Example 11 with XXGroup
use of org.apache.ranger.entity.XXGroup in project ranger by apache.
the class XGroupService method createXGroupWithOutLogin.
public VXGroup createXGroupWithOutLogin(VXGroup vxGroup) {
XXGroup xxGroup = daoManager.getXXGroup().findByGroupName(vxGroup.getName());
boolean groupExists = true;
if (xxGroup == null) {
xxGroup = new XXGroup();
groupExists = false;
}
xxGroup = mapViewToEntityBean(vxGroup, xxGroup, 0);
XXPortalUser xXPortalUser = daoManager.getXXPortalUser().getById(createdByUserId);
if (xXPortalUser != null) {
xxGroup.setAddedByUserId(createdByUserId);
xxGroup.setUpdatedByUserId(createdByUserId);
}
if (groupExists) {
xxGroup = getDao().update(xxGroup);
} else {
xxGroup = getDao().create(xxGroup);
}
vxGroup = postCreate(xxGroup);
return vxGroup;
}
Also used :
XXPortalUser(org.apache.ranger.entity.XXPortalUser)
XXGroup(org.apache.ranger.entity.XXGroup)
Example 12 with XXGroup
use of org.apache.ranger.entity.XXGroup in project ranger by apache.
the class XGroupUserService method getTransactionLog.
public List<XXTrxLog> getTransactionLog(VXGroupUser vObj, XXGroupUser mObj, String action) {
// if(vObj == null && (action == null || !action.equalsIgnoreCase("update"))){
// return null;
// }
Long groupId = vObj.getParentGroupId();
XXGroup xGroup = daoManager.getXXGroup().getById(groupId);
String groupName = xGroup.getName();
Long userId = vObj.getUserId();
XXUser xUser = daoManager.getXXUser().getById(userId);
String userName = xUser.getName();
List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
Field[] fields = vObj.getClass().getDeclaredFields();
try {
for (Field field : fields) {
field.setAccessible(true);
String fieldName = field.getName();
if (!trxLogAttrs.containsKey(fieldName)) {
continue;
}
VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
XXTrxLog xTrxLog = new XXTrxLog();
xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
String value = null;
boolean isEnum = vTrxLogAttr.isEnum();
if (isEnum) {
String enumName = XXAsset.getEnumName(fieldName);
int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
value = xaEnumUtil.getLabel(enumName, enumValue);
} else {
value = "" + field.get(vObj);
XXGroup xXGroup = daoManager.getXXGroup().getById(Long.parseLong(value));
value = xXGroup.getName();
}
if ("create".equalsIgnoreCase(action)) {
xTrxLog.setNewValue(value);
} else if ("delete".equalsIgnoreCase(action)) {
xTrxLog.setPreviousValue(value);
} else if ("update".equalsIgnoreCase(action)) {
// No Change.
xTrxLog.setNewValue(value);
xTrxLog.setPreviousValue(value);
}
xTrxLog.setAction(action);
xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP_USER);
xTrxLog.setObjectId(vObj.getId());
xTrxLog.setObjectName(userName);
xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
xTrxLog.setParentObjectId(groupId);
xTrxLog.setParentObjectName(groupName);
trxLogList.add(xTrxLog);
}
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (SecurityException e) {
e.printStackTrace();
}
return trxLogList;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
ArrayList(java.util.ArrayList)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr)
Field(java.lang.reflect.Field)
SearchField(org.apache.ranger.common.SearchField)
XXGroup(org.apache.ranger.entity.XXGroup)
Example 13 with XXGroup
use of org.apache.ranger.entity.XXGroup in project ranger by apache.
the class XModuleDefService method populateViewBean.
@Override
public VXModuleDef populateViewBean(XXModuleDef xObj) {
VXModuleDef vModuleDef = super.populateViewBean(xObj);
Map<Long, XXUser> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserMap();
Map<Long, XXGroup> xXGroupMap = xGroupService.getXXGroupIdXXGroupMap();
List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByModuleId(xObj.getId(), false);
List<XXGroupPermission> xgroupPermissionList = daoManager.getXXGroupPermission().findByModuleId(xObj.getId(), false);
if (CollectionUtils.isEmpty(xXPortalUserIdXXUserMap)) {
for (XXUserPermission xUserPerm : xuserPermissionList) {
VXUserPermission vXUserPerm = xUserPermService.populateViewBean(xUserPerm);
vXUserPermissionList.add(vXUserPerm);
}
} else {
vXUserPermissionList = xUserPermService.getPopulatedVXUserPermissionList(xuserPermissionList, xXPortalUserIdXXUserMap, vModuleDef);
}
if (CollectionUtils.isEmpty(xXGroupMap)) {
for (XXGroupPermission xGrpPerm : xgroupPermissionList) {
VXGroupPermission vXGrpPerm = xGrpPermService.populateViewBean(xGrpPerm);
vXGroupPermissionList.add(vXGrpPerm);
}
} else {
vXGroupPermissionList = xGrpPermService.getPopulatedVXGroupPermissionList(xgroupPermissionList, xXGroupMap, vModuleDef);
}
vModuleDef.setUserPermList(vXUserPermissionList);
vModuleDef.setGroupPermList(vXGroupPermissionList);
return vModuleDef;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
XXGroupPermission(org.apache.ranger.entity.XXGroupPermission)
ArrayList(java.util.ArrayList)
XXUserPermission(org.apache.ranger.entity.XXUserPermission)
VXUserPermission(org.apache.ranger.view.VXUserPermission)
XXGroup(org.apache.ranger.entity.XXGroup)
VXGroupPermission(org.apache.ranger.view.VXGroupPermission)
VXModuleDef(org.apache.ranger.view.VXModuleDef)
Example 14 with XXGroup
use of org.apache.ranger.entity.XXGroup in project ranger by apache.
the class XPermMapService method getTransactionLog.
public List<XXTrxLog> getTransactionLog(VXPermMap vObj, VXPermMap mObj, String action) {
if (vObj == null || action == null || ("update".equalsIgnoreCase(action) && mObj == null)) {
return null;
}
boolean isGroupPolicy = true;
if (vObj.getGroupId() == null) {
isGroupPolicy = false;
}
Long groupId = null;
Long userId = null;
String groupName = null;
String userName = null;
if (isGroupPolicy) {
groupId = vObj.getGroupId();
XXGroup xGroup = daoManager.getXXGroup().getById(groupId);
groupName = xGroup.getName();
} else {
userId = vObj.getUserId();
XXUser xUser = daoManager.getXXUser().getById(userId);
userName = xUser.getName();
}
List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
Field[] fields = vObj.getClass().getDeclaredFields();
try {
for (Field field : fields) {
field.setAccessible(true);
String fieldName = field.getName();
if (!trxLogAttrs.containsKey(fieldName)) {
continue;
// int policyType = vObj.getIpAddress();
/*if(policyType == AppConstants.ASSET_HDFS){
String[] ignoredAttribs = {"ipAddress"};
if(ArrayUtils.contains(ignoredAttribs, fieldName)){
continue;
}
}*/
// } else {
// if(isGroupPolicy){
// if(fieldName.equalsIgnoreCase("userId")){
// continue;
// }
// } else {
// if (fieldName.equalsIgnoreCase("groupId")){
// continue;
// }
// }
}
Long assetId = daoManager.getXXResource().getById(vObj.getResourceId()).getAssetId();
int policyType = daoManager.getXXAsset().getById(assetId).getAssetType();
if (policyType != AppConstants.ASSET_KNOX) {
if ("ipAddress".equals(fieldName))
continue;
}
VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
XXTrxLog xTrxLog = new XXTrxLog();
xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
String value = null, prevValue = "";
boolean isEnum = vTrxLogAttr.isEnum();
if (isEnum) {
String enumName = XXPermMap.getEnumName(fieldName);
int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
value = xaEnumUtil.getLabel(enumName, enumValue);
} else {
value = "" + field.get(vObj);
// value = xUser.getName();
if ("ipAddress".equals(fieldName) && "update".equalsIgnoreCase(action)) {
prevValue = "" + field.get(mObj);
value = "null".equalsIgnoreCase(value) ? "" : value;
} else if (value == null || "null".equalsIgnoreCase(value) || stringUtil.isEmpty(value)) {
continue;
}
}
if ("create".equalsIgnoreCase(action)) {
xTrxLog.setNewValue(value);
} else if ("delete".equalsIgnoreCase(action)) {
xTrxLog.setPreviousValue(value);
} else if ("update".equalsIgnoreCase(action)) {
// Not Changed.
xTrxLog.setNewValue(value);
xTrxLog.setPreviousValue(value);
if ("ipAddress".equals(fieldName)) {
xTrxLog.setPreviousValue(prevValue);
}
}
xTrxLog.setAction(action);
xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_PERM_MAP);
xTrxLog.setObjectId(vObj.getId());
if (isGroupPolicy) {
xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
xTrxLog.setParentObjectId(groupId);
xTrxLog.setParentObjectName(groupName);
} else {
xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_USER);
xTrxLog.setParentObjectId(userId);
xTrxLog.setParentObjectName(userName);
}
// xTrxLog.setObjectName(objectName);
trxLogList.add(xTrxLog);
}
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
} catch (SecurityException e) {
e.printStackTrace();
}
return trxLogList;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
ArrayList(java.util.ArrayList)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr)
Field(java.lang.reflect.Field)
SearchField(org.apache.ranger.common.SearchField)
XXGroup(org.apache.ranger.entity.XXGroup)
Example 15 with XXGroup
use of org.apache.ranger.entity.XXGroup in project ranger by apache.
the class XPolicyService method mapPermObjToPermList.
