Example 6 with RangerValiditySchedule
use of org.apache.ranger.plugin.model.RangerValiditySchedule in project ranger by apache.
the class RangerPolicyServiceBase method mapEntityToViewBean.
@Override
protected V mapEntityToViewBean(V vObj, T xObj) {
XXService xService = daoMgr.getXXService().getById(xObj.getService());
vObj.setGuid(xObj.getGuid());
vObj.setVersion(xObj.getVersion());
vObj.setService(xService.getName());
vObj.setName(StringUtils.trim(xObj.getName()));
vObj.setPolicyType(xObj.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xObj.getPolicyType());
vObj.setPolicyPriority(xObj.getPolicyPriority() == null ? RangerPolicy.POLICY_PRIORITY_NORMAL : xObj.getPolicyPriority());
vObj.setDescription(xObj.getDescription());
vObj.setResourceSignature(xObj.getResourceSignature());
vObj.setIsEnabled(xObj.getIsEnabled());
vObj.setIsAuditEnabled(xObj.getIsAuditEnabled());
Map<String, Object> options = JsonUtils.jsonToObject(xObj.getOptions(), Map.class);
if (MapUtils.isNotEmpty(options)) {
String optionPolicyValiditySchedule = (String) options.remove(OPTION_POLICY_VALIDITY_SCHEDULES);
if (StringUtils.isNotBlank(optionPolicyValiditySchedule)) {
List<RangerValiditySchedule> validitySchedules = JsonUtils.jsonToRangerValiditySchedule(optionPolicyValiditySchedule);
vObj.setValiditySchedules(validitySchedules);
}
}
vObj.setOptions(options);
return vObj;
}
Also used :
RangerValiditySchedule(org.apache.ranger.plugin.model.RangerValiditySchedule)
XXService(org.apache.ranger.entity.XXService)
Example 7 with RangerValiditySchedule
use of org.apache.ranger.plugin.model.RangerValiditySchedule in project ranger by apache.
the class TestPolicyEngine method runValiditySchedulerTests.
private void runValiditySchedulerTests(String resourceName) {
TimeZone defaultTZ = TimeZone.getDefault();
TimeZone.setDefault(TimeZone.getTimeZone("PST"));
List<ValiditySchedulerTestCase> testCases = null;
InputStream inStream = this.getClass().getResourceAsStream(resourceName);
InputStreamReader reader = new InputStreamReader(inStream);
try {
Type listType = new TypeToken<List<ValiditySchedulerTestCase>>() {
}.getType();
testCases = gsonBuilder.fromJson(reader, listType);
} catch (Exception e) {
assertFalse("Exception in reading validity-scheduler test cases.", true);
}
assertNotNull("TestCases are null!", testCases);
if (CollectionUtils.isNotEmpty(testCases)) {
for (ValiditySchedulerTestCase testCase : testCases) {
boolean isValid = true;
List<ValidationFailureDetails> validationFailures = new ArrayList<>();
boolean isApplicable = false;
List<RangerValiditySchedule> validatedSchedules = new ArrayList<>();
for (RangerValiditySchedule validitySchedule : testCase.validitySchedules) {
RangerValidityScheduleValidator validator = new RangerValidityScheduleValidator(validitySchedule);
RangerValiditySchedule validatedSchedule = validator.validate(validationFailures);
isValid = isValid && validatedSchedule != null;
if (isValid) {
validatedSchedules.add(validatedSchedule);
}
}
if (isValid) {
for (RangerValiditySchedule validSchedule : validatedSchedules) {
isApplicable = new RangerValidityScheduleEvaluator(validSchedule).isApplicable(testCase.accessTime.getTime());
if (isApplicable) {
break;
}
}
}
assertTrue(testCase.name, isValid == testCase.result.isValid);
assertTrue(testCase.name, isApplicable == testCase.result.isApplicable);
assertTrue(testCase.name + ", [" + validationFailures + "]", validationFailures.size() == testCase.result.validationFailureCount);
}
}
TimeZone.setDefault(defaultTZ);
}
Also used :
InputStreamReader(java.io.InputStreamReader)
RangerValiditySchedule(org.apache.ranger.plugin.model.RangerValiditySchedule)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
JsonParseException(com.google.gson.JsonParseException)
ValidationFailureDetails(org.apache.ranger.plugin.model.validation.ValidationFailureDetails)
TimeZone(java.util.TimeZone)
Type(java.lang.reflect.Type)
RangerValidityScheduleEvaluator(org.apache.ranger.plugin.policyevaluator.RangerValidityScheduleEvaluator)
RangerValidityScheduleValidator(org.apache.ranger.plugin.model.validation.RangerValidityScheduleValidator)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 8 with RangerValiditySchedule
use of org.apache.ranger.plugin.model.RangerValiditySchedule in project ranger by apache.
the class RangerPolicyValidator method isValidValiditySchedule.
boolean isValidValiditySchedule(RangerPolicy policy, final List<ValidationFailureDetails> failures, Action action) {
boolean valid = true;
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("==> RangerPolicyValidator.isValidValiditySchedule(%s, %s, %s)", policy, failures, action));
}
List<RangerValiditySchedule> validitySchedules = policy.getValiditySchedules();
List<RangerValiditySchedule> normalizedValiditySchedules = null;
for (RangerValiditySchedule entry : validitySchedules) {
RangerValidityScheduleValidator validator = new RangerValidityScheduleValidator(entry);
RangerValiditySchedule normalizedValiditySchedule = validator.validate(failures);
if (normalizedValiditySchedule == null) {
valid = false;
if (LOG.isDebugEnabled()) {
LOG.debug("Invalid Validity-Schedule:[" + entry + "]");
}
} else {
if (normalizedValiditySchedules == null) {
normalizedValiditySchedules = new ArrayList<>();
}
normalizedValiditySchedules.add(normalizedValiditySchedule);
}
}
if (valid && CollectionUtils.isNotEmpty(normalizedValiditySchedules)) {
policy.setValiditySchedules(normalizedValiditySchedules);
}
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("<== RangerPolicyValidator.isValidValiditySchedule(%s, %s, %s): %s", policy, failures, action, valid));
}
return valid;
}
Also used :
RangerValiditySchedule(org.apache.ranger.plugin.model.RangerValiditySchedule)
Example 9 with RangerValiditySchedule
use of org.apache.ranger.plugin.model.RangerValiditySchedule in project ranger by apache.
the class RangerAtlasEntityWithTags method toString.
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
if (entity != null) {
sb.append("{entity=").append(entity).append(", ");
}
sb.append(", classifications={");
if (CollectionUtils.isNotEmpty(tags)) {
for (EntityNotificationWrapper.RangerAtlasClassification tag : tags) {
sb.append("classificationName=").append(tag.getName());
sb.append(", attributes={");
for (Map.Entry<String, String> attribute : tag.getAttributes().entrySet()) {
sb.append("{attributeName=").append(attribute.getKey());
sb.append(",attributeValue=").append(attribute.getValue());
sb.append("}");
}
sb.append("}");
sb.append(", validityPeriods={");
if (CollectionUtils.isNotEmpty(tag.getValidityPeriods())) {
for (RangerValiditySchedule period : tag.getValidityPeriods()) {
sb.append("{").append(period).append("}");
}
}
sb.append("}");
}
}
sb.append("}");
sb.append("}");
return sb.toString();
}
Also used :
EntityNotificationWrapper(org.apache.ranger.tagsync.source.atlas.EntityNotificationWrapper)
RangerValiditySchedule(org.apache.ranger.plugin.model.RangerValiditySchedule)
Map(java.util.Map)
Aggregations
RangerValiditySchedule (org.apache.ranger.plugin.model.RangerValiditySchedule)9
ArrayList (java.util.ArrayList)3
Map (java.util.Map)2
TimeBoundary (org.apache.atlas.model.TimeBoundary)2
EntityNotificationWrapper (org.apache.ranger.tagsync.source.atlas.EntityNotificationWrapper)2
JsonParseException (com.google.gson.JsonParseException)1
FileInputStream (java.io.FileInputStream)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
InputStreamReader (java.io.InputStreamReader)1
Type (java.lang.reflect.Type)1
ParseException (java.text.ParseException)1
Date (java.util.Date)1
HashMap (java.util.HashMap)1
List (java.util.List)1
TimeZone (java.util.TimeZone)1
AtlasServiceException (org.apache.atlas.AtlasServiceException)1
AtlasBaseException (org.apache.atlas.exception.AtlasBaseException)1
AtlasClassificationType (org.apache.atlas.type.AtlasClassificationType)1
AtlasStructType (org.apache.atlas.type.AtlasStructType)1
