Search in sources :

Example 1 with XXService

use of org.apache.ranger.entity.XXService in project ranger by apache.

the class ServiceDBStore method writeCSVForPolicyItems.

private void writeCSVForPolicyItems(RangerPolicy policy, RangerPolicyItem policyItem, RangerDataMaskPolicyItem dataMaskPolicyItem, RangerRowFilterPolicyItem rowFilterPolicyItem, StringBuilder csvBuffer, String policyConditionType) {
    if (LOG.isDebugEnabled()) {
        // To avoid PMD violation
        LOG.debug("policyConditionType:[" + policyConditionType + "]");
    }
    final String COMMA_DELIMITER = "|";
    final String LINE_SEPARATOR = "\n";
    List<String> groups = new ArrayList<String>();
    List<String> users = new ArrayList<String>();
    String groupNames = "";
    String userNames = "";
    String policyLabelName = "";
    String accessType = "";
    String policyStatus = "";
    String policyType = "";
    Boolean delegateAdmin = false;
    String isRecursive = "";
    String isExcludes = "";
    String serviceName = "";
    String description = "";
    Boolean isAuditEnabled = true;
    String isExcludesValue = "";
    String maskingInfo = "";
    List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
    List<RangerPolicyItemCondition> conditionsList = new ArrayList<RangerPolicyItemCondition>();
    String conditionKeyValue = "";
    String resValue = "";
    String resourceKeyVal = "";
    String isRecursiveValue = "";
    String resKey = "";
    String ServiceType = "";
    String filterExpr = "";
    String policyName = "";
    List<String> policyLabels = new ArrayList<String>();
    String policyConditionTypeValue = "";
    serviceName = policy.getService();
    description = policy.getDescription();
    isAuditEnabled = policy.getIsAuditEnabled();
    policyLabels = policy.getPolicyLabels();
    StringBuffer sb = new StringBuffer();
    StringBuffer sbIsRecursive = new StringBuffer();
    StringBuffer sbIsExcludes = new StringBuffer();
    Map<String, RangerPolicyResource> resources = policy.getResources();
    RangerPolicyItemDataMaskInfo dataMaskInfo = new RangerPolicyItemDataMaskInfo();
    RangerPolicyItemRowFilterInfo filterInfo = new RangerPolicyItemRowFilterInfo();
    policyName = policy.getName();
    policyName = policyName.replace("|", "");
    if (resources != null) {
        for (Entry<String, RangerPolicyResource> resource : resources.entrySet()) {
            resKey = resource.getKey();
            RangerPolicyResource policyResource = resource.getValue();
            List<String> resvalueList = policyResource.getValues();
            isExcludes = policyResource.getIsExcludes().toString();
            isRecursive = policyResource.getIsRecursive().toString();
            resValue = resvalueList.toString();
            sb = sb.append(resourceKeyVal).append(" ").append(resKey).append("=").append(resValue);
            sbIsExcludes = sbIsExcludes.append(resourceKeyVal).append(" ").append(resKey).append("=[").append(isExcludes).append("]");
            sbIsRecursive = sbIsRecursive.append(resourceKeyVal).append(" ").append(resKey).append("=[").append(isRecursive).append("]");
        }
        isExcludesValue = sbIsExcludes.toString();
        isExcludesValue = isExcludesValue.substring(1);
        isRecursiveValue = sbIsRecursive.toString();
        isRecursiveValue = isRecursiveValue.substring(1);
        resourceKeyVal = sb.toString();
        resourceKeyVal = resourceKeyVal.substring(1);
        if (policyItem != null && dataMaskPolicyItem == null && rowFilterPolicyItem == null) {
            groups = policyItem.getGroups();
            users = policyItem.getUsers();
            accesses = policyItem.getAccesses();
            delegateAdmin = policyItem.getDelegateAdmin();
            conditionsList = policyItem.getConditions();
        } else if (dataMaskPolicyItem != null && policyItem == null && rowFilterPolicyItem == null) {
            groups = dataMaskPolicyItem.getGroups();
            users = dataMaskPolicyItem.getUsers();
            accesses = dataMaskPolicyItem.getAccesses();
            delegateAdmin = dataMaskPolicyItem.getDelegateAdmin();
            conditionsList = dataMaskPolicyItem.getConditions();
            dataMaskInfo = dataMaskPolicyItem.getDataMaskInfo();
            String dataMaskType = dataMaskInfo.getDataMaskType();
            String conditionExpr = dataMaskInfo.getConditionExpr();
            String valueExpr = dataMaskInfo.getValueExpr();
            maskingInfo = "dataMasktype=[" + dataMaskType + "]";
            if (conditionExpr != null && !conditionExpr.isEmpty() && valueExpr != null && !valueExpr.isEmpty()) {
                maskingInfo = maskingInfo + "; conditionExpr=[" + conditionExpr + "]";
            }
        } else if (rowFilterPolicyItem != null && policyItem == null && dataMaskPolicyItem == null) {
            groups = rowFilterPolicyItem.getGroups();
            users = rowFilterPolicyItem.getUsers();
            accesses = rowFilterPolicyItem.getAccesses();
            delegateAdmin = rowFilterPolicyItem.getDelegateAdmin();
            conditionsList = rowFilterPolicyItem.getConditions();
            filterInfo = rowFilterPolicyItem.getRowFilterInfo();
            filterExpr = filterInfo.getFilterExpr();
        }
        if (CollectionUtils.isNotEmpty(accesses)) {
            for (RangerPolicyItemAccess access : accesses) {
                accessType = accessType + access.getType().replace("#", "").replace("|", "") + "#";
            }
            accessType = accessType.substring(0, accessType.lastIndexOf("#"));
        }
        if (CollectionUtils.isNotEmpty(groups)) {
            for (String group : groups) {
                group = group.replace("|", "");
                group = group.replace("#", "");
                groupNames = groupNames + group + "#";
            }
            groupNames = groupNames.substring(0, groupNames.lastIndexOf("#"));
        }
        if (CollectionUtils.isNotEmpty(users)) {
            for (String user : users) {
                user = user.replace("|", "");
                user = user.replace("#", "");
                userNames = userNames + user + "#";
            }
            userNames = userNames.substring(0, userNames.lastIndexOf("#"));
        }
        String conditionValue = "";
        for (RangerPolicyItemCondition conditions : conditionsList) {
            String conditionType = conditions.getType();
            List<String> conditionList = conditions.getValues();
            conditionValue = conditionList.toString();
            conditionKeyValue = conditionType + "=" + conditionValue;
        }
        XXService xxservice = daoMgr.getXXService().findByName(policy.getService());
        if (xxservice != null) {
            Long ServiceId = xxservice.getType();
            XXServiceDef xxservDef = daoMgr.getXXServiceDef().getById(ServiceId);
            if (xxservDef != null) {
                ServiceType = xxservDef.getName();
            }
        }
    }
    if (policyConditionType != null) {
        policyConditionTypeValue = policyConditionType;
    }
    if (policyConditionType == null && ServiceType.equalsIgnoreCase("tag")) {
        policyConditionTypeValue = POLICY_ALLOW_INCLUDE;
    } else if (policyConditionType == null) {
        policyConditionTypeValue = "";
    }
    if (policy.getIsEnabled()) {
        policyStatus = "Enabled";
    } else {
        policyStatus = "Disabled";
    }
    int policyTypeInt = policy.getPolicyType();
    switch(policyTypeInt) {
        case RangerPolicy.POLICY_TYPE_ACCESS:
            policyType = POLICY_TYPE_ACCESS;
            break;
        case RangerPolicy.POLICY_TYPE_DATAMASK:
            policyType = POLICY_TYPE_DATAMASK;
            break;
        case RangerPolicy.POLICY_TYPE_ROWFILTER:
            policyType = POLICY_TYPE_ROWFILTER;
            break;
    }
    if (CollectionUtils.isNotEmpty(policyLabels)) {
        for (String policyLabel : policyLabels) {
            policyLabel = policyLabel.replace("|", "");
            policyLabel = policyLabel.replace("#", "");
            policyLabelName = policyLabelName + policyLabel + "#";
        }
        policyLabelName = policyLabelName.substring(0, policyLabelName.lastIndexOf("#"));
    }
    csvBuffer.append(policy.getId());
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(policyName);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(resourceKeyVal);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(groupNames);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(userNames);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(accessType.trim());
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(ServiceType);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(policyStatus);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(policyType);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(delegateAdmin.toString().toUpperCase());
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(isRecursiveValue);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(isExcludesValue);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(serviceName);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(description);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(isAuditEnabled.toString().toUpperCase());
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(conditionKeyValue.trim());
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(policyConditionTypeValue);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(maskingInfo);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(filterExpr);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(policyLabelName);
    csvBuffer.append(COMMA_DELIMITER);
    csvBuffer.append(LINE_SEPARATOR);
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) VXString(org.apache.ranger.view.VXString) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemRowFilterInfo(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemRowFilterInfo) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition) XXService(org.apache.ranger.entity.XXService) RangerPolicyItemDataMaskInfo(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo)

Example 2 with XXService

use of org.apache.ranger.entity.XXService in project ranger by apache.

the class ServiceDBStore method deleteServiceDef.

public void deleteServiceDef(Long serviceDefId, Boolean forceDelete) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.deleteServiceDef(" + serviceDefId + ", " + forceDelete + ")");
    }
    bizUtil.blockAuditorRoleUser();
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session == null) {
        throw restErrorUtil.createRESTException("UserSession cannot be null, only Admin can update service-def", MessageEnums.OPER_NO_PERMISSION);
    }
    if (!session.isKeyAdmin() && !session.isUserAdmin()) {
        throw restErrorUtil.createRESTException("User is not allowed to update service-def, only Admin can update service-def", MessageEnums.OPER_NO_PERMISSION);
    }
    RangerServiceDef serviceDef = getServiceDef(serviceDefId);
    if (serviceDef == null) {
        throw restErrorUtil.createRESTException("No Service Definiton found for Id: " + serviceDefId, MessageEnums.DATA_NOT_FOUND);
    }
    List<XXService> serviceList = daoMgr.getXXService().findByServiceDefId(serviceDefId);
    if (!forceDelete) {
        if (CollectionUtils.isNotEmpty(serviceList)) {
            throw restErrorUtil.createRESTException("Services exists under given service definition, can't delete Service-Def: " + serviceDef.getName(), MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
        }
    }
    XXDataMaskTypeDefDao dataMaskDao = daoMgr.getXXDataMaskTypeDef();
    List<XXDataMaskTypeDef> dataMaskDefs = dataMaskDao.findByServiceDefId(serviceDefId);
    for (XXDataMaskTypeDef dataMaskDef : dataMaskDefs) {
        dataMaskDao.remove(dataMaskDef);
    }
    List<XXAccessTypeDef> accTypeDefs = daoMgr.getXXAccessTypeDef().findByServiceDefId(serviceDefId);
    for (XXAccessTypeDef accessType : accTypeDefs) {
        deleteXXAccessTypeDef(accessType);
    }
    XXContextEnricherDefDao xContextEnricherDao = daoMgr.getXXContextEnricherDef();
    List<XXContextEnricherDef> contextEnrichers = xContextEnricherDao.findByServiceDefId(serviceDefId);
    for (XXContextEnricherDef context : contextEnrichers) {
        xContextEnricherDao.remove(context);
    }
    XXEnumDefDao enumDefDao = daoMgr.getXXEnumDef();
    List<XXEnumDef> enumDefList = enumDefDao.findByServiceDefId(serviceDefId);
    for (XXEnumDef enumDef : enumDefList) {
        List<XXEnumElementDef> enumEleDefList = daoMgr.getXXEnumElementDef().findByEnumDefId(enumDef.getId());
        for (XXEnumElementDef eleDef : enumEleDefList) {
            daoMgr.getXXEnumElementDef().remove(eleDef);
        }
        enumDefDao.remove(enumDef);
    }
    XXPolicyConditionDefDao policyCondDao = daoMgr.getXXPolicyConditionDef();
    List<XXPolicyConditionDef> policyCondList = policyCondDao.findByServiceDefId(serviceDefId);
    for (XXPolicyConditionDef policyCond : policyCondList) {
        List<XXPolicyItemCondition> policyItemCondList = daoMgr.getXXPolicyItemCondition().findByPolicyConditionDefId(policyCond.getId());
        for (XXPolicyItemCondition policyItemCond : policyItemCondList) {
            daoMgr.getXXPolicyItemCondition().remove(policyItemCond);
        }
        policyCondDao.remove(policyCond);
    }
    List<XXResourceDef> resDefList = daoMgr.getXXResourceDef().findByServiceDefId(serviceDefId);
    for (XXResourceDef resDef : resDefList) {
        deleteXXResourceDef(resDef);
    }
    XXServiceConfigDefDao configDefDao = daoMgr.getXXServiceConfigDef();
    List<XXServiceConfigDef> configDefList = configDefDao.findByServiceDefId(serviceDefId);
    for (XXServiceConfigDef configDef : configDefList) {
        configDefDao.remove(configDef);
    }
    if (CollectionUtils.isNotEmpty(serviceList)) {
        for (XXService service : serviceList) {
            deleteService(service.getId());
        }
    }
    Long version = serviceDef.getVersion();
    if (version == null) {
        version = Long.valueOf(1);
        LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null.");
    } else {
        version = Long.valueOf(version.longValue() + 1);
    }
    serviceDef.setVersion(version);
    serviceDefService.delete(serviceDef);
    LOG.info("ServiceDefinition has been deleted successfully. Service-Def Name: " + serviceDef.getName());
    dataHistService.createObjectDataHistory(serviceDef, RangerDataHistService.ACTION_DELETE);
    postDelete(serviceDef);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceDBStore.deleteServiceDef(" + serviceDefId + ", " + forceDelete + ")");
    }
}
Also used : XXDataMaskTypeDefDao(org.apache.ranger.db.XXDataMaskTypeDefDao) XXPolicyConditionDefDao(org.apache.ranger.db.XXPolicyConditionDefDao) XXPolicyItemCondition(org.apache.ranger.entity.XXPolicyItemCondition) UserSessionBase(org.apache.ranger.common.UserSessionBase) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) XXEnumDefDao(org.apache.ranger.db.XXEnumDefDao) XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) XXServiceConfigDef(org.apache.ranger.entity.XXServiceConfigDef) XXResourceDef(org.apache.ranger.entity.XXResourceDef) XXEnumElementDef(org.apache.ranger.entity.XXEnumElementDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) XXEnumDef(org.apache.ranger.entity.XXEnumDef) XXService(org.apache.ranger.entity.XXService) XXServiceConfigDefDao(org.apache.ranger.db.XXServiceConfigDefDao) XXContextEnricherDef(org.apache.ranger.entity.XXContextEnricherDef) XXContextEnricherDefDao(org.apache.ranger.db.XXContextEnricherDefDao)

Example 3 with XXService

use of org.apache.ranger.entity.XXService in project ranger by apache.

the class ServiceDBStore method updateService.

@Override
public RangerService updateService(RangerService service, Map<String, Object> options) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.updateService()");
    }
    XXService existing = daoMgr.getXXService().getById(service.getId());
    if (existing == null) {
        throw restErrorUtil.createRESTException("no service exists with ID=" + service.getId(), MessageEnums.DATA_NOT_FOUND);
    }
    String existingName = existing.getName();
    boolean renamed = !StringUtils.equalsIgnoreCase(service.getName(), existingName);
    if (renamed) {
        XXService newNameService = daoMgr.getXXService().findByName(service.getName());
        if (newNameService != null) {
            throw restErrorUtil.createRESTException("another service already exists with name '" + service.getName() + "'. ID=" + newNameService.getId(), MessageEnums.DATA_NOT_UPDATABLE);
        }
        long countOfTaggedResources = daoMgr.getXXServiceResource().countTaggedResourcesInServiceId(existing.getId());
        Boolean isForceRename = options != null && options.get(ServiceStore.OPTION_FORCE_RENAME) != null ? (Boolean) options.get(ServiceStore.OPTION_FORCE_RENAME) : Boolean.FALSE;
        if (countOfTaggedResources != 0L) {
            if (isForceRename) {
                LOG.warn("Forcing the renaming of service from " + existingName + " to " + service.getName() + " although it is associated with " + countOfTaggedResources + " service-resources!");
            } else {
                throw restErrorUtil.createRESTException("Service " + existingName + " cannot be renamed, as it has associated service-resources", MessageEnums.DATA_NOT_UPDATABLE);
            }
        }
    }
    Map<String, String> configs = service.getConfigs();
    Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
    if (validConfigs == null) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ConfigParams cannot be null, ServiceDBStore.createService(" + service + ")");
        }
        throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
    }
    boolean hasTagServiceValueChanged = false;
    Long existingTagServiceId = existing.getTagService();
    // null for old clients; empty string to remove existing association
    String newTagServiceName = service.getTagService();
    Long newTagServiceId = null;
    if (newTagServiceName == null) {
        // old client; don't update existing tagService
        if (existingTagServiceId != null) {
            newTagServiceName = getServiceName(existingTagServiceId);
            service.setTagService(newTagServiceName);
            LOG.info("ServiceDBStore.updateService(id=" + service.getId() + "; name=" + service.getName() + "): tagService is null; using existing tagService '" + newTagServiceName + "'");
        }
    }
    if (StringUtils.isNotBlank(newTagServiceName)) {
        RangerService tmp = getServiceByName(newTagServiceName);
        if (tmp == null || !EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(tmp.getType())) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("ServiceDBStore.updateService() - " + newTagServiceName + " does not refer to a valid tag service.(" + service + ")");
            }
            throw restErrorUtil.createRESTException("Invalid tag service name " + newTagServiceName, MessageEnums.ERROR_CREATING_OBJECT);
        } else {
            newTagServiceId = tmp.getId();
        }
    }
    if (existingTagServiceId == null) {
        if (newTagServiceId != null) {
            hasTagServiceValueChanged = true;
        }
    } else if (!existingTagServiceId.equals(newTagServiceId)) {
        hasTagServiceValueChanged = true;
    }
    boolean hasIsEnabledChanged = !existing.getIsenabled().equals(service.getIsEnabled());
    List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
    if (populateExistingBaseFields) {
        svcServiceWithAssignedId.setPopulateExistingBaseFields(true);
        service = svcServiceWithAssignedId.update(service);
        svcServiceWithAssignedId.setPopulateExistingBaseFields(false);
    } else {
        service.setCreateTime(existing.getCreateTime());
        service.setGuid(existing.getGuid());
        service.setVersion(existing.getVersion());
        service = svcService.update(service);
        if (hasTagServiceValueChanged || hasIsEnabledChanged) {
            updatePolicyVersion(service, false);
        }
    }
    XXService xUpdService = daoMgr.getXXService().getById(service.getId());
    String oldPassword = null;
    List<XXServiceConfigMap> dbConfigMaps = daoMgr.getXXServiceConfigMap().findByServiceId(service.getId());
    for (XXServiceConfigMap dbConfigMap : dbConfigMaps) {
        if (StringUtils.equalsIgnoreCase(dbConfigMap.getConfigkey(), CONFIG_KEY_PASSWORD)) {
            oldPassword = dbConfigMap.getConfigvalue();
        }
        daoMgr.getXXServiceConfigMap().remove(dbConfigMap);
    }
    VXUser vXUser = null;
    XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
    for (Entry<String, String> configMap : validConfigs.entrySet()) {
        String configKey = configMap.getKey();
        String configValue = configMap.getValue();
        if (StringUtils.equalsIgnoreCase(configKey, "username")) {
            String userName = stringUtil.getValidUserName(configValue);
            XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
            if (xxUser != null) {
                vXUser = xUserService.populateViewBean(xxUser);
            } else {
                UserSessionBase usb = ContextUtil.getCurrentUserSession();
                if (usb != null && !usb.isUserAdmin()) {
                    throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
                }
                vXUser = xUserMgr.createServiceConfigUser(userName);
            }
        }
        if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) {
            if (StringUtils.equalsIgnoreCase(configValue, HIDDEN_PASSWORD_STR)) {
                String[] crypt_algo_array = null;
                if (configValue.contains(",")) {
                    crypt_algo_array = configValue.split(",");
                }
                if (oldPassword != null && oldPassword.contains(",")) {
                    String encryptKey = null;
                    String salt = null;
                    int iterationCount = 0;
                    crypt_algo_array = oldPassword.split(",");
                    String OLD_CRYPT_ALGO = crypt_algo_array[0];
                    encryptKey = crypt_algo_array[1];
                    salt = crypt_algo_array[2];
                    iterationCount = Integer.parseInt(crypt_algo_array[3]);
                    if (!OLD_CRYPT_ALGO.equalsIgnoreCase(CRYPT_ALGO)) {
                        String decryptedPwd = PasswordUtils.decryptPassword(oldPassword);
                        String paddingString = CRYPT_ALGO + "," + encryptKey + "," + salt + "," + iterationCount;
                        String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + decryptedPwd);
                        String newDecryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
                        if (StringUtils.equals(newDecryptedPwd, decryptedPwd)) {
                            configValue = paddingString + "," + encryptedPwd;
                        }
                    } else {
                        configValue = oldPassword;
                    }
                } else {
                    configValue = oldPassword;
                }
            } else {
                String paddingString = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT;
                String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + configValue);
                String decryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
                if (StringUtils.equals(decryptedPwd, configValue)) {
                    configValue = paddingString + "," + encryptedPwd;
                }
            }
        }
        XXServiceConfigMap xConfMap = new XXServiceConfigMap();
        xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xUpdService);
        xConfMap.setServiceId(service.getId());
        xConfMap.setConfigkey(configKey);
        xConfMap.setConfigvalue(configValue);
        xConfMapDao.create(xConfMap);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("vXUser:[" + vXUser + "]");
    }
    RangerService updService = svcService.getPopulatedViewObject(xUpdService);
    dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE);
    bizUtil.createTrxLog(trxLogList);
    return updService;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) VXString(org.apache.ranger.view.VXString) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VXUser(org.apache.ranger.view.VXUser) XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao) UserSessionBase(org.apache.ranger.common.UserSessionBase) XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap) RangerService(org.apache.ranger.plugin.model.RangerService) XXService(org.apache.ranger.entity.XXService)