private List<VXPermMap> mapPermObjToPermList(List<VXPermObj> permObjList, VXPolicy vXPolicy) {
Long resId = vXPolicy.getId();
List<VXPermMap> permMapList = new ArrayList<VXPermMap>();
List<VXPermMap> updPermMapList = new ArrayList<VXPermMap>();
Map<String, VXPermMap> newPermMap = new LinkedHashMap<String, VXPermMap>();
Random rand = new Random();
Map<String, XXPermMap> prevPermMap = getPrevPermMap(resId);
if (permObjList == null) {
permObjList = new ArrayList<VXPermObj>();
}
for (VXPermObj permObj : permObjList) {
String permGrp = new Date() + " : " + rand.nextInt(9999);
String ipAddress = permObj.getIpAddress();
if (!stringUtil.isEmpty(permObj.getUserList())) {
int permFor = AppConstants.XA_PERM_FOR_USER;
for (String user : permObj.getUserList()) {
XXUser xxUser = xaDaoMgr.getXXUser().findByUserName(user);
if (xxUser == null) {
logger.error("No User found with this name : " + user);
throw restErrorUtil.createRESTException("No User found with name : " + user, MessageEnums.DATA_NOT_FOUND);
}
Long userId = xxUser.getId();
for (String permission : permObj.getPermList()) {
int permType = AppConstants.getEnumFor_XAPermType(permission);
VXPermMap vXPermMap = new VXPermMap();
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setUserId(xxUser.getId());
vXPermMap.setResourceId(resId);
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
StringBuilder uniqueKey = new StringBuilder();
uniqueKey.append(resId + uniqueKeySeparator);
uniqueKey.append(permFor + uniqueKeySeparator);
uniqueKey.append(userId + uniqueKeySeparator);
uniqueKey.append(permType);
newPermMap.put(uniqueKey.toString(), vXPermMap);
}
}
}
if (!stringUtil.isEmpty(permObj.getGroupList())) {
int permFor = AppConstants.XA_PERM_FOR_GROUP;
for (String group : permObj.getGroupList()) {
XXGroup xxGroup = xaDaoMgr.getXXGroup().findByGroupName(group);
if (xxGroup == null) {
logger.error("No UserGroup found with this name : " + group);
throw restErrorUtil.createRESTException("No Group found with name : " + group, MessageEnums.DATA_NOT_FOUND);
}
Long grpId = xxGroup.getId();
for (String permission : permObj.getPermList()) {
int permType = AppConstants.getEnumFor_XAPermType(permission);
VXPermMap vXPermMap = new VXPermMap();
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setGroupId(xxGroup.getId());
vXPermMap.setResourceId(resId);
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
StringBuilder uniqueKey = new StringBuilder();
uniqueKey.append(resId + uniqueKeySeparator);
uniqueKey.append(permFor + uniqueKeySeparator);
uniqueKey.append(grpId + uniqueKeySeparator);
uniqueKey.append(permType);
newPermMap.put(uniqueKey.toString(), vXPermMap);
}
}
}
}
// Create Newly added permissions and Remove deleted permissions from DB
if (prevPermMap.isEmpty()) {
updPermMapList.addAll(permMapList);
} else {
for (Entry<String, VXPermMap> entry : newPermMap.entrySet()) {
if (!prevPermMap.containsKey(entry.getKey())) {
updPermMapList.add(entry.getValue());
} else {
VXPermMap vPMap = xPermMapService.populateViewBean(prevPermMap.get(entry.getKey()));
VXPermMap vPMapNew = entry.getValue();
vPMap.setIpAddress(vPMapNew.getIpAddress());
updPermMapList.add(vPMap);
}
}
}
return updPermMapList;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
VXPermMap(org.apache.ranger.view.VXPermMap)
ArrayList(java.util.ArrayList)
VXPermObj(org.apache.ranger.view.VXPermObj)
Date(java.util.Date)
LinkedHashMap(java.util.LinkedHashMap)
XXGroup(org.apache.ranger.entity.XXGroup)
Random(java.util.Random)
XXPermMap(org.apache.ranger.entity.XXPermMap)
Aggregations
XXGroup (org.apache.ranger.entity.XXGroup)24
ArrayList (java.util.ArrayList)11
XXUser (org.apache.ranger.entity.XXUser)10
VXGroup (org.apache.ranger.view.VXGroup)7
XXGroupDao (org.apache.ranger.db.XXGroupDao)6
XXGroupPermission (org.apache.ranger.entity.XXGroupPermission)5
Test (org.junit.Test)5
HashMap (java.util.HashMap)4
XXTrxLog (org.apache.ranger.entity.XXTrxLog)4
XXGroupUserDao (org.apache.ranger.db.XXGroupUserDao)3
XXPermMap (org.apache.ranger.entity.XXPermMap)3
XXPortalUser (org.apache.ranger.entity.XXPortalUser)3
VXGroupPermission (org.apache.ranger.view.VXGroupPermission)3
Field (java.lang.reflect.Field)2
Date (java.util.Date)2
Random (java.util.Random)2
SearchCriteria (org.apache.ranger.common.SearchCriteria)2
SearchField (org.apache.ranger.common.SearchField)2
VTrxLogAttr (org.apache.ranger.common.view.VTrxLogAttr)2
XXAuditMapDao (org.apache.ranger.db.XXAuditMapDao)2
