ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: FW: New Defects reported by Coverity Scan for Apache Ranger
Date Fri, 22 Sep 2017 11:36:18 GMT
I'll fix the Knox test issues.

Colm.

On Fri, Sep 22, 2017 at 9:20 AM, Fatima Khan <fatimakhan4689@gmail.com>
wrote:

> Hi Abhay,
>     I will take care of all issues related to RoleBasedUserSearchUtil.java
> and TestRoleBasedUserSearchUtil.java.
>
>
> *Thanks & Regards ,*
>
> *Fatima Khan*
>
> On Thu, Sep 21, 2017 at 9:19 PM, Abhay Kulkarni <akulkarni@hortonworks.com
> >
> wrote:
>
> > Contributors/Committers,
> >
> > Please review and fix as appropriate.
> >
> > Thanks!
> >
> > On 9/21/17, 12:35 AM, "scan-admin@coverity.com" <scan-admin@coverity.com
> >
> > wrote:
> >
> > >
> > >Hi,
> > >
> > >Please find the latest report on new defect(s) introduced to Apache
> > >Ranger found with Coverity Scan.
> > >
> > >9 new defect(s) introduced to Apache Ranger found with Coverity Scan.
> > >3 defect(s), reported by Coverity Scan earlier, were marked fixed in the
> > >recent build analyzed by Coverity Scan.
> > >
> > >New defect(s) Reported-by: Coverity Scan
> > >Showing 9 of 9 defect(s)
> > >
> > >
> > >** CID 167209:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 159 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > getUsersBasedOnRol
> > >e(java.util.List)()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167209:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 159 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > getUsersBasedOnRol
> > >e(java.util.List)()
> > >153                                                     }
> > >154                                             }
> > >155                                     }
> > >156                                     if (MapUtils.isEmpty(
> > >roleSysAdminMap) && MapUtils.isEmpty(roleKeyAdminMap) &&
> > >MapUtils.isEmpty(roleUserMap)) {
> > >157
>  System.out.println("users
> > >with given user role are not there");
> > >158                                             logger.error("users with
> > >given user role are not there");
> > >>>>     CID 167209:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >>>>
> > >>>>org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > getUsersBasedOn
> > >>>>Role(List) invokes System.exit(...), which shuts down the entire
> > >>>>virtual machine.
> > >159                                             System.exit(1);
> > >160                                     } else {
> > >161                                             if
> > >(!MapUtils.isEmpty(roleSysAdminMap)) {
> > >162                                                     for (String key
> :
> > >roleSysAdminMap.keySet()) {
> > >163
> > >System.out.println(roleSysAdminMap.get(key) + " : " + key);
> > >164                                                     }
> > >
> > >** CID 167208:  Incorrect expression  (USELESS_CALL)
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167208:  Incorrect expression  (USELESS_CALL)
> > >/security-admin/src/test/java/org/apache/ranger/patch/
> > cliutil/TestRoleBase
> > >dUserSearchUtil.java: 89 in
> > >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.
> > TestGetUsersBa
> > >sedOnRole()()
> > >83
> > >84
> > >Mockito.when(daoMgr.getXXPortalUser()).thenReturn(xXPortalUserDao);
> > >85
> > >Mockito.when(xXPortalUserDao.findByRole(RangerConstants.
> > ROLE_SYS_ADMIN)).t
> > >henReturn(listXXPortalUser);
> > >86
> > >87
> > >roleBasedUserSearchUtil.getUsersBasedOnRole(userRoleList);
> > >88
> > >>>>     CID 167208:  Incorrect expression  (USELESS_CALL)
> > >>>>     Calling
> > >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.
> > Mockito.verify(daoM
> > >>>>gr).getXXPortalUser()" is only useful for its return value, which
is
> > >>>>ignored.
> > >89                Mockito.verify(daoMgr).getXXPortalUser();
> > >90
> > >Mockito.verify(xXPortalUserDao).findByRole(RangerConstants.ROLE_SYS_
> > ADMIN)
> > >;
> > >91
> > >92            } catch(Exception e) {
> > >93                fail("test failed due to: " + e.getMessage());
> > >94            }
> > >
> > >** CID 167207:  FindBugs: Internationalization  (FB.DM_DEFAULT_ENCODING)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/RangerAdminClien
> > >tImpl.java: 63 in
> > >org.apache.ranger.services.knox.RangerAdminClientImpl.
