Search in sources :

Example 6 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class XUserMgr method deleteXGroup.

public void deleteXGroup(Long id, boolean force) {
    checkAdminAccess();
    xaBizUtil.blockAuditorRoleUser();
    XXGroupDao xXGroupDao = daoManager.getXXGroup();
    XXGroup xXGroup = xXGroupDao.getById(id);
    VXGroup vXGroup = xGroupService.populateViewBean(xXGroup);
    if (vXGroup == null || StringUtil.isEmpty(vXGroup.getName())) {
        throw restErrorUtil.createRESTException("Group ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
    }
    if (logger.isDebugEnabled()) {
        logger.info("Force delete status=" + force + " for group=" + vXGroup.getName());
    }
    SearchCriteria searchCriteria = new SearchCriteria();
    searchCriteria.addParam("xGroupId", id);
    VXGroupUserList vxGroupUserList = searchXGroupUsers(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("groupId", id);
    VXPermMapList vXPermMapList = searchXPermMaps(searchCriteria);
    searchCriteria = new SearchCriteria();
    searchCriteria.addParam("groupId", id);
    VXAuditMapList vXAuditMapList = searchXAuditMaps(searchCriteria);
    XXGroupPermissionDao xXGroupPermissionDao = daoManager.getXXGroupPermission();
    List<XXGroupPermission> xXGroupPermissions = xXGroupPermissionDao.findByGroupId(id);
    XXGroupGroupDao xXGroupGroupDao = daoManager.getXXGroupGroup();
    List<XXGroupGroup> xXGroupGroups = xXGroupGroupDao.findByGroupId(id);
    XXPolicyDao xXPolicyDao = daoManager.getXXPolicy();
    List<XXPolicy> xXPolicyList = xXPolicyDao.findByGroupId(id);
    logger.warn("Deleting GROUP : " + vXGroup.getName());
    if (force) {
        // delete XXGroupUser records of matching group
        XXGroupUserDao xGroupUserDao = daoManager.getXXGroupUser();
        XXUserDao xXUserDao = daoManager.getXXUser();
        XXUser xXUser = null;
        for (VXGroupUser groupUser : vxGroupUserList.getList()) {
            if (groupUser != null) {
                xXUser = xXUserDao.getById(groupUser.getUserId());
                if (xXUser != null) {
                    logger.warn("Removing user '" + xXUser.getName() + "' from group '" + groupUser.getName() + "'");
                }
                xGroupUserDao.remove(groupUser.getId());
            }
        }
        // delete XXPermMap records of matching group
        XXPermMapDao xXPermMapDao = daoManager.getXXPermMap();
        XXResourceDao xXResourceDao = daoManager.getXXResource();
        XXResource xXResource = null;
        for (VXPermMap vXPermMap : vXPermMapList.getList()) {
            if (vXPermMap != null) {
                xXResource = xXResourceDao.getById(vXPermMap.getResourceId());
                if (xXResource != null) {
                    logger.warn("Deleting '" + AppConstants.getLabelFor_XAPermType(vXPermMap.getPermType()) + "' permission from policy ID='" + vXPermMap.getResourceId() + "' for group '" + vXPermMap.getGroupName() + "'");
                }
                xXPermMapDao.remove(vXPermMap.getId());
            }
        }
        // delete XXAuditMap records of matching group
        XXAuditMapDao xXAuditMapDao = daoManager.getXXAuditMap();
        for (VXAuditMap vXAuditMap : vXAuditMapList.getList()) {
            if (vXAuditMap != null) {
                xXResource = xXResourceDao.getById(vXAuditMap.getResourceId());
                xXAuditMapDao.remove(vXAuditMap.getId());
            }
        }
        // delete XXGroupGroupDao records of group-group mapping
        for (XXGroupGroup xXGroupGroup : xXGroupGroups) {
            if (xXGroupGroup != null) {
                XXGroup xXGroupParent = xXGroupDao.getById(xXGroupGroup.getParentGroupId());
                XXGroup xXGroupChild = xXGroupDao.getById(xXGroupGroup.getGroupId());
                if (xXGroupParent != null && xXGroupChild != null) {
                    logger.warn("Removing group '" + xXGroupChild.getName() + "' from group '" + xXGroupParent.getName() + "'");
                }
                xXGroupGroupDao.remove(xXGroupGroup.getId());
            }
        }
        // delete XXPolicyItemGroupPerm records of group
        for (XXPolicy xXPolicy : xXPolicyList) {
            RangerPolicy rangerPolicy = policyService.getPopulatedViewObject(xXPolicy);
            List<RangerPolicyItem> policyItems = rangerPolicy.getPolicyItems();
            removeUserGroupReferences(policyItems, null, vXGroup.getName());
            rangerPolicy.setPolicyItems(policyItems);
            List<RangerPolicyItem> denyPolicyItems = rangerPolicy.getDenyPolicyItems();
            removeUserGroupReferences(denyPolicyItems, null, vXGroup.getName());
            rangerPolicy.setDenyPolicyItems(denyPolicyItems);
            List<RangerPolicyItem> allowExceptions = rangerPolicy.getAllowExceptions();
            removeUserGroupReferences(allowExceptions, null, vXGroup.getName());
            rangerPolicy.setAllowExceptions(allowExceptions);
            List<RangerPolicyItem> denyExceptions = rangerPolicy.getDenyExceptions();
            removeUserGroupReferences(denyExceptions, null, vXGroup.getName());
            rangerPolicy.setDenyExceptions(denyExceptions);
            List<RangerDataMaskPolicyItem> dataMaskItems = rangerPolicy.getDataMaskPolicyItems();
            removeUserGroupReferences(dataMaskItems, null, vXGroup.getName());
            rangerPolicy.setDataMaskPolicyItems(dataMaskItems);
            List<RangerRowFilterPolicyItem> rowFilterItems = rangerPolicy.getRowFilterPolicyItems();
            removeUserGroupReferences(rowFilterItems, null, vXGroup.getName());
            rangerPolicy.setRowFilterPolicyItems(rowFilterItems);
            try {
                svcStore.updatePolicy(rangerPolicy);
            } catch (Throwable excp) {
                logger.error("updatePolicy(" + rangerPolicy + ") failed", excp);
                restErrorUtil.createRESTException(excp.getMessage());
            }
        }
        if (CollectionUtils.isNotEmpty(xXGroupPermissions)) {
            for (XXGroupPermission xXGroupPermission : xXGroupPermissions) {
                if (xXGroupPermission != null) {
                    XXModuleDef xXModuleDef = daoManager.getXXModuleDef().findByModuleId(xXGroupPermission.getModuleId());
                    if (xXModuleDef != null) {
                        logger.warn("Deleting '" + xXModuleDef.getModule() + "' module permission for group '" + xXGroup.getName() + "'");
                    }
                    xXGroupPermissionDao.remove(xXGroupPermission.getId());
                }
            }
        }
        // delete XXGroup
        xXGroupDao.remove(id);
        // Create XXTrxLog
        List<XXTrxLog> xXTrxLogsXXGroup = xGroupService.getTransactionLog(xGroupService.populateViewBean(xXGroup), "delete");
        xaBizUtil.createTrxLog(xXTrxLogsXXGroup);
    } else {
        boolean hasReferences = false;
        if (vxGroupUserList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXPolicyList)) {
            hasReferences = true;
        }
        if (hasReferences == false && vXPermMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && vXAuditMapList.getListSize() > 0) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXGroupGroups)) {
            hasReferences = true;
        }
        if (hasReferences == false && CollectionUtils.isNotEmpty(xXGroupPermissions)) {
            hasReferences = true;
        }
        if (hasReferences) {
            // change visibility to Hidden
            if (vXGroup.getIsVisible() == RangerCommonEnums.IS_VISIBLE) {
                vXGroup.setIsVisible(RangerCommonEnums.IS_HIDDEN);
                xGroupService.updateResource(vXGroup);
            }
        } else {
            // delete XXGroup
            xXGroupDao.remove(id);
            // Create XXTrxLog
            List<XXTrxLog> xXTrxLogsXXGroup = xGroupService.getTransactionLog(xGroupService.populateViewBean(xXGroup), "delete");
            xaBizUtil.createTrxLog(xXTrxLogsXXGroup);
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXGroupPermissionDao(org.apache.ranger.db.XXGroupPermissionDao) XXUserDao(org.apache.ranger.db.XXUserDao) XXPolicy(org.apache.ranger.entity.XXPolicy) XXGroupUserDao(org.apache.ranger.db.XXGroupUserDao) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXModuleDef(org.apache.ranger.entity.XXModuleDef) XXPermMapDao(org.apache.ranger.db.XXPermMapDao) XXGroupGroupDao(org.apache.ranger.db.XXGroupGroupDao) XXResourceDao(org.apache.ranger.db.XXResourceDao) XXGroupPermission(org.apache.ranger.entity.XXGroupPermission) XXResource(org.apache.ranger.entity.XXResource) XXAuditMapDao(org.apache.ranger.db.XXAuditMapDao) RangerRowFilterPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem) XXTrxLog(org.apache.ranger.entity.XXTrxLog) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) SearchCriteria(org.apache.ranger.common.SearchCriteria) XXGroup(org.apache.ranger.entity.XXGroup) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) XXPolicyDao(org.apache.ranger.db.XXPolicyDao) XXGroupDao(org.apache.ranger.db.XXGroupDao) XXGroupGroup(org.apache.ranger.entity.XXGroupGroup)

