Example 51 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testIsValidSecurityZoneForDeleteWithoutNameReturnFalse.
@Test
public void testIsValidSecurityZoneForDeleteWithoutNameReturnFalse() throws Exception {
RangerSecurityZone suppliedSecurityZone = new RangerSecurityZone();
suppliedSecurityZone.setName(null);
List<ValidationFailureDetails> failures = new ArrayList<ValidationFailureDetails>();
boolean isValid = rangerSecurityZoneValidator.isValid(suppliedSecurityZone.getName(), RangerValidator.Action.DELETE, failures);
Assert.assertFalse(isValid);
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
ArrayList(java.util.ArrayList)
Test(org.junit.Test)
Example 52 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testIsValidSecurityZoneForDeleteWithWrongActionTypeReturnFalse.
@Test
public void testIsValidSecurityZoneForDeleteWithWrongActionTypeReturnFalse() throws Exception {
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
List<ValidationFailureDetails> failures = new ArrayList<ValidationFailureDetails>();
boolean isValid = rangerSecurityZoneValidator.isValid(suppliedSecurityZone.getName(), RangerValidator.Action.UPDATE, failures);
Assert.assertFalse(isValid);
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
ArrayList(java.util.ArrayList)
Test(org.junit.Test)
Example 53 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testValidateSecurityZoneForDelete.
@Test
public void testValidateSecurityZoneForDelete() throws Exception {
List<ValidationFailureDetails> failures = new ArrayList<ValidationFailureDetails>();
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
Mockito.when(_store.getSecurityZone(1L)).thenReturn(suppliedSecurityZone);
rangerSecurityZoneValidator.isValid(1L, RangerValidator.Action.DELETE, failures);
Mockito.verify(_store).getSecurityZone(1L);
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
ArrayList(java.util.ArrayList)
Test(org.junit.Test)
Example 54 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidatorTest method testValidateSecurityZoneWitoutRangerServiceForCreateThrowsError.
@Test
public void testValidateSecurityZoneWitoutRangerServiceForCreateThrowsError() throws Exception {
RangerSecurityZone suppliedSecurityZone = getRangerSecurityZone();
Mockito.when(_store.getSecurityZone("MyZone")).thenReturn(null);
Mockito.when(_store.getServiceByName("hdfsSvc")).thenReturn(null);
try {
rangerSecurityZoneValidator.validate(suppliedSecurityZone, RangerValidator.Action.CREATE);
} catch (Exception ex) {
Assert.assertEquals(ex.getMessage(), "(0) Validation failure: error code[3040], reason[Invalid service [hdfsSvc]], field[security zone resource service-name], subfield[null], type[] ");
}
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
Test(org.junit.Test)
Example 55 with RangerSecurityZone
use of org.apache.ranger.plugin.model.RangerSecurityZone in project ranger by apache.
the class RangerSecurityZoneValidator method isValid.
boolean isValid(RangerSecurityZone securityZone, Action action, List<ValidationFailureDetails> failures) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("==> RangerPolicyValidator.isValid(%s, %s, %s)", securityZone, action, failures));
}
if (!(action == Action.CREATE || action == Action.UPDATE)) {
throw new IllegalArgumentException("isValid(RangerPolicy, ...) is only supported for create/update");
}
boolean ret = true;
RangerSecurityZone existingZone;
final String zoneName = securityZone.getName();
if (StringUtils.isEmpty(StringUtils.trim(zoneName))) {
ValidationErrorCode error = ValidationErrorCode.SECURITY_ZONE_VALIDATION_ERR_MISSING_FIELD;
failures.add(new ValidationFailureDetailsBuilder().becauseOf("security zone name was null/missing").field("name").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage("name")).build());
ret = false;
}
if (action == Action.CREATE) {
securityZone.setId(-1L);
existingZone = getSecurityZone(zoneName);
if (existingZone != null) {
ValidationErrorCode error = ValidationErrorCode.SECURITY_ZONE_VALIDATION_ERR_ZONE_NAME_CONFLICT;
failures.add(new ValidationFailureDetailsBuilder().becauseOf("security zone name exists").field("name").errorCode(error.getErrorCode()).becauseOf(error.getMessage(existingZone.getId())).build());
ret = false;
}
} else {
Long zoneId = securityZone.getId();
existingZone = getSecurityZone(zoneId);
if (existingZone == null) {
ValidationErrorCode error = ValidationErrorCode.SECURITY_ZONE_VALIDATION_ERR_INVALID_ZONE_ID;
failures.add(new ValidationFailureDetailsBuilder().becauseOf("security zone with id does not exist").field("id").errorCode(error.getErrorCode()).becauseOf(error.getMessage(zoneId)).build());
ret = false;
} else if (StringUtils.isNotEmpty(StringUtils.trim(zoneName)) && !StringUtils.equals(zoneName, existingZone.getName())) {
existingZone = getSecurityZone(zoneName);
if (existingZone != null) {
if (!StringUtils.equals(existingZone.getName(), zoneName)) {
ValidationErrorCode error = ValidationErrorCode.SECURITY_ZONE_VALIDATION_ERR_ZONE_NAME_CONFLICT;
failures.add(new ValidationFailureDetailsBuilder().becauseOf("security zone name").field("name").errorCode(error.getErrorCode()).becauseOf(error.getMessage(existingZone.getId())).build());
ret = false;
}
}
}
}
ret = ret && validateWithinSecurityZone(securityZone, action, failures);
ret = ret && validateAgainstAllSecurityZones(securityZone, action, failures);
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("<== RangerPolicyValidator.isValid(%s, %s, %s) : %s", securityZone, action, failures, ret));
}
return ret;
}
Also used :
RangerSecurityZone(org.apache.ranger.plugin.model.RangerSecurityZone)
ValidationErrorCode(org.apache.ranger.plugin.errors.ValidationErrorCode)
Aggregations
RangerSecurityZone (org.apache.ranger.plugin.model.RangerSecurityZone)68
Test (org.junit.Test)40
ArrayList (java.util.ArrayList)27
XXSecurityZone (org.apache.ranger.entity.XXSecurityZone)16
WebApplicationException (javax.ws.rs.WebApplicationException)14
XXSecurityZoneDao (org.apache.ranger.db.XXSecurityZoneDao)12
RangerService (org.apache.ranger.plugin.model.RangerService)11
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)10
SearchFilter (org.apache.ranger.plugin.util.SearchFilter)10
XXTrxLog (org.apache.ranger.entity.XXTrxLog)9
RangerSecurityZoneService (org.apache.ranger.plugin.model.RangerSecurityZone.RangerSecurityZoneService)7
HashMap (java.util.HashMap)6
ValidationErrorCode (org.apache.ranger.plugin.errors.ValidationErrorCode)5
HashSet (java.util.HashSet)4
List (java.util.List)4
XXGlobalStateDao (org.apache.ranger.db.XXGlobalStateDao)4
Map (java.util.Map)3
Path (javax.ws.rs.Path)3
XXServiceDao (org.apache.ranger.db.XXServiceDao)3
XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)3
