Search in sources :

Example 1 with XXPolicyItemGroupPerm

use of org.apache.ranger.entity.XXPolicyItemGroupPerm in project ranger by apache.

the class ServiceDBStore method deleteExistingPolicyItems.

private Boolean deleteExistingPolicyItems(RangerPolicy policy) {
    if (policy == null) {
        return false;
    }
    XXPolicyItemDao policyItemDao = daoMgr.getXXPolicyItem();
    List<XXPolicyItem> policyItems = policyItemDao.findByPolicyId(policy.getId());
    for (XXPolicyItem policyItem : policyItems) {
        Long polItemId = policyItem.getId();
        XXPolicyItemConditionDao polCondDao = daoMgr.getXXPolicyItemCondition();
        List<XXPolicyItemCondition> conditions = polCondDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemCondition condition : conditions) {
            polCondDao.remove(condition);
        }
        XXPolicyItemGroupPermDao grpPermDao = daoMgr.getXXPolicyItemGroupPerm();
        List<XXPolicyItemGroupPerm> groups = grpPermDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemGroupPerm group : groups) {
            grpPermDao.remove(group);
        }
        XXPolicyItemUserPermDao userPermDao = daoMgr.getXXPolicyItemUserPerm();
        List<XXPolicyItemUserPerm> users = userPermDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemUserPerm user : users) {
            userPermDao.remove(user);
        }
        XXPolicyItemAccessDao polItemAccDao = daoMgr.getXXPolicyItemAccess();
        List<XXPolicyItemAccess> accesses = polItemAccDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemAccess access : accesses) {
            polItemAccDao.remove(access);
        }
        XXPolicyItemDataMaskInfoDao polItemDataMaskInfoDao = daoMgr.getXXPolicyItemDataMaskInfo();
        List<XXPolicyItemDataMaskInfo> dataMaskInfos = polItemDataMaskInfoDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemDataMaskInfo dataMaskInfo : dataMaskInfos) {
            polItemDataMaskInfoDao.remove(dataMaskInfo);
        }
        XXPolicyItemRowFilterInfoDao polItemRowFilterInfoDao = daoMgr.getXXPolicyItemRowFilterInfo();
        List<XXPolicyItemRowFilterInfo> rowFilterInfos = polItemRowFilterInfoDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemRowFilterInfo rowFilterInfo : rowFilterInfos) {
            polItemRowFilterInfoDao.remove(rowFilterInfo);
        }
        policyItemDao.remove(policyItem);
    }
    return true;
}
Also used : XXPolicyItemGroupPerm(org.apache.ranger.entity.XXPolicyItemGroupPerm) XXPolicyItemConditionDao(org.apache.ranger.db.XXPolicyItemConditionDao) XXPolicyItemUserPermDao(org.apache.ranger.db.XXPolicyItemUserPermDao) XXPolicyItemUserPerm(org.apache.ranger.entity.XXPolicyItemUserPerm) XXPolicyItemGroupPermDao(org.apache.ranger.db.XXPolicyItemGroupPermDao) XXPolicyItemRowFilterInfo(org.apache.ranger.entity.XXPolicyItemRowFilterInfo) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) XXPolicyItemDataMaskInfo(org.apache.ranger.entity.XXPolicyItemDataMaskInfo) XXPolicyItemDao(org.apache.ranger.db.XXPolicyItemDao) XXPolicyItemDataMaskInfoDao(org.apache.ranger.db.XXPolicyItemDataMaskInfoDao) XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXPolicyItemAccessDao(org.apache.ranger.db.XXPolicyItemAccessDao) XXPolicyItemRowFilterInfoDao(org.apache.ranger.db.XXPolicyItemRowFilterInfoDao)

Example 2 with XXPolicyItemGroupPerm

use of org.apache.ranger.entity.XXPolicyItemGroupPerm in project ranger by apache.

the class ServiceDBStore method createNewPolicyItemForPolicy.

private XXPolicyItem createNewPolicyItemForPolicy(RangerPolicy policy, XXPolicy xPolicy, RangerPolicyItem policyItem, XXServiceDef xServiceDef, int itemOrder, int policyItemType) throws Exception {
    XXPolicyItem xPolicyItem = new XXPolicyItem();
    xPolicyItem = rangerAuditFields.populateAuditFields(xPolicyItem, xPolicy);
    xPolicyItem.setDelegateAdmin(policyItem.getDelegateAdmin());
    xPolicyItem.setItemType(policyItemType);
    xPolicyItem.setIsEnabled(Boolean.TRUE);
    xPolicyItem.setComments(null);
    xPolicyItem.setPolicyId(policy.getId());
    xPolicyItem.setOrder(itemOrder);
    xPolicyItem = daoMgr.getXXPolicyItem().create(xPolicyItem);
    List<RangerPolicyItemAccess> accesses = policyItem.getAccesses();
    for (int i = 0; i < accesses.size(); i++) {
        RangerPolicyItemAccess access = accesses.get(i);
        XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef().findByNameAndServiceId(access.getType(), xPolicy.getService());
        if (xAccTypeDef == null) {
            throw new Exception(access.getType() + ": is not a valid access-type. policy='" + policy.getName() + "' service='" + policy.getService() + "'");
        }
        XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
        xPolItemAcc = (XXPolicyItemAccess) rangerAuditFields.populateAuditFields(xPolItemAcc, xPolicyItem);
        xPolItemAcc.setIsAllowed(access.getIsAllowed());
        xPolItemAcc.setType(xAccTypeDef.getId());
        xPolItemAcc.setPolicyitemid(xPolicyItem.getId());
        xPolItemAcc.setOrder(i);
        daoMgr.getXXPolicyItemAccess().create(xPolItemAcc);
    }
    List<String> users = policyItem.getUsers();
    for (int i = 0; i < users.size(); i++) {
        String user = users.get(i);
        if (StringUtils.isBlank(user)) {
            continue;
        }
        XXUser xUser = daoMgr.getXXUser().findByUserName(user);
        if (xUser == null) {
            throw new Exception(user + ": user does not exist. policy='" + policy.getName() + "' service='" + policy.getService() + "' user='" + user + "'");
        }
        XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
        xUserPerm = rangerAuditFields.populateAuditFields(xUserPerm, xPolicyItem);
        xUserPerm.setUserId(xUser.getId());
        xUserPerm.setPolicyItemId(xPolicyItem.getId());
        xUserPerm.setOrder(i);
        xUserPerm = daoMgr.getXXPolicyItemUserPerm().create(xUserPerm);
    }
    List<String> groups = policyItem.getGroups();
    for (int i = 0; i < groups.size(); i++) {
        String group = groups.get(i);
        if (StringUtils.isBlank(group)) {
            continue;
        }
        XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
        if (xGrp == null) {
            throw new Exception(group + ": group does not exist. policy='" + policy.getName() + "' service='" + policy.getService() + "' group='" + group + "'");
        }
        XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
        xGrpPerm = rangerAuditFields.populateAuditFields(xGrpPerm, xPolicyItem);
        xGrpPerm.setGroupId(xGrp.getId());
        xGrpPerm.setPolicyItemId(xPolicyItem.getId());
        xGrpPerm.setOrder(i);
        xGrpPerm = daoMgr.getXXPolicyItemGroupPerm().create(xGrpPerm);
    }
    List<RangerPolicyItemCondition> conditions = policyItem.getConditions();
    for (RangerPolicyItemCondition condition : conditions) {
        XXPolicyConditionDef xPolCond = daoMgr.getXXPolicyConditionDef().findByServiceDefIdAndName(xServiceDef.getId(), condition.getType());
        if (xPolCond == null) {
            throw new Exception(condition.getType() + ": is not a valid condition-type. policy='" + xPolicy.getName() + "' service='" + xPolicy.getService() + "'");
        }
        for (int i = 0; i < condition.getValues().size(); i++) {
            String value = condition.getValues().get(i);
            XXPolicyItemCondition xPolItemCond = new XXPolicyItemCondition();
            xPolItemCond = rangerAuditFields.populateAuditFields(xPolItemCond, xPolicyItem);
            xPolItemCond.setPolicyItemId(xPolicyItem.getId());
            xPolItemCond.setType(xPolCond.getId());
            xPolItemCond.setValue(value);
            xPolItemCond.setOrder(i);
            daoMgr.getXXPolicyItemCondition().create(xPolItemCond);
        }
    }
    return xPolicyItem;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXPolicyItemGroupPerm(org.apache.ranger.entity.XXPolicyItemGroupPerm) XXPolicyItemUserPerm(org.apache.ranger.entity.XXPolicyItemUserPerm) VXString(org.apache.ranger.view.VXString) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) JSONException(org.codehaus.jettison.json.JSONException) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXGroup(org.apache.ranger.entity.XXGroup) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)

Aggregations

XXPolicyItem (org.apache.ranger.entity.XXPolicyItem)2 XXPolicyItemAccess (org.apache.ranger.entity.XXPolicyItemAccess)2 XXPolicyItemCondition (org.apache.ranger.entity.XXPolicyItemCondition)2 XXPolicyItemGroupPerm (org.apache.ranger.entity.XXPolicyItemGroupPerm)2 XXPolicyItemUserPerm (org.apache.ranger.entity.XXPolicyItemUserPerm)2 IOException (java.io.IOException)1 UnknownHostException (java.net.UnknownHostException)1 XXPolicyItemAccessDao (org.apache.ranger.db.XXPolicyItemAccessDao)1 XXPolicyItemConditionDao (org.apache.ranger.db.XXPolicyItemConditionDao)1 XXPolicyItemDao (org.apache.ranger.db.XXPolicyItemDao)1 XXPolicyItemDataMaskInfoDao (org.apache.ranger.db.XXPolicyItemDataMaskInfoDao)1 XXPolicyItemGroupPermDao (org.apache.ranger.db.XXPolicyItemGroupPermDao)1 XXPolicyItemRowFilterInfoDao (org.apache.ranger.db.XXPolicyItemRowFilterInfoDao)1 XXPolicyItemUserPermDao (org.apache.ranger.db.XXPolicyItemUserPermDao)1 XXAccessTypeDef (org.apache.ranger.entity.XXAccessTypeDef)1 XXGroup (org.apache.ranger.entity.XXGroup)1 XXPolicyConditionDef (org.apache.ranger.entity.XXPolicyConditionDef)1 XXPolicyItemDataMaskInfo (org.apache.ranger.entity.XXPolicyItemDataMaskInfo)1 XXPolicyItemRowFilterInfo (org.apache.ranger.entity.XXPolicyItemRowFilterInfo)1 XXUser (org.apache.ranger.entity.XXUser)1