Examples with XXPortalUserRole org.apache.ranger.entity.XXPortalUserRole used on opensource projects

Search in sources :

Example 1 with XXPortalUserRole

use of org.apache.ranger.entity.XXPortalUserRole in project ranger by apache.

the class SessionMgr method setUserRoles.

private void setUserRoles(UserSessionBase userSession) {
    List<String> strRoleList = new ArrayList<String>();
    List<XXPortalUserRole> roleList = daoManager.getXXPortalUserRole().findByUserId(userSession.getUserId());
    for (XXPortalUserRole gjUserRole : roleList) {
        String userRole = gjUserRole.getUserRole();
        strRoleList.add(userRole);
    }
    if (strRoleList.contains(RangerConstants.ROLE_SYS_ADMIN)) {
        userSession.setUserAdmin(true);
        userSession.setKeyAdmin(false);
        userSession.setAuditUserAdmin(false);
        userSession.setAuditKeyAdmin(false);
    } else if (strRoleList.contains(RangerConstants.ROLE_KEY_ADMIN)) {
        userSession.setKeyAdmin(true);
        userSession.setUserAdmin(false);
        userSession.setAuditUserAdmin(false);
        userSession.setAuditKeyAdmin(false);
    } else if (strRoleList.size() == 1 && RangerConstants.ROLE_USER.equals(strRoleList.get(0))) {
        userSession.setKeyAdmin(false);
        userSession.setUserAdmin(false);
        userSession.setAuditUserAdmin(false);
        userSession.setAuditKeyAdmin(false);
    } else if (strRoleList.contains(RangerConstants.ROLE_ADMIN_AUDITOR)) {
        userSession.setAuditUserAdmin(true);
        userSession.setAuditKeyAdmin(false);
        userSession.setKeyAdmin(false);
        userSession.setUserAdmin(false);
    } else if (strRoleList.contains(RangerConstants.ROLE_KEY_ADMIN_AUDITOR)) {
        userSession.setAuditKeyAdmin(true);
        userSession.setAuditUserAdmin(false);
        userSession.setKeyAdmin(false);
        userSession.setUserAdmin(false);
    }
    userSession.setUserRoleList(strRoleList);
}
Also used : ArrayList(java.util.ArrayList) CopyOnWriteArrayList(java.util.concurrent.CopyOnWriteArrayList) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole)

Example 2 with XXPortalUserRole

use of org.apache.ranger.entity.XXPortalUserRole in project ranger by apache.

the class UserMgr method mapXXPortalUserToVXPortalUserForDefaultAccount.

protected VXPortalUser mapXXPortalUserToVXPortalUserForDefaultAccount(XXPortalUser user) {
    VXPortalUser userProfile = new VXPortalUser();
    userProfile.setLoginId(user.getLoginId());
    userProfile.setEmailAddress(user.getEmailAddress());
    userProfile.setStatus(user.getStatus());
    userProfile.setUserRoleList(new ArrayList<String>());
    userProfile.setId(user.getId());
    userProfile.setFirstName(user.getFirstName());
    userProfile.setLastName(user.getLastName());
    userProfile.setPublicScreenName(user.getPublicScreenName());
    List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole().findByParentId(user.getId());
    for (XXPortalUserRole gjUserRole : gjUserRoleList) {
        userProfile.getUserRoleList().add(gjUserRole.getUserRole());
    }
    return userProfile;
}
Also used : VXPortalUser(org.apache.ranger.view.VXPortalUser) VXString(org.apache.ranger.view.VXString) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole)

Example 3 with XXPortalUserRole

use of org.apache.ranger.entity.XXPortalUserRole in project ranger by apache.

the class UserMgr method mapXXPortalUserToVXPortalUser.

/**
 * @param user
 * @return
 */
public VXPortalUser mapXXPortalUserToVXPortalUser(XXPortalUser user, Collection<String> userRoleList) {
    if (user == null) {
        return null;
    }
    UserSessionBase sess = ContextUtil.getCurrentUserSession();
    if (sess == null) {
        return null;
    }
    VXPortalUser userProfile = new VXPortalUser();
    gjUserToUserProfile(user, userProfile);
    if (sess.isUserAdmin() || sess.isKeyAdmin() || sess.getXXPortalUser().getId().equals(user.getId())) {
        if (userRoleList == null) {
            userRoleList = new ArrayList<String>();
            List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole().findByParentId(user.getId());
            for (XXPortalUserRole userRole : gjUserRoleList) {
                userRoleList.add(userRole.getUserRole());
            }
        }
        userProfile.setUserRoleList(userRoleList);
    }
    userProfile.setUserSource(user.getUserSource());
    return userProfile;
}
Also used : VXPortalUser(org.apache.ranger.view.VXPortalUser) VXString(org.apache.ranger.view.VXString) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 4 with XXPortalUserRole

use of org.apache.ranger.entity.XXPortalUserRole in project ranger by apache.

