apache · pradeepagrawal8184 · Nov 22, 2023
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java
@@ -19,8 +19,6 @@
 
  package org.apache.ranger.biz;
 
-import java.io.File;
-import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Date;
@@ -68,8 +66,6 @@
 import org.apache.ranger.view.*;
 import org.apache.ranger.view.VXTrxLogV2.AttributeChangeInfo;
 import org.apache.ranger.view.VXTrxLogV2.ObjectChangeInfo;
-import com.fasterxml.jackson.core.JsonGenerationException;
-import com.fasterxml.jackson.databind.JsonMappingException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -165,53 +161,6 @@ public void init() {
 		logger.info("<== AssetMgr.init()");
 	}
 
-	public File getXResourceFile(Long id, String fileType) {
-		VXResource xResource = xResourceService.readResource(id);
-		if (xResource == null) {
-			throw this.restErrorUtil.createRESTException(
-					"serverMsg.datasourceIdEmpty" + "id " + id,
-					MessageEnums.DATA_NOT_FOUND, id, "dataSourceId",
-					"DataSource not found with " + "id " + id);
-		}
-
-		return getXResourceFile(xResource, fileType);
-	}
-
-	public File getXResourceFile(VXResource xResource, String fileType) {
-		File file = null;
-		try {
-			if (fileType != null) {
-				if ("json".equalsIgnoreCase(fileType)) {
-					file = jsonUtil.writeJsonToFile(xResource,
-							xResource.getName());
-				} else {
-					throw restErrorUtil.createRESTException(
-							"Please send the supported filetype.",
-							MessageEnums.INVALID_INPUT_DATA);
-				}
-			} else {
-				throw restErrorUtil
-						.createRESTException(
-								"Please send the file format in which you want to export.",
-								MessageEnums.DATA_NOT_FOUND);
-			}
-		} catch (JsonGenerationException e) {
-			throw this.restErrorUtil.createRESTException(
-					"serverMsg.jsonGeneration" + " : " + e.getMessage(),
-					MessageEnums.ERROR_SYSTEM);
-		} catch (JsonMappingException e) {
-			throw this.restErrorUtil.createRESTException(
-					"serverMsg.jsonMapping" + " : " + e.getMessage(),
-					MessageEnums.ERROR_SYSTEM);
-		} catch (IOException e) {
-			throw this.restErrorUtil.createRESTException(
-					"serverMsg.ioException" + " : " + e.getMessage(),
-					MessageEnums.ERROR_SYSTEM);
-		}
-
-		return file;
-	}
-
 	public String getLatestRepoPolicy(VXAsset xAsset, List<VXResource> xResourceList, Long updatedTime,
 									  X509Certificate[] certchain, boolean httpEnabled, String epoch,
 									  String ipAddress, boolean isSecure, String count, String agentId) {
@@ -1396,6 +1345,9 @@ public VXUgsyncAuditInfoList getUgsyncAudits(SearchCriteria searchCriteria) {
 	}
 
 	public VXUgsyncAuditInfoList getUgsyncAuditsBySyncSource(String syncSource) {
+		if (!msBizUtil.hasModuleAccess(RangerConstants.MODULE_AUDIT)) {
+			throw restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is not having permissions on the "+RangerConstants.MODULE_AUDIT+" module.", true);
+		}
 		if(syncSource!=null && !syncSource.trim().isEmpty()){
 			return xUgsyncAuditInfoService.searchXUgsyncAuditInfoBySyncSource(syncSource);
 		}else{

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -5067,62 +5067,62 @@ public int compare(RangerPolicy c1, RangerPolicy c2) {
 
