Example 11 with RangerTag
use of org.apache.ranger.plugin.model.RangerTag in project ranger by apache.
the class ServiceTagsProcessor method addOrUpdate.
// Map tagdef, tag, serviceResource ids to created ids and use them in tag-resource-mapping
private void addOrUpdate(ServiceTags serviceTags) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceTagsProcessor.createOrUpdate()");
}
Map<Long, RangerTagDef> tagDefsInStore = new HashMap<Long, RangerTagDef>();
Map<Long, RangerServiceResource> resourcesInStore = new HashMap<Long, RangerServiceResource>();
if (MapUtils.isNotEmpty(serviceTags.getTagDefinitions())) {
RangerTagDef tagDef = null;
try {
for (Map.Entry<Long, RangerTagDef> entry : serviceTags.getTagDefinitions().entrySet()) {
tagDef = entry.getValue();
RangerTagDef existing = null;
if (StringUtils.isNotEmpty(tagDef.getGuid())) {
existing = tagStore.getTagDefByGuid(tagDef.getGuid());
}
if (existing == null && StringUtils.isNotEmpty(tagDef.getName())) {
existing = tagStore.getTagDefByName(tagDef.getName());
}
RangerTagDef tagDefInStore = null;
if (existing == null) {
tagDefInStore = tagStore.createTagDef(tagDef);
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("tagDef for name:" + tagDef.getName() + " exists, will not update it");
}
tagDefInStore = existing;
}
tagDefsInStore.put(entry.getKey(), tagDefInStore);
}
} catch (Exception exception) {
LOG.error("createTagDef failed, tagDef=" + tagDef, exception);
throw exception;
}
}
List<RangerServiceResource> resources = serviceTags.getServiceResources();
if (CollectionUtils.isNotEmpty(resources)) {
RangerServiceResource resource = null;
try {
for (int i = 0; i < resources.size(); i++) {
resource = resources.get(i);
RangerServiceResource existing = null;
String resourceSignature = null;
Long resourceId = resource.getId();
if (StringUtils.isNotEmpty(resource.getGuid())) {
existing = tagStore.getServiceResourceByGuid(resource.getGuid());
}
if (existing == null) {
if (MapUtils.isNotEmpty(resource.getResourceElements())) {
RangerServiceResourceSignature serializer = new RangerServiceResourceSignature(resource);
resourceSignature = serializer.getSignature();
resource.setResourceSignature(resourceSignature);
existing = tagStore.getServiceResourceByServiceAndResourceSignature(resource.getServiceName(), resourceSignature);
}
}
RangerServiceResource resourceInStore = null;
if (existing == null) {
resourceInStore = tagStore.createServiceResource(resource);
} else if (StringUtils.isEmpty(resource.getServiceName()) || MapUtils.isEmpty(resource.getResourceElements())) {
resourceInStore = existing;
} else {
resource.setId(existing.getId());
resource.setGuid(existing.getGuid());
resourceInStore = tagStore.updateServiceResource(resource);
}
resourcesInStore.put(resourceId, resourceInStore);
}
} catch (Exception exception) {
LOG.error("createServiceResource failed, resource=" + resource, exception);
throw exception;
}
}
if (MapUtils.isNotEmpty(serviceTags.getResourceToTagIds())) {
for (Map.Entry<Long, List<Long>> entry : serviceTags.getResourceToTagIds().entrySet()) {
Long resourceId = entry.getKey();
RangerServiceResource resourceInStore = resourcesInStore.get(resourceId);
if (resourceInStore == null) {
LOG.error("Resource (id=" + resourceId + ") not found. Skipping tags update");
continue;
}
// Get all tags associated with this resourceId
List<RangerTag> associatedTags = null;
try {
associatedTags = tagStore.getTagsForResourceId(resourceInStore.getId());
} catch (Exception exception) {
LOG.error("RangerTags cannot be retrieved for resource with guid=" + resourceInStore.getGuid());
throw exception;
}
List<RangerTag> tagsToRetain = new ArrayList<RangerTag>();
List<Long> tagIds = entry.getValue();
try {
for (Long tagId : tagIds) {
RangerTag incomingTag = MapUtils.isNotEmpty(serviceTags.getTags()) ? serviceTags.getTags().get(tagId) : null;
if (incomingTag == null) {
LOG.error("Tag (id=" + tagId + ") not found. Skipping addition of this tag for resource (id=" + resourceId + ")");
continue;
}
RangerTag matchingTag = findMatchingTag(incomingTag, associatedTags);
if (matchingTag == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("Did not find matching tag for tagId=" + tagId);
