ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject incubator-ranger git commit: RANGER-911 - Updating patch
Date Tue, 19 Apr 2016 10:01:57 GMT
Repository: incubator-ranger
Updated Branches:
  refs/heads/master 259fad12b -> 953326ebc


RANGER-911 - Updating patch


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/953326eb
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/953326eb
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/953326eb

Branch: refs/heads/master
Commit: 953326ebc5db810488532e2a617cab149352d3d9
Parents: 259fad1
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Apr 15 11:35:29 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Apr 19 11:01:26 2016 +0100

----------------------------------------------------------------------
 .../ranger/audit/provider/DbAuditProvider.java  |  4 ++--
 .../ranger/plugin/model/RangerServiceDef.java   |  2 +-
 dev-support/ranger-pmd-ruleset.xml              |  1 -
 .../hadoop/RangerHdfsAuthorizer.java            | 12 ++++++------
 .../agent/HadoopAuthClassTransformer.java       |  4 ++--
 .../hive/authorizer/RangerHiveAuthorizer.java   | 12 ++++--------
 .../solr/authorizer/RangerSolrAuthorizer.java   |  6 ++----
 .../java/org/apache/ranger/biz/KmsKeyMgr.java   | 14 +++++++-------
 .../org/apache/ranger/biz/RangerBizUtil.java    | 10 ++++------
 .../java/org/apache/ranger/biz/XUserMgr.java    | 10 ----------
 .../apache/ranger/common/RangerSearchUtil.java  |  4 ++--
 .../org/apache/ranger/common/db/BaseDao.java    | 20 ++------------------
 .../org/apache/ranger/rest/ServiceREST.java     |  4 ++--
 13 files changed, 34 insertions(+), 69 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
index 8319d36..34de6f7 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
@@ -104,7 +104,7 @@ public class DbAuditProvider extends AuditDestination {
 		boolean isSuccess = false;
 
 		try {
-			if(preCreate(event)) {
+			if(preCreate()) {
 				DaoManager daoMgr = daoManager;
 
 				if(daoMgr != null) {
@@ -313,7 +313,7 @@ public class DbAuditProvider extends AuditDestination {
 		return ret;
 	}
 	
-	private boolean preCreate(AuditEventBase event) {
+	private boolean preCreate() {
 		boolean ret = true;
 
 		if(!isDbConnected()) {

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
index 0f0e5ee..f6931b3 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -2004,7 +2004,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements
java.io.S
 			this(itemId, name, evaluator, evaluatorOptions, null, null, null, null, null, null, null,
null);
 		}
 
-		public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String,
String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint,
String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage)
{
+		public RangerPolicyConditionDef(Long itemId, String name, String evaluator, Map<String,
String> evaluatorOptions, String validationRegEx, String vaidationMessage, String uiHint,
String label, String description, String rbKeyLabel, String rbKeyDescription, String rbKeyValidationMessage)
{ //NOPMD
 			setItemId(itemId);
 			setName(name);
 			setEvaluator(evaluator);

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/dev-support/ranger-pmd-ruleset.xml
----------------------------------------------------------------------
diff --git a/dev-support/ranger-pmd-ruleset.xml b/dev-support/ranger-pmd-ruleset.xml
index f82d831..96f566a 100644
--- a/dev-support/ranger-pmd-ruleset.xml
+++ b/dev-support/ranger-pmd-ruleset.xml
@@ -35,7 +35,6 @@
 	<exclude name="OverrideBothEqualsAndHashcode" />
   </rule>
   <rule ref="rulesets/java/unusedcode.xml">
-	<exclude name="UnusedFormalParameter" />
 	<exclude name="UnusedLocalVariable" />
 	<exclude name="UnusedPrivateField" />
 	<exclude name="UnusedPrivateMethod" />

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
index b463da3..93dca87 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
@@ -234,7 +234,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
 						}
 
 						if(nodeToCheck != null) {
-							authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups,
fsOwner, superGroup, plugin, auditHandler);
+							authzStatus = isAccessAllowed(nodeToCheck, nodeAttribs, FsAction.EXECUTE, user, groups,
plugin, auditHandler);
 						}
 					}
 
@@ -250,21 +250,21 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
 					if(authzStatus == AuthzStatus.ALLOW && ancestorAccess != null && ancestor
!= null) {
 						INodeAttributes ancestorAttribs = inodeAttrs.length > ancestorIndex ? inodeAttrs[ancestorIndex]
: null;
 
-						authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups,
fsOwner, superGroup, plugin, auditHandler);
+						authzStatus = isAccessAllowed(ancestor, ancestorAttribs, ancestorAccess, user, groups,
plugin, auditHandler);
 					}
 
 					// checkParentAccess
 					if(authzStatus == AuthzStatus.ALLOW && parentAccess != null && parent
!= null) {
 						INodeAttributes parentAttribs = inodeAttrs.length > 1 ? inodeAttrs[inodeAttrs.length
- 2] : null;
 
-						authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, fsOwner,
superGroup, plugin, auditHandler);
+						authzStatus = isAccessAllowed(parent, parentAttribs, parentAccess, user, groups, plugin,
auditHandler);
 					}
 
 					// checkINodeAccess
 					if(authzStatus == AuthzStatus.ALLOW && access != null && inode != null)
{
 						INodeAttributes inodeAttribs = inodeAttrs.length > 0 ? inodeAttrs[inodeAttrs.length
- 1] : null;
 
-						authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, fsOwner, superGroup,
plugin, auditHandler);
+						authzStatus = isAccessAllowed(inode, inodeAttribs, access, user, groups, plugin, auditHandler);
 					}
 
 					// checkSubAccess
@@ -278,7 +278,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
 							if (!(cList.isEmpty() && ignoreEmptyDir)) {
 								INodeAttributes dirAttribs = dir.getSnapshotINode(snapshotId);
 
-								authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, fsOwner,
superGroup, plugin, auditHandler);
+								authzStatus = isAccessAllowed(dir, dirAttribs, subAccess, user, groups, plugin, auditHandler);
 
 								if(authzStatus != AuthzStatus.ALLOW) {
 									break;
@@ -369,7 +369,7 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
 			}
 		}
 
-		private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction
access, String user, Set<String> groups, String fsOwner, String superGroup, RangerHdfsPlugin
plugin, RangerHdfsAuditHandler auditHandler) {
+		private AuthzStatus isAccessAllowed(INode inode, INodeAttributes inodeAttribs, FsAction
access, String user, Set<String> groups, RangerHdfsPlugin plugin, RangerHdfsAuditHandler
auditHandler) {
 			AuthzStatus ret       = null;
 			String      path      = inode != null ? inode.getFullPathName() : null;
 			String      pathOwner = inodeAttribs != null ? inodeAttribs.getUserName() : null;

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
index ace400b..68867df 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/agent/HadoopAuthClassTransformer.java
@@ -40,7 +40,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer
{
             byte[] result = transformedClassByteCode;
             if (result == null) {
 
-				byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassLoader, aClassName, aClassBeingRedefined,
aProtectionDomain, aClassFileBuffer);
+				byte[] injectedClassCode = injectFSPermissionCheckerHooks(aClassName);
 
 				if(injectedClassCode != null) {
                     synchronized (HadoopAuthClassTransformer.class) {
@@ -60,7 +60,7 @@ public class HadoopAuthClassTransformer implements ClassFileTransformer
{
 		return ret;
 	}
 
-	private static byte[] injectFSPermissionCheckerHooks(ClassLoader aClassLoader, String aClassName,
Class<?> aClassBeingRedefined, ProtectionDomain aProtectionDomain, byte[] aClassFileBuffer)
throws IllegalClassFormatException {
+	private static byte[] injectFSPermissionCheckerHooks(String aClassName) throws IllegalClassFormatException
{
 		byte[] ret = null;
 
 		System.out.println("Injection code is Invoked in JVM [" + Runtime.getRuntime() + "] for
class [" + aClassName + "] ....");

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index dbd1201..3c922c9 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -232,7 +232,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 			}
 
 			if(hiveOpType == HiveOperationType.DFS) {
-				handleDfsCommand(hiveOpType, inputHObjs, outputHObjs, context, sessionContext, user,
groups, auditHandler);
+				handleDfsCommand(hiveOpType, inputHObjs, user, auditHandler);
 
 				return;
 			}
@@ -251,7 +251,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 						String   path       = hiveObj.getObjectName();
 						FsAction permission = FsAction.READ;
 
-						if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf())) {
+						if(!isURIAccessAllowed(user, permission, path, getHiveConf())) {
 							throw new HiveAccessControlException(String.format("Permission denied: user [%s] does
not have [%s] privilege on [%s]", user, permission.name(), path));
 						}
 
@@ -295,7 +295,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 						String   path       = hiveObj.getObjectName();
 						FsAction permission = FsAction.WRITE;
 
-		                if(!isURIAccessAllowed(user, groups, permission, path, getHiveConf()))
{
+		                if(!isURIAccessAllowed(user, permission, path, getHiveConf())) {
 		    				throw new HiveAccessControlException(String.format("Permission denied: user [%s]
does not have [%s] privilege on [%s]", user, permission.name(), path));
 		                }
 
@@ -936,7 +936,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 		return accessType;
 	}
 
-    private boolean isURIAccessAllowed(String userName, Set<String> groups, FsAction
action, String uri, HiveConf conf) {
+    private boolean isURIAccessAllowed(String userName, FsAction action, String uri, HiveConf
conf) {
         boolean ret = false;
 
         if(action == FsAction.NONE) {
@@ -964,11 +964,7 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
 
 	private void handleDfsCommand(HiveOperationType         hiveOpType,
 								  List<HivePrivilegeObject> inputHObjs,
-							      List<HivePrivilegeObject> outputHObjs,
-							      QueryContext              context,
-							      HiveAuthzSessionContext   sessionContext,
 								  String                    user,
-								  Set<String>               groups,
 								  RangerHiveAuditHandler    auditHandler)
 	      throws HiveAuthzPluginException, HiveAccessControlException {
 

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
index 151f23e..b49cdc0 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
@@ -186,7 +186,7 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin {
 
 				List<RangerAccessRequestImpl> requestsForCollection = createRequests(
 						userName, userGroups, ip, eventTime, context,
-						collectionRequest, requestData);
+						collectionRequest);
 				rangerRequests.addAll(requestsForCollection);
 			}
 			if (logger.isDebugEnabled()) {
@@ -290,13 +290,11 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin {
 	 * @param eventTime
 	 * @param context
 	 * @param collectionRequest
-	 * @param requestData
 	 * @return
 	 */
 	private List<RangerAccessRequestImpl> createRequests(String userName,
 			Set<String> userGroups, String ip, Date eventTime,
-			AuthorizationContext context, CollectionRequest collectionRequest,
-			String requestData) {
+			AuthorizationContext context, CollectionRequest collectionRequest) {
 
 		List<RangerAccessRequestImpl> requests = new ArrayList<RangerAccessRequestImpl>();
 		String accessType = mapToRangerAccessType(context);

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
index 551ec2e..3647bb1 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
@@ -137,7 +137,7 @@ public class KmsKeyMgr {
 				if(!isKerberos){
 					response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
 				}else{
-					Subject sub = getSubjectForKerberos(repoName, currentUserLoginId);
+					Subject sub = getSubjectForKerberos(repoName);
 					response = Subject.doAs(sub, new PrivilegedAction<String>() {
 						@Override
 						public String run() {
@@ -232,7 +232,7 @@ public class KmsKeyMgr {
 				if(!isKerberos){
 				 response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class,
jsonString);}
 				else{
-					Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+					Subject sub = getSubjectForKerberos(provider);
 		            response = Subject.doAs(sub, new PrivilegedAction<String>() {
 						@Override
 						public String run() {
@@ -282,7 +282,7 @@ public class KmsKeyMgr {
 				if(!isKerberos){
 					response = r.delete(String.class) ;
 				}else{
-					Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+					Subject sub = getSubjectForKerberos(provider);
 					response = Subject.doAs(sub, new PrivilegedAction<String>() {
 						@Override
 						public String run() {
@@ -333,7 +333,7 @@ public class KmsKeyMgr {
 				if(!isKerberos){
 					response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class,
jsonString);
 				}else{
-						Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+						Subject sub = getSubjectForKerberos(provider);
 						response = Subject.doAs(sub, new PrivilegedAction<String>() {
 							@Override
 							public String run() {
@@ -383,7 +383,7 @@ public class KmsKeyMgr {
 				if(!isKerberos){
 					response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
 				}else{
-					Subject sub = getSubjectForKerberos(provider, currentUserLoginId);
+					Subject sub = getSubjectForKerberos(provider);
 					response = Subject.doAs(sub, new PrivilegedAction<String>() {
 						@Override
 						public String run() {
@@ -420,7 +420,7 @@ public class KmsKeyMgr {
 		if(!isKerberos){
 			response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
 		}else{
-			Subject sub = getSubjectForKerberos(repoName, currentUserLoginId);
+			Subject sub = getSubjectForKerberos(repoName);
 			response = Subject.doAs(sub, new PrivilegedAction<String>() {
 				@Override
 				public String run() {
@@ -523,7 +523,7 @@ public class KmsKeyMgr {
 		return providers;
 	}
 	
-	private Subject getSubjectForKerberos(String provider, String currentUserLoginId) throws
Exception{
+	private Subject getSubjectForKerberos(String provider) throws Exception{
 		String userName = getKMSUserName(provider); 
 	    String password = getKMSPassword(provider);
 	    if (KerberosName.getRules() == null) {

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 5905fc9..2980e51 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -494,7 +494,7 @@ public class RangerBizUtil {
 			String[] requestResNameList = resourceNames.split(",");
 			for (String resourceName : requestResNameList) {
 				boolean matchFound = matchKnoxPolicy(resourceName,
-						xResourceList, vXResponse, xUserId, permission);
+						xResourceList, xUserId, permission);
 				if (!matchFound) {
 					vXResponse.setMsgDesc("You're not permitted to perform "
 							+ "the action for resource path : " + resourceName);
@@ -508,7 +508,7 @@ public class RangerBizUtil {
 			String[] requestResNameList = resourceNames.split(",");
 			for (String resourceName : requestResNameList) {
 				boolean matchFound = matchStormPolicy(resourceName,
-						xResourceList, vXResponse, xUserId, permission);
+						xResourceList, xUserId, permission);
 				if (!matchFound) {
 					vXResponse.setMsgDesc("You're not permitted to perform "
 							+ "the action for resource path : " + resourceName);
@@ -849,13 +849,12 @@ public class RangerBizUtil {
 	 * 
 	 * @param resourceName
 	 * @param xResourceList
-	 * @param vXResponse
 	 * @param xUserId
 	 * @param permission
 	 * @return
 	 */
 	private boolean matchKnoxPolicy(String resourceName,
-			List<XXResource> xResourceList, VXResponse vXResponse,
+			List<XXResource> xResourceList, 
 			Long xUserId, int permission) {
 
 		String[] splittedResources = stringUtil.split(resourceName,
@@ -937,13 +936,12 @@ public class RangerBizUtil {
 	 * 
 	 * @param resourceName
 	 * @param xResourceList
-	 * @param vXResponse
 	 * @param xUserId
 	 * @param permission
 	 * @return
 	 */
 	private boolean matchStormPolicy(String resourceName,
-			List<XXResource> xResourceList, VXResponse vXResponse,
+			List<XXResource> xResourceList,
 			Long xUserId, int permission) {
 