 		// fetch policies maintained for the roles and groups belonging to the group
 		String groupName = searchFilter.getParam("group");
-		if (!StringUtils.isEmpty(groupName)) {
-			Set<String> groupNames = daoMgr.getXXGroupGroup().findGroupNamesByGroupName(groupName);
-			groupNames.add(RangerConstants.GROUP_PUBLIC);
-			groupNames.add(groupName);
-			Set<Long> processedSvcIdsForGroup = new HashSet<>();
-			Set<String> processedGroupsName = new HashSet<>();
-			List<XXPolicy> xPolList2;
-			for (String grpName : groupNames) {
-				searchFilter.setParam("group", grpName);
-				xPolList2 = policyService.searchResources(searchFilter, policyService.searchFields, policyService.sortFields, retList);
-				if (!CollectionUtils.isEmpty(xPolList2)) {
-					for (XXPolicy xPol2 : xPolList2) {
-						if(xPol2!=null){
-							if (!processedPolicies.contains(xPol2.getId())) {
-								if (!processedSvcIdsForGroup.contains(xPol2.getService())
-										|| !processedGroupsName.contains(groupName)) {
-									loadRangerPolicies(xPol2.getService(), processedSvcIdsForGroup, policyMap, searchFilter);
-									processedGroupsName.add(groupName);
-								}
-								if (policyMap.containsKey(xPol2.getId())) {
-									policyList.add(policyMap.get(xPol2.getId()));
-									processedPolicies.add(xPol2.getId());
-								}
+		if (StringUtils.isBlank(groupName)) {
+			groupName = RangerConstants.GROUP_PUBLIC;
+		}
+		Set<String> groupNames = daoMgr.getXXGroupGroup().findGroupNamesByGroupName(groupName);
+		groupNames.add(groupName);
+		Set<Long> processedSvcIdsForGroup = new HashSet<>();
+		Set<String> processedGroupsName = new HashSet<>();
+		List<XXPolicy> xPolList2;
+		for (String grpName : groupNames) {
+			searchFilter.setParam("group", grpName);
+			xPolList2 = policyService.searchResources(searchFilter, policyService.searchFields, policyService.sortFields, retList);
+			if (!CollectionUtils.isEmpty(xPolList2)) {
+				for (XXPolicy xPol2 : xPolList2) {
+					if(xPol2!=null){
+						if (!processedPolicies.contains(xPol2.getId())) {
+							if (!processedSvcIdsForGroup.contains(xPol2.getService())
+									|| !processedGroupsName.contains(groupName)) {
+								loadRangerPolicies(xPol2.getService(), processedSvcIdsForGroup, policyMap, searchFilter);
+								processedGroupsName.add(groupName);
+							}
+							if (policyMap.containsKey(xPol2.getId())) {
+								policyList.add(policyMap.get(xPol2.getId()));
+								processedPolicies.add(xPol2.getId());
 							}
 						}
 					}
 				}
 			}
+		}
 
-			searchFilter.removeParam("group");
-			XXGroup xxGroup = daoMgr.getXXGroup().findByGroupName(groupName);
-			if (xxGroup != null) {
-				Set<Long> allContainedRoles = new HashSet<>();
-				List<XXRole> xxRoles = daoMgr.getXXRole().findByGroupId(xxGroup.getId());
-				for (XXRole xxRole : xxRoles) {
-					getContainingRoles(xxRole.getId(), allContainedRoles);
-				}
-				Set<String> roleNames = getRoleNames(allContainedRoles);
-				Set<String> processedRoleName = new HashSet<>();
-				List<XXPolicy> xPolList3;
-				for (String roleName : roleNames) {
-					searchFilter.setParam("role", roleName);
-					xPolList3 = policyService.searchResources(searchFilter, policyService.searchFields, policyService.sortFields, retList);
-					if (!CollectionUtils.isEmpty(xPolList3)) {
-						for (XXPolicy xPol3 : xPolList3) {
-							if (xPol3 != null) {
-								if (!processedPolicies.contains(xPol3.getId())) {
-									if (!processedSvcIdsForRole.contains(xPol3.getService())
-											|| !processedRoleName.contains(roleName)) {
-										loadRangerPolicies(xPol3.getService(), processedSvcIdsForRole, policyMap, searchFilter);
-										processedRoleName.add(roleName);
-									}
-									if (policyMap.containsKey(xPol3.getId())) {
-										policyList.add(policyMap.get(xPol3.getId()));
-										processedPolicies.add(xPol3.getId());
-									}
+		searchFilter.removeParam("group");
+		XXGroup xxGroup = daoMgr.getXXGroup().findByGroupName(groupName);
+		if (xxGroup != null) {
+			Set<Long> allContainedRoles = new HashSet<>();
+			List<XXRole> xxRoles = daoMgr.getXXRole().findByGroupId(xxGroup.getId());
+			for (XXRole xxRole : xxRoles) {
+				getContainingRoles(xxRole.getId(), allContainedRoles);
+			}
+			Set<String> roleNames = getRoleNames(allContainedRoles);
+			Set<String> processedRoleName = new HashSet<>();
+			List<XXPolicy> xPolList3;
+			for (String roleName : roleNames) {
+				searchFilter.setParam("role", roleName);
+				xPolList3 = policyService.searchResources(searchFilter, policyService.searchFields, policyService.sortFields, retList);
+				if (!CollectionUtils.isEmpty(xPolList3)) {
+					for (XXPolicy xPol3 : xPolList3) {
+						if (xPol3 != null) {
+							if (!processedPolicies.contains(xPol3.getId())) {
+								if (!processedSvcIdsForRole.contains(xPol3.getService())
+										|| !processedRoleName.contains(roleName)) {
+									loadRangerPolicies(xPol3.getService(), processedSvcIdsForRole, policyMap, searchFilter);
+									processedRoleName.add(roleName);
+								}
+								if (policyMap.containsKey(xPol3.getId())) {
+									policyList.add(policyMap.get(xPol3.getId()));
+									processedPolicies.add(xPol3.getId());
 								}
 							}
 						}