Example 21 with RangerServiceDefValidator
use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.
the class PatchForKafkaServiceDefUpdate_J10033 method updateKafkaServiceDef.
private void updateKafkaServiceDef() {
RangerServiceDef ret = null;
RangerServiceDef embeddedKafkaServiceDef = null;
RangerServiceDef dbKafkaServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedKafkaResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedKafkaAccessTypes = null;
XXServiceDef xXServiceDefObj = null;
try {
embeddedKafkaServiceDef = EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if (embeddedKafkaServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
Map<String, String> serviceDefOptionsPreUpdate = null;
String jsonStrPreUpdate = null;
if (xXServiceDefObj != null) {
jsonStrPreUpdate = xXServiceDefObj.getDefOptions();
serviceDefOptionsPreUpdate = jsonStringToMap(jsonStrPreUpdate);
xXServiceDefObj = null;
}
dbKafkaServiceDef = svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if (dbKafkaServiceDef != null) {
embeddedKafkaResourceDefs = embeddedKafkaServiceDef.getResources();
embeddedKafkaAccessTypes = embeddedKafkaServiceDef.getAccessTypes();
if (checkNewKafkaresourcePresent(embeddedKafkaResourceDefs)) {
// This is to check if CONSUMERGROUP resource is added to the resource definition, if so update the resource def and accessType def
if (embeddedKafkaResourceDefs != null) {
dbKafkaServiceDef.setResources(embeddedKafkaResourceDefs);
}
if (embeddedKafkaAccessTypes != null) {
if (!embeddedKafkaAccessTypes.toString().equalsIgnoreCase(dbKafkaServiceDef.getAccessTypes().toString())) {
dbKafkaServiceDef.setAccessTypes(embeddedKafkaAccessTypes);
}
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbKafkaServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbKafkaServiceDef);
if (ret == null) {
logger.error("Error while updating " + SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME + "service-def");
throw new RuntimeException("Error while updating " + SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME + "service-def");
}
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if (xXServiceDefObj != null) {
String jsonStrPostUpdate = xXServiceDefObj.getDefOptions();
Map<String, String> serviceDefOptionsPostUpdate = jsonStringToMap(jsonStrPostUpdate);
if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
if (serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
if (preUpdateValue == null) {
serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
} else {
serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
}
xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
daoMgr.getXXServiceDef().update(xXServiceDefObj);
}
}
createDefaultPolicyForNewResources();
}
}
}
} catch (Exception e) {
logger.error("Error while updating " + SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME + "service-def", e);
}
}
Also used :
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)
Example 22 with RangerServiceDefValidator
use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.
the class PatchForOzoneServiceDefConfigUpdate_J10051 method updateOzoneServiceDef.
private boolean updateOzoneServiceDef() throws Exception {
RangerServiceDef ret;
RangerServiceDef embeddedOzoneServiceDef;
RangerServiceDef dbOzoneServiceDef;
List<RangerServiceDef.RangerServiceConfigDef> embeddedOzoneConfigDefs;
XXServiceDef xXServiceDefObj;
embeddedOzoneServiceDef = EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_OZONE_NAME);
if (embeddedOzoneServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_OZONE_NAME);
Map<String, String> serviceDefOptionsPreUpdate;
String jsonPreUpdate;
if (xXServiceDefObj != null) {
jsonPreUpdate = xXServiceDefObj.getDefOptions();
serviceDefOptionsPreUpdate = jsonStringToMap(jsonPreUpdate);
} else {
