Search in sources :

Example 6 with RangerServiceDefValidator

use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.

the class PatchForNifiResourceUpdateExclude_J10011 method updateNifiServiceDef.

private void updateNifiServiceDef() {
    RangerServiceDef ret = null;
    RangerServiceDef dbNifiServiceDef = null;
    try {
        dbNifiServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME);
        if (dbNifiServiceDef != null) {
            List<RangerResourceDef> rRDefList = null;
            rRDefList = dbNifiServiceDef.getResources();
            if (CollectionUtils.isNotEmpty(rRDefList)) {
                for (RangerResourceDef rRDef : rRDefList) {
                    if (rRDef.getExcludesSupported()) {
                        rRDef.setExcludesSupported(false);
                    }
                    XXResourceDef sdf = daoMgr.getXXResourceDef().findByNameAndServiceDefId(rRDef.getName(), dbNifiServiceDef.getId());
                    long ResourceDefId = sdf.getId();
                    List<XXPolicyResource> RangerPolicyResourceList = daoMgr.getXXPolicyResource().findByResDefId(ResourceDefId);
                    if (CollectionUtils.isNotEmpty(RangerPolicyResourceList)) {
                        for (XXPolicyResource RangerPolicyResource : RangerPolicyResourceList) {
                            if (RangerPolicyResource.getIsexcludes()) {
                                RangerPolicy rPolicy = svcDBStore.getPolicy(RangerPolicyResource.getPolicyid());
                                rPolicy.setIsEnabled(false);
                                svcStore.updatePolicy(rPolicy);
                            }
                        }
                    }
                }
            }
            RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
            validator.validate(dbNifiServiceDef, Action.UPDATE);
            ret = svcStore.updateServiceDef(dbNifiServiceDef);
        }
        if (ret == null) {
            logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME + "service-def");
        }
    } catch (Exception e) {
        logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME + "service-def", e);
    }
}
Also used : RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy) XXPolicyResource(org.apache.ranger.entity.XXPolicyResource) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) XXResourceDef(org.apache.ranger.entity.XXResourceDef) RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator) RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)

Example 7 with RangerServiceDefValidator

use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.

the class PatchForTagServiceDefUpdate_J10008 method updateTagServiceDef.

private void updateTagServiceDef() {
    RangerServiceDef embeddedTagServiceDef = null;
    RangerServiceDef dbTagServiceDef = null;
    List<RangerServiceDef.RangerPolicyConditionDef> embeddedTagPolicyConditionDefs = null;
    XXServiceDef xXServiceDefObj = null;
    try {
        embeddedTagServiceDef = EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
        if (embeddedTagServiceDef != null) {
            embeddedTagPolicyConditionDefs = embeddedTagServiceDef.getPolicyConditions();
            if (embeddedTagPolicyConditionDefs == null) {
                logger.error("Policy Conditions are empyt in tag service def json");
                return;
            }
            if (checkScriptPolicyCondPresent(embeddedTagPolicyConditionDefs) == false) {
                logger.error(SCRIPT_POLICY_CONDITION_NAME + "policy condition not found!!");
                return;
            }
            xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
            if (xXServiceDefObj == null) {
                logger.error("Service def for " + SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME + " is not found!!");
                return;
            }
            Map<String, String> serviceDefOptionsPreUpdate = null;
            String jsonStrPreUpdate = null;
            jsonStrPreUpdate = xXServiceDefObj.getDefOptions();
            if (!StringUtils.isEmpty(jsonStrPreUpdate)) {
                serviceDefOptionsPreUpdate = jsonUtil.jsonToMap(jsonStrPreUpdate);
            }
            xXServiceDefObj = null;
            dbTagServiceDef = svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
            if (dbTagServiceDef != null) {
                dbTagServiceDef.setPolicyConditions(embeddedTagPolicyConditionDefs);
                RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
                validator.validate(dbTagServiceDef, Action.UPDATE);
                svcStore.updateServiceDef(dbTagServiceDef);
                xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
                if (xXServiceDefObj != null) {
                    String jsonStrPostUpdate = xXServiceDefObj.getDefOptions();
                    Map<String, String> serviceDefOptionsPostUpdate = null;
                    if (!StringUtils.isEmpty(jsonStrPostUpdate)) {
                        serviceDefOptionsPostUpdate = jsonUtil.jsonToMap(jsonStrPostUpdate);
                    }
                    if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
                        if (serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
                            String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
                            if (preUpdateValue == null) {
                                serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
                            } else {
                                serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
                            }
                            xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
                            daoMgr.getXXServiceDef().update(xXServiceDefObj);
                        }
                    }
                }
            }
        }
    } catch (Exception e) {
        logger.error("Error while updating " + SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME + "service-def", e);
    }
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef) RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)

Aggregations

RangerServiceDefValidator (org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)7 RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)6 XXServiceDef (org.apache.ranger.entity.XXServiceDef)4 Path (javax.ws.rs.Path)3 Produces (javax.ws.rs.Produces)3 WebApplicationException (javax.ws.rs.WebApplicationException)3 RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)3 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)3 DELETE (javax.ws.rs.DELETE)1 POST (javax.ws.rs.POST)1 PUT (javax.ws.rs.PUT)1 XXPolicyResource (org.apache.ranger.entity.XXPolicyResource)1 XXResourceDef (org.apache.ranger.entity.XXResourceDef)1 RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)1 RangerDataMaskDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef)1 RangerResourceDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)1 RangerRowFilterDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerRowFilterDef)1 VXString (org.apache.ranger.view.VXString)1