Example 21 with VXPermMap
use of org.apache.ranger.view.VXPermMap in project ranger by apache.
the class TestXUserREST method test48searchXPermMaps.
@SuppressWarnings("unchecked")
@Test
public void test48searchXPermMaps() {
VXPermMap permMap = testcreateXPermMap();
HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
SearchCriteria testSearchCriteria = createsearchCriteria();
Mockito.when(searchUtil.extractCommonCriterias((HttpServletRequest) Mockito.any(), (List<SortField>) Mockito.any())).thenReturn(testSearchCriteria);
List<VXPermMap> vXPermMaps = new ArrayList<VXPermMap>();
vXPermMaps.add(permMap);
VXPermMapList testvXGroupList = new VXPermMapList();
testvXGroupList.setTotalCount(1);
testvXGroupList.setVXPermMaps(vXPermMaps);
Mockito.when(xUserMgr.searchXPermMaps(testSearchCriteria)).thenReturn(testvXGroupList);
VXPermMapList outputvXGroupList = xUserRest.searchXPermMaps(request);
Mockito.verify(xUserMgr).searchXPermMaps(testSearchCriteria);
Mockito.verify(searchUtil).extractCommonCriterias((HttpServletRequest) Mockito.any(), (List<SortField>) Mockito.any());
assertNotNull(outputvXGroupList);
assertEquals(outputvXGroupList.getClass(), testvXGroupList.getClass());
assertEquals(outputvXGroupList.getTotalCount(), testvXGroupList.getTotalCount());
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
VXPermMap(org.apache.ranger.view.VXPermMap)
ArrayList(java.util.ArrayList)
SortField(org.apache.ranger.common.SortField)
VXPermMapList(org.apache.ranger.view.VXPermMapList)
SearchCriteria(org.apache.ranger.common.SearchCriteria)
Test(org.junit.Test)
Example 22 with VXPermMap
use of org.apache.ranger.view.VXPermMap in project ranger by apache.
the class ServiceUtil method mapPermMapToPermObj.
public List<VXPermObj> mapPermMapToPermObj(List<VXPermMap> permMapList) {
List<VXPermObj> permObjList = new ArrayList<VXPermObj>();
HashMap<String, List<VXPermMap>> sortedPemMap = new HashMap<String, List<VXPermMap>>();
if (permMapList != null) {
for (VXPermMap vXPermMap : permMapList) {
String permGrp = vXPermMap.getPermGroup();
List<VXPermMap> sortedList = sortedPemMap.get(permGrp);
if (sortedList == null) {
sortedList = new ArrayList<VXPermMap>();
sortedPemMap.put(permGrp, sortedList);
}
sortedList.add(vXPermMap);
}
}
for (Entry<String, List<VXPermMap>> entry : sortedPemMap.entrySet()) {
VXPermObj vXPermObj = new VXPermObj();
List<String> userList = new ArrayList<String>();
List<String> groupList = new ArrayList<String>();
List<String> permList = new ArrayList<String>();
String ipAddress = "";
List<VXPermMap> permListForGrp = entry.getValue();
for (VXPermMap permMap : permListForGrp) {
if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
if (!userList.contains(permMap.getUserName())) {
userList.add(permMap.getUserName());
}
} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
if (!groupList.contains(permMap.getGroupName())) {
groupList.add(permMap.getGroupName());
}
}
String perm = AppConstants.getLabelFor_XAPermType(permMap.getPermType());
if (!permList.contains(perm)) {
permList.add(perm);
}
ipAddress = permMap.getIpAddress();
}
vXPermObj.setUserList(userList);
vXPermObj.setGroupList(groupList);
vXPermObj.setPermList(permList);
vXPermObj.setIpAddress(ipAddress);
permObjList.add(vXPermObj);
}
return permObjList;
}
Also used :
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
VXPolicyList(org.apache.ranger.view.VXPolicyList)
List(java.util.List)
VXRepositoryList(org.apache.ranger.view.VXRepositoryList)
VXPermObj(org.apache.ranger.view.VXPermObj)
Example 23 with VXPermMap
use of org.apache.ranger.view.VXPermMap in project ranger by apache.
the class ServiceUtil method getVXPermMapList.