logger.error("Ozone service-definition does not exist in the Ranger DAO.");
return false;
}
dbOzoneServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_OZONE_NAME);
if (dbOzoneServiceDef != null) {
// Update old Ozone configs
embeddedOzoneConfigDefs = embeddedOzoneServiceDef.getConfigs();
for (RangerServiceDef.RangerServiceConfigDef configDef : embeddedOzoneConfigDefs) {
if (StringUtils.equalsIgnoreCase(configDef.getName(), "hadoop.security.authorization")) {
configDef.setMandatory(false);
break;
}
}
dbOzoneServiceDef.setConfigs(embeddedOzoneConfigDefs);
} else {
logger.error("Ozone service-definition does not exist in the db store.");
return false;
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcDBStore);
validator.validate(dbOzoneServiceDef, RangerValidator.Action.UPDATE);
ret = svcDBStore.updateServiceDef(dbOzoneServiceDef);
if (ret == null) {
throw new RuntimeException("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_OZONE_NAME + " service-def");
}
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_OZONE_NAME);
if (xXServiceDefObj != null) {
String jsonStrPostUpdate = xXServiceDefObj.getDefOptions();
Map<String, String> serviceDefOptionsPostUpdate = jsonStringToMap(jsonStrPostUpdate);
if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
if (serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
if (preUpdateValue == null) {
serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
} else {
serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
}
xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
daoMgr.getXXServiceDef().update(xXServiceDefObj);
}
}
} else {
logger.error("Ozone service-definition does not exist in the Ranger DAO.");
return false;
}
} else {
logger.error("The embedded Ozone service-definition does not exist.");
return false;
}
return true;
}
Also used :
XXServiceDef(org.apache.ranger.entity.XXServiceDef)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)
Example 23 with RangerServiceDefValidator
use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.
the class PatchForPrestoToSupportPresto333_J10038 method addPresto333Support.
private void addPresto333Support() throws Exception {
RangerServiceDef ret = null;
RangerServiceDef embeddedPrestoServiceDef = null;
XXServiceDef xXServiceDefObj = null;
RangerServiceDef dbPrestoServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedPrestoResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedPrestoAccessTypes = null;
embeddedPrestoServiceDef = EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
if (embeddedPrestoServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
if (xXServiceDefObj == null) {
logger.info(xXServiceDefObj + ": service-def not found. No patching is needed");
return;
}
dbPrestoServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
embeddedPrestoResourceDefs = embeddedPrestoServiceDef.getResources();
embeddedPrestoAccessTypes = embeddedPrestoServiceDef.getAccessTypes();
if (checkResourcePresent(PRESTO_RESOURCES, embeddedPrestoResourceDefs)) {
dbPrestoServiceDef.setResources(embeddedPrestoResourceDefs);
if (checkAccessPresent(PRESTO_ACCESS_TYPES, embeddedPrestoAccessTypes)) {
dbPrestoServiceDef.setAccessTypes(embeddedPrestoAccessTypes);
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbPrestoServiceDef, RangerValidator.Action.UPDATE);
ret = svcStore.updateServiceDef(dbPrestoServiceDef);
if (ret == null) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME + " service-def");
throw new RuntimeException("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME + " service-def");
}
}
}
Also used :
XXServiceDef(org.apache.ranger.entity.XXServiceDef)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)
Example 24 with RangerServiceDefValidator
use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.
the class ServiceDBStore method createServiceDef.
