ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ab...@apache.org
Subject ranger git commit: RANGER-2061: Ensure that Access Request's context is completely set up when using RangerAuthContext - addition to commit 3b510f8c07271e2e51b5a9151a0d26f7084e3792
Date Tue, 24 Apr 2018 21:18:17 GMT
Repository: ranger
Updated Branches:
  refs/heads/master bf9876c3a -> e6ab27ef6


RANGER-2061: Ensure that Access Request's context is completely set up when using RangerAuthContext
- addition to commit 3b510f8c07271e2e51b5a9151a0d26f7084e3792


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/e6ab27ef
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/e6ab27ef
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/e6ab27ef

Branch: refs/heads/master
Commit: e6ab27ef6cbdea1ea37d52a99ec69eaaf9aa310e
Parents: bf9876c
Author: Abhay Kulkarni <akulkarni@hortonworks.com>
Authored: Tue Apr 24 13:37:43 2018 -0700
Committer: Abhay Kulkarni <akulkarni@hortonworks.com>
Committed: Tue Apr 24 13:37:43 2018 -0700

----------------------------------------------------------------------
 .../plugin/policyengine/RangerAccessRequestImpl.java |  2 +-
 .../plugin/policyengine/RangerPolicyEngine.java      |  4 ++++
 .../plugin/policyengine/RangerPolicyEngineImpl.java  | 10 ++++++++++
 .../ranger/plugin/service/RangerAuthContext.java     | 15 +++++++++++++++
 4 files changed, 30 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/e6ab27ef/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
index 5dcdd59..fd41222 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
@@ -219,7 +219,7 @@ public class RangerAccessRequestImpl implements RangerAccessRequest {
 		this.context = (context == null) ? new HashMap<String, Object>() : context;
 	}
 
-	protected void extractAndSetClientIPAddress(boolean useForwardedIPAddress, String[]trustedProxyAddresses)
{
+	public void extractAndSetClientIPAddress(boolean useForwardedIPAddress, String[]trustedProxyAddresses)
{
 		String ip = getRemoteIPAddress();
 		if (ip == null) {
 			ip = getClientIPAddress();

http://git-wip-us.apache.org/repos/asf/ranger/blob/e6ab27ef/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
index 085251a..e6c0e5a 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
@@ -45,6 +45,10 @@ public interface RangerPolicyEngine {
 
 	void setTrustedProxyAddresses(String[] trustedProxyAddresses);
 
+	boolean getUseForwardedIPAddress();
+
+	String[] getTrustedProxyAddresses();
+
     RangerServiceDef getServiceDef();
 
     long getPolicyVersion();

http://git-wip-us.apache.org/repos/asf/ranger/blob/e6ab27ef/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
index 7e157e7..ab26d41 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
@@ -200,6 +200,16 @@ public class RangerPolicyEngineImpl implements RangerPolicyEngine {
 	}
 
 	@Override
+	public boolean getUseForwardedIPAddress() {
+		return useForwardedIPAddress;
+	}
+
+	@Override
+	public String[] getTrustedProxyAddresses() {
+		return trustedProxyAddresses;
+	}
+
+	@Override
 	public RangerServiceDef getServiceDef() {
 		return policyRepository.getServiceDef();
 	}

http://git-wip-us.apache.org/repos/asf/ranger/blob/e6ab27ef/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
index ef7194f..b898d29 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
@@ -33,6 +33,7 @@ import org.apache.ranger.plugin.policyengine.RangerMutableResource;
 import org.apache.ranger.plugin.policyengine.RangerPolicyEngine;
 import org.apache.ranger.plugin.policyengine.RangerResourceACLs;
 import org.apache.ranger.plugin.policyengine.RangerResourceAccessInfo;
+import org.apache.ranger.plugin.util.RangerAccessRequestUtil;
 
 import java.util.Collection;
 import java.util.HashMap;
@@ -90,6 +91,16 @@ public class RangerAuthContext implements RangerPolicyEngine {
         policyEngine.setTrustedProxyAddresses(trustedProxyAddresses);
     }
 
+	@Override
+	public boolean getUseForwardedIPAddress() {
+		return policyEngine.getUseForwardedIPAddress();
+	}
+
+	@Override
+	public String[] getTrustedProxyAddresses() {
+		return policyEngine.getTrustedProxyAddresses();
+	}
+
     @Override
     public RangerServiceDef getServiceDef() {
         return policyEngine.getServiceDef();
@@ -130,7 +141,11 @@ public class RangerAuthContext implements RangerPolicyEngine {
 		        mutable.setServiceDef(getServiceDef());
 	        }
         }
+	    if (request instanceof RangerAccessRequestImpl) {
+		    ((RangerAccessRequestImpl) request).extractAndSetClientIPAddress(getUseForwardedIPAddress(),
getTrustedProxyAddresses());
+	    }
 
+	    RangerAccessRequestUtil.setCurrentUserInContext(request.getContext(), request.getUser());
 	    if (MapUtils.isNotEmpty(requestContextEnrichers)) {
             for (Map.Entry<RangerContextEnricher, Object> entry : requestContextEnrichers.entrySet())
{
                 entry.getKey().enrich(request);


Mime
View raw message