Search in sources :

Example 41 with XXPolicy

use of org.apache.ranger.entity.XXPolicy in project ranger by apache.

the class XXPolicyChangeLogDao method convert.

private List<RangerPolicyDelta> convert(List<Object[]> queryResult) {
    final List<RangerPolicyDelta> ret;
    if (CollectionUtils.isNotEmpty(queryResult)) {
        ret = new ArrayList<>(queryResult.size());
        for (Object[] log : queryResult) {
            RangerPolicy policy;
            Long logRecordId = (Long) log[POLICY_CHANGE_LOG_RECORD_ID_COLUMN_NUMBER];
            Integer policyChangeType = (Integer) log[POLICY_CHANGE_LOG_RECORD_CHANGE_TYPE_COLUMN_NUMBER];
            Long policiesVersion = (Long) log[POLICY_CHANGE_LOG_RECORD_POLICY_VERSION_COLUMN_NUMBER];
            String serviceType = (String) log[POLICY_CHANGE_LOG_RECORD_SERVICE_TYPE_COLUMN_NUMBER];
            Long policyId = (Long) log[POLICY_CHANGE_LOG_RECORD_POLICY_ID_COLUMN_NUMBER];
            if (policyId != null) {
                XXPolicy xxPolicy = daoManager.getXXPolicy().getById(policyId);
                if (xxPolicy != null) {
                    try {
                        policy = JsonUtils.jsonToObject(xxPolicy.getPolicyText(), RangerPolicy.class);
                        policy.setId(policyId);
                        if (policy.getServiceType() == null) {
                            policy.setServiceType(serviceType);
                        }
                        policy.setVersion(xxPolicy.getVersion());
                    } catch (Exception e) {
                        LOG.error("Cannot read policy:[" + policyId + "]. Should not have come here!! Offending log-record-id:[" + logRecordId + "] and returning...", e);
                        ret.clear();
                        ret.add(new RangerPolicyDelta(logRecordId, RangerPolicyDelta.CHANGE_TYPE_LOG_ERROR, null, null));
                        break;
                    }
                } else {
                    if (policyChangeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE || policyChangeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_UPDATE) {
                        LOG.warn((policyChangeType == RangerPolicyDelta.CHANGE_TYPE_POLICY_CREATE ? "POLICY_CREATE" : "POLICY_UPDATE") + " type change for policy-id:[" + policyId + "], log-id:[" + logRecordId + "] was not found.. probably already deleted");
                    // Create a placeholder delta with a dummy policy as the created/updated policy cannot be found - If there is a subsequent POLICY_DELETE, this delta will be cleaned-up in ServiceDBStore.compressDeltas()
                    }
                    // Create a placeholder delta with a dummy policy
                    policy = new RangerPolicy();
                    policy.setId(policyId);
                    policy.setServiceType(serviceType);
                    policy.setPolicyType((Integer) log[POLICY_CHANGE_LOG_RECORD_POLICY_TYPE_COLUMN_NUMBER]);
                    policy.setZoneName((String) log[POLICY_CHANGE_LOG_RECORD_ZONE_NAME_COLUMN_NUMBER]);
                }
                ret.add(new RangerPolicyDelta(logRecordId, policyChangeType, policiesVersion, policy));
            } else {
                LOG.info("delta-reset-event: log-record-id=" + logRecordId + "; service-type=" + serviceType + "; policy-change-type=" + policyChangeType + ". Discarding " + ret.size() + " deltas");
                ret.clear();
                ret.add(new RangerPolicyDelta(logRecordId, policyChangeType, null, null));
                break;
            }
        }
    } else {
        ret = null;
    }
    return ret;
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerPolicyDelta(org.apache.ranger.plugin.model.RangerPolicyDelta) XXPolicy(org.apache.ranger.entity.XXPolicy)

Example 42 with XXPolicy

use of org.apache.ranger.entity.XXPolicy in project ranger by apache.

the class TestXUserMgr method test128DeleteXGroup.

