Examples with XXServiceDef org.apache.ranger.entity.XXServiceDef used on opensource projects

Example 36 with XXServiceDef

use of org.apache.ranger.entity.XXServiceDef in project ranger by apache.

the class RangerBizUtil method hasAccess.

/**
 * @param xxDbBase
 * @param baseModel
 * @return Boolean
 *
 * @NOTE: Kindly check all the references of this function before making any changes
 */
public Boolean hasAccess(XXDBBase xxDbBase, RangerBaseModelObject baseModel) {
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session == null) {
        logger.info("User session not found, granting access.");
        return true;
    }
    boolean isKeyAdmin = session.isKeyAdmin();
    boolean isSysAdmin = session.isUserAdmin();
    boolean isAuditor = session.isAuditUserAdmin();
    boolean isAuditorKeyAdmin = session.isAuditKeyAdmin();
    boolean isUser = false;
    List<String> roleList = session.getUserRoleList();
    if (roleList.contains(RangerConstants.ROLE_USER)) {
        isUser = true;
    }
    if (xxDbBase != null && xxDbBase instanceof XXServiceDef) {
        XXServiceDef xServiceDef = (XXServiceDef) xxDbBase;
        final String implClass = xServiceDef.getImplclassname();
        if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
            // KMS case
            return isKeyAdmin || isAuditorKeyAdmin;
        } else {
            // Other cases - implClass can be null!
            return isSysAdmin || isUser || isAuditor;
        }
    }
    if (xxDbBase != null && xxDbBase instanceof XXService) {
        // services including KMS
        if (isSysAdmin || isAuditor) {
            return true;
        }
        XXService xService = (XXService) xxDbBase;
        XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(xService.getType());
        String implClass = xServiceDef.getImplclassname();
        if (EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(implClass)) {
            // KMS case
            return isKeyAdmin || isAuditorKeyAdmin;
        } else {
            // Other cases - implClass can be null!
            return isUser;
        }
    }
    return false;
}

Example 37 with XXServiceDef

use of org.apache.ranger.entity.XXServiceDef in project ranger by apache.

the class RangerServiceServiceBase method mapViewToEntityBean.

@Override
protected T mapViewToEntityBean(V vObj, T xObj, int OPERATION_CONTEXT) {
    String guid = (StringUtils.isEmpty(vObj.getGuid())) ? guidUtil.genGUID() : vObj.getGuid();
    xObj.setGuid(guid);
    XXServiceDef xServiceDef = daoMgr.getXXServiceDef().findByName(vObj.getType());
    if (xServiceDef == null) {
        throw restErrorUtil.createRESTException("No ServiceDefinition found with name :" + vObj.getType(), MessageEnums.INVALID_INPUT_DATA);
    }
    Long tagServiceId = null;
    String tagServiceName = vObj.getTagService();
    if (!StringUtils.isEmpty(tagServiceName)) {
        XXService xTagService = daoMgr.getXXService().findByName(tagServiceName);
        if (xTagService == null) {
            throw restErrorUtil.createRESTException("No Service found with name :" + tagServiceName, MessageEnums.INVALID_INPUT_DATA);
        }
        tagServiceId = xTagService.getId();
    }
    xObj.setType(xServiceDef.getId());
    xObj.setName(vObj.getName());
    xObj.setTagService(tagServiceId);
    if (OPERATION_CONTEXT == OPERATION_CREATE_CONTEXT) {
        xObj.setTagVersion(vObj.getTagVersion());
    }
    xObj.setDescription(vObj.getDescription());
    xObj.setIsEnabled(vObj.getIsEnabled());
    return xObj;
}

Example 38 with XXServiceDef

use of org.apache.ranger.entity.XXServiceDef in project ranger by apache.

the class XAccessAuditService method mapEntityToViewBean.

protected VXAccessAudit mapEntityToViewBean(VXAccessAudit vObj, XXAccessAudit mObj) {
    vObj.setAuditType(mObj.getAuditType());
    vObj.setAccessResult(mObj.getAccessResult());
    vObj.setAccessType(mObj.getAccessType());
    vObj.setAclEnforcer(mObj.getAclEnforcer());
    vObj.setAgentId(mObj.getAgentId());
    vObj.setPolicyId(mObj.getPolicyId());
    vObj.setRepoName(mObj.getRepoName());
    vObj.setRepoType(mObj.getRepoType());
    vObj.setResultReason(mObj.getResultReason());
    vObj.setSessionId(mObj.getSessionId());
    vObj.setEventTime(mObj.getEventTime());
    vObj.setRequestUser(mObj.getRequestUser());
    vObj.setRequestData(mObj.getRequestData());
    vObj.setResourcePath(mObj.getResourcePath());
    vObj.setResourceType(mObj.getResourceType());
    vObj.setClientIP(mObj.getClientIP());
    vObj.setClientType(mObj.getClientType());
    vObj.setSequenceNumber(mObj.getSequenceNumber());
    vObj.setEventCount(mObj.getEventCount());
    vObj.setEventDuration(mObj.getEventDuration());
    vObj.setTags(mObj.getTags());
    XXService xService = daoManager.getXXService().findByName(mObj.getRepoName());
    if (xService != null) {
        XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(xService.getType());
        vObj.setServiceType(xServiceDef.getName());
    }
    return vObj;
}

Example 39 with XXServiceDef

use of org.apache.ranger.entity.XXServiceDef in project ranger by apache.

the class PatchForAllServiceDefUpdateForResourceSpecificAccesses_J10012 method updateAllServiceDef.

private void updateAllServiceDef() {
    List<XXServiceDef> allXXServiceDefs;
    allXXServiceDefs = daoMgr.getXXServiceDef().getAll();
    if (CollectionUtils.isNotEmpty(allXXServiceDefs)) {
        for (XXServiceDef xxServiceDef : allXXServiceDefs) {
            String serviceDefName = xxServiceDef.getName();
            try {
                String jsonStrPreUpdate = xxServiceDef.getDefOptions();
                Map<String, String> serviceDefOptionsPreUpdate = jsonUtil.jsonToMap(jsonStrPreUpdate);
                String valueBeforeUpdate = serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
                RangerServiceDef serviceDef = svcDBStore.getServiceDefByName(serviceDefName);
                if (serviceDef != null) {
                    logger.info("Started patching service-def:[" + serviceDefName + "]");
                    RangerServiceDefHelper defHelper = new RangerServiceDefHelper(serviceDef, false);
                    defHelper.patchServiceDefWithDefaultValues();
                    svcStore.updateServiceDef(serviceDef);
                    XXServiceDef dbServiceDef = daoMgr.getXXServiceDef().findByName(serviceDefName);
                    if (dbServiceDef != null) {
                        String jsonStrPostUpdate = dbServiceDef.getDefOptions();
                        Map<String, String> serviceDefOptionsPostUpdate = jsonUtil.jsonToMap(jsonStrPostUpdate);
                        String valueAfterUpdate = serviceDefOptionsPostUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
                        if (!StringUtils.equals(valueBeforeUpdate, valueAfterUpdate)) {
                            if (StringUtils.isEmpty(valueBeforeUpdate)) {
                                serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
                            } else {
                                serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, valueBeforeUpdate);
                            }
                            dbServiceDef.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
                            daoMgr.getXXServiceDef().update(dbServiceDef);
                        }
                    }
                    logger.info("Completed patching service-def:[" + serviceDefName + "]");
                }
            } catch (Exception e) {
                logger.error("Error while patching service-def:[" + serviceDefName + "]", e);
            }
        }
    }
}

Example 40 with XXServiceDef

use of org.apache.ranger.entity.XXServiceDef in project ranger by apache.

the class PatchForAtlasServiceDefUpdate_J10013 method updateAtlasServiceDef.

private void updateAtlasServiceDef() {
    String serviceDefName = EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME;
    XXServiceDefDao serviceDefDao = daoMgr.getXXServiceDef();
    XXServiceDef serviceDef = serviceDefDao.findByName(serviceDefName);
    // if service-def named 'atlas' does not exist then no need to process this patch further.
    if (serviceDef == null) {
        LOG.info(serviceDefName + ": service-def not found. No patching is needed");
        return;
    }
    // if older atlas service-def doesn't exist then no need to process this patch further.
    if (!checkIfHasOlderServiceDef(serviceDef)) {
        LOG.info("Older version of " + serviceDefName + " service-def not found. No patching is needed");
        return;
    }
    String suffix = null;
    for (int i = 1; true; i++) {
        suffix = ".v" + i;
        if (serviceDefDao.findByName(serviceDefName + suffix) == null) {
            break;
        }
    }
    String serviceDefNewName = serviceDefName + suffix;
    LOG.info("Renaming service-def " + serviceDefName + " as " + serviceDefNewName);
    serviceDef.setName(serviceDefNewName);
    serviceDefDao.update(serviceDef);
    LOG.info("Renamed service-def " + serviceDefName + " as " + serviceDefNewName);
    XXServiceDao serviceDao = daoMgr.getXXService();
    List<XXService> services = serviceDao.findByServiceDefId(serviceDef.getId());
    if (CollectionUtils.isNotEmpty(services)) {
        for (XXService service : services) {
            String serviceName = service.getName();
            String serviceNewName = serviceName + suffix;
            LOG.info("Renaming service " + serviceName + " as " + serviceNewName);
            if (serviceDao.findByName(serviceNewName) != null) {
                LOG.warn("Another service named " + serviceNewName + " already exists. Not renaming " + serviceName);
                continue;
            }
            service.setName(serviceNewName);
            serviceDao.update(service);
            LOG.info("Renamed service " + serviceName + " as " + serviceNewName);
        }
    }
}