Search in sources :

Example 21 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class ServiceDBStore method deletePolicy.

@Override
public void deletePolicy(Long policyId) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.deletePolicy(" + policyId + ")");
    }
    RangerPolicy policy = getPolicy(policyId);
    if (policy == null) {
        throw new Exception("no policy exists with ID=" + policyId);
    }
    String policyName = policy.getName();
    RangerService service = getServiceByName(policy.getService());
    if (service == null) {
        throw new Exception("service does not exist - name='" + policy.getService());
    }
    Long version = policy.getVersion();
    if (version == null) {
        version = Long.valueOf(1);
        LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null.");
    } else {
        version = Long.valueOf(version.longValue() + 1);
    }
    policy.setVersion(version);
    List<XXTrxLog> trxLogList = policyService.getTransactionLog(policy, RangerPolicyService.OPERATION_DELETE_CONTEXT);
    deleteExistingPolicyItems(policy);
    deleteExistingPolicyResources(policy);
    deleteExistingPolicyLabel(policy);
    policyService.delete(policy);
    handlePolicyUpdate(service, true);
    dataHistService.createObjectDataHistory(policy, RangerDataHistService.ACTION_DELETE);
    bizUtil.createTrxLog(trxLogList);
    LOG.info("Policy Deleted Successfully. PolicyName : " + policyName);
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) VXString(org.apache.ranger.view.VXString) RangerService(org.apache.ranger.plugin.model.RangerService) XXTrxLog(org.apache.ranger.entity.XXTrxLog) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) JSONException(org.codehaus.jettison.json.JSONException)

Example 22 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class ServiceDBStore method deletePolicy.

public void deletePolicy(RangerPolicy policy) throws Exception {
    if (policy == null) {
        return;
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.deletePolicy(" + policy.getId() + ")");
    }
    RangerService service = getServiceByName(policy.getService());
    if (service == null) {
        throw new Exception("service does not exist - name='" + policy.getService());
    }
    Long version = policy.getVersion();
    if (version == null) {
        version = Long.valueOf(1);
        LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null.");
    } else {
        version = Long.valueOf(version.longValue() + 1);
    }
    policy.setVersion(version);
    List<XXTrxLog> trxLogList = policyService.getTransactionLog(policy, RangerPolicyService.OPERATION_DELETE_CONTEXT);
    deleteExistingPolicyItemsNative(policy);
    deleteExistingPolicyResourcesNative(policy);
    deleteExistingPolicyLabelNative(policy);
    daoMgr.getXXPolicy().deletePolicyIDReference("id", policy.getId());
    handlePolicyUpdate(service, true);
    dataHistService.createObjectDataHistory(policy, RangerDataHistService.ACTION_DELETE);
    bizUtil.createTrxLog(trxLogList);
}
Also used : RangerService(org.apache.ranger.plugin.model.RangerService) XXTrxLog(org.apache.ranger.entity.XXTrxLog) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) JSONException(org.codehaus.jettison.json.JSONException)

Example 23 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class ServiceDBStore method createService.

@Override
public RangerService createService(RangerService service) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceDBStore.createService(" + service + ")");
    }
    if (service == null) {
        throw restErrorUtil.createRESTException("Service object cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
    }
    boolean createDefaultPolicy = true;
    Map<String, String> configs = service.getConfigs();
    Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
    if (validConfigs == null) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("==> ConfigParams cannot be null, ServiceDBStore.createService(" + service + ")");
        }
        throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
    }
    // While creating, value of version should be 1.
    service.setVersion(Long.valueOf(1));
    service.setTagVersion(Long.valueOf(1));
    if (populateExistingBaseFields) {
        svcServiceWithAssignedId.setPopulateExistingBaseFields(true);
        daoMgr.getXXService().setIdentityInsert(true);
        service = svcServiceWithAssignedId.create(service);
        daoMgr.getXXService().setIdentityInsert(false);
        daoMgr.getXXService().updateSequence();
        svcServiceWithAssignedId.setPopulateExistingBaseFields(false);
        createDefaultPolicy = false;
    } else {
        service = svcService.create(service);
    }
    XXService xCreatedService = daoMgr.getXXService().getById(service.getId());
    VXUser vXUser = null;
    XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
    for (Entry<String, String> configMap : validConfigs.entrySet()) {
        String configKey = configMap.getKey();
        String configValue = configMap.getValue();
        if (StringUtils.equalsIgnoreCase(configKey, "username")) {
            String userName = stringUtil.getValidUserName(configValue);
            XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
            if (xxUser != null) {
                vXUser = xUserService.populateViewBean(xxUser);
            } else {
                UserSessionBase usb = ContextUtil.getCurrentUserSession();
                if (usb != null && !usb.isUserAdmin() && !usb.isSpnegoEnabled()) {
                    throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
                }
                vXUser = xUserMgr.createServiceConfigUser(userName);
            }
        }
        if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) {
            String cryptConfigString = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT + "," + configValue;
            String encryptedPwd = PasswordUtils.encryptPassword(cryptConfigString);
            encryptedPwd = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT + "," + encryptedPwd;
            String decryptedPwd = PasswordUtils.decryptPassword(encryptedPwd);
            if (StringUtils.equals(decryptedPwd, configValue)) {
                configValue = encryptedPwd;
            }
        }
        XXServiceConfigMap xConfMap = new XXServiceConfigMap();
        xConfMap = rangerAuditFields.populateAuditFields(xConfMap, xCreatedService);
        xConfMap.setServiceId(xCreatedService.getId());
        xConfMap.setConfigkey(configKey);
        xConfMap.setConfigvalue(configValue);
        xConfMapDao.create(xConfMap);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("vXUser:[" + vXUser + "]");
    }
    RangerService createdService = svcService.getPopulatedViewObject(xCreatedService);
    if (createdService == null) {
        throw restErrorUtil.createRESTException("Could not create service - Internal error ", MessageEnums.ERROR_CREATING_OBJECT);
    }
    dataHistService.createObjectDataHistory(createdService, RangerDataHistService.ACTION_CREATE);
    List<XXTrxLog> trxLogList = svcService.getTransactionLog(createdService, RangerServiceService.OPERATION_CREATE_CONTEXT);
    bizUtil.createTrxLog(trxLogList);
    if (createDefaultPolicy) {
        createDefaultPolicies(createdService);
    }
    return createdService;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) VXString(org.apache.ranger.view.VXString) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VXUser(org.apache.ranger.view.VXUser) XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao) UserSessionBase(org.apache.ranger.common.UserSessionBase) XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap) RangerService(org.apache.ranger.plugin.model.RangerService) XXService(org.apache.ranger.entity.XXService)

Example 24 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class UserMgr method updatePasswordInSHA256.

@Transactional(readOnly = false, propagation = Propagation.REQUIRED)
public XXPortalUser updatePasswordInSHA256(String userName, String userPassword, boolean logAudits) {
    if (userName == null || userPassword == null || userName.trim().isEmpty() || userPassword.trim().isEmpty()) {
        return null;
    }
    XXPortalUser xXPortalUser = this.findByLoginId(userName);
    if (xXPortalUser == null) {
        return null;
    }
    String dbOldPwd = xXPortalUser.getPassword();
    String encryptedNewPwd = encrypt(xXPortalUser.getLoginId(), userPassword);
    if (xXPortalUser.getUserSource() != RangerCommonEnums.USER_EXTERNAL) {
        xXPortalUser.setPassword(encryptedNewPwd);
    } else if (xXPortalUser.getUserSource() != RangerCommonEnums.USER_EXTERNAL) {
        xXPortalUser.setPassword(xXPortalUser.getPassword());
    }
    xXPortalUser = daoManager.getXXPortalUser().update(xXPortalUser);
    if (xXPortalUser != null && logAudits) {
        String dbNewPwd = xXPortalUser.getPassword();
        if (!dbOldPwd.equals(dbNewPwd)) {
            List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName("Password");
            xTrxLog.setPreviousValue(dbOldPwd);
            xTrxLog.setNewValue(dbNewPwd);
            xTrxLog.setAction("password change");
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_PASSWORD_CHANGE);
            xTrxLog.setObjectId(xXPortalUser.getId());
            xTrxLog.setObjectName(xXPortalUser.getLoginId());
            xTrxLog.setAddedByUserId(xXPortalUser.getId());
            xTrxLog.setUpdatedByUserId(xXPortalUser.getId());
            trxLogList.add(xTrxLog);
            rangerBizUtil.createTrxLog(trxLogList);
        }
    }
    return xXPortalUser;
}
Also used : XXPortalUser(org.apache.ranger.entity.XXPortalUser) ArrayList(java.util.ArrayList) VXString(org.apache.ranger.view.VXString) XXTrxLog(org.apache.ranger.entity.XXTrxLog) Transactional(org.springframework.transaction.annotation.Transactional)

Example 25 with XXTrxLog

use of org.apache.ranger.entity.XXTrxLog in project ranger by apache.

the class UserMgr method updateOldUserName.

@Transactional(readOnly = false, propagation = Propagation.REQUIRED)
public XXPortalUser updateOldUserName(String userLoginId, String newUserName, String currentPassword) {
    if (userLoginId == null || newUserName == null || userLoginId.trim().isEmpty() || newUserName.trim().isEmpty()) {
        return null;
    }
    XXPortalUser xXPortalUser = this.findByLoginId(userLoginId);
    XXUser xXUser = daoManager.getXXUser().findByUserName(userLoginId);
    if (xXPortalUser == null || xXUser == null) {
        return null;
    }
    xXUser.setName(newUserName);
    daoManager.getXXUser().update(xXUser);
    xXPortalUser.setLoginId(newUserName);
    // The old password needs to be encrypted by the new user name
    String updatedPwd = encrypt(newUserName, currentPassword);
    if (xXPortalUser.getUserSource() == RangerCommonEnums.USER_APP) {
        xXPortalUser.setPassword(updatedPwd);
    } else if (xXPortalUser.getUserSource() == RangerCommonEnums.USER_EXTERNAL) {
        xXPortalUser.setPassword(xXPortalUser.getPassword());
    }
    xXPortalUser = daoManager.getXXPortalUser().update(xXPortalUser);
    List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
    XXTrxLog xTrxLog = new XXTrxLog();
    xTrxLog.setAttributeName("User Name");
    xTrxLog.setPreviousValue(userLoginId);
    xTrxLog.setNewValue(newUserName);
    xTrxLog.setAction("update");
    xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_USER_PROFILE);
    xTrxLog.setObjectId(xXPortalUser.getId());
    xTrxLog.setObjectName(xXPortalUser.getLoginId());
    xTrxLog.setAddedByUserId(xXPortalUser.getId());
    xTrxLog.setUpdatedByUserId(xXPortalUser.getId());
    trxLogList.add(xTrxLog);
    rangerBizUtil.createTrxLog(trxLogList);
    return xXPortalUser;
}
Also used : XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXUser(org.apache.ranger.entity.XXUser) ArrayList(java.util.ArrayList) VXString(org.apache.ranger.view.VXString) XXTrxLog(org.apache.ranger.entity.XXTrxLog) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

XXTrxLog (org.apache.ranger.entity.XXTrxLog)38 ArrayList (java.util.ArrayList)21 VXString (org.apache.ranger.view.VXString)13 Field (java.lang.reflect.Field)12 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)12 RangerService (org.apache.ranger.plugin.model.RangerService)12 VTrxLogAttr (org.apache.ranger.common.view.VTrxLogAttr)10 XXUser (org.apache.ranger.entity.XXUser)9 SearchField (org.apache.ranger.common.SearchField)7 XXPortalUser (org.apache.ranger.entity.XXPortalUser)7 IOException (java.io.IOException)6 UnknownHostException (java.net.UnknownHostException)5 XXPolicy (org.apache.ranger.entity.XXPolicy)5 RangerDataMaskPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem)5 Path (javax.ws.rs.Path)4 Produces (javax.ws.rs.Produces)4 WebApplicationException (javax.ws.rs.WebApplicationException)4 XXGroup (org.apache.ranger.entity.XXGroup)4 XXService (org.apache.ranger.entity.XXService)4 XXServiceConfigMap (org.apache.ranger.entity.XXServiceConfigMap)4