Re: [PR] RANGER-5406 Support export policies in a segmented manner [ranger]

Fri, 28 Nov 2025 19:46:56 -0800 


vyommani commented on code in PR #748:
URL: https://github.com/apache/ranger/pull/748#discussion_r2572780338


##########
security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java:
##########
@@ -239,14 +239,30 @@ public SearchFilter 
extractCommonCriteriasForFilter(HttpServletRequest request,
                 "Invalid value for parameter startIndex", 
MessageEnums.INVALID_INPUT_DATA, null, SearchFilter.START_INDEX);
 
         startIndex = startIndex < 0 ? 0 : startIndex;
+        logger.info("==> setStartIndex={}" , startIndex);
 
         ret.setStartIndex(startIndex);
 
         int pageSize = 
restErrorUtil.parseInt(request.getParameter(SearchFilter.PAGE_SIZE), 
configUtil.getDefaultMaxRows(),
                 "Invalid value for parameter pageSize", 
MessageEnums.INVALID_INPUT_DATA, null, SearchFilter.PAGE_SIZE);
-
+        logger.info("==> setMaxRows={}" , pageSize);
+        logger.info("==> DefaultMaxRows={}" , configUtil.getDefaultMaxRows());
         ret.setMaxRows(validatePageSize(pageSize));
 
+        int beginIndex = 
restErrorUtil.parseInt(request.getParameter(SearchFilter.BEGIN_INDEX), 0,
+                "Invalid value for parameter beginIndex", 
MessageEnums.INVALID_INPUT_DATA, null,
+                SearchFilter.BEGIN_INDEX);
+        beginIndex = beginIndex < 0 ? startIndex : beginIndex;
+        logger.info("==> setBeginIndex={}" , beginIndex);
+        ret.setBeginIndex(beginIndex);
+
+        int offsetSize = 
restErrorUtil.parseInt(request.getParameter(SearchFilter.OFFSET), 0,
+                "Invalid value for parameter offset", 
MessageEnums.INVALID_INPUT_DATA, null,
+                SearchFilter.OFFSET);
+        logger.info("==> setOffsetIndex={}" , offsetSize);
+        offsetSize = offsetSize < 0 ? pageSize : offsetSize;

Review Comment:
   what will happen if offsetSize > pagesize ?. I can see that code does not 
handle this condition.
   
   Currently, the code allows the client to send an `offset` value larger than 
`pageSize` (e.g., pageSize=10 & offset=57), and it is accepted without any 
adjustment or validation.
   
   This will causes real problems:
   1. The results are no longer page-aligned 
   2.`startIndex`, `beginIndex`, and `offset` can end up with different values 
(since they are set independently), leading to inconsistent behavior.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to