> On Dec. 22, 2016, 6:42 p.m., Alok Lal wrote: > > ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java, > > line 32 > > <https://reviews.apache.org/r/54968/diff/1/?file=1591085#file1591085line32> > > > > Pradeep, I'm a bit uncomfortable with us not using a library to do > > this. [This > > discussions](http://stackoverflow.com/questions/4737841/urlencoder-not-able-to-translate-space-character) > > presents a couple of alternatives. For example, UrlEscapers is a part of > > guava and is quite well documented. Importantly, it is likely to keep in > > step with any future changes in the standards. > > > > I know it is a bear to test these things, so I cring as I suggest this > > nitpicky change to you.
Alok, I Went through Guava library, Apache common, Tomcat Catalina and Spring library; but to find the best one i will need more time; i could not get the list of other characters which can cause issue, To me only space was causing problem so i proposed this patch as it involves less testing. Also we can always fix it in better way later whenever we will have few more set of characters which can cause issue and alternate APIs covers them. - Pradeep ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54968/#review159994 ----------------------------------------------------------- On Dec. 22, 2016, 10:01 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54968/ > ----------------------------------------------------------- > > (Updated Dec. 22, 2016, 10:01 a.m.) > > > Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, > and Velmurugan Periasamy. > > > Bugs: RANGER-1276 > https://issues.apache.org/jira/browse/RANGER-1276 > > > Repository: ranger > > > Description > ------- > > ** Problem Statement :** if usersync process add groups with spaces in ranger > admin and to remove a user from a group it calls REST: > /group/{groupName}/user/{userName} > In this REST call if a group name contains spaces then URLEncoder.encode(s, > "UTF-8") method replace these spaces with + symbol and request is forwarded > to ranger-admin. Whenever Ranger receives group name with + character (rather > spaces) it tries to search the received group name in db but fails to find > any rows as the group name with '+' character does not exist. At Ranger admin > end this process is considered as a failure of the request and ranger-admin > sends the error message to the log file. > > ** Proposed Solution :** Ranger admin server expect that if spaces are there > in URL path segment then they should be send with encoding '%20' so that it > can decode those encoded characters internally. > During encoding of path segment usersync process usage > UserSyncUtil.encodeURIParam(String s) which calls > java.net.URLEncoder.encode(String s, String enc) method. After encoding of > the provided string using java.net.URLEncoder.encode(String s, String enc) > method we need to replace + symbol with %20 characters, so that request can > be forwarded to ranger admin with %20 for spaces rather + symbol. > > > Diffs > ----- > > ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java > a33576b > > Diff: https://reviews.apache.org/r/54968/diff/ > > > Testing > ------- > > **Steps performed(with patch) :** > 1. Installed and started Ranger admin. > 2. Created a group with spaces 'my personal group' > 3. Created a user with spaces 'public user1' and assigned it to group 'my > personal group' > 4. Tried to delete mapping of user 'public user1' from group 'my personal > group' > > **Sample Request after encoding:** curl -u admin:admin -v -i -s -X DELETE -H > "Accept: application/json" -H "Content-Type: application/json" > http://localhost:6080/service/xusers/group/my%20personal%20group/user/public%20user1 > 5. Visited user tab from user/group menu. > > **Expected Behaviour :** User 'public user1' mapping from group 'my personal > group' should get deleted and it should not show mapping of user 'public > user1' in group 'my personal group'. > **Actual Behaviour :** User 'public user1' got removed from group 'my > personal group', group column of user 'public user1' was empty. > > > Thanks, > > Pradeep Agrawal > >
