Example 21 with SearchFilter
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceREST method deletePoliciesProvidedInServiceMap.
private void deletePoliciesProvidedInServiceMap(List<String> sourceServices, List<String> destinationServices) {
int totalDeletedPilicies = 0;
if (CollectionUtils.isNotEmpty(sourceServices) && CollectionUtils.isNotEmpty(destinationServices)) {
RangerPolicyValidator validator = validatorFactory.getPolicyValidator(svcStore);
for (int i = 0; i < sourceServices.size(); i++) {
if (!destinationServices.get(i).isEmpty()) {
final RangerPolicyList servicePolicies = getServicePolicies(destinationServices.get(i), new SearchFilter());
if (servicePolicies != null) {
List<RangerPolicy> rangerPolicyList = servicePolicies.getPolicies();
if (CollectionUtils.isNotEmpty(rangerPolicyList)) {
for (RangerPolicy rangerPolicy : rangerPolicyList) {
if (rangerPolicy != null) {
try {
validator.validate(rangerPolicy.getId(), Action.DELETE);
ensureAdminAccess(rangerPolicy);
bizUtil.blockAuditorRoleUser();
svcStore.deletePolicy(rangerPolicy);
totalDeletedPilicies = totalDeletedPilicies + 1;
if (LOG.isDebugEnabled()) {
LOG.debug("Policy " + rangerPolicy.getName() + " deleted successfully.");
LOG.debug("TotalDeletedPilicies: " + totalDeletedPilicies);
}
} catch (Throwable excp) {
LOG.error("deletePolicy(" + rangerPolicy.getId() + ") failed", excp);
}
}
}
}
}
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("Total Deleted Policy : " + totalDeletedPilicies);
}
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
RangerPolicyList(org.apache.ranger.view.RangerPolicyList)
RangerPolicyValidator(org.apache.ranger.plugin.model.validation.RangerPolicyValidator)
Example 22 with SearchFilter
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceREST method getPoliciesInExcel.
@GET
@Path("/policies/downloadExcel")
@Produces("application/ms-excel")
public void getPoliciesInExcel(@Context HttpServletRequest request, @Context HttpServletResponse response) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.getPoliciesInExcel()");
}
RangerPerfTracer perf = null;
SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields);
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPoliciesInExcel()");
}
List<RangerPolicy> policyLists = new ArrayList<RangerPolicy>();
policyLists = getAllFilteredPolicyList(filter, request, policyLists);
if (CollectionUtils.isNotEmpty(policyLists)) {
for (RangerPolicy rangerPolicy : policyLists) {
if (rangerPolicy != null) {
ensureAdminAndAuditAccess(rangerPolicy);
}
}
bizUtil.blockAuditorRoleUser();
svcStore.getPoliciesInExcel(policyLists, response);
} else {
response.setStatus(HttpServletResponse.SC_NO_CONTENT);
LOG.error("No policies found to download!");
}
RangerExportPolicyList rangerExportPolicyList = new RangerExportPolicyList();
svcStore.putMetaDataInfo(rangerExportPolicyList);
String metaDataInfo = new ObjectMapper().writeValueAsString(rangerExportPolicyList.getMetaDataInfo());
List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
XXTrxLog xxTrxLog = new XXTrxLog();
xxTrxLog.setAction("EXPORT EXCEL");
xxTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
xxTrxLog.setPreviousValue(metaDataInfo);
trxLogList.add(xxTrxLog);
bizUtil.createTrxLog(trxLogList);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("Error while downloading policy report", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
WebApplicationException(javax.ws.rs.WebApplicationException)
RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer)
RangerExportPolicyList(org.apache.ranger.view.RangerExportPolicyList)
ArrayList(java.util.ArrayList)
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
VXString(org.apache.ranger.view.VXString)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
ObjectMapper(org.codehaus.jackson.map.ObjectMapper)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 23 with SearchFilter
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceREST method getPoliciesInCsv.
