Search in sources :

Example 1 with XXDataMaskTypeDef

use of org.apache.ranger.entity.XXDataMaskTypeDef in project ranger by apache.

the class ServiceDBStore method deleteServiceDef.

public void deleteServiceDef(Long serviceDefId, Boolean forceDelete) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.deleteServiceDef(" + serviceDefId + ", " + forceDelete + ")");
    }
    bizUtil.blockAuditorRoleUser();
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session == null) {
        throw restErrorUtil.createRESTException("UserSession cannot be null, only Admin can update service-def", MessageEnums.OPER_NO_PERMISSION);
    }
    if (!session.isKeyAdmin() && !session.isUserAdmin()) {
        throw restErrorUtil.createRESTException("User is not allowed to update service-def, only Admin can update service-def", MessageEnums.OPER_NO_PERMISSION);
    }
    RangerServiceDef serviceDef = getServiceDef(serviceDefId);
    if (serviceDef == null) {
        throw restErrorUtil.createRESTException("No Service Definiton found for Id: " + serviceDefId, MessageEnums.DATA_NOT_FOUND);
    }
    List<XXService> serviceList = daoMgr.getXXService().findByServiceDefId(serviceDefId);
    if (!forceDelete) {
        if (CollectionUtils.isNotEmpty(serviceList)) {
            throw restErrorUtil.createRESTException("Services exists under given service definition, can't delete Service-Def: " + serviceDef.getName(), MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
        }
    }
    XXDataMaskTypeDefDao dataMaskDao = daoMgr.getXXDataMaskTypeDef();
    List<XXDataMaskTypeDef> dataMaskDefs = dataMaskDao.findByServiceDefId(serviceDefId);
    for (XXDataMaskTypeDef dataMaskDef : dataMaskDefs) {
        dataMaskDao.remove(dataMaskDef);
    }
    List<XXAccessTypeDef> accTypeDefs = daoMgr.getXXAccessTypeDef().findByServiceDefId(serviceDefId);
    for (XXAccessTypeDef accessType : accTypeDefs) {
        deleteXXAccessTypeDef(accessType);
    }
    XXContextEnricherDefDao xContextEnricherDao = daoMgr.getXXContextEnricherDef();
    List<XXContextEnricherDef> contextEnrichers = xContextEnricherDao.findByServiceDefId(serviceDefId);
    for (XXContextEnricherDef context : contextEnrichers) {
        xContextEnricherDao.remove(context);
    }
    XXEnumDefDao enumDefDao = daoMgr.getXXEnumDef();
    List<XXEnumDef> enumDefList = enumDefDao.findByServiceDefId(serviceDefId);
    for (XXEnumDef enumDef : enumDefList) {
        List<XXEnumElementDef> enumEleDefList = daoMgr.getXXEnumElementDef().findByEnumDefId(enumDef.getId());
        for (XXEnumElementDef eleDef : enumEleDefList) {
            daoMgr.getXXEnumElementDef().remove(eleDef);
        }
        enumDefDao.remove(enumDef);
    }
    XXPolicyConditionDefDao policyCondDao = daoMgr.getXXPolicyConditionDef();
    List<XXPolicyConditionDef> policyCondList = policyCondDao.findByServiceDefId(serviceDefId);
    for (XXPolicyConditionDef policyCond : policyCondList) {
        List<XXPolicyItemCondition> policyItemCondList = daoMgr.getXXPolicyItemCondition().findByPolicyConditionDefId(policyCond.getId());
        for (XXPolicyItemCondition policyItemCond : policyItemCondList) {
            daoMgr.getXXPolicyItemCondition().remove(policyItemCond);
        }
        policyCondDao.remove(policyCond);
    }
    List<XXResourceDef> resDefList = daoMgr.getXXResourceDef().findByServiceDefId(serviceDefId);
    for (XXResourceDef resDef : resDefList) {
        deleteXXResourceDef(resDef);
    }
    XXServiceConfigDefDao configDefDao = daoMgr.getXXServiceConfigDef();
    List<XXServiceConfigDef> configDefList = configDefDao.findByServiceDefId(serviceDefId);
    for (XXServiceConfigDef configDef : configDefList) {
        configDefDao.remove(configDef);
    }
    if (CollectionUtils.isNotEmpty(serviceList)) {
        for (XXService service : serviceList) {
            deleteService(service.getId());
        }
    }
    Long version = serviceDef.getVersion();
    if (version == null) {
        version = Long.valueOf(1);
        LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null.");
    } else {
        version = Long.valueOf(version.longValue() + 1);
    }
    serviceDef.setVersion(version);
    serviceDefService.delete(serviceDef);
    LOG.info("ServiceDefinition has been deleted successfully. Service-Def Name: " + serviceDef.getName());
    dataHistService.createObjectDataHistory(serviceDef, RangerDataHistService.ACTION_DELETE);
    postDelete(serviceDef);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceDBStore.deleteServiceDef(" + serviceDefId + ", " + forceDelete + ")");
    }
}
Also used : XXDataMaskTypeDefDao(org.apache.ranger.db.XXDataMaskTypeDefDao) XXPolicyConditionDefDao(org.apache.ranger.db.XXPolicyConditionDefDao) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) UserSessionBase(org.apache.ranger.common.UserSessionBase) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) XXEnumDefDao(org.apache.ranger.db.XXEnumDefDao) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) XXServiceConfigDef(org.apache.ranger.entity.XXServiceConfigDef) XXResourceDef(org.apache.ranger.entity.XXResourceDef) XXEnumElementDef(org.apache.ranger.entity.XXEnumElementDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) XXEnumDef(org.apache.ranger.entity.XXEnumDef) XXService(org.apache.ranger.entity.XXService) XXServiceConfigDefDao(org.apache.ranger.db.XXServiceConfigDefDao) XXContextEnricherDef(org.apache.ranger.entity.XXContextEnricherDef) XXContextEnricherDefDao(org.apache.ranger.db.XXContextEnricherDefDao)

Example 2 with XXDataMaskTypeDef

use of org.apache.ranger.entity.XXDataMaskTypeDef in project ranger by apache.

the class RangerPolicyService method processFieldToCreateTrxLog.

