You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2023/09/02 03:56:46 UTC
[ranger] branch RANGER-3923 updated (2b307095a -> 569ff2f27)
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a change to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
from 2b307095a Merge branch 'master' into RANGER-3923
add 5f8e3c1b7 RANGER-4319: Restricting policy name character to configurable length
add ab3805fac RANGER-4354: Improve ChangePassword utility for multiple default password change request
add 2cc56e127 RANGER-4356: Ranger CSV Report extract may fail with Null pointer exception
add 50a56de79 RANGER-4374: Getting page not found when wrong password is send in 'Old Password'
add c1dcb789b RANGER-4367: User with access on Key manager tab not able to view the "Encryption" tab on the React UI
add a534a51ff RANGER-4285: Ranger Java Patch for adding uiHint in policy condition for upgrade scenario
add 3a121a835 RANGER-4290: Adding uiHint attribute in policy condition
add b1c0ac608 RANGER-4343: Atlas default policy is showing 2 admin users in policy items
add 5bc3cb303 RANGER-4371: Ranger authn - add doAs support for JWT authentication
add 5afc8521e RANGER-4357: Consolidate configs required to enable ORC audit logs. Test cases for orc audits. Typo fix for zlib compression. (#279)
add 1cf5934dd RANGER-4387: optimize loading of userstore from database
add 82af76567 RANGER-4285: [Best practices] Change java patch seq J10057 to J10060
add be31caf18 RANGER-4389: userstore to include internal attributes syncSource/isInternal/emailAddress
new 569ff2f27 Merge branch 'master' into RANGER-3923
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../ranger/audit/provider/AuditWriterFactory.java | 2 +-
.../org/apache/ranger/audit/utils/ORCFileUtil.java | 2 +-
.../ranger/plugin/errors/ValidationErrorCode.java | 3 +
.../model/validation/RangerPolicyValidator.java | 45 +++-
.../ranger/plugin/util/RangerCommonConstants.java | 3 +
.../ranger/services/atlas/RangerServiceAtlas.java | 4 +-
.../handler/jwt/RangerDefaultJwtAuthHandler.java | 4 +-
.../authz/handler/jwt/RangerJwtAuthHandler.java | 22 +-
.../optimized/current/ranger_core_db_mysql.sql | 1 +
.../optimized/current/ranger_core_db_oracle.sql | 1 +
.../optimized/current/ranger_core_db_postgres.sql | 1 +
.../current/ranger_core_db_sqlanywhere.sql | 2 +
.../optimized/current/ranger_core_db_sqlserver.sql | 1 +
.../java/org/apache/ranger/biz/ServiceDBStore.java | 101 +++++----
.../main/java/org/apache/ranger/db/XXGroupDao.java | 67 ++++++
.../main/java/org/apache/ranger/db/XXUserDao.java | 68 +++++-
...lServiceDefForPolicyConditionUpdate_J10060.java | 118 +++++++++++
.../ranger/patch/cliutil/ChangePasswordUtil.java | 57 ++++--
.../java/org/apache/ranger/rest/ServiceREST.java | 16 ++
.../service/RangerServiceDefServiceBase.java | 2 +-
.../apache/ranger/service/XGroupServiceBase.java | 18 +-
.../apache/ranger/service/XUserServiceBase.java | 18 +-
.../main/resources/META-INF/jpa_named_queries.xml | 14 ++
.../react-webapp/src/components/Editable.jsx | 7 -
.../webapp/react-webapp/src/utils/XAMessages.js | 8 +-
.../main/webapp/react-webapp/src/utils/XAUtils.js | 2 +-
.../main/webapp/react-webapp/src/utils/appState.js | 3 +
.../main/webapp/react-webapp/src/utils/fetchAPI.js | 6 +-
.../src/views/AuditEvent/AccessLogDetail.jsx | 10 +-
.../src/views/AuditEvent/AccessLogsTable.jsx | 8 +-
.../src/views/AuditEvent/AdminLogs/PolicyLogs.jsx | 8 +-
.../src/views/AuditEvent/AdminLogs/UserLogs.jsx | 6 +-
.../src/views/Encryption/KeyManager.jsx | 79 +++----
.../src/views/Reports/SearchPolicyTable.jsx | 31 ++-
.../src/views/Reports/UserAccessLayout.jsx | 34 +--
.../src/views/SecurityZone/SecurityZoneForm.jsx | 4 +-
.../src/views/ServiceManager/ServiceDefinition.jsx | 20 +-
.../views/ServiceManager/ServiceViewDetails.jsx | 12 +-
.../react-webapp/src/views/SideBar/SideBar.jsx | 32 ++-
.../react-webapp/src/views/SideBar/SideBarBody.jsx | 1 +
.../users_details/EditUserView.jsx | 51 +++--
.../users_details/UserFormComp.jsx | 10 +-
.../users_details/UserListing.jsx | 2 +-
.../webapp/react-webapp/src/views/UserProfile.jsx | 78 ++++++-
.../org/apache/ranger/audit/TestAuditQueue.java | 227 ++++++++++++++++++++-
45 files changed, 937 insertions(+), 272 deletions(-)
create mode 100644 security-admin/src/main/java/org/apache/ranger/patch/PatchForAllServiceDefForPolicyConditionUpdate_J10060.java
[ranger] 01/01: Merge branch 'master' into RANGER-3923
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 569ff2f27a6f6b6bf40f6d3dc226955bad2316cb
Merge: 2b307095a be31caf18
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Fri Sep 1 20:56:32 2023 -0700
Merge branch 'master' into RANGER-3923
.../ranger/audit/provider/AuditWriterFactory.java | 2 +-
.../org/apache/ranger/audit/utils/ORCFileUtil.java | 2 +-
.../ranger/plugin/errors/ValidationErrorCode.java | 3 +
.../model/validation/RangerPolicyValidator.java | 45 +++-
.../ranger/plugin/util/RangerCommonConstants.java | 3 +
.../ranger/services/atlas/RangerServiceAtlas.java | 4 +-
.../handler/jwt/RangerDefaultJwtAuthHandler.java | 4 +-
.../authz/handler/jwt/RangerJwtAuthHandler.java | 22 +-
.../optimized/current/ranger_core_db_mysql.sql | 1 +
.../optimized/current/ranger_core_db_oracle.sql | 1 +
.../optimized/current/ranger_core_db_postgres.sql | 1 +
.../current/ranger_core_db_sqlanywhere.sql | 2 +
.../optimized/current/ranger_core_db_sqlserver.sql | 1 +
.../java/org/apache/ranger/biz/ServiceDBStore.java | 101 +++++----
.../main/java/org/apache/ranger/db/XXGroupDao.java | 67 ++++++
.../main/java/org/apache/ranger/db/XXUserDao.java | 68 +++++-
...lServiceDefForPolicyConditionUpdate_J10060.java | 118 +++++++++++
.../ranger/patch/cliutil/ChangePasswordUtil.java | 57 ++++--
.../java/org/apache/ranger/rest/ServiceREST.java | 16 ++
.../service/RangerServiceDefServiceBase.java | 2 +-
.../apache/ranger/service/XGroupServiceBase.java | 18 +-
.../apache/ranger/service/XUserServiceBase.java | 18 +-
.../main/resources/META-INF/jpa_named_queries.xml | 14 ++
.../react-webapp/src/components/Editable.jsx | 7 -
.../webapp/react-webapp/src/utils/XAMessages.js | 8 +-
.../main/webapp/react-webapp/src/utils/XAUtils.js | 2 +-
.../main/webapp/react-webapp/src/utils/appState.js | 3 +
.../main/webapp/react-webapp/src/utils/fetchAPI.js | 6 +-
.../src/views/AuditEvent/AccessLogDetail.jsx | 10 +-
.../src/views/AuditEvent/AccessLogsTable.jsx | 8 +-
.../src/views/AuditEvent/AdminLogs/PolicyLogs.jsx | 8 +-
.../src/views/AuditEvent/AdminLogs/UserLogs.jsx | 6 +-
.../src/views/Encryption/KeyManager.jsx | 79 +++----
.../src/views/Reports/SearchPolicyTable.jsx | 31 ++-
.../src/views/Reports/UserAccessLayout.jsx | 34 +--
.../src/views/SecurityZone/SecurityZoneForm.jsx | 4 +-
.../src/views/ServiceManager/ServiceDefinition.jsx | 20 +-
.../views/ServiceManager/ServiceViewDetails.jsx | 12 +-
.../react-webapp/src/views/SideBar/SideBar.jsx | 32 ++-
.../react-webapp/src/views/SideBar/SideBarBody.jsx | 1 +
.../users_details/EditUserView.jsx | 51 +++--
.../users_details/UserFormComp.jsx | 10 +-
.../users_details/UserListing.jsx | 2 +-
.../webapp/react-webapp/src/views/UserProfile.jsx | 78 ++++++-
.../org/apache/ranger/audit/TestAuditQueue.java | 227 ++++++++++++++++++++-
45 files changed, 937 insertions(+), 272 deletions(-)
diff --cc security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
index 215c0f03c,fc1968352..8af4448b5
mode 100755,100644..100755
--- a/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
@@@ -21,10 -21,13 +21,15 @@@ package org.apache.ranger.db
import javax.persistence.NoResultException;
+ import com.google.gson.Gson;
+ import com.google.gson.GsonBuilder;
