Examples with XXUser org.apache.ranger.entity.XXUser used on opensource projects

Search in sources :

Example 11 with XXUser

use of org.apache.ranger.entity.XXUser in project ranger by apache.

the class AssetMgr method UpdateDefaultPolicyUserAndPerm.

public void UpdateDefaultPolicyUserAndPerm(VXResource vXResource, String userName) {
    if (userName != null && !userName.isEmpty()) {
        XXUser xxUser = rangerDaoManager.getXXUser().findByUserName(userName);
        VXUser vXUser;
        if (xxUser != null) {
            vXUser = xUserService.populateViewBean(xxUser);
        } else {
            vXUser = new VXUser();
            vXUser.setName(userName);
            // FIXME hack : unnecessary.
            vXUser.setDescription(userName);
            vXUser = xUserService.createResource(vXUser);
        }
        // fetch old permission and consider only one permission for default
        // policy
        List<XXPermMap> xxPermMapList = rangerDaoManager.getXXPermMap().findByResourceId(vXResource.getId());
        VXPermMap vXPermMap = null;
        if (xxPermMapList != null && xxPermMapList.size() != 0) {
            vXPermMap = xPermMapService.populateViewBean(xxPermMapList.get(0));
        }
        if (vXPermMap == null) {
            // create new permission
            vXPermMap = new VXPermMap();
            vXPermMap.setUserId(vXUser.getId());
            vXPermMap.setResourceId(vXResource.getId());
        } else {
            // update old permission after updating userid
            vXPermMap.setUserId(vXUser.getId());
            xPermMapService.updateResource(vXPermMap);
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXPermMap(org.apache.ranger.entity.XXPermMap)

Example 12 with XXUser

use of org.apache.ranger.entity.XXUser in project ranger by apache.

the class ServiceDBStore method createDefaultPolicyUsersAndGroups.

void createDefaultPolicyUsersAndGroups(List<RangerPolicy> defaultPolicies) {
    Set<String> defaultPolicyUsers = new HashSet<String>();
    Set<String> defaultPolicyGroups = new HashSet<String>();
    for (RangerPolicy defaultPolicy : defaultPolicies) {
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getPolicyItems()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getAllowExceptions()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getDenyPolicyItems()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getDenyExceptions()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getDataMaskPolicyItems()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
        for (RangerPolicyItem defaultPolicyItem : defaultPolicy.getRowFilterPolicyItems()) {
            defaultPolicyUsers.addAll(defaultPolicyItem.getUsers());
            defaultPolicyGroups.addAll(defaultPolicyItem.getGroups());
        }
    }
    for (String policyUser : defaultPolicyUsers) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Checking policyUser:[" + policyUser + "] for existence");
        }
        if (StringUtils.isNotBlank(policyUser) && !StringUtils.equals(policyUser, RangerPolicyEngine.USER_CURRENT) && !StringUtils.equals(policyUser, RangerPolicyEngine.RESOURCE_OWNER)) {
            XXUser xxUser = daoMgr.getXXUser().findByUserName(policyUser);
            if (xxUser == null) {
                UserSessionBase usb = ContextUtil.getCurrentUserSession();
                if (usb != null && !usb.isKeyAdmin() && !usb.isUserAdmin() && !usb.isSpnegoEnabled()) {
                    throw restErrorUtil.createRESTException("User does not exist with given username: [" + policyUser + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
                }
                xUserMgr.createServiceConfigUser(policyUser);
            }
        }
    }
    for (String policyGroup : defaultPolicyGroups) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Checking policyGroup:[" + policyGroup + "] for existence");
        }
        if (StringUtils.isNotBlank(policyGroup)) {
            XXGroup xxGroup = daoMgr.getXXGroup().findByGroupName(policyGroup);
            if (xxGroup == null) {
                UserSessionBase usb = ContextUtil.getCurrentUserSession();
                if (usb != null && !usb.isKeyAdmin() && !usb.isUserAdmin() && !usb.isSpnegoEnabled()) {
                    throw restErrorUtil.createRESTException("Group does not exist with given groupname: [" + policyGroup + "] please use existing group", MessageEnums.OPER_NO_PERMISSION);
                }
                VXGroup vXGroup = new VXGroup();
                vXGroup.setName(policyGroup);
                vXGroup.setDescription(policyGroup);
                vXGroup.setGroupSource(RangerCommonEnums.GROUP_INTERNAL);
                vXGroup.setIsVisible(RangerCommonEnums.IS_VISIBLE);
                xGroupService.createResource(vXGroup);
            }
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXGroup(org.apache.ranger.entity.XXGroup) VXString(org.apache.ranger.view.VXString) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) VXGroup(org.apache.ranger.view.VXGroup) LinkedHashSet(java.util.LinkedHashSet) HashSet(java.util.HashSet) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 13 with XXUser

use of org.apache.ranger.entity.XXUser in project ranger by apache.

the class TestRangerBizUtil method testHasPermission_emptyResourceName.

