Search in sources :

Example 16 with RangerAccessTypeDef

use of org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef in project ranger by apache.

the class TestRangerServiceDefServiceBase method test8populateRangerAccessTypeDefToXXNullValue.

@Test
public void test8populateRangerAccessTypeDefToXXNullValue() {
    RangerAccessTypeDef rangerAccessTypeDefObj = null;
    XXAccessTypeDef accessTypeDefObj = null;
    XXServiceDef serviceDefObj = null;
    Mockito.when(restErrorUtil.createRESTException("RangerServiceDef cannot be null.", MessageEnums.DATA_NOT_FOUND)).thenThrow(new WebApplicationException());
    thrown.expect(WebApplicationException.class);
    XXAccessTypeDef dbAccessTypeDef = rangerServiceDefService.populateRangerAccessTypeDefToXX(rangerAccessTypeDefObj, accessTypeDefObj, serviceDefObj, 1);
    Assert.assertNull(dbAccessTypeDef);
}
Also used : RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) XXServiceDef(org.apache.ranger.entity.XXServiceDef) WebApplicationException(javax.ws.rs.WebApplicationException) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) Test(org.junit.Test)

Example 17 with RangerAccessTypeDef

use of org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef in project ranger by apache.

the class TestRangerServiceDefServiceBase method test9populateXXToRangerAccessTypeDef.

@Test
public void test9populateXXToRangerAccessTypeDef() {
    XXAccessTypeDef accessTypeDefObj = new XXAccessTypeDef();
    accessTypeDefObj.setAddedByUserId(Id);
    accessTypeDefObj.setCreateTime(new Date());
    accessTypeDefObj.setDefid(Id);
    accessTypeDefObj.setId(Id);
    accessTypeDefObj.setLabel("Read");
    accessTypeDefObj.setName("read");
    accessTypeDefObj.setOrder(null);
    accessTypeDefObj.setRbkeylabel(null);
    accessTypeDefObj.setUpdatedByUserId(Id);
    accessTypeDefObj.setUpdateTime(new Date());
    RangerAccessTypeDef dbRangerAccessTypeDef = rangerServiceDefService.populateXXToRangerAccessTypeDef(accessTypeDefObj, Collections.emptyList());
    Assert.assertNotNull(dbRangerAccessTypeDef);
    Assert.assertEquals(dbRangerAccessTypeDef.getName(), accessTypeDefObj.getName());
    Assert.assertEquals(dbRangerAccessTypeDef.getLabel(), accessTypeDefObj.getLabel());
    Assert.assertEquals(dbRangerAccessTypeDef.getRbKeyLabel(), accessTypeDefObj.getRbkeylabel());
}
Also used : RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef) Date(java.util.Date) Test(org.junit.Test)

Example 18 with RangerAccessTypeDef

use of org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef in project ranger by apache.

the class RangerServiceDefValidator method isValidAccessTypes.

boolean isValidAccessTypes(final List<RangerAccessTypeDef> accessTypeDefs, final List<ValidationFailureDetails> failures) {
    if (LOG.isDebugEnabled()) {
        LOG.debug(String.format("==> RangerServiceDefValidator.isValidAccessTypes(%s, %s)", accessTypeDefs, failures));
    }
    boolean valid = true;
    if (CollectionUtils.isEmpty(accessTypeDefs)) {
        ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_MISSING_FIELD;
        failures.add(new ValidationFailureDetailsBuilder().field("access types").isMissing().errorCode(error.getErrorCode()).becauseOf(error.getMessage("access types")).build());
        valid = false;
    } else {
        List<RangerAccessTypeDef> defsWithImpliedGrants = new ArrayList<>();
        Set<String> accessNames = new HashSet<>();
        Set<Long> ids = new HashSet<>();
        for (RangerAccessTypeDef def : accessTypeDefs) {
            String name = def.getName();
            valid = isUnique(name, accessNames, "access type name", "access types", failures) && valid;
            valid = isUnique(def.getItemId(), ids, "access type itemId", "access types", failures) && valid;
            if (CollectionUtils.isNotEmpty(def.getImpliedGrants())) {
                defsWithImpliedGrants.add(def);
            }
        }
        // validate implied grants
        for (RangerAccessTypeDef def : defsWithImpliedGrants) {
            Collection<String> impliedGrants = getImpliedGrants(def);
            Set<String> unknownAccessTypes = Sets.difference(Sets.newHashSet(impliedGrants), accessNames);
            if (!unknownAccessTypes.isEmpty()) {
                ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_IMPLIED_GRANT_UNKNOWN_ACCESS_TYPE;
                failures.add(new ValidationFailureDetailsBuilder().field("implied grants").subField(// we return just on item here.  Message has all unknow items
                unknownAccessTypes.iterator().next()).isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(impliedGrants, unknownAccessTypes)).build());
                valid = false;
            }
            // implied grant should not imply itself!
            // note: this name could be null/blank/empty!
            String name = def.getName();
            if (impliedGrants.contains(name)) {
                ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_IMPLIED_GRANT_IMPLIES_ITSELF;
                failures.add(new ValidationFailureDetailsBuilder().field("implied grants").subField(name).isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage(impliedGrants, name)).build());
                valid = false;
            }
        }
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug(String.format("<== RangerServiceDefValidator.isValidAccessTypes(%s, %s): %s", accessTypeDefs, failures, valid));
    }
    return valid;
}
Also used : RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) ArrayList(java.util.ArrayList) ValidationErrorCode(org.apache.ranger.plugin.errors.ValidationErrorCode) HashSet(java.util.HashSet)

Example 19 with RangerAccessTypeDef

use of org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef in project ranger by apache.

the class RangerSecurityZoneValidatorTest method rangerServiceDef.

private RangerServiceDef rangerServiceDef() {
    RangerResourceDef rangerResourceDef = new RangerResourceDef();
    rangerResourceDef.setName("hdfs");
    List<RangerServiceConfigDef> configs = new ArrayList<RangerServiceConfigDef>();
    List<RangerResourceDef> resources = new ArrayList<RangerResourceDef>();
    resources.add(rangerResourceDef);
    List<RangerAccessTypeDef> accessTypes = new ArrayList<RangerAccessTypeDef>();
    List<RangerPolicyConditionDef> policyConditions = new ArrayList<RangerPolicyConditionDef>();
    List<RangerContextEnricherDef> contextEnrichers = new ArrayList<RangerContextEnricherDef>();
    List<RangerEnumDef> enums = new ArrayList<RangerEnumDef>();
    RangerServiceDef rangerServiceDef = new RangerServiceDef();
    rangerServiceDef.setId(1L);
    rangerServiceDef.setImplClass("RangerServiceHdfs");
    rangerServiceDef.setName("HDFS Repository");
    rangerServiceDef.setLabel("HDFS Repository");
    rangerServiceDef.setDescription("HDFS Repository");
    rangerServiceDef.setRbKeyDescription(null);
    rangerServiceDef.setUpdatedBy("Admin");
    rangerServiceDef.setUpdateTime(new Date());
    rangerServiceDef.setConfigs(configs);
    rangerServiceDef.setResources(resources);
    rangerServiceDef.setAccessTypes(accessTypes);
    rangerServiceDef.setPolicyConditions(policyConditions);
    rangerServiceDef.setContextEnrichers(contextEnrichers);
    rangerServiceDef.setEnums(enums);
    return rangerServiceDef;
}
Also used : RangerServiceConfigDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef) ArrayList(java.util.ArrayList) RangerEnumDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef) RangerPolicyConditionDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef) Date(java.util.Date) RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) RangerContextEnricherDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)

Example 20 with RangerAccessTypeDef

use of org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef in project ranger by apache.

the class ValidationTestUtils method createServiceDefWithAccessTypes.

RangerServiceDef createServiceDefWithAccessTypes(String[] accesses) {
    RangerServiceDef serviceDef = mock(RangerServiceDef.class);
    List<RangerAccessTypeDef> accessTypeDefs = new ArrayList<>();
    for (String access : accesses) {
        RangerAccessTypeDef accessTypeDef = mock(RangerAccessTypeDef.class);
        when(accessTypeDef.getName()).thenReturn(access);
        accessTypeDefs.add(accessTypeDef);
    }
    when(serviceDef.getAccessTypes()).thenReturn(accessTypeDefs);
    return serviceDef;
}
Also used : RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) ArrayList(java.util.ArrayList)

Aggregations

RangerAccessTypeDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef)33 ArrayList (java.util.ArrayList)22 RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)17 RangerResourceDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)13 RangerContextEnricherDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef)11 RangerEnumDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef)11 RangerPolicyConditionDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef)11 RangerServiceConfigDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef)11 Date (java.util.Date)10 Test (org.junit.Test)9 XXServiceDef (org.apache.ranger.entity.XXServiceDef)8 VXString (org.apache.ranger.view.VXString)7 HashSet (java.util.HashSet)6 XXAccessTypeDef (org.apache.ranger.entity.XXAccessTypeDef)5 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)5 XXServiceDao (org.apache.ranger.db.XXServiceDao)4 XXServiceDefDao (org.apache.ranger.db.XXServiceDefDao)4 XXService (org.apache.ranger.entity.XXService)4 RangerDataMaskDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef)3 RangerDataMaskTypeDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef)3