@Override
public RangerServiceDef createServiceDef(RangerServiceDef serviceDef) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.createServiceDef(" + serviceDef + ")");
}
XXServiceDef xServiceDef = daoMgr.getXXServiceDef().findByName(serviceDef.getName());
if (xServiceDef != null) {
throw restErrorUtil.createRESTException("service-def with name: " + serviceDef.getName() + " already exists", MessageEnums.ERROR_DUPLICATE_OBJECT);
}
List<RangerServiceConfigDef> configs = serviceDef.getConfigs();
List<RangerResourceDef> resources = serviceDef.getResources();
if (CollectionUtils.isNotEmpty(resources)) {
RangerServiceDefValidator validator = new RangerServiceDefValidator(this);
List<ValidationFailureDetails> failures = new ArrayList<>();
boolean isValidResources = validator.isValidResources(serviceDef, failures, RangerValidator.Action.CREATE);
if (!isValidResources) {
throw restErrorUtil.createRESTException("service-def with name: " + serviceDef.getName() + " has invalid resources:[" + failures.toString() + "]", MessageEnums.INVALID_INPUT_DATA);
}
}
List<RangerAccessTypeDef> accessTypes = serviceDef.getAccessTypes();
List<RangerPolicyConditionDef> policyConditions = serviceDef.getPolicyConditions();
List<RangerContextEnricherDef> contextEnrichers = serviceDef.getContextEnrichers();
List<RangerEnumDef> enums = serviceDef.getEnums();
RangerDataMaskDef dataMaskDef = serviceDef.getDataMaskDef();
RangerRowFilterDef rowFilterDef = serviceDef.getRowFilterDef();
List<RangerDataMaskTypeDef> dataMaskTypes = dataMaskDef == null || dataMaskDef.getMaskTypes() == null ? new ArrayList<RangerDataMaskTypeDef>() : dataMaskDef.getMaskTypes();
List<RangerAccessTypeDef> dataMaskAccessTypes = dataMaskDef == null || dataMaskDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : dataMaskDef.getAccessTypes();
List<RangerResourceDef> dataMaskResources = dataMaskDef == null || dataMaskDef.getResources() == null ? new ArrayList<RangerResourceDef>() : dataMaskDef.getResources();
List<RangerAccessTypeDef> rowFilterAccessTypes = rowFilterDef == null || rowFilterDef.getAccessTypes() == null ? new ArrayList<RangerAccessTypeDef>() : rowFilterDef.getAccessTypes();
List<RangerResourceDef> rowFilterResources = rowFilterDef == null || rowFilterDef.getResources() == null ? new ArrayList<RangerResourceDef>() : rowFilterDef.getResources();
RangerServiceDefHelper defHelper = new RangerServiceDefHelper(serviceDef, false);
defHelper.patchServiceDefWithDefaultValues();
// While creating, value of version should be 1.
serviceDef.setVersion(Long.valueOf(1));
if (populateExistingBaseFields) {
svcDefServiceWithAssignedId.setPopulateExistingBaseFields(true);
daoMgr.getXXServiceDef().setIdentityInsert(true);
svcDefServiceWithAssignedId.create(serviceDef);
svcDefServiceWithAssignedId.setPopulateExistingBaseFields(false);
daoMgr.getXXServiceDef().updateSequence();
daoMgr.getXXServiceDef().setIdentityInsert(false);
} else {
// following fields will be auto populated
serviceDef.setId(null);
serviceDef.setCreateTime(null);
serviceDef.setUpdateTime(null);
serviceDef = serviceDefService.create(serviceDef);
}
Long serviceDefId = serviceDef.getId();
XXServiceDef createdSvcDef = daoMgr.getXXServiceDef().getById(serviceDefId);
XXServiceConfigDefDao xxServiceConfigDao = daoMgr.getXXServiceConfigDef();
for (int i = 0; i < configs.size(); i++) {
RangerServiceConfigDef config = configs.get(i);
XXServiceConfigDef xConfig = new XXServiceConfigDef();
xConfig = serviceDefService.populateRangerServiceConfigDefToXX(config, xConfig, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xConfig.setOrder(i);
xConfig = xxServiceConfigDao.create(xConfig);
}
XXResourceDefDao xxResDefDao = daoMgr.getXXResourceDef();
for (int i = 0; i < resources.size(); i++) {
RangerResourceDef resource = resources.get(i);
XXResourceDef parent = xxResDefDao.findByNameAndServiceDefId(resource.getParent(), serviceDefId);
Long parentId = (parent != null) ? parent.getId() : null;
XXResourceDef xResource = new XXResourceDef();
xResource = serviceDefService.populateRangerResourceDefToXX(resource, xResource, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xResource.setOrder(i);
xResource.setParent(parentId);
xResource = xxResDefDao.create(xResource);
}
XXAccessTypeDefDao xxATDDao = daoMgr.getXXAccessTypeDef();
for (int i = 0; i < accessTypes.size(); i++) {
RangerAccessTypeDef accessType = accessTypes.get(i);
XXAccessTypeDef xAccessType = new XXAccessTypeDef();
xAccessType = serviceDefService.populateRangerAccessTypeDefToXX(accessType, xAccessType, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xAccessType.setOrder(i);
xAccessType = xxATDDao.create(xAccessType);
Collection<String> impliedGrants = accessType.getImpliedGrants();
XXAccessTypeDefGrantsDao xxATDGrantDao = daoMgr.getXXAccessTypeDefGrants();
for (String impliedGrant : impliedGrants) {
XXAccessTypeDefGrants xImpliedGrant = new XXAccessTypeDefGrants();
xImpliedGrant.setAtdId(xAccessType.getId());
xImpliedGrant.setImpliedGrant(impliedGrant);
xImpliedGrant = xxATDGrantDao.create(xImpliedGrant);
}
}
XXPolicyConditionDefDao xxPolCondDao = daoMgr.getXXPolicyConditionDef();
for (int i = 0; i < policyConditions.size(); i++) {
RangerPolicyConditionDef policyCondition = policyConditions.get(i);
XXPolicyConditionDef xPolicyCondition = new XXPolicyConditionDef();
xPolicyCondition = serviceDefService.populateRangerPolicyConditionDefToXX(policyCondition, xPolicyCondition, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xPolicyCondition.setOrder(i);
xPolicyCondition = xxPolCondDao.create(xPolicyCondition);
}
XXContextEnricherDefDao xxContextEnricherDao = daoMgr.getXXContextEnricherDef();
for (int i = 0; i < contextEnrichers.size(); i++) {
RangerContextEnricherDef contextEnricher = contextEnrichers.get(i);
XXContextEnricherDef xContextEnricher = new XXContextEnricherDef();
xContextEnricher = serviceDefService.populateRangerContextEnricherDefToXX(contextEnricher, xContextEnricher, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xContextEnricher.setOrder(i);
xContextEnricher = xxContextEnricherDao.create(xContextEnricher);
}
XXEnumDefDao xxEnumDefDao = daoMgr.getXXEnumDef();
for (RangerEnumDef vEnum : enums) {
XXEnumDef xEnum = new XXEnumDef();
xEnum = serviceDefService.populateRangerEnumDefToXX(vEnum, xEnum, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xEnum = xxEnumDefDao.create(xEnum);
List<RangerEnumElementDef> elements = vEnum.getElements();
XXEnumElementDefDao xxEnumEleDefDao = daoMgr.getXXEnumElementDef();
for (int i = 0; i < elements.size(); i++) {
RangerEnumElementDef element = elements.get(i);
XXEnumElementDef xElement = new XXEnumElementDef();
xElement = serviceDefService.populateRangerEnumElementDefToXX(element, xElement, xEnum, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xElement.setOrder(i);
xElement = xxEnumEleDefDao.create(xElement);
}
}
XXDataMaskTypeDefDao xxDataMaskDefDao = daoMgr.getXXDataMaskTypeDef();
for (int i = 0; i < dataMaskTypes.size(); i++) {
RangerDataMaskTypeDef dataMask = dataMaskTypes.get(i);
XXDataMaskTypeDef xDataMaskDef = new XXDataMaskTypeDef();
xDataMaskDef = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xDataMaskDef, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
xDataMaskDef.setOrder(i);
xDataMaskDef = xxDataMaskDefDao.create(xDataMaskDef);
}
List<XXAccessTypeDef> xxAccessTypeDefs = xxATDDao.findByServiceDefId(createdSvcDef.getId());
for (RangerAccessTypeDef accessType : dataMaskAccessTypes) {
if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
}
}
for (RangerAccessTypeDef accessType : rowFilterAccessTypes) {
if (!isAccessTypeInList(accessType.getName(), xxAccessTypeDefs)) {
throw restErrorUtil.createRESTException("accessType with name: " + accessType.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