@Test
public void testHasPermission_emptyResourceName() {
    VXResource vXResource = new VXResource();
    vXResource.setAssetId(12345L);
    XXPortalUser portalUser = new XXPortalUser();
    portalUser.setId(id);
    portalUser.setLoginId("12121");
    RangerContextHolder.getSecurityContext().getUserSession().setXXPortalUser(portalUser);
    XXUserDao xxUserDao = Mockito.mock(XXUserDao.class);
    XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
    XXUser xxUser = new XXUser();
    XXAsset xxAsset = new XXAsset();
    List<XXResource> lst = new ArrayList<XXResource>();
    XXResourceDao xxResourceDao = Mockito.mock(XXResourceDao.class);
    XXAssetDao xxAssetDao = Mockito.mock(XXAssetDao.class);
    Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
    Mockito.when(userDao.getById(Mockito.anyLong())).thenReturn(portalUser);
    Mockito.when(daoManager.getXXUser()).thenReturn(xxUserDao);
    Mockito.when(xxUserDao.findByUserName(Mockito.anyString())).thenReturn(xxUser);
    Mockito.when(daoManager.getXXResource()).thenReturn(xxResourceDao);
    Mockito.when(xxResourceDao.findByAssetIdAndResourceStatus(Mockito.anyLong(), Mockito.anyInt())).thenReturn(lst);
    Mockito.when(daoManager.getXXAsset()).thenReturn(xxAssetDao);
    Mockito.when(xxAssetDao.getById(Mockito.anyLong())).thenReturn(xxAsset);
    VXResponse resp = rangerBizUtil.hasPermission(vXResource, AppConstants.XA_PERM_TYPE_UNKNOWN);
    Mockito.verify(daoManager).getXXPortalUser();
    Mockito.verify(userDao).getById(Mockito.anyLong());
    Mockito.verify(daoManager).getXXUser();
    Mockito.verify(xxUserDao).findByUserName(Mockito.anyString());
    Assert.assertNotNull(resp);
    Assert.assertEquals(VXResponse.STATUS_ERROR, resp.getStatusCode());
    Assert.assertEquals("Permission Denied !", resp.getMsgDesc());
}
Also used : VXResponse(org.apache.ranger.view.VXResponse) XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXUser(org.apache.ranger.entity.XXUser) XXAssetDao(org.apache.ranger.db.XXAssetDao) XXResource(org.apache.ranger.entity.XXResource) XXUserDao(org.apache.ranger.db.XXUserDao) VXResource(org.apache.ranger.view.VXResource) XXAsset(org.apache.ranger.entity.XXAsset) ArrayList(java.util.ArrayList) XXPortalUserDao(org.apache.ranger.db.XXPortalUserDao) XXResourceDao(org.apache.ranger.db.XXResourceDao) Test(org.junit.Test)

Example 14 with XXUser

use of org.apache.ranger.entity.XXUser in project ranger by apache.

the class XGroupUserService method getTransactionLog.

public List<XXTrxLog> getTransactionLog(VXGroupUser vObj, XXGroupUser mObj, String action) {
    // if(vObj == null && (action == null || !action.equalsIgnoreCase("update"))){
    // return null;
    // }
    Long groupId = vObj.getParentGroupId();
    XXGroup xGroup = daoManager.getXXGroup().getById(groupId);
    String groupName = xGroup.getName();
    Long userId = vObj.getUserId();
    XXUser xUser = daoManager.getXXUser().getById(userId);
    String userName = xUser.getName();
    List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
    Field[] fields = vObj.getClass().getDeclaredFields();
    try {
        for (Field field : fields) {
            field.setAccessible(true);
            String fieldName = field.getName();
            if (!trxLogAttrs.containsKey(fieldName)) {
                continue;
            }
            VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
            XXTrxLog xTrxLog = new XXTrxLog();
            xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
            String value = null;
            boolean isEnum = vTrxLogAttr.isEnum();
            if (isEnum) {
                String enumName = XXAsset.getEnumName(fieldName);
                int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt("" + field.get(vObj));
                value = xaEnumUtil.getLabel(enumName, enumValue);
            } else {
                value = "" + field.get(vObj);
                XXGroup xXGroup = daoManager.getXXGroup().getById(Long.parseLong(value));
                value = xXGroup.getName();
            }
            if ("create".equalsIgnoreCase(action)) {
                xTrxLog.setNewValue(value);
            } else if ("delete".equalsIgnoreCase(action)) {
                xTrxLog.setPreviousValue(value);
            } else if ("update".equalsIgnoreCase(action)) {
                // No Change.
                xTrxLog.setNewValue(value);
                xTrxLog.setPreviousValue(value);
            }
            xTrxLog.setAction(action);
            xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP_USER);
            xTrxLog.setObjectId(vObj.getId());
            xTrxLog.setObjectName(userName);
            xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_GROUP);
            xTrxLog.setParentObjectId(groupId);
            xTrxLog.setParentObjectName(groupName);
            trxLogList.add(xTrxLog);
        }
    } catch (IllegalArgumentException e) {
        e.printStackTrace();
    } catch (IllegalAccessException e) {
        e.printStackTrace();
    } catch (SecurityException e) {
        e.printStackTrace();
    }
    return trxLogList;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) ArrayList(java.util.ArrayList) XXTrxLog(org.apache.ranger.entity.XXTrxLog) VTrxLogAttr(org.apache.ranger.common.view.VTrxLogAttr) Field(java.lang.reflect.Field) SearchField(org.apache.ranger.common.SearchField) XXGroup(org.apache.ranger.entity.XXGroup)

Example 15 with XXUser

use of org.apache.ranger.entity.XXUser in project ranger by apache.

the class XModuleDefService method populateViewBean.

@Override
public VXModuleDef populateViewBean(XXModuleDef xObj) {
    VXModuleDef vModuleDef = super.populateViewBean(xObj);
    Map<Long, XXUser> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserMap();
    Map<Long, XXGroup> xXGroupMap = xGroupService.getXXGroupIdXXGroupMap();
    List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
    List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
    List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByModuleId(xObj.getId(), false);
    List<XXGroupPermission> xgroupPermissionList = daoManager.getXXGroupPermission().findByModuleId(xObj.getId(), false);
    if (CollectionUtils.isEmpty(xXPortalUserIdXXUserMap)) {
        for (XXUserPermission xUserPerm : xuserPermissionList) {
            VXUserPermission vXUserPerm = xUserPermService.populateViewBean(xUserPerm);
            vXUserPermissionList.add(vXUserPerm);
        }
    } else {
        vXUserPermissionList = xUserPermService.getPopulatedVXUserPermissionList(xuserPermissionList, xXPortalUserIdXXUserMap, vModuleDef);
    }
    if (CollectionUtils.isEmpty(xXGroupMap)) {
        for (XXGroupPermission xGrpPerm : xgroupPermissionList) {
            VXGroupPermission vXGrpPerm = xGrpPermService.populateViewBean(xGrpPerm);
            vXGroupPermissionList.add(vXGrpPerm);
        }
    } else {
        vXGroupPermissionList = xGrpPermService.getPopulatedVXGroupPermissionList(xgroupPermissionList, xXGroupMap, vModuleDef);
    }
    vModuleDef.setUserPermList(vXUserPermissionList);
    vModuleDef.setGroupPermList(vXGroupPermissionList);
    return vModuleDef;
}
Also used : XXUser(org.apache.ranger.entity.XXUser) XXGroupPermission(org.apache.ranger.entity.XXGroupPermission) ArrayList(java.util.ArrayList) XXUserPermission(org.apache.ranger.entity.XXUserPermission) VXUserPermission(org.apache.ranger.view.VXUserPermission) XXGroup(org.apache.ranger.entity.XXGroup) VXGroupPermission(org.apache.ranger.view.VXGroupPermission) VXModuleDef(org.apache.ranger.view.VXModuleDef)

Aggregations

XXUser (org.apache.ranger.entity.XXUser)36 ArrayList (java.util.ArrayList)15 XXPortalUser (org.apache.ranger.entity.XXPortalUser)12 XXGroup (org.apache.ranger.entity.XXGroup)10 XXUserDao (org.apache.ranger.db.XXUserDao)9 XXTrxLog (org.apache.ranger.entity.XXTrxLog)9 UserSessionBase (org.apache.ranger.common.UserSessionBase)8 VXUser (org.apache.ranger.view.VXUser)8 Test (org.junit.Test)7 HashMap (java.util.HashMap)6 XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)5 XXUserPermission (org.apache.ranger.entity.XXUserPermission)5 VXString (org.apache.ranger.view.VXString)5 XXPermMap (org.apache.ranger.entity.XXPermMap)4 Field (java.lang.reflect.Field)3 SearchCriteria (org.apache.ranger.common.SearchCriteria)3 SearchField (org.apache.ranger.common.SearchField)3 VTrxLogAttr (org.apache.ranger.common.view.VTrxLogAttr)3 XXAuditMapDao (org.apache.ranger.db.XXAuditMapDao)3 XXGroupUserDao (org.apache.ranger.db.XXGroupUserDao)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial