Search in sources :

Example 11 with AtlasTypeAccessRequest

use of org.apache.atlas.authorize.AtlasTypeAccessRequest in project atlas by apache.

the class AtlasEntityDefStoreV1 method create.

@Override
public AtlasEntityDef create(AtlasEntityDef entityDef, AtlasVertex preCreateResult) throws AtlasBaseException {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> AtlasEntityDefStoreV1.create({}, {})", entityDef, preCreateResult);
    }
    AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, entityDef), "create entity-def ", entityDef.getName());
    AtlasVertex vertex = (preCreateResult == null) ? preCreate(entityDef) : preCreateResult;
    updateVertexAddReferences(entityDef, vertex);
    AtlasEntityDef ret = toEntityDef(vertex);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== AtlasEntityDefStoreV1.create({}, {}): {}", entityDef, preCreateResult, ret);
    }
    return ret;
}
Also used : AtlasEntityDef(org.apache.atlas.model.typedef.AtlasEntityDef) AtlasVertex(org.apache.atlas.repository.graphdb.AtlasVertex) AtlasTypeAccessRequest(org.apache.atlas.authorize.AtlasTypeAccessRequest)

Example 12 with AtlasTypeAccessRequest

use of org.apache.atlas.authorize.AtlasTypeAccessRequest in project atlas by apache.

the class AtlasEntityDefStoreV1 method updateByGuid.

@Override
public AtlasEntityDef updateByGuid(String guid, AtlasEntityDef entityDef) throws AtlasBaseException {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> AtlasEntityDefStoreV1.updateByGuid({})", guid);
    }
    AtlasEntityDef existingDef = typeRegistry.getEntityDefByGuid(guid);
    AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update entity-def ", (existingDef != null ? existingDef.getName() : guid));
    validateType(entityDef);
    AtlasType type = typeRegistry.getTypeByGuid(guid);
    if (type.getTypeCategory() != org.apache.atlas.model.TypeCategory.ENTITY) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_MATCH_FAILED, entityDef.getName(), TypeCategory.CLASS.name());
    }
    AtlasVertex vertex = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.CLASS);
    if (vertex == null) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_GUID_NOT_FOUND, guid);
    }
    updateVertexPreUpdate(entityDef, (AtlasEntityType) type, vertex);
    updateVertexAddReferences(entityDef, vertex);
    AtlasEntityDef ret = toEntityDef(vertex);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== AtlasEntityDefStoreV1.updateByGuid({}): {}", guid, ret);
    }
    return ret;
}
Also used : AtlasEntityDef(org.apache.atlas.model.typedef.AtlasEntityDef) AtlasBaseException(org.apache.atlas.exception.AtlasBaseException) AtlasVertex(org.apache.atlas.repository.graphdb.AtlasVertex) AtlasTypeAccessRequest(org.apache.atlas.authorize.AtlasTypeAccessRequest) AtlasType(org.apache.atlas.type.AtlasType)

Example 13 with AtlasTypeAccessRequest

use of org.apache.atlas.authorize.AtlasTypeAccessRequest in project atlas by apache.

the class AtlasEntityDefStoreV1 method preDeleteByGuid.

@Override
public AtlasVertex preDeleteByGuid(String guid) throws AtlasBaseException {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> AtlasEntityDefStoreV1.preDeleteByGuid({})", guid);
    }
    AtlasEntityDef existingDef = typeRegistry.getEntityDefByGuid(guid);
    AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete entity-def ", (existingDef != null ? existingDef.getName() : guid));
    AtlasVertex ret = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.CLASS);
    String typeName = AtlasGraphUtilsV1.getProperty(ret, Constants.TYPENAME_PROPERTY_KEY, String.class);
    if (AtlasGraphUtilsV1.typeHasInstanceVertex(typeName)) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_HAS_REFERENCES, typeName);
    }
    if (ret == null) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_GUID_NOT_FOUND, guid);
    }
    // error if we are trying to delete an entityDef that has a relationshipDef
    if (typeDefStore.hasIncomingEdgesWithLabel(ret, AtlasGraphUtilsV1.RELATIONSHIPTYPE_EDGE_LABEL)) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_HAS_RELATIONSHIPS, typeName);
    }
    typeDefStore.deleteTypeVertexOutEdges(ret);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== AtlasEntityDefStoreV1.preDeleteByGuid({}): {}", guid, ret);
    }
    return ret;
}
Also used : AtlasEntityDef(org.apache.atlas.model.typedef.AtlasEntityDef) AtlasBaseException(org.apache.atlas.exception.AtlasBaseException) AtlasVertex(org.apache.atlas.repository.graphdb.AtlasVertex) AtlasTypeAccessRequest(org.apache.atlas.authorize.AtlasTypeAccessRequest)

Example 14 with AtlasTypeAccessRequest

use of org.apache.atlas.authorize.AtlasTypeAccessRequest in project ranger by apache.

the class RangerAtlasAuthorizer method filterTypes.

private void filterTypes(AtlasAccessRequest request, List<? extends AtlasBaseTypeDef> typeDefs) throws AtlasAuthorizationException {
    if (typeDefs != null) {
        for (ListIterator<? extends AtlasBaseTypeDef> iter = typeDefs.listIterator(); iter.hasNext(); ) {
            AtlasBaseTypeDef typeDef = iter.next();
            AtlasTypeAccessRequest typeRequest = new AtlasTypeAccessRequest(request.getAction(), typeDef, request.getUser(), request.getUserGroups());
            typeRequest.setClientIPAddress(request.getClientIPAddress());
            typeRequest.setForwardedAddresses(request.getForwardedAddresses());
            typeRequest.setRemoteIPAddress(request.getRemoteIPAddress());
            if (!isAccessAllowed(typeRequest)) {
                iter.remove();
            }
        }
    }
}
Also used : AtlasTypeAccessRequest(org.apache.atlas.authorize.AtlasTypeAccessRequest) AtlasBaseTypeDef(org.apache.atlas.model.typedef.AtlasBaseTypeDef)

Example 15 with AtlasTypeAccessRequest

use of org.apache.atlas.authorize.AtlasTypeAccessRequest in project atlas by apache.

the class AtlasStructDefStoreV1 method preDeleteByName.

@Override
public AtlasVertex preDeleteByName(String name) throws AtlasBaseException {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> AtlasStructDefStoreV1.preDeleteByName({})", name);
    }
    AtlasStructDef existingDef = typeRegistry.getStructDefByName(name);
    AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete struct-def ", name);
    AtlasVertex ret = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.STRUCT);
    if (AtlasGraphUtilsV1.typeHasInstanceVertex(name)) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_HAS_REFERENCES, name);
    }
    if (ret == null) {
        throw new AtlasBaseException(AtlasErrorCode.TYPE_NAME_NOT_FOUND, name);
    }
    typeDefStore.deleteTypeVertexOutEdges(ret);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== AtlasStructDefStoreV1.preDeleteByName({}): {}", name, ret);
    }
    return ret;
}
Also used : AtlasStructDef(org.apache.atlas.model.typedef.AtlasStructDef) AtlasBaseException(org.apache.atlas.exception.AtlasBaseException) AtlasVertex(org.apache.atlas.repository.graphdb.AtlasVertex) AtlasTypeAccessRequest(org.apache.atlas.authorize.AtlasTypeAccessRequest)

Aggregations

AtlasTypeAccessRequest (org.apache.atlas.authorize.AtlasTypeAccessRequest)26 AtlasVertex (org.apache.atlas.repository.graphdb.AtlasVertex)25 AtlasBaseException (org.apache.atlas.exception.AtlasBaseException)21 AtlasType (org.apache.atlas.type.AtlasType)8 AtlasClassificationDef (org.apache.atlas.model.typedef.AtlasClassificationDef)5 AtlasEntityDef (org.apache.atlas.model.typedef.AtlasEntityDef)5 AtlasEnumDef (org.apache.atlas.model.typedef.AtlasEnumDef)5 AtlasRelationshipDef (org.apache.atlas.model.typedef.AtlasRelationshipDef)5 AtlasStructDef (org.apache.atlas.model.typedef.AtlasStructDef)5 AtlasBaseTypeDef (org.apache.atlas.model.typedef.AtlasBaseTypeDef)1