This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 3a4bb32 RANGER-2708 Ranger public group check uses wrong comparison
for equality
3a4bb32 is described below
commit 3a4bb32abe0a24628f1c16f1eedf792b37906372
Author: Lars Francke <lars.fran...@gmail.com>
AuthorDate: Tue Jan 21 13:11:53 2020 +0100
RANGER-2708 Ranger public group check uses wrong comparison for equality
Signed-off-by: Pradeep <prad...@apache.org>
---
.../src/main/java/org/apache/ranger/biz/RangerBizUtil.java | 13 +++++--------
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 21308b1..ebc72cf 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -29,8 +29,8 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
-
import javax.servlet.http.HttpServletResponse;
+
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.io.IOCase;
@@ -905,10 +905,8 @@ public class RangerBizUtil {
private boolean checkUsrPermForPolicy(Long xUserId, int permission,
Long resourceId) {
// this snippet load user groups and permission map list from DB
- List<XXGroup> userGroups = new ArrayList<XXGroup>();
- List<XXPermMap> permMapList = new ArrayList<XXPermMap>();
- userGroups = daoManager.getXXGroup().findByUserId(xUserId);
- permMapList =
daoManager.getXXPermMap().findByResourceId(resourceId);
+ List<XXGroup> userGroups =
daoManager.getXXGroup().findByUserId(xUserId);
+ List<XXPermMap> permMapList =
daoManager.getXXPermMap().findByResourceId(resourceId);
Long publicGroupId = getPublicGroupId();
boolean matchFound = false;
for (XXPermMap permMap : permMapList) {
@@ -916,9 +914,8 @@ public class RangerBizUtil {
if (permMap.getPermFor() ==
AppConstants.XA_PERM_FOR_GROUP) {
// check whether permission is enabled
for public group or a
// group to which user belongs
- matchFound = (publicGroupId != null &&
publicGroupId == permMap
- .getGroupId())
- ||
isGroupInList(permMap.getGroupId(), userGroups);
+ matchFound = (publicGroupId != null &&
publicGroupId.equals(permMap.getGroupId())) ||
+
isGroupInList(permMap.getGroupId(), userGroups);
} else if (permMap.getPermFor() ==
AppConstants.XA_PERM_FOR_USER) {
// check whether permission is enabled
to user
matchFound =
permMap.getUserId().equals(xUserId);
