Example 6 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class XPolicyService method mapXAToPublicObject.
public VXPolicy mapXAToPublicObject(VXResource vXResource) {
VXPolicy vXPolicy = new VXPolicy();
vXPolicy = super.mapBaseAttributesToPublicObject(vXResource, vXPolicy);
vXPolicy.setPolicyName(StringUtils.trim(vXResource.getPolicyName()));
vXPolicy.setResourceName(vXResource.getName());
vXPolicy.setDescription(vXResource.getDescription());
vXPolicy.setRepositoryName(vXResource.getAssetName());
vXPolicy.setRepositoryType(AppConstants.getLabelFor_AssetType(vXResource.getAssetType()));
List<VXPermObj> permObjList = mapPermMapToPermObj(vXResource.getPermMapList());
if (!stringUtil.isEmpty(permObjList)) {
vXPolicy.setPermMapList(permObjList);
}
vXPolicy.setTables(vXResource.getTables());
vXPolicy.setColumnFamilies(vXResource.getColumnFamilies());
vXPolicy.setColumns(vXResource.getColumns());
vXPolicy.setDatabases(vXResource.getDatabases());
vXPolicy.setUdfs(vXResource.getUdfs());
vXPolicy.setTopologies(vXResource.getTopologies());
vXPolicy.setServices(vXResource.getServices());
boolean enable = true;
if (vXResource.getResourceStatus() == AppConstants.STATUS_DISABLED || vXResource.getResourceStatus() == AppConstants.STATUS_DELETED) {
enable = false;
}
vXPolicy.setIsEnabled(enable);
boolean auditEnable = true;
if (stringUtil.isEmpty(vXResource.getAuditList())) {
auditEnable = false;
}
vXPolicy.setIsAuditEnabled(auditEnable);
vXPolicy.setVersion(version);
/*
* TODO : These parameters are specific for some components. Need to
* take care while adding new component
*/
if (vXResource.getAssetType() == AppConstants.ASSET_HIVE) {
vXPolicy.setTableType(AppConstants.getLabelFor_PolicyType(vXResource.getTableType()));
vXPolicy.setColumnType(AppConstants.getLabelFor_PolicyType(vXResource.getColumnType()));
}
if (vXResource.getAssetType() == AppConstants.ASSET_HDFS) {
vXPolicy.setIsRecursive(AppConstants.getBooleanFor_BooleanValue(vXResource.getIsRecursive()));
} else {
vXPolicy.setIsRecursive(null);
}
return vXPolicy;
}Example 7 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class TestServiceUtil method testToGrantRevokeRequestForPermMapList.
@Test
public void testToGrantRevokeRequestForPermMapList() throws Exception {
GrantRevokeRequest expectedGrantRevokeRequest = new GrantRevokeRequest();
expectedGrantRevokeRequest.setGrantor("rangerAdmin");
expectedGrantRevokeRequest.setEnableAudit(true);
expectedGrantRevokeRequest.setIsRecursive(false);
expectedGrantRevokeRequest.setReplaceExistingPermissions(true);
List<String> userList = new ArrayList<String>();
userList.add("rangerAdmin");
List<String> groupList = new ArrayList<String>();
groupList.add("rangerGroup");
List<String> permObjList = new ArrayList<String>();
permObjList.add("Admin");
Map<String, String> mapResource = new HashMap<String, String>();
mapResource.put("database", "myDatabase");
mapResource.put("table", "myTable");
mapResource.put("column", "myColumn");
expectedGrantRevokeRequest.setResource(mapResource);
List<VXPermObj> vXPermObjList = new ArrayList<VXPermObj>();
VXPermObj vXPermObj = new VXPermObj();
vXPermObj.setUserList(userList);
vXPermObj.setGroupList(groupList);
vXPermObj.setPermList(permObjList);
vXPermObjList.add(vXPermObj);
String serviceName = "hive";
RangerService rangerService = new RangerService();
rangerService.setId(1L);
rangerService.setName("hiveService");
rangerService.setIsEnabled(true);
rangerService.setType("hive");
