use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class RangerSearchUtil method getSearchFilterFromLegacyRequest.
public SearchFilter getSearchFilterFromLegacyRequest(HttpServletRequest request, List<SortField> sortFields) {
Validate.notNull(request, "request");
SearchFilter ret = new SearchFilter();
if (MapUtils.isEmpty(request.getParameterMap())) {
ret.setParams(new HashMap<String, String>());
}
String repositoryType = request.getParameter("repositoryType");
if (repositoryType != null) {
repositoryType = repositoryType.toLowerCase();
}
String repositoryId = request.getParameter("repositoryId");
if (repositoryId == null) {
repositoryId = request.getParameter("assetId");
}
ret.setParam(SearchFilter.SERVICE_TYPE, repositoryType);
ret.setParam(SearchFilter.SERVICE_NAME, request.getParameter("repositoryName"));
ret.setParam(SearchFilter.SERVICE_ID, repositoryId);
ret.setParam(SearchFilter.POLICY_NAME, request.getParameter("policyName"));
ret.setParam(SearchFilter.USER, request.getParameter("userName"));
ret.setParam(SearchFilter.GROUP, request.getParameter("groupName"));
ret.setParam(SearchFilter.IS_ENABLED, request.getParameter("isEnabled"));
ret.setParam(SearchFilter.IS_RECURSIVE, request.getParameter("isRecursive"));
ret.setParam(SearchFilter.POL_RESOURCE, request.getParameter(SearchFilter.POL_RESOURCE));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "path", request.getParameter("resourceName"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "database", request.getParameter("databases"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "table", request.getParameter("tables"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "udf", request.getParameter("udfs"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "column", request.getParameter("columns"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "column-family", request.getParameter("columnFamilies"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "topology", request.getParameter("topologies"));
ret.setParam(SearchFilter.RESOURCE_PREFIX + "service", request.getParameter("services"));
extractCommonCriteriasForFilter(request, ret, sortFields);
return ret;
}
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class ServiceDBStore method updateServiceWithCustomProperty.
private void updateServiceWithCustomProperty() {
LOG.info("Adding custom properties to services");
SearchFilter filter = new SearchFilter();
try {
List<RangerService> lstRangerService = getServices(filter);
for (RangerService rangerService : lstRangerService) {
String serviceUser = PropertiesUtil.getProperty("ranger.plugins." + rangerService.getType() + ".serviceuser");
if (!StringUtils.isEmpty(serviceUser)) {
boolean chkServiceUpdate = false;
LOG.debug("customproperty = " + rangerService.getConfigs().get(ServiceREST.Allowed_User_List_For_Download) + " for service = " + rangerService.getName());
if (!rangerService.getConfigs().containsKey(ServiceREST.Allowed_User_List_For_Download)) {
rangerService.getConfigs().put(ServiceREST.Allowed_User_List_For_Download, serviceUser);
chkServiceUpdate = true;
}
if ((!rangerService.getConfigs().containsKey(ServiceREST.Allowed_User_List_For_Grant_Revoke)) && ("hbase".equalsIgnoreCase(rangerService.getType()) || "hive".equalsIgnoreCase(rangerService.getType()))) {
rangerService.getConfigs().put(ServiceREST.Allowed_User_List_For_Grant_Revoke, serviceUser);
chkServiceUpdate = true;
}
if (!rangerService.getConfigs().containsKey(TagREST.Allowed_User_List_For_Tag_Download)) {
rangerService.getConfigs().put(TagREST.Allowed_User_List_For_Tag_Download, serviceUser);
chkServiceUpdate = true;
}
if (chkServiceUpdate) {
updateService(rangerService, null);
if (LOG.isDebugEnabled()) {
LOG.debug("Updated service " + rangerService.getName() + " with custom properties in secure environment");
}
}
}
}
} catch (Throwable e) {
LOG.fatal("updateServiceWithCustomProperty failed with exception : " + e.getMessage());
}
}
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class MetricUtil method metricCalculation.
