Repository: incubator-ranger Updated Branches: refs/heads/master 7729373de -> 7f9395b35
RANGER-1163 - Remove some of the "basic" PMD restrictions Signed-off-by: Selvamohan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/7f9395b3 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/7f9395b3 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/7f9395b3 Branch: refs/heads/master Commit: 7f9395b357db893c7e2ac7219bc07d02cfbdf67b Parents: 7729373 Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Aug 29 17:13:32 2016 +0100 Committer: Selvamohan Neethiraj <[email protected]> Committed: Mon Aug 29 12:19:19 2016 -0400 ---------------------------------------------------------------------- .../policyengine/RangerAccessResourceImpl.java | 11 ++++------- dev-support/ranger-pmd-ruleset.xml | 6 +----- .../java/org/apache/ranger/entity/XXDBBase.java | 2 +- .../yarn/authorizer/RangerYarnAuthorizer.java | 15 ++++----------- .../java/org/apache/ranger/entity/XXDBBase.java | 2 +- .../ranger/entity/XXServiceVersionInfo.java | 2 +- .../apache/ranger/service/XResourceService.java | 20 ++++++++------------ .../authentication/unix/jaas/PamPrincipal.java | 2 +- .../jaas/UsernamePasswordCallbackHandler.java | 2 +- 9 files changed, 22 insertions(+), 40 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResourceImpl.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResourceImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResourceImpl.java index e240916..26f6b3d 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResourceImpl.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResourceImpl.java @@ -132,13 +132,10 @@ public class RangerAccessResourceImpl implements RangerMutableResource { for(int idx = resourceDefs.size() - 1; idx >= 0; idx--) { RangerResourceDef resourceDef = resourceDefs.get(idx); - if(resourceDef == null || !exists(resourceDef.getName())) { - continue; - } - - ret = leafName = resourceDef.getName(); - - break; + if(resourceDef != null && exists(resourceDef.getName())) { + ret = leafName = resourceDef.getName(); + break; + } } } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/dev-support/ranger-pmd-ruleset.xml ---------------------------------------------------------------------- diff --git a/dev-support/ranger-pmd-ruleset.xml b/dev-support/ranger-pmd-ruleset.xml index dbd8ff0..d4335a9 100644 --- a/dev-support/ranger-pmd-ruleset.xml +++ b/dev-support/ranger-pmd-ruleset.xml @@ -25,13 +25,9 @@ </description> <rule ref="rulesets/java/basic.xml"> - <exclude name="AvoidBranchingStatementAsLastInLoop" /> - <exclude name="AvoidThreadGroup" /> - <exclude name="AvoidUsingHardCodedIP" /> - <exclude name="ClassCastExceptionWithToArray" /> + <exclude name="AvoidUsingHardCodedIP" /> <exclude name="CollapsibleIfStatements" /> <exclude name="DoubleCheckedLocking" /> - <exclude name="ExtendsObject" /> <exclude name="OverrideBothEqualsAndHashcode" /> </rule> <rule ref="rulesets/java/unusedcode.xml"> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/kms/src/main/java/org/apache/ranger/entity/XXDBBase.java ---------------------------------------------------------------------- diff --git a/kms/src/main/java/org/apache/ranger/entity/XXDBBase.java b/kms/src/main/java/org/apache/ranger/entity/XXDBBase.java index a0d0120..e64e142 100644 --- a/kms/src/main/java/org/apache/ranger/entity/XXDBBase.java +++ b/kms/src/main/java/org/apache/ranger/entity/XXDBBase.java @@ -35,7 +35,7 @@ import javax.xml.bind.annotation.XmlRootElement; @MappedSuperclass @XmlRootElement -public abstract class XXDBBase extends Object implements java.io.Serializable { +public abstract class XXDBBase implements java.io.Serializable { private static final long serialVersionUID = 1L; public static final int CLASS_TYPE_NONE = 0; private static final TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java index 2ea92b3..14c8d26 100644 --- a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java +++ b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java @@ -183,17 +183,10 @@ public class RangerYarnAuthorizer extends YarnAuthorizationProvider { AccessControlList acl = entityPermissions == null ? null : entityPermissions.get(accessType); - if(acl == null || !acl.isUserAllowed(ugi)) { - continue; - } - - if(! isSelfOrChildOf(entity, aclEntity)) { - continue; - } - - ret = true; - - break; + if(acl != null && acl.isUserAllowed(ugi) && isSelfOrChildOf(entity, aclEntity)) { + ret = true; + break; + } } if(auditHandler != null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/security-admin/src/main/java/org/apache/ranger/entity/XXDBBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXDBBase.java b/security-admin/src/main/java/org/apache/ranger/entity/XXDBBase.java index ce7c5db..bcb203d 100644 --- a/security-admin/src/main/java/org/apache/ranger/entity/XXDBBase.java +++ b/security-admin/src/main/java/org/apache/ranger/entity/XXDBBase.java @@ -39,7 +39,7 @@ import org.apache.ranger.common.DateUtil; @MappedSuperclass @EntityListeners( org.apache.ranger.common.db.JPABeanCallbacks.class) @XmlRootElement -public abstract class XXDBBase extends Object implements java.io.Serializable { +public abstract class XXDBBase implements java.io.Serializable { private static final long serialVersionUID = 1L; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/security-admin/src/main/java/org/apache/ranger/entity/XXServiceVersionInfo.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXServiceVersionInfo.java b/security-admin/src/main/java/org/apache/ranger/entity/XXServiceVersionInfo.java index 921e72f..691687f 100644 --- a/security-admin/src/main/java/org/apache/ranger/entity/XXServiceVersionInfo.java +++ b/security-admin/src/main/java/org/apache/ranger/entity/XXServiceVersionInfo.java @@ -42,7 +42,7 @@ import org.apache.ranger.common.DateUtil; @Cacheable @XmlRootElement @Table(name = "x_service_version_info") -public class XXServiceVersionInfo extends Object implements java.io.Serializable { +public class XXServiceVersionInfo implements java.io.Serializable { private static final long serialVersionUID = 1L; @Id http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/security-admin/src/main/java/org/apache/ranger/service/XResourceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/XResourceService.java index 839bf59..7de7210 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XResourceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XResourceService.java @@ -879,17 +879,15 @@ public class XResourceService extends for (Long userId : listOfUser) { HashMap<Integer, VXPermMap> map = userPermMap.get(userId); VXPermMap vxPermMap = null; + if (!map.isEmpty()) { + vxPermMap = map.values().iterator().next(); + } - for (Entry<Integer, VXPermMap> perm : map.entrySet()) { - vxPermMap = perm.getValue(); - break; - } - if (vxPermMap == null) { continue; } - if (map.size() > 0 && map.get(AppConstants.XA_PERM_TYPE_READ) == null) { + if (map.get(AppConstants.XA_PERM_TYPE_READ) == null) { vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_READ); map.put(AppConstants.XA_PERM_TYPE_READ, vxPermMap); } @@ -904,17 +902,15 @@ public class XResourceService extends for (Long groupId : listOfGroup) { HashMap<Integer, VXPermMap> map = groupPermMap.get(groupId); VXPermMap vxPermMap = null; + if (!map.isEmpty()) { + vxPermMap = map.values().iterator().next(); + } - for (Entry<Integer, VXPermMap> perm : map.entrySet()) { - vxPermMap = perm.getValue(); - break; - } - if (vxPermMap == null) { continue; } - if (map.size() > 0 && map.get(AppConstants.XA_PERM_TYPE_READ) == null) { + if (map.get(AppConstants.XA_PERM_TYPE_READ) == null) { vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_READ); map.put(AppConstants.XA_PERM_TYPE_READ, vxPermMap); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamPrincipal.java ---------------------------------------------------------------------- diff --git a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamPrincipal.java b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamPrincipal.java index 8379f3f..235e22b 100644 --- a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamPrincipal.java +++ b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamPrincipal.java @@ -26,7 +26,7 @@ import java.util.Collections; import java.util.Set; -public class PamPrincipal extends Object implements Principal { +public class PamPrincipal implements Principal { private String _userName; private String _gecos; private String _homeDir; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7f9395b3/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/UsernamePasswordCallbackHandler.java ---------------------------------------------------------------------- diff --git a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/UsernamePasswordCallbackHandler.java b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/UsernamePasswordCallbackHandler.java index ff1ed15..58edfbc 100644 --- a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/UsernamePasswordCallbackHandler.java +++ b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/UsernamePasswordCallbackHandler.java @@ -19,7 +19,7 @@ package org.apache.ranger.authentication.unix.jaas; import javax.security.auth.callback.*; import java.io.IOException; -public class UsernamePasswordCallbackHandler extends Object implements CallbackHandler { +public class UsernamePasswordCallbackHandler implements CallbackHandler { private String _user; private String _password;