VXPolicy vXPolicy = new VXPolicy();
vXPolicy.setRepositoryName("hive");
vXPolicy.setGrantor("rangerAdmin");
vXPolicy.setReplacePerm(true);
vXPolicy.setColumns("myColumn");
vXPolicy.setDatabases("myDatabase");
vXPolicy.setTables("myTable");
vXPolicy.setPermMapList(vXPermObjList);
Mockito.when(svcStore.getServiceByName(serviceName)).thenReturn(rangerService);
GrantRevokeRequest actualGrantRevokeRequest = serviceUtil.toGrantRevokeRequest(vXPolicy);
Assert.assertNotNull(actualGrantRevokeRequest);
Assert.assertTrue(actualGrantRevokeRequest.getEnableAudit());
Assert.assertTrue(actualGrantRevokeRequest.getDelegateAdmin());
Assert.assertFalse(actualGrantRevokeRequest.getIsRecursive());
Assert.assertTrue(actualGrantRevokeRequest.getReplaceExistingPermissions());
Assert.assertTrue(actualGrantRevokeRequest.getUsers().contains("rangerAdmin"));
Assert.assertTrue(actualGrantRevokeRequest.getGroups().contains("rangerGroup"));
Assert.assertEquals(expectedGrantRevokeRequest.getGrantor(), actualGrantRevokeRequest.getGrantor());
Assert.assertEquals(expectedGrantRevokeRequest.getResource(), actualGrantRevokeRequest.getResource());
}
Also used :
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
VXPolicy(org.apache.ranger.view.VXPolicy)
RangerService(org.apache.ranger.plugin.model.RangerService)
VXPermObj(org.apache.ranger.view.VXPermObj)
GrantRevokeRequest(org.apache.ranger.plugin.util.GrantRevokeRequest)
Test(org.junit.Test)
Example 8 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class ServiceUtil method mapPermMapToPermObj.
public List<VXPermObj> mapPermMapToPermObj(List<VXPermMap> permMapList) {
List<VXPermObj> permObjList = new ArrayList<VXPermObj>();
HashMap<String, List<VXPermMap>> sortedPemMap = new HashMap<String, List<VXPermMap>>();
if (permMapList != null) {
for (VXPermMap vXPermMap : permMapList) {
String permGrp = vXPermMap.getPermGroup();
List<VXPermMap> sortedList = sortedPemMap.get(permGrp);
if (sortedList == null) {
sortedList = new ArrayList<VXPermMap>();
sortedPemMap.put(permGrp, sortedList);
}
sortedList.add(vXPermMap);
}
}
for (Entry<String, List<VXPermMap>> entry : sortedPemMap.entrySet()) {
VXPermObj vXPermObj = new VXPermObj();
List<String> userList = new ArrayList<String>();
List<String> groupList = new ArrayList<String>();
List<String> permList = new ArrayList<String>();
String ipAddress = "";
List<VXPermMap> permListForGrp = entry.getValue();
for (VXPermMap permMap : permListForGrp) {
if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
if (!userList.contains(permMap.getUserName())) {
userList.add(permMap.getUserName());
}
} else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
if (!groupList.contains(permMap.getGroupName())) {
groupList.add(permMap.getGroupName());
}
}
String perm = AppConstants.getLabelFor_XAPermType(permMap.getPermType());
if (!permList.contains(perm)) {
permList.add(perm);
}
ipAddress = permMap.getIpAddress();
}
vXPermObj.setUserList(userList);
vXPermObj.setGroupList(groupList);
vXPermObj.setPermList(permList);
vXPermObj.setIpAddress(ipAddress);
permObjList.add(vXPermObj);
}
return permObjList;
}
Also used :
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
VXPolicyList(org.apache.ranger.view.VXPolicyList)
List(java.util.List)
VXRepositoryList(org.apache.ranger.view.VXRepositoryList)
VXPermObj(org.apache.ranger.view.VXPermObj)
Example 9 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class ServiceUtil method toRangerPolicy.
public RangerPolicy toRangerPolicy(VXPolicy vXPolicy, RangerService service) {
if (vXPolicy == null || service == null || toAssetType(service.getType()) == null) {
return null;
}
RangerPolicy ret = new RangerPolicy();
ret = (RangerPolicy) dataObjectToRangerObject(vXPolicy, ret);
ret.setService(service.getName());
ret.setName(StringUtils.trim(vXPolicy.getPolicyName()));
ret.setDescription(vXPolicy.getDescription());
ret.setIsEnabled(vXPolicy.getIsEnabled() == true);
ret.setIsAuditEnabled(vXPolicy.getIsAuditEnabled());
Integer assetType = toAssetType(service.getType());
Boolean isRecursive = Boolean.FALSE;
if (assetType == RangerCommonEnums.ASSET_HDFS && vXPolicy.getIsRecursive() != null) {
isRecursive = vXPolicy.getIsRecursive();
}
Boolean isTableExcludes = Boolean.FALSE;
if (vXPolicy.getTableType() != null) {
isTableExcludes = vXPolicy.getTableType().equals(RangerCommonEnums.getLabelFor_PolicyType(RangerCommonEnums.POLICY_EXCLUSION));
}
Boolean isColumnExcludes = Boolean.FALSE;
if (vXPolicy.getColumnType() != null) {
isColumnExcludes = vXPolicy.getColumnType().equals(RangerCommonEnums.getLabelFor_PolicyType(RangerCommonEnums.POLICY_EXCLUSION));
}
if (assetType == RangerCommonEnums.ASSET_HDFS && vXPolicy.getResourceName() != null) {
toRangerResourceList(vXPolicy.getResourceName(), "path", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getTables() != null) {
toRangerResourceList(vXPolicy.getTables(), "table", isTableExcludes, isRecursive, ret.getResources());
}
if (vXPolicy.getColumnFamilies() != null) {
toRangerResourceList(vXPolicy.getColumnFamilies(), "column-family", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getColumns() != null) {
toRangerResourceList(vXPolicy.getColumns(), "column", isColumnExcludes, isRecursive, ret.getResources());
}
if (vXPolicy.getDatabases() != null) {
toRangerResourceList(vXPolicy.getDatabases(), "database", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getUdfs() != null) {
toRangerResourceList(vXPolicy.getUdfs(), "udf", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getTopologies() != null) {
toRangerResourceList(vXPolicy.getTopologies(), "topology", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getServices() != null) {
toRangerResourceList(vXPolicy.getServices(), "service", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getHiveServices() != null) {
toRangerResourceList(vXPolicy.getHiveServices(), "hiveservice", Boolean.FALSE, isRecursive, ret.getResources());
}
if (vXPolicy.getPermMapList() != null) {
List<VXPermObj> vXPermObjList = vXPolicy.getPermMapList();
for (VXPermObj vXPermObj : vXPermObjList) {
List<String> userList = new ArrayList<String>();
List<String> groupList = new ArrayList<String>();
List<RangerPolicyItemAccess> accessList = new ArrayList<RangerPolicyItemAccess>();
String ipAddress = null;
boolean delegatedAdmin = false;
if (vXPermObj.getUserList() != null) {
for (String user : vXPermObj.getUserList()) {
if (user.contains(getUserName(user))) {
userList.add(user);
}
}
}
if (vXPermObj.getGroupList() != null) {
for (String group : vXPermObj.getGroupList()) {
if (group.contains(getGroupName(group))) {
groupList.add(group);
}
}
}
if (vXPermObj.getPermList() != null) {
for (String perm : vXPermObj.getPermList()) {
if (AppConstants.getEnumFor_XAPermType(perm) != 0) {
if ("Admin".equalsIgnoreCase(perm)) {
delegatedAdmin = true;
if (assetType != RangerCommonEnums.ASSET_HBASE) {
continue;
}
}
accessList.add(new RangerPolicyItemAccess(perm));
}
}
}
if (vXPermObj.getIpAddress() != null) {
ipAddress = vXPermObj.getIpAddress();
}
RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
policyItem.setUsers(userList);
policyItem.setGroups(groupList);
policyItem.setAccesses(accessList);
if (delegatedAdmin) {
policyItem.setDelegateAdmin(Boolean.TRUE);
} else {
policyItem.setDelegateAdmin(Boolean.FALSE);
}
if (ipAddress != null && !ipAddress.isEmpty()) {
RangerPolicy.RangerPolicyItemCondition ipCondition = new RangerPolicy.RangerPolicyItemCondition("ipaddress", Collections.singletonList(ipAddress));
policyItem.getConditions().add(ipCondition);
}
ret.getPolicyItems().add(policyItem);
}
}
return ret;
}
Also used :
ArrayList(java.util.ArrayList)
VXPermObj(org.apache.ranger.view.VXPermObj)
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
RangerPolicyItemAccess(org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess)
Example 10 with VXPermObj
use of org.apache.ranger.view.VXPermObj in project ranger by apache.
the class ServiceUtil method toVXPolicy.
public VXPolicy toVXPolicy(RangerPolicy policy, RangerService service) {
if (policy == null || service == null || toAssetType(service.getType()) == null) {
return null;
}
VXPolicy ret = new VXPolicy();
rangerObjectToDataObject(policy, ret);
ret.setPolicyName(StringUtils.trim(policy.getName()));
ret.setDescription(policy.getDescription());
ret.setRepositoryName(policy.getService());
ret.setIsEnabled(policy.getIsEnabled() ? true : false);
ret.setRepositoryType(service.getType());
ret.setIsAuditEnabled(policy.getIsAuditEnabled());
if (policy.getVersion() != null) {
ret.setVersion(policy.getVersion().toString());
} else {
ret.setVersion(version);
}
for (Map.Entry<String, RangerPolicy.RangerPolicyResource> e : policy.getResources().entrySet()) {
RangerPolicy.RangerPolicyResource res = e.getValue();
String resType = e.getKey();
String resString = getResourceString(res.getValues());
if ("path".equalsIgnoreCase(resType)) {
ret.setResourceName(resString);
ret.setIsRecursive(Boolean.TRUE.equals(res.getIsRecursive()) ? true : false);
} else if ("table".equalsIgnoreCase(resType)) {
ret.setTables(resString);
ret.setTableType(Boolean.TRUE.equals(res.getIsExcludes()) ? toVxPolicyIncExc(RangerCommonEnums.POLICY_EXCLUSION) : toVxPolicyIncExc(RangerCommonEnums.POLICY_INCLUSION));
} else if ("column-family".equalsIgnoreCase(resType)) {
ret.setColumnFamilies(resString);
} else if ("column".equalsIgnoreCase(resType)) {
ret.setColumns(resString);
ret.setColumnType(Boolean.TRUE.equals(res.getIsExcludes()) ? toVxPolicyIncExc(RangerCommonEnums.POLICY_EXCLUSION) : toVxPolicyIncExc(RangerCommonEnums.POLICY_INCLUSION));
} else if ("database".equalsIgnoreCase(resType)) {
ret.setDatabases(resString);
} else if ("udf".equalsIgnoreCase(resType)) {
ret.setUdfs(resString);
} else if ("topology".equalsIgnoreCase(resType)) {
ret.setTopologies(resString);
} else if ("service".equalsIgnoreCase(resType)) {
ret.setServices(resString);
} else if (resType.equalsIgnoreCase("hiveservice")) {
ret.setHiveServices(resString);
}
}
updateResourceName(ret);
List<VXPermMap> vXPermMapList = getVXPermMapList(policy);
List<VXPermObj> vXPermObjList = mapPermMapToPermObj(vXPermMapList);
ret.setPermMapList(vXPermObjList);
return ret;
}
Also used :
RangerPolicy(org.apache.ranger.plugin.model.RangerPolicy)
VXPermMap(org.apache.ranger.view.VXPermMap)
VXPolicy(org.apache.ranger.view.VXPolicy)
VXPermObj(org.apache.ranger.view.VXPermObj)
VXAuditMap(org.apache.ranger.view.VXAuditMap)
VXPermMap(org.apache.ranger.view.VXPermMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
VXPermObj (org.apache.ranger.view.VXPermObj)10
ArrayList (java.util.ArrayList)7
HashMap (java.util.HashMap)6
VXPermMap (org.apache.ranger.view.VXPermMap)6
VXPolicy (org.apache.ranger.view.VXPolicy)4
Date (java.util.Date)3
RangerPolicy (org.apache.ranger.plugin.model.RangerPolicy)3
RangerService (org.apache.ranger.plugin.model.RangerService)3
LinkedHashMap (java.util.LinkedHashMap)2
List (java.util.List)2
Map (java.util.Map)2
Random (java.util.Random)2
XXGroup (org.apache.ranger.entity.XXGroup)2
XXUser (org.apache.ranger.entity.XXUser)2
GrantRevokeRequest (org.apache.ranger.plugin.util.GrantRevokeRequest)2
VXAuditMap (org.apache.ranger.view.VXAuditMap)2
VXPolicyList (org.apache.ranger.view.VXPolicyList)2
Test (org.junit.Test)2
InvalidNameException (javax.naming.InvalidNameException)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
