Example 21 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class RESTErrorUtil method createRESTException.
public WebApplicationException createRESTException(VXResponse gjResponse) {
Response errorResponse = Response.status(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST).entity(gjResponse).build();
WebApplicationException restException = new WebApplicationException(errorResponse);
restException.fillInStackTrace();
UserSessionBase userSession = ContextUtil.getCurrentUserSession();
String loginId = null;
if (userSession != null) {
loginId = userSession.getLoginId();
}
logger.info("Request failed. loginId=" + loginId + ", logMessage=" + gjResponse.getMsgDesc(), restException);
return restException;
}
Also used :
Response(javax.ws.rs.core.Response)
RESTResponse(org.apache.ranger.admin.client.datatype.RESTResponse)
VXResponse(org.apache.ranger.view.VXResponse)
WebApplicationException(javax.ws.rs.WebApplicationException)
Example 22 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class RESTErrorUtil method createRESTException.
public WebApplicationException createRESTException(String errorMessage, MessageEnums messageEnum, Long objectId, String fieldName, String logMessage) {
List<VXMessage> messageList = new ArrayList<VXMessage>();
messageList.add(messageEnum.getMessage(objectId, fieldName));
VXResponse gjResponse = new VXResponse();
gjResponse.setStatusCode(VXResponse.STATUS_ERROR);
gjResponse.setMsgDesc(errorMessage);
gjResponse.setMessageList(messageList);
WebApplicationException webAppEx = createRESTException(gjResponse);
logger.info("Validation error:logMessage=" + logMessage + ", response=" + gjResponse, webAppEx);
return webAppEx;
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
WebApplicationException(javax.ws.rs.WebApplicationException)
ArrayList(java.util.ArrayList)
VXMessage(org.apache.ranger.view.VXMessage)
Example 23 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class XResourceService method readResource.
@Override
public VXResource readResource(Long id) {
VXResource vXResource = super.readResource(id);
VXResponse vXResponse = xaBizUtil.hasPermission(vXResource, AppConstants.XA_PERM_TYPE_ADMIN);
if (vXResponse.getStatusCode() == VXResponse.STATUS_ERROR) {
throw restErrorUtil.createRESTException("You don't have permission to perform this action", MessageEnums.OPER_NO_PERMISSION, id, "Resource", "Trying to read unauthorized resource.");
}
populateAssetProperties(vXResource);
populatePermList(vXResource);
populateAuditList(vXResource);
return vXResource;
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
VXResource(org.apache.ranger.view.VXResource)
Example 24 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class ServiceMgr method validateConfig.
public VXResponse validateConfig(RangerService service, ServiceStore svcStore) throws Exception {
VXResponse ret = new VXResponse();
rangerBizUtil.blockAuditorRoleUser();
String authType = PropertiesUtil.getProperty(AUTHENTICATION_TYPE);
String lookupPrincipal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(LOOKUP_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
String lookupKeytab = PropertiesUtil.getProperty(LOOKUP_KEYTAB);
String nameRules = PropertiesUtil.getProperty(NAME_RULES);
String rangerPrincipal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
String rangerkeytab = PropertiesUtil.getProperty(ADMIN_USER_KEYTAB);
if (!StringUtils.isEmpty(authType) && KERBEROS_TYPE.equalsIgnoreCase(authType.trim()) && SecureClientLogin.isKerberosCredentialExists(lookupPrincipal, lookupKeytab)) {
if (service != null && service.getConfigs() != null) {
service.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_PRINCIPAL, lookupPrincipal);
service.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_KEYTAB, lookupKeytab);
service.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, nameRules);
service.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, authType);
}
}
if (!StringUtils.isEmpty(authType) && KERBEROS_TYPE.equalsIgnoreCase(authType.trim()) && SecureClientLogin.isKerberosCredentialExists(rangerPrincipal, rangerkeytab)) {
if (service != null && service.getConfigs() != null) {
service.getConfigs().put(HadoopConfigHolder.RANGER_PRINCIPAL, rangerPrincipal);
service.getConfigs().put(HadoopConfigHolder.RANGER_KEYTAB, rangerkeytab);
service.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, nameRules);
service.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, authType);
}
}
RangerBaseService svc = null;
if (service != null) {
Map<String, String> newConfigs = rangerSvcService.getConfigsWithDecryptedPassword(service);
service.setConfigs(newConfigs);
svc = getRangerServiceByService(service, svcStore);
}
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceMgr.validateConfig for Service: (" + svc + ")");
}
if (svc != null) {
try {
// Timeout value use during validate config is 10 times that used during lookup
long time = getTimeoutValueForValidateConfigInMilliSeconds(svc);
ValidateCallable callable = new ValidateCallable(svc);
Map<String, Object> responseData = timedExecutor.timedTask(callable, time, TimeUnit.MILLISECONDS);
ret = generateResponseForTestConn(responseData, "");
} catch (Exception e) {
String msg = "Unable to connect repository with given config for " + svc.getServiceName();
HashMap<String, Object> respData = new HashMap<String, Object>();
if (e instanceof HadoopException) {
respData = ((HadoopException) e).getResponseData();
}
ret = generateResponseForTestConn(respData, msg);
LOG.error("==> ServiceMgr.validateConfig Error:" + e);
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceMgr.validateConfig for Response: (" + ret + ")");
}
return ret;
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
RangerBaseService(org.apache.ranger.plugin.service.RangerBaseService)
HashMap(java.util.HashMap)
HadoopException(org.apache.ranger.plugin.client.HadoopException)
HadoopException(org.apache.ranger.plugin.client.HadoopException)
Example 25 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class UserMgr method checkAccessForUpdate.
public void checkAccessForUpdate(XXPortalUser gjUser) {
if (gjUser == null) {
throw restErrorUtil.create403RESTException("serverMsg.userMgrWrongUser");
}
UserSessionBase sess = ContextUtil.getCurrentUserSession();
if (sess != null) {
// Admin
if (sess.isUserAdmin()) {
return;
}
// Self
if (sess.getXXPortalUser().getId().equals(gjUser.getId())) {
return;
}
}
VXResponse vXResponse = new VXResponse();
vXResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
vXResponse.setMsgDesc("User " + " access denied. loggedInUser=" + (sess != null ? sess.getXXPortalUser().getId() : "Not Logged In") + ", accessing user=" + gjUser.getId());
throw restErrorUtil.generateRESTException(vXResponse);
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
Aggregations
VXResponse (org.apache.ranger.view.VXResponse)40
Test (org.junit.Test)13
ArrayList (java.util.ArrayList)12
WebApplicationException (javax.ws.rs.WebApplicationException)10
XXPortalUser (org.apache.ranger.entity.XXPortalUser)7
VXMessage (org.apache.ranger.view.VXMessage)7
VXString (org.apache.ranger.view.VXString)7
IOException (java.io.IOException)6
VXResource (org.apache.ranger.view.VXResource)6
Path (javax.ws.rs.Path)5
Produces (javax.ws.rs.Produces)5
RESTResponse (org.apache.ranger.admin.client.datatype.RESTResponse)5
UserSessionBase (org.apache.ranger.common.UserSessionBase)5
XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)5
XXResource (org.apache.ranger.entity.XXResource)5
POST (javax.ws.rs.POST)4
Response (javax.ws.rs.core.Response)3
RangerPerfTracer (org.apache.ranger.plugin.util.RangerPerfTracer)3
VXPasswordChange (org.apache.ranger.view.VXPasswordChange)3
VXPortalUser (org.apache.ranger.view.VXPortalUser)3
