Examples with XXResourceDao org.apache.ranger.db.XXResourceDao used on opensource projects

Search in sources :

Example 1 with XXResourceDao

use of org.apache.ranger.db.XXResourceDao in project ranger by apache.

the class XUserMgr method deleteXGroup.

public void deleteXGroup(Long id, boolean force) {
    checkAdminAccess();
    xaBizUtil.blockAuditorRoleUser();
    XXGroupDao xXGroupDao = daoManager.getXXGroup();
    XXGroup xXGroup = xXGroupDao.getById(id);
    VXGroup vXGroup = xGroupService.populateViewBean(xXGroup);
    if (vXGroup == null || StringUtil.isEmpty(vXGroup.getName())) {
        throw restErrorUtil.createRESTException("Group ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
    }
    if (logger.isDebugEnabled()) {
        logger.info("Force delete status=" + force + " for group=" + vXGroup.getName());
    }
    SearchCriteria searchCriteria = new SearchCriteria();
    searchCriteria.addParam("xGroupId", id);
    VXGroupUserList vxGroupUserList = searchXGroupUsers(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("groupId", id);
    VXPermMapList vXPermMapList = searchXPermMaps(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("groupId", id);
    VXAuditMapList vXAuditMapList = searchXAuditMaps(searchCriteria);
    XXGroupPermissionDao xXGroupPermissionDao = daoManager.getXXGroupPermission();
    List<XXGroupPermission> xXGroupPermissions = xXGroupPermissionDao.findByGroupId(id);
    XXGroupGroupDao xXGroupGroupDao = daoManager.getXXGroupGroup();
    List<XXGroupGroup> xXGroupGroups = xXGroupGroupDao.findByGroupId(id);
    XXPolicyDao xXPolicyDao = daoManager.getXXPolicy();
    List<XXPolicy> xXPolicyList = xXPolicyDao.findByGroupId(id);
    logger.warn("Deleting GROUP : " + vXGroup.getName());
    if (force) {
        // delete XXGroupUser records of matching group
        XXGroupUserDao xGroupUserDao = daoManager.getXXGroupUser();
        XXUserDao xXUserDao = daoManager.getXXUser();
        XXUser xXUser = null;
        for (VXGroupUser groupUser : vxGroupUserList.getList()) {
            if (groupUser != null) {
                xXUser = xXUserDao.getById(groupUser.getUserId());
                if (xXUser != null) {
                    logger.warn("Removing user '" + xXUser.getName() + "' from group '" + groupUser.getName() + "'");
                }
                xGroupUserDao.remove(groupUser.getId());
            }
        }
        // delete XXPermMap records of matching group
        XXPermMapDao xXPermMapDao = daoManager.getXXPermMap();
        XXResourceDao xXResourceDao = daoManager.getXXResource();
        XXResource xXResource = null;
        for (VXPermMap vXPermMap : vXPermMapList.getList()) {
            if (vXPermMap != null) {
                xXResource = xXResourceDao.getById(vXPermMap.getResourceId());
                if (xXResource != null) {
                    logger.warn("Deleting '" + AppConstants.getLabelFor_XAPermType(vXPermMap.getPermType()) + "' permission from policy ID='" + vXPermMap.getResourceId() + "' for group '" + vXPermMap.getGroupName() + "'");
                }
                xXPermMapDao.remove(vXPermMap.getId());
            }
        }
        // delete XXAuditMap records of matching group
        XXAuditMapDao xXAuditMapDao = daoManager.getXXAuditMap();
        for (VXAuditMap vXAuditMap : vXAuditMapList.getList()) {
            if (vXAuditMap != null) {
                xXResource = xXResourceDao.getById(vXAuditMap.getResourceId());
                xXAuditMapDao.remove(vXAuditMap.getId());
            }
        }
        // delete XXGroupGroupDao records of group-group mapping
        for (XXGroupGroup xXGroupGroup : xXGroupGroups) {
            if (xXGroupGroup != null) {
                XXGroup xXGroupParent = xXGroupDao.getById(xXGroupGroup.getParentGroupId());
                XXGroup xXGroupChild = xXGroupDao.getById(xXGroupGroup.getGroupId());
                if (xXGroupParent != null && xXGroupChild != null) {
                    logger.warn("Removing group '" + xXGroupChild.getName() + "' from group '" + xXGroupParent.getName() + "'");
                }
                xXGroupGroupDao.remove(xXGroupGroup.getId());
            }
        }
        // delete XXPolicyItemGroupPerm records of group
        for (XXPolicy xXPolicy : xXPolicyList) {
            RangerPolicy rangerPolicy = policyService.getPopulatedViewObject(xXPolicy);
            List<RangerPolicyItem> policyItems = rangerPolicy.getPolicyItems();
            removeUserGroupReferences(policyItems, null, vXGroup.getName());
            rangerPolicy.setPolicyItems(policyItems);
            List<RangerPolicyItem> denyPolicyItems = rangerPolicy.getDenyPolicyItems();
            removeUserGroupReferences(denyPolicyItems, null, vXGroup.getName());
            rangerPolicy.setDenyPolicyItems(denyPolicyItems);
            List<RangerPolicyItem> allowExceptions = rangerPolicy.getAllowExceptions();
            removeUserGroupReferences(allowExceptions, null, vXGroup.getName());
            rangerPolicy.setAllowExceptions(allowExceptions);
            List<RangerPolicyItem> denyExceptions = rangerPolicy.getDenyExceptions();
            removeUserGroupReferences(denyExceptions, null, vXGroup.getName());
            rangerPolicy.setDenyExceptions(denyExceptions);
            List<RangerDataMaskPolicyItem> dataMaskItems = rangerPolicy.getDataMaskPolicyItems();
            removeUserGroupReferences(dataMaskItems, null, vXGroup.getName());
            rangerPolicy.setDataMaskPolicyItems(dataMaskItems);
            List<RangerRowFilterPolicyItem> rowFilterItems = rangerPolicy.getRowFilterPolicyItems();
            removeUserGroupReferences(rowFilterItems, null, vXGroup.getName());
            rangerPolicy.setRowFilterPolicyItems(rowFilterItems);
            try {
                svcStore.updatePolicy(rangerPolicy);
            } catch (Throwable excp) {
                logger.error("updatePolicy(" + rangerPolicy + ") failed", excp);
                restErrorUtil.createRESTException(excp.getMessage());
            }
        }
        if (CollectionUtils.isNotEmpty(xXGroupPermissions)) {
            for (XXGroupPermission xXGroupPermission : xXGroupPermissions) {
                if (xXGroupPermission != null) {
                    XXModuleDef xXModuleDef = daoManager.getXXModuleDef().findByModuleId(xXGroupPermission.getModuleId());
                    if (xXModuleDef != null) {
                        logger.warn("Deleting '" + xXModuleDef.getModule() + "' module permission for group '" + xXGroup.getName() + "'");
                    }
                    xXGroupPermissionDao.remove(xXGroupPermission.getId());
                }
            }
        }
        // delete XXGroup
        xXGroupDao.remove(id);
        // Create XXTrxLog
        List<XXTrxLog> xXTrxLogsXXGroup = xGroupService.getTransactionLog(xGroupService.populateViewBean(xXGroup), "delete");
        xaBizUtil.createTrxLog(xXTrxLogsXXGroup);
    } else {
        boolean hasReferences = false;
        if (vxGroupUserList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXPolicyList)) {
            hasReferences = true;
        }
        if (hasReferences == false && vXPermMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && vXAuditMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXGroupGroups)) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXGroupPermissions)) {
            hasReferences = true;
        }
        if (hasReferences) {
            // change visibility to Hidden
            if (vXGroup.getIsVisible() == RangerCommonEnums.IS_VISIBLE) {
                vXGroup.setIsVisible(RangerCommonEnums.IS_HIDDEN);
                xGroupService.updateResource(vXGroup);
            }
        } else {
            // delete XXGroup
            xXGroupDao.remove(id);
            // Create XXTrxLog
            List<XXTrxLog> xXTrxLogsXXGroup = xGroupService.getTransactionLog(xGroupService.populateViewBean(xXGroup), "delete");
            xaBizUtil.createTrxLog(xXTrxLogsXXGroup);
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXGroupPermissionDao(org.apache.ranger.db.XXGroupPermissionDao) XXUserDao(org.apache.ranger.db.XXUserDao) XXPolicy(org.apache.ranger.entity.XXPolicy) XXGroupUserDao(org.apache.ranger.db.XXGroupUserDao) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXModuleDef(org.apache.ranger.entity.XXModuleDef) XXPermMapDao(org.apache.ranger.db.XXPermMapDao) XXGroupGroupDao(org.apache.ranger.db.XXGroupGroupDao) XXResourceDao(org.apache.ranger.db.XXResourceDao) XXGroupPermission(org.apache.ranger.entity.XXGroupPermission) XXResource(org.apache.ranger.entity.XXResource) XXAuditMapDao(org.apache.ranger.db.XXAuditMapDao) RangerRowFilterPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem) XXTrxLog(org.apache.ranger.entity.XXTrxLog) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) SearchCriteria(org.apache.ranger.common.SearchCriteria) XXGroup(org.apache.ranger.entity.XXGroup) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) XXPolicyDao(org.apache.ranger.db.XXPolicyDao) XXGroupDao(org.apache.ranger.db.XXGroupDao) XXGroupGroup(org.apache.ranger.entity.XXGroupGroup)

Example 2 with XXResourceDao

use of org.apache.ranger.db.XXResourceDao in project ranger by apache.

the class TestRangerBizUtil method testHasPermission_emptyResourceName.

@Test
public void testHasPermission_emptyResourceName() {
    VXResource vXResource = new VXResource();
    vXResource.setAssetId(12345L);
    XXPortalUser portalUser = new XXPortalUser();
    portalUser.setId(id);
    portalUser.setLoginId("12121");
    RangerContextHolder.getSecurityContext().getUserSession().setXXPortalUser(portalUser);
    XXUserDao xxUserDao = Mockito.mock(XXUserDao.class);
    XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
    XXUser xxUser = new XXUser();
    XXAsset xxAsset = new XXAsset();
    List<XXResource> lst = new ArrayList<XXResource>();
    XXResourceDao xxResourceDao = Mockito.mock(XXResourceDao.class);
    XXAssetDao xxAssetDao = Mockito.mock(XXAssetDao.class);
    Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
    Mockito.when(userDao.getById(Mockito.anyLong())).thenReturn(portalUser);
    Mockito.when(daoManager.getXXUser()).thenReturn(xxUserDao);
    Mockito.when(xxUserDao.findByUserName(Mockito.anyString())).thenReturn(xxUser);
    Mockito.when(daoManager.getXXResource()).thenReturn(xxResourceDao);
    Mockito.when(xxResourceDao.findByAssetIdAndResourceStatus(Mockito.anyLong(), Mockito.anyInt())).thenReturn(lst);
    Mockito.when(daoManager.getXXAsset()).thenReturn(xxAssetDao);
    Mockito.when(xxAssetDao.getById(Mockito.anyLong())).thenReturn(xxAsset);
    VXResponse resp = rangerBizUtil.hasPermission(vXResource, AppConstants.XA_PERM_TYPE_UNKNOWN);
    Mockito.verify(daoManager).getXXPortalUser();
    Mockito.verify(userDao).getById(Mockito.anyLong());
    Mockito.verify(daoManager).getXXUser();
    Mockito.verify(xxUserDao).findByUserName(Mockito.anyString());
    Assert.assertNotNull(resp);
    Assert.assertEquals(VXResponse.STATUS_ERROR, resp.getStatusCode());
    Assert.assertEquals("Permission Denied !", resp.getMsgDesc());
}
Also used : VXResponse(org.apache.ranger.view.VXResponse) XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXUser(org.apache.ranger.entity.XXUser) XXAssetDao(org.apache.ranger.db.XXAssetDao) XXResource(org.apache.ranger.entity.XXResource) XXUserDao(org.apache.ranger.db.XXUserDao) VXResource(org.apache.ranger.view.VXResource) XXAsset(org.apache.ranger.entity.XXAsset) ArrayList(java.util.ArrayList) XXPortalUserDao(org.apache.ranger.db.XXPortalUserDao) XXResourceDao(org.apache.ranger.db.XXResourceDao) Test(org.junit.Test)

Aggregations

XXResourceDao (org.apache.ranger.db.XXResourceDao)2 XXUserDao (org.apache.ranger.db.XXUserDao)2 XXResource (org.apache.ranger.entity.XXResource)2 XXUser (org.apache.ranger.entity.XXUser)2 ArrayList (java.util.ArrayList)1 SearchCriteria (org.apache.ranger.common.SearchCriteria)1 XXAssetDao (org.apache.ranger.db.XXAssetDao)1 XXAuditMapDao (org.apache.ranger.db.XXAuditMapDao)1 XXGroupDao (org.apache.ranger.db.XXGroupDao)1 XXGroupGroupDao (org.apache.ranger.db.XXGroupGroupDao)1 XXGroupPermissionDao (org.apache.ranger.db.XXGroupPermissionDao)1 XXGroupUserDao (org.apache.ranger.db.XXGroupUserDao)1 XXPermMapDao (org.apache.ranger.db.XXPermMapDao)1 XXPolicyDao (org.apache.ranger.db.XXPolicyDao)1 XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)1 XXAsset (org.apache.ranger.entity.XXAsset)1 XXGroup (org.apache.ranger.entity.XXGroup)1 XXGroupGroup (org.apache.ranger.entity.XXGroupGroup)1 XXGroupPermission (org.apache.ranger.entity.XXGroupPermission)1 XXModuleDef (org.apache.ranger.entity.XXModuleDef)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial