Example 1 with VXUser
use of org.apache.ranger.view.VXUser in project ranger by apache.
the class ServiceDBStore method updateService.
@Override
public RangerService updateService(RangerService service, Map<String, Object> options) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.updateService()");
}
XXService existing = daoMgr.getXXService().getById(service.getId());
if (existing == null) {
throw restErrorUtil.createRESTException("no service exists with ID=" + service.getId(), MessageEnums.DATA_NOT_FOUND);
}
String existingName = existing.getName();
boolean renamed = !StringUtils.equalsIgnoreCase(service.getName(), existingName);
if (renamed) {
XXService newNameService = daoMgr.getXXService().findByName(service.getName());
if (newNameService != null) {
throw restErrorUtil.createRESTException("another service already exists with name '" + service.getName() + "'. ID=" + newNameService.getId(), MessageEnums.DATA_NOT_UPDATABLE);
}
long countOfTaggedResources = daoMgr.getXXServiceResource().countTaggedResourcesInServiceId(existing.getId());
Boolean isForceRename = options != null && options.get(ServiceStore.OPTION_FORCE_RENAME) != null ? (Boolean) options.get(ServiceStore.OPTION_FORCE_RENAME) : Boolean.FALSE;
if (countOfTaggedResources != 0L) {
if (isForceRename) {
LOG.warn("Forcing the renaming of service from " + existingName + " to " + service.getName() + " although it is associated with " + countOfTaggedResources + " service-resources!");
} else {
throw restErrorUtil.createRESTException("Service " + existingName + " cannot be renamed, as it has associated service-resources", MessageEnums.DATA_NOT_UPDATABLE);
}
}
}
Map<String, String> configs = service.getConfigs();
Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
if (validConfigs == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ConfigParams cannot be null, ServiceDBStore.createService(" + service + ")");
}
throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
}
boolean hasTagServiceValueChanged = false;
Long existingTagServiceId = existing.getTagService();
// null for old clients; empty string to remove existing association
String newTagServiceName = service.getTagService();
Long newTagServiceId = null;
if (newTagServiceName == null) {
// old client; don't update existing tagService
if (existingTagServiceId != null) {
newTagServiceName = getServiceName(existingTagServiceId);
service.setTagService(newTagServiceName);
LOG.info("ServiceDBStore.updateService(id=" + service.getId() + "; name=" + service.getName() + "): tagService is null; using existing tagService '" + newTagServiceName + "'");
}
}
if (StringUtils.isNotBlank(newTagServiceName)) {
RangerService tmp = getServiceByName(newTagServiceName);
if (tmp == null || !EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(tmp.getType())) {
if (LOG.isDebugEnabled()) {
LOG.debug("ServiceDBStore.updateService() - " + newTagServiceName + " does not refer to a valid tag service.(" + service + ")");
}
throw restErrorUtil.createRESTException("Invalid tag service name " + newTagServiceName, MessageEnums.ERROR_CREATING_OBJECT);
} else {
newTagServiceId = tmp.getId();
}
}
if (existingTagServiceId == null) {
if (newTagServiceId != null) {
hasTagServiceValueChanged = true;
}
} else if (!existingTagServiceId.equals(newTagServiceId)) {
hasTagServiceValueChanged = true;
}
boolean hasIsEnabledChanged = !existing.getIsenabled().equals(service.getIsEnabled());
List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
if (populateExistingBaseFields) {
svcServiceWithAssignedId.setPopulateExistingBaseFields(true);
service = svcServiceWithAssignedId.update(service);
svcServiceWithAssignedId.setPopulateExistingBaseFields(false);
} else {
service.setCreateTime(existing.getCreateTime());
service.setGuid(existing.getGuid());
service.setVersion(existing.getVersion());
service = svcService.update(service);
if (hasTagServiceValueChanged || hasIsEnabledChanged) {
updatePolicyVersion(service, false);
}
}
XXService xUpdService = daoMgr.getXXService().getById(service.getId());
String oldPassword = null;
List<XXServiceConfigMap> dbConfigMaps = daoMgr.getXXServiceConfigMap().findByServiceId(service.getId());
for (XXServiceConfigMap dbConfigMap : dbConfigMaps) {
if (StringUtils.equalsIgnoreCase(dbConfigMap.getConfigkey(), CONFIG_KEY_PASSWORD)) {
oldPassword = dbConfigMap.getConfigvalue();
}
daoMgr.getXXServiceConfigMap().remove(dbConfigMap);
}
VXUser vXUser = null;
XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
for (Entry<String, String> configMap : validConfigs.entrySet()) {
String configKey = configMap.getKey();
String configValue = configMap.getValue();
if (StringUtils.equalsIgnoreCase(configKey, "username")) {
String userName = stringUtil.getValidUserName(configValue);
XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
if (xxUser != null) {
vXUser = xUserService.populateViewBean(xxUser);
} else {
UserSessionBase usb = ContextUtil.getCurrentUserSession();
if (usb != null && !usb.isUserAdmin()) {
throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
}
vXUser = xUserMgr.createServiceConfigUser(userName);
}
}
if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) {
if (StringUtils.equalsIgnoreCase(configValue, HIDDEN_PASSWORD_STR)) {
String[] crypt_algo_array = null;
if (configValue.contains(",")) {
crypt_algo_array = configValue.split(",");
}
if (oldPassword != null && oldPassword.contains(",")) {
String encryptKey = null;
String salt = null;
int iterationCount = 0;
crypt_algo_array = oldPassword.split(",");
String OLD_CRYPT_ALGO = crypt_algo_array[0];
encryptKey = crypt_algo_array[1];
salt = crypt_algo_array[2];
iterationCount = Integer.parseInt(crypt_algo_array[3]);
if (!OLD_CRYPT_ALGO.equalsIgnoreCase(CRYPT_ALGO)) {
String decryptedPwd = PasswordUtils.decryptPassword(oldPassword);
String paddingString = CRYPT_ALGO + "," + encryptKey + "," + salt + "," + iterationCount;
String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + decryptedPwd);
String newDecryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
if (StringUtils.equals(newDecryptedPwd, decryptedPwd)) {
configValue = paddingString + "," + encryptedPwd;
}
} else {
configValue = oldPassword;
}
} else {
configValue = oldPassword;
}
} else {
String paddingString = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT;
String encryptedPwd = PasswordUtils.encryptPassword(paddingString + "," + configValue);
String decryptedPwd = PasswordUtils.decryptPassword(paddingString + "," + encryptedPwd);
if (StringUtils.equals(decryptedPwd, configValue)) {
configValue = paddingString + "," + encryptedPwd;
}
}
}
XXServiceConfigMap xConfMap = new XXServiceConfigMap();
xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xUpdService);
xConfMap.setServiceId(service.getId());
xConfMap.setConfigkey(configKey);
xConfMap.setConfigvalue(configValue);
xConfMapDao.create(xConfMap);
}
if (LOG.isDebugEnabled()) {
LOG.debug("vXUser:[" + vXUser + "]");
}
RangerService updService = svcService.getPopulatedViewObject(xUpdService);
dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE);
bizUtil.createTrxLog(trxLogList);
return updService;
}
Also used :
XXUser(org.apache.ranger.entity.XXUser)
VXString(org.apache.ranger.view.VXString)
XXTrxLog(org.apache.ranger.entity.XXTrxLog)
VXUser(org.apache.ranger.view.VXUser)
XXServiceConfigMapDao(org.apache.ranger.db.XXServiceConfigMapDao)
UserSessionBase(org.apache.ranger.common.UserSessionBase)
XXServiceConfigMap(org.apache.ranger.entity.XXServiceConfigMap)
RangerService(org.apache.ranger.plugin.model.RangerService)
XXService(org.apache.ranger.entity.XXService)
Example 2 with VXUser
use of org.apache.ranger.view.VXUser in project ranger by apache.
the class TestXUserMgr method test24GetXUserByUserName.
@Test
public void test24GetXUserByUserName() {
VXUser vxUser = vxUser();
String userName = "test";
Mockito.when(xUserService.getXUserByUserName(userName)).thenReturn(vxUser);
XXModuleDefDao xxModuleDefDao = Mockito.mock(XXModuleDefDao.class);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xxModuleDefDao);
VXUser dbVXUser = xUserMgr.getXUserByUserName(userName);
Assert.assertNotNull(dbVXUser);
userId = dbVXUser.getId();
Assert.assertEquals(userId, dbVXUser.getId());
Assert.assertEquals(dbVXUser.getName(), vxUser.getName());
Assert.assertEquals(dbVXUser.getOwner(), vxUser.getOwner());
Mockito.verify(xUserService, Mockito.atLeast(2)).getXUserByUserName(userName);
}
Also used :
XXModuleDefDao(org.apache.ranger.db.XXModuleDefDao)
VXString(org.apache.ranger.view.VXString)
VXUser(org.apache.ranger.view.VXUser)
Test(org.junit.Test)
Example 3 with VXUser
use of org.apache.ranger.view.VXUser in project ranger by apache.
the class TestXUserMgr method test15ModifyUserVisibilitySetEmpty.
@Test
public void test15ModifyUserVisibilitySetEmpty() {
XXUserDao xxUserDao = Mockito.mock(XXUserDao.class);
XXUser xxUser = Mockito.mock(XXUser.class);
VXUser vxUser = vxUser();
Mockito.when(xUserService.updateResource(vxUser)).thenReturn(vxUser);
HashMap<Long, Integer> visibilityMap = new HashMap<Long, Integer>();
visibilityMap.put(userId, emptyValue);
Mockito.when(daoManager.getXXUser()).thenReturn(xxUserDao);
Mockito.when(xxUserDao.getById(userId)).thenReturn(xxUser);
Mockito.when(xUserService.populateViewBean(xxUser)).thenReturn(vxUser);
xUserMgr.modifyUserVisibility(visibilityMap);
Assert.assertEquals(emptyValue, vxUser.getIsVisible());
Assert.assertEquals(userId, vxUser.getId());
Mockito.verify(xUserService).updateResource(vxUser);
Mockito.verify(daoManager).getXXUser();
Mockito.verify(xUserService).populateViewBean(xxUser);
}Example 4 with VXUser
use of org.apache.ranger.view.VXUser in project ranger by apache.
the class TestXUserMgr method test14ModifyUserVisibilitySetZero.
@Test
public void test14ModifyUserVisibilitySetZero() {
XXUserDao xxUserDao = Mockito.mock(XXUserDao.class);
XXUser xxUser = Mockito.mock(XXUser.class);
VXUser vxUser = vxUser();
Mockito.when(xUserService.updateResource(vxUser)).thenReturn(vxUser);
HashMap<Long, Integer> visibilityMap = new HashMap<Long, Integer>();
Integer value = 0;
visibilityMap.put(userId, value);
Mockito.when(daoManager.getXXUser()).thenReturn(xxUserDao);
Mockito.when(xxUserDao.getById(userId)).thenReturn(xxUser);
Mockito.when(xUserService.populateViewBean(xxUser)).thenReturn(vxUser);
xUserMgr.modifyUserVisibility(visibilityMap);
Assert.assertEquals(value, vxUser.getIsVisible());
Assert.assertEquals(userId, vxUser.getId());
Mockito.verify(xUserService).updateResource(vxUser);
Mockito.verify(daoManager).getXXUser();
Mockito.verify(xUserService).populateViewBean(xxUser);
}Example 5 with VXUser
use of org.apache.ranger.view.VXUser in project ranger by apache.
the class TestXUserMgr method test44getGroupsForUser.
/*@Test
public void test43checkPermissionRoleByGivenUrls() {
XXModuleDefDao value = Mockito.mock(XXModuleDefDao.class);
XXPortalUserRoleDao xPortalUserRoleDao = Mockito
.mock(XXPortalUserRoleDao.class);
List<String> lsvalue = new ArrayList<String>();
List<XXPortalUserRole> xPortalUserRolesList = new ArrayList<XXPortalUserRole>();
XXPortalUserRole xPortalUserRole = new XXPortalUserRole();
xPortalUserRole.setAddedByUserId(userId);
xPortalUserRole.setCreateTime(new Date());
xPortalUserRole.setId(userId);
xPortalUserRole.setStatus(0);
xPortalUserRole.setUpdatedByUserId(userId);
xPortalUserRole.setUserId(userId);
xPortalUserRole.setUserRole("admin");
xPortalUserRolesList.add(xPortalUserRole);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(value);
Mockito.when(value.findModuleURLOfPemittedModules(null)).thenReturn(
lsvalue);
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
xPortalUserRoleDao);
Mockito.when(xPortalUserRoleDao.findByUserId(null)).thenReturn(
xPortalUserRolesList);
String enteredURL = "";
String method = "";
xUserMgr.checkPermissionRoleByGivenUrls(enteredURL, method);
Mockito.verify(daoManager).getXXModuleDef();
Mockito.verify(value).findModuleURLOfPemittedModules(null);
Mockito.verify(daoManager).getXXPortalUserRole();
Mockito.verify(xPortalUserRoleDao).findByUserId(null);
}*/
@Test
public void test44getGroupsForUser() {
VXUser vxUser = vxUser();
String userName = "test";
Mockito.when(xUserService.getXUserByUserName(userName)).thenReturn(vxUser);
XXModuleDefDao modDef = Mockito.mock(XXModuleDefDao.class);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(modDef);
List<String> lstModule = new ArrayList<String>();
lstModule.add(RangerConstants.MODULE_USER_GROUPS);
Mockito.when(modDef.findAccessibleModulesByUserId(Mockito.anyLong(), Mockito.anyLong())).thenReturn(lstModule);
Set<String> list = xUserMgr.getGroupsForUser(userName);
Assert.assertNotNull(list);
Mockito.verify(xUserService, Mockito.atLeast(2)).getXUserByUserName(userName);
// Mockito.verify(daoManager).getXXModuleDef();
Mockito.verify(modDef).findAccessibleModulesByUserId(Mockito.anyLong(), Mockito.anyLong());
}
Also used :
ArrayList(java.util.ArrayList)
XXModuleDefDao(org.apache.ranger.db.XXModuleDefDao)
VXString(org.apache.ranger.view.VXString)
VXUser(org.apache.ranger.view.VXUser)
Test(org.junit.Test)
Aggregations
VXUser (org.apache.ranger.view.VXUser)42
Test (org.junit.Test)31
VXString (org.apache.ranger.view.VXString)21
ArrayList (java.util.ArrayList)13
HttpServletRequest (javax.servlet.http.HttpServletRequest)11
XXUser (org.apache.ranger.entity.XXUser)8
XXPortalUser (org.apache.ranger.entity.XXPortalUser)6
VXStringList (org.apache.ranger.view.VXStringList)6
VXPortalUser (org.apache.ranger.view.VXPortalUser)5
HashMap (java.util.HashMap)4
XXModuleDefDao (org.apache.ranger.db.XXModuleDefDao)4
XXPortalUserRoleDao (org.apache.ranger.db.XXPortalUserRoleDao)4
XXUserDao (org.apache.ranger.db.XXUserDao)4
VXUserList (org.apache.ranger.view.VXUserList)4
Date (java.util.Date)3
XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)3
VXGroup (org.apache.ranger.view.VXGroup)3
JsonSyntaxException (com.google.gson.JsonSyntaxException)2
IOException (java.io.IOException)2
List (java.util.List)2
