RANGER-1254 : HiveAuthorizer should deny access to URI operations if there are any exceptions - fix PMD error with previous commit
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/043daf31 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/043daf31 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/043daf31 Branch: refs/heads/ranger-0.6 Commit: 043daf31b3310d7a2f7bab1f81cfbeb99232bb35 Parents: 200dd5a Author: rmani <rm...@hortonworks.com> Authored: Tue Dec 13 15:18:59 2016 -0800 Committer: rmani <rm...@hortonworks.com> Committed: Wed Dec 14 09:07:41 2016 -0800 ---------------------------------------------------------------------- .../authorization/hive/authorizer/RangerHiveAuthorizer.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/043daf31/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java index 92e8c87..7dd4c90 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java @@ -1015,9 +1015,10 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase { if (FileUtils.isOwnerOfFileHierarchy(fs, file, userName) || FileUtils.isActionPermittedForFileHierarchy(fs, file, userName, action)) { continue; + } else { + isDenied = true; + break; } - isDenied = true; - break; } ret = !isDenied; } else { // if given path does not exist then check for parent
