Examples with RangerService org.apache.ranger.plugin.model.RangerService used on opensource projects
Example 46 with RangerService
use of org.apache.ranger.plugin.model.RangerService in project ranger by apache.
the class RangerPolicyValidator method isValid.
boolean isValid(RangerPolicy policy, Action action, boolean isAdmin, List<ValidationFailureDetails> failures) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("==> RangerPolicyValidator.isValid(%s, %s, %s, %s)", policy, action, isAdmin, failures));
}
if (!(action == Action.CREATE || action == Action.UPDATE)) {
throw new IllegalArgumentException("isValid(RangerPolicy, ...) is only supported for create/update");
}
boolean valid = true;
if (policy == null) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_NULL_POLICY_OBJECT;
failures.add(new ValidationFailureDetailsBuilder().field("policy").isMissing().becauseOf(error.getMessage()).errorCode(error.getErrorCode()).build());
valid = false;
} else {
Integer priority = policy.getPolicyPriority();
if (priority != null) {
if (priority < RangerPolicy.POLICY_PRIORITY_NORMAL || priority > RangerPolicy.POLICY_PRIORITY_OVERRIDE) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_INVALID_PRIORITY;
failures.add(new ValidationFailureDetailsBuilder().field("policyPriority").isSemanticallyIncorrect().becauseOf(error.getMessage("out of range")).errorCode(error.getErrorCode()).build());
valid = false;
}
}
Long id = policy.getId();
RangerPolicy existingPolicy = null;
if (action == Action.UPDATE) {
// id is ignored for CREATE
if (id == null) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
failures.add(new ValidationFailureDetailsBuilder().field("id").isMissing().becauseOf(error.getMessage("id")).errorCode(error.getErrorCode()).build());
valid = false;
}
existingPolicy = getPolicy(id);
if (existingPolicy == null) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_POLICY_ID;
failures.add(new ValidationFailureDetailsBuilder().field("id").isSemanticallyIncorrect().becauseOf(error.getMessage(id)).errorCode(error.getErrorCode()).build());
valid = false;
}
}
String policyName = policy.getName();
String serviceName = policy.getService();
if (StringUtils.isBlank(policyName)) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
failures.add(new ValidationFailureDetailsBuilder().field("name").isMissing().becauseOf(error.getMessage("name")).errorCode(error.getErrorCode()).build());
valid = false;
} else {
List<RangerPolicy> policies = getPolicies(serviceName, policyName);
if (CollectionUtils.isNotEmpty(policies)) {
if (policies.size() > 1) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_MULTIPLE_POLICIES_WITH_SAME_NAME;
failures.add(new ValidationFailureDetailsBuilder().field("name").isAnInternalError().becauseOf(error.getMessage(policyName)).errorCode(error.getErrorCode()).build());
valid = false;
} else if (action == Action.CREATE) {
// size == 1
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_CONFLICT;
failures.add(new ValidationFailureDetailsBuilder().field("policy name").isSemanticallyIncorrect().becauseOf(error.getMessage(policies.iterator().next().getId(), serviceName)).errorCode(error.getErrorCode()).build());
valid = false;
} else if (!policies.iterator().next().getId().equals(id)) {
// size == 1 && action == UPDATE
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_CONFLICT;
failures.add(new ValidationFailureDetailsBuilder().field("id/name").isSemanticallyIncorrect().becauseOf(error.getMessage(policies.iterator().next().getId(), serviceName)).errorCode(error.getErrorCode()).build());
valid = false;
}
}
}
RangerService service = null;
boolean serviceNameValid = false;
if (StringUtils.isBlank(serviceName)) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
failures.add(new ValidationFailureDetailsBuilder().field("service name").isMissing().becauseOf(error.getMessage("service name")).errorCode(error.getErrorCode()).build());
valid = false;
} else {
service = getService(serviceName);
if (service == null) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_SERVICE_NAME;