public List<VXPermMap> getVXPermMapList(RangerPolicy policy) {
List<VXPermMap> permMapList = new ArrayList<VXPermMap>();
int permGroup = 0;
for (RangerPolicy.RangerPolicyItem policyItem : policy.getPolicyItems()) {
String ipAddress = null;
for (RangerPolicy.RangerPolicyItemCondition condition : policyItem.getConditions()) {
if (condition.getType() == "ipaddress") {
List<String> values = condition.getValues();
if (CollectionUtils.isNotEmpty(values)) {
// TODO changes this to properly deal with collection for now just returning 1st item
ipAddress = values.get(0);
}
}
if (ipAddress != null && !ipAddress.isEmpty()) {
// only 1 IP-address per permMap
break;
}
}
for (String userName : policyItem.getUsers()) {
for (RangerPolicyItemAccess access : policyItem.getAccesses()) {
if (!access.getIsAllowed()) {
continue;
}
VXPermMap permMap = new VXPermMap();
permMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
permMap.setPermGroup(Integer.valueOf(permGroup).toString());
permMap.setUserName(userName);
permMap.setUserId(getUserId(userName));
permMap.setPermType(toPermType(access.getType()));
permMap.setIpAddress(ipAddress);
permMapList.add(permMap);
}
if (policyItem.getDelegateAdmin()) {
VXPermMap permMap = new VXPermMap();
permMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
permMap.setPermGroup(Integer.valueOf(permGroup).toString());
permMap.setUserName(userName);
permMap.setUserId(getUserId(userName));
permMap.setPermType(toPermType("Admin"));
permMap.setIpAddress(ipAddress);
permMapList.add(permMap);
}
}
permGroup++;
for (String groupName : policyItem.getGroups()) {
for (RangerPolicyItemAccess access : policyItem.getAccesses()) {
if (!access.getIsAllowed()) {
continue;
}
VXPermMap permMap = new VXPermMap();
permMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
permMap.setPermGroup(Integer.valueOf(permGroup).toString());
permMap.setGroupName(groupName);
permMap.setGroupId(getGroupId(groupName));
permMap.setPermType(toPermType(access.getType()));
permMap.setIpAddress(ipAddress);
permMapList.add(permMap);
}
if (policyItem.getDelegateAdmin()) {
VXPermMap permMap = new VXPermMap();
permMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
permMap.setPermGroup(Integer.valueOf(permGroup).toString());
permMap.setGroupName(groupName);
permMap.setGroupId(getGroupId(groupName));
permMap.setPermType(toPermType("Admin"));
permMap.setIpAddress(ipAddress);
permMapList.add(permMap);
}
}
permGroup++;
}
return permMapList;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
VXPermMap(org.apache.ranger.view.VXPermMap)
ArrayList(java.util.ArrayList)
RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)
Example 24 with VXPermMap
use of org.apache.ranger.view.VXPermMap in project ranger by apache.
the class ServiceUtil method toRangerPolicy.
public RangerPolicy toRangerPolicy(VXResource resource, RangerService service) {
if (resource == null) {
return null;
}
RangerPolicy ret = new RangerPolicy();
dataObjectToRangerObject(resource, ret);
if (service != null) {
ret.setService(service.getName());
} else {
ret.setService(resource.getAssetName());
}
ret.setName(StringUtils.trim(resource.getPolicyName()));
ret.setDescription(resource.getDescription());
ret.setIsEnabled(resource.getResourceStatus() == RangerCommonEnums.STATUS_ENABLED);
ret.setIsAuditEnabled(resource.getAuditList() != null && !resource.getAuditList().isEmpty());
Boolean isPathRecursive = resource.getIsRecursive() == RangerCommonEnums.BOOL_TRUE;
Boolean isTableExcludes = resource.getTableType() == RangerCommonEnums.POLICY_EXCLUSION;
Boolean isColumnExcludes = resource.getColumnType() == RangerCommonEnums.POLICY_EXCLUSION;
toRangerResourceList(resource.getName(), "path", Boolean.FALSE, isPathRecursive, ret.getResources());
toRangerResourceList(resource.getTables(), "table", isTableExcludes, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getColumnFamilies(), "column-family", Boolean.FALSE, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getColumns(), "column", isColumnExcludes, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getDatabases(), "database", Boolean.FALSE, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getUdfs(), "udf", Boolean.FALSE, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, ret.getResources());
toRangerResourceList(resource.getServices(), "service", Boolean.FALSE, Boolean.FALSE, ret.getResources());
HashMap<String, List<VXPermMap>> sortedPermMap = new HashMap<String, List<VXPermMap>>();
// re-group the list with permGroup as the key
if (resource.getPermMapList() != null) {
for (VXPermMap permMap : resource.getPermMapList()) {
String permGrp = permMap.getPermGroup();
List<VXPermMap> sortedList = sortedPermMap.get(permGrp);
if (sortedList == null) {
sortedList = new ArrayList<VXPermMap>();
sortedPermMap.put(permGrp, sortedList);
}
sortedList.add(permMap);
}
}
Integer assetType = getAssetType(service, ret.getService());
for (Entry<String, List<VXPermMap>> entry : sortedPermMap.entrySet()) {
List<String> userList = new ArrayList<String>();
List<String> groupList = new ArrayList<String>();
List<RangerPolicyItemAccess> accessList = new ArrayList<RangerPolicyItemAccess>();
String ipAddress = null;
RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
for (VXPermMap permMap : entry.getValue()) {
if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
String userName = getUserName(permMap);
if (!userList.contains(userName)) {
userList.add(userName);
}
} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
String groupName = getGroupName(permMap);
if (!groupList.contains(groupName)) {
groupList.add(groupName);
}
}
String accessType = toAccessType(permMap.getPermType());
if (StringUtils.equalsIgnoreCase(accessType, "Admin")) {
policyItem.setDelegateAdmin(Boolean.TRUE);
if (assetType != null && assetType == RangerCommonEnums.ASSET_HBASE) {
accessList.add(new RangerPolicyItemAccess(accessType));
}
} else {
accessList.add(new RangerPolicyItemAccess(accessType));
}
ipAddress = permMap.getIpAddress();
}
policyItem.setUsers(userList);
policyItem.setGroups(groupList);
policyItem.setAccesses(accessList);
if (ipAddress != null && !ipAddress.isEmpty()) {
RangerPolicy.RangerPolicyItemCondition ipCondition = new RangerPolicy.RangerPolicyItemCondition("ipaddress", Collections.singletonList(ipAddress));
policyItem.getConditions().add(ipCondition);
}
ret.getPolicyItems().add(policyItem);
}
return ret;
}
Also used :
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)
ArrayList(java.util.ArrayList)
VXPolicyList(org.apache.ranger.view.VXPolicyList)
List(java.util.List)
VXRepositoryList(org.apache.ranger.view.VXRepositoryList)
Example 25 with VXPermMap
use of org.apache.ranger.view.VXPermMap in project ranger by apache.
