ranger git commit: RANGER-1725: It is incorrect to judge whether you need to create a RangerServiceDef object for a given service

2017-08-10 Thread zhangqiang 
Repository: ranger
Updated Branches:
  refs/heads/master 4ce27cffb -> 0736d98e2


RANGER-1725: It is incorrect to judge whether you need to create a 
RangerServiceDef object for a given service

Signed-off-by: peng.jianhua 


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/0736d98e
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/0736d98e
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/0736d98e

Branch: refs/heads/master
Commit: 0736d98e23441a112567b470254cc47bbdf2cb69
Parents: 4ce27cf
Author: peng.jianhua 
Authored: Wed Aug 9 13:27:29 2017 +0800
Committer: peng.jianhua 
Committed: Thu Aug 10 03:03:07 2017 -0400

--
 .../plugin/store/EmbeddedServiceDefsUtil.java   | 31 +---
 1 file changed, 14 insertions(+), 17 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/ranger/blob/0736d98e/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
--
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
index 0bc09f6..a09daae 100755
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
@@ -49,7 +49,6 @@ public class EmbeddedServiceDefsUtil {
// following servicedef list should be reviewed/updated whenever a new 
embedded service-def is added
private static final String DEFAULT_BOOTSTRAP_SERVICEDEF_LIST = 
"tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas,nifi";
private static final String PROPERTY_SUPPORTED_SERVICE_DEFS = 
"ranger.supportedcomponents";
-   private Set supportedServiceDefs;
public static final String EMBEDDED_SERVICEDEF_TAG_NAME  = "tag";
public static final String EMBEDDED_SERVICEDEF_HDFS_NAME  = "hdfs";
public static final String EMBEDDED_SERVICEDEF_HBASE_NAME = "hbase";
@@ -81,6 +80,7 @@ public class EmbeddedServiceDefsUtil {
private static EmbeddedServiceDefsUtil instance = new 
EmbeddedServiceDefsUtil();
 
private boolean  createEmbeddedServiceDefs = true;
+   private Set supportedServiceDefs;
private RangerServiceDef hdfsServiceDef;
private RangerServiceDef hBaseServiceDef;
private RangerServiceDef hiveServiceDef;
@@ -209,7 +209,7 @@ public class EmbeddedServiceDefsUtil {
}
 
RangerServiceDef ret = null;
-   boolean createServiceDef = 
(CollectionUtils.isEmpty(supportedServiceDefs) || 
supportedServiceDefs.contains(serviceDefName));
+   boolean createServiceDef = 
(!CollectionUtils.isEmpty(supportedServiceDefs) && 
supportedServiceDefs.contains(serviceDefName));
try {
ret = store.getServiceDefByName(serviceDefName);
if(ret == null && createEmbeddedServiceDefs && 
createServiceDef) {
@@ -261,23 +261,20 @@ public class EmbeddedServiceDefsUtil {
return ret;
}
 
-   private Set getSupportedServiceDef(){
-   Set supportedServiceDef =new HashSet<>();
-   try{
-   String 
ranger_supportedcomponents=RangerConfiguration.getInstance().get(PROPERTY_SUPPORTED_SERVICE_DEFS,
 DEFAULT_BOOTSTRAP_SERVICEDEF_LIST);
-   if(StringUtils.isBlank(ranger_supportedcomponents) || 
"all".equalsIgnoreCase(ranger_supportedcomponents)){
-   
ranger_supportedcomponents=DEFAULT_BOOTSTRAP_SERVICEDEF_LIST;
-   }
-   String[] 
supportedComponents=ranger_supportedcomponents.split(",");
-   if(supportedComponents!=null && 
supportedComponents.length>0){
-   for(String element:supportedComponents){
-   if(!StringUtils.isBlank(element)){
-   element=element.toLowerCase();
-   
supportedServiceDef.add(element);
-   }
+   private Set getSupportedServiceDef() {
+   Set supportedServiceDef = new HashSet<>();
+   String ranger_supportedcomponents = 
RangerConfiguration.getInstance().get(PROPERTY_SUPPORTED_SERVICE_DEFS, 
DEFAULT_BOOTSTRAP_SERVICEDEF_LIST);
+   if (StringUtils.isBlank(ranger_supportedcomponents) || 
"all".equalsIgnoreCase(ranger_supportedcomponents)) {
+   ranger_supportedcomponents =

ranger git commit: RANGER-1669:We need to support the original functionality of hive:show grant user username

2017-08-10 Thread zhangqiang 
Repository: ranger
Updated Branches:
  refs/heads/master 0736d98e2 -> 0878d19e9


RANGER-1669:We need to support the original functionality of hive:show grant 
user username

Signed-off-by: peng.jianhua 


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/0878d19e
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/0878d19e
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/0878d19e

Branch: refs/heads/master
Commit: 0878d19e9fc39c13c136411ee4df6c6fa33c7b43
Parents: 0736d98
Author: peng.jianhua 
Authored: Thu Aug 10 20:22:48 2017 +0800
Committer: peng.jianhua 
Committed: Thu Aug 10 23:12:27 2017 -0400

--
 .../hive/authorizer/RangerHiveAuthorizer.java   | 81 +++-
 .../services/hive/HIVERangerAuthorizerTest.java |  9 +++
 2 files changed, 54 insertions(+), 36 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/ranger/blob/0878d19e/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
--
diff --git 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index 6872e50..1c7a9d0 100644
--- 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -1457,51 +1457,60 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
public List showPrivileges(HivePrincipal principal,
HivePrivilegeObject privObj) throws 
HiveAuthzPluginException {
try {
+
LOG.debug("RangerHiveAuthorizer.showPrivileges()");
IMetaStoreClient mClient = getMetastoreClientFactory()
.getHiveMetastoreClient();
List resPrivInfos = new 
ArrayList();
-   String principalName = principal == null ? null : 
principal
-   .getName();
-   PrincipalType principalType = principal == null ? null
-   : 
AuthorizationUtils.getThriftPrincipalType(principal
-   .getType());
+   String principalName = null;
+   PrincipalType principalType = null;
+   if (principal != null) {
+   principalName = principal.getName();
+   principalType = AuthorizationUtils
+   
.getThriftPrincipalType(principal.getType());
+   }
 
List msObjPrivs = 
mClient.list_privileges(
principalName, principalType,
this.getThriftHiveObjectRef(privObj));
-
-   for (HiveObjectPrivilege msObjPriv : msObjPrivs) {
-   HivePrincipal resPrincipal = new HivePrincipal(
-   msObjPriv.getPrincipalName(),
-   
AuthorizationUtils.getHivePrincipalType(msObjPriv
-   
.getPrincipalType()));
-
-   PrivilegeGrantInfo msGrantInfo = 
msObjPriv.getGrantInfo();
-   HivePrivilege resPrivilege = new HivePrivilege(
-   msGrantInfo.getPrivilege(), 
null);
-
-   HiveObjectRef msObjRef = 
msObjPriv.getHiveObject();
-   
org.apache.hadoop.hive.metastore.api.HiveObjectType objectType = msObjRef
-   .getObjectType();
-   if 
(!isSupportedObjectType(msObjRef.getObjectType())) {
-   continue;
+   if (msObjPrivs != null) {
+   for (HiveObjectPrivilege msObjPriv : 
msObjPrivs) {
+   HiveObjectRef msObjRef = 
msObjPriv.getHiveObject();
+   
org.apache.hadoop.hive.metastore.api.HiveObjectType objectType = msObjRef
+   .getObjectType();
+   if (!isSupportedObjectType(objectType)) 
{
+   continue;
+