private XXTrxLog processFieldToCreateTrxLog(Field field, String objectName, Field nameField, RangerPolicy vObj, XXPolicy mObj, int action) {
    String actionString = "";
    field.setAccessible(true);
    String fieldName = field.getName();
    XXTrxLog xTrxLog = new XXTrxLog();
    try {
        VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
        xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
        String value = null;
        boolean isEnum = vTrxLogAttr.isEnum();
        if (isEnum) {
        } else if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyResourcesForTrxLog(field.get(vObj));
        } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyNameForTrxLog(field.get(vObj));
        } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processDataMaskPolicyItemsForTrxLog(field.get(vObj));
            if (vObj.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(vObj.getDataMaskPolicyItems())) {
                for (RangerDataMaskPolicyItem policyItem : vObj.getDataMaskPolicyItems()) {
                    if (policyItem.getDataMaskInfo() != null && policyItem.getDataMaskInfo().getDataMaskType() != null) {
                        List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                        if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                            for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                if (xxDataMaskTypeDef.getName().equalsIgnoreCase(policyItem.getDataMaskInfo().getDataMaskType())) {
                                    String label = xxDataMaskTypeDef.getLabel();
                                    StringBuilder sbValue = new StringBuilder(value);
                                    label = ",\"DataMasklabel\":\"" + label + "\"";
                                    int sbValueIndex = sbValue.lastIndexOf("}]");
                                    sbValue.insert(sbValueIndex, label);
                                    value = sbValue.toString();
                                    break;
                                }
                            }
                        }
                    }
                }
            }
        } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processRowFilterPolicyItemForTrxLog(field.get(vObj));
        } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = String.valueOf(processIsEnabledClassFieldNameForTrxLog(field.get(vObj)));
        } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyLabelsClassFieldNameForTrxLog(field.get(vObj));
        } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processValiditySchedulesClassFieldNameForTrxLog(field.get(vObj));
        } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPriorityClassFieldNameForTrxLog(field.get(vObj));
        } else {
            value = "" + field.get(vObj);
        }
        if (action == OPERATION_CREATE_CONTEXT) {
            if (stringUtil.isEmpty(value)) {
                return null;
            }
            xTrxLog.setNewValue(value);
            actionString = actionCreate;
        } else if (action == OPERATION_DELETE_CONTEXT) {
            xTrxLog.setPreviousValue(value);
            actionString = actionDelete;
        } else if (action == OPERATION_UPDATE_CONTEXT) {
            actionString = actionUpdate;
            String oldValue = null;
            Field[] mFields = mObj.getClass().getDeclaredFields();
            for (Field mField : mFields) {
                mField.setAccessible(true);
                String mFieldName = mField.getName();
                if (fieldName.equalsIgnoreCase(mFieldName)) {
                    if (isEnum) {
                    } else {
                        oldValue = mField.get(mObj) + "";
                    }
                    break;
                }
            }
            RangerPolicy oldPolicy = populateViewBean(mObj);
            if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyResourcesForTrxLog(oldPolicy.getResources());
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getPolicyItems());
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyPolicyItems());
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getName());
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getDescription());
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getAllowExceptions());
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyExceptions());
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processDataMaskPolicyItemsForTrxLog(oldPolicy.getDataMaskPolicyItems());
                    if (oldPolicy.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(oldPolicy.getDataMaskPolicyItems())) {
                        for (RangerDataMaskPolicyItem oldPolicyItem : oldPolicy.getDataMaskPolicyItems()) {
                            if (oldPolicyItem.getDataMaskInfo() != null && oldPolicyItem.getDataMaskInfo().getDataMaskType() != null) {
                                List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                                if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                                    for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                        if (xxDataMaskTypeDef.getName().equalsIgnoreCase(oldPolicyItem.getDataMaskInfo().getDataMaskType())) {
                                            String oldLabel = xxDataMaskTypeDef.getLabel();
                                            StringBuilder sbOldValue = new StringBuilder(oldValue);
                                            oldLabel = ",\"DataMasklabel\":\"" + oldLabel + "\"";
                                            int sbValueIndex = sbOldValue.lastIndexOf("}]");
                                            sbOldValue.insert(sbValueIndex, oldLabel);
                                            oldValue = sbOldValue.toString();
                                            break;
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processRowFilterPolicyItemForTrxLog(oldPolicy.getRowFilterPolicyItems());
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = String.valueOf(processIsEnabledClassFieldNameForTrxLog(oldPolicy.getIsEnabled()));
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPolicyLabelsClassFieldNameForTrxLog(oldPolicy.getPolicyLabels());
            } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processValiditySchedulesClassFieldNameForTrxLog(oldPolicy.getValiditySchedules());
            } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPriorityClassFieldNameForTrxLog(oldPolicy.getPolicyPriority());
            }
            if (oldValue == null || oldValue.equalsIgnoreCase(value)) {
                return null;
            } else if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new resources
                if (compareTwoPolicyResources(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new policyItems
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new policyName
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyPolicyItem
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new allowExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new Description
                if (org.apache.commons.lang.StringUtils.equals(value, oldValue)) {
                    return null;
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new dataMaskPolicyItems
                if (compareTwoDataMaskingPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new rowFilterPolicyItems
                if (compareTwoRowFilterPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(String.valueOf(oldPolicy.getIsEnabled()));
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(String.valueOf(oldPolicy.getIsAuditEnabled()));
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyLabelList(value, oldValue)) {
                    return null;
                }
            }
            xTrxLog.setPreviousValue(oldValue);
            xTrxLog.setNewValue(value);
        }
    } catch (IllegalArgumentException | IllegalAccessException e) {
        logger.error("Process field to create trx log failure.", e);
    }
    xTrxLog.setAction(actionString);
    xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
    xTrxLog.setObjectId(vObj.getId());
    xTrxLog.setObjectName(objectName);
    XXService parentObj = daoMgr.getXXService().findByName(vObj.getService());
    xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_SERVICE);
    xTrxLog.setParentObjectId(parentObj.getId());
    xTrxLog.setParentObjectName(parentObj.getName());
    return xTrxLog;
}
Also used : XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) ArrayList(java.util.ArrayList) List(java.util.List) XXService(org.apache.ranger.entity.XXService)

Example 3 with XXDataMaskTypeDef

use of org.apache.ranger.entity.XXDataMaskTypeDef in project ranger by apache.

the class ServiceDBStore method createServiceDef.