failures.add(new ValidationFailureDetailsBuilder().field("service name").isSemanticallyIncorrect().becauseOf(error.getMessage(serviceName)).errorCode(error.getErrorCode()).build());
valid = false;
} else {
serviceNameValid = true;
}
}
if (existingPolicy != null) {
if (!StringUtils.equalsIgnoreCase(existingPolicy.getService(), policy.getService())) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_UPDATE_MOVE_SERVICE_NOT_ALLOWED;
failures.add(new ValidationFailureDetailsBuilder().field("service name").isSemanticallyIncorrect().becauseOf(error.getMessage(policy.getId(), existingPolicy.getService(), policy.getService())).errorCode(error.getErrorCode()).build());
valid = false;
}
int existingPolicyType = existingPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : existingPolicy.getPolicyType();
int policyType = policy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : policy.getPolicyType();
if (existingPolicyType != policyType) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_TYPE_CHANGE_NOT_ALLOWED;
failures.add(new ValidationFailureDetailsBuilder().field("policy type").isSemanticallyIncorrect().becauseOf(error.getMessage(policy.getId(), existingPolicyType, policyType)).errorCode(error.getErrorCode()).build());
valid = false;
}
}
boolean isAuditEnabled = getIsAuditEnabled(policy);
String serviceDefName = null;
RangerServiceDef serviceDef = null;
int policyItemsCount = 0;
int policyType = policy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : policy.getPolicyType();
switch(policyType) {
case RangerPolicy.POLICY_TYPE_DATAMASK:
if (CollectionUtils.isNotEmpty(policy.getDataMaskPolicyItems())) {
policyItemsCount += policy.getDataMaskPolicyItems().size();
}
break;
case RangerPolicy.POLICY_TYPE_ROWFILTER:
if (CollectionUtils.isNotEmpty(policy.getRowFilterPolicyItems())) {
policyItemsCount += policy.getRowFilterPolicyItems().size();
}
break;
default:
if (CollectionUtils.isNotEmpty(policy.getPolicyItems())) {
policyItemsCount += policy.getPolicyItems().size();
}
if (CollectionUtils.isNotEmpty(policy.getDenyPolicyItems())) {
policyItemsCount += policy.getDenyPolicyItems().size();
}
break;
}
if (policyItemsCount == 0 && !isAuditEnabled) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_POLICY_ITEMS;
failures.add(new ValidationFailureDetailsBuilder().field("policy items").isMissing().becauseOf(error.getMessage()).errorCode(error.getErrorCode()).build());
valid = false;
} else if (service != null) {
serviceDefName = service.getType();
serviceDef = getServiceDef(serviceDefName);
if (serviceDef == null) {
ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_SERVICE_DEF;
failures.add(new ValidationFailureDetailsBuilder().field("policy service def").isAnInternalError().becauseOf(error.getMessage(serviceDefName, serviceName)).errorCode(error.getErrorCode()).build());
valid = false;
} else {
valid = isValidPolicyItems(policy.getPolicyItems(), failures, serviceDef) && valid;
valid = isValidPolicyItems(policy.getDenyPolicyItems(), failures, serviceDef) && valid;
valid = isValidPolicyItems(policy.getAllowExceptions(), failures, serviceDef) && valid;
valid = isValidPolicyItems(policy.getDenyExceptions(), failures, serviceDef) && valid;
}
}
if (serviceNameValid) {
// resource checks can't be done meaningfully otherwise
valid = isValidValiditySchedule(policy, failures, action) && valid;
valid = isValidResources(policy, failures, action, isAdmin, serviceDef) && valid;
valid = isValidAccessTypeDef(policy, failures, action, isAdmin, serviceDef) && valid;
}
}
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("<== RangerPolicyValidator.isValid(%s, %s, %s, %s): %s", policy, action, isAdmin, failures, valid));
}
return valid;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerService(org.apache.ranger.plugin.model.RangerService)
ValidationErrorCode(org.apache.ranger.plugin.errors.ValidationErrorCode)
Example 47 with RangerService
use of org.apache.ranger.plugin.model.RangerService in project ranger by apache.
the class RangerServiceValidator method isValid.
boolean isValid(RangerService service, Action action, List<ValidationFailureDetails> failures) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceValidator.isValid(" + service + ")");
}
if (!(action == Action.CREATE || action == Action.UPDATE)) {
throw new IllegalArgumentException("isValid(RangerService, ...) is only supported for CREATE/UPDATE");
}
boolean valid = true;
if (service == null) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_NULL_SERVICE_OBJECT;
failures.add(new ValidationFailureDetailsBuilder().field("service").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage()).build());
valid = false;
} else {
Long id = service.getId();
if (action == Action.UPDATE) {
// id is ignored for CREATE
if (id == null) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_EMPTY_SERVICE_ID;
failures.add(new ValidationFailureDetailsBuilder().field("id").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage()).build());
valid = false;
} else if (getService(id) == null) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_ID;
failures.add(new ValidationFailureDetailsBuilder().field("id").isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(id)).build());
valid = false;
}
}
String name = service.getName();
boolean nameSpecified = StringUtils.isNotBlank(name);
RangerServiceDef serviceDef = null;
if (!nameSpecified) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_NAME;
failures.add(new ValidationFailureDetailsBuilder().field("name").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage(name)).build());
valid = false;
} else {
RangerService otherService = getService(name);
if (otherService != null && action == Action.CREATE) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_SERVICE_NAME_CONFICT;
failures.add(new ValidationFailureDetailsBuilder().field("name").isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(name)).build());
valid = false;
} else if (otherService != null && otherService.getId() != null && !otherService.getId().equals(id)) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_ID_NAME_CONFLICT;
failures.add(new ValidationFailureDetailsBuilder().field("id/name").isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(name, otherService.getId())).build());
valid = false;
}
}
String type = service.getType();
boolean typeSpecified = StringUtils.isNotBlank(type);
if (!typeSpecified) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_MISSING_SERVICE_DEF;
failures.add(new ValidationFailureDetailsBuilder().field("type").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage(type)).build());
valid = false;
} else {
serviceDef = getServiceDef(type);
if (serviceDef == null) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_DEF;
failures.add(new ValidationFailureDetailsBuilder().field("type").isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(type)).build());
valid = false;
}
}
if (nameSpecified && serviceDef != null) {
// check if required parameters were specified
Set<String> reqiredParameters = getRequiredParameters(serviceDef);
Set<String> inputParameters = getServiceConfigParameters(service);
Set<String> missingParameters = Sets.difference(reqiredParameters, inputParameters);
if (!missingParameters.isEmpty()) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_REQUIRED_PARM_MISSING;
failures.add(new ValidationFailureDetailsBuilder().field("configuration").subField(// we return any one parameter!
missingParameters.iterator().next()).isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage(missingParameters)).build());
valid = false;
}
}
String tagServiceName = service.getTagService();
if (StringUtils.isNotBlank(tagServiceName) && StringUtils.equals(type, EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
failures.add(new ValidationFailureDetailsBuilder().field("tag_service").isSemanticallyIncorrect().becauseOf("tag service cannot be part of any other service").build());
valid = false;
}
boolean needToEnsureServiceType = false;
if (action == Action.UPDATE) {
RangerService otherService = getService(name);
String otherTagServiceName = otherService == null ? null : otherService.getTagService();
if (StringUtils.isNotBlank(tagServiceName)) {
if (!StringUtils.equals(tagServiceName, otherTagServiceName)) {
needToEnsureServiceType = true;
}
}
} else {
// action == Action.CREATE
if (StringUtils.isNotBlank(tagServiceName)) {
needToEnsureServiceType = true;
}
}
if (needToEnsureServiceType) {
RangerService maybeTagService = getService(tagServiceName);
if (maybeTagService == null || !StringUtils.equals(maybeTagService.getType(), EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
failures.add(new ValidationFailureDetailsBuilder().field("tag_service").isSemanticallyIncorrect().becauseOf("tag service name does not refer to existing tag service:" + tagServiceName).build());
valid = false;
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerServiceValidator.isValid(" + service + "): " + valid);
}
return valid;
}
Also used :
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerService(org.apache.ranger.plugin.model.RangerService)
ValidationErrorCode(org.apache.ranger.plugin.errors.ValidationErrorCode)
Example 48 with RangerService
use of org.apache.ranger.plugin.model.RangerService in project ranger by apache.
the class TagREST method getSecureServiceTagsIfUpdated.
@GET
@Path(TagRESTConstants.TAGS_SECURE_DOWNLOAD + "{serviceName}")
@Produces({ "application/json", "application/xml" })
public ServiceTags getSecureServiceTagsIfUpdated(@PathParam("serviceName") String serviceName, @QueryParam(TagRESTConstants.LAST_KNOWN_TAG_VERSION_PARAM) Long lastKnownVersion, @DefaultValue("0") @QueryParam(TagRESTConstants.LAST_ACTIVATION_TIME) Long lastActivationTime, @QueryParam("pluginId") String pluginId, @Context HttpServletRequest request) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> TagREST.getSecureServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ", " + lastActivationTime + ", " + pluginId + ")");
}
ServiceTags ret = null;
int httpCode = HttpServletResponse.SC_OK;
String logMsg = null;
boolean isAllowed = false;
boolean isAdmin = bizUtil.isAdmin();
boolean isKeyAdmin = bizUtil.isKeyAdmin();
Long downloadedVersion = null;
try {
XXService xService = daoManager.getXXService().findByName(serviceName);
if (xService == null) {
LOG.error("Requested Service not found. serviceName=" + serviceName);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Service:" + serviceName + " not found", false);
}
XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(xService.getType());
RangerService rangerService = svcStore.getServiceByName(serviceName);
if (StringUtils.equals(xServiceDef.getImplclassname(), EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME)) {
if (isKeyAdmin) {
isAllowed = true;
} else {
isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Tag_Download);
}
} else {
if (isAdmin) {
isAllowed = true;
} else {
isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Tag_Download);
}
}
if (isAllowed) {
ret = tagStore.getServiceTagsIfUpdated(serviceName, lastKnownVersion);
if (ret == null) {
downloadedVersion = lastKnownVersion;
httpCode = HttpServletResponse.SC_NOT_MODIFIED;
logMsg = "No change since last update";
} else {
downloadedVersion = ret.getTagVersion();
httpCode = HttpServletResponse.SC_OK;
logMsg = "Returning " + (ret.getTags() != null ? ret.getTags().size() : 0) + " tags. Tag version=" + ret.getTagVersion();
}
} else {
LOG.error("getSecureServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ", " + lastActivationTime + ") failed as User doesn't have permission to download tags");
httpCode = HttpServletResponse.SC_UNAUTHORIZED;
logMsg = "User doesn't have permission to download tags";
}
} catch (WebApplicationException webException) {
httpCode = webException.getResponse().getStatus();
logMsg = webException.getResponse().getEntity().toString();
} catch (Exception excp) {
httpCode = HttpServletResponse.SC_BAD_REQUEST;
logMsg = excp.getMessage();
} finally {
assetMgr.createPluginInfo(serviceName, pluginId, request, RangerPluginInfo.ENTITY_TYPE_TAGS, downloadedVersion, lastKnownVersion, lastActivationTime, httpCode);
}
if (httpCode != HttpServletResponse.SC_OK) {
boolean logError = httpCode != HttpServletResponse.SC_NOT_MODIFIED;
throw restErrorUtil.createRESTException(httpCode, logMsg, logError);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== TagREST.getSecureServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ", " + lastActivationTime + ", " + pluginId + ")");
}
return ret;
}
Also used :
XXServiceDef(org.apache.ranger.entity.XXServiceDef)
WebApplicationException(javax.ws.rs.WebApplicationException)
ServiceTags(org.apache.ranger.plugin.util.ServiceTags)
RangerService(org.apache.ranger.plugin.model.RangerService)
XXService(org.apache.ranger.entity.XXService)
WebApplicationException(javax.ws.rs.WebApplicationException)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 49 with RangerService
use of org.apache.ranger.plugin.model.RangerService in project ranger by apache.
the class RangerDataHistService method createObjectDataHistory.
public void createObjectDataHistory(RangerBaseModelObject baseModelObj, String action) {
if (baseModelObj == null || action == null) {
throw restErrorUtil.createRESTException("Error while creating DataHistory. " + "Object or Action can not be null.", MessageEnums.DATA_NOT_FOUND);
}
Integer classType = null;
String objectName = null;
String content = null;
Long objectId = baseModelObj.getId();
String objectGuid = baseModelObj.getGuid();
Date currentDate = DateUtil.getUTCDate();
XXDataHist xDataHist = new XXDataHist();
xDataHist.setObjectId(baseModelObj.getId());
xDataHist.setObjectGuid(objectGuid);
xDataHist.setCreateTime(currentDate);
xDataHist.setAction(action);
xDataHist.setVersion(baseModelObj.getVersion());
xDataHist.setUpdateTime(currentDate);
xDataHist.setFromTime(currentDate);
if (baseModelObj instanceof RangerServiceDef) {
RangerServiceDef serviceDef = (RangerServiceDef) baseModelObj;
objectName = serviceDef.getName();
classType = AppConstants.CLASS_TYPE_XA_SERVICE_DEF;
content = writeObjectAsString(serviceDef);
} else if (baseModelObj instanceof RangerService) {
RangerService service = (RangerService) baseModelObj;
objectName = service.getName();
classType = AppConstants.CLASS_TYPE_XA_SERVICE;
content = writeObjectAsString(service);
} else if (baseModelObj instanceof RangerPolicy) {
RangerPolicy policy = (RangerPolicy) baseModelObj;
objectName = policy.getName();
classType = AppConstants.CLASS_TYPE_RANGER_POLICY;
XXService xXService = daoMgr.getXXService().findByName(policy.getService());
XXServiceDef xxServiceDef = null;
if (xXService != null) {
xxServiceDef = daoMgr.getXXServiceDef().getById(xXService.getType());
}
if (xxServiceDef != null) {
policy.setServiceType(xxServiceDef.getName());
}
content = writeObjectAsString(policy);
}
xDataHist.setObjectClassType(classType);
xDataHist.setObjectName(objectName);
xDataHist.setContent(content);
xDataHist = daoMgr.getXXDataHist().create(xDataHist);
if (ACTION_UPDATE.equalsIgnoreCase(action) || ACTION_DELETE.equalsIgnoreCase(action)) {
XXDataHist prevHist = daoMgr.getXXDataHist().findLatestByObjectClassTypeAndObjectId(classType, objectId);
if (prevHist == null) {
throw restErrorUtil.createRESTException("Error updating DataHistory Object. ObjectName: " + objectName, MessageEnums.DATA_NOT_UPDATABLE);
}
prevHist.setUpdateTime(currentDate);
prevHist.setToTime(currentDate);
prevHist.setObjectName(objectName);
prevHist = daoMgr.getXXDataHist().update(prevHist);
}
}
Also used :
XXDataHist(org.apache.ranger.entity.XXDataHist)
XXServiceDef(org.apache.ranger.entity.XXServiceDef)
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerService(org.apache.ranger.plugin.model.RangerService)
XXService(org.apache.ranger.entity.XXService)
Date(java.util.Date)
Example 50 with RangerService
use of org.apache.ranger.plugin.model.RangerService in project ranger by apache.
the class PatchMigration_J10002 method migratePoliciesToNewSchema.
public void migratePoliciesToNewSchema() throws Exception {
logger.info("==> MigrationPatch.migratePoliciesToNewSchema()");
try {
List<XXResource> resList = daoMgr.getXXResource().getAll();
if (resList.isEmpty()) {
return;
}
svcDBStore.setPopulateExistingBaseFields(true);
for (XXResource xRes : resList) {
if (xRes.getResourceStatus() == AppConstants.STATUS_DELETED) {
continue;
}
XXAsset xAsset = daoMgr.getXXAsset().getById(xRes.getAssetId());
if (xAsset == null) {
logger.error("No Repository found for policyName: " + xRes.getPolicyName());
continue;
}
RangerService service = svcDBStore.getServiceByName(xAsset.getName());
if (service == null) {
logger.error("No Service found for policy. Ignoring migration of such policy, policyName: " + xRes.getPolicyName());
continue;
}
XXPolicy existing = daoMgr.getXXPolicy().findByNameAndServiceId(xRes.getPolicyName(), service.getId());
if (existing != null) {
logger.info("Policy already exists. Ignoring migration of policy: " + existing.getName());
continue;
}
RangerPolicy policy = new RangerPolicy();
policy = mapXResourceToPolicy(policy, xRes, service);
if (policy != null) {
policy = svcDBStore.createPolicy(policy);
policyCounter++;
logger.info("New policy created. policyName: " + policy.getName());
}
}
svcDBStore.setPopulateExistingBaseFields(false);
} catch (Exception e) {
throw new Exception("Error while migrating data to new Plugin Schema.", e);
}
logger.info("<== MigrationPatch.migratePoliciesToNewSchema()");
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
XXResource(org.apache.ranger.entity.XXResource)
XXAsset(org.apache.ranger.entity.XXAsset)
RangerService(org.apache.ranger.plugin.model.RangerService)
XXPolicy(org.apache.ranger.entity.XXPolicy)
Aggregations
RangerService (org.apache.ranger.plugin.model.RangerService)163
Test (org.junit.Test)85
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)52
ArrayList (java.util.ArrayList)39
WebApplicationException (javax.ws.rs.WebApplicationException)30
XXServiceDef (org.apache.ranger.entity.XXServiceDef)26
SearchFilter (org.apache.ranger.plugin.util.SearchFilter)24
VXString (org.apache.ranger.view.VXString)24
XXService (org.apache.ranger.entity.XXService)23
Path (javax.ws.rs.Path)22
Produces (javax.ws.rs.Produces)21
Date (java.util.Date)20
HashMap (java.util.HashMap)16
XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)14
IOException (java.io.IOException)12
GET (javax.ws.rs.GET)12
XXTrxLog (org.apache.ranger.entity.XXTrxLog)12
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)12
