Examples with RangerServiceValidator org.apache.ranger.plugin.model.validation.RangerServiceValidator used on opensource projects

Search in sources :

Example 1 with RangerServiceValidator

use of org.apache.ranger.plugin.model.validation.RangerServiceValidator in project ranger by apache.

the class ServiceREST method updateService.

@PUT
@Path("/services/{id}")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.UPDATE_SERVICE + "\")")
public RangerService updateService(RangerService service, @Context HttpServletRequest request) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceREST.updateService(): " + service);
    }
    RangerService ret = null;
    RangerPerfTracer perf = null;
    try {
        if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
            perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.updateService(serviceName=" + service.getName() + ")");
        }
        RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
        validator.validate(service, Action.UPDATE);
        bizUtil.hasAdminPermissions("Services");
        // TODO: As of now we are allowing SYS_ADMIN to create all the
        // services including KMS
        XXServiceDef xxServiceDef = daoManager.getXXServiceDef().findByName(service.getType());
        bizUtil.hasKMSPermissions("Service", xxServiceDef.getImplclassname());
        bizUtil.blockAuditorRoleUser();
        Map<String, Object> options = getOptions(request);
        ret = svcStore.updateService(service, options);
    } catch (WebApplicationException excp) {
        throw excp;
    } catch (Throwable excp) {
        LOG.error("updateService(" + service + ") failed", excp);
        throw restErrorUtil.createRESTException(excp.getMessage());
    } finally {
        RangerPerfTracer.log(perf);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceREST.updateService(" + service + "): " + ret);
    }
    return ret;
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) WebApplicationException(javax.ws.rs.WebApplicationException) RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer) RangerService(org.apache.ranger.plugin.model.RangerService) VXString(org.apache.ranger.view.VXString) RangerServiceValidator(org.apache.ranger.plugin.model.validation.RangerServiceValidator) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) PUT(javax.ws.rs.PUT)

Example 2 with RangerServiceValidator

use of org.apache.ranger.plugin.model.validation.RangerServiceValidator in project ranger by apache.

the class ServiceREST method createService.

@POST
@Path("/services")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.CREATE_SERVICE + "\")")
public RangerService createService(RangerService service) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceREST.createService(" + service + ")");
    }
    RangerService ret = null;
    RangerPerfTracer perf = null;
    try {
        if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
            perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.createService(serviceName=" + service.getName() + ")");
        }
        RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
        validator.validate(service, Action.CREATE);
        UserSessionBase session = ContextUtil.getCurrentUserSession();
        XXServiceDef xxServiceDef = daoManager.getXXServiceDef().findByName(service.getType());
        if (session != null && !session.isSpnegoEnabled()) {
            bizUtil.hasAdminPermissions("Services");
            // TODO: As of now we are allowing SYS_ADMIN to create all the
            // services including KMS
            bizUtil.hasKMSPermissions("Service", xxServiceDef.getImplclassname());
        }
        if (session != null && session.isSpnegoEnabled()) {
            if (session.isKeyAdmin() && !EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(xxServiceDef.getImplclassname())) {
                throw restErrorUtil.createRESTException("KeyAdmin can create/update/delete only KMS ", MessageEnums.OPER_NO_PERMISSION);
            }
            if ((!session.isKeyAdmin() && !session.isUserAdmin()) && EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(xxServiceDef.getImplclassname())) {
                throw restErrorUtil.createRESTException("User cannot create/update/delete KMS Service", MessageEnums.OPER_NO_PERMISSION);
            }
        }
        bizUtil.blockAuditorRoleUser();
        ret = svcStore.createService(service);
    } catch (WebApplicationException excp) {
        throw excp;
    } catch (Throwable excp) {
        LOG.error("createService(" + service + ") failed", excp);
        throw restErrorUtil.createRESTException(excp.getMessage());
    } finally {
        RangerPerfTracer.log(perf);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceREST.createService(" + service + "): " + ret);
    }
    return ret;
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) WebApplicationException(javax.ws.rs.WebApplicationException) RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer) RangerService(org.apache.ranger.plugin.model.RangerService) RangerServiceValidator(org.apache.ranger.plugin.model.validation.RangerServiceValidator) UserSessionBase(org.apache.ranger.common.UserSessionBase) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 3 with RangerServiceValidator

use of org.apache.ranger.plugin.model.validation.RangerServiceValidator in project ranger by apache.

the class ServiceREST method deleteService.

