[ranger] branch RANGER-3923 updated (8e8f25777 -> dfe0a32b4)

2023-10-19 Thread madhan 
This is an automated email from the ASF dual-hosted git repository.

madhan pushed a change to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git


from 8e8f25777 Merge branch 'master' into RANGER-3923
 add c49ed48d1 RANGER-4484: security-zone names should be made available in 
context
 new dfe0a32b4 Merge branch 'master' into RANGER-3923

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../ranger/plugin/policyengine/PolicyEngine.java   | 10 +++---
 .../policyengine/RangerPolicyEngineImpl.java   |  6 ++--
 .../policyengine/RangerRequestScriptEvaluator.java | 12 
 .../service/RangerDefaultRequestProcessor.java |  4 +++
 .../plugin/util/RangerAccessRequestUtil.java   | 36 ++
 .../apache/ranger/biz/RangerPolicyAdminImpl.java   |  2 +-
 6 files changed, 61 insertions(+), 9 deletions(-)

[ranger] 01/01: Merge branch 'master' into RANGER-3923

2023-10-19 Thread madhan 
This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit dfe0a32b49b5a7fb61ff66f99e3e38b4f5cdc32e
Merge: 8e8f25777 c49ed48d1
Author: Madhan Neethiraj 
AuthorDate: Wed Oct 18 23:34:37 2023 -0700

Merge branch 'master' into RANGER-3923

 .../ranger/plugin/policyengine/PolicyEngine.java   | 10 +++---
 .../policyengine/RangerPolicyEngineImpl.java   |  6 ++--
 .../policyengine/RangerRequestScriptEvaluator.java | 12 
 .../service/RangerDefaultRequestProcessor.java |  4 +++
 .../plugin/util/RangerAccessRequestUtil.java   | 36 ++
 .../apache/ranger/biz/RangerPolicyAdminImpl.java   |  2 +-
 6 files changed, 61 insertions(+), 9 deletions(-)

[ranger] branch master updated: RANGER-4484: security-zone names should be made available in context

2023-10-19 Thread madhan 
This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new c49ed48d1 RANGER-4484: security-zone names should be made available in 
context
c49ed48d1 is described below

commit c49ed48d131c2bc39a1da3c6d8173a12c299baa8
Author: Madhan Neethiraj 
AuthorDate: Wed Oct 18 15:49:15 2023 -0700

RANGER-4484: security-zone names should be made available in context
---
 .../ranger/plugin/policyengine/PolicyEngine.java   | 10 +++---
 .../policyengine/RangerPolicyEngineImpl.java   |  6 ++--
 .../policyengine/RangerRequestScriptEvaluator.java | 12 
 .../service/RangerDefaultRequestProcessor.java |  4 +++
 .../plugin/util/RangerAccessRequestUtil.java   | 36 ++
 .../apache/ranger/biz/RangerPolicyAdminImpl.java   |  2 +-
 6 files changed, 61 insertions(+), 9 deletions(-)

diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java
index 3373dbae9..063b685d0 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java
@@ -408,13 +408,13 @@ public class PolicyEngine {
 }
 
 public String getUniquelyMatchedZoneName(Map resourceAsMap) {
-String ret = null;
 Set matchedZones = 
getMatchedZonesForResourceAndChildren(resourceAsMap, 
convertToAccessResource(resourceAsMap));
-if (CollectionUtils.isNotEmpty(matchedZones) && matchedZones.size() == 
1) {
-String[] matchedZonesArray = new String[1];
-matchedZones.toArray(matchedZonesArray);
-ret = matchedZonesArray[0];
+String  ret  = (matchedZones != null && 
matchedZones.size() == 1) ? matchedZones.iterator().next() : null;
+
+if (LOG.isDebugEnabled()) {
+LOG.debug("getUniquelyMatchedZoneName(" + resourceAsMap + "): 
matchedZones=" + matchedZones + ", ret=" + ret);
 }
+
 return ret;
 }
 
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
index fd78fd8e0..12f8a1705 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
@@ -273,7 +273,7 @@ public class RangerPolicyEngineImpl implements 
RangerPolicyEngine {
 
requestProcessor.preProcess(request);
 
-   String zoneName = 
policyEngine.getUniquelyMatchedZoneName(request.getResource().getAsMap());
+   String zoneName = 
RangerAccessRequestUtil.getResourceZoneNameFromContext(request.getContext());
 
if (LOG.isDebugEnabled()) {
LOG.debug("zoneName:[" + zoneName + "]");
@@ -556,7 +556,7 @@ public class RangerPolicyEngineImpl implements 
RangerPolicyEngine {
requestProcessor.preProcess(request);
 
RangerResourceAccessInfo ret   = new 
RangerResourceAccessInfo(request);
-   Set  zoneNames = 
policyEngine.getMatchedZonesForResourceAndChildren(request.getResource());
+   Set  zoneNames = 
RangerAccessRequestUtil.getResourceZoneNamesFromContext(request.getContext());
 
if (LOG.isDebugEnabled()) {
LOG.debug("zoneNames:[" + zoneNames + "]");
@@ -633,7 +633,7 @@ public class RangerPolicyEngineImpl implements 
RangerPolicyEngine {
RangerAccessResult ret = null;
RangerPolicyRepository policyRepository= 
policyEngine.getPolicyRepository();
RangerPolicyRepository tagPolicyRepository = 
policyEngine.getTagPolicyRepository();
-   SetzoneNames= 
policyEngine.getMatchedZonesForResourceAndChildren(request.getResource()); // 
Evaluate zone-name from request
+   SetzoneNames= 
RangerAccessRequestUtil.getResourceZoneNamesFromContext(request.getContext());
 
if (LOG.isDebugEnabled()) {
LOG.debug("zoneNames:[" + zoneNames + "]");
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
index 0df8686e3..884f69137 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerRequestScriptEvaluator.java
+++