use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceUtil method testToVXResourceForStormTopologyAndVXPermMapListWithGroupList.
@Test
public void testToVXResourceForStormTopologyAndVXPermMapListWithGroupList() {
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
XXGroup xxGroup = new XXGroup();
xxGroup.setId(6L);
xxGroup.setName("rangerGroup");
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
List<VXPermMap> vXPermMapList = new ArrayList<VXPermMap>();
VXPermMap vXPermMap1 = new VXPermMap();
vXPermMap1.setPermFor(2);
vXPermMap1.setPermType(12);
vXPermMap1.setGroupName("rangerGroup");
vXPermMap1.setIpAddress("10.329.85.65");
vXPermMapList.add(vXPermMap1);
VXPermMap vXPermMap2 = new VXPermMap();
vXPermMap2.setPermFor(2);
vXPermMap2.setPermType(6);
vXPermMap2.setGroupName("rangerGroup");
vXPermMap2.setIpAddress("10.329.85.65");
vXPermMapList.add(vXPermMap2);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setGuid(guidString);
expectedVXResource.setName("myTopology");
expectedVXResource.setTopologies("myTopology");
expectedVXResource.setPolicyName("storm Policy");
expectedVXResource.setDescription("storm policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("storm");
expectedVXResource.setAssetType(6);
expectedVXResource.setResourceStatus(1);
expectedVXResource.setAuditList(auditList);
expectedVXResource.setPermMapList(vXPermMapList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesListForTopology = new ArrayList<String>();
valuesListForTopology.add("myTopology");
RangerPolicyResource rangerPolicyResourceForTopology = new RangerPolicyResource();
rangerPolicyResourceForTopology.setValue("topology");
rangerPolicyResourceForTopology.setValues(valuesListForTopology);
rangerPolicyResourceMap.put("topology", rangerPolicyResourceForTopology);
List<String> valuesListForRangerPolicyItemCondition = new ArrayList<String>();
valuesListForRangerPolicyItemCondition.add("10.329.85.65");
List<String> groupList = new ArrayList<String>();
groupList.add("rangerGroup");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("storm Policy");
policy.setService("storm");
policy.setDescription("storm policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("storm");
rangerService.setType("storm");
List<RangerPolicyItem> rangerPolicyItemList = new ArrayList<RangerPolicy.RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
List<RangerPolicyItemCondition> rangerPolicyItemConditionList = new ArrayList<RangerPolicy.RangerPolicyItemCondition>();
RangerPolicyItemCondition rangerPolicyItemCondition = new RangerPolicyItemCondition();
rangerPolicyItemCondition.setType("ipaddress");
rangerPolicyItemCondition.setValues(valuesListForRangerPolicyItemCondition);
rangerPolicyItemConditionList.add(rangerPolicyItemCondition);
rangerPolicyItem.setConditions(rangerPolicyItemConditionList);
rangerPolicyItem.setGroups(groupList);
List<RangerPolicyItemAccess> rangerPolicyItemAccessList = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();
RangerPolicyItemAccess rangerPolicyItemAccess = new RangerPolicyItemAccess();
rangerPolicyItemAccess.setIsAllowed(true);
rangerPolicyItemAccess.setType("drop");
rangerPolicyItemAccessList.add(rangerPolicyItemAccess);
rangerPolicyItem.setAccesses(rangerPolicyItemAccessList);
rangerPolicyItem.setDelegateAdmin(true);
rangerPolicyItemList.add(rangerPolicyItem);
policy.setPolicyItems(rangerPolicyItemList);
policy.setResources(rangerPolicyResourceMap);
Mockito.when(xaDaoMgr.getXXGroup()).thenReturn(xxGroupDao);
Mockito.when(xxGroupDao.findByGroupName("rangerGroup")).thenReturn(xxGroup);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getResourceStatus(), actualVXResource.getResourceStatus());
Assert.assertEquals(expectedVXResource.getTopologies(), actualVXResource.getTopologies());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getPermFor(), actualVXResource.getPermMapList().get(0).getPermFor());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getPermType(), actualVXResource.getPermMapList().get(0).getPermType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getUserName(), actualVXResource.getPermMapList().get(0).getUserName());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getIpAddress(), actualVXResource.getPermMapList().get(0).getIpAddress());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getUserId(), actualVXResource.getPermMapList().get(0).getUserId());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getPermFor(), actualVXResource.getPermMapList().get(1).getPermFor());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getPermType(), actualVXResource.getPermMapList().get(1).getPermType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getUserName(), actualVXResource.getPermMapList().get(1).getUserName());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getIpAddress(), actualVXResource.getPermMapList().get(1).getIpAddress());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getUserId(), actualVXResource.getPermMapList().get(1).getUserId());
}
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceUtil method testToRangerPolicyForResourceTypePath.
@Test
public void testToRangerPolicyForResourceTypePath() {
RangerPolicy expectedRangerPolicy = new RangerPolicy();
expectedRangerPolicy.setId(1L);
expectedRangerPolicy.setName("hive Policy");
expectedRangerPolicy.setService("hive");
expectedRangerPolicy.setDescription("hive policy description");
Map<String, RangerPolicyResource> expectedMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesList = new ArrayList<String>();
valuesList.add("resource");
VXAuditMap vXAuditMap = new VXAuditMap();
vXAuditMap.setId(1L);
vXAuditMap.setOwner("rangerAdmin");
List<VXAuditMap> vXAuditMapList = new ArrayList<VXAuditMap>();
vXAuditMapList.add(vXAuditMap);
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("/localhost/files");
rangerPolicyResource.setValues(valuesList);
expectedMap.put("path", rangerPolicyResource);
expectedRangerPolicy.setResources(expectedMap);
RangerService rangerService = new RangerService();
rangerService.setName("hive");
VXResource resource = new VXResource();
resource.setId(1L);
resource.setName("resource");
resource.setUpdateDate(new Date());
resource.setCreateDate(new Date());
resource.setOwner("rangerAdmin");
resource.setUpdatedBy("rangerAdmin");
resource.setPolicyName("hive Policy");
resource.setDescription("hive policy description");
resource.setResourceStatus(RangerCommonEnums.STATUS_ENABLED);
resource.setIsRecursive(1);
resource.setTableType(1);
resource.setColumnType(1);
RangerPolicy actualRangerPolicy = serviceUtil.toRangerPolicy(resource, rangerService);
Assert.assertNotNull(actualRangerPolicy);
Assert.assertEquals(expectedRangerPolicy.getId(), actualRangerPolicy.getId());
Assert.assertEquals(expectedRangerPolicy.getName(), actualRangerPolicy.getName());
Assert.assertEquals(expectedRangerPolicy.getService(), actualRangerPolicy.getService());
Assert.assertEquals(expectedRangerPolicy.getDescription(), actualRangerPolicy.getDescription());
Assert.assertEquals(expectedRangerPolicy.getResources(), actualRangerPolicy.getResources());
}
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceUtil method testToRangerPolicyForResourceTypeUDF.
@Test
public void testToRangerPolicyForResourceTypeUDF() {
RangerPolicy expectedRangerPolicy = new RangerPolicy();
expectedRangerPolicy.setId(1L);
expectedRangerPolicy.setName("hive Policy");
expectedRangerPolicy.setService("hive");
expectedRangerPolicy.setDescription("hive policy description");
Map<String, RangerPolicyResource> expectedMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesList = new ArrayList<String>();
valuesList.add("udf");
VXAuditMap vXAuditMap = new VXAuditMap();
vXAuditMap.setId(1L);
vXAuditMap.setOwner("rangerAdmin");
List<VXAuditMap> vXAuditMapList = new ArrayList<VXAuditMap>();
vXAuditMapList.add(vXAuditMap);
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(false);
rangerPolicyResource.setValue("databases");
rangerPolicyResource.setValues(valuesList);
expectedMap.put("udf", rangerPolicyResource);
expectedRangerPolicy.setResources(expectedMap);
RangerService rangerService = new RangerService();
rangerService.setName("hive");
VXResource resource = new VXResource();
resource.setId(1L);
resource.setUdfs("udf");
resource.setUpdateDate(new Date());
resource.setCreateDate(new Date());
resource.setOwner("rangerAdmin");
resource.setUpdatedBy("rangerAdmin");
resource.setPolicyName("hive Policy");
resource.setDescription("hive policy description");
resource.setResourceStatus(RangerCommonEnums.STATUS_ENABLED);
resource.setIsRecursive(1);
resource.setTableType(1);
resource.setColumnType(1);
RangerPolicy actualRangerPolicy = serviceUtil.toRangerPolicy(resource, rangerService);
Assert.assertNotNull(actualRangerPolicy);
Assert.assertEquals(expectedRangerPolicy.getId(), actualRangerPolicy.getId());
Assert.assertEquals(expectedRangerPolicy.getName(), actualRangerPolicy.getName());
Assert.assertEquals(expectedRangerPolicy.getService(), actualRangerPolicy.getService());
Assert.assertEquals(expectedRangerPolicy.getDescription(), actualRangerPolicy.getDescription());
Assert.assertEquals(expectedRangerPolicy.getResources(), actualRangerPolicy.getResources());
}
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class TestServiceUtil method testToVXResourceForStormTopologyAndVXPermMapListWithUserList.
@Test
public void testToVXResourceForStormTopologyAndVXPermMapListWithUserList() {
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
XXUser xxUser = new XXUser();
xxUser.setId(6L);
xxUser.setName("rangerAdmin");
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
List<VXPermMap> vXPermMapList = new ArrayList<VXPermMap>();
VXPermMap vXPermMap1 = new VXPermMap();
vXPermMap1.setPermFor(1);
vXPermMap1.setUserId(6L);
vXPermMap1.setPermType(12);
vXPermMap1.setUserName("rangerAdmin");
vXPermMap1.setIpAddress("10.329.85.65");
vXPermMapList.add(vXPermMap1);
VXPermMap vXPermMap2 = new VXPermMap();
vXPermMap2.setPermFor(1);
vXPermMap2.setUserId(6L);
vXPermMap2.setPermType(6);
vXPermMap2.setUserName("rangerAdmin");
vXPermMap2.setIpAddress("10.329.85.65");
vXPermMapList.add(vXPermMap2);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setGuid(guidString);
expectedVXResource.setName("myTopology");
expectedVXResource.setTopologies("myTopology");
expectedVXResource.setPolicyName("storm Policy");
expectedVXResource.setDescription("storm policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("storm");
expectedVXResource.setAssetType(6);
expectedVXResource.setResourceStatus(1);
expectedVXResource.setAuditList(auditList);
expectedVXResource.setPermMapList(vXPermMapList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesListForTopology = new ArrayList<String>();
valuesListForTopology.add("myTopology");
RangerPolicyResource rangerPolicyResourceForTopology = new RangerPolicyResource();
rangerPolicyResourceForTopology.setValue("topology");
rangerPolicyResourceForTopology.setValues(valuesListForTopology);
rangerPolicyResourceMap.put("topology", rangerPolicyResourceForTopology);
List<String> valuesListForRangerPolicyItemCondition = new ArrayList<String>();
valuesListForRangerPolicyItemCondition.add("10.329.85.65");
List<String> usersList = new ArrayList<String>();
usersList.add("rangerAdmin");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("storm Policy");
policy.setService("storm");
policy.setDescription("storm policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("storm");
rangerService.setType("storm");
List<RangerPolicyItem> rangerPolicyItemList = new ArrayList<RangerPolicy.RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
List<RangerPolicyItemCondition> rangerPolicyItemConditionList = new ArrayList<RangerPolicy.RangerPolicyItemCondition>();
RangerPolicyItemCondition rangerPolicyItemCondition = new RangerPolicyItemCondition();
rangerPolicyItemCondition.setType("ipaddress");
rangerPolicyItemCondition.setValues(valuesListForRangerPolicyItemCondition);
rangerPolicyItemConditionList.add(rangerPolicyItemCondition);
rangerPolicyItem.setConditions(rangerPolicyItemConditionList);
rangerPolicyItem.setUsers(usersList);
List<RangerPolicyItemAccess> rangerPolicyItemAccessList = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();
RangerPolicyItemAccess rangerPolicyItemAccess = new RangerPolicyItemAccess();
rangerPolicyItemAccess.setIsAllowed(true);
rangerPolicyItemAccess.setType("drop");
rangerPolicyItemAccessList.add(rangerPolicyItemAccess);
rangerPolicyItem.setAccesses(rangerPolicyItemAccessList);
rangerPolicyItem.setDelegateAdmin(true);
rangerPolicyItemList.add(rangerPolicyItem);
policy.setPolicyItems(rangerPolicyItemList);
policy.setResources(rangerPolicyResourceMap);
Mockito.when(xaDaoMgr.getXXUser()).thenReturn(xxUserDao);
Mockito.when(xxUserDao.findByUserName("rangerAdmin")).thenReturn(xxUser);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getResourceStatus(), actualVXResource.getResourceStatus());
Assert.assertEquals(expectedVXResource.getTopologies(), actualVXResource.getTopologies());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getPermFor(), actualVXResource.getPermMapList().get(0).getPermFor());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getPermType(), actualVXResource.getPermMapList().get(0).getPermType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getUserName(), actualVXResource.getPermMapList().get(0).getUserName());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getIpAddress(), actualVXResource.getPermMapList().get(0).getIpAddress());
