This is an automated email from the ASF dual-hosted git repository.
pengjianhua pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new ec57902 RANGER-2381 Failed to refresh policies when servicename
contains space
ec57902 is described below
commit ec57902585882981b9728fc0d452912b1dd8f529
Author: zhangqiang2 <zhangqia...@zte.com.cn>
AuthorDate: Wed Mar 27 09:51:07 2019 +0800
RANGER-2381 Failed to refresh policies when servicename contains space
Signed-off-by: peng.jianhua <peng.jian...@zte.com.cn>
---
.../ranger/admin/client/RangerAdminRESTClient.java | 28 +++++++++++++++-------
.../apache/ranger/plugin/util/URLEncoderUtil.java | 4 ++--
.../process/LdapPolicyMgrUserGroupBuilder.java | 6 ++---
.../process/PolicyMgrUserGroupBuilder.java | 4 ++--
4 files changed, 26 insertions(+), 16 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java
b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java
index b6a9380..81bbdbd 100644
---
a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java
+++
b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java
@@ -38,8 +38,10 @@ import org.apache.ranger.plugin.util.RangerRESTUtils;
import org.apache.ranger.plugin.util.RangerServiceNotFoundException;
import org.apache.ranger.plugin.util.ServicePolicies;
import org.apache.ranger.plugin.util.ServiceTags;
+import org.apache.ranger.plugin.util.URLEncoderUtil;
import javax.servlet.http.HttpServletResponse;
+import java.io.UnsupportedEncodingException;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
import java.security.PrivilegedAction;
@@ -49,6 +51,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
private static final Log LOG =
LogFactory.getLog(RangerAdminRESTClient.class);
private String serviceName;
+ private String serviceNameUrlParam;
private String pluginId;
private String clusterName;
private RangerRESTClient restClient;
@@ -97,6 +100,13 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
}
init(url, sslConfigFileName, restClientConnTimeOutMs ,
restClientReadTimeOutMs);
+
+ try {
+ this.serviceNameUrlParam =
URLEncoderUtil.encodeURIParam(serviceName);
+ } catch (UnsupportedEncodingException e) {
+ LOG.warn("Unsupported encoding, serviceName=" + serviceName);
+ this.serviceNameUrlParam = serviceName;
+ }
}
@Override
@@ -117,7 +127,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
}
PrivilegedAction<ClientResponse> action = new
PrivilegedAction<ClientResponse>() {
public ClientResponse run() {
- WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_POLICY_GET_FOR_SECURE_SERVICE_IF_UPDATED
+ serviceName)
+ WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_POLICY_GET_FOR_SECURE_SERVICE_IF_UPDATED
+ serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_LAST_KNOWN_POLICY_VERSION,
Long.toString(lastKnownVersion))
.queryParam(RangerRESTUtils.REST_PARAM_LAST_ACTIVATION_TIME,
Long.toString(lastActivationTimeInMillis))
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId)
@@ -131,7 +141,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
if (LOG.isDebugEnabled()) {
LOG.debug("Checking Service policy if updated
with old api call");
}
- WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_POLICY_GET_FOR_SERVICE_IF_UPDATED +
serviceName)
+ WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_POLICY_GET_FOR_SERVICE_IF_UPDATED +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_LAST_KNOWN_POLICY_VERSION,
Long.toString(lastKnownVersion))
.queryParam(RangerRESTUtils.REST_PARAM_LAST_ACTIVATION_TIME,
Long.toString(lastActivationTimeInMillis))
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId)
@@ -189,7 +199,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
if (isSecureMode) {
PrivilegedAction<ClientResponse> action = new
PrivilegedAction<ClientResponse>() {
public ClientResponse run() {
- WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_SECURE_SERVICE_GRANT_ACCESS +
serviceName)
+ WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_SECURE_SERVICE_GRANT_ACCESS +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
return
secureWebResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).post(ClientResponse.class,
restClient.toJson(request));
}
@@ -199,7 +209,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
}
response = user.doAs(action);
} else {
- WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_SERVICE_GRANT_ACCESS + serviceName)
+ WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_SERVICE_GRANT_ACCESS +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
response =
webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).post(ClientResponse.class,
restClient.toJson(request));
}
@@ -234,7 +244,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
if (isSecureMode) {
PrivilegedAction<ClientResponse> action = new
PrivilegedAction<ClientResponse>() {
public ClientResponse run() {
- WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_SECURE_SERVICE_REVOKE_ACCESS +
serviceName)
+ WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_SECURE_SERVICE_REVOKE_ACCESS +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
return
secureWebResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).post(ClientResponse.class,
restClient.toJson(request));
}
@@ -244,7 +254,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
}
response = user.doAs(action);
} else {
- WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_SERVICE_REVOKE_ACCESS + serviceName)
+ WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_SERVICE_REVOKE_ACCESS +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
response =
webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).post(ClientResponse.class,