}
}
for (XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
String dataMaskOptions = null;
String rowFilterOptions = null;
for (RangerAccessTypeDef accessTypeDef : dataMaskAccessTypes) {
if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
break;
}
}
for (RangerAccessTypeDef accessTypeDef : rowFilterAccessTypes) {
if (StringUtils.equals(accessTypeDef.getName(), xxAccessTypeDef.getName())) {
rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(accessTypeDef);
break;
}
}
if (!StringUtils.equals(dataMaskOptions, xxAccessTypeDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxAccessTypeDef.getRowFilterOptions())) {
xxAccessTypeDef.setDataMaskOptions(dataMaskOptions);
xxAccessTypeDef.setRowFilterOptions(rowFilterOptions);
xxATDDao.update(xxAccessTypeDef);
}
}
List<XXResourceDef> xxResourceDefs = xxResDefDao.findByServiceDefId(createdSvcDef.getId());
for (RangerResourceDef resource : dataMaskResources) {
if (!isResourceInList(resource.getName(), xxResourceDefs)) {
throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
}
}
for (RangerResourceDef resource : rowFilterResources) {
if (!isResourceInList(resource.getName(), xxResourceDefs)) {
throw restErrorUtil.createRESTException("resource with name: " + resource.getName() + " does not exists", MessageEnums.DATA_NOT_FOUND);
}
}
for (XXResourceDef xxResourceDef : xxResourceDefs) {
String dataMaskOptions = null;
String rowFilterOptions = null;
for (RangerResourceDef resource : dataMaskResources) {
if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
dataMaskOptions = svcDefServiceWithAssignedId.objectToJson(resource);
break;
}
}
for (RangerResourceDef resource : rowFilterResources) {
if (StringUtils.equals(resource.getName(), xxResourceDef.getName())) {
rowFilterOptions = svcDefServiceWithAssignedId.objectToJson(resource);
break;
}
}
if (!StringUtils.equals(dataMaskOptions, xxResourceDef.getDataMaskOptions()) || !StringUtils.equals(rowFilterOptions, xxResourceDef.getRowFilterOptions())) {
xxResourceDef.setDataMaskOptions(dataMaskOptions);
xxResourceDef.setRowFilterOptions(rowFilterOptions);
xxResDefDao.update(xxResourceDef);
}
}
RangerServiceDef createdServiceDef = serviceDefService.getPopulatedViewObject(createdSvcDef);
dataHistService.createObjectDataHistory(createdServiceDef, RangerDataHistService.ACTION_CREATE);
postCreate(createdServiceDef);
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceDBStore.createServiceDef(" + serviceDef + "): " + createdServiceDef);
}
return createdServiceDef;
}
Also used :
XXServiceDef(org.apache.ranger.entity.XXServiceDef)
ArrayList(java.util.ArrayList)
RangerDataMaskDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef)
XXPolicyConditionDefDao(org.apache.ranger.db.XXPolicyConditionDefDao)
RangerPolicyConditionDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef)
VXString(org.apache.ranger.view.VXString)
XXPolicyConditionDef(org.apache.ranger.entity.XXPolicyConditionDef)
XXAccessTypeDef(org.apache.ranger.entity.XXAccessTypeDef)
XXServiceConfigDef(org.apache.ranger.entity.XXServiceConfigDef)
RangerResourceDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)
RangerServiceConfigDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef)
RangerDataMaskTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef)
XXAccessTypeDefGrantsDao(org.apache.ranger.db.XXAccessTypeDefGrantsDao)
XXEnumElementDef(org.apache.ranger.entity.XXEnumElementDef)
RangerServiceDefHelper(org.apache.ranger.plugin.model.validation.RangerServiceDefHelper)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
XXDataMaskTypeDefDao(org.apache.ranger.db.XXDataMaskTypeDefDao)
RangerEnumDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef)
XXEnumElementDefDao(org.apache.ranger.db.XXEnumElementDefDao)
RangerRowFilterDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerRowFilterDef)