the class ServiceUtil method toVXPolicy.
public VXPolicy toVXPolicy(RangerPolicy policy, RangerService service) {
if (policy == null || service == null || toAssetType(service.getType()) == null) {
return null;
}
VXPolicy ret = new VXPolicy();
rangerObjectToDataObject(policy, ret);
ret.setPolicyName(StringUtils.trim(policy.getName()));
ret.setDescription(policy.getDescription());
ret.setRepositoryName(policy.getService());
ret.setIsEnabled(policy.getIsEnabled() ? true : false);
ret.setRepositoryType(service.getType());
ret.setIsAuditEnabled(policy.getIsAuditEnabled());
if (policy.getVersion() != null) {
ret.setVersion(policy.getVersion().toString());
} else {
ret.setVersion(version);
}
for (Map.Entry<String, RangerPolicy.RangerPolicyResource> e : policy.getResources().entrySet()) {
RangerPolicy.RangerPolicyResource res = e.getValue();
String resType = e.getKey();
String resString = getResourceString(res.getValues());
if ("path".equalsIgnoreCase(resType)) {
ret.setResourceName(resString);
ret.setIsRecursive(Boolean.TRUE.equals(res.getIsRecursive()) ? true : false);
} else if ("table".equalsIgnoreCase(resType)) {
ret.setTables(resString);
ret.setTableType(Boolean.TRUE.equals(res.getIsExcludes()) ? toVxPolicyIncExc(RangerCommonEnums.POLICY_EXCLUSION) : toVxPolicyIncExc(RangerCommonEnums.POLICY_INCLUSION));
} else if ("column-family".equalsIgnoreCase(resType)) {
ret.setColumnFamilies(resString);
} else if ("column".equalsIgnoreCase(resType)) {
ret.setColumns(resString);
ret.setColumnType(Boolean.TRUE.equals(res.getIsExcludes()) ? toVxPolicyIncExc(RangerCommonEnums.POLICY_EXCLUSION) : toVxPolicyIncExc(RangerCommonEnums.POLICY_INCLUSION));
} else if ("database".equalsIgnoreCase(resType)) {
ret.setDatabases(resString);
} else if ("udf".equalsIgnoreCase(resType)) {
ret.setUdfs(resString);
} else if ("topology".equalsIgnoreCase(resType)) {
ret.setTopologies(resString);
} else if ("service".equalsIgnoreCase(resType)) {
ret.setServices(resString);
}
}
updateResourceName(ret);
List<VXPermMap> vXPermMapList = getVXPermMapList(policy);
List<VXPermObj> vXPermObjList = mapPermMapToPermObj(vXPermMapList);
ret.setPermMapList(vXPermObjList);
return ret;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
VXPermMap(org.apache.ranger.view.VXPermMap)
VXPolicy(org.apache.ranger.view.VXPolicy)
VXPermObj(org.apache.ranger.view.VXPermObj)
VXAuditMap(org.apache.ranger.view.VXAuditMap)
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
VXPermMap (org.apache.ranger.view.VXPermMap)25
ArrayList (java.util.ArrayList)13
Test (org.junit.Test)10
HashMap (java.util.HashMap)7
List (java.util.List)6
VXResource (org.apache.ranger.view.VXResource)6
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)5
VXPermMapList (org.apache.ranger.view.VXPermMapList)5
VXPermObj (org.apache.ranger.view.VXPermObj)5
VXPolicyList (org.apache.ranger.view.VXPolicyList)5
Date (java.util.Date)4
SearchCriteria (org.apache.ranger.common.SearchCriteria)4
VXAuditMap (org.apache.ranger.view.VXAuditMap)4
LinkedHashMap (java.util.LinkedHashMap)3
Random (java.util.Random)3
WebApplicationException (javax.ws.rs.WebApplicationException)3
RangerPolicyItemAccess (org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)3
VXAuditMapList (org.apache.ranger.view.VXAuditMapList)3
VXResourceList (org.apache.ranger.view.VXResourceList)3
Map (java.util.Map)2