@Override
public RangerServiceDef createServiceDef(RangerServiceDef serviceDef) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.createServiceDef(" + serviceDef + ")");
    }
    XXServiceDef xServiceDef = daoMgr.getXXServiceDef().findByName(serviceDef.getName());
    if (xServiceDef != null) {
        throw restErrorUtil.createRESTException("service-def with name: " + serviceDef.getName() + " already exists", MessageEnums.ERROR_DUPLICATE_OBJECT);
    }
    List<RangerServiceConfigDef> configs = serviceDef.getConfigs();
    List<RangerResourceDef> resources = serviceDef.getResources();
    List<RangerAccessTypeDef> accessTypes = serviceDef.getAccessTypes();
    List<RangerPolicyConditionDef> policyConditions = serviceDef.getPolicyConditions();
    List<RangerContextEnricherDef> contextEnrichers = serviceDef.getContextEnrichers();
    List<RangerEnumDef> enums = serviceDef.getEnums();
    RangerDataMaskDef dataMaskDef = serviceDef.getDataMaskDef();
    RangerRowFilterDef rowFilterDef = serviceDef.getRowFilterDef();
    List<RangerDataMaskTypeDef> dataMaskTypes = dataMaskDef == null || dataMaskDef.getMaskTypes() == null ? new ArrayList<RangerDataMaskTypeDef>() : dataMaskDef.getMaskTypes();
    List<RangerAccessTypeDef> dataMaskAccessTypes = dataMaskDef == null || dataMaskDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : dataMaskDef.getAccessTypes();
    List<RangerResourceDef> dataMaskResources = dataMaskDef == null || dataMaskDef.getResources() == null ? new ArrayList<RangerResourceDef>() : dataMaskDef.getResources();
    List<RangerAccessTypeDef> rowFilterAccessTypes = rowFilterDef == null || rowFilterDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : rowFilterDef.getAccessTypes();
    List<RangerResourceDef> rowFilterResources = rowFilterDef == null || rowFilterDef.getResources() == null ? new ArrayList<RangerResourceDef>() : rowFilterDef.getResources();
    RangerServiceDefHelper defHelper = new RangerServiceDefHelper(serviceDef, false);
    defHelper.patchServiceDefWithDefaultValues();
    // While creating, value of version should be 1.
    serviceDef.setVersion(Long.valueOf(1));
    if (populateExistingBaseFields) {
        svcDefServiceWithAssignedId.setPopulateExistingBaseFields(true);
        daoMgr.getXXServiceDef().setIdentityInsert(true);
        svcDefServiceWithAssignedId.create(serviceDef);
        svcDefServiceWithAssignedId.setPopulateExistingBaseFields(false);
        daoMgr.getXXServiceDef().updateSequence();
        daoMgr.getXXServiceDef().setIdentityInsert(false);
    } else {
        // following fields will be auto populated
        serviceDef.setId(null);
        serviceDef.setCreateTime(null);
        serviceDef.setUpdateTime(null);
        serviceDef = serviceDefService.create(serviceDef);
    }
    Long serviceDefId = serviceDef.getId();
    XXServiceDef createdSvcDef = daoMgr.getXXServiceDef().getById(serviceDefId);
    XXServiceConfigDefDao xxServiceConfigDao = daoMgr.getXXServiceConfigDef();
    for (int i = 0; i < configs.size(); i++) {
        RangerServiceConfigDef config = configs.get(i);
        XXServiceConfigDef xConfig = new XXServiceConfigDef();
        xConfig = serviceDefService.populateRangerServiceConfigDefToXX(config, xConfig, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xConfig.setOrder(i);
        xConfig = xxServiceConfigDao.create(xConfig);
    }
    XXResourceDefDao xxResDefDao = daoMgr.getXXResourceDef();
    for (int i = 0; i < resources.size(); i++) {
        RangerResourceDef resource = resources.get(i);
        XXResourceDef parent = xxResDefDao.findByNameAndServiceDefId(resource.getParent(), serviceDefId);
        Long parentId = (parent != null) ? parent.getId() : null;
        XXResourceDef xResource = new XXResourceDef();
        xResource = serviceDefService.populateRangerResourceDefToXX(resource, xResource, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xResource.setOrder(i);
        xResource.setParent(parentId);
        xResource = xxResDefDao.create(xResource);
    }
    XXAccessTypeDefDao xxATDDao = daoMgr.getXXAccessTypeDef();
    for (int i = 0; i < accessTypes.size(); i++) {
        RangerAccessTypeDef accessType = accessTypes.get(i);
        XXAccessTypeDef xAccessType = new XXAccessTypeDef();
        xAccessType = serviceDefService.populateRangerAccessTypeDefToXX(accessType, xAccessType, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xAccessType.setOrder(i);
        xAccessType = xxATDDao.create(xAccessType);
        Collection<String> impliedGrants = accessType.getImpliedGrants();
        XXAccessTypeDefGrantsDao xxATDGrantDao = daoMgr.getXXAccessTypeDefGrants();
        for (String impliedGrant : impliedGrants) {
            XXAccessTypeDefGrants xImpliedGrant = new XXAccessTypeDefGrants();
            xImpliedGrant.setAtdId(xAccessType.getId());
            xImpliedGrant.setImpliedGrant(impliedGrant);
            xImpliedGrant = xxATDGrantDao.create(xImpliedGrant);
        }
    }
    XXPolicyConditionDefDao xxPolCondDao = daoMgr.getXXPolicyConditionDef();
    for (int i = 0; i < policyConditions.size(); i++) {
        RangerPolicyConditionDef policyCondition = policyConditions.get(i);
        XXPolicyConditionDef xPolicyCondition = new XXPolicyConditionDef();
        xPolicyCondition = serviceDefService.populateRangerPolicyConditionDefToXX(policyCondition, xPolicyCondition, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xPolicyCondition.setOrder(i);
        xPolicyCondition = xxPolCondDao.create(xPolicyCondition);
    }
    XXContextEnricherDefDao xxContextEnricherDao = daoMgr.getXXContextEnricherDef();
    for (int i = 0; i < contextEnrichers.size(); i++) {
        RangerContextEnricherDef contextEnricher = contextEnrichers.get(i);
        XXContextEnricherDef xContextEnricher = new XXContextEnricherDef();
        xContextEnricher = serviceDefService.populateRangerContextEnricherDefToXX(contextEnricher, xContextEnricher, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xContextEnricher.setOrder(i);
        xContextEnricher = xxContextEnricherDao.create(xContextEnricher);
    }
    XXEnumDefDao xxEnumDefDao = daoMgr.getXXEnumDef();
    for (RangerEnumDef vEnum : enums) {
        XXEnumDef xEnum = new XXEnumDef();
        xEnum = serviceDefService.populateRangerEnumDefToXX(vEnum, xEnum, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xEnum = xxEnumDefDao.create(xEnum);
