Example 1 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class TestRangerPolicyValidator method test_isValidServiceWithZone_happyPath.
@Test
public final void test_isValidServiceWithZone_happyPath() throws Exception {
boolean isAdmin = true;
when(_policy.getId()).thenReturn(1L);
when(_policy.getName()).thenReturn("my-all");
when(_policy.getService()).thenReturn("hdfssvc");
when(_policy.getZoneName()).thenReturn("zone1");
when(_policy.getResources()).thenReturn(null);
when(_policy.getIsAuditEnabled()).thenReturn(Boolean.TRUE);
when(_policy.getIsEnabled()).thenReturn(Boolean.FALSE);
RangerService service = new RangerService();
service.setType("service-type");
service.setId(2L);
Action action = Action.CREATE;
List<String> tagSvcList = new ArrayList<String>();
tagSvcList.add("hdfssvc");
when(_store.getServiceByName("hdfssvc")).thenReturn(service);
RangerSecurityZone securityZone = new RangerSecurityZone();
securityZone.setName("zone1");
securityZone.setId(1L);
securityZone.setTagServices(tagSvcList);
when(_store.getSecurityZone("zone1")).thenReturn(securityZone);
when(_store.getPolicyId(2L, "my-all", 1L)).thenReturn(null);
RangerServiceDef svcDef = new RangerServiceDef();
svcDef.setName("my-svc-def");
when(_store.getServiceDefByName("service-type")).thenReturn(svcDef);
RangerPolicyResourceSignature policySignature = mock(RangerPolicyResourceSignature.class);
when(_factory.createPolicyResourceSignature(_policy)).thenReturn(policySignature);
Assert.assertTrue(_validator.isValid(_policy, action, isAdmin, _failures));
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
Action(org.apache.ranger.plugin.model.validation.RangerValidator.Action)
RangerPolicyResourceSignature(org.apache.ranger.plugin.model.RangerPolicyResourceSignature)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
ArrayList(java.util.ArrayList)
RangerService(org.apache.ranger.plugin.model.RangerService)
Test(org.junit.Test)
Example 2 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class TestRangerPolicyValidator method test_isValidServiceWithZone_failurePath.
@Test
public final void test_isValidServiceWithZone_failurePath() throws Exception {
boolean isAdmin = true;
when(_policy.getId()).thenReturn(1L);
when(_policy.getName()).thenReturn("my-all");
when(_policy.getService()).thenReturn("hdfssvc1");
when(_policy.getZoneName()).thenReturn("zone1");
when(_policy.getResources()).thenReturn(null);
when(_policy.getIsAuditEnabled()).thenReturn(Boolean.TRUE);
when(_policy.getIsEnabled()).thenReturn(Boolean.FALSE);
RangerService service = new RangerService();
service.setType("service-type");
service.setId(2L);
Action action = Action.CREATE;
List<String> tagSvcList = new ArrayList<String>();
tagSvcList.add("hdfssvc");
when(_store.getServiceByName("hdfssvc1")).thenReturn(service);
RangerSecurityZone securityZone = new RangerSecurityZone();
securityZone.setName("zone1");
securityZone.setId(1L);
securityZone.setTagServices(tagSvcList);
when(_store.getSecurityZone("zone1")).thenReturn(securityZone);
when(_store.getPolicyId(2L, "my-all", 1L)).thenReturn(null);
RangerServiceDef svcDef = new RangerServiceDef();
svcDef.setName("my-svc-def");
when(_store.getServiceDefByName("service-type")).thenReturn(svcDef);
RangerPolicyResourceSignature policySignature = mock(RangerPolicyResourceSignature.class);
when(_factory.createPolicyResourceSignature(_policy)).thenReturn(policySignature);
boolean isValid = _validator.isValid(_policy, action, isAdmin, _failures);
Assert.assertFalse(isValid);
Assert.assertEquals(_failures.get(0)._errorCode, 3048);
Assert.assertEquals(_failures.get(0)._reason, "Service name = hdfssvc1 is not associated to Zone name = zone1");
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
Action(org.apache.ranger.plugin.model.validation.RangerValidator.Action)
RangerPolicyResourceSignature(org.apache.ranger.plugin.model.RangerPolicyResourceSignature)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
ArrayList(java.util.ArrayList)
RangerService(org.apache.ranger.plugin.model.RangerService)
Test(org.junit.Test)
Example 3 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testValidateSecurityZoneWitoutResourcesForCreateThrowsError.
@Test
public void testValidateSecurityZoneWitoutResourcesForCreateThrowsError() throws Exception {
RangerSecurityZoneService rangerSecurityZoneService = new RangerSecurityZoneService();
RangerService rangerSvc = getRangerService();
RangerServiceDef rangerSvcDef = rangerServiceDef();
Mockito.when(_store.getServiceDefByName("1")).thenReturn(rangerSvcDef);
Map<String, RangerSecurityZone.RangerSecurityZoneService> map = new HashMap<String, RangerSecurityZone.RangerSecurityZoneService>();
map.put("hdfsSvc", rangerSecurityZoneService);
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
suppliedSecurityZone.setServices(map);
Mockito.when(_store.getSecurityZone("MyZone")).thenReturn(null);
Mockito.when(_store.getServiceByName("hdfsSvc")).thenReturn(rangerSvc);
try {
rangerSecurityZoneValidator.validate(suppliedSecurityZone, RangerValidator.Action.CREATE);
} catch (Exception ex) {
Assert.assertEquals(ex.getMessage(), "(0) Validation failure: error code[3039], reason[No resources specified for service [hdfsSvc]], field[security zone resources], subfield[null], type[missing] ");
}
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
HashMap(java.util.HashMap)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerSecurityZoneService(org.apache.ranger.plugin.model.RangerSecurityZone.RangerSecurityZoneService)
RangerService(org.apache.ranger.plugin.model.RangerService)
Test(org.junit.Test)
Example 4 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testValidateSecurityZoneWitoutRangerServiceDefResourceForCreateThrowsError.
@Test
public void testValidateSecurityZoneWitoutRangerServiceDefResourceForCreateThrowsError() throws Exception {
RangerService rangerSvc = getRangerService();
RangerServiceDef rangerSvcDef = rangerServiceDef();
rangerSvcDef.setResources(null);
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
Mockito.when(_store.getSecurityZone("MyZone")).thenReturn(null);
Mockito.when(_store.getServiceByName("hdfsSvc")).thenReturn(rangerSvc);
Mockito.when(_store.getServiceDefByName("1")).thenReturn(rangerSvcDef);
try {
rangerSecurityZoneValidator.validate(suppliedSecurityZone, RangerValidator.Action.CREATE);
} catch (Exception ex) {
Assert.assertEquals(ex.getMessage(), "(0) Validation failure: error code[3042], reason[Invalid resource hierarchy specified for service:[hdfsSvc], resource-hierarchy:[[hdfs]]], field[security zone resource hierarchy], subfield[null], type[] ");
}
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerService(org.apache.ranger.plugin.model.RangerService)
Test(org.junit.Test)
Example 5 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testValidateSecurityZoneNotExistForUpdateThrowsError.
@Test
public void testValidateSecurityZoneNotExistForUpdateThrowsError() throws Exception {
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
Mockito.when(_store.getSecurityZone(1L)).thenReturn(null);
try {
rangerSecurityZoneValidator.validate(suppliedSecurityZone, RangerValidator.Action.UPDATE);
} catch (Exception ex) {
Assert.assertEquals(ex.getMessage(), "(0) Validation failure: error code[3037], reason[No security zone found for [1]], field[id], subfield[null], type[] ");
}
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
Test(org.junit.Test)
Aggregations
RangerSecurityZone (org.apache.ranger.plugin.model.RangerSecurityZone)68
Test (org.junit.Test)40
ArrayList (java.util.ArrayList)27
XXSecurityZone (org.apache.ranger.entity.XXSecurityZone)16
WebApplicationException (javax.ws.rs.WebApplicationException)14
XXSecurityZoneDao (org.apache.ranger.db.XXSecurityZoneDao)12
RangerService (org.apache.ranger.plugin.model.RangerService)11
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)10
SearchFilter (org.apache.ranger.plugin.util.SearchFilter)10
XXTrxLog (org.apache.ranger.entity.XXTrxLog)9
RangerSecurityZoneService (org.apache.ranger.plugin.model.RangerSecurityZone.RangerSecurityZoneService)7
HashMap (java.util.HashMap)6
ValidationErrorCode (org.apache.ranger.plugin.errors.ValidationErrorCode)5
HashSet (java.util.HashSet)4
List (java.util.List)4
XXGlobalStateDao (org.apache.ranger.db.XXGlobalStateDao)4
Map (java.util.Map)3
Path (javax.ws.rs.Path)3
XXServiceDao (org.apache.ranger.db.XXServiceDao)3
XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)3
