RANGER-5061: checkstyle compliance updates - security-admin module - org.apache.ranger.security package

Author: mneethiraj

security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java

@@ -60,8 +60,7 @@ public Set<String> getAvailableUITabs() {
      * RangerAPIList and should be mapped properly with UI tabs in the current class.
      */
     public Set<String> getAssociatedTabsWithAPI(String apiName) {
-        Set<String> associatedTabs = mapApiToTabs.get(apiName);
-        return associatedTabs;
+        return mapApiToTabs.get(apiName);
     }
 
     private void init() {
@@ -146,10 +145,9 @@ private void mapReportsWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_REPORTS, apiAssociatedWithReports);
 
         for (String api : apiAssociatedWithReports) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_REPORTS);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_REPORTS);
         }
     }
 
@@ -227,10 +225,9 @@ private void mapTagBasedPoliciesWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_TAG_BASED_POLICIES, apiAssociatedWithTagBasedPolicy);
 
         for (String api : apiAssociatedWithTagBasedPolicy) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_TAG_BASED_POLICIES);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_TAG_BASED_POLICIES);
         }
     }
 
@@ -274,10 +271,9 @@ private void mapKeyManagerWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_KEY_MANAGER, apiAssociatedWithKeyManager);
 
         for (String api : apiAssociatedWithKeyManager) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_KEY_MANAGER);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_KEY_MANAGER);
         }
     }
 
@@ -306,10 +302,9 @@ private void mapPermissionsWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_PERMISSIONS, apiAssociatedWithPermissions);
 
         for (String api : apiAssociatedWithPermissions) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_PERMISSIONS);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_PERMISSIONS);
         }
     }
 
@@ -363,10 +358,9 @@ private void mapUGWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_USERS_GROUPS, apiAssociatedWithUserAndGroups);
 
         for (String api : apiAssociatedWithUserAndGroups) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_USERS_GROUPS);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_USERS_GROUPS);
         }
     }
 
@@ -434,10 +428,9 @@ private void mapAuditWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_AUDIT, apiAssociatedWithAudit);
 
         for (String api : apiAssociatedWithAudit) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_AUDIT);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_AUDIT);
         }
     }
 
@@ -517,10 +510,9 @@ private void mapResourceBasedPoliciesWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_RESOURCE_BASED_POLICIES, apiAssociatedWithRBPolicies);
 
         for (String api : apiAssociatedWithRBPolicies) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_RESOURCE_BASED_POLICIES);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_RESOURCE_BASED_POLICIES);
         }
     }
 
@@ -579,10 +571,9 @@ private void mapGDSWithAPIs() {
         rangerAPIMappingWithUI.put(TAB_GDS, apiAssociatedWithGDS);
 
         for (String api : apiAssociatedWithGDS) {
-            if (mapApiToTabs.get(api) == null) {
-                mapApiToTabs.put(api, new HashSet<>());
-            }
-            mapApiToTabs.get(api).add(TAB_GDS);
+            Set<String> tabs = mapApiToTabs.computeIfAbsent(api, k -> new HashSet<>());
+
+            tabs.add(TAB_GDS);
         }
     }
 }

security-admin/src/main/java/org/apache/ranger/security/context/RangerAdminOpContext.java

@@ -22,9 +22,10 @@
 import java.io.Serializable;
 
 public class RangerAdminOpContext implements Serializable {
-    private static final long    serialVersionUID = 1L;
-    private              boolean bulkModeContext;
-    private              Boolean createPrincipalsIfAbsent;
+    private static final long serialVersionUID = 1L;
+
+    private boolean bulkModeContext;
+    private Boolean createPrincipalsIfAbsent;
 
     public boolean isBulkModeContext() {
         return bulkModeContext;

security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java

@@ -52,81 +52,105 @@ public class RangerPreAuthSecurityHandler {
     @Autowired
     SessionMgr sessionMgr;
 
-    public boolean isAPIAccessible(String methodName) throws Exception {
+    public boolean isAPIAccessible(String methodName) {
         if (methodName == null) {
             return false;
         }
 
         UserSessionBase userSession = ContextUtil.getCurrentUserSession();
+
         if (userSession == null) {
             logger.warn("WARNING: UserSession found null. Some non-authorized user might be trying to access the API.");
+
             return false;
         }
 
         if (userSession.isUserAdmin()) {
             logger.debug("WARNING: Logged in user is System Admin, System Admin is allowed to access all the tabs except Key Manager. Reason for returning true is, In few cases system admin needs to have access on Key Manager tabs as well.");
+
             return true;
         }
 
         Set<String> associatedTabs = rangerAPIMapping.getAssociatedTabsWithAPI(methodName);
+
         if (CollectionUtils.isEmpty(associatedTabs)) {
             return true;
         }
+
         if (associatedTabs.contains(RangerAPIMapping.TAB_PERMISSIONS) && userSession.isAuditUserAdmin()) {
             return true;
         }
+
         return isAPIAccessible(associatedTabs);
     }
 
-    public boolean isAPIAccessible(Set<String> associatedTabs) throws Exception {
+    public boolean isAPIAccessible(Set<String> associatedTabs) {
         UserSessionBase userSession = ContextUtil.getCurrentUserSession();
+
         if (userSession != null) {
             sessionMgr.refreshPermissionsIfNeeded(userSession);
+
             if (userSession.getRangerUserPermission() != null) {
                 CopyOnWriteArraySet<String> accessibleModules = userSession.getRangerUserPermission().getUserPermissions();
+
                 if (CollectionUtils.containsAny(accessibleModules, associatedTabs)) {
                     return true;
                 }
             }
         }
+
         VXResponse gjResponse = new VXResponse();
+
         gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
         gjResponse.setMsgDesc("User is not allowed to access the API");
+
         throw restErrorUtil.generateRESTException(gjResponse);
     }
 
     public boolean isAPISpnegoAccessible() {
         UserSessionBase userSession = ContextUtil.getCurrentUserSession();
+
         if (userSession != null && (userSession.isSpnegoEnabled() || userSession.isUserAdmin() || userSession.isAuditUserAdmin())) {
             return true;
         } else if (userSession != null && (userSession.isUserAdmin() || userSession.isKeyAdmin() || userSession.isAuditKeyAdmin())) {
             return true;
         }
+
         VXResponse gjResponse = new VXResponse();
+
         gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
         gjResponse.setMsgDesc("User is not allowed to access the API");
+
         throw restErrorUtil.generateRESTException(gjResponse);
     }
 
     public boolean isAdminOrKeyAdminRole() {
         UserSessionBase userSession = ContextUtil.getCurrentUserSession();
+
         if (userSession != null && (userSession.isKeyAdmin() || userSession.isUserAdmin())) {
             return true;
         }
+
         VXResponse gjResponse = new VXResponse();
+
         gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN); // assert user is authenticated.
         gjResponse.setMsgDesc("User is not allowed to access the API");
+
         throw restErrorUtil.generateRESTException(gjResponse);
     }
 
     public boolean isAdminRole() {
         UserSessionBase userSession = ContextUtil.getCurrentUserSession();
+
         if (userSession != null && userSession.isUserAdmin()) {
             return true;
         }
+
         VXResponse gjResponse = new VXResponse();
+
         gjResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN); // assert user is authenticated.
         gjResponse.setMsgDesc("User is not allowed to access the API");
+
         throw restErrorUtil.generateRESTException(gjResponse);
     }
 }

security-admin/src/main/java/org/apache/ranger/security/context/RangerSecurityContext.java

@@ -28,9 +28,10 @@
 import java.io.Serializable;
 
 public class RangerSecurityContext implements Serializable {
-    private static final long            serialVersionUID = 1L;
-    private              UserSessionBase userSession;
-    private              RequestContext  requestContext;
+    private static final long serialVersionUID = 1L;
+
+    private UserSessionBase userSession;
+    private RequestContext  requestContext;
 
     public UserSessionBase getUserSession() {
         return userSession;