ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject ranger git commit: Remove deprecated and unused code from the HBase plugin
Date Fri, 04 Aug 2017 11:12:13 GMT
Repository: ranger
Updated Branches:
  refs/heads/master 1befffcc1 -> 93c900c34


Remove deprecated and unused code from the HBase plugin

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/93c900c3
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/93c900c3
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/93c900c3

Branch: refs/heads/master
Commit: 93c900c346cdac33e268c2e76e2f37568cc1c7f3
Parents: 1befffc
Author: Zsombor Gegesy <gzsombor@gmail.com>
Authored: Sat Jul 22 23:36:06 2017 +0200
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Aug 4 12:04:02 2017 +0100

----------------------------------------------------------------------
 .../hbase/RangerAuthorizationCoprocessor.java   | 15 --------
 .../hbase/RangerAuthorizationFilter.java        |  9 ++---
 .../hbase/RangerAuthorizationFilterTest.java    | 38 +++++++++++++-------
 3 files changed, 30 insertions(+), 32 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/93c900c3/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
index fc1db46..da73c67 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
@@ -21,11 +21,8 @@ import java.io.IOException;
 import java.net.InetAddress;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Calendar;
 import java.util.Collection;
 import java.util.Collections;
-import java.util.Date;
-import java.util.GregorianCalendar;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -34,7 +31,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.NavigableSet;
 import java.util.Set;
-import java.util.TimeZone;
 
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.logging.Log;
@@ -122,8 +118,6 @@ public class RangerAuthorizationCoprocessor extends RangerAuthorizationCoprocess
 	private static final String WILDCARD = "*";
 	private static final String NAMESPACE_SEPARATOR = ":";
 	
-    private static final TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0");
-
     private RegionCoprocessorEnvironment regionEnv;
 	private Map<InternalScanner, String> scannerOwners = new MapMaker().weakKeys().makeMap();
 	
@@ -1170,15 +1164,6 @@ public class RangerAuthorizationCoprocessor extends RangerAuthorizationCoprocess
 		requirePermission("preCleanupBulkLoad", Permission.Action.WRITE, ctx.getEnvironment(),
cfs);
 	}
 	
-	public static Date getUTCDate() {
-		Calendar local=Calendar.getInstance();
-	    int offset = local.getTimeZone().getOffset(local.getTimeInMillis());
-	    GregorianCalendar utc = new GregorianCalendar(gmtTimeZone);
-	    utc.setTimeInMillis(local.getTimeInMillis());
-	    utc.add(Calendar.MILLISECOND, -offset);
-	    return utc.getTime();
-	}
-	
 	@Override
 	public void grant(RpcController controller, AccessControlProtos.GrantRequest request, RpcCallback<AccessControlProtos.GrantResponse>
done) {
 		boolean isSuccess = false;

http://git-wip-us.apache.org/repos/asf/ranger/blob/93c900c3/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilter.java
b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilter.java
index 0254100..4006afc 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilter.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilter.java
@@ -28,6 +28,7 @@ import com.google.common.base.Objects;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.hbase.Cell;
+import org.apache.hadoop.hbase.CellUtil;
 import org.apache.hadoop.hbase.filter.FilterBase;
 import org.apache.hadoop.hbase.util.Bytes;
 import org.apache.ranger.audit.model.AuthzAuditEvent;
@@ -55,7 +56,6 @@ public class RangerAuthorizationFilter extends FilterBase {
 		_session.auditHandler(_auditHandler);
 	}
 	
-	@SuppressWarnings("deprecation")
 	@Override
 	public ReturnCode filterKeyValue(Cell kv) throws IOException {
 
@@ -64,7 +64,7 @@ public class RangerAuthorizationFilter extends FilterBase {
 		}
 
 		String family = null;
-		byte[] familyBytes = kv.getFamily();
+		byte[] familyBytes = CellUtil.cloneFamily(kv);
 		if (familyBytes != null && familyBytes.length > 0) {
 			family = Bytes.toString(familyBytes);
 			if (LOG.isDebugEnabled()) {
@@ -72,8 +72,9 @@ public class RangerAuthorizationFilter extends FilterBase {
 			}
 		}
 		String column = null;
-		if (kv.getQualifier() != null && kv.getQualifier().length > 0) {
-			column = Bytes.toString(kv.getQualifier());
+		byte[] qualifier = CellUtil.cloneQualifier(kv);
+                if (qualifier != null && qualifier.length > 0) {
+			column = Bytes.toString(qualifier);
 			if (LOG.isDebugEnabled()) {
 				LOG.debug("filterKeyValue: evaluating column[" + column + "].");
 			}

http://git-wip-us.apache.org/repos/asf/ranger/blob/93c900c3/hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilterTest.java
b/hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilterTest.java
index 48b8a17..e009347 100644
--- a/hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilterTest.java
+++ b/hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/RangerAuthorizationFilterTest.java
@@ -19,7 +19,7 @@
 package org.apache.ranger.authorization.hbase;
 
 import static org.junit.Assert.assertEquals;
-import static org.mockito.Matchers.anyString;
+import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -33,7 +33,6 @@ import org.apache.hadoop.hbase.Cell;
 import org.apache.hadoop.hbase.filter.Filter.ReturnCode;
 import org.junit.Test;
 
-@SuppressWarnings("deprecation")
 public class RangerAuthorizationFilterTest {
 
 	@Test
@@ -61,43 +60,56 @@ public class RangerAuthorizationFilterTest {
 		Cell aCell = mock(Cell.class);
 		// families with know denied acess
 		for (String family : deniedFamilies) {
-			when(aCell.getFamily()).thenReturn(family.getBytes());
+			setFamilyArray(aCell, family.getBytes());
+			setQualifierArray(aCell, new byte[0]);
 			assertEquals(ReturnCode.NEXT_COL, filter.filterKeyValue(aCell));
 		}
 		// family that isn't in allowed and if cell does not have column then it should be denied
-		when(aCell.getFamily()).thenReturn("family7".getBytes());
-		when(aCell.getQualifier()).thenReturn(null);
+		setFamilyArray(aCell, "family7".getBytes());
+		setQualifierArray(aCell, new byte[0]);
 		assertEquals(ReturnCode.NEXT_COL, filter.filterKeyValue(aCell));
 		// families with known partial access
 		for (String column : family7KnowGoodColumns ) {
-			when(aCell.getQualifier()).thenReturn(column.getBytes());
+			setQualifierArray(aCell, column.getBytes());
 			assertEquals(ReturnCode.INCLUDE, filter.filterKeyValue(aCell));
 		}
-		when(aCell.getFamily()).thenReturn("family8".getBytes());
+		setFamilyArray(aCell, "family8".getBytes());
 		for (String column : family8KnowGoodColumns ) {
-			when(aCell.getQualifier()).thenReturn(column.getBytes());
+			setQualifierArray(aCell, column.getBytes());
 			assertEquals(ReturnCode.INCLUDE, filter.filterKeyValue(aCell));
 		}
 		// try some columns that are not in the cache
 		for (String column : new String[] { "family8-column3", "family8-column4"}) {
-			when(aCell.getQualifier()).thenReturn(column.getBytes());
+			setQualifierArray(aCell, column.getBytes());
 			assertEquals(ReturnCode.NEXT_COL, filter.filterKeyValue(aCell));
 		}
 		// families with known allowed access - for these we need to doctor up the session
 		when(session.isAuthorized()).thenReturn(true);
 		for (String family : allowedFamilies) {
-			when(aCell.getFamily()).thenReturn(family.getBytes());
-			when(aCell.getQualifier()).thenReturn("some-column".getBytes());
+			setFamilyArray(aCell, family.getBytes());
+			setQualifierArray(aCell, "some-column".getBytes());
 			assertEquals(ReturnCode.INCLUDE, filter.filterKeyValue(aCell));
 		}
 		when(session.isAuthorized()).thenReturn(false);
 		for (String family : indeterminateFamilies) {
-			when(aCell.getFamily()).thenReturn(family.getBytes());
-			when(aCell.getQualifier()).thenReturn("some-column".getBytes());
+			setFamilyArray(aCell, family.getBytes());
+			setQualifierArray(aCell, "some-column".getBytes());
 			assertEquals(ReturnCode.NEXT_COL, filter.filterKeyValue(aCell));
 		}
 	}
 
+	private void setFamilyArray(Cell aCell, byte[] familyArray) {
+		when(aCell.getFamilyArray()).thenReturn(familyArray);
+		when(aCell.getFamilyLength()).thenReturn((byte) familyArray.length);
+		when(aCell.getFamilyOffset()).thenReturn(0);
+	}
+
+	private void setQualifierArray(Cell aCell, byte[] qualifierArray) {
+		when(aCell.getQualifierArray()).thenReturn(qualifierArray);
+		when(aCell.getQualifierLength()).thenReturn(qualifierArray.length);
+		when(aCell.getQualifierOffset()).thenReturn(0);
+	}
+
 	AuthorizationSession createSessionMock() {
 		AuthorizationSession session = mock(AuthorizationSession.class);
 		when(session.column(anyString())).thenReturn(session);


Mime
View raw message