Examples with XXPolicyItemUserPerm org.apache.ranger.entity.XXPolicyItemUserPerm used on opensource projects

Search in sources :

Example 1 with XXPolicyItemUserPerm

use of org.apache.ranger.entity.XXPolicyItemUserPerm in project ranger by apache.

the class ServiceDBStore method deleteExistingPolicyItems.

private Boolean deleteExistingPolicyItems(RangerPolicy policy) {
    if (policy == null) {
        return false;
    }
    XXPolicyItemDao policyItemDao = daoMgr.getXXPolicyItem();
    List<XXPolicyItem> policyItems = policyItemDao.findByPolicyId(policy.getId());
    for (XXPolicyItem policyItem : policyItems) {
        Long polItemId = policyItem.getId();
        XXPolicyItemConditionDao polCondDao = daoMgr.getXXPolicyItemCondition();
        List<XXPolicyItemCondition> conditions = polCondDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemCondition condition : conditions) {
            polCondDao.remove(condition);
        }
        XXPolicyItemGroupPermDao grpPermDao = daoMgr.getXXPolicyItemGroupPerm();
        List<XXPolicyItemGroupPerm> groups = grpPermDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemGroupPerm group : groups) {
            grpPermDao.remove(group);
        }
        XXPolicyItemUserPermDao userPermDao = daoMgr.getXXPolicyItemUserPerm();
        List<XXPolicyItemUserPerm> users = userPermDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemUserPerm user : users) {
            userPermDao.remove(user);
        }
        XXPolicyItemAccessDao polItemAccDao = daoMgr.getXXPolicyItemAccess();
        List<XXPolicyItemAccess> accesses = polItemAccDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemAccess access : accesses) {
            polItemAccDao.remove(access);
        }
        XXPolicyItemDataMaskInfoDao polItemDataMaskInfoDao = daoMgr.getXXPolicyItemDataMaskInfo();
        List<XXPolicyItemDataMaskInfo> dataMaskInfos = polItemDataMaskInfoDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemDataMaskInfo dataMaskInfo : dataMaskInfos) {
            polItemDataMaskInfoDao.remove(dataMaskInfo);
        }
        XXPolicyItemRowFilterInfoDao polItemRowFilterInfoDao = daoMgr.getXXPolicyItemRowFilterInfo();
        List<XXPolicyItemRowFilterInfo> rowFilterInfos = polItemRowFilterInfoDao.findByPolicyItemId(polItemId);
        for (XXPolicyItemRowFilterInfo rowFilterInfo : rowFilterInfos) {
            polItemRowFilterInfoDao.remove(rowFilterInfo);
        }
        policyItemDao.remove(policyItem);
    }
    return true;
}
Also used : XXPolicyItemGroupPerm(org.apache.ranger.entity.XXPolicyItemGroupPerm) XXPolicyItemConditionDao(org.apache.ranger.db.XXPolicyItemConditionDao) XXPolicyItemUserPermDao(org.apache.ranger.db.XXPolicyItemUserPermDao) XXPolicyItemUserPerm(org.apache.ranger.entity.XXPolicyItemUserPerm) XXPolicyItemGroupPermDao(org.apache.ranger.db.XXPolicyItemGroupPermDao) XXPolicyItemRowFilterInfo(org.apache.ranger.entity.XXPolicyItemRowFilterInfo) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) XXPolicyItemDataMaskInfo(org.apache.ranger.entity.XXPolicyItemDataMaskInfo) XXPolicyItemDao(org.apache.ranger.db.XXPolicyItemDao) XXPolicyItemDataMaskInfoDao(org.apache.ranger.db.XXPolicyItemDataMaskInfoDao) XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXPolicyItemAccessDao(org.apache.ranger.db.XXPolicyItemAccessDao) XXPolicyItemRowFilterInfoDao(org.apache.ranger.db.XXPolicyItemRowFilterInfoDao)

Example 2 with XXPolicyItemUserPerm

use of org.apache.ranger.entity.XXPolicyItemUserPerm in project ranger by apache.

the class ServiceDBStore method createNewPolicyItemForPolicy.

private XXPolicyItem createNewPolicyItemForPolicy(RangerPolicy policy, XXPolicy xPolicy, RangerPolicyItem policyItem, XXServiceDef xServiceDef, int itemOrder, int policyItemType) throws Exception {
    XXPolicyItem xPolicyItem = new XXPolicyItem();
    xPolicyItem = rangerAuditFields.populateAuditFields(xPolicyItem, xPolicy);
    xPolicyItem.setDelegateAdmin(policyItem.getDelegateAdmin());
    xPolicyItem.setItemType(policyItemType);
    xPolicyItem.setIsEnabled(Boolean.TRUE);
    xPolicyItem.setComments(null);
    xPolicyItem.setPolicyId(policy.getId());
    xPolicyItem.setOrder(itemOrder);
    xPolicyItem = daoMgr.getXXPolicyItem().create(xPolicyItem);
    List<RangerPolicyItemAccess> accesses = policyItem.getAccesses();
    for (int i = 0; i < accesses.size(); i++) {
        RangerPolicyItemAccess access = accesses.get(i);
        XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef().findByNameAndServiceId(access.getType(), xPolicy.getService());
        if (xAccTypeDef == null) {
            throw new Exception(access.getType() + ": is not a valid access-type. policy='" + policy.getName() + "' service='" + policy.getService() + "'");
        }
        XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
        xPolItemAcc = (XXPolicyItemAccess) rangerAuditFields.populateAuditFields(xPolItemAcc, xPolicyItem);
        xPolItemAcc.setIsAllowed(access.getIsAllowed());
        xPolItemAcc.setType(xAccTypeDef.getId());
        xPolItemAcc.setPolicyitemid(xPolicyItem.getId());
        xPolItemAcc.setOrder(i);
        daoMgr.getXXPolicyItemAccess().create(xPolItemAcc);
    }
    List<String> users = policyItem.getUsers();
    for (int i = 0; i < users.size(); i++) {
        String user = users.get(i);
        if (StringUtils.isBlank(user)) {
            continue;
        }
        XXUser xUser = daoMgr.getXXUser().findByUserName(user);
        if (xUser == null) {
            throw new Exception(user + ": user does not exist. policy='" + policy.getName() + "' service='" + policy.getService() + "' user='" + user + "'");
        }
        XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
        xUserPerm = rangerAuditFields.populateAuditFields(xUserPerm, xPolicyItem);
        xUserPerm.setUserId(xUser.getId());
        xUserPerm.setPolicyItemId(xPolicyItem.getId());
        xUserPerm.setOrder(i);
        xUserPerm = daoMgr.getXXPolicyItemUserPerm().create(xUserPerm);
    }
    List<String> groups = policyItem.getGroups();
    for (int i = 0; i < groups.size(); i++) {
        String group = groups.get(i);
        if (StringUtils.isBlank(group)) {
            continue;
        }
        XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
        if (xGrp == null) {
            throw new Exception(group + ": group does not exist. policy='" + policy.getName() + "' service='" + policy.getService() + "' group='" + group + "'");
        }
        XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
        xGrpPerm = rangerAuditFields.populateAuditFields(xGrpPerm, xPolicyItem);
        xGrpPerm.setGroupId(xGrp.getId());
        xGrpPerm.setPolicyItemId(xPolicyItem.getId());
        xGrpPerm.setOrder(i);
        xGrpPerm = daoMgr.getXXPolicyItemGroupPerm().create(xGrpPerm);
    }
    List<RangerPolicyItemCondition> conditions = policyItem.getConditions();
    for (RangerPolicyItemCondition condition : conditions) {
        XXPolicyConditionDef xPolCond = daoMgr.getXXPolicyConditionDef().findByServiceDefIdAndName(xServiceDef.getId(), condition.getType());
        if (xPolCond == null) {
            throw new Exception(condition.getType() + ": is not a valid condition-type. policy='" + xPolicy.getName() + "' service='" + xPolicy.getService() + "'");
        }
        for (int i = 0; i < condition.getValues().size(); i++) {
            String value = condition.getValues().get(i);
            XXPolicyItemCondition xPolItemCond = new XXPolicyItemCondition();
            xPolItemCond = rangerAuditFields.populateAuditFields(xPolItemCond, xPolicyItem);
            xPolItemCond.setPolicyItemId(xPolicyItem.getId());
            xPolItemCond.setType(xPolCond.getId());
            xPolItemCond.setValue(value);
            xPolItemCond.setOrder(i);
            daoMgr.getXXPolicyItemCondition().create(xPolItemCond);
        }
    }
    return xPolicyItem;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXPolicyItemGroupPerm(org.apache.ranger.entity.XXPolicyItemGroupPerm) XXPolicyItemUserPerm(org.apache.ranger.entity.XXPolicyItemUserPerm) VXString(org.apache.ranger.view.VXString) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) JSONException(org.codehaus.jettison.json.JSONException) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXGroup(org.apache.ranger.entity.XXGroup) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)

Example 3 with XXPolicyItemUserPerm

use of org.apache.ranger.entity.XXPolicyItemUserPerm in project ranger by apache.

the class PatchForKafkaServiceDefUpdate_J10025 method createDefaultPolicyForNewResources.

private void createDefaultPolicyForNewResources() {
    logger.info("==> createDefaultPolicyForNewResources ");
    XXPortalUser xxPortalUser = daoMgr.getXXPortalUser().findByLoginId(LOGIN_ID_ADMIN);
    Long currentUserId = xxPortalUser.getId();
    XXServiceDef xXServiceDefObj = daoMgr.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_KAFKA_NAME);
    if (xXServiceDefObj == null) {
        logger.debug("ServiceDef not fount with name :" + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_KAFKA_NAME);
        return;
    }
    Long xServiceDefId = xXServiceDefObj.getId();
    List<XXService> xxServices = daoMgr.getXXService().findByServiceDefId(xServiceDefId);
    for (XXService xxService : xxServices) {
        int resourceMapOrder = 0;
        for (String newResource : POLICY_NAMES) {
            XXPolicy xxPolicy = new XXPolicy();
            xxPolicy.setName(newResource);
            xxPolicy.setDescription(newResource);
            xxPolicy.setService(xxService.getId());
            xxPolicy.setPolicyPriority(RangerPolicy.POLICY_PRIORITY_NORMAL);
            xxPolicy.setIsAuditEnabled(Boolean.TRUE);
            xxPolicy.setIsEnabled(Boolean.TRUE);
            xxPolicy.setPolicyType(RangerPolicy.POLICY_TYPE_ACCESS);
            xxPolicy.setGuid(guidUtil.genGUID());
            xxPolicy.setAddedByUserId(currentUserId);
            xxPolicy.setUpdatedByUserId(currentUserId);
            RangerPolicy rangerPolicy = getRangerPolicy(newResource, xxPortalUser, xxService);
            xxPolicy.setPolicyText(JsonUtils.objectToJson(rangerPolicy));
            xxPolicy.setResourceSignature(rangerPolicy.getResourceSignature());
            xxPolicy.setZoneId(1L);
            XXPolicy createdPolicy = daoMgr.getXXPolicy().create(xxPolicy);
            XXPolicyItem xxPolicyItem = new XXPolicyItem();
            xxPolicyItem.setIsEnabled(Boolean.TRUE);
            xxPolicyItem.setDelegateAdmin(Boolean.TRUE);
            xxPolicyItem.setItemType(0);
            xxPolicyItem.setOrder(0);
            xxPolicyItem.setAddedByUserId(currentUserId);
            xxPolicyItem.setUpdatedByUserId(currentUserId);
            xxPolicyItem.setPolicyId(createdPolicy.getId());
            XXPolicyItem createdXXPolicyItem = daoMgr.getXXPolicyItem().create(xxPolicyItem);
            List<String> accessTypes = getAccessTypes();
            for (int i = 0; i < accessTypes.size(); i++) {
                XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef().findByNameAndServiceId(accessTypes.get(i), xxPolicy.getService());
                if (xAccTypeDef == null) {
                    throw new RuntimeException(accessTypes.get(i) + ": is not a valid access-type. policy='" + xxPolicy.getName() + "' service='" + xxPolicy.getService() + "'");
                }
                XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
                xPolItemAcc.setIsAllowed(Boolean.TRUE);
                xPolItemAcc.setType(xAccTypeDef.getId());
                xPolItemAcc.setOrder(i);
                xPolItemAcc.setAddedByUserId(currentUserId);
                xPolItemAcc.setUpdatedByUserId(currentUserId);
                xPolItemAcc.setPolicyitemid(createdXXPolicyItem.getId());
                daoMgr.getXXPolicyItemAccess().create(xPolItemAcc);
            }
            for (int i = 0; i < DEFAULT_POLICY_USERS.size(); i++) {
                String user = DEFAULT_POLICY_USERS.get(i);
                if (StringUtils.isBlank(user)) {
                    continue;
                }
                XXUser xxUser = daoMgr.getXXUser().findByUserName(user);
                if (xxUser == null) {
                    throw new RuntimeException(user + ": user does not exist. policy='" + xxPolicy.getName() + "' service='" + xxPolicy.getService() + "' user='" + user + "'");
                }
                XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
                xUserPerm.setUserId(xxUser.getId());
                xUserPerm.setPolicyItemId(createdXXPolicyItem.getId());
                xUserPerm.setOrder(i);
                xUserPerm.setAddedByUserId(currentUserId);
                xUserPerm.setUpdatedByUserId(currentUserId);
                daoMgr.getXXPolicyItemUserPerm().create(xUserPerm);
            }
            String policyResourceName = KAFKA_RESOURCE_CLUSTER;
            if ("all - delegationtoken".equals(newResource)) {
                policyResourceName = KAFKA_RESOURCE_DELEGATIONTOKEN;
            }
            XXResourceDef xResDef = daoMgr.getXXResourceDef().findByNameAndPolicyId(policyResourceName, createdPolicy.getId());
            if (xResDef == null) {
                throw new RuntimeException(policyResourceName + ": is not a valid resource-type. policy='" + createdPolicy.getName() + "' service='" + createdPolicy.getService() + "'");
            }
            XXPolicyResource xPolRes = new XXPolicyResource();
            xPolRes.setAddedByUserId(currentUserId);
            xPolRes.setUpdatedByUserId(currentUserId);
            xPolRes.setIsExcludes(Boolean.FALSE);
            xPolRes.setIsRecursive(Boolean.FALSE);
            xPolRes.setPolicyId(createdPolicy.getId());
            xPolRes.setResDefId(xResDef.getId());
            xPolRes = daoMgr.getXXPolicyResource().create(xPolRes);
            XXPolicyResourceMap xPolResMap = new XXPolicyResourceMap();
            xPolResMap.setResourceId(xPolRes.getId());
            xPolResMap.setValue("*");
            xPolResMap.setOrder(resourceMapOrder);
            xPolResMap.setAddedByUserId(currentUserId);
            xPolResMap.setUpdatedByUserId(currentUserId);
            daoMgr.getXXPolicyResourceMap().create(xPolResMap);
            resourceMapOrder++;
            logger.info("Creating policy for service id : " + xxService.getId());
        }
    }
    logger.info("<== createDefaultPolicyForNewResources ");
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) XXUser(org.apache.ranger.entity.XXUser) XXPolicyItemUserPerm(org.apache.ranger.entity.XXPolicyItemUserPerm) XXPolicyResourceMap(org.apache.ranger.entity.XXPolicyResourceMap) XXPolicy(org.apache.ranger.entity.XXPolicy) XXResourceDef(org.apache.ranger.entity.XXResourceDef) XXPortalUser(org.apache.ranger.entity.XXPortalUser) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXPolicyItem(org.apache.ranger.entity.XXPolicyItem) XXPolicyItemAccess(org.apache.ranger.entity.XXPolicyItemAccess) XXPolicyResource(org.apache.ranger.entity.XXPolicyResource) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) XXService(org.apache.ranger.entity.XXService)

Aggregations

XXPolicyItem (org.apache.ranger.entity.XXPolicyItem)3 XXPolicyItemAccess (org.apache.ranger.entity.XXPolicyItemAccess)3 XXPolicyItemUserPerm (org.apache.ranger.entity.XXPolicyItemUserPerm)3 XXAccessTypeDef (org.apache.ranger.entity.XXAccessTypeDef)2 XXPolicyItemCondition (org.apache.ranger.entity.XXPolicyItemCondition)2 XXPolicyItemGroupPerm (org.apache.ranger.entity.XXPolicyItemGroupPerm)2 XXUser (org.apache.ranger.entity.XXUser)2 IOException (java.io.IOException)1 UnknownHostException (java.net.UnknownHostException)1 XXPolicyItemAccessDao (org.apache.ranger.db.XXPolicyItemAccessDao)1 XXPolicyItemConditionDao (org.apache.ranger.db.XXPolicyItemConditionDao)1 XXPolicyItemDao (org.apache.ranger.db.XXPolicyItemDao)1 XXPolicyItemDataMaskInfoDao (org.apache.ranger.db.XXPolicyItemDataMaskInfoDao)1 XXPolicyItemGroupPermDao (org.apache.ranger.db.XXPolicyItemGroupPermDao)1 XXPolicyItemRowFilterInfoDao (org.apache.ranger.db.XXPolicyItemRowFilterInfoDao)1 XXPolicyItemUserPermDao (org.apache.ranger.db.XXPolicyItemUserPermDao)1 XXGroup (org.apache.ranger.entity.XXGroup)1 XXPolicy (org.apache.ranger.entity.XXPolicy)1 XXPolicyConditionDef (org.apache.ranger.entity.XXPolicyConditionDef)1 XXPolicyItemDataMaskInfo (org.apache.ranger.entity.XXPolicyItemDataMaskInfo)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial