Example 16 with RangerResourceDef
use of org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef in project ranger by apache.
the class RangerServiceDefHelper method getServiceDefForPolicyFiltering.
public static RangerServiceDef getServiceDefForPolicyFiltering(RangerServiceDef serviceDef) {
List<RangerResourceDef> modifiedResourceDefs = new ArrayList<RangerResourceDef>();
for (RangerResourceDef resourceDef : serviceDef.getResources()) {
final RangerResourceDef modifiedResourceDef;
String matcherClassName = resourceDef.getMatcher();
if (RangerPathResourceMatcher.class.getName().equals(matcherClassName)) {
Map<String, String> modifiedMatcherOptions = new HashMap<String, String>(resourceDef.getMatcherOptions());
modifiedMatcherOptions.put(RangerAbstractResourceMatcher.OPTION_WILD_CARD, "false");
modifiedResourceDef = new RangerResourceDef(resourceDef);
modifiedResourceDef.setMatcherOptions(modifiedMatcherOptions);
modifiedResourceDef.setRecursiveSupported(false);
} else {
modifiedResourceDef = resourceDef;
}
modifiedResourceDefs.add(modifiedResourceDef);
}
return new RangerServiceDef(serviceDef.getName(), serviceDef.getImplClass(), serviceDef.getLabel(), serviceDef.getDescription(), serviceDef.getOptions(), serviceDef.getConfigs(), modifiedResourceDefs, serviceDef.getAccessTypes(), serviceDef.getPolicyConditions(), serviceDef.getContextEnrichers(), serviceDef.getEnums());
}
Also used :
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
ArrayList(java.util.ArrayList)
RangerPathResourceMatcher(org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
Example 17 with RangerResourceDef
use of org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef in project ranger by apache.
the class RangerServiceDefHelper method getFilterResourcesForAncestorPolicyFiltering.
public static Map<String, String> getFilterResourcesForAncestorPolicyFiltering(RangerServiceDef serviceDef, Map<String, String> filterResources) {
Map<String, String> ret = null;
for (RangerResourceDef resourceDef : serviceDef.getResources()) {
String matcherClassName = resourceDef.getMatcher();
if (RangerPathResourceMatcher.class.getName().equals(matcherClassName)) {
String resourceDefName = resourceDef.getName();
final Map<String, String> resourceMatcherOptions = resourceDef.getMatcherOptions();
String delimiter = resourceMatcherOptions.get(RangerPathResourceMatcher.OPTION_PATH_SEPARATOR);
if (StringUtils.isBlank(delimiter)) {
delimiter = Character.toString(RangerPathResourceMatcher.DEFAULT_PATH_SEPARATOR_CHAR);
}
String resourceValue = filterResources.get(resourceDefName);
if (StringUtils.isNotBlank(resourceValue)) {
if (!resourceValue.endsWith(delimiter)) {
resourceValue += delimiter;
}
resourceValue += RangerAbstractResourceMatcher.WILDCARD_ASTERISK;
if (ret == null) {
ret = new HashMap<String, String>();
}
ret.put(resourceDefName, resourceValue);
}
}
}
return ret;
}
Also used :
RangerPathResourceMatcher(org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
Example 18 with RangerResourceDef
use of org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef in project ranger by apache.
the class RangerServiceDefValidator method isValidResourceGraph.
boolean isValidResourceGraph(RangerServiceDef serviceDef, List<ValidationFailureDetails> failures) {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("==> RangerServiceDefValidator.isValidResourceGraph(%s, %s)", serviceDef, failures));
}
boolean valid = true;
// We don't want this helper to get into the cache or to use what is in the cache!!
RangerServiceDefHelper defHelper = _factory.createServiceDefHelper(serviceDef, false);
if (!defHelper.isResourceGraphValid()) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_RESOURCE_GRAPH_INVALID;
failures.add(new ValidationFailureDetailsBuilder().field("resource graph").isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage()).build());
valid = false;
}
// resource level should be unique within a hierarchy
for (int policyType : RangerPolicy.POLICY_TYPES) {
Set<List<RangerResourceDef>> hierarchies = defHelper.getResourceHierarchies(policyType);
for (List<RangerResourceDef> aHierarchy : hierarchies) {
Set<Integer> levels = new HashSet<Integer>(aHierarchy.size());
for (RangerResourceDef resourceDef : aHierarchy) {
valid = isUnique(resourceDef.getLevel(), levels, "resource level", "resources", failures) && valid;
}
// Ensure that aHierarchy contains resource-defs with increasing level values
int lastResourceLevel = Integer.MIN_VALUE;
for (RangerResourceDef resourceDef : aHierarchy) {
Integer resourceDefLevel = resourceDef.getLevel();
if (resourceDefLevel == null || resourceDefLevel < lastResourceLevel) {
ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_RESOURCE_LEVELS;
failures.add(new ValidationFailureDetailsBuilder().field("resource level").subField(String.valueOf(resourceDefLevel)).isSemanticallyIncorrect().errorCode(error.getErrorCode()).becauseOf(error.getMessage()).build());
valid = false;
break;
} else {
lastResourceLevel = resourceDef.getLevel();
}
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("<== RangerServiceDefValidator.isValidResourceGraph(%s, %s): %s", serviceDef, failures, valid));
}
return valid;
}
Also used :
ArrayList(java.util.ArrayList)
List(java.util.List)
ValidationErrorCode(org.apache.ranger.plugin.errors.ValidationErrorCode)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
HashSet(java.util.HashSet)
Example 19 with RangerResourceDef
use of org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef in project ranger by apache.
the class RangerValidator method getValidationRegExes.
Map<String, String> getValidationRegExes(RangerServiceDef serviceDef) {
if (serviceDef == null || CollectionUtils.isEmpty(serviceDef.getResources())) {
return new HashMap<>();
} else {
Map<String, String> result = new HashMap<>();
for (RangerResourceDef resourceDef : serviceDef.getResources()) {
if (resourceDef == null) {
LOG.warn("A resource def in resource def collection is null");
} else {
String name = resourceDef.getName();
String regEx = resourceDef.getValidationRegEx();
if (StringUtils.isBlank(name)) {
LOG.warn("resource name is null/empty/blank");
} else if (StringUtils.isBlank(regEx)) {
LOG.debug("validation regex is null/empty/blank");
} else {
result.put(name, regEx);
}
}
}
return result;
}
}
Also used :
HashMap(java.util.HashMap)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
Example 20 with RangerResourceDef
use of org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef in project ranger by apache.
the class TestServiceDBStore method rangerServiceDef.
private RangerServiceDef rangerServiceDef() {
List<RangerServiceConfigDef> configs = new ArrayList<RangerServiceConfigDef>();
RangerServiceConfigDef serviceConfigDefObj = new RangerServiceConfigDef();
serviceConfigDefObj.setDefaultValue("xyz");
serviceConfigDefObj.setDescription("ServiceDef");
serviceConfigDefObj.setItemId(Id);
serviceConfigDefObj.setLabel("Username");
serviceConfigDefObj.setMandatory(true);
serviceConfigDefObj.setName("username");
serviceConfigDefObj.setRbKeyDescription(null);
serviceConfigDefObj.setRbKeyLabel(null);
serviceConfigDefObj.setRbKeyValidationMessage(null);
serviceConfigDefObj.setSubType(null);
configs.add(serviceConfigDefObj);
List<RangerResourceDef> resources = new ArrayList<RangerResourceDef>();
List<RangerAccessTypeDef> accessTypes = new ArrayList<RangerAccessTypeDef>();
List<RangerPolicyConditionDef> policyConditions = new ArrayList<RangerPolicyConditionDef>();
List<RangerContextEnricherDef> contextEnrichers = new ArrayList<RangerContextEnricherDef>();
List<RangerEnumDef> enums = new ArrayList<RangerEnumDef>();
RangerServiceDef rangerServiceDef = new RangerServiceDef();
rangerServiceDef.setId(Id);
rangerServiceDef.setName("RangerServiceHdfs");
rangerServiceDef.setImplClass("RangerServiceHdfs");
rangerServiceDef.setLabel("HDFS Repository");
rangerServiceDef.setDescription("HDFS Repository");
rangerServiceDef.setRbKeyDescription(null);
rangerServiceDef.setUpdatedBy("Admin");
rangerServiceDef.setUpdateTime(new Date());
rangerServiceDef.setConfigs(configs);
rangerServiceDef.setResources(resources);
rangerServiceDef.setAccessTypes(accessTypes);
rangerServiceDef.setPolicyConditions(policyConditions);
rangerServiceDef.setContextEnrichers(contextEnrichers);
rangerServiceDef.setEnums(enums);
return rangerServiceDef;
}
Also used :
RangerServiceConfigDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef)
ArrayList(java.util.ArrayList)
RangerEnumDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef)
RangerPolicyConditionDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef)
Date(java.util.Date)
RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef)
RangerContextEnricherDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
Aggregations
RangerResourceDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)50
ArrayList (java.util.ArrayList)19
Test (org.junit.Test)15
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)12
RangerAccessTypeDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef)12
Date (java.util.Date)11
RangerPolicyResource (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)11
RangerContextEnricherDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef)10
RangerEnumDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef)10
RangerPolicyConditionDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef)10
RangerServiceConfigDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef)10
List (java.util.List)7
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)7
HashSet (java.util.HashSet)5
XXResourceDef (org.apache.ranger.entity.XXResourceDef)5
RangerServiceDefHelper (org.apache.ranger.plugin.model.validation.RangerServiceDefHelper)4
RangerResourceMatcher (org.apache.ranger.plugin.resourcematcher.RangerResourceMatcher)4
VXString (org.apache.ranger.view.VXString)4
HashMap (java.util.HashMap)3
XXResourceDefDao (org.apache.ranger.db.XXResourceDefDao)3