@Test
public void test128DeleteXGroup() {
    destroySession();
    setup();
    boolean force = true;
    VXGroup vXGroup = vxGroup();
    VXPermMapList vXPermMapList = new VXPermMapList();
    VXPermMap vXPermMap1 = getVXPermMap();
    List<VXPermMap> vXPermMaps = new ArrayList<VXPermMap>();
    vXPermMaps.add(vXPermMap1);
    vXPermMapList.setVXPermMaps(vXPermMaps);
    VXAuditMapList vXAuditMapList = new VXAuditMapList();
    List<VXAuditMap> vXAuditMaps = new ArrayList<VXAuditMap>();
    VXAuditMap vXAuditMap = getVXAuditMap();
    vXAuditMaps.add(vXAuditMap);
    vXAuditMapList.setVXAuditMaps(vXAuditMaps);
    List<XXGroupGroup> xXGroupGroups = new ArrayList<XXGroupGroup>();
    XXGroupGroup xXGroupGroup = xxGroupGroup();
    xXGroupGroups.add(xXGroupGroup);
    List<XXGroupPermission> xXGroupPermissions = new ArrayList<XXGroupPermission>();
    XXGroupPermission xGroupPermissionObj = xxGroupPermission();
    xXGroupPermissions.add(xGroupPermissionObj);
    List<XXPolicy> xXPolicyList = new ArrayList<XXPolicy>();
    XXPolicy xXPolicy = getXXPolicy();
    xXPolicyList.add(xXPolicy);
    List<XXResource> xResourceList = new ArrayList<XXResource>();
    XXResource xXResource = new XXResource();
    xXResource.setId(userId);
    xXResource.setName("hadoopdev");
    xXResource.setIsRecursive(AppConstants.BOOL_TRUE);
    xXResource.setResourceStatus(AppConstants.STATUS_ENABLED);
    xResourceList.add(xXResource);
    List<XXSecurityZoneRefGroup> zoneSecRefGroup = new ArrayList<XXSecurityZoneRefGroup>();
    XXSecurityZoneRefGroupDao zoneSecRefGroupDao = Mockito.mock(XXSecurityZoneRefGroupDao.class);
    Mockito.when(daoManager.getXXSecurityZoneRefGroup()).thenReturn(zoneSecRefGroupDao);
    Mockito.when(zoneSecRefGroupDao.findByGroupId(userId)).thenReturn(zoneSecRefGroup);
    List<XXRoleRefGroup> roleRefGroup = new ArrayList<XXRoleRefGroup>();
    XXRoleRefGroup xRoleRefGroup = new XXRoleRefGroup();
    xRoleRefGroup.setRoleId(userId);
    xRoleRefGroup.setGroupId(userId);
    xRoleRefGroup.setGroupName(groupName);
    xRoleRefGroup.setGroupType(0);
    roleRefGroup.add(xRoleRefGroup);
    XXRoleRefGroupDao roleRefGroupDao = Mockito.mock(XXRoleRefGroupDao.class);
    Mockito.when(daoManager.getXXRoleRefGroup()).thenReturn(roleRefGroupDao);
    Mockito.when(roleRefGroupDao.findByGroupId(userId)).thenReturn(roleRefGroup);
    XXRole xRole = new XXRole();
    xRole.setId(userId);
    xRole.setName("Role1");
    XXRoleDao roleDao = Mockito.mock(XXRoleDao.class);
    Mockito.when(daoManager.getXXRole()).thenReturn(roleDao);
    Mockito.when(roleDao.getById(xRoleRefGroup.getRoleId())).thenReturn(xRole);
    VXResponse vXResponse = new VXResponse();
    vXResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
    vXResponse.setMsgDesc("Can Not Delete Group '" + vXGroup.getName().trim() + "' as its present in " + RangerConstants.ROLE_FIELD);
    Mockito.when(restErrorUtil.generateRESTException((VXResponse) Mockito.any())).thenThrow(new WebApplicationException());
    thrown.expect(WebApplicationException.class);
    xUserMgr.deleteXGroup(vXGroup.getId(), force);
}
Also used : XXSecurityZoneRefGroup(org.apache.ranger.entity.XXSecurityZoneRefGroup) VXPermMap(org.apache.ranger.view.VXPermMap) WebApplicationException(javax.ws.rs.WebApplicationException) ArrayList(java.util.ArrayList) XXSecurityZoneRefGroupDao(org.apache.ranger.db.XXSecurityZoneRefGroupDao) XXPolicy(org.apache.ranger.entity.XXPolicy) XXRoleRefGroupDao(org.apache.ranger.db.XXRoleRefGroupDao) XXRoleRefGroup(org.apache.ranger.entity.XXRoleRefGroup) VXAuditMap(org.apache.ranger.view.VXAuditMap) VXPermMapList(org.apache.ranger.view.VXPermMapList) VXResponse(org.apache.ranger.view.VXResponse) XXGroupPermission(org.apache.ranger.entity.XXGroupPermission) XXResource(org.apache.ranger.entity.XXResource) VXAuditMapList(org.apache.ranger.view.VXAuditMapList) XXRoleDao(org.apache.ranger.db.XXRoleDao) VXGroup(org.apache.ranger.view.VXGroup) XXGroupGroup(org.apache.ranger.entity.XXGroupGroup) XXRole(org.apache.ranger.entity.XXRole) Test(org.junit.Test)

