Examples with RangerPolicy org.apache.ranger.plugin.model.RangerPolicy used on opensource projects

Search in sources :

Example 26 with RangerPolicy

use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.

the class TestServiceREST method test30getPolicyFromEventTime.

@Test
public void test30getPolicyFromEventTime() throws Exception {
    HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
    String strdt = new Date().toString();
    String userName = "Admin";
    Set<String> userGroupsList = new HashSet<String>();
    userGroupsList.add("group1");
    userGroupsList.add("group2");
    Mockito.when(request.getParameter("eventTime")).thenReturn(strdt);
    Mockito.when(request.getParameter("policyId")).thenReturn("1");
    RangerPolicy policy = new RangerPolicy();
    Map<String, RangerPolicyResource> resources = new HashMap<String, RangerPolicy.RangerPolicyResource>();
    policy.setService("services");
    policy.setResources(resources);
    Mockito.when(svcStore.getPolicyFromEventTime(strdt, 1l)).thenReturn(policy);
    Mockito.when(bizUtil.isAdmin()).thenReturn(false);
    Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
    Mockito.when(restErrorUtil.createRESTException(Matchers.anyInt(), Matchers.anyString(), Matchers.anyBoolean())).thenThrow(new WebApplicationException());
    thrown.expect(WebApplicationException.class);
    RangerPolicy dbRangerPolicy = serviceREST.getPolicyFromEventTime(request);
    Assert.assertNull(dbRangerPolicy);
    Mockito.verify(request).getParameter("eventTime");
    Mockito.verify(request).getParameter("policyId");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) WebApplicationException(javax.ws.rs.WebApplicationException) HashMap(java.util.HashMap) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) VXString(org.apache.ranger.view.VXString) Date(java.util.Date) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 27 with RangerPolicy

use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.

the class TestRangerPolicyValidator method test_isPolicyResourceUnique.

@Test
public final void test_isPolicyResourceUnique() throws Exception {
    // if store does not contain any matching policies then check should succeed
    RangerPolicyResourceSignature signature = mock(RangerPolicyResourceSignature.class);
    String hash = "hash-1";
    when(signature.getSignature()).thenReturn(hash);
    when(_factory.createPolicyResourceSignature(_policy)).thenReturn(signature);
    when(_policy.getService()).thenReturn("service-name");
    List<RangerPolicy> policies = null;
    when(_store.getPoliciesByResourceSignature("service-name", hash, true)).thenReturn(policies);
    policies = new ArrayList<>();
    for (Action action : cu) {
        Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, action));
        Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, action));
    }
    /*
		 * If store has a policy with matching signature then the check should fail with appropriate error message.
		 * - For create any match is a problem
		 * - Signature check can never fail for disabled policies!
		 */
    RangerPolicy policy1 = mock(RangerPolicy.class);
    policies.add(policy1);
    when(_store.getPoliciesByResourceSignature("service-name", hash, true)).thenReturn(policies);
    // ensure policy is enabled
    when(_policy.getIsEnabled()).thenReturn(true);
    _failures.clear();
    Assert.assertFalse(_validator.isPolicyResourceUnique(_policy, _failures, Action.CREATE));
    _utils.checkFailureForSemanticError(_failures, "resources");
    // same check should pass if the policy is disabled
    when(_policy.getIsEnabled()).thenReturn(false);
    _failures.clear();
    Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, Action.CREATE));
    Assert.assertTrue("failures collection wasn't empty!", _failures.isEmpty());
    // For Update match with itself is not a problem as long as it isn't itself, i.e. same id.
    // ensure policy is enabled
    when(_policy.getIsEnabled()).thenReturn(true);
    when(policy1.getId()).thenReturn(103L);
    when(_policy.getId()).thenReturn(103L);
    Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, Action.UPDATE));
    // matching policy can't be some other policy (i.e. different id) because that implies a conflict.
    when(policy1.getId()).thenReturn(104L);
    Assert.assertFalse(_validator.isPolicyResourceUnique(_policy, _failures, Action.UPDATE));
    _utils.checkFailureForSemanticError(_failures, "resources");
    // same check should pass if the policy is disabled
    when(_policy.getIsEnabled()).thenReturn(false);
    _failures.clear();
    Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, Action.UPDATE));
    Assert.assertTrue("failures collection wasn't empty!", _failures.isEmpty());
    // And validation should never pass if there are more than one policies with matching signature, regardless of their ID!!
    RangerPolicy policy2 = mock(RangerPolicy.class);
    // has same id as the policy being tested (_policy)
    when(policy2.getId()).thenReturn(103L);
    policies.add(policy2);
    // ensure policy is enabled
    when(_policy.getIsEnabled()).thenReturn(true);
    Assert.assertFalse(_validator.isPolicyResourceUnique(_policy, _failures, Action.UPDATE));
    _utils.checkFailureForSemanticError(_failures, "resources");
    // same check should pass if the policy is disabled
    when(_policy.getIsEnabled()).thenReturn(false);
    _failures.clear();
    Assert.assertTrue(_validator.isPolicyResourceUnique(_policy, _failures, Action.UPDATE));
    Assert.assertTrue("failures collection wasn't empty!", _failures.isEmpty());
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) Action(org.apache.ranger.plugin.model.validation.RangerValidator.Action) RangerPolicyResourceSignature(org.apache.ranger.plugin.model.RangerPolicyResourceSignature) Test(org.junit.Test)

Example 28 with RangerPolicy

use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.

the class TestRangerValidator method test_getPolicyResources.

@Test
public void test_getPolicyResources() {
    Set<String> result;
    RangerPolicy policy = null;
    // null policy
    result = _validator.getPolicyResources(null);
    Assert.assertTrue(result != null);
    Assert.assertTrue(result.isEmpty());
    // null resource map
    policy = mock(RangerPolicy.class);
    when(policy.getResources()).thenReturn(null);
    result = _validator.getPolicyResources(null);
    Assert.assertTrue(result != null);
    Assert.assertTrue(result.isEmpty());
    // empty resource map
    Map<String, RangerPolicyResource> input = Maps.newHashMap();
    when(policy.getResources()).thenReturn(input);
    result = _validator.getPolicyResources(policy);
    Assert.assertTrue(result != null);
    Assert.assertTrue(result.isEmpty());
    // known resource map
    input.put("r1", mock(RangerPolicyResource.class));
    input.put("R2", mock(RangerPolicyResource.class));
    result = _validator.getPolicyResources(policy);
    Assert.assertEquals(2, result.size());
    Assert.assertTrue("r1", result.contains("r1"));
    // result should lowercase the resource-names
    Assert.assertTrue("R2", result.contains("r2"));
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource) Test(org.junit.Test)

Example 29 with RangerPolicy

use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.

the class TestRangerValidator method test_getIsAuditEnabled.

@Test
public void test_getIsAuditEnabled() {
    // null policy
    RangerPolicy policy = null;
    boolean result = _validator.getIsAuditEnabled(policy);
    Assert.assertFalse(result);
    // null isAuditEnabled Boolean is supposed to be TRUE!!
    policy = mock(RangerPolicy.class);
    when(policy.getIsAuditEnabled()).thenReturn(null);
    result = _validator.getIsAuditEnabled(policy);
    Assert.assertTrue(result);
    // non-null value
    when(policy.getIsAuditEnabled()).thenReturn(Boolean.FALSE);
    result = _validator.getIsAuditEnabled(policy);
    Assert.assertFalse(result);
    when(policy.getIsAuditEnabled()).thenReturn(Boolean.TRUE);
    result = _validator.getIsAuditEnabled(policy);
    Assert.assertTrue(result);
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) Test(org.junit.Test)

Example 30 with RangerPolicy

use of org.apache.ranger.plugin.model.RangerPolicy in project ranger by apache.

the class RangerBaseService method getDefaultPolicy.

private RangerPolicy getDefaultPolicy(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> RangerBaseService.getDefaultPolicy()");
    }
    RangerPolicy policy = new RangerPolicy();
    String policyName = buildPolicyName(resourceHierarchy);
    policy.setIsEnabled(true);
    policy.setVersion(1L);
    policy.setName(policyName);
    policy.setService(service.getName());
    policy.setDescription("Policy for " + policyName);
    policy.setIsAuditEnabled(true);
    policy.setResources(createDefaultPolicyResource(resourceHierarchy));
    List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
    // Create Default policy item for the service user
    RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(policy.getResources());
    policyItems.add(policyItem);
    policy.setPolicyItems(policyItems);
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== RangerBaseService.getDefaultPolicy()" + policy);
    }
    return policy;
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) ArrayList(java.util.ArrayList)

Aggregations

RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)196 ArrayList (java.util.ArrayList)78 Test (org.junit.Test)73 RangerService (org.apache.ranger.plugin.model.RangerService)52 VXString (org.apache.ranger.view.VXString)48 HashMap (java.util.HashMap)38 RangerPolicyItem (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)36 RangerPolicyResource (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)33 SearchFilter (org.apache.ranger.plugin.util.SearchFilter)30 WebApplicationException (javax.ws.rs.WebApplicationException)29 RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)27 RangerPolicyItemAccess (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)26 Path (javax.ws.rs.Path)23 Produces (javax.ws.rs.Produces)22 RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)20 Date (java.util.Date)19 IOException (java.io.IOException)18 XXService (org.apache.ranger.entity.XXService)18 ServicePolicies (org.apache.ranger.plugin.util.ServicePolicies)16 RangerPolicyList (org.apache.ranger.view.RangerPolicyList)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial