Example 1 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class ServiceUtil method toGrantRevokeRequest.
public GrantRevokeRequest toGrantRevokeRequest(VXPolicy vXPolicy) {
String serviceType = null;
RangerService service = null;
GrantRevokeRequest ret = new GrantRevokeRequest();
if (vXPolicy != null) {
String serviceName = vXPolicy.getRepositoryName();
try {
service = svcStore.getServiceByName(serviceName);
} catch (Exception e) {
LOG.error(HttpServletResponse.SC_BAD_REQUEST + "No Service Found for ServiceName:" + serviceName);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, e.getMessage() + serviceName, true);
}
if (service != null) {
serviceType = service.getType();
} else {
LOG.error(HttpServletResponse.SC_BAD_REQUEST + "No Service Found for ServiceName" + serviceName);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "No Service Found for ServiceName" + serviceName, true);
}
if (vXPolicy.getGrantor() != null) {
ret.setGrantor(vXPolicy.getGrantor());
}
ret.setEnableAudit(Boolean.TRUE);
ret.setIsRecursive(Boolean.FALSE);
ret.setReplaceExistingPermissions(toBooleanReplacePerm(vXPolicy.isReplacePerm()));
Integer assetType = toAssetType(serviceType);
if (assetType == RangerCommonEnums.ASSET_HIVE) {
String database = StringUtils.isEmpty(vXPolicy.getDatabases()) ? "*" : vXPolicy.getDatabases();
String table = getTableOrUdf(vXPolicy);
String column = StringUtils.isEmpty(vXPolicy.getColumns()) ? "*" : vXPolicy.getColumns();
Map<String, String> mapResource = new HashMap<String, String>();
mapResource.put("database", database);
mapResource.put("table", table);
mapResource.put("column", column);
ret.setResource(mapResource);
} else if (assetType == RangerCommonEnums.ASSET_HBASE) {
String tableName = vXPolicy.getTables();
tableName = StringUtil.isEmpty(tableName) ? "*" : tableName;
String colFamily = vXPolicy.getColumnFamilies();
colFamily = StringUtil.isEmpty(colFamily) ? "*" : colFamily;
String qualifier = vXPolicy.getColumns();
qualifier = StringUtil.isEmpty(qualifier) ? "*" : qualifier;
Map<String, String> mapResource = new HashMap<String, String>();
mapResource.put("table", tableName);
mapResource.put("column-family", colFamily);
mapResource.put("column", qualifier);
ret.setResource(mapResource);
}
List<VXPermObj> vXPermObjList = vXPolicy.getPermMapList();
if (vXPermObjList != null) {
for (VXPermObj vXPermObj : vXPermObjList) {
boolean delegatedAdmin = false;
if (vXPermObj.getUserList() != null) {
for (String user : vXPermObj.getUserList()) {
if (user.contains(getUserName(user))) {
ret.getUsers().add(user);
}
}
}
if (vXPermObj.getGroupList() != null) {
for (String group : vXPermObj.getGroupList()) {
if (group.contains(getGroupName(group))) {
ret.getGroups().add(group);
}
}
}
if (vXPermObj.getPermList() != null) {
for (String perm : vXPermObj.getPermList()) {
if (AppConstants.getEnumFor_XAPermType(perm) != 0) {
if ("Admin".equalsIgnoreCase(perm)) {
delegatedAdmin = true;
if (assetType != null && assetType.intValue() != RangerCommonEnums.ASSET_HBASE) {
continue;
}
}
ret.getAccessTypes().add(perm);
}
}
}
if (delegatedAdmin) {
ret.setDelegateAdmin(Boolean.TRUE);
} else {
ret.setDelegateAdmin(Boolean.FALSE);
}
}
}
}
return ret;
}
Also used :
HashMap(java.util.HashMap)
RangerService(org.apache.ranger.plugin.model.RangerService)
VXPermObj(org.apache.ranger.view.VXPermObj)
GrantRevokeRequest(org.apache.ranger.plugin.util.GrantRevokeRequest)
VXAuditMap(org.apache.ranger.view.VXAuditMap)
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
RangerServiceNotFoundException(org.apache.ranger.plugin.util.RangerServiceNotFoundException)
InvalidNameException(javax.naming.InvalidNameException)
WebApplicationException(javax.ws.rs.WebApplicationException)
Example 2 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class TestServiceUtil method testToRangerPolicy.
@Test
public void testToRangerPolicy() {
Date date = new Date();
List<String> userList = new ArrayList<String>();
userList.add("rangerAdmin");
List<String> groupList = new ArrayList<String>();
groupList.add("rangerGroup");
List<String> permObjList = new ArrayList<String>();
permObjList.add("Admin");
Map<String, RangerPolicyResource> resourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesList = new ArrayList<String>();
valuesList.add("resource");
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValues(valuesList);
resourceMap.put("path", rangerPolicyResource);
List<RangerPolicyItem> rangerPolicyItemList = new ArrayList<RangerPolicy.RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setUsers(userList);
rangerPolicyItem.setGroups(groupList);
List<RangerPolicyItemCondition> rangerPolicyItemConditionList = new ArrayList<RangerPolicy.RangerPolicyItemCondition>();
RangerPolicyItemCondition rangerPolicyItemCondition = new RangerPolicyItemCondition();
rangerPolicyItemCondition.setType("ipaddress");
List<String> conditionValueList = new ArrayList<String>();
conditionValueList.add("10.129.35.86");
rangerPolicyItemCondition.setValues(conditionValueList);
rangerPolicyItemConditionList.add(rangerPolicyItemCondition);
rangerPolicyItem.setConditions(rangerPolicyItemConditionList);
rangerPolicyItem.setDelegateAdmin(true);
rangerPolicyItemList.add(rangerPolicyItem);
RangerPolicy expectedRangerPolicy = new RangerPolicy();
expectedRangerPolicy.setId(1L);
expectedRangerPolicy.setName("hdfs");
expectedRangerPolicy.setCreatedBy("rangerAdmin");
expectedRangerPolicy.setCreateTime(date);
expectedRangerPolicy.setDescription("hdfs policy description");
expectedRangerPolicy.setIsAuditEnabled(true);
expectedRangerPolicy.setResources(resourceMap);
expectedRangerPolicy.setPolicyItems(rangerPolicyItemList);
VXPolicy vXPolicy = new VXPolicy();
vXPolicy.setId(1L);
vXPolicy.setCreateDate(date);
vXPolicy.setUpdateDate(date);
vXPolicy.setOwner("rangerAdmin");
vXPolicy.setUpdatedBy("rangerAdmin");
vXPolicy.setPolicyName("hdfs");
vXPolicy.setDescription("hdfs policy description");
vXPolicy.setIsEnabled(true);
vXPolicy.setIsAuditEnabled(true);
vXPolicy.setIsRecursive(true);
vXPolicy.setResourceName("resource");
RangerService service = new RangerService();
service.setId(1L);
service.setName("hdfsService");
service.setType("hdfs");
List<VXPermObj> vXPermObjList = new ArrayList<VXPermObj>();
VXPermObj vXPermObj = new VXPermObj();
vXPermObj.setUserList(userList);
vXPermObj.setGroupList(groupList);
vXPermObj.setPermList(permObjList);
vXPermObj.setIpAddress("10.129.35.86");
vXPermObjList.add(vXPermObj);
vXPolicy.setPermMapList(vXPermObjList);
RangerPolicy actualRangerPolicy = serviceUtil.toRangerPolicy(vXPolicy, service);
Assert.assertNotNull(actualRangerPolicy);
Assert.assertEquals(expectedRangerPolicy.getId(), actualRangerPolicy.getId());
Assert.assertEquals(expectedRangerPolicy.getName(), actualRangerPolicy.getName());
Assert.assertEquals(expectedRangerPolicy.getDescription(), actualRangerPolicy.getDescription());
Assert.assertEquals(expectedRangerPolicy.getCreatedBy(), actualRangerPolicy.getCreatedBy());
Assert.assertTrue(actualRangerPolicy.getIsAuditEnabled());
Assert.assertEquals(expectedRangerPolicy.getResources(), actualRangerPolicy.getResources());
Assert.assertEquals(expectedRangerPolicy.getPolicyItems(), actualRangerPolicy.getPolicyItems());
}
Also used :
HashMap(java.util.HashMap)
RangerPolicyResource(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource)
ArrayList(java.util.ArrayList)
VXPolicy(org.apache.ranger.view.VXPolicy)
RangerPolicyItem(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem)
VXPermObj(org.apache.ranger.view.VXPermObj)
Date(java.util.Date)
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
RangerPolicyItemCondition(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition)
RangerService(org.apache.ranger.plugin.model.RangerService)
Test(org.junit.Test)
Example 3 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class XPolicyService method mapPermObjToPermList.
private List<VXPermMap> mapPermObjToPermList(List<VXPermObj> permObjList) {
List<VXPermMap> permMapList = new ArrayList<VXPermMap>();
Random rand = new Random();
for (VXPermObj permObj : permObjList) {
String ipAddress = permObj.getIpAddress();
if (!stringUtil.isEmpty(permObj.getUserList())) {
String permGrp = new Date() + " : " + rand.nextInt(9999);
for (String user : permObj.getUserList()) {
XXUser xxUser = xaDaoMgr.getXXUser().findByUserName(user);
if (xxUser == null) {
logger.error("No User found with this name : " + user);
throw restErrorUtil.createRESTException("No User found with name : " + user, MessageEnums.DATA_NOT_FOUND);
}
for (String permission : permObj.getPermList()) {
VXPermMap vXPermMap = new VXPermMap();
int permType = AppConstants.getEnumFor_XAPermType(permission);
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setUserId(xxUser.getId());
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
}
}
}
if (!stringUtil.isEmpty(permObj.getGroupList())) {
String permGrp = new Date() + " : " + rand.nextInt(9999);
for (String group : permObj.getGroupList()) {
XXGroup xxGroup = xaDaoMgr.getXXGroup().findByGroupName(group);
if (xxGroup == null) {
logger.error("No UserGroup found with this name : " + group);
throw restErrorUtil.createRESTException("No User found with name : " + group, MessageEnums.DATA_NOT_FOUND);
}
for (String permission : permObj.getPermList()) {
VXPermMap vXPermMap = new VXPermMap();
int permType = AppConstants.getEnumFor_XAPermType(permission);
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setGroupId(xxGroup.getId());
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
}
}
}
}
return permMapList;
}Example 4 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class XPolicyService method mapPermObjToPermList.
private List<VXPermMap> mapPermObjToPermList(List<VXPermObj> permObjList, VXPolicy vXPolicy) {
Long resId = vXPolicy.getId();
List<VXPermMap> permMapList = new ArrayList<VXPermMap>();
List<VXPermMap> updPermMapList = new ArrayList<VXPermMap>();
Map<String, VXPermMap> newPermMap = new LinkedHashMap<String, VXPermMap>();
Random rand = new Random();
Map<String, XXPermMap> prevPermMap = getPrevPermMap(resId);
if (permObjList == null) {
permObjList = new ArrayList<VXPermObj>();
}
for (VXPermObj permObj : permObjList) {
String permGrp = new Date() + " : " + rand.nextInt(9999);
String ipAddress = permObj.getIpAddress();
if (!stringUtil.isEmpty(permObj.getUserList())) {
int permFor = AppConstants.XA_PERM_FOR_USER;
for (String user : permObj.getUserList()) {
XXUser xxUser = xaDaoMgr.getXXUser().findByUserName(user);
if (xxUser == null) {
logger.error("No User found with this name : " + user);
throw restErrorUtil.createRESTException("No User found with name : " + user, MessageEnums.DATA_NOT_FOUND);
}
Long userId = xxUser.getId();
for (String permission : permObj.getPermList()) {
int permType = AppConstants.getEnumFor_XAPermType(permission);
VXPermMap vXPermMap = new VXPermMap();
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setUserId(xxUser.getId());
vXPermMap.setResourceId(resId);
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
StringBuilder uniqueKey = new StringBuilder();
uniqueKey.append(resId + uniqueKeySeparator);
uniqueKey.append(permFor + uniqueKeySeparator);
uniqueKey.append(userId + uniqueKeySeparator);
uniqueKey.append(permType);
newPermMap.put(uniqueKey.toString(), vXPermMap);
}
}
}
if (!stringUtil.isEmpty(permObj.getGroupList())) {
int permFor = AppConstants.XA_PERM_FOR_GROUP;
for (String group : permObj.getGroupList()) {
XXGroup xxGroup = xaDaoMgr.getXXGroup().findByGroupName(group);
if (xxGroup == null) {
logger.error("No UserGroup found with this name : " + group);
throw restErrorUtil.createRESTException("No Group found with name : " + group, MessageEnums.DATA_NOT_FOUND);
}
Long grpId = xxGroup.getId();
for (String permission : permObj.getPermList()) {
int permType = AppConstants.getEnumFor_XAPermType(permission);
VXPermMap vXPermMap = new VXPermMap();
vXPermMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
vXPermMap.setPermGroup(permGrp);
vXPermMap.setPermType(permType);
vXPermMap.setGroupId(xxGroup.getId());
vXPermMap.setResourceId(resId);
vXPermMap.setIpAddress(ipAddress);
permMapList.add(vXPermMap);
StringBuilder uniqueKey = new StringBuilder();
uniqueKey.append(resId + uniqueKeySeparator);
uniqueKey.append(permFor + uniqueKeySeparator);
uniqueKey.append(grpId + uniqueKeySeparator);
uniqueKey.append(permType);
newPermMap.put(uniqueKey.toString(), vXPermMap);
}
}
}
}
// Create Newly added permissions and Remove deleted permissions from DB
if (prevPermMap.isEmpty()) {
updPermMapList.addAll(permMapList);
} else {
for (Entry<String, VXPermMap> entry : newPermMap.entrySet()) {
if (!prevPermMap.containsKey(entry.getKey())) {
updPermMapList.add(entry.getValue());
} else {
VXPermMap vPMap = xPermMapService.populateViewBean(prevPermMap.get(entry.getKey()));
VXPermMap vPMapNew = entry.getValue();
vPMap.setIpAddress(vPMapNew.getIpAddress());
updPermMapList.add(vPMap);
}
}
}
return updPermMapList;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
VXPermMap(org.apache.ranger.view.VXPermMap)
ArrayList(java.util.ArrayList)
VXPermObj(org.apache.ranger.view.VXPermObj)
Date(java.util.Date)
LinkedHashMap(java.util.LinkedHashMap)
XXGroup(org.apache.ranger.entity.XXGroup)
Random(java.util.Random)
XXPermMap(org.apache.ranger.entity.XXPermMap)
Example 5 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class XPolicyService method mapPermMapToPermObj.
public List<VXPermObj> mapPermMapToPermObj(List<VXPermMap> permMapList) {
List<VXPermObj> permObjList = new ArrayList<VXPermObj>();
HashMap<String, List<VXPermMap>> sortedPemMap = new HashMap<String, List<VXPermMap>>();
if (permMapList != null) {
for (VXPermMap vXPermMap : permMapList) {
String permGrp = vXPermMap.getPermGroup();
List<VXPermMap> sortedList = sortedPemMap.get(permGrp);
if (sortedList == null) {
sortedList = new ArrayList<VXPermMap>();
sortedPemMap.put(permGrp, sortedList);
}
sortedList.add(vXPermMap);
}
}
for (Entry<String, List<VXPermMap>> entry : sortedPemMap.entrySet()) {
VXPermObj vXPermObj = new VXPermObj();
List<String> userList = new ArrayList<String>();
List<String> groupList = new ArrayList<String>();
List<String> permList = new ArrayList<String>();
String ipAddress = "";
List<VXPermMap> permListForGrp = entry.getValue();
for (VXPermMap permMap : permListForGrp) {
if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
if (!userList.contains(permMap.getUserName())) {
userList.add(permMap.getUserName());
}
} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
if (!groupList.contains(permMap.getGroupName())) {
groupList.add(permMap.getGroupName());
}
}
String perm = AppConstants.getLabelFor_XAPermType(permMap.getPermType());
if (!permList.contains(perm)) {
permList.add(perm);
}
ipAddress = permMap.getIpAddress();
}
if (!userList.isEmpty()) {
vXPermObj.setUserList(userList);
}
if (!groupList.isEmpty()) {
vXPermObj.setGroupList(groupList);
}
vXPermObj.setPermList(permList);
vXPermObj.setIpAddress(ipAddress);
permObjList.add(vXPermObj);
}
return permObjList;
}
Also used :
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
ArrayList(java.util.ArrayList)
VXResourceList(org.apache.ranger.view.VXResourceList)
ArrayList(java.util.ArrayList)
VXPolicyList(org.apache.ranger.view.VXPolicyList)
VXPermMapList(org.apache.ranger.view.VXPermMapList)
List(java.util.List)
VXAuditMapList(org.apache.ranger.view.VXAuditMapList)
VXPermObj(org.apache.ranger.view.VXPermObj)
Aggregations
VXPermObj (org.apache.ranger.view.VXPermObj)10
ArrayList (java.util.ArrayList)7
HashMap (java.util.HashMap)6
VXPermMap (org.apache.ranger.view.VXPermMap)6
VXPolicy (org.apache.ranger.view.VXPolicy)4
Date (java.util.Date)3
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)3
RangerService (org.apache.ranger.plugin.model.RangerService)3
LinkedHashMap (java.util.LinkedHashMap)2
List (java.util.List)2
Map (java.util.Map)2
Random (java.util.Random)2
XXGroup (org.apache.ranger.entity.XXGroup)2
XXUser (org.apache.ranger.entity.XXUser)2
GrantRevokeRequest (org.apache.ranger.plugin.util.GrantRevokeRequest)2
VXAuditMap (org.apache.ranger.view.VXAuditMap)2
VXPolicyList (org.apache.ranger.view.VXPolicyList)2
Test (org.junit.Test)2
InvalidNameException (javax.naming.InvalidNameException)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
