Example 61 with RangerPolicyResource
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceREST method test41applyPolicy.
@Test
public void test41applyPolicy() {
RangerPolicy existingPolicy = rangerPolicy();
RangerPolicy appliedPolicy = rangerPolicy();
List<RangerPolicyItem> policyItem = new ArrayList<RangerPolicyItem>();
existingPolicy.setPolicyItems(policyItem);
appliedPolicy.setPolicyItems(null);
Map<String, RangerPolicyResource> policyResources = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource("/tmp");
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
policyResources.put("path", rangerPolicyResource);
existingPolicy.setResources(policyResources);
appliedPolicy.setResources(policyResources);
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group1");
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(true);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group3");
rangerPolicyItem.getUsers().add("user3");
rangerPolicyItem.setDelegateAdmin(true);
existingPolicy.getPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group1");
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getAllowExceptions().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
rangerPolicyItem.getGroups().add("public");
rangerPolicyItem.getUsers().add("user");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
rangerPolicyItem.getGroups().add("group1");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.setDelegateAdmin(false);
appliedPolicy.getPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getGroups().add("public");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.setDelegateAdmin(false);
appliedPolicy.getDenyPolicyItems().add(rangerPolicyItem);
String existingPolicyStr = existingPolicy.toString();
System.out.println("existingPolicy=" + existingPolicyStr);
ServiceRESTUtil.processApplyPolicy(existingPolicy, appliedPolicy);
String resultPolicyStr = existingPolicy.toString();
System.out.println("resultPolicy=" + resultPolicyStr);
assert (true);
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
HashMap(java.util.HashMap)
RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)
ArrayList(java.util.ArrayList)
RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)
VXString(org.apache.ranger.view.VXString)
RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)
Test(org.junit.Test)
Example 62 with RangerPolicyResource
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceREST method test42grant.
@Test
public void test42grant() {
RangerPolicy existingPolicy = rangerPolicy();
List<RangerPolicyItem> policyItem = new ArrayList<RangerPolicyItem>();
existingPolicy.setPolicyItems(policyItem);
Map<String, RangerPolicyResource> policyResources = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource("/tmp");
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
policyResources.put("path", rangerPolicyResource);
existingPolicy.setResources(policyResources);
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group1");
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(true);
existingPolicy.getPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("read", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("write", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group3");
rangerPolicyItem.getUsers().add("user3");
rangerPolicyItem.setDelegateAdmin(true);
existingPolicy.getPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("lock", true));
rangerPolicyItem.getGroups().add("group1");
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user1");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getAllowExceptions().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("delete", true));
rangerPolicyItem.getGroups().add("group2");
rangerPolicyItem.getUsers().add("user2");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.getAccesses().add(new RangerPolicyItemAccess("index", true));
rangerPolicyItem.getGroups().add("public");
rangerPolicyItem.getUsers().add("user");
rangerPolicyItem.setDelegateAdmin(false);
existingPolicy.getDenyPolicyItems().add(rangerPolicyItem);
GrantRevokeRequest grantRequestObj = new GrantRevokeRequest();
Map<String, String> resource = new HashMap<String, String>();
resource.put("path", "/tmp");
grantRequestObj.setResource(resource);
grantRequestObj.getUsers().add("user1");
grantRequestObj.getGroups().add("group1");
grantRequestObj.getAccessTypes().add("delete");
grantRequestObj.getAccessTypes().add("index");
grantRequestObj.setDelegateAdmin(true);
grantRequestObj.setEnableAudit(true);
grantRequestObj.setIsRecursive(true);
grantRequestObj.setGrantor("test42Grant");
String existingPolicyStr = existingPolicy.toString();
System.out.println("existingPolicy=" + existingPolicyStr);
ServiceRESTUtil.processGrantRequest(existingPolicy, grantRequestObj);
String resultPolicyStr = existingPolicy.toString();
System.out.println("resultPolicy=" + resultPolicyStr);
assert (true);
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
HashMap(java.util.HashMap)
RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)
ArrayList(java.util.ArrayList)
RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)
VXString(org.apache.ranger.view.VXString)
RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)
GrantRevokeRequest(org.apache.ranger.plugin.util.GrantRevokeRequest)
Test(org.junit.Test)
Aggregations
RangerPolicyResource (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)62
HashMap (java.util.HashMap)38
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)36
RangerPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)28
ArrayList (java.util.ArrayList)27
RangerPolicyItemAccess (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)25
Test (org.junit.Test)23
VXString (org.apache.ranger.view.VXString)17
Date (java.util.Date)12
RangerPolicyItemCondition (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)11
RangerResourceDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)11
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)8
ServicePolicies (org.apache.ranger.plugin.util.ServicePolicies)8
XXServiceDef (org.apache.ranger.entity.XXServiceDef)7
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)7
IOException (java.io.IOException)6
XXService (org.apache.ranger.entity.XXService)5
RangerService (org.apache.ranger.plugin.model.RangerService)5
RangerServiceResource (org.apache.ranger.plugin.model.RangerServiceResource)5
Map (java.util.Map)4