        List<RangerEnumElementDef> elements = vEnum.getElements();
        XXEnumElementDefDao xxEnumEleDefDao = daoMgr.getXXEnumElementDef();
        for (int i = 0; i < elements.size(); i++) {
            RangerEnumElementDef element = elements.get(i);
            XXEnumElementDef xElement = new XXEnumElementDef();
            xElement = serviceDefService.populateRangerEnumElementDefToXX(element, xElement, xEnum, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xElement.setOrder(i);
            xElement = xxEnumEleDefDao.create(xElement);
        }
    }
    XXDataMaskTypeDefDao xxDataMaskDefDao = daoMgr.getXXDataMaskTypeDef();
    for (int i = 0; i < dataMaskTypes.size(); i++) {
        RangerDataMaskTypeDef dataMask = dataMaskTypes.get(i);
        XXDataMaskTypeDef xDataMaskDef = new XXDataMaskTypeDef();
        xDataMaskDef = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xDataMaskDef, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
        xDataMaskDef.setOrder(i);
        xDataMaskDef = xxDataMaskDefDao.create(xDataMaskDef);
    }
    List<XXAccessTypeDef> xxAccessTypeDefs = xxATDDao.findByServiceDefId(createdSvcDef.getId());
    for (RangerAccessTypeDef accessType : dataMaskAccessTypes) {
        if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
            throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (RangerAccessTypeDef accessType : rowFilterAccessTypes) {
        if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
            throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
        String dataMaskOptions = null;
        String rowFilterOptions = null;
        for (RangerAccessTypeDef accessTypeDef : dataMaskAccessTypes) {
            if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
                dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
                break;
            }
        }
        for (RangerAccessTypeDef accessTypeDef : rowFilterAccessTypes) {
            if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
                rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
                break;
            }
        }
        if (!StringUtils.equals(dataMaskOptions, xxAccessTypeDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxAccessTypeDef.getRowFilterOptions())) {
            xxAccessTypeDef.setDataMaskOptions(dataMaskOptions);
            xxAccessTypeDef.setRowFilterOptions(rowFilterOptions);
            xxATDDao.update(xxAccessTypeDef);
        }
    }
    List<XXResourceDef> xxResourceDefs = xxResDefDao.findByServiceDefId(createdSvcDef.getId());
    for (RangerResourceDef resource : dataMaskResources) {
        if (!isResourceInList(resource.getName(), xxResourceDefs)) {
            throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (RangerResourceDef resource : rowFilterResources) {
        if (!isResourceInList(resource.getName(), xxResourceDefs)) {
            throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (XXResourceDef xxResourceDef : xxResourceDefs) {
        String dataMaskOptions = null;
        String rowFilterOptions = null;
        for (RangerResourceDef resource : dataMaskResources) {
            if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
                dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(resource);
                break;
            }
        }
        for (RangerResourceDef resource : rowFilterResources) {
            if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
                rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(resource);
                break;
            }
        }
        if (!StringUtils.equals(dataMaskOptions, xxResourceDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxResourceDef.getRowFilterOptions())) {
            xxResourceDef.setDataMaskOptions(dataMaskOptions);
            xxResourceDef.setRowFilterOptions(rowFilterOptions);
            xxResDefDao.update(xxResourceDef);
        }
    }
    RangerServiceDef createdServiceDef = serviceDefService.getPopulatedViewObject(createdSvcDef);
    dataHistService.createObjectDataHistory(createdServiceDef, RangerDataHistService.ACTION_CREATE);
    postCreate(createdServiceDef);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceDBStore.createServiceDef(" + serviceDef + "): " + createdServiceDef);
    }
    return createdServiceDef;
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) XXDataMaskTypeDefDao(org.apache.ranger.db.XXDataMaskTypeDefDao) RangerDataMaskDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef) XXPolicyConditionDefDao(org.apache.ranger.db.XXPolicyConditionDefDao) RangerEnumDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef) XXEnumElementDefDao(org.apache.ranger.db.XXEnumElementDefDao) RangerPolicyConditionDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef) RangerRowFilterDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerRowFilterDef) XXAccessTypeDefDao(org.apache.ranger.db.XXAccessTypeDefDao) VXString(org.apache.ranger.view.VXString) XXAccessTypeDefGrants(org.apache.ranger.entity.XXAccessTypeDefGrants) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXEnumDefDao(org.apache.ranger.db.XXEnumDefDao) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) XXServiceConfigDef(org.apache.ranger.entity.XXServiceConfigDef) RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef) RangerServiceConfigDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef) XXResourceDefDao(org.apache.ranger.db.XXResourceDefDao) RangerEnumElementDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef) RangerDataMaskTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef) XXResourceDef(org.apache.ranger.entity.XXResourceDef) XXAccessTypeDefGrantsDao(org.apache.ranger.db.XXAccessTypeDefGrantsDao) RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) XXEnumElementDef(org.apache.ranger.entity.XXEnumElementDef) RangerContextEnricherDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef) RangerServiceDefHelper(org.apache.ranger.plugin.model.validation.RangerServiceDefHelper) XXEnumDef(org.apache.ranger.entity.XXEnumDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) XXServiceConfigDefDao(org.apache.ranger.db.XXServiceConfigDefDao) XXContextEnricherDef(org.apache.ranger.entity.XXContextEnricherDef) XXContextEnricherDefDao(org.apache.ranger.db.XXContextEnricherDefDao)

