Search in sources :

Example 1 with VTrxLogAttr

use of org.apache.ranger.common.view.VTrxLogAttr in project ranger by apache.

the class RangerPolicyService method processFieldToCreateTrxLog.

private XXTrxLog processFieldToCreateTrxLog(Field field, String objectName, RangerPolicy vObj, XXPolicy mObj, RangerPolicy oldPolicy, int action) {
    String actionString = "";
    field.setAccessible(true);
    String fieldName = field.getName();
    XXTrxLog xTrxLog = new XXTrxLog();
    XXService parentObj = daoMgr.getXXService().findByName(vObj.getService());
    try {
        VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
        xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
        String value = null;
        boolean isEnum = vTrxLogAttr.isEnum();
        if (!isEnum) {
            if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyResourcesForTrxLog(field.get(vObj));
            } else if (POLICY_CONDITION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyItemsForTrxLog(field.get(vObj));
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyItemsForTrxLog(field.get(vObj));
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyItemsForTrxLog(field.get(vObj));
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyNameForTrxLog(field.get(vObj));
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyItemsForTrxLog(field.get(vObj));
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyItemsForTrxLog(field.get(vObj));
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processDataMaskPolicyItemsForTrxLog(field.get(vObj));
                if (vObj.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(vObj.getDataMaskPolicyItems())) {
                    for (RangerDataMaskPolicyItem policyItem : vObj.getDataMaskPolicyItems()) {
                        if (policyItem.getDataMaskInfo() != null && policyItem.getDataMaskInfo().getDataMaskType() != null) {
                            List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                            if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                                for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                    if (xxDataMaskTypeDef.getName().equalsIgnoreCase(policyItem.getDataMaskInfo().getDataMaskType())) {
                                        String label = xxDataMaskTypeDef.getLabel();
                                        StringBuilder sbValue = new StringBuilder(value);
                                        label = ",\"DataMasklabel\":\"" + label + "\"";
                                        int sbValueIndex = sbValue.lastIndexOf("}]");
                                        sbValue.insert(sbValueIndex, label);
                                        value = sbValue.toString();
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processRowFilterPolicyItemForTrxLog(field.get(vObj));
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processIsEnabledClassFieldNameForTrxLog(field.get(vObj));
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyLabelsClassFieldNameForTrxLog(field.get(vObj));
            } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processValiditySchedulesClassFieldNameForTrxLog(field.get(vObj));
            } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPriorityClassFieldNameForTrxLog(field.get(vObj));
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processIsAuditEnabledClassFieldNameForTrxLog(field.get(vObj));
            } else if (POLICY_IS_DENY_ALL_ELSE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processIsAuditEnabledClassFieldNameForTrxLog(field.get(vObj));
            } else if (POLICY_ZONE_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                value = processPolicyNameForTrxLog(field.get(vObj));
            } else {
                value = "" + field.get(vObj);
            }
        }
        if (action == OPERATION_CREATE_CONTEXT) {
            if (restrictIsDenyAllElseLogForMaskingAndRowfilterPolicy(fieldName, vObj) == null) {
                return null;
            }
            if (stringUtil.isEmpty(value)) {
                return null;
            }
            xTrxLog.setNewValue(value);
            actionString = actionCreate;
        } else if (action == OPERATION_DELETE_CONTEXT) {
            if (restrictIsDenyAllElseLogForMaskingAndRowfilterPolicy(fieldName, vObj) == null) {
                return null;
            }
            xTrxLog.setPreviousValue(value);
            actionString = actionDelete;
        } else if (action == OPERATION_UPDATE_CONTEXT) {
            if (restrictIsDenyAllElseLogForMaskingAndRowfilterPolicy(fieldName, vObj) == null) {
                return null;
            }
            actionString = actionUpdate;
            String oldValue = null;
            Field[] mFields = mObj.getClass().getDeclaredFields();
            for (Field mField : mFields) {
                mField.setAccessible(true);
                String mFieldName = mField.getName();
                if (fieldName.equalsIgnoreCase(mFieldName)) {
                    if (!isEnum) {
                        oldValue = mField.get(mObj) + "";
                    }
                    break;
                }
            }
            if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyResourcesForTrxLog(oldPolicy.getResources());
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getPolicyItems());
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyPolicyItems());
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getName());
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getDescription());
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getAllowExceptions());
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyExceptions());
