Google Git
Sign in
apache / ranger / d11233ad41311d6fec9e66c4ee91984d7cc216a6^! / .
commitd11233ad41311d6fec9e66c4ee91984d7cc216a6[log] [tgz]
authorAbhay Kulkarni <abhay@apache.org>Fri Jan 08 12:47:29 2021 -0800
committerAbhay Kulkarni <abhay@apache.org>Fri Jan 08 12:47:29 2021 -0800
tree713202e026c89560ec3d1678e00c9058e2afa1b7
parentcb621c3a07e7f9ec3013fb4b830e356e58051b34 [diff]
RANGER-3122: Support delegate-admin for specific permissions - Part 3

diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 63ad281..8381842 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java

@@ -3507,8 +3507,8 @@
 
 					servicePoliciesMap.put(serviceName, policyList);
 				}
-					policyList.add(policy);
-				}
+				policyList.add(policy);
+			}
 
 			for (Map.Entry<String, List<RangerPolicy>> entry : servicePoliciesMap.entrySet()) {
 				String             serviceName  = entry.getKey();
@@ -3518,6 +3518,7 @@
 					boolean isServiceAdminUser = svcStore.isServiceAdminUser(serviceName, userName);
 					if (isServiceAdminUser) {
 						ret.addAll(listToFilter);
+						continue;
 					} else if (isAdmin || isKeyAdmin || isAuditAdmin || isAuditKeyAdmin) {
 						XXService xService     = daoManager.getXXService().findByName(serviceName);
 						Long      serviceDefId = xService.getType();

diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
index b67656e..59cf22d 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java

@@ -1091,9 +1091,9 @@
 		Mockito.when(searchUtil.getSearchFilter(request, policyService.sortFields)).thenReturn(filter);
 		Mockito.when(svcStore.getPolicies(filter)).thenReturn(policies);
 		/*here we are setting serviceAdminRole, so we will get the required policy with serviceAdmi role*/
-		Mockito.when(daoManager.getXXGroupUser()).thenReturn(xGroupDao);
+		//Mockito.when(daoManager.getXXGroupUser()).thenReturn(xGroupDao);
 		Mockito.when(svcStore.isServiceAdminUser(rPol.getService(), null)).thenReturn(true);
-		Mockito.doReturn(policyAdmin).when(spySVCRest).getPolicyAdminForDelegatedAdmin("HDFS_1-1-20150316062453");
+		//Mockito.doReturn(policyAdmin).when(spySVCRest).getPolicyAdminForDelegatedAdmin("HDFS_1-1-20150316062453");
 		RangerPolicyList dbRangerPolicy = spySVCRest.getPolicies(request);
 		Assert.assertNotNull(dbRangerPolicy);
 		Assert.assertEquals(dbRangerPolicy.getListSize(), 1);