 		String[] splittedResources = stringUtil.split(resourceName,

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 5226f49..96ddf3f 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -1076,11 +1076,6 @@ public class XUserMgr extends XUserMgrBase {
 	}
 
 	public VXPermMapList searchXPermMaps(SearchCriteria searchCriteria) {
-		VXPermMapList vXPermMapList = super.searchXPermMaps(searchCriteria);
-		return applyDelegatedAdminAccess(vXPermMapList, searchCriteria);
-	}
-
-	private VXPermMapList applyDelegatedAdminAccess(VXPermMapList vXPermMapList, SearchCriteria
searchCriteria) {
 
 		VXPermMapList returnList;
 		UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
@@ -1126,11 +1121,6 @@ public class XUserMgr extends XUserMgrBase {
 	}
 
 	public VXAuditMapList searchXAuditMaps(SearchCriteria searchCriteria) {
-		VXAuditMapList vXAuditMapList = xAuditMapService.searchXAuditMaps(searchCriteria);
-		return applyDelegatedAdminAccess(vXAuditMapList, searchCriteria);
-	}
-
-	private VXAuditMapList applyDelegatedAdminAccess(VXAuditMapList vXAuditMapList, SearchCriteria
searchCriteria) {
 
 		VXAuditMapList returnList;
 		UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index cf66fc1..74431df 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -218,11 +218,11 @@ public class RangerSearchUtil extends SearchUtil {
 	}
 	
 	private StringBuilder buildWhereClause(SearchFilter searchCriteria, List<SearchField>
searchFields) {
-		return buildWhereClause(searchCriteria, searchFields, false, false);
+		return buildWhereClause(searchCriteria, searchFields, false);
 	}
 
 	private StringBuilder buildWhereClause(SearchFilter searchCriteria,
-			List<SearchField> searchFields, boolean isNativeQuery,
+			List<SearchField> searchFields,
 			boolean excludeWhereKeyword) {
 
 		StringBuilder whereClause = new StringBuilder(excludeWhereKeyword ? "" : "WHERE 1 = 1 ");

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
index c25b989..13607d3 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
@@ -165,24 +165,8 @@ public abstract class BaseDao<T> {
 		return rtrnList;
 	}
 
-	/**
-	 * @param clazz
-	 * @param query
-	 * @param b
-	 * @return
-	 */
-	private Long executeCountQueryInSecurityContext(Class<T> clazz,
-			Query query, boolean userPrefFilter) {
-		// boolean filterEnabled = false;
-		Long rtrnObj = null;
-		// filterEnabled = enableVisiblityFilters(clazz, userPrefFilter);
-		rtrnObj = (Long) query.getSingleResult();
-
-		return rtrnObj;
-	}
-
-	public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) {
-		return executeCountQueryInSecurityContext(clazz, query, true);
+	public Long executeCountQueryInSecurityContext(Class<T> clazz, Query query) { //NOPMD
+		return (Long) query.getSingleResult();
 	}
 	
 	public List<T> getAll() {

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/953326eb/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index ad25817..c999f86 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1557,7 +1557,7 @@ public class ServiceREST {
 				httpCode = HttpServletResponse.SC_BAD_REQUEST;
 				logMsg   = excp.getMessage();
 			} finally {
-				createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, ret, httpCode, request);
+				createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, httpCode, request);
 
 				RangerPerfTracer.log(perf);
 			}
@@ -1575,7 +1575,7 @@ public class ServiceREST {
 		return ret;
 	}
 
-	private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String
pluginId, ServicePolicies policies, int httpRespCode, HttpServletRequest request) {
+	private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String
pluginId, int httpRespCode, HttpServletRequest request) {
 		try {
 			String ipAddress = request.getHeader("X-FORWARDED-FOR");
 


Mime
View raw message