Example 41 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class ServiceMgr method validateConfig.
public VXResponse validateConfig(RangerService service, ServiceStore svcStore) throws Exception {
VXResponse ret = new VXResponse();
String authType = PropertiesUtil.getProperty(AUTHENTICATION_TYPE);
String lookupPrincipal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(LOOKUP_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
String lookupKeytab = PropertiesUtil.getProperty(LOOKUP_KEYTAB);
String nameRules = PropertiesUtil.getProperty(NAME_RULES);
String rangerPrincipal = SecureClientLogin.getPrincipal(PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL), PropertiesUtil.getProperty(HOST_NAME));
String rangerkeytab = PropertiesUtil.getProperty(ADMIN_USER_KEYTAB);
if (!StringUtils.isEmpty(authType) && KERBEROS_TYPE.equalsIgnoreCase(authType.trim()) && SecureClientLogin.isKerberosCredentialExists(lookupPrincipal, lookupKeytab)) {
if (service != null && service.getConfigs() != null) {
service.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_PRINCIPAL, lookupPrincipal);
service.getConfigs().put(HadoopConfigHolder.RANGER_LOOKUP_KEYTAB, lookupKeytab);
service.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, nameRules);
service.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, authType);
}
}
if (!StringUtils.isEmpty(authType) && KERBEROS_TYPE.equalsIgnoreCase(authType.trim()) && SecureClientLogin.isKerberosCredentialExists(rangerPrincipal, rangerkeytab)) {
if (service != null && service.getConfigs() != null) {
service.getConfigs().put(HadoopConfigHolder.RANGER_PRINCIPAL, rangerPrincipal);
service.getConfigs().put(HadoopConfigHolder.RANGER_KEYTAB, rangerkeytab);
service.getConfigs().put(HadoopConfigHolder.RANGER_NAME_RULES, nameRules);
service.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, authType);
}
}
RangerBaseService svc = null;
if (service != null) {
Map<String, String> newConfigs = rangerSvcService.getConfigsWithDecryptedPassword(service);
service.setConfigs(newConfigs);
svc = getRangerServiceByService(service, svcStore);
}
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceMgr.validateConfig for Service: (" + svc + ")");
}
if (svc != null) {
try {
// Timeout value use during validate config is 10 times that used during lookup
long time = getTimeoutValueForValidateConfigInMilliSeconds(svc);
ValidateCallable callable = new ValidateCallable(svc);
Map<String, Object> responseData = timedExecutor.timedTask(callable, time, TimeUnit.MILLISECONDS);
ret = generateResponseForTestConn(responseData, "");
} catch (Exception e) {
String msg = "Unable to connect repository with given config for " + svc.getServiceName();
HashMap<String, Object> respData = new HashMap<String, Object>();
if (e instanceof HadoopException) {
respData = ((HadoopException) e).getResponseData();
}
ret = generateResponseForTestConn(respData, msg);
LOG.error("==> ServiceMgr.validateConfig Error:" + e);
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceMgr.validateConfig for Response: (" + ret + ")");
}
return ret;
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
RangerBaseService(org.apache.ranger.plugin.service.RangerBaseService)
HashMap(java.util.HashMap)
HadoopException(org.apache.ranger.plugin.client.HadoopException)
HadoopException(org.apache.ranger.plugin.client.HadoopException)
Example 42 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class UserMgr method checkAccessForUpdate.
public void checkAccessForUpdate(XXPortalUser gjUser) {
if (gjUser == null) {
throw restErrorUtil.create403RESTException("serverMsg.userMgrWrongUser");
}
UserSessionBase sess = ContextUtil.getCurrentUserSession();
if (sess != null) {
// Admin
if (sess.isUserAdmin()) {
return;
}
// Self
if (sess.getXXPortalUser().getId().equals(gjUser.getId())) {
return;
}
}
VXResponse vXResponse = new VXResponse();
vXResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
vXResponse.setMsgDesc("User " + " access denied. loggedInUser=" + (sess != null ? sess.getXXPortalUser().getId() : "Not Logged In") + ", accessing user=" + gjUser.getId());
throw restErrorUtil.generateRESTException(vXResponse);
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
Example 43 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class RangerBizUtil method blockAuditorRoleUser.
public void blockAuditorRoleUser() {
UserSessionBase session = ContextUtil.getCurrentUserSession();
if (session != null) {
if (session.isAuditKeyAdmin() || session.isAuditUserAdmin()) {
VXResponse vXResponse = new VXResponse();
vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
vXResponse.setMsgDesc("Operation" + " denied. LoggedInUser=" + session.getXXPortalUser().getId() + " ,isn't permitted to perform the action.");
throw restErrorUtil.generateRESTException(vXResponse);
}
} else {
VXResponse vXResponse = new VXResponse();
vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
vXResponse.setMsgDesc("Bad Credentials");
throw restErrorUtil.generateRESTException(vXResponse);
}
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
Example 44 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class RangerBizUtil method checkAdminAccess.
public boolean checkAdminAccess() {
UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
if (currentUserSession != null) {
return currentUserSession.isUserAdmin();
} else {
VXResponse vXResponse = new VXResponse();
vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
vXResponse.setMsgDesc("Bad Credentials");
throw restErrorUtil.generateRESTException(vXResponse);
}
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
Example 45 with VXResponse
use of org.apache.ranger.view.VXResponse in project ranger by apache.
the class RESTErrorUtil method createRESTException.
public WebApplicationException createRESTException(String errorMessage, MessageEnums messageEnum) {
List<VXMessage> messageList = new ArrayList<VXMessage>();
messageList.add(messageEnum.getMessage());
VXResponse gjResponse = new VXResponse();
gjResponse.setStatusCode(VXResponse.STATUS_ERROR);
gjResponse.setMsgDesc(errorMessage);
gjResponse.setMessageList(messageList);
WebApplicationException webAppEx = createRESTException(gjResponse);
logger.info("Operation error. response=" + gjResponse, webAppEx);
return webAppEx;
}
Also used :
VXResponse(org.apache.ranger.view.VXResponse)
WebApplicationException(javax.ws.rs.WebApplicationException)
ArrayList(java.util.ArrayList)
VXMessage(org.apache.ranger.view.VXMessage)
Aggregations
VXResponse (org.apache.ranger.view.VXResponse)57
Test (org.junit.Test)25
ArrayList (java.util.ArrayList)20
WebApplicationException (javax.ws.rs.WebApplicationException)17
XXPortalUser (org.apache.ranger.entity.XXPortalUser)13
VXString (org.apache.ranger.view.VXString)11
XXPortalUserDao (org.apache.ranger.db.XXPortalUserDao)10
UserSessionBase (org.apache.ranger.common.UserSessionBase)9
XXResource (org.apache.ranger.entity.XXResource)9
VXPortalUser (org.apache.ranger.view.VXPortalUser)8
VXResource (org.apache.ranger.view.VXResource)8
VXMessage (org.apache.ranger.view.VXMessage)7
IOException (java.io.IOException)6
VXPasswordChange (org.apache.ranger.view.VXPasswordChange)6
Path (javax.ws.rs.Path)5
Produces (javax.ws.rs.Produces)5
RESTResponse (org.apache.ranger.admin.client.datatype.RESTResponse)5
VXAuditMap (org.apache.ranger.view.VXAuditMap)5
VXAuditMapList (org.apache.ranger.view.VXAuditMapList)5
VXPermMap (org.apache.ranger.view.VXPermMap)5