Example 4 with XXService

use of org.apache.ranger.entity.XXService in project ranger by apache.

the class ServiceDBStore method writeCSV.

private StringBuilder writeCSV(List<RangerPolicy> policies, String cSVFileName, HttpServletResponse response) {
    response.setContentType("text/csv");
    final String LINE_SEPARATOR = "\n";
    final String FILE_HEADER = "ID|Name|Resources|Groups|Users|Accesses|Service Type|Status|Policy Type|Delegate Admin|isRecursive|" + "isExcludes|Service Name|Description|isAuditEnabled|Policy Conditions|Policy Condition Type|Masking Options|Row Filter Expr|Policy Label Name";
    StringBuilder csvBuffer = new StringBuilder();
    csvBuffer.append(FILE_HEADER);
    csvBuffer.append(LINE_SEPARATOR);
    if (!CollectionUtils.isEmpty(policies)) {
        for (RangerPolicy policy : policies) {
            List<RangerPolicyItem> policyItems = policy.getPolicyItems();
            List<RangerRowFilterPolicyItem> rowFilterPolicyItems = policy.getRowFilterPolicyItems();
            List<RangerDataMaskPolicyItem> dataMaskPolicyItems = policy.getDataMaskPolicyItems();
            List<RangerPolicyItem> allowExceptions = policy.getAllowExceptions();
            List<RangerPolicyItem> denyExceptions = policy.getDenyExceptions();
            List<RangerPolicyItem> denyPolicyItems = policy.getDenyPolicyItems();
            XXService xxservice = daoMgr.getXXService().findByName(policy.getService());
            String serviceType = "";
            if (xxservice != null) {
                Long ServiceId = xxservice.getType();
                XXServiceDef xxservDef = daoMgr.getXXServiceDef().getById(ServiceId);
                if (xxservDef != null) {
                    serviceType = xxservDef.getName();
                }
            }
            if (CollectionUtils.isNotEmpty(policyItems)) {
                for (RangerPolicyItem policyItem : policyItems) {
                    writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_ALLOW_INCLUDE);
                }
            } else if (CollectionUtils.isNotEmpty(dataMaskPolicyItems)) {
                for (RangerDataMaskPolicyItem dataMaskPolicyItem : dataMaskPolicyItems) {
                    writeCSVForPolicyItems(policy, null, dataMaskPolicyItem, null, csvBuffer, null);
                }
            } else if (CollectionUtils.isNotEmpty(rowFilterPolicyItems)) {
                for (RangerRowFilterPolicyItem rowFilterPolicyItem : rowFilterPolicyItems) {
                    writeCSVForPolicyItems(policy, null, null, rowFilterPolicyItem, csvBuffer, null);
                }
            } else if (serviceType.equalsIgnoreCase(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
                if (CollectionUtils.isEmpty(policyItems)) {
                    RangerPolicyItem policyItem = new RangerPolicyItem();
                    writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_ALLOW_INCLUDE);
                }
            } else if (CollectionUtils.isEmpty(policyItems)) {
                RangerPolicyItem policyItem = new RangerPolicyItem();
                writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_ALLOW_INCLUDE);
            }
            if (CollectionUtils.isNotEmpty(allowExceptions)) {
                for (RangerPolicyItem policyItem : allowExceptions) {
                    writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_ALLOW_EXCLUDE);
                }
            }
            if (CollectionUtils.isNotEmpty(denyExceptions)) {
                for (RangerPolicyItem policyItem : denyExceptions) {
                    writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_DENY_EXCLUDE);
                }
            }
            if (CollectionUtils.isNotEmpty(denyPolicyItems)) {
                for (RangerPolicyItem policyItem : denyPolicyItems) {
                    writeCSVForPolicyItems(policy, policyItem, null, null, csvBuffer, POLICY_DENY_INCLUDE);
                }
            }
        }
    }
    response.setHeader("Content-Disposition", "attachment; filename=" + cSVFileName);
    response.setStatus(HttpServletResponse.SC_OK);
    return csvBuffer;
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) RangerRowFilterPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem) VXString(org.apache.ranger.view.VXString) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) XXService(org.apache.ranger.entity.XXService)

Example 5 with XXService

use of org.apache.ranger.entity.XXService in project ranger by apache.

the class TagDBStore method getServiceResourcesByService.

@Override
public List<RangerServiceResource> getServiceResourcesByService(String serviceName) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> TagDBStore.getServiceResourcesByService(" + serviceName + ")");
    }
    List<RangerServiceResource> ret = null;
    XXService service = daoManager.getXXService().findByName(serviceName);
    if (service != null) {
        ret = rangerServiceResourceService.getByServiceId(service.getId());
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== TagDBStore.getServiceResourcesByService(" + serviceName + "): count=" + (ret == null ? 0 : ret.size()));
    }
    return ret;
}
Also used : XXService(org.apache.ranger.entity.XXService)

Aggregations

XXService (org.apache.ranger.entity.XXService)73 XXServiceDef (org.apache.ranger.entity.XXServiceDef)34 RangerService (org.apache.ranger.plugin.model.RangerService)23 Test (org.junit.Test)21 XXServiceDao (org.apache.ranger.db.XXServiceDao)19 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)19 VXString (org.apache.ranger.view.VXString)19 XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)17 ArrayList (java.util.ArrayList)14 XXServiceVersionInfo (org.apache.ranger.entity.XXServiceVersionInfo)14 Date (java.util.Date)13 WebApplicationException (javax.ws.rs.WebApplicationException)11 IOException (java.io.IOException)9 ServiceTags (org.apache.ranger.plugin.util.ServiceTags)9 XXServiceVersionInfoDao (org.apache.ranger.db.XXServiceVersionInfoDao)7 RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)7 UnknownHostException (java.net.UnknownHostException)6 XXServiceConfigMap (org.apache.ranger.entity.XXServiceConfigMap)6 JSONException (org.codehaus.jettison.json.JSONException)6 HashMap (java.util.HashMap)5