----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73515/#review223332 -----------------------------------------------------------
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java Lines 240 (patched) <https://reviews.apache.org/r/73515/#comment312412> logAuditEventForExceptions() - the implementation doesn't seem specifically for exceptions/errors. Consider renaming this method to logAuditEvent(). hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java Lines 246 (patched) <https://reviews.apache.org/r/73515/#comment312414> The comment here can be removed. hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java Lines 958 (patched) <https://reviews.apache.org/r/73515/#comment312411> Consider replacing 'if' in #959 with 'else if'. hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java Lines 2224 (patched) <https://reviews.apache.org/r/73515/#comment312410> block #2224 - #2235 is needed/used only when inputResourceName is empty. Consider replacing #2210 - #2243 with: String commandString = context.getCommandString(); String resourceName = null; String resourceType = null; if (inputHObjs != null) { for(HivePrivilegeObject hiveObj : inputHObjs) { resourceName = getResourceName(hiveObj); if(StringUtil.isNotEmpty(resourceName)) { resourceType = getResourceType(hiveObj); break; } } } if (StringUtils.isEmpty(resourceName) && outputHObjs != null) { for(HivePrivilegeObject hiveObj : outputHObjs) { resourceName = getResourceName(hiveObj); if(StringUtil.isNotEmpty(resourceName)) { resourceType = getResourceType(hiveObj); break; } } } hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java Lines 2261 (patched) <https://reviews.apache.org/r/73515/#comment312413> Consider replacing implementation of getResourceName() with: RangerHiveResource resource = createHiveResource(hivePrivilegeObject); return resource != null ? resource.getAsString() : null; - Madhan Neethiraj On Aug. 11, 2021, 6:44 p.m., Ramesh Mani wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73515/ > ----------------------------------------------------------- > > (Updated Aug. 11, 2021, 6:44 p.m.) > > > Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and > Velmurugan Periasamy. > > > Bugs: RANGER-3368 > https://issues.apache.org/jira/browse/RANGER-3368 > > > Repository: ranger > > > Description > ------- > > RANGER-3368:Ranger HiveAuthorizer improvements to handle uncharted hive > commands > > > Diffs > ----- > > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java > a3d575c86 > > hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java > efe1ff79c > > > Diff: https://reviews.apache.org/r/73515/diff/1/ > > > Testing > ------- > > s- Verified the commands where HivePrivilegeObjects are missing in > authorization request. ( Alter Table Set Owner) > - Verified the commands which are newly added for which authorization was not > defined in ranger ( Alter Materialized view ) > - Verified all the command running the test suite. > > > Thanks, > > Ramesh Mani > >
