[ranger] branch master updated: Revert "RANGER-3589 : Ranger java patches failing due to admin privilege checks"

Wed, 19 Jan 2022 02:59:07 -0800 

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 2925289  Revert "RANGER-3589 : Ranger java patches failing due to 
admin privilege checks"
2925289 is described below

commit 292528968560429624667fb5ec254eed40e52a52
Author: pradeep <prad...@apache.org>
AuthorDate: Wed Jan 19 16:28:39 2022 +0530

    Revert "RANGER-3589 : Ranger java patches failing due to admin privilege 
checks"
    
    This reverts commit 65798673112e037d2f884f78eaeb05588dbf0659.
---
 .../src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java     | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 00c0809..6c99df4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -168,6 +168,8 @@ public class PolicyRefUpdater {
                }
                daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
 
+               final boolean isAdmin = rangerBizUtil.checkAdminAccess();
+
                List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
                for (String role : roleNames) {
                        if (StringUtils.isBlank(role)) {
@@ -175,7 +177,7 @@ public class PolicyRefUpdater {
                        }
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.ROLE, role, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (rangerBizUtil.checkAdminAccess()) {
+                               if (isAdmin) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();
@@ -195,7 +197,7 @@ public class PolicyRefUpdater {
 
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.GROUP, group, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (rangerBizUtil.checkAdminAccess()) {
+                               if (isAdmin) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();
@@ -212,7 +214,7 @@ public class PolicyRefUpdater {
                        }
                        PolicyPrincipalAssociator associator = new 
PolicyPrincipalAssociator(PRINCIPAL_TYPE.USER, user, xPolicy);
                        if (!associator.doAssociate(false)) {
-                               if (rangerBizUtil.checkAdminAccess()) {
+                               if (isAdmin) {
                                        
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
                                } else {
                                        VXResponse gjResponse = new 
VXResponse();

Reply via email to