(ranger) 03/05: RANGER-5294: FileUtils.isOwnerOfFileHierarchy doesn’t have the recurse parameter

Sat, 04 Oct 2025 21:29:16 -0700 

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch ranger-2.8
in repository https://gitbox.apache.org/repos/asf/ranger.git

commit 11ebb1c7839742bd79c3e5621796c3e6bfe2fd83
Author: Mahesh Bandal <[email protected]>
AuthorDate: Tue Sep 9 21:49:09 2025 +0530

    RANGER-5294: FileUtils.isOwnerOfFileHierarchy doesn’t have the recurse 
parameter
    
    (cherry picked from commit bc9b02972b349e5624db0fc8832a6703d890a8f9)
---
 .../authorization/hive/authorizer/RangerHiveAuthorizer.java    | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index ca6edf5b2..a28855438 100644
--- 
a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ 
b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -96,6 +96,8 @@ public class RangerHiveAuthorizer extends 
RangerHiveAuthorizerBase {
        private static final Logger LOG = 
LoggerFactory.getLogger(RangerHiveAuthorizer.class);
 
        private static final Logger PERF_HIVEAUTH_REQUEST_LOG = 
RangerPerfTracer.getPerfLogger("hiveauth.request");
+       private static final Logger PERF_HIVEAUTH_COARSEURI_LOG = 
RangerPerfTracer.getPerfLogger("hiveauth.coarsecheck");
+
 
        private static final char COLUMN_SEP = ',';
 
@@ -2187,6 +2189,11 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
                boolean ret = false;
                boolean recurse = !coarseCheck;
 
+               RangerPerfTracer perf = null;
+               if 
(RangerPerfTracer.isPerfTraceEnabled(PERF_HIVEAUTH_COARSEURI_LOG)) {
+                       perf = 
RangerPerfTracer.getPerfTracer(PERF_HIVEAUTH_COARSEURI_LOG, 
"RangerHiveAuthorizer.isURIAccessAllowed(userName=" + userName + " filePath=" + 
filePath + " coarseCheck=" + coarseCheck + ")");
+               }
+
                if(action == FsAction.NONE) {
                        ret = true;
                } else {
@@ -2197,7 +2204,7 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
                                        boolean isDenied = false;
 
                                        for(FileStatus file : filestat) {
-                                               if 
(FileUtils.isOwnerOfFileHierarchy(fs, file, userName) ||
+                                               if 
(FileUtils.isOwnerOfFileHierarchy(fs, file, userName, recurse) ||
                                                                
FileUtils.isActionPermittedForFileHierarchy(fs, file, userName, action, 
recurse)) {
                                                        continue;
                                                } else {
@@ -2218,6 +2225,7 @@ private boolean isURIAccessAllowed(String userName, 
FsAction action, Path filePa
                        }
                }
 
+               RangerPerfTracer.log(perf);
                return ret;
        }

Reply via email to