XXAccessTypeDefDao(org.apache.ranger.db.XXAccessTypeDefDao)
XXAccessTypeDefGrants(org.apache.ranger.entity.XXAccessTypeDefGrants)
XXEnumDefDao(org.apache.ranger.db.XXEnumDefDao)
XXDataMaskTypeDef(org.apache.ranger.entity.XXDataMaskTypeDef)
RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)
XXResourceDefDao(org.apache.ranger.db.XXResourceDefDao)
RangerEnumElementDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef)
XXResourceDef(org.apache.ranger.entity.XXResourceDef)
ValidationFailureDetails(org.apache.ranger.plugin.model.validation.ValidationFailureDetails)
RangerAccessTypeDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef)
RangerContextEnricherDef(org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef)
XXEnumDef(org.apache.ranger.entity.XXEnumDef)
XXServiceConfigDefDao(org.apache.ranger.db.XXServiceConfigDefDao)
XXContextEnricherDef(org.apache.ranger.entity.XXContextEnricherDef)
XXContextEnricherDefDao(org.apache.ranger.db.XXContextEnricherDefDao)
Example 25 with RangerServiceDefValidator
use of org.apache.ranger.plugin.model.validation.RangerServiceDefValidator in project ranger by apache.
the class ServiceREST method updateServiceDef.
@PUT
@Path("/definitions/{id}")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.UPDATE_SERVICE_DEF + "\")")
public RangerServiceDef updateServiceDef(RangerServiceDef serviceDef) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.updateServiceDef(serviceDefName=" + serviceDef.getName() + ")");
}
RangerServiceDef ret = null;
RangerPerfTracer perf = null;
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.updateServiceDef(" + serviceDef.getName() + ")");
}
/**
* If display name is blank (EMPTY String or NULL), use previous display name.
*/
if (StringUtils.isBlank(serviceDef.getDisplayName())) {
RangerServiceDef rangerServiceDef = svcStore.getServiceDef(serviceDef.getId());
// If previous display name is blank (EMPTY String or NULL), user name.
if (Objects.isNull(rangerServiceDef) || StringUtils.isBlank(rangerServiceDef.getDisplayName())) {
serviceDef.setDisplayName(serviceDef.getName());
} else {
serviceDef.setDisplayName(rangerServiceDef.getDisplayName());
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(serviceDef, Action.UPDATE);
bizUtil.hasAdminPermissions("Service-Def");
bizUtil.hasKMSPermissions("Service-Def", serviceDef.getImplClass());
bizUtil.blockAuditorRoleUser();
ret = svcStore.updateServiceDef(serviceDef);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("updateServiceDef(" + serviceDef + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.updateServiceDef(" + serviceDef + "): " + ret);
}
return ret;
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerServiceDefValidator(org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
PUT(javax.ws.rs.PUT)
Aggregations
RangerServiceDefValidator (org.apache.ranger.plugin.model.validation.RangerServiceDefValidator)25
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)21
XXServiceDef (org.apache.ranger.entity.XXServiceDef)18
RangerAccessTypeDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef)5
Path (javax.ws.rs.Path)3
Produces (javax.ws.rs.Produces)3
WebApplicationException (javax.ws.rs.WebApplicationException)3
XXResourceDef (org.apache.ranger.entity.XXResourceDef)2
RangerDataMaskDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef)2
RangerResourceDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef)2
RangerRowFilterDef (org.apache.ranger.plugin.model.RangerServiceDef.RangerRowFilterDef)2
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)2
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)2
JsonSyntaxException (com.google.gson.JsonSyntaxException)1
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
DELETE (javax.ws.rs.DELETE)1
POST (javax.ws.rs.POST)1
PUT (javax.ws.rs.PUT)1
XXAccessTypeDefDao (org.apache.ranger.db.XXAccessTypeDefDao)1