restClient.toJson(request));
}
@@ -302,7 +312,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
if (isSecureMode) {
PrivilegedAction<ClientResponse> action = new
PrivilegedAction<ClientResponse>() {
public ClientResponse run() {
- WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_GET_SECURE_SERVICE_TAGS_IF_UPDATED +
serviceName)
+ WebResource secureWebResource =
createWebResource(RangerRESTUtils.REST_URL_GET_SECURE_SERVICE_TAGS_IF_UPDATED +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.LAST_KNOWN_TAG_VERSION_PARAM,
Long.toString(lastKnownVersion))
.queryParam(RangerRESTUtils.REST_PARAM_LAST_ACTIVATION_TIME,
Long.toString(lastActivationTimeInMillis))
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
@@ -314,7 +324,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
}
response = user.doAs(action);
} else {
- webResource =
createWebResource(RangerRESTUtils.REST_URL_GET_SERVICE_TAGS_IF_UPDATED +
serviceName)
+ webResource =
createWebResource(RangerRESTUtils.REST_URL_GET_SERVICE_TAGS_IF_UPDATED +
serviceNameUrlParam)
.queryParam(RangerRESTUtils.LAST_KNOWN_TAG_VERSION_PARAM,
Long.toString(lastKnownVersion))
.queryParam(RangerRESTUtils.REST_PARAM_LAST_ACTIVATION_TIME,
Long.toString(lastActivationTimeInMillis))
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, pluginId);
@@ -371,7 +381,7 @@ public class RangerAdminRESTClient implements
RangerAdminClient {
boolean isSecureMode = user != null &&
UserGroupInformation.isSecurityEnabled();
final WebResource webResource =
createWebResource(RangerRESTUtils.REST_URL_LOOKUP_TAG_NAMES)
- .queryParam(RangerRESTUtils.SERVICE_NAME_PARAM,
serviceName)
+ .queryParam(RangerRESTUtils.SERVICE_NAME_PARAM,
serviceNameUrlParam)
.queryParam(RangerRESTUtils.PATTERN_PARAM,
pattern);
ClientResponse response = null;
diff --git
a/ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java
b/agents-common/src/main/java/org/apache/ranger/plugin/util/URLEncoderUtil.java
similarity index 94%
rename from
ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java
rename to
agents-common/src/main/java/org/apache/ranger/plugin/util/URLEncoderUtil.java
index 22a7531..af76889 100644
--- a/ugsync/src/main/java/org/apache/ranger/usersync/util/UserSyncUtil.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/util/URLEncoderUtil.java
@@ -17,12 +17,12 @@
* under the License.
*/
-package org.apache.ranger.usersync.util;
+package org.apache.ranger.plugin.util;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
-public class UserSyncUtil {
+public class URLEncoderUtil {
public static String encodeURIParam(String s) throws
UnsupportedEncodingException {
diff --git
a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
index f653b81..1fb36a0 100644
---
a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
+++
b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
@@ -49,10 +49,10 @@ import javax.ws.rs.core.MediaType;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
+import org.apache.ranger.plugin.util.URLEncoderUtil;
import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
import org.apache.ranger.unixusersync.model.*;
import org.apache.ranger.usergroupsync.UserGroupSink;
-import org.apache.ranger.usersync.util.UserSyncUtil;
import com.google.common.collect.Table;
import com.google.gson.Gson;
@@ -564,7 +564,7 @@ private static final Logger LOG =
Logger.getLogger(LdapPolicyMgrUserGroupBuilder
Client c = getClient();
String uri =
PM_DEL_USER_GROUP_LINK_URI.replaceAll(Pattern.quote("${groupName}"),
-
UserSyncUtil.encodeURIParam(groupName)).replaceAll(Pattern.quote("${userName}"),
UserSyncUtil.encodeURIParam(userName));
+
URLEncoderUtil.encodeURIParam(groupName)).replaceAll(Pattern.quote("${userName}"),
URLEncoderUtil.encodeURIParam(userName));
WebResource r = c.resource(getURL(uri));
@@ -748,7 +748,7 @@ private static final Logger LOG =
Logger.getLogger(LdapPolicyMgrUserGroupBuilder
Client c = getClient();
String uri =
PM_GET_GROUP_USER_MAP_LIST_URI.replaceAll(Pattern.quote("${groupName}"),
-
UserSyncUtil.encodeURIParam(groupName));
+
URLEncoderUtil.encodeURIParam(groupName));
WebResource r = c.resource(getURL(uri));
diff --git
a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
index cb9b51c..e9c161a 100644
---
a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
+++
b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
@@ -53,6 +53,7 @@ import javax.ws.rs.core.NewCookie;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
+import org.apache.ranger.plugin.util.URLEncoderUtil;
import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
import org.apache.ranger.unixusersync.model.GetXGroupListResponse;
import org.apache.ranger.unixusersync.model.GetXUserGroupListResponse;
@@ -64,7 +65,6 @@ import org.apache.ranger.unixusersync.model.XGroupInfo;
import org.apache.ranger.unixusersync.model.XUserGroupInfo;
import org.apache.ranger.unixusersync.model.XUserInfo;
import org.apache.ranger.usergroupsync.UserGroupSink;
-import org.apache.ranger.usersync.util.UserSyncUtil;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
@@ -1086,7 +1086,7 @@ public class PolicyMgrUserGroupBuilder implements
UserGroupSink {
try {
ClientResponse response = null;
String uri =
PM_DEL_USER_GROUP_LINK_URI.replaceAll(Pattern.quote("${groupName}"),
-
UserSyncUtil.encodeURIParam(groupName)).replaceAll(Pattern.quote("${userName}"),
UserSyncUtil.encodeURIParam(userName));
+
URLEncoderUtil.encodeURIParam(groupName)).replaceAll(Pattern.quote("${userName}"),
URLEncoderUtil.encodeURIParam(userName));
if (isRangerCookieEnabled) {
if (sessionId != null && isValidRangerCookie) {
WebResource webResource =
createWebResourceForCookieAuth(uri);
