Review Request 74346: RANGER-4122: Reorganize checkAdminAccess() and serveral authority check method.

Sun, 12 Mar 2023 00:53:39 -0800 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74346/
-----------------------------------------------------------

Review request for ranger.


Repository: ranger


Description
-------

I have checked the implementation of checkAdminAccess() in @XAuditMgr, @UserMgr 
and @XUserMgr, it turns out that these methods are the same so I unify them 
into @RangerAuthorizationHelper. @RangerAuthoritizationHelper is in Request 
scope, which means Spring container would bind an instance to each HttpRequest. 
In this way, Ranger Admin could return Error as soo as possible when the 
UserSession or LoginId of current request is invalid.
Additionally, @checkAdminAccess in RangerBizUtil seems to be inconsistent with 
those above and I use isAdmin() instead.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
14a5c83e8 
  
security-admin/src/main/java/org/apache/ranger/biz/RangerAuthorizationHelper.java
 PRE-CREATION 
  security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 
07fa3dfd9 
  security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java 
addfd640d 
  security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java eaaa15a11 
  security-admin/src/main/java/org/apache/ranger/biz/XAuditMgr.java 75371f4b2 
  security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java 2955bd513 
  security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java faad41c6c 
  
security-admin/src/test/java/org/apache/ranger/biz/TestRangerAuthorizationHelper.java
 PRE-CREATION 
  security-admin/src/test/java/org/apache/ranger/biz/TestRangerBizUtil.java 
22e290a66 
  security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java b6c43133b 
  security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java 
027c3b103 
  security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java 
74744e6cf 


Diff: https://reviews.apache.org/r/74346/diff/1/


Testing
-------

Tested Ranger build using below command,
mvn clean compile package -DskipTests -Psecurity-admin-react


Successfully setup Ranger Admin UI with updated react 18.2.0 version.


File Attachments
----------------

0001-RANGER-4122-Reorganize-checkAdminAccess-and-serveral.patch
  
https://reviews.apache.org/media/uploaded/files/2023/03/12/97095ba9-00e3-4e95-be7c-9c0ee9133249__0001-RANGER-4122-Reorganize-checkAdminAccess-and-serveral.patch


Thanks,

YiJi Gao

Reply via email to