@GET
@Path("/policies/csv")
@Produces("text/csv")
public void getPoliciesInCsv(@Context HttpServletRequest request, @Context HttpServletResponse response) throws IOException {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.getPoliciesInCsv()");
}
RangerPerfTracer perf = null;
SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields);
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPoliciesInCsv()");
}
List<RangerPolicy> policyLists = new ArrayList<RangerPolicy>();
policyLists = getAllFilteredPolicyList(filter, request, policyLists);
if (CollectionUtils.isNotEmpty(policyLists)) {
for (RangerPolicy rangerPolicy : policyLists) {
if (rangerPolicy != null) {
ensureAdminAndAuditAccess(rangerPolicy);
}
}
bizUtil.blockAuditorRoleUser();
svcStore.getPoliciesInCSV(policyLists, response);
} else {
response.setStatus(HttpServletResponse.SC_NO_CONTENT);
LOG.error("No policies found to download!");
}
RangerExportPolicyList rangerExportPolicyList = new RangerExportPolicyList();
svcStore.putMetaDataInfo(rangerExportPolicyList);
String metaDataInfo = new ObjectMapper().writeValueAsString(rangerExportPolicyList.getMetaDataInfo());
List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
XXTrxLog xxTrxLog = new XXTrxLog();
xxTrxLog.setAction("EXPORT CSV");
xxTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
xxTrxLog.setPreviousValue(metaDataInfo);
trxLogList.add(xxTrxLog);
bizUtil.createTrxLog(trxLogList);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("Error while downloading policy report", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
WebApplicationException(javax.ws.rs.WebApplicationException)
RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer)
RangerExportPolicyList(org.apache.ranger.view.RangerExportPolicyList)
ArrayList(java.util.ArrayList)
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
VXString(org.apache.ranger.view.VXString)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
ObjectMapper(org.codehaus.jackson.map.ObjectMapper)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 24 with SearchFilter
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceREST method validateResourcePoliciesRequest.
private String validateResourcePoliciesRequest(String serviceDefName, String serviceName, HttpServletRequest request, List<RangerService> services, Map<String, Object> resource) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.validatePoliciesForResourceRequest(service-type=" + serviceDefName + ", service-name=" + serviceName + ")");
}
final String ret;
if (MapUtils.isNotEmpty(request.getParameterMap())) {
for (Map.Entry<String, String[]> e : request.getParameterMap().entrySet()) {
String name = e.getKey();
String[] values = e.getValue();
if (!StringUtils.isEmpty(name) && !ArrayUtils.isEmpty(values) && name.startsWith(SearchFilter.RESOURCE_PREFIX)) {
resource.put(name.substring(SearchFilter.RESOURCE_PREFIX.length()), values[0]);
}
}
}
if (MapUtils.isEmpty(resource)) {
ret = "No resource specified";
} else {
RangerServiceDef serviceDef = null;
try {
serviceDef = svcStore.getServiceDefByName(serviceDefName);
} catch (Exception e) {
LOG.error("Invalid service-type:[" + serviceDefName + "]", e);
}
if (serviceDef == null) {
ret = "Invalid service-type:[" + serviceDefName + "]";
} else {
Set<String> resourceDefNames = resource.keySet();
RangerServiceDefHelper serviceDefHelper = new RangerServiceDefHelper(serviceDef);
Set<List<RangerServiceDef.RangerResourceDef>> resourceHierarchies = serviceDefHelper.getResourceHierarchies(RangerPolicy.POLICY_TYPE_ACCESS, resourceDefNames);
if (CollectionUtils.isEmpty(resourceHierarchies)) {
ret = "Invalid resource specified: resource-names:" + resourceDefNames + " are not part of any valid resource hierarchy for service-type:[" + serviceDefName + "]";
} else {
if (StringUtils.isNotBlank(serviceName)) {
RangerService service = null;
try {
service = svcStore.getServiceByName(serviceName);
} catch (Exception e) {
LOG.error("Invalid service-name:[" + serviceName + "]");
}
if (service == null || !StringUtils.equals(service.getType(), serviceDefName)) {
ret = "Invalid service-name:[" + serviceName + "] or service-name is not of service-type:[" + serviceDefName + "]";
} else {
services.add(service);
ret = StringUtils.EMPTY;
}
} else {
SearchFilter filter = new SearchFilter();
filter.setParam(SearchFilter.SERVICE_TYPE, serviceDefName);
List<RangerService> serviceList = null;
try {
serviceList = svcStore.getServices(filter);
} catch (Exception e) {
LOG.error("Cannot find service of service-type:[" + serviceDefName + "]");
}
if (CollectionUtils.isEmpty(serviceList) || serviceList.size() != 1) {
ret = "Either 0 or more than 1 services found for service-type :[" + serviceDefName + "]";
} else {
services.add(serviceList.get(0));
ret = StringUtils.EMPTY;
}
}
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.validatePoliciesForResourceRequest(service-type=" + serviceDefName + ", service-name=" + serviceName + ") : " + ret);
}
return ret;
}
Also used :
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
VXString(org.apache.ranger.view.VXString)
WebApplicationException(javax.ws.rs.WebApplicationException)
IOException(java.io.IOException)
JsonSyntaxException(com.google.gson.JsonSyntaxException)
RangerServiceDefHelper(org.apache.ranger.plugin.model.validation.RangerServiceDefHelper)
RangerServiceDef(org.apache.ranger.plugin.model.RangerServiceDef)
RangerPluginInfoList(org.apache.ranger.view.RangerPluginInfoList)
RangerServiceList(org.apache.ranger.view.RangerServiceList)
ArrayList(java.util.ArrayList)
VXPolicyLabelList(org.apache.ranger.view.VXPolicyLabelList)
List(java.util.List)
RangerExportPolicyList(org.apache.ranger.view.RangerExportPolicyList)
RangerPolicyList(org.apache.ranger.view.RangerPolicyList)
RangerServiceDefList(org.apache.ranger.view.RangerServiceDefList)
RangerAPIList(org.apache.ranger.security.context.RangerAPIList)
PList(org.apache.ranger.plugin.store.PList)
RangerService(org.apache.ranger.plugin.model.RangerService)
Map(java.util.Map)
LinkedHashMap(java.util.LinkedHashMap)
TreeMap(java.util.TreeMap)
HashMap(java.util.HashMap)
Example 25 with SearchFilter
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceREST method getPolicyLabels.
@GET
@Path("/policyLabels")
@Produces({ "application/json", "application/xml" })
public List<String> getPolicyLabels(@Context HttpServletRequest request) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.getPolicyLabels()");
}
List<String> ret = new ArrayList<String>();
RangerPerfTracer perf = null;
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPolicyLabels()");
}
SearchFilter filter = searchUtil.getSearchFilter(request, policyLabelsService.sortFields);
ret = svcStore.getPolicyLabels(filter);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("getPolicyLabels() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== ServiceREST.getPolicyLabels()");
}
return ret;
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
RangerPerfTracer(org.apache.ranger.plugin.util.RangerPerfTracer)
ArrayList(java.util.ArrayList)
SearchFilter(org.apache.ranger.plugin.util.SearchFilter)
VXString(org.apache.ranger.view.VXString)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
SearchFilter (org.apache.ranger.plugin.util.SearchFilter)61
Test (org.junit.Test)32
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)30
ArrayList (java.util.ArrayList)27
RangerService (org.apache.ranger.plugin.model.RangerService)24
Path (javax.ws.rs.Path)13
Produces (javax.ws.rs.Produces)13
HttpServletRequest (javax.servlet.http.HttpServletRequest)12
GET (javax.ws.rs.GET)12
WebApplicationException (javax.ws.rs.WebApplicationException)11
RangerPolicyList (org.apache.ranger.view.RangerPolicyList)11
VXString (org.apache.ranger.view.VXString)10
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)9
RangerServiceDef (org.apache.ranger.plugin.model.RangerServiceDef)7
RangerServiceDefList (org.apache.ranger.view.RangerServiceDefList)6
RangerServiceList (org.apache.ranger.view.RangerServiceList)6
HashMap (java.util.HashMap)5
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)5
XXTrxLog (org.apache.ranger.entity.XXTrxLog)4
RangerExportPolicyList (org.apache.ranger.view.RangerExportPolicyList)4