the class UserMgr method updateRoles.

public boolean updateRoles(Long userId, Collection<String> rolesList) {
    boolean rolesUpdated = false;
    if (rolesList == null || rolesList.size() == 0) {
        return false;
    }
    List<String> stringRolesList = new ArrayList<String>();
    for (String userRole : rolesList) {
        if (!VALID_ROLE_LIST.contains(userRole.toUpperCase())) {
            throw restErrorUtil.createRESTException("Invalid user role, please provide valid user role.", MessageEnums.INVALID_INPUT_DATA);
        }
        stringRolesList.add(userRole);
    }
    xUserMgr.checkAccessRoles(stringRolesList);
    rangerBizUtil.blockAuditorRoleUser();
    // Let's first delete old roles
    List<XXPortalUserRole> gjUserRoles = daoManager.getXXPortalUserRole().findByUserId(userId);
    for (XXPortalUserRole gjUserRole : gjUserRoles) {
        boolean found = false;
        for (String userRole : rolesList) {
            if (gjUserRole.getUserRole().equalsIgnoreCase(userRole)) {
                found = true;
                break;
            }
        }
        if (!found) {
            if (deleteUserRole(userId, gjUserRole)) {
                rolesUpdated = true;
            }
        }
    }
    // Let's add new roles
    for (String userRole : rolesList) {
        boolean found = false;
        for (XXPortalUserRole gjUserRole : gjUserRoles) {
            if (gjUserRole.getUserRole().equalsIgnoreCase(userRole)) {
                found = true;
                break;
            }
        }
        if (!found) {
            if (addUserRole(userId, userRole) != null) {
                rolesUpdated = true;
            }
        }
    }
    return rolesUpdated;
}
Also used : ArrayList(java.util.ArrayList) VXString(org.apache.ranger.view.VXString) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole)

Example 5 with XXPortalUserRole

use of org.apache.ranger.entity.XXPortalUserRole in project ranger by apache.

the class XUserMgr method deleteXUser.

public synchronized void deleteXUser(Long id, boolean force) {
    checkAdminAccess();
    xaBizUtil.blockAuditorRoleUser();
    XXUserDao xXUserDao = daoManager.getXXUser();
    XXUser xXUser = xXUserDao.getById(id);
    VXUser vXUser = xUserService.populateViewBean(xXUser);
    if (vXUser == null || StringUtil.isEmpty(vXUser.getName())) {
        throw restErrorUtil.createRESTException("No user found with id=" + id);
    }
    XXPortalUserDao xXPortalUserDao = daoManager.getXXPortalUser();
    XXPortalUser xXPortalUser = xXPortalUserDao.findByLoginId(vXUser.getName().trim());
    VXPortalUser vXPortalUser = null;
    if (xXPortalUser != null) {
        vXPortalUser = xPortalUserService.populateViewBean(xXPortalUser);
    }
    if (vXPortalUser == null || StringUtil.isEmpty(vXPortalUser.getLoginId())) {
        throw restErrorUtil.createRESTException("No user found with id=" + id);
    }
    if (logger.isDebugEnabled()) {
        logger.debug("Force delete status=" + force + " for user=" + vXUser.getName());
    }
    restrictSelfAccountDeletion(vXUser.getName().trim());
    SearchCriteria searchCriteria = new SearchCriteria();
    searchCriteria.addParam("xUserId", id);
    VXGroupUserList vxGroupUserList = searchXGroupUsers(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("userId", id);
    VXPermMapList vXPermMapList = searchXPermMaps(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("userId", id);
    VXAuditMapList vXAuditMapList = searchXAuditMaps(searchCriteria);
    long xXPortalUserId = 0;
    xXPortalUserId = vXPortalUser.getId();
    XXAuthSessionDao xXAuthSessionDao = daoManager.getXXAuthSession();
    XXUserPermissionDao xXUserPermissionDao = daoManager.getXXUserPermission();
    XXPortalUserRoleDao xXPortalUserRoleDao = daoManager.getXXPortalUserRole();
    List<XXAuthSession> xXAuthSessions = xXAuthSessionDao.getAuthSessionByUserId(xXPortalUserId);
    List<XXUserPermission> xXUserPermissions = xXUserPermissionDao.findByUserPermissionId(xXPortalUserId);
    List<XXPortalUserRole> xXPortalUserRoles = xXPortalUserRoleDao.findByUserId(xXPortalUserId);
    XXPolicyDao xXPolicyDao = daoManager.getXXPolicy();
    List<XXPolicy> xXPolicyList = xXPolicyDao.findByUserId(id);
    logger.warn("Deleting User : " + vXUser.getName());
    if (force) {
        // delete XXGroupUser mapping
        XXGroupUserDao xGroupUserDao = daoManager.getXXGroupUser();
        for (VXGroupUser groupUser : vxGroupUserList.getList()) {
            if (groupUser != null) {
                logger.warn("Removing user '" + vXUser.getName() + "' from group '" + groupUser.getName() + "'");
                xGroupUserDao.remove(groupUser.getId());
            }
        }
        // delete XXPermMap records of user
        XXPermMapDao xXPermMapDao = daoManager.getXXPermMap();
        for (VXPermMap vXPermMap : vXPermMapList.getList()) {
            if (vXPermMap != null) {
                logger.warn("Deleting '" + AppConstants.getLabelFor_XAPermType(vXPermMap.getPermType()) + "' permission from policy ID='" + vXPermMap.getResourceId() + "' for user '" + vXPermMap.getUserName() + "'");
                xXPermMapDao.remove(vXPermMap.getId());
            }
        }
        // delete XXAuditMap records of user
        XXAuditMapDao xXAuditMapDao = daoManager.getXXAuditMap();
        for (VXAuditMap vXAuditMap : vXAuditMapList.getList()) {
            if (vXAuditMap != null) {
                xXAuditMapDao.remove(vXAuditMap.getId());
            }
        }
        // delete XXPortalUser references
        if (vXPortalUser != null) {
            xPortalUserService.updateXXPortalUserReferences(xXPortalUserId);
            if (xXAuthSessions != null && xXAuthSessions.size() > 0) {
                logger.warn("Deleting " + xXAuthSessions.size() + " login session records for user '" + vXPortalUser.getLoginId() + "'");
            }
            for (XXAuthSession xXAuthSession : xXAuthSessions) {
                xXAuthSessionDao.remove(xXAuthSession.getId());
            }
            for (XXUserPermission xXUserPermission : xXUserPermissions) {
                if (xXUserPermission != null) {
                    XXModuleDef xXModuleDef = daoManager.getXXModuleDef().findByModuleId(xXUserPermission.getModuleId());
                    if (xXModuleDef != null) {
                        logger.warn("Deleting '" + xXModuleDef.getModule() + "' module permission for user '" + vXPortalUser.getLoginId() + "'");
                    }
                    xXUserPermissionDao.remove(xXUserPermission.getId());
                }
            }
            for (XXPortalUserRole xXPortalUserRole : xXPortalUserRoles) {
                if (xXPortalUserRole != null) {
                    logger.warn("Deleting '" + xXPortalUserRole.getUserRole() + "' role for user '" + vXPortalUser.getLoginId() + "'");
                    xXPortalUserRoleDao.remove(xXPortalUserRole.getId());
                }
            }
        }
        // delete XXPolicyItemUserPerm records of user
        for (XXPolicy xXPolicy : xXPolicyList) {
            RangerPolicy rangerPolicy = policyService.getPopulatedViewObject(xXPolicy);
            List<RangerPolicyItem> policyItems = rangerPolicy.getPolicyItems();
            removeUserGroupReferences(policyItems, vXUser.getName(), null);
            rangerPolicy.setPolicyItems(policyItems);
            List<RangerPolicyItem> denyPolicyItems = rangerPolicy.getDenyPolicyItems();
            removeUserGroupReferences(denyPolicyItems, vXUser.getName(), null);
            rangerPolicy.setDenyPolicyItems(denyPolicyItems);
            List<RangerPolicyItem> allowExceptions = rangerPolicy.getAllowExceptions();
            removeUserGroupReferences(allowExceptions, vXUser.getName(), null);
            rangerPolicy.setAllowExceptions(allowExceptions);
            List<RangerPolicyItem> denyExceptions = rangerPolicy.getDenyExceptions();
            removeUserGroupReferences(denyExceptions, vXUser.getName(), null);
            rangerPolicy.setDenyExceptions(denyExceptions);
            List<RangerDataMaskPolicyItem> dataMaskItems = rangerPolicy.getDataMaskPolicyItems();
            removeUserGroupReferences(dataMaskItems, vXUser.getName(), null);
            rangerPolicy.setDataMaskPolicyItems(dataMaskItems);
            List<RangerRowFilterPolicyItem> rowFilterItems = rangerPolicy.getRowFilterPolicyItems();
            removeUserGroupReferences(rowFilterItems, vXUser.getName(), null);
            rangerPolicy.setRowFilterPolicyItems(rowFilterItems);
            try {
                svcStore.updatePolicy(rangerPolicy);
            } catch (Throwable excp) {
                logger.error("updatePolicy(" + rangerPolicy + ") failed", excp);
                throw restErrorUtil.createRESTException(excp.getMessage());
            }
        }
        // delete XXUser entry of user
        xXUserDao.remove(id);
        // delete XXPortal entry of user
        logger.warn("Deleting Portal User : " + vXPortalUser.getLoginId());
        xXPortalUserDao.remove(xXPortalUserId);
        List<XXTrxLog> trxLogList = xUserService.getTransactionLog(xUserService.populateViewBean(xXUser), "delete");
        xaBizUtil.createTrxLog(trxLogList);
        if (xXPortalUser != null) {
            trxLogList = xPortalUserService.getTransactionLog(xPortalUserService.populateViewBean(xXPortalUser), "delete");
            xaBizUtil.createTrxLog(trxLogList);
        }
    } else {
        boolean hasReferences = false;
        if (vxGroupUserList != null && vxGroupUserList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && xXPolicyList != null && xXPolicyList.size() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && vXPermMapList != null && vXPermMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && vXAuditMapList != null && vXAuditMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && xXAuthSessions != null && xXAuthSessions.size() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && xXUserPermissions != null && xXUserPermissions.size() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && xXPortalUserRoles != null && xXPortalUserRoles.size() > 0) {
            hasReferences = true;
        }
        if (hasReferences) {
            if (vXUser.getIsVisible() != RangerCommonEnums.IS_HIDDEN) {
                logger.info("Updating visibility of user '" + vXUser.getName() + "' to Hidden!");
                vXUser.setIsVisible(RangerCommonEnums.IS_HIDDEN);
                xUserService.updateResource(vXUser);
            }
        } else {
            xPortalUserService.updateXXPortalUserReferences(xXPortalUserId);
            // delete XXUser entry of user
            xXUserDao.remove(id);
            // delete XXPortal entry of user
            logger.warn("Deleting Portal User : " + vXPortalUser.getLoginId());
            xXPortalUserDao.remove(xXPortalUserId);
            List<XXTrxLog> trxLogList = xUserService.getTransactionLog(xUserService.populateViewBean(xXUser), "delete");
            xaBizUtil.createTrxLog(trxLogList);
            trxLogList = xPortalUserService.getTransactionLog(xPortalUserService.populateViewBean(xXPortalUser), "delete");
            xaBizUtil.createTrxLog(trxLogList);
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXUserDao(org.apache.ranger.db.XXUserDao) XXPolicy(org.apache.ranger.entity.XXPolicy) XXAuthSessionDao(org.apache.ranger.db.XXAuthSessionDao) XXPortalUserRoleDao(org.apache.ranger.db.XXPortalUserRoleDao) XXGroupUserDao(org.apache.ranger.db.XXGroupUserDao) XXModuleDef(org.apache.ranger.entity.XXModuleDef) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXPermMapDao(org.apache.ranger.db.XXPermMapDao) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole) XXUserPermissionDao(org.apache.ranger.db.XXUserPermissionDao) XXAuditMapDao(org.apache.ranger.db.XXAuditMapDao) RangerRowFilterPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem) XXTrxLog(org.apache.ranger.entity.XXTrxLog) XXAuthSession(org.apache.ranger.entity.XXAuthSession) XXUserPermission(org.apache.ranger.entity.XXUserPermission) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) SearchCriteria(org.apache.ranger.common.SearchCriteria) XXPortalUser(org.apache.ranger.entity.XXPortalUser) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) XXPortalUserDao(org.apache.ranger.db.XXPortalUserDao) XXPolicyDao(org.apache.ranger.db.XXPolicyDao)

Aggregations

XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)34 ArrayList (java.util.ArrayList)28 XXPortalUser (org.apache.ranger.entity.XXPortalUser)21 XXPortalUserRoleDao (org.apache.ranger.db.XXPortalUserRoleDao)20 VXString (org.apache.ranger.view.VXString)20 Test (org.junit.Test)19 VXPortalUser (org.apache.ranger.view.VXPortalUser)18 XXUserPermission (org.apache.ranger.entity.XXUserPermission)14 XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)12 XXGroupPermission (org.apache.ranger.entity.XXGroupPermission)12 Date (java.util.Date)11 XXModuleDef (org.apache.ranger.entity.XXModuleDef)10 VXGroupPermission (org.apache.ranger.view.VXGroupPermission)10 VXUserPermission (org.apache.ranger.view.VXUserPermission)10 XXUserPermissionDao (org.apache.ranger.db.XXUserPermissionDao)9 XXGroupPermissionDao (org.apache.ranger.db.XXGroupPermissionDao)7 UserSessionBase (org.apache.ranger.common.UserSessionBase)6 XXModuleDefDao (org.apache.ranger.db.XXModuleDefDao)5 VXStringList (org.apache.ranger.view.VXStringList)4 VXPasswordChange (org.apache.ranger.view.VXPasswordChange)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial