Example 1 with XXServiceConfigMap
use of org.apache.ranger.entity.XXServiceConfigMap in project ranger by apache.
the class PatchForDefaultAuidtFilters_J10050 method addDefaultAuditFilterConfig.
private void addDefaultAuditFilterConfig(XXService xservice, String defaultValue) {
if (logger.isDebugEnabled()) {
logger.debug("==> PatchForDefaultAuidtFilters_J10050.addDefaultAuditFilterConfig() for service (id=" + xservice.getId() + ")");
}
try {
XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
XXServiceConfigMap xConfMap = new XXServiceConfigMap();
xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xservice);
xConfMap.setServiceId(xservice.getId());
xConfMap.setConfigkey(ServiceDBStore.RANGER_PLUGIN_AUDIT_FILTERS);
xConfMap.setConfigvalue(defaultValue);
xConfMapDao.create(xConfMap);
} catch (Exception e) {
logger.error("default audit filters addition for service (id=" + xservice.getId() + ") failed!!");
throw e;
}
if (logger.isDebugEnabled()) {
logger.debug("<== PatchForDefaultAuidtFilters_J10050.addDefaultAuditFilterConfig()");
}
}
Also used :
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao)
Example 2 with XXServiceConfigMap
use of org.apache.ranger.entity.XXServiceConfigMap in project ranger by apache.
the class ServiceDBStore method hasServiceConfigForPluginChanged.
boolean hasServiceConfigForPluginChanged(List<XXServiceConfigMap> dbConfigMaps, Map<String, String> validConfigs) {
boolean ret = false;
Map<String, String> configs = new HashMap<String, String>();
if (CollectionUtils.isNotEmpty(dbConfigMaps)) {
for (XXServiceConfigMap dbConfigMap : dbConfigMaps) {
if (StringUtils.startsWith(dbConfigMap.getConfigkey(), RANGER_PLUGIN_CONFIG_PREFIX)) {
configs.put(dbConfigMap.getConfigkey(), dbConfigMap.getConfigvalue());
}
}
}
if (MapUtils.isNotEmpty(validConfigs)) {
for (String key : validConfigs.keySet()) {
if (StringUtils.startsWith(key, RANGER_PLUGIN_CONFIG_PREFIX)) {
if (!StringUtils.equals(configs.get(key), validConfigs.get(key))) {
return true;
} else {
configs.remove(key);
}
}
}
}
if (configs.size() > 0) {
return true;
}
return ret;
}
Also used :
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
VXString(org.apache.ranger.view.VXString)
Example 3 with XXServiceConfigMap
use of org.apache.ranger.entity.XXServiceConfigMap in project ranger by apache.
the class ServiceDBStore method getServiceConfigForPlugin.
@Override
public Map<String, String> getServiceConfigForPlugin(Long serviceId) {
Map<String, String> configs = new HashMap<String, String>();
List<XXServiceConfigMap> xxServiceConfigMaps = daoMgr.getXXServiceConfigMap().findByServiceId(serviceId);
if (CollectionUtils.isNotEmpty(xxServiceConfigMaps)) {
for (XXServiceConfigMap svcConfMap : xxServiceConfigMaps) {
if (StringUtils.startsWith(svcConfMap.getConfigkey(), RANGER_PLUGIN_CONFIG_PREFIX)) {
configs.put(svcConfMap.getConfigkey(), svcConfMap.getConfigvalue());
}
}
}
return configs;
}
Also used :
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
VXString(org.apache.ranger.view.VXString)
Example 4 with XXServiceConfigMap
use of org.apache.ranger.entity.XXServiceConfigMap in project ranger by apache.
the class ServiceDBStore method updateService.
@Override
public RangerService updateService(RangerService service, Map<String, Object> options) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.updateService()");
}
XXService existing = daoMgr.getXXService().getById(service.getId());
if (existing == null) {
throw restErrorUtil.createRESTException("no service exists with ID=" + service.getId(), MessageEnums.DATA_NOT_FOUND);
}
String existingName = existing.getName();
boolean renamed = !StringUtils.equalsIgnoreCase(service.getName(), existingName);
if (renamed) {
XXService newNameService = daoMgr.getXXService().findByName(service.getName());
if (newNameService != null) {
throw restErrorUtil.createRESTException("another service already exists with name '" + service.getName() + "'. ID=" + newNameService.getId(), MessageEnums.DATA_NOT_UPDATABLE);
}
long countOfTaggedResources = daoMgr.getXXServiceResource().countTaggedResourcesInServiceId(existing.getId());
Boolean isForceRename = options != null && options.get(ServiceStore.OPTION_FORCE_RENAME) != null ? (Boolean) options.get(ServiceStore.OPTION_FORCE_RENAME) : Boolean.FALSE;
if (countOfTaggedResources != 0L) {
if (isForceRename) {
LOG.warn("Forcing the renaming of service from " + existingName + " to " + service.getName() + " although it is associated with " + countOfTaggedResources + " service-resources!");
} else {
throw restErrorUtil.createRESTException("Service " + existingName + " cannot be renamed, as it has associated service-resources", MessageEnums.DATA_NOT_UPDATABLE);
}
}
}
Map<String, String> configs = service.getConfigs();
Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
if (validConfigs == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ConfigParams cannot be null, ServiceDBStore.createService(" + service + ")");
}
throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
}
boolean hasTagServiceValueChanged = false;
Long existingTagServiceId = existing.getTagService();
// null for old clients; empty string to remove existing association
String newTagServiceName = service.getTagService();
Long newTagServiceId = null;
if (newTagServiceName == null) {
// old client; don't update existing tagService
if (existingTagServiceId != null) {
newTagServiceName = getServiceName(existingTagServiceId);
service.setTagService(newTagServiceName);
LOG.info("ServiceDBStore.updateService(id=" + service.getId() + "; name=" + service.getName() + "): tagService is null; using existing tagService '" + newTagServiceName + "'");
}
}
if (StringUtils.isNotBlank(newTagServiceName)) {
RangerService tmp = getServiceByName(newTagServiceName);
if (tmp == null || !EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(tmp.getType())) {
if (LOG.isDebugEnabled()) {
LOG.debug("ServiceDBStore.updateService() - " + newTagServiceName + " does not refer to a valid tag service.(" + service + ")");
}
throw restErrorUtil.createRESTException("Invalid tag service name " + newTagServiceName, MessageEnums.ERROR_CREATING_OBJECT);
} else {
newTagServiceId = tmp.getId();
}
}
if (existingTagServiceId == null) {
if (newTagServiceId != null) {
hasTagServiceValueChanged = true;
}
} else if (!existingTagServiceId.equals(newTagServiceId)) {
hasTagServiceValueChanged = true;
}
boolean hasIsEnabledChanged = !existing.getIsenabled().equals(service.getIsEnabled());
List<XXServiceConfigMap> dbConfigMaps = daoMgr.getXXServiceConfigMap().findByServiceId(service.getId());
boolean hasServiceConfigForPluginChanged = hasServiceConfigForPluginChanged(dbConfigMaps, validConfigs);
List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
if (populateExistingBaseFields) {
svcServiceWithAssignedId.setPopulateExistingBaseFields(true);
service = svcServiceWithAssignedId.update(service);
svcServiceWithAssignedId.setPopulateExistingBaseFields(false);
} else {
service.setCreateTime(existing.getCreateTime());
service.setGuid(existing.getGuid());
service.setVersion(existing.getVersion());
service = svcService.update(service);
if (hasTagServiceValueChanged || hasIsEnabledChanged || hasServiceConfigForPluginChanged) {
updatePolicyVersion(service, RangerPolicyDelta.CHANGE_TYPE_SERVICE_CHANGE, null, false);
}
}
XXService xUpdService = daoMgr.getXXService().getById(service.getId());
String oldPassword = null;
for (XXServiceConfigMap dbConfigMap : dbConfigMaps) {
if (StringUtils.equalsIgnoreCase(dbConfigMap.getConfigkey(), CONFIG_KEY_PASSWORD)) {
oldPassword = dbConfigMap.getConfigvalue();
}
daoMgr.getXXServiceConfigMap().remove(dbConfigMap);
}
VXUser vXUser = null;
XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
for (Entry<String, String> configMap : validConfigs.entrySet()) {
String configKey = configMap.getKey();
String configValue = configMap.getValue();
if (StringUtils.equalsIgnoreCase(configKey, "username")) {
String userName = stringUtil.getValidUserName(configValue);
XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