Example 4 with XXDataMaskTypeDef

use of org.apache.ranger.entity.XXDataMaskTypeDef in project ranger by apache.

the class ServiceDBStore method updateChildObjectsOfServiceDef.

private void updateChildObjectsOfServiceDef(XXServiceDef createdSvcDef, List<RangerServiceConfigDef> configs, List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes, List<RangerPolicyConditionDef> policyConditions, List<RangerContextEnricherDef> contextEnrichers, List<RangerEnumDef> enums, RangerDataMaskDef dataMaskDef, RangerRowFilterDef rowFilterDef) {
    Long serviceDefId = createdSvcDef.getId();
    List<XXServiceConfigDef> xxConfigs = daoMgr.getXXServiceConfigDef().findByServiceDefId(serviceDefId);
    List<XXResourceDef> xxResources = daoMgr.getXXResourceDef().findByServiceDefId(serviceDefId);
    List<XXAccessTypeDef> xxAccessTypes = daoMgr.getXXAccessTypeDef().findByServiceDefId(serviceDefId);
    List<XXPolicyConditionDef> xxPolicyConditions = daoMgr.getXXPolicyConditionDef().findByServiceDefId(serviceDefId);
    List<XXContextEnricherDef> xxContextEnrichers = daoMgr.getXXContextEnricherDef().findByServiceDefId(serviceDefId);
    List<XXEnumDef> xxEnums = daoMgr.getXXEnumDef().findByServiceDefId(serviceDefId);
    XXServiceConfigDefDao xxServiceConfigDao = daoMgr.getXXServiceConfigDef();
    for (int i = 0; i < configs.size(); i++) {
        RangerServiceConfigDef config = configs.get(i);
        boolean found = false;
        for (XXServiceConfigDef xConfig : xxConfigs) {
            if (config.getItemId() != null && config.getItemId().equals(xConfig.getItemId())) {
                found = true;
                xConfig = serviceDefService.populateRangerServiceConfigDefToXX(config, xConfig, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xConfig.setOrder(i);
                xConfig = xxServiceConfigDao.update(xConfig);
                config = serviceDefService.populateXXToRangerServiceConfigDef(xConfig);
                break;
            }
        }
        if (!found) {
            XXServiceConfigDef xConfig = new XXServiceConfigDef();
            xConfig = serviceDefService.populateRangerServiceConfigDefToXX(config, xConfig, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xConfig.setOrder(i);
            xConfig = xxServiceConfigDao.create(xConfig);
            config = serviceDefService.populateXXToRangerServiceConfigDef(xConfig);
        }
    }
    for (XXServiceConfigDef xConfig : xxConfigs) {
        boolean found = false;
        for (RangerServiceConfigDef config : configs) {
            if (xConfig.getItemId() != null && xConfig.getItemId().equals(config.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            xxServiceConfigDao.remove(xConfig);
        }
    }
    XXResourceDefDao xxResDefDao = daoMgr.getXXResourceDef();
    for (RangerResourceDef resource : resources) {
        boolean found = false;
        for (XXResourceDef xRes : xxResources) {
            if (resource.getItemId() != null && resource.getItemId().equals(xRes.getItemId())) {
                found = true;
                xRes = serviceDefService.populateRangerResourceDefToXX(resource, xRes, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xxResDefDao.update(xRes);
                resource = serviceDefService.populateXXToRangerResourceDef(xRes);
                break;
            }
        }
        if (!found) {
            XXResourceDef parent = xxResDefDao.findByNameAndServiceDefId(resource.getParent(), serviceDefId);
            Long parentId = (parent != null) ? parent.getId() : null;
            XXResourceDef xResource = new XXResourceDef();
            xResource = serviceDefService.populateRangerResourceDefToXX(resource, xResource, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xResource.setParent(parentId);
            xResource = xxResDefDao.create(xResource);
        }
    }
    for (XXResourceDef xRes : xxResources) {
        boolean found = false;
        for (RangerResourceDef resource : resources) {
            if (xRes.getItemId() != null && xRes.getItemId().equals(resource.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            List<XXPolicyResource> policyResList = daoMgr.getXXPolicyResource().findByResDefId(xRes.getId());
            if (!stringUtil.isEmpty(policyResList)) {
                throw restErrorUtil.createRESTException("Policy/Policies are referring to this resource: " + xRes.getName() + ". Please remove such references from policy before updating service-def.", MessageEnums.DATA_NOT_UPDATABLE);
            }
            deleteXXResourceDef(xRes);
        }
    }
    XXAccessTypeDefDao xxATDDao = daoMgr.getXXAccessTypeDef();
    for (int i = 0; i < accessTypes.size(); i++) {
        RangerAccessTypeDef access = accessTypes.get(i);
        boolean found = false;
        for (XXAccessTypeDef xAccess : xxAccessTypes) {
            if (access.getItemId() != null && access.getItemId().equals(xAccess.getItemId())) {
                found = true;
                xAccess = serviceDefService.populateRangerAccessTypeDefToXX(access, xAccess, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xAccess.setOrder(i);
                xAccess = xxATDDao.update(xAccess);
                Collection<String> impliedGrants = access.getImpliedGrants();
                XXAccessTypeDefGrantsDao xxATDGrantDao = daoMgr.getXXAccessTypeDefGrants();
                List<String> xxImpliedGrants = xxATDGrantDao.findImpliedGrantsByATDId(xAccess.getId());
                for (String impliedGrant : impliedGrants) {
                    boolean foundGrant = false;
                    for (String xImpliedGrant : xxImpliedGrants) {
                        if (StringUtils.equalsIgnoreCase(impliedGrant, xImpliedGrant)) {
                            foundGrant = true;
                            break;
                        }
                    }
                    if (!foundGrant) {
                        XXAccessTypeDefGrants xImpliedGrant = new XXAccessTypeDefGrants();
                        xImpliedGrant.setAtdId(xAccess.getId());
                        xImpliedGrant.setImpliedGrant(impliedGrant);
                        xImpliedGrant = xxATDGrantDao.create(xImpliedGrant);
                    }
                }
                for (String xImpliedGrant : xxImpliedGrants) {
                    boolean foundGrant = false;
                    for (String impliedGrant : impliedGrants) {
                        if (StringUtils.equalsIgnoreCase(xImpliedGrant, impliedGrant)) {
                            foundGrant = true;
                            break;
                        }
                    }
                    if (!foundGrant) {
                        XXAccessTypeDefGrants xATDGrant = xxATDGrantDao.findByNameAndATDId(xAccess.getId(), xImpliedGrant);
                        xxATDGrantDao.remove(xATDGrant);
                    }
                }
                access = serviceDefService.populateXXToRangerAccessTypeDef(xAccess);
                break;
            }
        }
        if (!found) {
            XXAccessTypeDef xAccessType = new XXAccessTypeDef();
            xAccessType = serviceDefService.populateRangerAccessTypeDefToXX(access, xAccessType, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xAccessType.setOrder(i);
            xAccessType = xxATDDao.create(xAccessType);
            Collection<String> impliedGrants = access.getImpliedGrants();
            XXAccessTypeDefGrantsDao xxATDGrantDao = daoMgr.getXXAccessTypeDefGrants();
            for (String impliedGrant : impliedGrants) {
                XXAccessTypeDefGrants xImpliedGrant = new XXAccessTypeDefGrants();
                xImpliedGrant.setAtdId(xAccessType.getId());
                xImpliedGrant.setImpliedGrant(impliedGrant);
                xImpliedGrant = xxATDGrantDao.create(xImpliedGrant);
            }
            access = serviceDefService.populateXXToRangerAccessTypeDef(xAccessType);
        }
    }
    for (XXAccessTypeDef xAccess : xxAccessTypes) {
        boolean found = false;
        for (RangerAccessTypeDef access : accessTypes) {
            if (xAccess.getItemId() != null && xAccess.getItemId().equals(access.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            List<XXPolicyItemAccess> polItemAccessList = daoMgr.getXXPolicyItemAccess().findByType(xAccess.getId());
            if (!stringUtil.isEmpty(polItemAccessList)) {
                throw restErrorUtil.createRESTException("Policy/Policies are referring to this access-type: " + xAccess.getName() + ". Please remove such references from policy before updating service-def.", MessageEnums.DATA_NOT_UPDATABLE);
            }
            deleteXXAccessTypeDef(xAccess);
        }
    }
    XXPolicyConditionDefDao xxPolCondDao = daoMgr.getXXPolicyConditionDef();
    for (int i = 0; i < policyConditions.size(); i++) {
        RangerPolicyConditionDef condition = policyConditions.get(i);
        boolean found = false;
        for (XXPolicyConditionDef xCondition : xxPolicyConditions) {
            if (condition.getItemId() != null && condition.getItemId().equals(xCondition.getItemId())) {
                found = true;
                xCondition = serviceDefService.populateRangerPolicyConditionDefToXX(condition, xCondition, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xCondition.setOrder(i);
                xCondition = xxPolCondDao.update(xCondition);
                condition = serviceDefService.populateXXToRangerPolicyConditionDef(xCondition);
                break;
            }
        }
        if (!found) {
            XXPolicyConditionDef xCondition = new XXPolicyConditionDef();
            xCondition = serviceDefService.populateRangerPolicyConditionDefToXX(condition, xCondition, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xCondition.setOrder(i);
            xCondition = xxPolCondDao.create(xCondition);
            condition = serviceDefService.populateXXToRangerPolicyConditionDef(xCondition);
        }
    }
    for (XXPolicyConditionDef xCondition : xxPolicyConditions) {
        boolean found = false;
        for (RangerPolicyConditionDef condition : policyConditions) {
            if (xCondition.getItemId() != null && xCondition.getItemId().equals(condition.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            List<XXPolicyItemCondition> policyItemCondList = daoMgr.getXXPolicyItemCondition().findByPolicyConditionDefId(xCondition.getId());
            if (!stringUtil.isEmpty(policyItemCondList)) {
                throw restErrorUtil.createRESTException("Policy/Policies are referring to this policy-condition: " + xCondition.getName() + ". Please remove such references from policy before updating service-def.", MessageEnums.DATA_NOT_UPDATABLE);
            }
            for (XXPolicyItemCondition policyItemCond : policyItemCondList) {
                daoMgr.getXXPolicyItemCondition().remove(policyItemCond);
            }
            xxPolCondDao.remove(xCondition);
        }
    }
    XXContextEnricherDefDao xxContextEnricherDao = daoMgr.getXXContextEnricherDef();
    for (int i = 0; i < contextEnrichers.size(); i++) {
        RangerContextEnricherDef context = contextEnrichers.get(i);
        boolean found = false;
        for (XXContextEnricherDef xContext : xxContextEnrichers) {
            if (context.getItemId() != null && context.getItemId().equals(xContext.getItemId())) {
                found = true;
                xContext = serviceDefService.populateRangerContextEnricherDefToXX(context, xContext, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xContext.setOrder(i);
                xContext = xxContextEnricherDao.update(xContext);
                context = serviceDefService.populateXXToRangerContextEnricherDef(xContext);
                break;
            }
        }
        if (!found) {
            XXContextEnricherDef xContext = new XXContextEnricherDef();
            xContext = serviceDefService.populateRangerContextEnricherDefToXX(context, xContext, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
            xContext.setOrder(i);
            xContext = xxContextEnricherDao.create(xContext);
            context = serviceDefService.populateXXToRangerContextEnricherDef(xContext);
        }
    }
    for (XXContextEnricherDef xContext : xxContextEnrichers) {
        boolean found = false;
        for (RangerContextEnricherDef context : contextEnrichers) {
            if (xContext.getItemId() != null && xContext.getItemId().equals(context.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            daoMgr.getXXContextEnricherDef().remove(xContext);
        }
    }
    XXEnumDefDao xxEnumDefDao = daoMgr.getXXEnumDef();
    for (RangerEnumDef enumDef : enums) {
        boolean found = false;
        for (XXEnumDef xEnumDef : xxEnums) {
            if (enumDef.getItemId() != null && enumDef.getItemId().equals(xEnumDef.getItemId())) {
                found = true;
                xEnumDef = serviceDefService.populateRangerEnumDefToXX(enumDef, xEnumDef, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xEnumDef = xxEnumDefDao.update(xEnumDef);
                XXEnumElementDefDao xEnumEleDao = daoMgr.getXXEnumElementDef();
                List<XXEnumElementDef> xxEnumEleDefs = xEnumEleDao.findByEnumDefId(xEnumDef.getId());
                List<RangerEnumElementDef> enumEleDefs = enumDef.getElements();
                for (int i = 0; i < enumEleDefs.size(); i++) {
                    RangerEnumElementDef eleDef = enumEleDefs.get(i);
                    boolean foundEle = false;
                    for (XXEnumElementDef xEleDef : xxEnumEleDefs) {
                        if (eleDef.getItemId() != null && eleDef.getItemId().equals(xEleDef.getItemId())) {
                            foundEle = true;
                            xEleDef = serviceDefService.populateRangerEnumElementDefToXX(eleDef, xEleDef, xEnumDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                            xEleDef.setOrder(i);
                            xEleDef = xEnumEleDao.update(xEleDef);
                            break;
                        }
                    }
                    if (!foundEle) {
                        XXEnumElementDef xElement = new XXEnumElementDef();
                        xElement = serviceDefService.populateRangerEnumElementDefToXX(eleDef, xElement, xEnumDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
                        xElement.setOrder(i);
                        xElement = xEnumEleDao.create(xElement);
                    }
                }
                for (XXEnumElementDef xxEleDef : xxEnumEleDefs) {
                    boolean foundEle = false;
                    for (RangerEnumElementDef enumEle : enumEleDefs) {
                        if (xxEleDef.getItemId() != null && xxEleDef.getItemId().equals(enumEle.getItemId())) {
                            foundEle = true;
                            break;
                        }
                    }
                    if (!foundEle) {
                        xEnumEleDao.remove(xxEleDef);
                    }
                }
                enumDef = serviceDefService.populateXXToRangerEnumDef(xEnumDef);
                break;
            }
        }
        if (!found) {
            XXEnumDef xEnum = new XXEnumDef();
            xEnum = serviceDefService.populateRangerEnumDefToXX(enumDef, xEnum, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xEnum = xxEnumDefDao.create(xEnum);
            List<RangerEnumElementDef> elements = enumDef.getElements();
            XXEnumElementDefDao xxEnumEleDefDao = daoMgr.getXXEnumElementDef();
            for (RangerEnumElementDef element : elements) {
                XXEnumElementDef xElement = new XXEnumElementDef();
                xElement = serviceDefService.populateRangerEnumElementDefToXX(element, xElement, xEnum, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
                xElement = xxEnumEleDefDao.create(xElement);
            }
            enumDef = serviceDefService.populateXXToRangerEnumDef(xEnum);
        }
    }
    for (XXEnumDef xEnumDef : xxEnums) {
        boolean found = false;
        for (RangerEnumDef enumDef : enums) {
