerPlugin = new RangerBasePlugin("kafka", "kafka"); } - logger.info("LoginUser=" + MiscUtil.getUGILoginUser()); - } catch (Throwable t) { - logger.error("Error getting principal.", t); } - - rangerPlugin = new RangerBasePlugin("kafka", "kafka"); - logger.info("Calling plugin.init()"); - rangerPlugin.init(); - - RangerDefaultAuditHandler auditHandler = new RangerDefaultAuditHandler(); - rangerPlugin.setResultProcessor(auditHandler); } + logger.info("Calling plugin.init()"); + rangerPlugin.init(); + RangerDefaultAuditHandler auditHandler = new RangerDefaultAuditHandler(); + rangerPlugin.setResultProcessor(auditHandler); } @Override http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java index 9371eaa..9390ba1 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java +++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java @@ -105,11 +105,17 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin { } try { - if (solrPlugin == null) { - logger.info("RangerSolrAuthorizer(): init called"); - solrPlugin = new RangerBasePlugin("solr", "solr"); - solrPlugin.init(); + RangerBasePlugin me = solrPlugin; + if (me == null) { + synchronized(RangerSolrAuthorizer.class) { + me = solrPlugin; + logger.info("RangerSolrAuthorizer(): init called"); + if (me == null) { + me = solrPlugin = new RangerBasePlugin("solr", "solr"); + } + } } + solrPlugin.init(); } catch (Throwable t) { logger.fatal("Error creating and initializing RangerBasePlugin()"); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/24a10008/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java ---------------------------------------------------------------------- diff --git a/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java b/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java index ea18883..fb33dcb 100644 --- a/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java +++ b/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java @@ -38,7 +38,7 @@ public class RangerPluginClassLoaderUtil { private static final Logger LOG = LoggerFactory.getLogger(RangerPluginClassLoaderUtil.class) ; - private static RangerPluginClassLoaderUtil config = null; + private static volatile RangerPluginClassLoaderUtil config = null; private static String rangerPluginLibDir = "ranger-%-plugin-impl"; public static RangerPluginClassLoaderUtil getInstance() {