Example 43 with XXPolicy

use of org.apache.ranger.entity.XXPolicy in project ranger by apache.

the class TestXUserMgr method test21DeleteXUser.

@Test
public void test21DeleteXUser() {
    setup();
    boolean force = true;
    VXUser vXUser = vxUser();
    XXUser xXUser = new XXUser();
    XXUserDao xXUserDao = Mockito.mock(XXUserDao.class);
    Mockito.when(daoManager.getXXUser()).thenReturn(xXUserDao);
    Mockito.when(xXUserDao.getById(vXUser.getId())).thenReturn(xXUser);
    Mockito.when(xUserService.populateViewBean(xXUser)).thenReturn(vXUser);
    VXGroupUserList vxGroupUserList = vxGroupUserList();
    XXGroupUserDao xGroupUserDao = Mockito.mock(XXGroupUserDao.class);
    Mockito.when(xGroupUserService.searchXGroupUsers((SearchCriteria) Mockito.any())).thenReturn(vxGroupUserList);
    Mockito.when(daoManager.getXXGroupUser()).thenReturn(xGroupUserDao);
    VXPermMapList vXPermMapList = new VXPermMapList();
    VXPermMap vXPermMap1 = getVXPermMap();
    List<VXPermMap> vXPermMaps = new ArrayList<VXPermMap>();
    vXPermMaps.add(vXPermMap1);
    vXPermMapList.setVXPermMaps(vXPermMaps);
    XXPermMapDao xXPermMapDao = Mockito.mock(XXPermMapDao.class);
    Mockito.when(xPermMapService.searchXPermMaps((SearchCriteria) Mockito.any())).thenReturn(vXPermMapList);
    Mockito.when(daoManager.getXXPermMap()).thenReturn(xXPermMapDao);
    VXAuditMapList vXAuditMapList = new VXAuditMapList();
    List<VXAuditMap> vXAuditMaps = new ArrayList<VXAuditMap>();
    VXAuditMap vXAuditMap = getVXAuditMap();
    vXAuditMaps.add(vXAuditMap);
    vXAuditMapList.setVXAuditMaps(vXAuditMaps);
    XXAuditMapDao xXAuditMapDao = Mockito.mock(XXAuditMapDao.class);
    Mockito.when(xAuditMapService.searchXAuditMaps((SearchCriteria) Mockito.any())).thenReturn(vXAuditMapList);
    Mockito.when(daoManager.getXXAuditMap()).thenReturn(xXAuditMapDao);
    VXPortalUser vXPortalUser = userProfile();
    XXPortalUser xXPortalUser = xxPortalUser(vXPortalUser);
    XXPortalUserDao xXPortalUserDao = Mockito.mock(XXPortalUserDao.class);
    Mockito.when(daoManager.getXXPortalUser()).thenReturn(xXPortalUserDao);
    Mockito.when(xXPortalUserDao.findByLoginId(vXUser.getName().trim())).thenReturn(xXPortalUser);
    Mockito.when(xPortalUserService.populateViewBean(xXPortalUser)).thenReturn(vXPortalUser);
    XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
    XXPortalUserRole.setId(userId);
    XXPortalUserRole.setUserId(userId);
    XXPortalUserRole.setUserRole("ROLE_USER");
    XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
    Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
    XXModuleDef xModuleDef = xxModuleDef();
    Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong())).thenReturn(xModuleDef);
    XXAuthSessionDao xXAuthSessionDao = Mockito.mock(XXAuthSessionDao.class);
    XXUserPermissionDao xXUserPermissionDao = Mockito.mock(XXUserPermissionDao.class);
    XXPortalUserRoleDao xXPortalUserRoleDao = Mockito.mock(XXPortalUserRoleDao.class);
    Mockito.when(daoManager.getXXAuthSession()).thenReturn(xXAuthSessionDao);
    Mockito.when(daoManager.getXXUserPermission()).thenReturn(xXUserPermissionDao);
    Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(xXPortalUserRoleDao);
    List<XXAuthSession> xXAuthSessions = new ArrayList<XXAuthSession>();
    XXAuthSession xXAuthSession = new XXAuthSession();
    xXAuthSession.setId(userId);
    xXAuthSession.setLoginId(vXPortalUser.getLoginId());
    xXAuthSessions.add(xXAuthSession);
    List<XXUserPermission> xXUserPermissions = new ArrayList<XXUserPermission>();
    xXUserPermissions.add(xxUserPermission());
    List<XXPortalUserRole> xXPortalUserRoles = new ArrayList<XXPortalUserRole>();
    xXPortalUserRoles.add(XXPortalUserRole);
    Mockito.when(xXAuthSessionDao.getAuthSessionByUserId(vXPortalUser.getId())).thenReturn(xXAuthSessions);
    Mockito.when(xXUserPermissionDao.findByUserPermissionId(vXPortalUser.getId())).thenReturn(xXUserPermissions);
    Mockito.when(xXPortalUserRoleDao.findByUserId(vXPortalUser.getId())).thenReturn(xXPortalUserRoles);
    XXPolicyDao xXPolicyDao = Mockito.mock(XXPolicyDao.class);
    List<XXPolicy> xXPolicyList = new ArrayList<XXPolicy>();
    XXPolicy xXPolicy = getXXPolicy();
    xXPolicyList.add(xXPolicy);
    Mockito.when(daoManager.getXXPolicy()).thenReturn(xXPolicyDao);
    Mockito.when(xXPolicyDao.findByUserId(vXUser.getId())).thenReturn(xXPolicyList);
    RangerPolicy rangerPolicy = rangerPolicy();
    Mockito.when(policyService.getPopulatedViewObject(xXPolicy)).thenReturn(rangerPolicy);
    List<XXSecurityZoneRefUser> zoneSecRefUser = new ArrayList<XXSecurityZoneRefUser>();
    XXSecurityZoneRefUserDao zoneSecRefUserDao = Mockito.mock(XXSecurityZoneRefUserDao.class);
    Mockito.when(daoManager.getXXSecurityZoneRefUser()).thenReturn(zoneSecRefUserDao);
    Mockito.when(zoneSecRefUserDao.findByUserId(userId)).thenReturn(zoneSecRefUser);
    List<XXRoleRefUser> roleRefUser = new ArrayList<XXRoleRefUser>();
    XXRoleRefUserDao roleRefUserDao = Mockito.mock(XXRoleRefUserDao.class);
    Mockito.when(daoManager.getXXRoleRefUser()).thenReturn(roleRefUserDao);
    Mockito.when(roleRefUserDao.findByUserId(userId)).thenReturn(roleRefUser);
    xUserMgr.deleteXUser(vXUser.getId(), force);
    force = false;
    xUserMgr.deleteXUser(vXUser.getId(), force);
}
Also used : XXRoleRefUser(org.apache.ranger.entity.XXRoleRefUser) XXUser(org.apache.ranger.entity.XXUser) VXGroupUserList(org.apache.ranger.view.VXGroupUserList) VXPermMap(org.apache.ranger.view.VXPermMap) XXUserDao(org.apache.ranger.db.XXUserDao) ArrayList(java.util.ArrayList) XXSecurityZoneRefUser(org.apache.ranger.entity.XXSecurityZoneRefUser) XXModuleDefDao(org.apache.ranger.db.XXModuleDefDao) XXPolicy(org.apache.ranger.entity.XXPolicy) XXAuthSessionDao(org.apache.ranger.db.XXAuthSessionDao) XXGroupUserDao(org.apache.ranger.db.XXGroupUserDao) XXPortalUserRoleDao(org.apache.ranger.db.XXPortalUserRoleDao) XXModuleDef(org.apache.ranger.entity.XXModuleDef) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXPermMapDao(org.apache.ranger.db.XXPermMapDao) VXAuditMap(org.apache.ranger.view.VXAuditMap) VXPortalUser(org.apache.ranger.view.VXPortalUser) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole) VXPermMapList(org.apache.ranger.view.VXPermMapList) XXRoleRefUserDao(org.apache.ranger.db.XXRoleRefUserDao) XXAuditMapDao(org.apache.ranger.db.XXAuditMapDao) XXUserPermissionDao(org.apache.ranger.db.XXUserPermissionDao) VXAuditMapList(org.apache.ranger.view.VXAuditMapList) VXUser(org.apache.ranger.view.VXUser) XXAuthSession(org.apache.ranger.entity.XXAuthSession) XXUserPermission(org.apache.ranger.entity.XXUserPermission) XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXSecurityZoneRefUserDao(org.apache.ranger.db.XXSecurityZoneRefUserDao) XXPortalUserDao(org.apache.ranger.db.XXPortalUserDao) XXPolicyDao(org.apache.ranger.db.XXPolicyDao) Test(org.junit.Test)

Aggregations

XXPolicy (org.apache.ranger.entity.XXPolicy)43 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)25 Test (org.junit.Test)15 ArrayList (java.util.ArrayList)12 XXPolicyDao (org.apache.ranger.db.XXPolicyDao)11 VXAuditMapList (org.apache.ranger.view.VXAuditMapList)10 VXPermMapList (org.apache.ranger.view.VXPermMapList)10 XXPortalUser (org.apache.ranger.entity.XXPortalUser)9 XXService (org.apache.ranger.entity.XXService)9 XXServiceDef (org.apache.ranger.entity.XXServiceDef)9 XXUser (org.apache.ranger.entity.XXUser)9 XXUserDao (org.apache.ranger.db.XXUserDao)8 RangerService (org.apache.ranger.plugin.model.RangerService)8 VXAuditMap (org.apache.ranger.view.VXAuditMap)8 VXPermMap (org.apache.ranger.view.VXPermMap)8 WebApplicationException (javax.ws.rs.WebApplicationException)7 XXAuditMapDao (org.apache.ranger.db.XXAuditMapDao)6 XXGroupUserDao (org.apache.ranger.db.XXGroupUserDao)6 XXPermMapDao (org.apache.ranger.db.XXPermMapDao)6 XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)6