private void metricCalculation(String caseValue) {
logger.info("Metric Type : " + caseValue);
try {
SearchCriteria searchCriteria = new SearchCriteria();
searchCriteria.setStartIndex(0);
searchCriteria.setMaxRows(100);
searchCriteria.setGetCount(true);
searchCriteria.setSortType("asc");
switch(caseValue.toLowerCase()) {
case "usergroup":
try {
VXGroupList vxGroupList = xUserMgr.searchXGroups(searchCriteria);
long groupCount = vxGroupList.getTotalCount();
ArrayList<String> userKeyAdminRoleCount = new ArrayList<String>();
userKeyAdminRoleCount.add(RangerConstants.ROLE_SYS_ADMIN);
long userSysAdminCount = getUserCountBasedOnUserRole(userKeyAdminRoleCount);
ArrayList<String> userRoleListKeyRoleAdmin = new ArrayList<String>();
userRoleListKeyRoleAdmin.add(RangerConstants.ROLE_KEY_ADMIN);
long userKeyAdminCount = getUserCountBasedOnUserRole(userRoleListKeyRoleAdmin);
ArrayList<String> userRoleListUser = new ArrayList<String>();
userRoleListUser.add(RangerConstants.ROLE_USER);
long userRoleCount = getUserCountBasedOnUserRole(userRoleListUser);
long userTotalCount = userSysAdminCount + userKeyAdminCount + userRoleCount;
VXMetricUserGroupCount metricUserGroupCount = new VXMetricUserGroupCount();
metricUserGroupCount.setUserCountOfUserRole(userRoleCount);
metricUserGroupCount.setUserCountOfKeyAdminRole(userKeyAdminCount);
metricUserGroupCount.setUserCountOfSysAdminRole(userSysAdminCount);
metricUserGroupCount.setUserTotalCount(userTotalCount);
metricUserGroupCount.setGroupCount(groupCount);
Gson gson = new GsonBuilder().create();
final String jsonUserGroupCount = gson.toJson(metricUserGroupCount);
System.out.println(jsonUserGroupCount);
} catch (Exception e) {
logger.error("Error calculating Metric for usergroup : " + e.getMessage());
}
break;
case "audits":
try {
int clientTimeOffsetInMinute = RestUtil.getClientTimeOffset();
String defaultDateFormat = "MM/dd/yyyy";
DateFormat formatter = new SimpleDateFormat(defaultDateFormat);
VXMetricAuditDetailsCount auditObj = new VXMetricAuditDetailsCount();
DateUtil dateUtilTwoDays = new DateUtil();
Date startDateUtilTwoDays = dateUtilTwoDays.getDateFromNow(-2);
Date dStart2 = restErrorUtil.parseDate(formatter.format(startDateUtilTwoDays), "Invalid value for startDate", MessageEnums.INVALID_INPUT_DATA, null, "startDate", defaultDateFormat);
Date endDateTwoDays = MiscUtil.getUTCDate();
Date dEnd2 = restErrorUtil.parseDate(formatter.format(endDateTwoDays), "Invalid value for endDate", MessageEnums.INVALID_INPUT_DATA, null, "endDate", defaultDateFormat);
dEnd2 = dateUtilTwoDays.getDateFromGivenDate(dEnd2, 0, 23, 59, 59);
dEnd2 = dateUtilTwoDays.addTimeOffset(dEnd2, clientTimeOffsetInMinute);
VXMetricServiceCount deniedCountObj = getAuditsCount(0, dStart2, dEnd2);
auditObj.setDenialEventsCountTwoDays(deniedCountObj);
VXMetricServiceCount allowedCountObj = getAuditsCount(1, dStart2, dEnd2);
auditObj.setAccessEventsCountTwoDays(allowedCountObj);
long totalAuditsCountTwoDays = deniedCountObj.getTotalCount() + allowedCountObj.getTotalCount();
auditObj.setSolrIndexCountTwoDays(totalAuditsCountTwoDays);
DateUtil dateUtilWeek = new DateUtil();
Date startDateUtilWeek = dateUtilWeek.getDateFromNow(-7);
Date dStart7 = restErrorUtil.parseDate(formatter.format(startDateUtilWeek), "Invalid value for startDate", MessageEnums.INVALID_INPUT_DATA, null, "startDate", defaultDateFormat);
Date endDateWeek = MiscUtil.getUTCDate();
DateUtil dateUtilweek = new DateUtil();
Date dEnd7 = restErrorUtil.parseDate(formatter.format(endDateWeek), "Invalid value for endDate", MessageEnums.INVALID_INPUT_DATA, null, "endDate", defaultDateFormat);
dEnd7 = dateUtilweek.getDateFromGivenDate(dEnd7, 0, 23, 59, 59);