}
// create new tag from incoming tag and associate it with service-resource
RangerTag newTag = tagStore.createTag(incomingTag);
RangerTagResourceMap tagResourceMap = new RangerTagResourceMap();
tagResourceMap.setTagId(newTag.getId());
tagResourceMap.setResourceId(resourceInStore.getId());
tagResourceMap = tagStore.createTagResourceMap(tagResourceMap);
associatedTags.add(newTag);
tagsToRetain.add(newTag);
continue;
}
if (LOG.isDebugEnabled()) {
LOG.debug("Found matching tag for tagId=" + tagId + ", matchingTag=" + matchingTag);
}
if (isResourcePrivateTag(incomingTag)) {
if (!isResourcePrivateTag(matchingTag)) {
// create new tag from incoming tag and associate it with service-resource
RangerTag newTag = tagStore.createTag(incomingTag);
RangerTagResourceMap tagResourceMap = new RangerTagResourceMap();
tagResourceMap.setTagId(newTag.getId());
tagResourceMap.setResourceId(resourceInStore.getId());
tagResourceMap = tagStore.createTagResourceMap(tagResourceMap);
associatedTags.add(newTag);
tagsToRetain.add(newTag);
} else {
// Keep this tag, but update it with attribute-values from incoming tag
tagsToRetain.add(matchingTag);
if (StringUtils.equals(incomingTag.getGuid(), matchingTag.getGuid())) {
// matching tag was found because of Guid match
if (LOG.isDebugEnabled()) {
LOG.debug("Updating existing private tag with id=" + matchingTag.getId());
}
// update private tag with new values
incomingTag.setId(matchingTag.getId());
tagStore.updateTag(incomingTag);
}
}
} else {
// shared model
if (isResourcePrivateTag(matchingTag)) {
// create new tag from incoming tag and associate it with service-resource
RangerTag newTag = tagStore.createTag(incomingTag);
RangerTagResourceMap tagResourceMap = new RangerTagResourceMap();
tagResourceMap.setTagId(newTag.getId());
tagResourceMap.setResourceId(resourceInStore.getId());
tagResourceMap = tagStore.createTagResourceMap(tagResourceMap);
associatedTags.add(newTag);
tagsToRetain.add(newTag);
} else {
// Keep this tag, but update it with attribute-values from incoming tag
tagsToRetain.add(matchingTag);
// Update shared tag with new values
incomingTag.setId(matchingTag.getId());
tagStore.updateTag(incomingTag);
// associate with service-resource if not already associated
if (findTagInList(matchingTag, associatedTags) == null) {
RangerTagResourceMap tagResourceMap = new RangerTagResourceMap();
tagResourceMap.setTagId(matchingTag.getId());
tagResourceMap.setResourceId(resourceInStore.getId());
tagResourceMap = tagStore.createTagResourceMap(tagResourceMap);
}
}
}
}
} catch (Exception exception) {
LOG.error("createRangerTagResourceMap failed", exception);
throw exception;
}
if (CollectionUtils.isNotEmpty(associatedTags)) {
Long tagId = null;
try {
for (RangerTag associatedTag : associatedTags) {
if (findTagInList(associatedTag, tagsToRetain) == null) {
tagId = associatedTag.getId();
RangerTagResourceMap tagResourceMap = tagStore.getTagResourceMapForTagAndResourceId(tagId, resourceInStore.getId());
if (tagResourceMap != null) {
tagStore.deleteTagResourceMap(tagResourceMap.getId());
}
if (LOG.isDebugEnabled()) {
LOG.debug("Deleted tagResourceMap(tagId=" + tagId + ", resourceId=" + resourceInStore.getId());
}
}
}
} catch (Exception exception) {
LOG.error("deleteTagResourceMap failed, tagId=" + tagId + ", resourceId=" + resourceInStore.getId());
throw exception;
}
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceTagsProcessor.createOrUpdate()");
}
}
Also used :
RangerTagDef(org.apache.ranger.plugin.model.RangerTagDef)
HashMap(java.util.HashMap)
RangerServiceResource(org.apache.ranger.plugin.model.RangerServiceResource)
ArrayList(java.util.ArrayList)
RangerServiceResourceSignature(org.apache.ranger.plugin.store.RangerServiceResourceSignature)
RangerTag(org.apache.ranger.plugin.model.RangerTag)
ArrayList(java.util.ArrayList)
List(java.util.List)
RangerTagResourceMap(org.apache.ranger.plugin.model.RangerTagResourceMap)
RangerTagResourceMap(org.apache.ranger.plugin.model.RangerTagResourceMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 12 with RangerTag
use of org.apache.ranger.plugin.model.RangerTag in project ranger by apache.
the class ServiceTagsProcessor method delete.
private void delete(ServiceTags serviceTags) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceTagsProcessor.delete()");
}
// We dont expect any resourceId->tagId mappings in delete operation, so ignoring them if specified
List<RangerServiceResource> serviceResources = serviceTags.getServiceResources();
if (CollectionUtils.isNotEmpty(serviceResources)) {
for (RangerServiceResource serviceResource : serviceResources) {
RangerServiceResource objToDelete = null;
try {
if (StringUtils.isNotBlank(serviceResource.getGuid())) {
objToDelete = tagStore.getServiceResourceByGuid(serviceResource.getGuid());
}
if (objToDelete == null) {
if (MapUtils.isNotEmpty(serviceResource.getResourceElements())) {
RangerServiceResourceSignature serializer = new RangerServiceResourceSignature(serviceResource);
String serviceResourceSignature = serializer.getSignature();
objToDelete = tagStore.getServiceResourceByServiceAndResourceSignature(serviceResource.getServiceName(), serviceResourceSignature);
}
}
if (objToDelete != null) {
List<RangerTagResourceMap> tagResourceMaps = tagStore.getTagResourceMapsForResourceGuid(objToDelete.getGuid());
if (CollectionUtils.isNotEmpty(tagResourceMaps)) {
for (RangerTagResourceMap tagResourceMap : tagResourceMaps) {
tagStore.deleteTagResourceMap(tagResourceMap.getId());
}
}
tagStore.deleteServiceResource(objToDelete.getId());
}
} catch (Exception exception) {
LOG.error("deleteServiceResourceByGuid failed, guid=" + serviceResource.getGuid(), exception);
throw exception;
}
}
}
Map<Long, RangerTag> tagsMap = serviceTags.getTags();
if (MapUtils.isNotEmpty(tagsMap)) {
for (Map.Entry<Long, RangerTag> entry : tagsMap.entrySet()) {
RangerTag tag = entry.getValue();
try {
RangerTag objToDelete = tagStore.getTagByGuid(tag.getGuid());
if (objToDelete != null) {
tagStore.deleteTag(objToDelete.getId());
}
} catch (Exception exception) {
LOG.error("deleteTag failed, guid=" + tag.getGuid(), exception);
throw exception;
}
}
}
Map<Long, RangerTagDef> tagDefsMap = serviceTags.getTagDefinitions();
if (MapUtils.isNotEmpty(tagDefsMap)) {
for (Map.Entry<Long, RangerTagDef> entry : tagDefsMap.entrySet()) {
RangerTagDef tagDef = entry.getValue();
try {
RangerTagDef objToDelete = tagStore.getTagDefByGuid(tagDef.getGuid());
if (objToDelete != null) {
tagStore.deleteTagDef(objToDelete.getId());
}
} catch (Exception exception) {
LOG.error("deleteTagDef failed, guid=" + tagDef.getGuid(), exception);
throw exception;
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceTagsProcessor.delete()");
}
}
Also used :
RangerTagDef(org.apache.ranger.plugin.model.RangerTagDef)
RangerServiceResource(org.apache.ranger.plugin.model.RangerServiceResource)
RangerServiceResourceSignature(org.apache.ranger.plugin.store.RangerServiceResourceSignature)
RangerTag(org.apache.ranger.plugin.model.RangerTag)
RangerTagResourceMap(org.apache.ranger.plugin.model.RangerTagResourceMap)
RangerTagResourceMap(org.apache.ranger.plugin.model.RangerTagResourceMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 13 with RangerTag
use of org.apache.ranger.plugin.model.RangerTag in project ranger by apache.
the class TagREST method updateTagByGuid.
@PUT
@Path(TagRESTConstants.TAG_RESOURCE + "guid/{guid}")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
public RangerTag updateTagByGuid(@PathParam("guid") String guid, RangerTag tag) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> TagREST.updateTagByGuid(" + guid + ")");
}
RangerTag ret;
try {
validator.preUpdateTagByGuid(guid, tag);
ret = tagStore.updateTag(tag);
} catch (Exception excp) {
LOG.error("updateTagByGuid(" + guid + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== TagREST.updateTagByGuid(" + guid + "): " + ret);
}
return ret;
}
Also used :
RangerTag(org.apache.ranger.plugin.model.RangerTag)
WebApplicationException(javax.ws.rs.WebApplicationException)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
PUT(javax.ws.rs.PUT)
Example 14 with RangerTag
use of org.apache.ranger.plugin.model.RangerTag in project ranger by apache.
the class TagREST method deleteTagByGuid.
@DELETE
@Path(TagRESTConstants.TAG_RESOURCE + "guid/{guid}")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
public void deleteTagByGuid(@PathParam("guid") String guid) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> TagREST.deleteTagByGuid(" + guid + ")");
}
try {
RangerTag exist = validator.preDeleteTagByGuid(guid);
tagStore.deleteTag(exist.getId());
} catch (Exception excp) {
LOG.error("deleteTagByGuid(" + guid + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== TagREST.deleteTagByGuid(" + guid + ")");
}
}
Also used :
RangerTag(org.apache.ranger.plugin.model.RangerTag)
WebApplicationException(javax.ws.rs.WebApplicationException)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
Produces(javax.ws.rs.Produces)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 15 with RangerTag
use of org.apache.ranger.plugin.model.RangerTag in project ranger by apache.
the class RangerTagService method postUpdate.
@Override
public RangerTag postUpdate(XXTag tag) {
RangerTag ret = super.postUpdate(tag);
daoMgr.getXXServiceVersionInfo().updateServiceVersionInfoForTagUpdate(tag.getId(), tag.getUpdateTime());
return ret;
}
Also used :
RangerTag(org.apache.ranger.plugin.model.RangerTag)
Aggregations
RangerTag (org.apache.ranger.plugin.model.RangerTag)30
WebApplicationException (javax.ws.rs.WebApplicationException)13
ArrayList (java.util.ArrayList)12
Test (org.junit.Test)10
ExpectedException (org.junit.rules.ExpectedException)10
XXTag (org.apache.ranger.entity.XXTag)5
HashMap (java.util.HashMap)4
Map (java.util.Map)4
RangerServiceResource (org.apache.ranger.plugin.model.RangerServiceResource)4
RangerTagDef (org.apache.ranger.plugin.model.RangerTagDef)4
RangerTagResourceMap (org.apache.ranger.plugin.model.RangerTagResourceMap)4
Path (javax.ws.rs.Path)3
Produces (javax.ws.rs.Produces)3
Predicate (org.apache.commons.collections.Predicate)3
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)3
HashSet (java.util.HashSet)2
List (java.util.List)2
PUT (javax.ws.rs.PUT)2
RangerServiceResourceSignature (org.apache.ranger.plugin.store.RangerServiceResourceSignature)2
ServiceTags (org.apache.ranger.plugin.util.ServiceTags)2