Assert.assertEquals(expectedVXResource.getPermMapList().get(0).getUserId(), actualVXResource.getPermMapList().get(0).getUserId());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getPermFor(), actualVXResource.getPermMapList().get(1).getPermFor());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getPermType(), actualVXResource.getPermMapList().get(1).getPermType());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getUserName(), actualVXResource.getPermMapList().get(1).getUserName());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getIpAddress(), actualVXResource.getPermMapList().get(1).getIpAddress());
Assert.assertEquals(expectedVXResource.getPermMapList().get(1).getUserId(), actualVXResource.getPermMapList().get(1).getUserId());
}
use of org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource in project ranger by apache.
the class PatchMigration_J10002 method mapXResourceToPolicy.
private RangerPolicy mapXResourceToPolicy(RangerPolicy policy, XXResource xRes, RangerService service) {
String serviceName = service.getName();
String serviceType = service.getType();
String name = xRes.getPolicyName();
String description = xRes.getDescription();
Boolean isAuditEnabled = true;
Boolean isEnabled = true;
Map<String, RangerPolicyResource> resources = new HashMap<String, RangerPolicyResource>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
XXServiceDef svcDef = daoMgr.getXXServiceDef().findByName(serviceType);
if (svcDef == null) {
logger.error(serviceType + ": service-def not found. Skipping policy '" + name + "'");
return null;
}
List<XXAuditMap> auditMapList = daoMgr.getXXAuditMap().findByResourceId(xRes.getId());
if (stringUtil.isEmpty(auditMapList)) {
isAuditEnabled = false;
}
if (xRes.getResourceStatus() == AppConstants.STATUS_DISABLED) {
isEnabled = false;
}
Boolean isPathRecursive = xRes.getIsRecursive() == RangerCommonEnums.BOOL_TRUE;
Boolean isTableExcludes = xRes.getTableType() == RangerCommonEnums.POLICY_EXCLUSION;
Boolean isColumnExcludes = xRes.getColumnType() == RangerCommonEnums.POLICY_EXCLUSION;
if (StringUtils.equalsIgnoreCase(serviceType, "hdfs")) {
toRangerResourceList(xRes.getName(), "path", Boolean.FALSE, isPathRecursive, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "hbase")) {
toRangerResourceList(xRes.getTables(), "table", isTableExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumnFamilies(), "column-family", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumns(), "column", isColumnExcludes, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "hive")) {
toRangerResourceList(xRes.getDatabases(), "database", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getTables(), "table", isTableExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumns(), "column", isColumnExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getUdfs(), "udf", Boolean.FALSE, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "knox")) {
toRangerResourceList(xRes.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getServices(), "service", Boolean.FALSE, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "storm")) {
toRangerResourceList(xRes.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, resources);
}
policyItems = getPolicyItemListForRes(xRes, svcDef);
policy.setService(serviceName);
policy.setName(name);
policy.setDescription(description);
policy.setIsAuditEnabled(isAuditEnabled);
policy.setIsEnabled(isEnabled);
policy.setResources(resources);
policy.setPolicyItems(policyItems);
policy.setCreateTime(xRes.getCreateTime());
policy.setUpdateTime(xRes.getUpdateTime());
XXPortalUser createdByUser = daoMgr.getXXPortalUser().getById(xRes.getAddedByUserId());
XXPortalUser updByUser = daoMgr.getXXPortalUser().getById(xRes.getUpdatedByUserId());
if (createdByUser != null) {
policy.setCreatedBy(createdByUser.getLoginId());
}
if (updByUser != null) {
policy.setUpdatedBy(updByUser.getLoginId());
}
policy.setId(xRes.getId());
return policy;
}
Aggregations