Example 51 with RangerPolicy
use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.
the class PublicAPIsv2 method deletePolicyByName.
@DELETE
@Path("/api/policy")
public void deletePolicyByName(@QueryParam("servicename") String serviceName, @QueryParam("policyname") String policyName, @Context HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("==> PublicAPIsv2.deletePolicyByName(" + serviceName + "," + policyName + ")");
}
if (serviceName == null || policyName == null) {
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "Invalid service name or policy name", true);
}
RangerPolicy policy = getPolicyByName(serviceName, policyName, request);
serviceREST.deletePolicy(policy.getId());
if (logger.isDebugEnabled()) {
logger.debug("<== PublicAPIsv2.deletePolicyByName(" + serviceName + "," + policyName + ")");
}
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
Example 52 with RangerPolicy
use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.
the class PublicAPIsv2 method updatePolicyByName.
@PUT
@Path("/api/service/{servicename}/policy/{policyname}")
@Produces({ "application/json", "application/xml" })
public RangerPolicy updatePolicyByName(RangerPolicy policy, @PathParam("servicename") String serviceName, @PathParam("policyname") String policyName, @Context HttpServletRequest request) {
if (policy.getService() == null || !policy.getService().equals(serviceName)) {
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "service name mismatch", true);
}
RangerPolicy oldPolicy = getPolicyByName(serviceName, policyName, request);
// ignore policy.id - if specified. Retrieve using the given serviceName+policyName and use id from the retrieved object
policy.setId(oldPolicy.getId());
if (StringUtils.isEmpty(policy.getGuid())) {
policy.setGuid(oldPolicy.getGuid());
}
if (StringUtils.isEmpty(policy.getName())) {
policy.setName(StringUtils.trim(oldPolicy.getName()));
}
return serviceREST.updatePolicy(policy);
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
Example 53 with RangerPolicy
use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.
the class PublicAPIsv2 method getPolicyByName.
@GET
@Path("/api/service/{servicename}/policy/{policyname}")
@Produces({ "application/json", "application/xml" })
public RangerPolicy getPolicyByName(@PathParam("servicename") String serviceName, @PathParam("policyname") String policyName, @Context HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("==> PublicAPIsv2.getPolicyByName(" + serviceName + "," + policyName + ")");
}
SearchFilter filter = new SearchFilter();
filter.setParam(SearchFilter.SERVICE_NAME, serviceName);
filter.setParam(SearchFilter.POLICY_NAME, policyName);
List<RangerPolicy> policies = serviceREST.getPolicies(filter);
if (policies.size() != 1) {
throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
}
RangerPolicy policy = policies.get(0);
if (logger.isDebugEnabled()) {
logger.debug("<== PublicAPIsv2.getPolicyByName(" + serviceName + "," + policyName + ")" + policy);
}
return policy;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
Example 54 with RangerPolicy
use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.
the class ServiceREST method applyPolicy.
/*
The verb for applyPolicy is POST as it could be partial update or a create
*/
@POST
@Path("/policies/apply")
@Produces({ "application/json", "application/xml" })
public RangerPolicy applyPolicy(RangerPolicy policy, @Context HttpServletRequest request) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.applyPolicy(" + policy + ")");
}
RangerPolicy ret = null;
if (policy != null && StringUtils.isNotBlank(policy.getService())) {
try {
// Check if applied policy contains any conditions
if (ServiceRESTUtil.containsRangerCondition(policy)) {
LOG.error("Applied policy contains condition(s); not supported:" + policy);
throw new Exception("Applied policy contains condition(s); not supported:" + policy);
}
String user = request.getRemoteUser();
RangerPolicy existingPolicy = getExactMatchPolicyForResource(policy.getService(), policy.getResources(), StringUtils.isNotBlank(user) ? user : "admin");
if (existingPolicy == null) {
ret = createPolicy(policy, null);
} else {
ServiceRESTUtil.processApplyPolicy(existingPolicy, policy);
ret = updatePolicy(existingPolicy);
}
} catch (WebApplicationException excp) {
throw excp;
} catch (Exception exception) {
LOG.error("Failed to apply policy:", exception);
throw restErrorUtil.createRESTException(exception.getMessage());
}
} else {
throw restErrorUtil.createRESTException("Non-existing service specified:");
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.applyPolicy(" + policy + ") : " + ret);
}
return ret;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
WebApplicationException(javax.ws.rs.WebApplicationException)
VXString(org.apache.ranger.view.VXString)
WebApplicationException(javax.ws.rs.WebApplicationException)
IOException(java.io.IOException)
JsonSyntaxException(com.google.gson.JsonSyntaxException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
Example 55 with RangerPolicy
use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.
the class ServiceREST method deletePolicy.
@DELETE
@Path("/policies/{id}")
@Produces({ "application/json", "application/xml" })
public void deletePolicy(@PathParam("id") Long id) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.deletePolicy(" + id + ")");
}
RangerPerfTracer perf = null;
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deletePolicy(policyId=" + id + ")");
}
RangerPolicyValidator validator = validatorFactory.getPolicyValidator(svcStore);
validator.validate(id, Action.DELETE);
RangerPolicy policy = svcStore.getPolicy(id);
ensureAdminAccess(policy);
bizUtil.blockAuditorRoleUser();
svcStore.deletePolicy(id);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("deletePolicy(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.deletePolicy(" + id + ")");
}
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
WebApplicationException(javax.ws.rs.WebApplicationException)
RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer)
RangerPolicyValidator(org.apache.ranger.plugin.model.validation.RangerPolicyValidator)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
Produces(javax.ws.rs.Produces)
Aggregations
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)196
ArrayList (java.util.ArrayList)78
Test (org.junit.Test)73
RangerService (org.apache.ranger.plugin.model.RangerService)52
VXString (org.apache.ranger.view.VXString)48
HashMap (java.util.HashMap)38
RangerPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)36
RangerPolicyResource (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)33
SearchFilter (org.apache.ranger.plugin.util.SearchFilter)30
WebApplicationException (javax.ws.rs.WebApplicationException)29
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)27
RangerPolicyItemAccess (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)26
Path (javax.ws.rs.Path)23
Produces (javax.ws.rs.Produces)22
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)20
Date (java.util.Date)19
IOException (java.io.IOException)18
XXService (org.apache.ranger.entity.XXService)18
ServicePolicies (org.apache.ranger.plugin.util.ServicePolicies)16
RangerPolicyList (org.apache.ranger.view.RangerPolicyList)15