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processDataMaskPolicyItemsForTrxLog(oldPolicy.getDataMaskPolicyItems());
                    if (oldPolicy.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(oldPolicy.getDataMaskPolicyItems())) {
                        for (RangerDataMaskPolicyItem oldPolicyItem : oldPolicy.getDataMaskPolicyItems()) {
                            if (oldPolicyItem.getDataMaskInfo() != null && oldPolicyItem.getDataMaskInfo().getDataMaskType() != null) {
                                List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                                if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                                    for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                        if (xxDataMaskTypeDef.getName().equalsIgnoreCase(oldPolicyItem.getDataMaskInfo().getDataMaskType())) {
                                            String oldLabel = xxDataMaskTypeDef.getLabel();
                                            StringBuilder sbOldValue = new StringBuilder(oldValue);
                                            oldLabel = ",\"DataMasklabel\":\"" + oldLabel + "\"";
                                            int sbValueIndex = sbOldValue.lastIndexOf("}]");
                                            sbOldValue.insert(sbValueIndex, oldLabel);
                                            oldValue = sbOldValue.toString();
                                            break;
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processRowFilterPolicyItemForTrxLog(oldPolicy.getRowFilterPolicyItems());
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processIsEnabledClassFieldNameForTrxLog(oldPolicy.getIsEnabled());
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processIsAuditEnabledClassFieldNameForTrxLog(oldPolicy.getIsAuditEnabled());
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPolicyLabelsClassFieldNameForTrxLog(oldPolicy.getPolicyLabels());
            } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processValiditySchedulesClassFieldNameForTrxLog(oldPolicy.getValiditySchedules());
            } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPriorityClassFieldNameForTrxLog(oldPolicy.getPolicyPriority());
            } else if (POLICY_CONDITION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getConditions());
                }
            } else if (POLICY_ZONE_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = oldPolicy != null ? processPolicyNameForTrxLog(oldPolicy.getZoneName()) : "";
            } else if (POLICY_IS_DENY_ALL_ELSE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = oldPolicy != null ? processIsAuditEnabledClassFieldNameForTrxLog(String.valueOf(oldPolicy.getIsDenyAllElse())) : "";
            }
            // start comparing old and new values
            if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new resources
                if (compareTwoPolicyResources(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new policyItems
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new policyName
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyPolicyItem
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new allowExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new Description
                if (StringUtils.equals(value, oldValue)) {
                    return null;
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new dataMaskPolicyItems
                if (compareTwoDataMaskingPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new rowFilterPolicyItems
                if (compareTwoRowFilterPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyLabelList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_ZONE_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (StringUtils.isBlank(oldValue)) {
                    if (!(stringUtil.isEmpty(value) && compareTwoPolicyName(value, oldValue))) {
                        oldValue = value;
                    } else {
                        return null;
                    }
                }
            } else if (POLICY_IS_DENY_ALL_ELSE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // comparing old and new value for isDenyAllElse
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (StringUtils.equals(value, oldValue)) {
                    return null;
                }
            }
            xTrxLog.setPreviousValue(oldValue);
            xTrxLog.setNewValue(value);
        } else if (action == OPERATION_IMPORT_CREATE_CONTEXT) {
            if (restrictIsDenyAllElseLogForMaskingAndRowfilterPolicy(fieldName, vObj) == null) {
                return null;
            }
            if (stringUtil.isEmpty(value)) {
                return null;
            }
            xTrxLog.setNewValue(value);
            actionString = actionImportCreate;
        } else if (action == OPERATION_IMPORT_DELETE_CONTEXT) {
            if (restrictIsDenyAllElseLogForMaskingAndRowfilterPolicy(fieldName, vObj) == null) {
                return null;
            }
            xTrxLog.setPreviousValue(value);
            actionString = actionImportDelete;
        }
    } catch (IllegalArgumentException | IllegalAccessException e) {
        logger.error("Process field to create trx log failure.", e);
    }
    xTrxLog.setAction(actionString);
    xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
    xTrxLog.setObjectId(vObj.getId());
    xTrxLog.setObjectName(objectName);
    xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_SERVICE);
    xTrxLog.setParentObjectId(parentObj.getId());
    xTrxLog.setParentObjectName(parentObj.getName());
    return xTrxLog;
}
Also used : XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) ArrayList(java.util.ArrayList) List(java.util.List) XXService(org.apache.ranger.entity.XXService)