+import org.apache.commons.collections.ListUtils;
+ import org.apache.commons.lang3.StringUtils;
+ import org.apache.ranger.common.RangerCommonEnums;
import org.apache.ranger.common.db.BaseDao;
import org.apache.ranger.entity.XXUser;
+import org.apache.ranger.plugin.model.RangerPrincipal;
+ import org.apache.ranger.plugin.model.UserInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
@@@ -125,36 -133,59 +135,92 @@@ public class XXUserDao extends BaseDao<
return users;
}
+ public List<RangerPrincipal> lookupPrincipalByName(String principalName, int startIndex, int pageSize) {
+ List<RangerPrincipal> ret = new ArrayList<>();
+
+ try {
+ List<Object[]> results = getEntityManager().createNamedQuery("VXXPrincipal.lookupByName", Object[].class)
+ .setParameter("principalName", principalName + "%")
+ .setFirstResult(startIndex)
+ .setMaxResults(pageSize).getResultList();
+
+ if (results != null) {
+ for (Object[] result : results) {
+ String name = (String) result[0];
+ Number type = (Number) result[1];
+
+ switch (type.intValue()) {
+ case 0:
+ ret.add(new RangerPrincipal(RangerPrincipal.PrincipalType.USER, name));
+ break;
+ case 1:
+ ret.add(new RangerPrincipal(RangerPrincipal.PrincipalType.GROUP, name));
+ break;
+ case 2:
+ ret.add(new RangerPrincipal(RangerPrincipal.PrincipalType.ROLE, name));
+ break;
+ }
+ }
+ }
+ } catch (NoResultException e) {
+ ret = ListUtils.EMPTY_LIST;
+ }
+ return ret;
+ }
++
+ public List<UserInfo> getAllUsersInfo() {
+ List<UserInfo> ret = new ArrayList<>();
+
+ try {
+ List<Object[]> rows = getEntityManager().createNamedQuery("XXUser.getAllUsersInfo", Object[].class).getResultList();
+
+ if (rows != null) {
+ for (Object[] row : rows) {
+
+ ret.add(toUserInfo(row));
+ }
+ }
+ } catch (NoResultException excp) {
+ if (logger.isDebugEnabled()) {
+ logger.debug(excp.getMessage());
+ }
+ }
+
+ return ret;
+ }
+
+ private UserInfo toUserInfo(Object[] row) {
+ String name = (String) row[0];
+ String description = (String) row[1];
+ String attributes = (String) row[2];
+ String syncSource = (String) row[3];
+ Number userSource = (Number) row[4];
+ String emailAddress = (String) row[5];
+ Boolean isInternal = userSource != null && userSource.equals(RangerCommonEnums.USER_APP);
+ Map<String, String> attrMap = null;
+
+ if (StringUtils.isNotBlank(attributes)) {
+ try {
+ attrMap = gsonBuilder.fromJson(attributes, Map.class);
+ } catch (Exception excp) {
+ // ignore
+ }
+ }
+
+ if (attrMap == null) {
+ attrMap = new HashMap<>();
+ }
+
+ if (StringUtils.isNotBlank(syncSource)) {
+ attrMap.put(SCRIPT_FIELD__SYNC_SOURCE, syncSource);
+ }
+
+ if (StringUtils.isNotBlank(emailAddress)) {
+ attrMap.put(SCRIPT_FIELD__EMAIL_ADDRESS, emailAddress);
+ }
+
+ attrMap.put(SCRIPT_FIELD__IS_INTERNAL, isInternal.toString());
+
+ return new UserInfo(name, description, attrMap);
+ }
}
diff --cc security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 050c229e0,23085a273..f02101f09
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@@ -178,13 -185,13 +185,20 @@@
</query>
</named-query>
+ <named-query name="VXXPrincipal.lookupByName">
+ <query>SELECT p.principalName, p.principalType FROM VXXPrincipal p
+ WHERE p.principalName LIKE :principalName
+ AND p.isVisible = 1
+ ORDER BY p.principalName</query>
+ </named-query>
+
+ <named-query name="XXUser.getAllUsersInfo">
+ <query>SELECT user.name, user.description, user.otherAttributes, user.syncSource, pUser.userSource, pUser.emailAddress
+ FROM XXUser user LEFT OUTER JOIN XXPortalUser pUser ON pUser.loginId = user.name
+ WHERE user.isVisible = 1
+ </query>
+ </named-query>
+
<named-query name="XXGroupUser.findUsersByGroupIds">
<query>SELECT group.name, user.name FROM XXUser user, XXGroup group, XXGroupUser groupUser
WHERE user.id=groupUser.userId and group.id=groupUser.parentGroupId