Search in sources :

Example 46 with RangerPolicyItem

use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem in project ranger by apache.

the class TestPublicAPIsv2 method rangerPolicy.

private RangerPolicy rangerPolicy() {
    List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
    List<String> users = new ArrayList<String>();
    List<String> groups = new ArrayList<String>();
    List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
    List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
    RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.setAccesses(accesses);
    rangerPolicyItem.setConditions(conditions);
    rangerPolicyItem.setGroups(groups);
    rangerPolicyItem.setUsers(users);
    rangerPolicyItem.setDelegateAdmin(false);
    policyItems.add(rangerPolicyItem);
    Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
    RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
    rangerPolicyResource.setIsExcludes(true);
    rangerPolicyResource.setIsRecursive(true);
    rangerPolicyResource.setValue("1");
    rangerPolicyResource.setValues(users);
    policyResource.put("resource", rangerPolicyResource);
    RangerPolicy policy = new RangerPolicy();
    policy.setId(Id);
    policy.setCreateTime(new Date());
    policy.setDescription("policy");
    policy.setGuid("policyguid");
    policy.setIsEnabled(true);
    policy.setName("HDFS_1-1-20150316062453");
    policy.setUpdatedBy("Admin");
    policy.setUpdateTime(new Date());
    policy.setService("HDFS_1-1-20150316062453");
    policy.setIsAuditEnabled(true);
    policy.setPolicyItems(policyItems);
    policy.setResources(policyResource);
    policy.setService("HDFS_1");
    return policy;
}
Also used : HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) Date(java.util.Date) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)

Example 47 with RangerPolicyItem

use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem in project ranger by apache.

the class TestPublicAPIsv2 method rangerPolicy1.

private RangerPolicy rangerPolicy1() {
    List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
    List<String> users = new ArrayList<String>();
    List<String> groups = new ArrayList<String>();
    List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
    List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
    RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.setAccesses(accesses);
    rangerPolicyItem.setConditions(conditions);
    rangerPolicyItem.setGroups(groups);
    rangerPolicyItem.setUsers(users);
    rangerPolicyItem.setDelegateAdmin(false);
    policyItems.add(rangerPolicyItem);
    Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
    RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
    rangerPolicyResource.setIsExcludes(true);
    rangerPolicyResource.setIsRecursive(true);
    rangerPolicyResource.setValue("2");
    rangerPolicyResource.setValues(users);
    policyResource.put("resource", rangerPolicyResource);
    RangerPolicy policy = new RangerPolicy();
    policy.setId(Id2);
    policy.setCreateTime(new Date());
    policy.setDescription("policy");
    policy.setGuid("policyguid");
    policy.setIsEnabled(true);
    policy.setName("HDFS_1-1-20150316062454");
    policy.setUpdatedBy("Admin");
    policy.setUpdateTime(new Date());
    policy.setService("HDFS_1-1-20150316062454");
    policy.setIsAuditEnabled(true);
    policy.setPolicyItems(policyItems);
    policy.setResources(policyResource);
    policy.setService("HDFS_2");
    return policy;
}
Also used : HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) Date(java.util.Date) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)

Example 48 with RangerPolicyItem

use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem in project ranger by apache.

the class TestServiceREST method rangerPolicy.

private RangerPolicy rangerPolicy() {
    List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
    List<String> users = new ArrayList<String>();
    List<String> groups = new ArrayList<String>();
    List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
    List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
    RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.setAccesses(accesses);
    rangerPolicyItem.setConditions(conditions);
    rangerPolicyItem.setGroups(groups);
    rangerPolicyItem.setUsers(users);
    rangerPolicyItem.setDelegateAdmin(false);
    policyItems.add(rangerPolicyItem);
    Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
    RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
    rangerPolicyResource.setIsExcludes(true);
    rangerPolicyResource.setIsRecursive(true);
    rangerPolicyResource.setValue("1");
    rangerPolicyResource.setValues(users);
    policyResource.put("resource", rangerPolicyResource);
    RangerPolicy policy = new RangerPolicy();
    policy.setId(Id);
    policy.setCreateTime(new Date());
    policy.setDescription("policy");
    policy.setGuid("policyguid");
    policy.setIsEnabled(true);
    policy.setName("HDFS_1-1-20150316062453");
    policy.setUpdatedBy("Admin");
    policy.setUpdateTime(new Date());
    policy.setService("HDFS_1-1-20150316062453");
    policy.setIsAuditEnabled(true);
    policy.setPolicyItems(policyItems);
    policy.setResources(policyResource);
    return policy;
}
Also used : HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) VXString(org.apache.ranger.view.VXString) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) Date(java.util.Date) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)

Example 49 with RangerPolicyItem

use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem in project ranger by apache.

the class TestServiceREST method test41applyPolicy.

@Test
public void test41applyPolicy() {
    RangerPolicy existingPolicy = rangerPolicy();
    RangerPolicy appliedPolicy = rangerPolicy();
    List<RangerPolicyItem> policyItem = new ArrayList<RangerPolicyItem>();
    existingPolicy.setPolicyItems(policyItem);
    appliedPolicy.setPolicyItems(null);
    Map<String, RangerPolicyResource> policyResources = new HashMap<String, RangerPolicyResource>();
    RangerPolicyResource rangerPolicyResource = new RangerPolicyResource("/tmp");
    rangerPolicyResource.setIsExcludes(true);
    rangerPolicyResource.setIsRecursive(true);
    policyResources.put("path", rangerPolicyResource);
    existingPolicy.setResources(policyResources);
    appliedPolicy.setResources(policyResources);
    RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group1");
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(true);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group3");
    rangerPolicyItem.getUsers().add("user3");
    rangerPolicyItem.setDelegateAdmin(true);
    existingPolicy.getPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group1");
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getAllowExceptions().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
    rangerPolicyItem.getGroups().add("public");
    rangerPolicyItem.getUsers().add("user");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
    rangerPolicyItem.getGroups().add("group1");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.setDelegateAdmin(false);
    appliedPolicy.getPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getGroups().add("public");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.setDelegateAdmin(false);
    appliedPolicy.getDenyPolicyItems().add(rangerPolicyItem);
    String existingPolicyStr = existingPolicy.toString();
    System.out.println("existingPolicy=" + existingPolicyStr);
    ServiceRESTUtil.processApplyPolicy(existingPolicy, appliedPolicy);
    String resultPolicyStr = existingPolicy.toString();
    System.out.println("resultPolicy=" + resultPolicyStr);
    assert (true);
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) VXString(org.apache.ranger.view.VXString) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) Test(org.junit.Test)

Example 50 with RangerPolicyItem

use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem in project ranger by apache.

the class TestServiceREST method test42grant.

@Test
public void test42grant() {
    RangerPolicy existingPolicy = rangerPolicy();
    List<RangerPolicyItem> policyItem = new ArrayList<RangerPolicyItem>();
    existingPolicy.setPolicyItems(policyItem);
    Map<String, RangerPolicyResource> policyResources = new HashMap<String, RangerPolicyResource>();
    RangerPolicyResource rangerPolicyResource = new RangerPolicyResource("/tmp");
    rangerPolicyResource.setIsExcludes(true);
    rangerPolicyResource.setIsRecursive(true);
    policyResources.put("path", rangerPolicyResource);
    existingPolicy.setResources(policyResources);
    RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group1");
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(true);
    existingPolicy.getPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group3");
    rangerPolicyItem.getUsers().add("user3");
    rangerPolicyItem.setDelegateAdmin(true);
    existingPolicy.getPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
    rangerPolicyItem.getGroups().add("group1");
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user1");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getAllowExceptions().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
    rangerPolicyItem.getGroups().add("group2");
    rangerPolicyItem.getUsers().add("user2");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
    rangerPolicyItem = new RangerPolicyItem();
    rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
    rangerPolicyItem.getGroups().add("public");
    rangerPolicyItem.getUsers().add("user");
    rangerPolicyItem.setDelegateAdmin(false);
    existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
    GrantRevokeRequest grantRequestObj = new GrantRevokeRequest();
    Map<String, String> resource = new HashMap<String, String>();
    resource.put("path", "/tmp");
    grantRequestObj.setResource(resource);
    grantRequestObj.getUsers().add("user1");
    grantRequestObj.getGroups().add("group1");
    grantRequestObj.getAccessTypes().add("delete");
    grantRequestObj.getAccessTypes().add("index");
    grantRequestObj.setDelegateAdmin(true);
    grantRequestObj.setEnableAudit(true);
    grantRequestObj.setIsRecursive(true);
    grantRequestObj.setGrantor("test42Grant");
    String existingPolicyStr = existingPolicy.toString();
    System.out.println("existingPolicy=" + existingPolicyStr);
    ServiceRESTUtil.processGrantRequest(existingPolicy, grantRequestObj);
    String resultPolicyStr = existingPolicy.toString();
    System.out.println("resultPolicy=" + resultPolicyStr);
    assert (true);
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) ArrayList(java.util.ArrayList) RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess) VXString(org.apache.ranger.view.VXString) RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem) GrantRevokeRequest(org.apache.ranger.plugin.util.GrantRevokeRequest) Test(org.junit.Test)

Aggregations

RangerPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)50 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)38 ArrayList (java.util.ArrayList)32 HashMap (java.util.HashMap)28 RangerPolicyItemAccess (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)28 RangerPolicyResource (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)28 Test (org.junit.Test)19 VXString (org.apache.ranger.view.VXString)15 RangerPolicyItemCondition (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)11 Date (java.util.Date)10 RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)9 ServicePolicies (org.apache.ranger.plugin.util.ServicePolicies)8 IOException (java.io.IOException)6 RangerDataMaskPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem)6 RangerRowFilterPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem)6 RangerService (org.apache.ranger.plugin.model.RangerService)6 XXServiceDef (org.apache.ranger.entity.XXServiceDef)5 List (java.util.List)4 SearchCriteria (org.apache.ranger.common.SearchCriteria)4 XXPolicy (org.apache.ranger.entity.XXPolicy)4