Example 2 with VTrxLogAttr

use of org.apache.ranger.common.view.VTrxLogAttr in project ranger by apache.

the class RangerRoleService method getTransactionLog.

public List<XXTrxLog> getTransactionLog(RangerRole current, RangerRole former, String action) {
    if (current == null || action == null || ("update".equalsIgnoreCase(action) && former == null)) {
        return null;
    }
    List<XXTrxLog> trxLogList = new ArrayList<>();
    Field[] fields = current.getClass().getDeclaredFields();
    String users = RangerConstants.MODULE_USER_GROUPS.split("/")[0];
    String groups = RangerConstants.MODULE_USER_GROUPS.split("/")[1];
    try {
        Field nameField = current.getClass().getDeclaredField("name");
        nameField.setAccessible(true);
        String objectName = "" + nameField.get(current);
        for (Field field : fields) {
            String fieldName = field.getName();
            if (!trxLogAttrs.containsKey(fieldName)) {
                continue;
            }
            field.setAccessible(true);
            VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
            xTrxLog.setAction(action);
            xTrxLog.setObjectId(current.getId());
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_ROLE);
            xTrxLog.setObjectName(objectName);
            if (!StringUtils.isNotBlank(current.getCreatedByUser())) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Created User = " + current.getCreatedByUser());
                }
                XXPortalUser xXPortalUser = daoMgr.getXXPortalUser().findByLoginId(current.getCreatedByUser());
                if (xXPortalUser != null) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("User Id for " + current.getCreatedByUser() + " = " + xXPortalUser.getId());
                    }
                    xTrxLog.setAddedByUserId(xXPortalUser.getId());
                    xTrxLog.setUpdatedByUserId(xXPortalUser.getId());
                }
            }
            String value;
            if (vTrxLogAttr.isEnum()) {
                String enumName = XXUser.getEnumName(fieldName);
                int enumValue = field.get(current) == null ? 0 : Integer.parseInt("" + field.get(current));
                value = xaEnumUtil.getLabel(enumName, enumValue);
            } else {
                value = "" + field.get(current);
                if (fieldName.equalsIgnoreCase(users) || fieldName.equalsIgnoreCase(groups) || fieldName.equalsIgnoreCase(RangerConstants.ROLE_FIELD)) {
                    if (fieldName.equalsIgnoreCase(users)) {
                        value = JsonUtils.listToJson(current.getUsers());
                    } else if (fieldName.equalsIgnoreCase(groups)) {
                        value = JsonUtils.listToJson(current.getGroups());
                    } else if (fieldName.equalsIgnoreCase(RangerConstants.ROLE_FIELD)) {
                        value = JsonUtils.listToJson(current.getRoles());
                    }
                }
                if ((value == null || "null".equalsIgnoreCase(value)) && !"update".equalsIgnoreCase(action)) {
                    continue;
                }
            }
            if ("options".equalsIgnoreCase(fieldName)) {
                value = JsonUtils.mapToJson(current.getOptions());
            }
            if ("create".equalsIgnoreCase(action)) {
                xTrxLog.setNewValue(value);
                trxLogList.add(xTrxLog);
            } else if ("delete".equalsIgnoreCase(action)) {
                xTrxLog.setPreviousValue(value);
                trxLogList.add(xTrxLog);
            } else if ("update".equalsIgnoreCase(action)) {
                String formerValue = null;
                Field[] mFields = current.getClass().getDeclaredFields();
                for (Field mField : mFields) {
                    mField.setAccessible(true);
                    String mFieldName = mField.getName();
                    if (fieldName.equalsIgnoreCase(mFieldName)) {
                        if ("options".equalsIgnoreCase(mFieldName)) {
                            formerValue = JsonUtils.mapToJson(former.getOptions());
                        } else {
                            formerValue = mField.get(former) + "";
                            if (fieldName.equalsIgnoreCase(users) || fieldName.equalsIgnoreCase(groups) || fieldName.equalsIgnoreCase(RangerConstants.ROLE_FIELD)) {
                                if (fieldName.equalsIgnoreCase(users)) {
                                    formerValue = JsonUtils.listToJson(former.getUsers());
                                } else if (fieldName.equalsIgnoreCase(groups)) {
                                    formerValue = JsonUtils.listToJson(former.getGroups());
                                } else if (fieldName.equalsIgnoreCase(RangerConstants.ROLE_FIELD)) {
                                    formerValue = JsonUtils.listToJson(former.getRoles());
                                }
                            }
                        }
                        break;
                    }
                }
                value = ((value == null) ? "" : value);
                formerValue = ((formerValue == null) ? "" : formerValue);
                if (formerValue.equalsIgnoreCase(value)) {
                    continue;
                }
                xTrxLog.setPreviousValue(formerValue);
                xTrxLog.setNewValue(value);
                trxLogList.add(xTrxLog);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("AddedByUserId for " + xTrxLog.getObjectName() + " = " + xTrxLog.getAddedByUserId());
            }
        }
        if (trxLogList.isEmpty()) {
            if (logger.isDebugEnabled()) {
                logger.debug("trxLogList is empty!!");
            }
            trxLogList = null;
        }
    } catch (IllegalAccessException e) {
        logger.error("Transaction log failure.", e);
    } catch (NoSuchFieldException e) {
        logger.error("Transaction log failure.", e);
    }
    return trxLogList;
}
Also used : VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) XXPortalUser(org.apache.ranger.entity.XXPortalUser) ArrayList(java.util.ArrayList) XXTrxLog(org.apache.ranger.entity.XXTrxLog)

Example 3 with VTrxLogAttr

use of org.apache.ranger.common.view.VTrxLogAttr in project ranger by apache.

the class XGroupUserService method getTransactionLog.

public List<XXTrxLog> getTransactionLog(VXGroupUser vObj, XXGroupUser mObj, String action) {
    // if(vObj == null && (action == null || !action.equalsIgnoreCase("update"))){
    // return null;
    // }
    Long groupId = vObj.getParentGroupId();
    XXGroup xGroup = daoManager.getXXGroup().getById(groupId);
    String groupName = xGroup.getName();
    Long userId = vObj.getUserId();
    XXUser xUser = daoManager.getXXUser().getById(userId);
    String userName = xUser.getName();
    List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
    Field[] fields = vObj.getClass().getDeclaredFields();
    try {
        for (Field field : fields) {
            field.setAccessible(true);
            String fieldName = field.getName();
            if (!trxLogAttrs.containsKey(fieldName)) {
                continue;
            }
            VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
            String value = null;
            boolean isEnum = vTrxLogAttr.isEnum();
            if (isEnum) {
                String enumName = XXAsset.getEnumName(fieldName);
                int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
                value = xaEnumUtil.getLabel(enumName, enumValue);
            } else {
                value = "" + field.get(vObj);
                XXGroup xXGroup = daoManager.getXXGroup().getById(Long.parseLong(value));
                value = xXGroup.getName();
            }
            if ("create".equalsIgnoreCase(action)) {
                xTrxLog.setNewValue(value);
            } else if ("delete".equalsIgnoreCase(action)) {
                xTrxLog.setPreviousValue(value);
            } else if ("update".equalsIgnoreCase(action)) {
                // No Change.
                xTrxLog.setNewValue(value);
                xTrxLog.setPreviousValue(value);
            }
            xTrxLog.setAction(action);
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP_USER);
            xTrxLog.setObjectId(vObj.getId());
            xTrxLog.setObjectName(userName);
            xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
            xTrxLog.setParentObjectId(groupId);
            xTrxLog.setParentObjectName(groupName);
            trxLogList.add(xTrxLog);
        }
    } catch (IllegalArgumentException e) {
        e.printStackTrace();
    } catch (IllegalAccessException e) {
        e.printStackTrace();
    } catch (SecurityException e) {
        e.printStackTrace();
    }
    return trxLogList;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) ArrayList(java.util.ArrayList) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) SearchField(org.apache.ranger.common.SearchField) Field(java.lang.reflect.Field) XXGroup(org.apache.ranger.entity.XXGroup)

Example 4 with VTrxLogAttr

use of org.apache.ranger.common.view.VTrxLogAttr in project ranger by apache.

the class XPermMapService method getTransactionLog.

public List<XXTrxLog> getTransactionLog(VXPermMap vObj, VXPermMap mObj, String action) {
    if (vObj == null || action == null || ("update".equalsIgnoreCase(action) && mObj == null)) {
        return null;
    }
    boolean isGroupPolicy = true;
    if (vObj.getGroupId() == null) {
        isGroupPolicy = false;
    }
    Long groupId = null;
    Long userId = null;
    String groupName = null;
    String userName = null;
    if (isGroupPolicy) {
        groupId = vObj.getGroupId();
        XXGroup xGroup = daoManager.getXXGroup().getById(groupId);
        groupName = xGroup.getName();
    } else {
        userId = vObj.getUserId();
        XXUser xUser = daoManager.getXXUser().getById(userId);
        userName = xUser.getName();
    }
    List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
    Field[] fields = vObj.getClass().getDeclaredFields();
    try {
        for (Field field : fields) {
            field.setAccessible(true);
            String fieldName = field.getName();
            if (!trxLogAttrs.containsKey(fieldName)) {
                continue;
            // int policyType = vObj.getIpAddress();
            /*if(policyType == AppConstants.ASSET_HDFS){
					String[] ignoredAttribs = {"ipAddress"};
					if(ArrayUtils.contains(ignoredAttribs, fieldName)){
						continue;
					}
				}*/
            // } else {
            // if(isGroupPolicy){
            // if(fieldName.equalsIgnoreCase("userId")){
            // continue;
            // }
            // } else {
            // if (fieldName.equalsIgnoreCase("groupId")){
            // continue;
            // }
            // }
            }
            Long assetId = daoManager.getXXResource().getById(vObj.getResourceId()).getAssetId();
            int policyType = daoManager.getXXAsset().getById(assetId).getAssetType();
            if (policyType != AppConstants.ASSET_KNOX) {
                if ("ipAddress".equals(fieldName))
                    continue;
            }
            VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
            String value = null, prevValue = "";
            boolean isEnum = vTrxLogAttr.isEnum();
            if (isEnum) {
                String enumName = XXPermMap.getEnumName(fieldName);
                int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
                value = xaEnumUtil.getLabel(enumName, enumValue);
            } else {
                value = "" + field.get(vObj);
                // value = xUser.getName();
                if ("ipAddress".equals(fieldName) && "update".equalsIgnoreCase(action)) {
                    prevValue = "" + field.get(mObj);
                    value = "null".equalsIgnoreCase(value) ? "" : value;
                } else if (value == null || "null".equalsIgnoreCase(value) || stringUtil.isEmpty(value)) {
                    continue;
                }
            }
            if ("create".equalsIgnoreCase(action)) {
                xTrxLog.setNewValue(value);
            } else if ("delete".equalsIgnoreCase(action)) {
                xTrxLog.setPreviousValue(value);
            } else if ("update".equalsIgnoreCase(action)) {
                // Not Changed.
                xTrxLog.setNewValue(value);
                xTrxLog.setPreviousValue(value);
                if ("ipAddress".equals(fieldName)) {
                    xTrxLog.setPreviousValue(prevValue);
                }
            }
            xTrxLog.setAction(action);
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_PERM_MAP);
            xTrxLog.setObjectId(vObj.getId());
            if (isGroupPolicy) {
                xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
                xTrxLog.setParentObjectId(groupId);
                xTrxLog.setParentObjectName(groupName);
            } else {
                xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_USER);
                xTrxLog.setParentObjectId(userId);
                xTrxLog.setParentObjectName(userName);
            }
            // xTrxLog.setObjectName(objectName);
            trxLogList.add(xTrxLog);
        }
    } catch (IllegalArgumentException e) {
        e.printStackTrace();
    } catch (IllegalAccessException e) {
        e.printStackTrace();
    } catch (SecurityException e) {
        e.printStackTrace();
    }
    return trxLogList;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) ArrayList(java.util.ArrayList) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) SearchField(org.apache.ranger.common.SearchField) XXGroup(org.apache.ranger.entity.XXGroup)

Example 5 with VTrxLogAttr

use of org.apache.ranger.common.view.VTrxLogAttr in project ranger by apache.

the class XGroupService method getTransactionLog.

public List<XXTrxLog> getTransactionLog(VXGroup vObj, XXGroup mObj, String action) {
    if (vObj == null || action == null || ("update".equalsIgnoreCase(action) && mObj == null)) {
        return null;
    }
    List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
    try {
        Field nameField = vObj.getClass().getDeclaredField("name");
        nameField.setAccessible(true);
        String objectName = "" + nameField.get(vObj);
        Field[] fields = vObj.getClass().getDeclaredFields();
        for (Field field : fields) {
            field.setAccessible(true);
            String fieldName = field.getName();
            if (!trxLogAttrs.containsKey(fieldName)) {
                continue;
            }
            VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
            String value = null;
            boolean isEnum = vTrxLogAttr.isEnum();
            if (isEnum) {
                String enumName = XXGroup.getEnumName(fieldName);
                int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
                value = xaEnumUtil.getLabel(enumName, enumValue);
            } else {
                value = "" + field.get(vObj);
            }
            if ("create".equalsIgnoreCase(action)) {
                if (stringUtil.isEmpty(value)) {
                    continue;
                }
                xTrxLog.setNewValue(value);
            } else if ("delete".equalsIgnoreCase(action)) {
                xTrxLog.setPreviousValue(value);
            } else if ("update".equalsIgnoreCase(action)) {
                String oldValue = null;
                Field[] mFields = mObj.getClass().getDeclaredFields();
                for (Field mField : mFields) {
                    mField.setAccessible(true);
                    String mFieldName = mField.getName();
                    if (fieldName.equalsIgnoreCase(mFieldName)) {
                        if (isEnum) {
                            String enumName = XXAsset.getEnumName(mFieldName);
                            int enumValue = mField.get(mObj) == null ? 0 : Integer.parseInt("" + mField.get(mObj));
                            oldValue = xaEnumUtil.getLabel(enumName, enumValue);
                        } else {
                            oldValue = mField.get(mObj) + "";
                        }
                        break;
                    }
                }
                if (value.equalsIgnoreCase(oldValue)) {
                    continue;
                }
                xTrxLog.setPreviousValue(oldValue);
                xTrxLog.setNewValue(value);
            }
            xTrxLog.setAction(action);
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
            xTrxLog.setObjectId(vObj.getId());
            xTrxLog.setObjectName(objectName);
            trxLogList.add(xTrxLog);
        }
    } catch (IllegalArgumentException e) {
        logger.error("Transaction log failure.", e);
    } catch (IllegalAccessException e) {
        logger.error("Transaction log failure.", e);
    } catch (NoSuchFieldException e) {
        logger.error("Transaction log failure.", e);
    } catch (SecurityException e) {
        logger.error("Transaction log failure.", e);
    }
    return trxLogList;
}
Also used : ArrayList(java.util.ArrayList) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) SearchField(org.apache.ranger.common.SearchField) SortField(org.apache.ranger.common.SortField)

Aggregations

Field (java.lang.reflect.Field)12 VTrxLogAttr (org.apache.ranger.common.view.VTrxLogAttr)12 XXTrxLog (org.apache.ranger.entity.XXTrxLog)12 ArrayList (java.util.ArrayList)11 SearchField (org.apache.ranger.common.SearchField)7 HashMap (java.util.HashMap)3 SortField (org.apache.ranger.common.SortField)3 XXUser (org.apache.ranger.entity.XXUser)3 XXGroup (org.apache.ranger.entity.XXGroup)2 Gson (com.google.gson.Gson)1 List (java.util.List)1 XXAsset (org.apache.ranger.entity.XXAsset)1 XXDataMaskTypeDef (org.apache.ranger.entity.XXDataMaskTypeDef)1 XXPortalUser (org.apache.ranger.entity.XXPortalUser)1 XXService (org.apache.ranger.entity.XXService)1 XXServiceDef (org.apache.ranger.entity.XXServiceDef)1 RangerDataMaskPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem)1 RangerService (org.apache.ranger.plugin.model.RangerService)1