            if (xEnumDef.getItemId() != null && xEnumDef.getItemId().equals(enumDef.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            List<XXEnumElementDef> enumEleDefList = daoMgr.getXXEnumElementDef().findByEnumDefId(xEnumDef.getId());
            for (XXEnumElementDef eleDef : enumEleDefList) {
                daoMgr.getXXEnumElementDef().remove(eleDef);
            }
            xxEnumDefDao.remove(xEnumDef);
        }
    }
    List<RangerDataMaskTypeDef> dataMasks = dataMaskDef == null || dataMaskDef.getMaskTypes() == null ? new ArrayList<RangerDataMaskTypeDef>() : dataMaskDef.getMaskTypes();
    List<RangerAccessTypeDef> dataMaskAccessTypes = dataMaskDef == null || dataMaskDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : dataMaskDef.getAccessTypes();
    List<RangerResourceDef> dataMaskResources = dataMaskDef == null || dataMaskDef.getResources() == null ? new ArrayList<RangerResourceDef>() : dataMaskDef.getResources();
    List<RangerAccessTypeDef> rowFilterAccessTypes = rowFilterDef == null || rowFilterDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : rowFilterDef.getAccessTypes();
    List<RangerResourceDef> rowFilterResources = rowFilterDef == null || rowFilterDef.getResources() == null ? new ArrayList<RangerResourceDef>() : rowFilterDef.getResources();
    XXDataMaskTypeDefDao dataMaskTypeDao = daoMgr.getXXDataMaskTypeDef();
    List<XXDataMaskTypeDef> xxDataMaskTypes = dataMaskTypeDao.findByServiceDefId(serviceDefId);
    List<XXAccessTypeDef> xxAccessTypeDefs = xxATDDao.findByServiceDefId(serviceDefId);
    List<XXResourceDef> xxResourceDefs = xxResDefDao.findByServiceDefId(serviceDefId);
    // create or update dataMasks
    for (int i = 0; i < dataMasks.size(); i++) {
        RangerDataMaskTypeDef dataMask = dataMasks.get(i);
        boolean found = false;
        for (XXDataMaskTypeDef xxDataMask : xxDataMaskTypes) {
            if (xxDataMask.getItemId() != null && xxDataMask.getItemId().equals(dataMask.getItemId())) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Updating existing dataMask with itemId=" + dataMask.getItemId());
                }
                found = true;
                xxDataMask = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xxDataMask, createdSvcDef, RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
                xxDataMask.setOrder(i);
                xxDataMask = dataMaskTypeDao.update(xxDataMask);
                dataMask = serviceDefService.populateXXToRangerDataMaskTypeDef(xxDataMask);
                break;
            }
        }
        if (!found) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Creating dataMask with itemId=" + dataMask.getItemId() + "");
            }
            XXDataMaskTypeDef xxDataMask = new XXDataMaskTypeDef();
            xxDataMask = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xxDataMask, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
            xxDataMask.setOrder(i);
            xxDataMask = dataMaskTypeDao.create(xxDataMask);
        }
    }
    // remove dataMasks
    for (XXDataMaskTypeDef xxDataMask : xxDataMaskTypes) {
        boolean found = false;
        for (RangerDataMaskTypeDef dataMask : dataMasks) {
            if (xxDataMask.getItemId() != null && xxDataMask.getItemId().equals(dataMask.getItemId())) {
                found = true;
                break;
            }
        }
        if (!found) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Deleting dataMask with itemId=" + xxDataMask.getItemId());
            }
            dataMaskTypeDao.remove(xxDataMask);
        }
    }
    for (RangerAccessTypeDef accessType : dataMaskAccessTypes) {
        if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
            throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exist", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (RangerAccessTypeDef accessType : rowFilterAccessTypes) {
        if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
            throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
        String dataMaskOptions = null;
        String rowFilterOptions = null;
        for (RangerAccessTypeDef accessTypeDef : dataMaskAccessTypes) {
            if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
                dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
                break;
            }
        }
        for (RangerAccessTypeDef accessTypeDef : rowFilterAccessTypes) {
            if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
                rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
                break;
            }
        }
        if (!StringUtils.equals(dataMaskOptions, xxAccessTypeDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxAccessTypeDef.getRowFilterOptions())) {
            xxAccessTypeDef.setDataMaskOptions(dataMaskOptions);
            xxAccessTypeDef.setRowFilterOptions(rowFilterOptions);
            xxATDDao.update(xxAccessTypeDef);
        }
    }
    for (RangerResourceDef resource : dataMaskResources) {
        if (!isResourceInList(resource.getName(), xxResourceDefs)) {
            throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (RangerResourceDef resource : rowFilterResources) {
        if (!isResourceInList(resource.getName(), xxResourceDefs)) {
            throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
        }
    }
    for (XXResourceDef xxResourceDef : xxResourceDefs) {
        String dataMaskOptions = null;
        String rowFilterOptions = null;
        for (RangerResourceDef resource : dataMaskResources) {
            if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
                dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(resource);
                break;
            }
        }
        for (RangerResourceDef resource : rowFilterResources) {
            if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
                rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(resource);
                break;
            }
        }
        if (!StringUtils.equals(dataMaskOptions, xxResourceDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxResourceDef.getRowFilterOptions())) {
            xxResourceDef.setDataMaskOptions(dataMaskOptions);
            xxResourceDef.setRowFilterOptions(rowFilterOptions);
            xxResDefDao.update(xxResourceDef);
        }
    }
}
Also used : XXPolicyConditionDefDao(org.apache.ranger.db.XXPolicyConditionDefDao) VXString(org.apache.ranger.view.VXString) RangerPolicyConditionDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) XXServiceConfigDef(org.apache.ranger.entity.XXServiceConfigDef) RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef) RangerServiceConfigDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef) RangerDataMaskTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef) XXAccessTypeDefGrantsDao(org.apache.ranger.db.XXAccessTypeDefGrantsDao) XXEnumElementDef(org.apache.ranger.entity.XXEnumElementDef) XXPolicyResource(org.apache.ranger.entity.XXPolicyResource) XXDataMaskTypeDefDao(org.apache.ranger.db.XXDataMaskTypeDefDao) RangerEnumDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef) XXEnumElementDefDao(org.apache.ranger.db.XXEnumElementDefDao) XXAccessTypeDefDao(org.apache.ranger.db.XXAccessTypeDefDao) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) XXAccessTypeDefGrants(org.apache.ranger.entity.XXAccessTypeDefGrants) XXEnumDefDao(org.apache.ranger.db.XXEnumDefDao) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) XXResourceDefDao(org.apache.ranger.db.XXResourceDefDao) RangerEnumElementDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef) XXResourceDef(org.apache.ranger.entity.XXResourceDef) RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) RangerContextEnricherDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXEnumDef(org.apache.ranger.entity.XXEnumDef) XXServiceConfigDefDao(org.apache.ranger.db.XXServiceConfigDefDao) XXContextEnricherDef(org.apache.ranger.entity.XXContextEnricherDef) XXContextEnricherDefDao(org.apache.ranger.db.XXContextEnricherDefDao)

Example 5 with XXDataMaskTypeDef

use of org.apache.ranger.entity.XXDataMaskTypeDef in project ranger by apache.

the class ServiceDBStore method createNewDataMaskPolicyItemsForPolicy.

private void createNewDataMaskPolicyItemsForPolicy(RangerPolicy policy, XXPolicy xPolicy, List<RangerDataMaskPolicyItem> policyItems, XXServiceDef xServiceDef, int policyItemType) throws Exception {
    if (CollectionUtils.isNotEmpty(policyItems)) {
        for (int itemOrder = 0; itemOrder < policyItems.size(); itemOrder++) {
            RangerDataMaskPolicyItem policyItem = policyItems.get(itemOrder);
            XXPolicyItem xPolicyItem = createNewPolicyItemForPolicy(policy, xPolicy, policyItem, xServiceDef, itemOrder, policyItemType);
            RangerPolicyItemDataMaskInfo dataMaskInfo = policyItem.getDataMaskInfo();
            if (dataMaskInfo != null) {
                XXDataMaskTypeDef dataMaskDef = daoMgr.getXXDataMaskTypeDef().findByNameAndServiceId(dataMaskInfo.getDataMaskType(), xPolicy.getService());
                if (dataMaskDef == null) {
                    throw new Exception(dataMaskInfo.getDataMaskType() + ": is not a valid datamask-type. policy='" + policy.getName() + "' service='" + policy.getService() + "'");
                }
                XXPolicyItemDataMaskInfo xxDataMaskInfo = new XXPolicyItemDataMaskInfo();
                xxDataMaskInfo.setPolicyItemId(xPolicyItem.getId());
                xxDataMaskInfo.setType(dataMaskDef.getId());
                xxDataMaskInfo.setConditionExpr(dataMaskInfo.getConditionExpr());
                xxDataMaskInfo.setValueExpr(dataMaskInfo.getValueExpr());
                daoMgr.getXXPolicyItemDataMaskInfo().create(xxDataMaskInfo);
            }
        }
    }
}
Also used : XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) RangerPolicyItemDataMaskInfo(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) JSONException(org.codehaus.jettison.json.JSONException) XXPolicyItemDataMaskInfo(org.apache.ranger.entity.XXPolicyItemDataMaskInfo)

Aggregations

XXDataMaskTypeDef (org.apache.ranger.entity.XXDataMaskTypeDef)5 XXContextEnricherDefDao (org.apache.ranger.db.XXContextEnricherDefDao)3 XXDataMaskTypeDefDao (org.apache.ranger.db.XXDataMaskTypeDefDao)3 XXEnumDefDao (org.apache.ranger.db.XXEnumDefDao)3 XXPolicyConditionDefDao (org.apache.ranger.db.XXPolicyConditionDefDao)3 XXServiceConfigDefDao (org.apache.ranger.db.XXServiceConfigDefDao)3 XXAccessTypeDef (org.apache.ranger.entity.XXAccessTypeDef)3 XXContextEnricherDef (org.apache.ranger.entity.XXContextEnricherDef)3 XXEnumDef (org.apache.ranger.entity.XXEnumDef)3 XXEnumElementDef (org.apache.ranger.entity.XXEnumElementDef)3 XXPolicyConditionDef (org.apache.ranger.entity.XXPolicyConditionDef)3 XXResourceDef (org.apache.ranger.entity.XXResourceDef)3 XXServiceConfigDef (org.apache.ranger.entity.XXServiceConfigDef)3 XXAccessTypeDefDao (org.apache.ranger.db.XXAccessTypeDefDao)2 XXAccessTypeDefGrantsDao (org.apache.ranger.db.XXAccessTypeDefGrantsDao)2 XXEnumElementDefDao (org.apache.ranger.db.XXEnumElementDefDao)2 XXResourceDefDao (org.apache.ranger.db.XXResourceDefDao)2 XXAccessTypeDefGrants (org.apache.ranger.entity.XXAccessTypeDefGrants)2 XXPolicyItemCondition (org.apache.ranger.entity.XXPolicyItemCondition)2 XXService (org.apache.ranger.entity.XXService)2