> > getServicePoliciesIf
> > >Updated(long, long)()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167207:  FindBugs: Internationalization
> (FB.DM_DEFAULT_ENCODING)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/RangerAdminClien
> > >tImpl.java: 63 in
> > >org.apache.ranger.services.knox.RangerAdminClientImpl.
> > getServicePoliciesIf
> > >Updated(long, long)()
> > >57                 basedir = new File(".").getCanonicalPath();
> > >58             }
> > >59
> > >60             java.nio.file.Path cachePath =
> > >FileSystems.getDefault().getPath(basedir, "/src/test/resources/" +
> > >cacheFilename);
> > >61             byte[] cacheBytes = Files.readAllBytes(cachePath);
> > >62
> > >>>>     CID 167207:  FindBugs: Internationalization
> > >>>>(FB.DM_DEFAULT_ENCODING)
> > >>>>     Found reliance on default encoding: new String(byte[]).
> > >63             return gson.fromJson(new String(cacheBytes),
> > >ServicePolicies.class);
> > >64         }
> > >65
> > >66         public void grantAccess(GrantRevokeRequest request) throws
> > >Exception {
> > >67
> > >68         }
> > >
> > >** CID 167206:  Incorrect expression  (USELESS_CALL)
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167206:  Incorrect expression  (USELESS_CALL)
> > >/security-admin/src/test/java/org/apache/ranger/patch/
> > cliutil/TestRoleBase
> > >dUserSearchUtil.java: 132 in
> > >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.
> > TestValidateUs
> > >erAndFetchUserList()()
> > >126
> > >Mockito.when(xXPortalUserDao.findByRole(Mockito.anyString()
> > )).thenReturn(l
> > >istXXPortalUser);
> > >127
> > >128             roleBasedUserSearchUtil.validateUserAndFetchUserList();
> > >129             Mockito.verify(daoMgr,
> > >Mockito.atLeast(2)).getXXPortalUser();
> > >130
> > >Mockito.verify(xXPortalUserDao).findByLoginId(Mockito.anyString());
> > >131
> > >Mockito.verify(xUserService).getXUserByUserName(
> > xxPortalUser.getLoginId())
> > >;
> > >>>>     CID 167206:  Incorrect expression  (USELESS_CALL)
> > >>>>     Calling
> > >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.
> > Mockito.verify(daoM
> > >>>>gr).getXXModuleDef()" is only useful for its return value, which
is
> > >>>>ignored.
> > >132             Mockito.verify(daoMgr).getXXModuleDef();
> > >133
> > >Mockito.verify(xXModuleDefDao).findAccessibleModulesByUserId(
> > Mockito.anyLo
> > >ng(), Mockito.anyLong());
> > >134
> > >Mockito.verify(userMgr).encrypt(Mockito.anyString(),
> Mockito.anyString());
> > >135             Mockito.verify(xXPortalUserDao,
> > >Mockito.atLeast(2)).findByRole(Mockito.anyString());
> > >136
> > >137         }
> > >138
> > >
> > >** CID 167205:  Incorrect expression  (USELESS_CALL)
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167205:  Incorrect expression  (USELESS_CALL)
> > >/security-admin/src/test/java/org/apache/ranger/patch/
> > cliutil/TestRoleBase
> > >dUserSearchUtil.java: 129 in
> > >org.apache.ranger.patch.cliutil.TestRoleBasedUserSearchUtil.
> > TestValidateUs
> > >erAndFetchUserList()()
> > >123
> > >Mockito.when(daoMgr.getXXModuleDef()).thenReturn(xXModuleDefDao);
> > >124
> > >Mockito.when(xXModuleDefDao.findAccessibleModulesByUserId(
> > Mockito.anyLong(
> > >), Mockito.anyLong())).thenReturn(permissionList);
> > >125
> > >Mockito.when(userMgr.encrypt(Mockito.anyString(),Mockito.
> > anyString())).the
> > >nReturn(currentEncryptedPassword);
> > >126
> > >Mockito.when(xXPortalUserDao.findByRole(Mockito.anyString()
> > )).thenReturn(l
> > >istXXPortalUser);
> > >127
> > >128             roleBasedUserSearchUtil.validateUserAndFetchUserList();
> > >>>>     CID 167205:  Incorrect expression  (USELESS_CALL)
> > >>>>     Calling
> > >>>>"(org.apache.ranger.db.RangerDaoManager)org.mockito.
> > Mockito.verify(daoM
> > >>>>gr, org.mockito.Mockito.atLeast(2)).getXXPortalUser()" is only
> useful
> > >>>>for its return value, which is ignored.
> > >129             Mockito.verify(daoMgr,
> > >Mockito.atLeast(2)).getXXPortalUser();
> > >130
> > >Mockito.verify(xXPortalUserDao).findByLoginId(Mockito.anyString());
> > >131
> > >Mockito.verify(xUserService).getXUserByUserName(
> > xxPortalUser.getLoginId())
> > >;
> > >132             Mockito.verify(daoMgr).getXXModuleDef();
> > >133
> > >Mockito.verify(xXModuleDefDao).findAccessibleModulesByUserId(
> > Mockito.anyLo
> > >ng(), Mockito.anyLong());
> > >134
> > >Mockito.verify(userMgr).encrypt(Mockito.anyString(),
> Mockito.anyString());
> > >
> > >** CID 167204:  Null pointer dereferences  (NULL_RETURNS)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/KnoxRangerTest.j
> > >ava: 151 in
> > >org.apache.ranger.services.knox.KnoxRangerTest.createTopology()()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167204:  Null pointer dereferences  (NULL_RETURNS)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/KnoxRangerTest.j
> > >ava: 151 in
> > >org.apache.ranger.services.knox.KnoxRangerTest.createTopology()()
> > >145         /**
> > >146          * Creates a topology that is deployed to the gateway
> > >instance for the test suite.
> > >147          * Note that this topology is shared by all of the test
> > >methods in this suite.
> > >148          * @return A populated XML structure for a topology file.
> > >149          */
> > >150         private static XMLTag createTopology() {
> > >>>>     CID 167204:  Null pointer dereferences  (NULL_RETURNS)
> > >>>>     Calling a method on null object
> > >>>>"org.apache.ranger.services.knox.KnoxRangerTest.
> > ldapTransport.getAccept
> > >>>>or()".
> > >151             XMLTag xml = XMLDoc.newDocument( true )
> > >152                 .addRoot( "topology" )
> > >153                 .addTag( "gateway" )
> > >154                 .addTag( "provider" )
> > >155                 .addTag( "role" ).addText( "webappsec" )
> > >156                 .addTag("name").addText("WebAppSec")
> > >
> > >** CID 167203:  FindBugs: Bad practice
> > >(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/KnoxRangerTest.j
> > >ava: 125 in
> > >org.apache.ranger.services.knox.KnoxRangerTest.setupGateway()()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167203:  FindBugs: Bad practice
> > >(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE)
> > >/knox-agent/src/test/java/org/apache/ranger/services/
> > knox/KnoxRangerTest.j
> > >ava: 125 in
> > >org.apache.ranger.services.knox.KnoxRangerTest.setupGateway()()
> > >119             config.setGatewayServicesDir(targetDir.getPath() +
> > >File.separator + "services");
> > >120
> > >121             File topoDir = new File( config.getGatewayTopologyDir()
> );
> > >122             topoDir.mkdirs();
> > >123
> > >124             File deployDir = new File(
> > >config.getGatewayDeploymentDir() );
> > >>>>     CID 167203:  FindBugs: Bad practice
> > >>>>(FB.RV_RETURN_VALUE_IGNORED_BAD_PRACTICE)
> > >>>>     Another occurrence here
> > >125             deployDir.mkdirs();
> > >126
> > >127             File descriptor = new File( topoDir, "cluster.xml" );
> > >128             FileOutputStream stream = new FileOutputStream(
> > >descriptor );
> > >129             createTopology().toStream( stream );
> > >130             stream.close();
> > >
> > >** CID 167202:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 268 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > validateUserAndFet
> > >chUserList()()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167202:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 268 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > validateUserAndFet
> > >chUserList()()
> > >262                                     logger.error("Getting User's
> List
> > >with the mentioned role failure. Detail:  \n",e);
> > >263                                     System.exit(1);
> > >264                             }
> > >265                     } else {
> > >266                             System.out.println("User does not exist
> > >in DB!!");
> > >267                             logger.error("User does not exist in
> DB");
> > >>>>     CID 167202:  FindBugs: Bad practice  (FB.DM_EXIT)
> > >>>>     Another occurrence here
> > >268                             System.exit(1);
> > >269                     }
> > >270             }
> > >
> > >** CID 167201:  FindBugs: Performance  (FB.WMI_WRONG_MAP_ITERATOR)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 173 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > getUsersBasedOnRol
> > >e(java.util.List)()
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >*** CID 167201:  FindBugs: Performance  (FB.WMI_WRONG_MAP_ITERATOR)
> > >/security-admin/src/main/java/org/apache/ranger/patch/
> > cliutil/RoleBasedUse
> > >rSearchUtil.java: 173 in
> > >org.apache.ranger.patch.cliutil.RoleBasedUserSearchUtil.
> > getUsersBasedOnRol
> > >e(java.util.List)()
> > >167                                                     for (String key
> :
> > >roleKeyAdminMap.keySet()) {
> > >168
> > >System.out.println(roleKeyAdminMap.get(key) + " : " + key);
> > >169                                                     }
> > >170                                             }
> > >171                                             if
> > >(!MapUtils.isEmpty(roleUserMap)) {
> > >172                                                     for (String key
> :
> > >roleUserMap.keySet()) {
> > >>>>     CID 167201:  FindBugs: Performance  (FB.WMI_WRONG_MAP_ITERATOR)
> > >>>>     Another occurrence here
> > >173
> > >System.out.println(roleUserMap.get(key) + " : " + key);
> > >174                                                     }
> > >175                                             }
> > >176                                             if
> > >(userRoleList.contains(RangerConstants.ROLE_SYS_ADMIN)) {
> > >177
> > >System.out.println("ROLE_SYS_ADMIN Total Count : " +
> > >roleSysAdminMap.size());
> > >178                                             }
> > >
> > >
> > >___________________________________________________________
> > _______________
> > >______________________________
> > >To view the defects in Coverity Scan visit,
> > >https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-
> > 2BWcWUl-2F-2BfV0V
> > >05UPxvVjWch-2Bd2MGckcRZSbhom32dlDl11LWEm9nX11zsOWMf5dv3Q9Mogo-
> > 2FGua3FsLRTF
> > >ft2V-2FOFC9o0P2e0-3D_eYGgfjRVvnymu7-2Fg39LOcg-
> > 2Fwh01uR5A1l1-2BVcR3oH7pM-2F
> > >BtyNXoM4dIBzKwHlbDYw5bsQYgnbUmUHQnzAV04-2F2xz-2FfZ-
> > 2BVjbh7vlB6nJK2NBqeybiJ
> > >WWdK66K2mzeUcqxy8ZTU4tC-2B-2BLIhUJbqctcbHdUNiLof6a-
> > 2FPdOttSUvrknbX90rT-2Bh
> > >Cxep13Mnm2vkrnwuonBGtRfRirTU-2BJRc-2BuU488-2BXbE-2B5uMJveoRThKNo-3D
> > >
> > >To manage Coverity Scan email notifications for
> > >"akulkarni@hortonworks.com", click
> > >https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-
> > 2BWcWUl-2F-2BfV0V
> > >05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4rq896qxTW4IjcOjjCxcj
> > hdwy7bkx
> > >0GaYF4jcZRTENcC8UedPeL4l2t0VBzV197ihjH14Ve5jAkEZTKufdAcDuKGD
> > Ix74O-2BWzK0Pb
> > >pXpwQLY-3D_eYGgfjRVvnymu7-2Fg39LOcg-2Fwh01uR5A1l1-
> > 2BVcR3oH7pM-2FBtyNXoM4dI
> > >BzKwHlbDYw5bsQYgnbUmUHQnzAV04-2F3tyQ0lMxHlzYVsCwh-
> > 2F90iyU254AUBBkyvH0W6mX3
> > >I3XgJbDfqeNmJNVTJrOEZ9bzZL4dfjrvISowcrcB5LjqqRS8no5UFDti7fsH
> > evc3cgcFQ95cOq
> > >dmOixDFacCxxkEShFxwJtrNVpdXnWXt1OOEI-3D
> > >
> >
> >
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message