(ranger) 02/02: RANGER-4558: fixed validation for create/update of shared-resources in a dataShare

Wed, 29 Nov 2023 00:23:59 -0800 

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 6e3c22bd3473a04c3ac877acd272cda6c1b09689
Author: prashant <[email protected]>
AuthorDate: Tue Nov 28 12:38:15 2023 +0530

    RANGER-4558: fixed validation for create/update of shared-resources in a 
dataShare
    
    Signed-off-by: Madhan Neethiraj <[email protected]>
---
 .../org/apache/ranger/validation/RangerGdsValidator.java   | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
 
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
index 178c8f0e2..1cc87399b 100755
--- 
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
@@ -246,7 +246,7 @@ public class RangerGdsValidator {
             if (existing != null) {
                 result.addValidationFailure(new 
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_SHARED_RESOURCE_NAME_CONFLICT,
 "name", resource.getName(), dataShare.getName(), existing));
             } else {
-                validateDataShareAdmin(dataShare, result);
+                               
validateSharedResourceCreateAndUpdate(dataShare, result);
             }
         }
 
@@ -270,7 +270,7 @@ public class RangerGdsValidator {
             if (dataShare == null) {
                 result.addValidationFailure(new 
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_ID_NOT_FOUND,
 "dataShareId", resource.getDataShareId()));
             } else {
-                validateDataShareAdmin(dataShare, result);
+                               
validateSharedResourceCreateAndUpdate(dataShare, result);
             }
         }
 
@@ -720,6 +720,16 @@ public class RangerGdsValidator {
         }
     }
 
+    private void validateSharedResourceCreateAndUpdate(RangerDataShare 
dataShare, ValidationResult result) {
+        if (!dataProvider.isAdminUser()) {
+            validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", 
dataShare.getName(), dataShare.getAcl(), result);
+
+            if (!dataProvider.isServiceAdmin(dataShare.getService()) && 
!dataProvider.isZoneAdmin(dataShare.getZone())) {
+                result.addValidationFailure(new 
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NOT_SERVICE_OR_ZONE_ADMIN,
 null, dataShare.getService(), dataShare.getZone()));
+            }
+        }
+    }
+
     private void validateAcl(RangerGdsObjectACL acl, String fieldName, 
ValidationResult result) {
         if (acl != null) {
             if (MapUtils.isNotEmpty(acl.getUsers())) {

Reply via email to