----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73129/#review222734 -----------------------------------------------------------
Fix it, then Ship it! hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java Lines 264 (patched) <https://reviews.apache.org/r/73129/#comment311952> context.auditHandler will not be null here, given the assignment at #248. Consider removing 'if' here. - Madhan Neethiraj On April 7, 2021, 7:30 p.m., Ramesh Mani wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73129/ > ----------------------------------------------------------- > > (Updated April 7, 2021, 7:30 p.m.) > > > Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan > Periasamy. > > > Bugs: RANGER-3148 > https://issues.apache.org/jira/browse/RANGER-3148 > > > Repository: ranger > > > Description > ------- > > RANGER-3148: Ranger HDFS plugin to audit chmod and chown operations > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/authorization/hadoop/constants/RangerHadoopConstants.java > 31e4c0f4e > > hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java > 63e84728d > > > Diff: https://reviews.apache.org/r/73129/diff/6/ > > > Testing > ------- > > - Verified in local vm for auditing. > - Following operations and its auditing are covered. > > 1) chmod -> Allow and deny gets audited fine for all the calls. > 2) chown -> Deny gets audited for the file not owned by the same user who > runs the command. > 3) Addressed audit log for SuperUsers -> implemented denyUserAccess and > checkSuperUserPermissionWithContext > > > Thanks, > > Ramesh Mani > >