Example 7 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class TestRangerServiceService method test6GetTransactionLogCreate.

@Test
public void test6GetTransactionLogCreate() {
    XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
    XXServiceDef xServiceDef = Mockito.mock(XXServiceDef.class);
    RangerService rangerService = rangerService();
    Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
    Mockito.when(xServiceDefDao.findByName(rangerService.getType())).thenReturn(xServiceDef);
    List<XXTrxLog> dbXXTrxLogList = serviceService.getTransactionLog(rangerService, 1);
    Assert.assertNotNull(dbXXTrxLogList);
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) XXServiceDefDao(org.apache.ranger.db.XXServiceDefDao) RangerService(org.apache.ranger.plugin.model.RangerService) XXTrxLog(org.apache.ranger.entity.XXTrxLog) Test(org.junit.Test)

Example 8 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class TestRangerServiceService method test7GetTransactionLogUpdate.

@Test
public void test7GetTransactionLogUpdate() {
    RangerService rangerService = rangerService();
    List<XXTrxLog> dbXXTrxLogList = serviceService.getTransactionLog(rangerService, 2);
    Assert.assertNull(dbXXTrxLogList);
}
Also used : RangerService(org.apache.ranger.plugin.model.RangerService) XXTrxLog(org.apache.ranger.entity.XXTrxLog) Test(org.junit.Test)

Example 9 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class RangerPolicyService method processFieldToCreateTrxLog.

private XXTrxLog processFieldToCreateTrxLog(Field field, String objectName, Field nameField, RangerPolicy vObj, XXPolicy mObj, int action) {
    String actionString = "";
    field.setAccessible(true);
    String fieldName = field.getName();
    XXTrxLog xTrxLog = new XXTrxLog();
    try {
        VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
        xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
        String value = null;
        boolean isEnum = vTrxLogAttr.isEnum();
        if (isEnum) {
        } else if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyResourcesForTrxLog(field.get(vObj));
        } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyNameForTrxLog(field.get(vObj));
        } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyItemsForTrxLog(field.get(vObj));
        } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processDataMaskPolicyItemsForTrxLog(field.get(vObj));
            if (vObj.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(vObj.getDataMaskPolicyItems())) {
                for (RangerDataMaskPolicyItem policyItem : vObj.getDataMaskPolicyItems()) {
                    if (policyItem.getDataMaskInfo() != null && policyItem.getDataMaskInfo().getDataMaskType() != null) {
                        List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                        if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                            for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                if (xxDataMaskTypeDef.getName().equalsIgnoreCase(policyItem.getDataMaskInfo().getDataMaskType())) {
                                    String label = xxDataMaskTypeDef.getLabel();
                                    StringBuilder sbValue = new StringBuilder(value);
                                    label = ",\"DataMasklabel\":\"" + label + "\"";
                                    int sbValueIndex = sbValue.lastIndexOf("}]");
                                    sbValue.insert(sbValueIndex, label);
                                    value = sbValue.toString();
                                    break;
                                }
                            }
                        }
                    }
                }
            }
        } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processRowFilterPolicyItemForTrxLog(field.get(vObj));
        } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = String.valueOf(processIsEnabledClassFieldNameForTrxLog(field.get(vObj)));
        } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPolicyLabelsClassFieldNameForTrxLog(field.get(vObj));
        } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processValiditySchedulesClassFieldNameForTrxLog(field.get(vObj));
        } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
            value = processPriorityClassFieldNameForTrxLog(field.get(vObj));
        } else {
            value = "" + field.get(vObj);
        }
        if (action == OPERATION_CREATE_CONTEXT) {
            if (stringUtil.isEmpty(value)) {
                return null;
            }
            xTrxLog.setNewValue(value);
            actionString = actionCreate;
        } else if (action == OPERATION_DELETE_CONTEXT) {
            xTrxLog.setPreviousValue(value);
            actionString = actionDelete;
        } else if (action == OPERATION_UPDATE_CONTEXT) {
            actionString = actionUpdate;
            String oldValue = null;
            Field[] mFields = mObj.getClass().getDeclaredFields();
            for (Field mField : mFields) {
                mField.setAccessible(true);
                String mFieldName = mField.getName();
                if (fieldName.equalsIgnoreCase(mFieldName)) {
                    if (isEnum) {
                    } else {
                        oldValue = mField.get(mObj) + "";
                    }
                    break;
                }
            }
            RangerPolicy oldPolicy = populateViewBean(mObj);
            if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyResourcesForTrxLog(oldPolicy.getResources());
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getPolicyItems());
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyPolicyItems());
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getName());
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(oldPolicy.getDescription());
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getAllowExceptions());
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyItemsForTrxLog(oldPolicy.getDenyExceptions());
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processDataMaskPolicyItemsForTrxLog(oldPolicy.getDataMaskPolicyItems());
                    if (oldPolicy.getDataMaskPolicyItems() != null && CollectionUtils.isNotEmpty(oldPolicy.getDataMaskPolicyItems())) {
                        for (RangerDataMaskPolicyItem oldPolicyItem : oldPolicy.getDataMaskPolicyItems()) {
                            if (oldPolicyItem.getDataMaskInfo() != null && oldPolicyItem.getDataMaskInfo().getDataMaskType() != null) {
                                List<XXDataMaskTypeDef> xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getAll();
                                if (CollectionUtils.isNotEmpty(xDataMaskDef) && xDataMaskDef != null) {
                                    for (XXDataMaskTypeDef xxDataMaskTypeDef : xDataMaskDef) {
                                        if (xxDataMaskTypeDef.getName().equalsIgnoreCase(oldPolicyItem.getDataMaskInfo().getDataMaskType())) {
                                            String oldLabel = xxDataMaskTypeDef.getLabel();
                                            StringBuilder sbOldValue = new StringBuilder(oldValue);
                                            oldLabel = ",\"DataMasklabel\":\"" + oldLabel + "\"";
                                            int sbValueIndex = sbOldValue.lastIndexOf("}]");
                                            sbOldValue.insert(sbValueIndex, oldLabel);
                                            oldValue = sbOldValue.toString();
                                            break;
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processRowFilterPolicyItemForTrxLog(oldPolicy.getRowFilterPolicyItems());
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = String.valueOf(processIsEnabledClassFieldNameForTrxLog(oldPolicy.getIsEnabled()));
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPolicyLabelsClassFieldNameForTrxLog(oldPolicy.getPolicyLabels());
            } else if (POLICY_VALIDITYSCHEDULES_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processValiditySchedulesClassFieldNameForTrxLog(oldPolicy.getValiditySchedules());
            } else if (POLICY_PRIORITY_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                oldValue = processPriorityClassFieldNameForTrxLog(oldPolicy.getPolicyPriority());
            }
            if (oldValue == null || oldValue.equalsIgnoreCase(value)) {
                return null;
            } else if (POLICY_RESOURCE_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new resources
                if (compareTwoPolicyResources(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // Compare old and new policyItems
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_NAME_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new policyName
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (DENYPOLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyPolicyItem
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ALLOW_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new allowExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (DENY_EXCEPTIONS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new denyExceptions
                if (compareTwoPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_DESCRIPTION_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new Description
                if (org.apache.commons.lang.StringUtils.equals(value, oldValue)) {
                    return null;
                }
            } else if (DATAMASK_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new dataMaskPolicyItems
                if (compareTwoDataMaskingPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (ROWFILTER_POLICY_ITEM_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                // compare old and new rowFilterPolicyItems
                if (compareTwoRowFilterPolicyItemList(value, oldValue)) {
                    return null;
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(String.valueOf(oldPolicy.getIsEnabled()));
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (oldPolicy != null) {
                    oldValue = processPolicyNameForTrxLog(String.valueOf(oldPolicy.getIsAuditEnabled()));
                }
            } else if (IS_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (IS_AUDIT_ENABLED_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyName(value, oldValue)) {
                    return null;
                }
            } else if (POLICY_LABELS_CLASS_FIELD_NAME.equalsIgnoreCase(fieldName)) {
                if (compareTwoPolicyLabelList(value, oldValue)) {
                    return null;
                }
            }
            xTrxLog.setPreviousValue(oldValue);
            xTrxLog.setNewValue(value);
        }
    } catch (IllegalArgumentException | IllegalAccessException e) {
        logger.error("Process field to create trx log failure.", e);
    }
    xTrxLog.setAction(actionString);
    xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
    xTrxLog.setObjectId(vObj.getId());
    xTrxLog.setObjectName(objectName);
    XXService parentObj = daoMgr.getXXService().findByName(vObj.getService());
    xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_SERVICE);
    xTrxLog.setParentObjectId(parentObj.getId());
    xTrxLog.setParentObjectName(parentObj.getName());
    return xTrxLog;
}
Also used : XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef) RangerDataMaskPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem) ArrayList(java.util.ArrayList) List(java.util.List) XXService(org.apache.ranger.entity.XXService)

Example 10 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class ServiceREST method getPoliciesInJson.

@GET
@Path("/policies/exportJson")
@Produces("text/json")
public void getPoliciesInJson(@Context HttpServletRequest request, @Context HttpServletResponse response, @QueryParam("checkPoliciesExists") Boolean checkPoliciesExists) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceREST.getPoliciesInJson()");
    }
    RangerPerfTracer perf = null;
    SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields);
    try {
        if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
            perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPoliciesInJson()");
        }
        if (checkPoliciesExists == null) {
            checkPoliciesExists = false;
        }
        List<RangerPolicy> policyLists = new ArrayList<RangerPolicy>();
        policyLists = getAllFilteredPolicyList(filter, request, policyLists);
        if (CollectionUtils.isNotEmpty(policyLists)) {
            for (RangerPolicy rangerPolicy : policyLists) {
                if (rangerPolicy != null) {
                    ensureAdminAndAuditAccess(rangerPolicy);
                }
            }
            bizUtil.blockAuditorRoleUser();
            svcStore.getPoliciesInJson(policyLists, response);
        } else {
            checkPoliciesExists = true;
            response.setStatus(HttpServletResponse.SC_NO_CONTENT);
            LOG.error("There is no Policy to Export!!");
        }
        if (!checkPoliciesExists) {
            RangerExportPolicyList rangerExportPolicyList = new RangerExportPolicyList();
            svcStore.putMetaDataInfo(rangerExportPolicyList);
            String metaDataInfo = new ObjectMapper().writeValueAsString(rangerExportPolicyList.getMetaDataInfo());
            List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
            XXTrxLog xxTrxLog = new XXTrxLog();
            xxTrxLog.setAction("EXPORT JSON");
            xxTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
            xxTrxLog.setPreviousValue(metaDataInfo);
            trxLogList.add(xxTrxLog);
            bizUtil.createTrxLog(trxLogList);
        }
    } catch (WebApplicationException excp) {
        throw excp;
    } catch (Throwable excp) {
        LOG.error("Error while exporting policy file!!", excp);
        throw restErrorUtil.createRESTException(excp.getMessage());
    } finally {
        RangerPerfTracer.log(perf);
    }
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) WebApplicationException(javax.ws.rs.WebApplicationException) RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer) RangerExportPolicyList(org.apache.ranger.view.RangerExportPolicyList) ArrayList(java.util.ArrayList) SearchFilter(org.apache.ranger.plugin.util.SearchFilter) VXString(org.apache.ranger.view.VXString) XXTrxLog(org.apache.ranger.entity.XXTrxLog) ObjectMapper(org.codehaus.jackson.map.ObjectMapper) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Aggregations

XXTrxLog (org.apache.ranger.entity.XXTrxLog)38 ArrayList (java.util.ArrayList)21 VXString (org.apache.ranger.view.VXString)13 Field (java.lang.reflect.Field)12 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)12 RangerService (org.apache.ranger.plugin.model.RangerService)12 VTrxLogAttr (org.apache.ranger.common.view.VTrxLogAttr)10 XXUser (org.apache.ranger.entity.XXUser)9 SearchField (org.apache.ranger.common.SearchField)7 XXPortalUser (org.apache.ranger.entity.XXPortalUser)7 IOException (java.io.IOException)6 UnknownHostException (java.net.UnknownHostException)5 XXPolicy (org.apache.ranger.entity.XXPolicy)5 RangerDataMaskPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem)5 Path (javax.ws.rs.Path)4 Produces (javax.ws.rs.Produces)4 WebApplicationException (javax.ws.rs.WebApplicationException)4 XXGroup (org.apache.ranger.entity.XXGroup)4 XXService (org.apache.ranger.entity.XXService)4 XXServiceConfigMap (org.apache.ranger.entity.XXServiceConfigMap)4