if (xxUser != null) {
vXUser = xUserService.populateViewBean(xxUser);
} else {
UserSessionBase usb = ContextUtil.getCurrentUserSession();
if (usb != null && !usb.isUserAdmin()) {
throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
}
vXUser = xUserMgr.createServiceConfigUser(userName);
}
}
if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) {
if (StringUtils.equalsIgnoreCase(configValue, HIDDEN_PASSWORD_STR)) {
if (oldPassword != null && oldPassword.contains(",")) {
PasswordUtils util = PasswordUtils.build(oldPassword);
if (!util.getCryptAlgo().equalsIgnoreCase(CRYPT_ALGO)) {
String decryptedPwd = PasswordUtils.decryptPassword(oldPassword);
String paddingString = Joiner.on(",").skipNulls().join(CRYPT_ALGO, new String(util.getEncryptKey()), new String(util.getSalt()), util.getIterationCount(), PasswordUtils.generateIvIfNeeded(CRYPT_ALGO));
String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + decryptedPwd);
String newDecryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
if (StringUtils.equals(newDecryptedPwd, decryptedPwd)) {
configValue = paddingString + "," + encryptedPwd;
}
} else {
configValue = oldPassword;
}
} else {
configValue = oldPassword;
}
} else {
String paddingString = Joiner.on(",").skipNulls().join(CRYPT_ALGO, ENCRYPT_KEY, SALT, ITERATION_COUNT, PasswordUtils.generateIvIfNeeded(CRYPT_ALGO));
String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + configValue);
String decryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
if (StringUtils.equals(decryptedPwd, configValue)) {
configValue = paddingString + "," + encryptedPwd;
}
}
}
XXServiceConfigMap xConfMap = new XXServiceConfigMap();
xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xUpdService);
xConfMap.setServiceId(service.getId());
xConfMap.setConfigkey(configKey);
xConfMap.setConfigvalue(configValue);
xConfMapDao.create(xConfMap);
}
updateTabPermissions(service.getType(), validConfigs);
if (LOG.isDebugEnabled()) {
LOG.debug("vXUser:[" + vXUser + "]");
}
RangerService updService = svcService.getPopulatedViewObject(xUpdService);
dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE);
bizUtil.createTrxLog(trxLogList);
return updService;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
PasswordUtils(org.apache.ranger.plugin.util.PasswordUtils)
VXString(org.apache.ranger.view.VXString)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
VXUser(org.apache.ranger.view.VXUser)
XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
RangerService(org.apache.ranger.plugin.model.RangerService)
XXService(org.apache.ranger.entity.XXService)
Example 5 with XXServiceConfigMap
use of org.apache.ranger.entity.XXServiceConfigMap in project ranger by apache.
the class ServiceDBStore method getAuditFiltersServiceConfigByName.
private List<XXServiceConfigMap> getAuditFiltersServiceConfigByName(String searchUsrGrpRoleName) {
if (LOG.isDebugEnabled()) {
LOG.debug("===> ServiceDBStore.getAuditFiltersServiceConfigByName( searchUsrGrpRoleName : " + searchUsrGrpRoleName + ")");
}
List<XXServiceConfigMap> configMapToBeModified = null;
if (StringUtils.isNotBlank(searchUsrGrpRoleName)) {
configMapToBeModified = new ArrayList<XXServiceConfigMap>();
XXServiceConfigMapDao configDao = daoMgr.getXXServiceConfigMap();
List<XXServiceConfigMap> configs = configDao.findByConfigKey(ServiceDBStore.RANGER_PLUGIN_AUDIT_FILTERS);
for (XXServiceConfigMap configMap : configs) {
if (StringUtils.contains(configMap.getConfigvalue(), searchUsrGrpRoleName)) {
configMapToBeModified.add(configMap);
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<=== ServiceDBStore.getAuditFiltersServiceConfigByName( searchUsrGrpRoleName : " + searchUsrGrpRoleName + ") configMapToBeModified : " + configMapToBeModified);
}
return configMapToBeModified;
}
Also used :
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao)
Aggregations
XXServiceConfigMap (org.apache.ranger.entity.XXServiceConfigMap)18
RangerService (org.apache.ranger.plugin.model.RangerService)9
XXServiceConfigMapDao (org.apache.ranger.db.XXServiceConfigMapDao)8
XXService (org.apache.ranger.entity.XXService)7
VXString (org.apache.ranger.view.VXString)6
ArrayList (java.util.ArrayList)5
Date (java.util.Date)4
HashMap (java.util.HashMap)4
XXPortalUser (org.apache.ranger.entity.XXPortalUser)4
Test (org.junit.Test)4
XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)3
XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)3
XXServiceVersionInfoDao (org.apache.ranger.db.XXServiceVersionInfoDao)3
XXServiceDef (org.apache.ranger.entity.XXServiceDef)3
XXServiceVersionInfo (org.apache.ranger.entity.XXServiceVersionInfo)3
XXTrxLog (org.apache.ranger.entity.XXTrxLog)3
LinkedHashMap (java.util.LinkedHashMap)2
UserSessionBase (org.apache.ranger.common.UserSessionBase)2
XXUser (org.apache.ranger.entity.XXUser)2
PasswordUtils (org.apache.ranger.plugin.util.PasswordUtils)2