dEnd7 = dateUtilweek.addTimeOffset(dEnd7, clientTimeOffsetInMinute);
VXMetricServiceCount deniedCountObjWeek = getAuditsCount(0, dStart7, dEnd7);
auditObj.setDenialEventsCountWeek(deniedCountObjWeek);
VXMetricServiceCount allowedCountObjWeek = getAuditsCount(1, dStart7, dEnd7);
auditObj.setAccessEventsCountWeek(allowedCountObjWeek);
long totalAuditsCountWeek = deniedCountObjWeek.getTotalCount() + allowedCountObjWeek.getTotalCount();
auditObj.setSolrIndexCountWeek(totalAuditsCountWeek);
Gson gson = new GsonBuilder().create();
final String jsonAudit = gson.toJson(auditObj);
System.out.println(jsonAudit);
} catch (Exception e) {
logger.error("Error calculating Metric for audits : " + e.getMessage());
}
break;
case "services":
try {
SearchFilter serviceFilter = new SearchFilter();
serviceFilter.setMaxRows(200);
serviceFilter.setStartIndex(0);
serviceFilter.setGetCount(true);
serviceFilter.setSortBy("serviceId");
serviceFilter.setSortType("asc");
VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
PList<RangerService> paginatedSvcs = svcStore.getPaginatedServices(serviceFilter);
long totalServiceCount = paginatedSvcs.getTotalCount();
List<RangerService> rangerServiceList = paginatedSvcs.getList();
Map<String, Long> services = new HashMap<String, Long>();
for (Object rangerService : rangerServiceList) {
RangerService RangerServiceObj = (RangerService) rangerService;
String serviceName = RangerServiceObj.getType();
if (!(services.containsKey(serviceName))) {
serviceFilter.setParam("serviceType", serviceName);
PList<RangerService> paginatedSvcscount = svcStore.getPaginatedServices(serviceFilter);
services.put(serviceName, paginatedSvcscount.getTotalCount());
}
}
vXMetricServiceCount.setServiceBasedCountList(services);
vXMetricServiceCount.setTotalCount(totalServiceCount);
Gson gson = new GsonBuilder().create();
final String jsonServices = gson.toJson(vXMetricServiceCount);
System.out.println(jsonServices);
} catch (Exception e) {
logger.error("Error calculating Metric for services : " + e.getMessage());
}
break;
case "policies":
try {
SearchFilter policyFilter = new SearchFilter();
policyFilter.setMaxRows(200);
policyFilter.setStartIndex(0);
policyFilter.setGetCount(true);
policyFilter.setSortBy("serviceId");
policyFilter.setSortType("asc");
VXMetricPolicyCount vXMetricPolicyCount = new VXMetricPolicyCount();
PList<RangerPolicy> paginatedSvcsList = svcStore.getPaginatedPolicies(policyFilter);
vXMetricPolicyCount.setTotalCount(paginatedSvcsList.getTotalCount());
Map<String, VXMetricServiceCount> servicesWithPolicy = new HashMap<String, VXMetricServiceCount>();
for (int k = 2; k >= 0; k--) {
String serviceType = String.valueOf(k);
VXMetricServiceCount vXMetricServiceCount = getVXMetricServiceCount(serviceType);
if (k == 2) {
servicesWithPolicy.put("rowFilteringPolicies", vXMetricServiceCount);
} else if (k == 1) {
servicesWithPolicy.put("maskingPolicies", vXMetricServiceCount);
} else if (k == 0) {
servicesWithPolicy.put("resourcePolicy", vXMetricServiceCount);
}
}
boolean tagFlag = false;
if (tagFlag == false) {
policyFilter.setParam("serviceType", "tag");
PList<RangerPolicy> policiestype = svcStore.getPaginatedPolicies(policyFilter);
Map<String, Long> tagMap = new HashMap<String, Long>();
long tagCount = policiestype.getTotalCount();
tagMap.put("tag", tagCount);
VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
vXMetricServiceCount.setServiceBasedCountList(tagMap);
vXMetricServiceCount.setTotalCount(tagCount);
servicesWithPolicy.put("tagBasedPolicies", vXMetricServiceCount);
tagFlag = true;
}
vXMetricPolicyCount.setPolicyCountList(servicesWithPolicy);
Gson gson = new GsonBuilder().create();
final String jsonPolicies = gson.toJson(vXMetricPolicyCount);
System.out.println(jsonPolicies);
} catch (Exception e) {
logger.error("Error calculating Metric for policies : " + e.getMessage());
}
break;
case "database":
try {
int dbFlavor = RangerBizUtil.getDBFlavor();
String dbFlavourType = "Unknow ";
if (dbFlavor == AppConstants.DB_FLAVOR_MYSQL) {
dbFlavourType = "MYSQL ";
} else if (dbFlavor == AppConstants.DB_FLAVOR_ORACLE) {
dbFlavourType = "ORACLE ";
} else if (dbFlavor == AppConstants.DB_FLAVOR_POSTGRES) {
dbFlavourType = "POSTGRES ";
} else if (dbFlavor == AppConstants.DB_FLAVOR_SQLANYWHERE) {
dbFlavourType = "SQLANYWHERE ";
} else if (dbFlavor == AppConstants.DB_FLAVOR_SQLSERVER) {
dbFlavourType = "SQLSERVER ";
}
String dbDetail = dbFlavourType + xaBizUtil.getDBVersion();
Gson gson = new GsonBuilder().create();
final String jsonDBDetail = gson.toJson(dbDetail);
System.out.println(jsonDBDetail);
} catch (Exception e) {
logger.error("Error calculating Metric for database : " + e.getMessage());
}
break;
case "contextenrichers":
try {
SearchFilter filter = new SearchFilter();
filter.setStartIndex(0);
VXMetricContextEnricher serviceWithContextEnrichers = new VXMetricContextEnricher();
PList<RangerServiceDef> paginatedSvcDefs = svcStore.getPaginatedServiceDefs(filter);
List<RangerServiceDef> repoTypeList = paginatedSvcDefs.getList();
if (repoTypeList != null) {
for (RangerServiceDef repoType : repoTypeList) {
RangerServiceDef rangerServiceDefObj = (RangerServiceDef) repoType;
String name = rangerServiceDefObj.getName();
List<RangerContextEnricherDef> contextEnrichers = rangerServiceDefObj.getContextEnrichers();
if (contextEnrichers != null && !contextEnrichers.isEmpty()) {
serviceWithContextEnrichers.setServiceName(name);
serviceWithContextEnrichers.setTotalCount(contextEnrichers.size());
}
}
}
Gson gson = new GsonBuilder().create();
final String jsonContextEnrichers = gson.toJson(serviceWithContextEnrichers);
System.out.println(jsonContextEnrichers);
} catch (Exception e) {
logger.error("Error calculating Metric for contextenrichers : " + e.getMessage());
}
break;
case "denyconditions":
try {
SearchFilter policyFilter1 = new SearchFilter();
policyFilter1.setMaxRows(200);
policyFilter1.setStartIndex(0);
policyFilter1.setGetCount(true);
policyFilter1.setSortBy("serviceId");
policyFilter1.setSortType("asc");
int denyCount = 0;
Map<String, Integer> denyconditionsonMap = new HashMap<String, Integer>();
PList<RangerServiceDef> paginatedSvcDefs = svcStore.getPaginatedServiceDefs(policyFilter1);
if (paginatedSvcDefs != null) {
List<RangerServiceDef> rangerServiceDefs = paginatedSvcDefs.getList();
if (rangerServiceDefs != null && !rangerServiceDefs.isEmpty()) {
for (RangerServiceDef rangerServiceDef : rangerServiceDefs) {
if (rangerServiceDef != null) {
String serviceDef = rangerServiceDef.getName();
if (!StringUtils.isEmpty(serviceDef)) {
policyFilter1.setParam("serviceType", serviceDef);
PList<RangerPolicy> policiesList = svcStore.getPaginatedPolicies(policyFilter1);
if (policiesList != null && policiesList.getListSize() > 0) {
int policyListCount = policiesList.getListSize();
if (policyListCount > 0 && policiesList.getList() != null) {
List<RangerPolicy> policies = policiesList.getList();
for (RangerPolicy policy : policies) {
if (policy != null) {
List<RangerPolicyItem> policyItem = policy.getDenyPolicyItems();
if (policyItem != null && !policyItem.isEmpty()) {
if (denyconditionsonMap.get(serviceDef) != null) {
denyCount = denyconditionsonMap.get(serviceDef) + denyCount + policyItem.size();
} else {
denyCount = denyCount + policyItem.size();
}
}
List<RangerPolicyItem> policyItemExclude = policy.getDenyExceptions();
if (policyItemExclude != null && !policyItemExclude.isEmpty()) {
if (denyconditionsonMap.get(serviceDef) != null) {
denyCount = denyconditionsonMap.get(serviceDef) + denyCount + policyItemExclude.size();
} else {
denyCount = denyCount + policyItemExclude.size();
}
}
}
}
}
}
policyFilter1.removeParam("serviceType");
}
denyconditionsonMap.put(serviceDef, denyCount);
denyCount = 0;
}
}
}
}
Gson gson = new GsonBuilder().create();
String jsonContextDenyCondtionOn = gson.toJson(denyconditionsonMap);
System.out.println(jsonContextDenyCondtionOn);
} catch (Exception e) {
logger.error("Error calculating Metric for denyconditions : " + e.getMessage());
}
break;
default:
System.out.println("type: Incorrect Arguments usage : -type policies | audits | usergroup | services | database | contextenrichers | denyconditions");
logger.info("Please enter the valid arguments for Metric Calculation");
break;
}
} catch (Exception e) {
logger.error("Error calculating Metric : " + e.getMessage());
}
}
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class MetricUtil method getVXMetricServiceCount.
private VXMetricServiceCount getVXMetricServiceCount(String serviceType) throws Exception {
SearchFilter policyFilter1 = new SearchFilter();
policyFilter1.setMaxRows(200);
policyFilter1.setStartIndex(0);
policyFilter1.setGetCount(true);
policyFilter1.setSortBy("serviceId");
policyFilter1.setSortType("asc");
policyFilter1.setParam("policyType", serviceType);
PList<RangerPolicy> policies = svcStore.getPaginatedPolicies(policyFilter1);
PList<RangerService> paginatedSvcsSevice = svcStore.getPaginatedServices(policyFilter1);
List<RangerService> rangerServiceList = paginatedSvcsSevice.getList();
Map<String, Long> servicesforPolicyType = new HashMap<String, Long>();
long tagCount = 0;
for (Object rangerService : rangerServiceList) {
RangerService rangerServiceObj = (RangerService) rangerService;
String serviceName = rangerServiceObj.getType();
if (!(servicesforPolicyType.containsKey(serviceName))) {
policyFilter1.setParam("serviceType", serviceName);
PList<RangerPolicy> policiestype = svcStore.getPaginatedPolicies(policyFilter1);
long count = policiestype.getTotalCount();
if (count != 0) {
if (!"tag".equalsIgnoreCase(serviceName)) {
servicesforPolicyType.put(serviceName, count);
} else {
tagCount = count;
}
}
}
}
VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
vXMetricServiceCount.setServiceBasedCountList(servicesforPolicyType);
long totalCountOfPolicyType = policies.getTotalCount() - tagCount;
vXMetricServiceCount.setTotalCount(totalCountOfPolicyType);
return vXMetricServiceCount;
}
use of org.apache.ranger.plugin.util.SearchFilter in project ranger by apache.
the class AssetREST method searchXAssets.
@GET
@Path("/assets")
@Produces({ "application/xml", "application/json" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.SEARCH_X_ASSETS + "\")")
public VXAssetList searchXAssets(@Context HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("==> AssetREST.searchXAssets()");
}
VXAssetList ret = new VXAssetList();
SearchFilter filter = searchUtil.getSearchFilterFromLegacyRequestForRepositorySearch(request, xAssetService.sortFields);
List<RangerService> services = serviceREST.getServices(filter);
if (services != null) {
List<VXAsset> assets = new ArrayList<VXAsset>();
for (RangerService service : services) {
VXAsset asset = serviceUtil.toVXAsset(service);
if (asset != null) {
assets.add(asset);
}
}
ret.setVXAssets(assets);
}
if (logger.isDebugEnabled()) {
logger.debug("<== AssetREST.searchXAssets(): count=" + ret.getListSize());
}
return ret;
}
Aggregations