Skip to content

Commit

Permalink
RANGER-3526: policy evaluation ordering to use name as secondary sort…
Browse files Browse the repository at this point in the history 
…ing key - #2
  • Loading branch information
@mneethiraj
mneethiraj committed Nov 29, 2021
1 parent 3045345 commit fe97016
Showing 1 changed file with 10 additions and 6 deletions.
16 changes: 10 additions & 6 deletions ...-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyEvaluator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,6 @@
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemRowFilterInfo;
import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
Expand All @@ -55,10 +53,8 @@

import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW;
import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW_EXCEPTIONS;
import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATAMASK;
import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY;
import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS;
import static org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ROWFILTER;

public interface RangerPolicyEvaluator extends RangerPolicyResourceEvaluator {
Comparator<RangerPolicyEvaluator> EVAL_ORDER_COMPARATOR = new RangerPolicyEvaluator.PolicyEvalOrderComparator();
Expand Down Expand Up @@ -184,6 +180,14 @@ static boolean hasRoles(RangerPolicyItem policyItem) {
return CollectionUtils.isNotEmpty(policyItem.getRoles());
}

static int compareStrings(String str1, String str2) {
if (str1 == null) {
return str2 == null ? 0 : -1;
} else {
return str2 == null ? 1 : str1.compareTo(str2);
}
}

class PolicyEvalOrderComparator implements Comparator<RangerPolicyEvaluator>, Serializable {
@Override
public int compare(RangerPolicyEvaluator me, RangerPolicyEvaluator other) {
Expand All @@ -203,7 +207,7 @@ private int compareNormal(RangerPolicyEvaluator me, RangerPolicyEvaluator other)
result = Integer.compare(me.getEvalOrder(), other.getEvalOrder());

if (result == 0) {
result = me.getPolicy().getName().compareTo(other.getPolicy().getName());
result = compareStrings(me.getPolicy().getName(), other.getPolicy().getName());
}
}

Expand All @@ -227,7 +231,7 @@ private int compareNormal(RangerPolicyEvaluator me, RangerPolicyEvaluator other)
} else if (!me.hasDeny() && other.hasDeny()) {
result = 1;
} else {
result = me.getPolicy().getName().compareTo(other.getPolicy().getName());
result = compareStrings(me.getPolicy().getName(), other.getPolicy().getName());
}

return result;
Expand Down

0 comments on commit fe97016

Please sign in to comment.