@DELETE
@Path("/services/{id}")
@Produces({ "application/json", "application/xml" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.DELETE_SERVICE + "\")")
public void deleteService(@PathParam("id") Long id) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> ServiceREST.deleteService(" + id + ")");
    }
    RangerPerfTracer perf = null;
    try {
        if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
            perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deleteService(serviceId=" + id + ")");
        }
        RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
        validator.validate(id, Action.DELETE);
        bizUtil.hasAdminPermissions("Services");
        // TODO: As of now we are allowing SYS_ADMIN to create all the
        // services including KMS
        XXService service = daoManager.getXXService().getById(id);
        EmbeddedServiceDefsUtil embeddedServiceDefsUtil = EmbeddedServiceDefsUtil.instance();
        if (service.getType().equals(embeddedServiceDefsUtil.getTagServiceDefId())) {
            List<XXService> referringServices = daoManager.getXXService().findByTagServiceId(id);
            if (!CollectionUtils.isEmpty(referringServices)) {
                Set<String> referringServiceNames = new HashSet<String>();
                for (XXService xXService : referringServices) {
                    referringServiceNames.add(xXService.getName());
                    if (referringServiceNames.size() >= 10) {
                        break;
                    }
                }
                if (referringServices.size() <= 10) {
                    throw restErrorUtil.createRESTException("Tag service '" + service.getName() + "' is being referenced by " + referringServices.size() + " services: " + referringServiceNames, MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);
                } else {
                    throw restErrorUtil.createRESTException("Tag service '" + service.getName() + "' is being referenced by " + referringServices.size() + " services: " + referringServiceNames + " and more..", MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);
                }
            }
        }
        XXServiceDef xxServiceDef = daoManager.getXXServiceDef().getById(service.getType());
        bizUtil.hasKMSPermissions("Service", xxServiceDef.getImplclassname());
        bizUtil.blockAuditorRoleUser();
        tagStore.deleteAllTagObjectsForService(service.getName());
        svcStore.deleteService(id);
    } catch (WebApplicationException excp) {
        throw excp;
    } catch (Throwable excp) {
        LOG.error("deleteService(" + id + ") failed", excp);
        throw restErrorUtil.createRESTException(excp.getMessage());
    } finally {
        RangerPerfTracer.log(perf);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== ServiceREST.deleteService(" + id + ")");
    }
}
Also used : XXServiceDef(org.apache.ranger.entity.XXServiceDef) WebApplicationException(javax.ws.rs.WebApplicationException) RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer) EmbeddedServiceDefsUtil(org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil) VXString(org.apache.ranger.view.VXString) XXService(org.apache.ranger.entity.XXService) RangerServiceValidator(org.apache.ranger.plugin.model.validation.RangerServiceValidator) HashSet(java.util.HashSet) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Produces(javax.ws.rs.Produces) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Aggregations

Path (javax.ws.rs.Path)3 Produces (javax.ws.rs.Produces)3 WebApplicationException (javax.ws.rs.WebApplicationException)3 XXServiceDef (org.apache.ranger.entity.XXServiceDef)3 RangerServiceValidator (org.apache.ranger.plugin.model.validation.RangerServiceValidator)3 RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)3 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)3 RangerService (org.apache.ranger.plugin.model.RangerService)2 VXString (org.apache.ranger.view.VXString)2 HashSet (java.util.HashSet)1 DELETE (javax.ws.rs.DELETE)1 POST (javax.ws.rs.POST)1 PUT (javax.ws.rs.PUT)1 UserSessionBase (org.apache.ranger.common.UserSessionBase)1 XXService (org.apache.ranger.entity.XXService)1 EmbeddedServiceDefsUtil (org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial