You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2020/09/18 21:41:23 UTC
[ranger] branch master updated: RANGER-2948: Ranger plugins to
support a hook to register plugin chains - Part 2
This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new ad56ab8 RANGER-2948: Ranger plugins to support a hook to register plugin chains - Part 2
ad56ab8 is described below
commit ad56ab88984ab03ce36248dd87482a70b8ed74a4
Author: Abhay Kulkarni <ab...@apache.org>
AuthorDate: Fri Sep 18 14:40:49 2020 -0700
RANGER-2948: Ranger plugins to support a hook to register plugin chains - Part 2
---
.../hadoop/config/RangerChainedPluginConfig.java | 36 ++-
.../hadoop/config/RangerPluginConfig.java | 17 ++
.../optimized/current/ranger_core_db_mysql.sql | 68 ++++++
.../db/mysql/patches/049-create-rms-schema.sql | 81 +++++++
.../optimized/current/ranger_core_db_oracle.sql | 107 +++++++++
.../db/oracle/patches/049-create-rms-schema.sql | 119 +++++++++
.../optimized/current/ranger_core_db_postgres.sql | 83 +++++++
.../db/postgres/patches/049-create-rms-schema.sql | 91 +++++++
.../current/ranger_core_db_sqlanywhere.sql | 99 ++++++++
.../sqlanywhere/patches/049-create-rms-schema.sql | 107 +++++++++
.../optimized/current/ranger_core_db_sqlserver.sql | 191 +++++++++++++++
.../db/sqlserver/patches/049-create-rms-schema.sql | 205 ++++++++++++++++
.../java/org/apache/ranger/biz/ServiceDBStore.java | 9 +
.../org/apache/ranger/common/AppConstants.java | 25 +-
.../org/apache/ranger/db/RangerDaoManagerBase.java | 5 +
.../apache/ranger/db/XXRMSMappingProviderDao.java | 87 +++++++
.../org/apache/ranger/db/XXRMSNotificationDao.java | 123 ++++++++++
.../apache/ranger/db/XXRMSResourceMappingDao.java | 133 +++++++++++
.../apache/ranger/db/XXRMSServiceResourceDao.java | 265 +++++++++++++++++++++
.../apache/ranger/entity/XXRMSMappingProvider.java | 186 +++++++++++++++
.../apache/ranger/entity/XXRMSNotification.java | 147 ++++++++++++
.../apache/ranger/entity/XXRMSResourceMapping.java | 98 ++++++++
.../apache/ranger/entity/XXRMSServiceResource.java | 257 ++++++++++++++++++++
.../main/resources/META-INF/jpa_named_queries.xml | 96 ++++++++
24 files changed, 2631 insertions(+), 4 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
index 9e25ae1..81cebf4 100644
--- a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
+++ b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
@@ -21,7 +21,7 @@ package org.apache.ranger.authorization.hadoop.config;
public class RangerChainedPluginConfig extends RangerPluginConfig {
public RangerChainedPluginConfig(String serviceType, String serviceName, String appId, RangerPluginConfig sourcePluginConfig) {
- super(serviceType, serviceName, appId, sourcePluginConfig.getClusterName(), sourcePluginConfig.getClusterType(), null);
+ super(serviceType, serviceName, appId, sourcePluginConfig);
// add necessary config "overrides", so that RangerAdminClient implementations (like RangerAdminRESTClient)
// will use configurations from ranger-<source-service-type>-security.xml (sourcePluginConfig) to connect to Ranger Admin
@@ -36,6 +36,11 @@ public class RangerChainedPluginConfig extends RangerPluginConfig {
copyProperty(sourcePluginConfig, ".policy.rest.read.timeoutMs", 30 * 1000);
copyProperty(sourcePluginConfig, ".policy.rest.supports.policy.deltas");
copyProperty(sourcePluginConfig, ".tag.rest.supports.tag.deltas");
+
+ // SSL configurations
+ String[] legacySSLProperties = new String[] {"xasecure.policymgr.clientssl.keystore", "xasecure.policymgr.clientssl.keystore.type", "xasecure.policymgr.clientssl.keystore.credential.file","xasecure.policymgr.clientssl.truststore", "xasecure.policymgr.clientssl.truststore.credential.file", "hadoop.security.credential.provider.path"};
+ copyLegacySSLProperties(sourcePluginConfig, legacySSLProperties);
+
}
protected void copyProperty(RangerPluginConfig sourcePluginConfig, String propertySuffix) {
@@ -48,4 +53,33 @@ public class RangerChainedPluginConfig extends RangerPluginConfig {
protected void copyProperty(RangerPluginConfig sourcePluginConfig, String propertySuffix, int defaultValue) {
setInt(getPropertyPrefix() + propertySuffix, sourcePluginConfig.getInt("ranger.plugin" + sourcePluginConfig.getServiceType() + propertySuffix, defaultValue));
}
+
+ private void copyLegacySSLProperties(RangerPluginConfig sourcePluginConfig, String[] legacyPropertyNames) {
+ for (String legacyPropertyName : legacyPropertyNames) {
+ String value = sourcePluginConfig.get(legacyPropertyName);
+ if (value != null) {
+ set(legacyPropertyName, value);
+ }
+ }
+ }
+
+ protected String printProperties() {
+ StringBuilder sb = new StringBuilder();
+ boolean seenOneProp = false;
+ for (String propName : this.getProperties().stringPropertyNames()) {
+ String value = this.get(propName);
+ if (!seenOneProp) {
+ seenOneProp = true;
+ } else {
+ sb.append(",\n");
+ }
+ sb.append("{ propertyName:[").append(propName).append("], propertyValue:[").append(value).append("] }");
+ }
+ return sb.toString();
+ }
+
+ @Override
+ public String toString() {
+ return this.getClass().getSimpleName() + " : { " + printProperties() + " }";
+ }
}
diff --git a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
index 43004cb..7b34f77 100644
--- a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
+++ b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
@@ -116,6 +116,23 @@ public class RangerPluginConfig extends RangerConfiguration {
LOG.info(policyEngineOptions);
}
+ protected RangerPluginConfig(String serviceType, String serviceName, String appId, RangerPluginConfig sourcePluginConfig) {
+ super();
+
+ this.serviceType = serviceType;
+ this.appId = StringUtils.isEmpty(appId) ? serviceType : appId;
+ this.propertyPrefix = "ranger.plugin." + serviceType;
+ this.serviceName = serviceName;
+
+ this.clusterName = sourcePluginConfig.getClusterName();
+ this.clusterType = sourcePluginConfig.getClusterType();
+ this.useForwardedIPAddress = sourcePluginConfig.isUseForwardedIPAddress();
+ this.trustedProxyAddresses = sourcePluginConfig.getTrustedProxyAddresses();
+
+ this.policyEngineOptions = sourcePluginConfig.getPolicyEngineOptions();
+
+ }
+
public String getServiceType() {
return serviceType;
}
diff --git a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
index e9f41ea..71e0019 100644
--- a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
+++ b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
@@ -1614,6 +1614,73 @@ END $$
DELIMITER ;
+DROP TABLE IF EXISTS `x_rms_notification`;
+DROP TABLE IF EXISTS `x_rms_resource_mapping`;
+DROP TABLE IF EXISTS `x_rms_mapping_provider`;
+DROP TABLE IF EXISTS `x_rms_service_resource`;
+
+CREATE TABLE `x_rms_service_resource` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `guid` varchar(64) NOT NULL,
+ `create_time` timestamp NULL DEFAULT NULL,
+ `update_time` timestamp NULL DEFAULT NULL,
+ `added_by_id` bigint(20) DEFAULT NULL,
+ `upd_by_id` bigint(20) DEFAULT NULL,
+ `version` bigint(20) DEFAULT NULL,
+ `service_id` bigint(20) NOT NULL,
+ `resource_signature` varchar(128) DEFAULT NULL,
+ `is_enabled` tinyint(1) NOT NULL DEFAULT '1',
+ `service_resource_elements_text` text,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_service_res_UK_guid` (`guid`),
+ CONSTRAINT `x_rms_service_res_FK_service_id` FOREIGN KEY (`service_id`) REFERENCES `x_service` (`id`)
+);
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+
+CREATE TABLE `x_rms_notification` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `hms_name` varchar(128) DEFAULT NULL,
+ `notification_id` bigint(20) DEFAULT NULL,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `change_type` varchar(64) DEFAULT NULL,
+ `hl_resource_id` bigint(20) DEFAULT NULL,
+ `hl_service_id` bigint(20) DEFAULT NULL,
+ `ll_resource_id` bigint(20) DEFAULT NULL,
+ `ll_service_id` bigint(20) DEFAULT NULL,
+ PRIMARY KEY (`id`),
+ CONSTRAINT `x_rms_notification_FK_hl_service_id` FOREIGN KEY (`hl_service_id`) REFERENCES `x_service` (`id`),
+ CONSTRAINT `x_rms_notification_FK_ll_service_id` FOREIGN KEY (`ll_service_id`) REFERENCES `x_service` (`id`)
+);
+
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+
+
+CREATE TABLE `x_rms_resource_mapping` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `hl_resource_id` bigint(20) NOT NULL,
+ `ll_resource_id` bigint(20) NOT NULL,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_res_map_UK_hl_res_id_ll_res_id` (`hl_resource_id`,`ll_resource_id`),
+ CONSTRAINT `x_rms_res_map_FK_hl_res_id` FOREIGN KEY (`hl_resource_id`) REFERENCES `x_rms_service_resource` (`id`),
+ CONSTRAINT `x_rms_res_map_FK_ll_res_id` FOREIGN KEY (`ll_resource_id`) REFERENCES `x_rms_service_resource` (`id`)
+);
+
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+
+CREATE TABLE `x_rms_mapping_provider` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `name` varchar(128) NOT NULL,
+ `last_known_version` bigint(20) NOT NULL,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_mapping_provider_UK_name` (`name`)
+);
+
INSERT INTO x_portal_user(create_time,update_time,added_by_id,upd_by_id,first_name,last_name,pub_scr_name,login_id,password,email,status,user_src,notes) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1,0,NULL);
INSERT INTO x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,getXportalUIdByLoginId('admin'),'ROLE_SYS_ADMIN',1);
INSERT INTO x_group (ADDED_BY_ID, CREATE_TIME, DESCR, GROUP_SRC, GROUP_TYPE, GROUP_NAME, STATUS, UPDATE_TIME, UPD_BY_ID) VALUES (getXportalUIdByLoginId('admin'), UTC_TIMESTAMP(), 'public group', 0, 0, 'public', 0, UTC_TIMESTAMP(), getXportalUIdByLoginId('admin'));
@@ -1677,6 +1744,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('046',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('047',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('048',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('049',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed)
diff --git a/security-admin/db/mysql/patches/049-create-rms-schema.sql b/security-admin/db/mysql/patches/049-create-rms-schema.sql
new file mode 100644
index 0000000..5f30d7e
--- /dev/null
+++ b/security-admin/db/mysql/patches/049-create-rms-schema.sql
@@ -0,0 +1,81 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS `x_rms_notification`;
+DROP TABLE IF EXISTS `x_rms_resource_mapping`;
+DROP TABLE IF EXISTS `x_rms_mapping_provider`;
+DROP TABLE IF EXISTS `x_rms_service_resource`;
+
+CREATE TABLE `x_rms_service_resource` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `guid` varchar(64) NOT NULL,
+ `create_time` timestamp NULL DEFAULT NULL,
+ `update_time` timestamp NULL DEFAULT NULL,
+ `added_by_id` bigint(20) DEFAULT NULL,
+ `upd_by_id` bigint(20) DEFAULT NULL,
+ `version` bigint(20) DEFAULT NULL,
+ `service_id` bigint(20) NOT NULL,
+ `resource_signature` varchar(128) DEFAULT NULL,
+ `is_enabled` tinyint(1) NOT NULL DEFAULT '1',
+ `service_resource_elements_text` text,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_service_res_UK_guid` (`guid`),
+ CONSTRAINT `x_rms_service_res_FK_service_id` FOREIGN KEY (`service_id`) REFERENCES `x_service` (`id`)
+);
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+
+CREATE TABLE `x_rms_notification` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `hms_name` varchar(128) DEFAULT NULL,
+ `notification_id` bigint(20) DEFAULT NULL,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `change_type` varchar(64) DEFAULT NULL,
+ `hl_resource_id` bigint(20) DEFAULT NULL,
+ `hl_service_id` bigint(20) DEFAULT NULL,
+ `ll_resource_id` bigint(20) DEFAULT NULL,
+ `ll_service_id` bigint(20) DEFAULT NULL,
+ PRIMARY KEY (`id`),
+ CONSTRAINT `x_rms_notification_FK_hl_service_id` FOREIGN KEY (`hl_service_id`) REFERENCES `x_service` (`id`),
+ CONSTRAINT `x_rms_notification_FK_ll_service_id` FOREIGN KEY (`ll_service_id`) REFERENCES `x_service` (`id`)
+);
+
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+
+
+CREATE TABLE `x_rms_resource_mapping` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `hl_resource_id` bigint(20) NOT NULL,
+ `ll_resource_id` bigint(20) NOT NULL,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_res_map_UK_hl_res_id_ll_res_id` (`hl_resource_id`,`ll_resource_id`),
+ CONSTRAINT `x_rms_res_map_FK_hl_res_id` FOREIGN KEY (`hl_resource_id`) REFERENCES `x_rms_service_resource` (`id`),
+ CONSTRAINT `x_rms_res_map_FK_ll_res_id` FOREIGN KEY (`ll_resource_id`) REFERENCES `x_rms_service_resource` (`id`)
+);
+
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+
+CREATE TABLE `x_rms_mapping_provider` (
+ `id` bigint(20) NOT NULL AUTO_INCREMENT,
+ `change_timestamp` timestamp NULL DEFAULT NULL,
+ `name` varchar(128) NOT NULL,
+ `last_known_version` bigint(20) NOT NULL,
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `x_rms_mapping_provider_UK_name` (`name`)
+);
diff --git a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
index 9d7556c..0137a9d 100644
--- a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
+++ b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
@@ -1804,6 +1804,112 @@ begin
end;
END; /
/
+
+CREATE OR REPLACE PROCEDURE spdropsequence(ObjName IN varchar2)
+IS
+v_counter integer;
+BEGIN
+ select count(*) into v_counter from user_sequences where sequence_name = upper(ObjName);
+ if (v_counter > 0) then
+ execute immediate 'DROP SEQUENCE ' || ObjName;
+ end if;
+END;/
+/
+
+call spdropsequence('X_RMS_SERVICE_RESOURCE_SEQ');
+call spdropsequence('X_RMS_NOTIFICATION_SEQ');
+call spdropsequence('X_RMS_RESOURCE_MAPPING_SEQ');
+call spdropsequence('X_RMS_MAPPING_PROVIDER_SEQ');
+
+commit;
+
+CREATE SEQUENCE X_RMS_SERVICE_RESOURCE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_NOTIFICATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_RESOURCE_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_MAPPING_PROVIDER_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+
+CREATE OR REPLACE PROCEDURE spdroptable(ObjName IN varchar2)
+IS
+v_counter integer;
+BEGIN
+ select count(*) into v_counter from user_tables where table_name = upper(ObjName);
+ if (v_counter > 0) then
+ execute immediate 'drop table ' || ObjName || ' cascade constraints';
+ end if;
+END;/
+/
+
+call spdroptable('X_RMS_NOTIFICATION');
+call spdroptable('X_RMS_RESOURCE_MAPPING');
+call spdroptable('X_RMS_MAPPING_PROVIDER');
+call spdroptable('X_RMS_SERVICE_RESOURCE');
+
+CREATE TABLE x_rms_service_resource(
+id NUMBER(20) NOT NULL,
+guid VARCHAR(1024) DEFAULT NULL NULL,
+create_time DATE DEFAULT NULL NULL,
+update_time DATE DEFAULT NULL NULL,
+added_by_id NUMBER(20) DEFAULT NULL NULL,
+upd_by_id NUMBER(20) DEFAULT NULL NULL,
+version NUMBER(20) DEFAULT NULL NULL,
+service_id NUMBER(20) NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled NUMBER(1) DEFAULT '1' NOT NULL,
+service_resource_elements_text CLOB DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_service_res_UK_guid UNIQUE (guid),
+CONSTRAINT x_rms_svc_res_FK_service_id FOREIGN KEY (service_id) REFERENCES x_service (id)
+);
+
+CREATE INDEX x_rms_svc_res_IDX_service_id ON x_rms_service_resource(service_id);
+
+CREATE TABLE x_rms_notification (
+id NUMBER(20) NOT NULL,
+hms_name VARCHAR(128) DEFAULT NULL NULL,
+notification_id NUMBER(20) DEFAULT NULL NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+change_type VARCHAR(64) DEFAULT NULL NULL,
+hl_resource_id NUMBER(20) DEFAULT NULL NULL,
+hl_service_id NUMBER(20) DEFAULT NULL NULL,
+ll_resource_id NUMBER(20) DEFAULT NULL NULL,
+ll_service_id NUMBER(20) DEFAULT NULL NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notis_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notis_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+
+CREATE INDEX x_rms_notis_IDX_notis_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notis_IDX_hms_notis_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notis_IDX_hl_svc_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notis_IDX_ll_svc_id ON x_rms_notification(ll_service_id);
+
+CREATE TABLE x_rms_resource_mapping(
+id NUMBER(20) NOT NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+hl_resource_id NUMBER(20) NOT NULL,
+ll_resource_id NUMBER(20) NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_id_ll_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+
+CREATE INDEX x_rms_res_map_IDX_hl_svc_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_res_map_IDX_ll_svc_id ON x_rms_resource_mapping(ll_resource_id);
+
+
+CREATE TABLE x_rms_mapping_provider (
+id NUMBER(20) NOT NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+name VARCHAR(128) NOT NULL,
+last_known_version NUMBER(20) NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_map_provider_UK_name UNIQUE(name)
+);
+
+commit;
+
insert into x_portal_user (id,CREATE_TIME, UPDATE_TIME,FIRST_NAME, LAST_NAME, PUB_SCR_NAME, LOGIN_ID, PASSWORD, EMAIL, STATUS) values (X_PORTAL_USER_SEQ.NEXTVAL, sys_extract_utc(systimestamp), sys_extract_utc(systimestamp), 'Admin', '', 'Admin', 'admin', 'ceb4f32325eda6142bd65215f4c0f371', '', 1);
insert into x_portal_user_role (id, CREATE_TIME, UPDATE_TIME, USER_ID, USER_ROLE, STATUS) values (X_PORTAL_USER_ROLE_SEQ.NEXTVAL, sys_extract_utc(systimestamp), sys_extract_utc(systimestamp), getXportalUIdByLoginId('admin'), 'ROLE_SYS_ADMIN', 1);
insert into x_user (id,CREATE_TIME, UPDATE_TIME,user_name, status,descr) values (X_USER_SEQ.NEXTVAL, sys_extract_utc(systimestamp), sys_extract_utc(systimestamp),'admin', 0,'Administrator');
@@ -1873,6 +1979,7 @@ INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,act
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '046',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '047',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '048',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
+INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '049',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, 'DB_PATCHES',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_user_module_perm (id,user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (X_USER_MODULE_PERM_SEQ.nextval,getXportalUIdByLoginId('admin'),getModulesIdByName('Reports'),sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),getXportalUIdByLoginId('admin'),getXportalUIdByLoginId('admin'),1);
diff --git a/security-admin/db/oracle/patches/049-create-rms-schema.sql b/security-admin/db/oracle/patches/049-create-rms-schema.sql
new file mode 100644
index 0000000..394c4b4
--- /dev/null
+++ b/security-admin/db/oracle/patches/049-create-rms-schema.sql
@@ -0,0 +1,119 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+CREATE OR REPLACE PROCEDURE spdropsequence(ObjName IN varchar2)
+IS
+v_counter integer;
+BEGIN
+ select count(*) into v_counter from user_sequences where sequence_name = upper(ObjName);
+ if (v_counter > 0) then
+ execute immediate 'DROP SEQUENCE ' || ObjName;
+ end if;
+END;/
+/
+
+call spdropsequence('X_RMS_SERVICE_RESOURCE_SEQ');
+call spdropsequence('X_RMS_NOTIFICATION_SEQ');
+call spdropsequence('X_RMS_RESOURCE_MAPPING_SEQ');
+call spdropsequence('X_RMS_MAPPING_PROVIDER_SEQ');
+
+commit;
+
+CREATE SEQUENCE X_RMS_SERVICE_RESOURCE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_NOTIFICATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_RESOURCE_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+CREATE SEQUENCE X_RMS_MAPPING_PROVIDER_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+
+CREATE OR REPLACE PROCEDURE spdroptable(ObjName IN varchar2)
+IS
+v_counter integer;
+BEGIN
+ select count(*) into v_counter from user_tables where table_name = upper(ObjName);
+ if (v_counter > 0) then
+ execute immediate 'drop table ' || ObjName || ' cascade constraints';
+ end if;
+END;/
+/
+
+call spdroptable('X_RMS_NOTIFICATION');
+call spdroptable('X_RMS_RESOURCE_MAPPING');
+call spdroptable('X_RMS_MAPPING_PROVIDER');
+call spdroptable('X_RMS_SERVICE_RESOURCE');
+
+CREATE TABLE x_rms_service_resource(
+id NUMBER(20) NOT NULL,
+guid VARCHAR(1024) DEFAULT NULL NULL,
+create_time DATE DEFAULT NULL NULL,
+update_time DATE DEFAULT NULL NULL,
+added_by_id NUMBER(20) DEFAULT NULL NULL,
+upd_by_id NUMBER(20) DEFAULT NULL NULL,
+version NUMBER(20) DEFAULT NULL NULL,
+service_id NUMBER(20) NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled NUMBER(1) DEFAULT '1' NOT NULL,
+service_resource_elements_text CLOB DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_service_res_UK_guid UNIQUE (guid),
+CONSTRAINT x_rms_svc_res_FK_service_id FOREIGN KEY (service_id) REFERENCES x_service (id)
+);
+
+CREATE INDEX x_rms_svc_res_IDX_service_id ON x_rms_service_resource(service_id);
+
+CREATE TABLE x_rms_notification (
+id NUMBER(20) NOT NULL,
+hms_name VARCHAR(128) DEFAULT NULL NULL,
+notification_id NUMBER(20) DEFAULT NULL NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+change_type VARCHAR(64) DEFAULT NULL NULL,
+hl_resource_id NUMBER(20) DEFAULT NULL NULL,
+hl_service_id NUMBER(20) DEFAULT NULL NULL,
+ll_resource_id NUMBER(20) DEFAULT NULL NULL,
+ll_service_id NUMBER(20) DEFAULT NULL NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notis_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notis_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+
+CREATE INDEX x_rms_notis_IDX_notis_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notis_IDX_hms_notis_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notis_IDX_hl_svc_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notis_IDX_ll_svc_id ON x_rms_notification(ll_service_id);
+
+CREATE TABLE x_rms_resource_mapping(
+id NUMBER(20) NOT NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+hl_resource_id NUMBER(20) NOT NULL,
+ll_resource_id NUMBER(20) NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_id_ll_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+
+CREATE INDEX x_rms_res_map_IDX_hl_svc_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_res_map_IDX_ll_svc_id ON x_rms_resource_mapping(ll_resource_id);
+
+
+CREATE TABLE x_rms_mapping_provider (
+id NUMBER(20) NOT NULL,
+change_timestamp DATE DEFAULT NULL NULL,
+name VARCHAR(128) NOT NULL,
+last_known_version NUMBER(20) NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_map_provider_UK_name UNIQUE(name)
+);
+
+commit;
diff --git a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
index 8b4a713..d00af37 100644
--- a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
+++ b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
@@ -92,6 +92,11 @@ DROP TABLE IF EXISTS x_portal_user_role CASCADE;
DROP TABLE IF EXISTS x_portal_user CASCADE;
DROP TABLE IF EXISTS x_db_version_h CASCADE;
+DROP TABLE IF EXISTS x_rms_service_resource CASCADE;
+DROP TABLE IF EXISTS x_rms_notification CASCADE;
+DROP TABLE IF EXISTS x_rms_resource_mapping CASCADE;
+DROP TABLE IF EXISTS x_rms_mapping_provider CASCADE;
+
DROP SEQUENCE IF EXISTS x_sec_zone_ref_group_seq;
DROP SEQUENCE IF EXISTS x_sec_zone_ref_user_seq;
DROP SEQUENCE IF EXISTS x_sec_zone_ref_resource_seq;
@@ -165,6 +170,11 @@ DROP SEQUENCE IF EXISTS xa_access_audit_seq;
DROP SEQUENCE IF EXISTS x_portal_user_role_seq;
DROP SEQUENCE IF EXISTS x_portal_user_seq;
+DROP SEQUENCE IF EXISTS X_RMS_SERVICE_RESOURCE_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_NOTIFICATION_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_RESOURCE_MAPPING_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_MAPPING_PROVIDER_SEQ;
+
create table x_db_version_h(
id SERIAL primary key,
version varchar(64) NOT NULL,
@@ -1576,6 +1586,70 @@ primary key (id)
);
commit;
+CREATE SEQUENCE x_rms_service_resource_seq;
+
+CREATE TABLE x_rms_service_resource(
+id BIGINT DEFAULT nextval('x_rms_service_resource_seq'::regclass),
+guid VARCHAR(64) NOT NULL,
+create_time TIMESTAMP DEFAULT NULL NULL,
+update_time TIMESTAMP DEFAULT NULL NULL,
+added_by_id BIGINT DEFAULT NULL NULL,
+upd_by_id BIGINT DEFAULT NULL NULL,
+version BIGINT DEFAULT NULL NULL,
+service_id BIGINT NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled BOOLEAN DEFAULT '1' NOT NULL,
+service_resource_elements_text TEXT DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_service_res_UK_guid UNIQUE (guid),
+CONSTRAINT x_rms_service_res_FK_service_id FOREIGN KEY (service_id) REFERENCES x_service (id)
+);
+commit;
+
+CREATE SEQUENCE X_RMS_NOTIFICATION_SEQ;
+
+CREATE TABLE x_rms_notification (
+id BIGINT DEFAULT nextval('X_RMS_NOTIFICATION_SEQ'::regclass),
+hms_name VARCHAR(128) NULL DEFAULT NULL,
+notification_id BIGINT NULL DEFAULT NULL,
+change_timestamp TIMESTAMP NULL DEFAULT NULL,
+change_type VARCHAR(64) NULL DEFAULT NULL,
+hl_resource_id BIGINT NULL DEFAULT NULL,
+hl_service_id BIGINT NULL DEFAULT NULL,
+ll_resource_id BIGINT NULL DEFAULT NULL,
+ll_service_id BIGINT NULL DEFAULT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+commit;
+
+CREATE SEQUENCE X_RMS_RESOURCE_MAPPING_SEQ;
+
+CREATE TABLE x_rms_resource_mapping(
+id BIGINT DEFAULT nextval('X_RMS_RESOURCE_MAPPING_SEQ'::regclass),
+change_timestamp TIMESTAMP NULL DEFAULT NULL,
+hl_resource_id BIGINT NOT NULL,
+ll_resource_id BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_res_id_ll_res_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+commit;
+
+CREATE SEQUENCE X_RMS_MAPPING_PROVIDER_SEQ;
+
+CREATE TABLE x_rms_mapping_provider (
+id BIGINT DEFAULT nextval('X_RMS_MAPPING_PROVIDER_SEQ'::regclass),
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+name VARCHAR(128) NOT NULL,
+last_known_version BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_mapping_provider_UK_name UNIQUE(name)
+);
+commit;
+
CREATE INDEX x_tag_change_log_IDX_service_id ON x_tag_change_log(service_id);
CREATE INDEX x_tag_change_log_IDX_tag_version ON x_tag_change_log(service_tags_version);
commit;
@@ -1732,6 +1806,14 @@ CREATE INDEX x_ugsync_audit_info_sync_src ON x_ugsync_audit_info(sync_source);
CREATE INDEX x_ugsync_audit_info_uname ON x_ugsync_audit_info(user_name);
CREATE INDEX x_data_hist_idx_objid_objclstype ON x_data_hist(obj_id,obj_class_type);
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+
CREATE OR REPLACE FUNCTION getXportalUIdByLoginId(input_val varchar(100))
RETURNS bigint LANGUAGE SQL AS $$ SELECT x_portal_user.id FROM x_portal_user
WHERE x_portal_user.login_id = $1; $$;
@@ -1800,6 +1882,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('046',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('047',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('048',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('049',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES
diff --git a/security-admin/db/postgres/patches/049-create-rms-schema.sql b/security-admin/db/postgres/patches/049-create-rms-schema.sql
new file mode 100644
index 0000000..f013b76
--- /dev/null
+++ b/security-admin/db/postgres/patches/049-create-rms-schema.sql
@@ -0,0 +1,91 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS x_rms_service_resource CASCADE;
+DROP TABLE IF EXISTS x_rms_notification CASCADE;
+DROP TABLE IF EXISTS x_rms_resource_mapping CASCADE;
+DROP TABLE IF EXISTS x_rms_mapping_provider CASCADE;
+
+DROP SEQUENCE IF EXISTS X_RMS_SERVICE_RESOURCE_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_NOTIFICATION_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_RESOURCE_MAPPING_SEQ;
+DROP SEQUENCE IF EXISTS X_RMS_MAPPING_PROVIDER_SEQ;
+
+
+CREATE SEQUENCE x_rms_service_resource_seq;
+CREATE TABLE x_rms_service_resource(
+id BIGINT DEFAULT nextval('x_rms_service_resource_seq'::regclass),
+guid VARCHAR(64) NOT NULL,
+create_time TIMESTAMP DEFAULT NULL NULL,
+update_time TIMESTAMP DEFAULT NULL NULL,
+added_by_id BIGINT DEFAULT NULL NULL,
+upd_by_id BIGINT DEFAULT NULL NULL,
+version BIGINT DEFAULT NULL NULL,
+service_id BIGINT NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled BOOLEAN DEFAULT '1' NOT NULL,
+service_resource_elements_text TEXT DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_service_res_UK_guid UNIQUE (guid),
+CONSTRAINT x_rms_service_res_FK_service_id FOREIGN KEY (service_id) REFERENCES x_service (id)
+);
+
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+
+CREATE SEQUENCE X_RMS_NOTIFICATION_SEQ;
+CREATE TABLE x_rms_notification (
+id BIGINT DEFAULT nextval('X_RMS_NOTIFICATION_SEQ'::regclass),
+hms_name VARCHAR(128) NULL DEFAULT NULL,
+notification_id BIGINT NULL DEFAULT NULL,
+change_timestamp TIMESTAMP NULL DEFAULT NULL,
+change_type VARCHAR(64) NULL DEFAULT NULL,
+hl_resource_id BIGINT NULL DEFAULT NULL,
+hl_service_id BIGINT NULL DEFAULT NULL,
+ll_resource_id BIGINT NULL DEFAULT NULL,
+ll_service_id BIGINT NULL DEFAULT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+
+CREATE SEQUENCE X_RMS_RESOURCE_MAPPING_SEQ;
+CREATE TABLE x_rms_resource_mapping(
+id BIGINT DEFAULT nextval('X_RMS_RESOURCE_MAPPING_SEQ'::regclass),
+change_timestamp TIMESTAMP NULL DEFAULT NULL,
+hl_resource_id BIGINT NOT NULL,
+ll_resource_id BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_res_id_ll_res_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+
+CREATE SEQUENCE X_RMS_MAPPING_PROVIDER_SEQ;
+CREATE TABLE x_rms_mapping_provider (
+id BIGINT DEFAULT nextval('X_RMS_MAPPING_PROVIDER_SEQ'::regclass),
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+name VARCHAR(128) NOT NULL,
+last_known_version BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_mapping_provider_UK_name UNIQUE(name)
+);
diff --git a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
index d46e57a..7791a9a 100644
--- a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
+++ b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
@@ -2057,6 +2057,103 @@ CREATE NONCLUSTERED INDEX x_tag_change_log_IDX_service_id ON dbo.x_tag_change_lo
GO
CREATE NONCLUSTERED INDEX x_tag_change_log_IDX_tag_version ON dbo.x_tag_change_log(service_tags_version ASC);
GO
+
+CREATE OR REPLACE PROCEDURE dbo.removeForeignKeysAndTable (IN table_name varchar(100))
+AS
+BEGIN
+ DECLARE @stmt VARCHAR(300)
+ DECLARE @tblname VARCHAR(300)
+ DECLARE @drpstmt VARCHAR(1000)
+ DECLARE cur CURSOR FOR select 'alter table dbo.' + table_name + ' drop constraint ' + role from SYS.SYSFOREIGNKEYS where foreign_creator ='dbo' and foreign_tname = table_name
+ OPEN cur WITH HOLD
+ fetch cur into @stmt
+ WHILE (@@sqlstatus = 0)
+ BEGIN
+ execute(@stmt)
+ fetch cur into @stmt
+ END
+ close cur
+ DEALLOCATE CURSOR cur
+ SET @tblname ='dbo.' + table_name;
+ SET @drpstmt = 'DROP TABLE IF EXISTS ' + @tblname;
+ execute(@drpstmt)
+END
+
+GO
+call dbo.removeForeignKeysAndTable('x_rms_notification')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_resource_mapping')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_mapping_provider')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_service_resource')
+GO
+
+CREATE TABLE dbo.x_rms_service_resource(
+id BIGINT IDENTITY NOT NULL,
+guid VARCHAR(64) NOT NULL,
+create_time TIMESTAMP DEFAULT NULL NULL,
+update_time TIMESTAMP DEFAULT NULL NULL,
+added_by_id BIGINT DEFAULT NULL NULL,
+upd_by_id BIGINT DEFAULT NULL NULL,
+version BIGINT DEFAULT NULL NULL,
+service_id BIGINT NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled tinyint DEFAULT 1 NOT NULL,
+service_resource_elements_text TEXT DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+GO
+
+CREATE TABLE dbo.x_rms_notification (
+id BIGINT IDENTITY NOT NULL ,
+hms_name VARCHAR(128) DEFAULT NULL NULL,
+notification_id BIGINT DEFAULT NULL NULL,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+change_type VARCHAR(64) DEFAULT NULL NULL,
+hl_resource_id BIGINT DEFAULT NULL NULL,
+hl_service_id BIGINT DEFAULT NULL NULL,
+ll_resource_id BIGINT DEFAULT NULL NULL,
+ll_service_id BIGINT DEFAULT NULL NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+GO
+
+CREATE TABLE dbo.x_rms_resource_mapping(
+id BIGINT IDENTITY NOT NULL ,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+hl_resource_id BIGINT NOT NULL,
+ll_resource_id BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_res_id_ll_res_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+GO
+
+CREATE TABLE dbo.x_rms_mapping_provider (
+id BIGINT IDENTITY NOT NULL ,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+name VARCHAR(128) DEFAULT NULL NULL,
+last_known_version BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_mapping_provider_UK_name UNIQUE(name)
+);
+GO
+
insert into x_portal_user (create_time,update_time,first_name,last_name,pub_scr_name,login_id,password,email,status) values (GETDATE(),GETDATE(),'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1)
GO
insert into x_portal_user_role (create_time,update_time,user_id,user_role,status) values (GETDATE(),GETDATE(),dbo.getXportalUIdByLoginId('admin'),'ROLE_SYS_ADMIN',1)
@@ -2165,6 +2262,8 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
GO
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('048',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
GO
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('049',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+GO
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
GO
INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (dbo.getXportalUIdByLoginId('admin'),dbo.getModulesIdByName('Reports'),CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,dbo.getXportalUIdByLoginId('admin'),dbo.getXportalUIdByLoginId('admin'),1);
diff --git a/security-admin/db/sqlanywhere/patches/049-create-rms-schema.sql b/security-admin/db/sqlanywhere/patches/049-create-rms-schema.sql
new file mode 100644
index 0000000..feb7b7f
--- /dev/null
+++ b/security-admin/db/sqlanywhere/patches/049-create-rms-schema.sql
@@ -0,0 +1,107 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+CREATE OR REPLACE PROCEDURE dbo.removeForeignKeysAndTable (IN table_name varchar(100))
+AS
+BEGIN
+ DECLARE @stmt VARCHAR(300)
+ DECLARE @tblname VARCHAR(300)
+ DECLARE @drpstmt VARCHAR(1000)
+ DECLARE cur CURSOR FOR select 'alter table dbo.' + table_name + ' drop constraint ' + role from SYS.SYSFOREIGNKEYS where foreign_creator ='dbo' and foreign_tname = table_name
+ OPEN cur WITH HOLD
+ fetch cur into @stmt
+ WHILE (@@sqlstatus = 0)
+ BEGIN
+ execute(@stmt)
+ fetch cur into @stmt
+ END
+ close cur
+ DEALLOCATE CURSOR cur
+ SET @tblname ='dbo.' + table_name;
+ SET @drpstmt = 'DROP TABLE IF EXISTS ' + @tblname;
+ execute(@drpstmt)
+END
+
+GO
+call dbo.removeForeignKeysAndTable('x_rms_notification')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_resource_mapping')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_mapping_provider')
+GO
+call dbo.removeForeignKeysAndTable('x_rms_service_resource')
+GO
+
+CREATE TABLE dbo.x_rms_service_resource(
+id BIGINT IDENTITY NOT NULL,
+guid VARCHAR(64) NOT NULL,
+create_time TIMESTAMP DEFAULT NULL NULL,
+update_time TIMESTAMP DEFAULT NULL NULL,
+added_by_id BIGINT DEFAULT NULL NULL,
+upd_by_id BIGINT DEFAULT NULL NULL,
+version BIGINT DEFAULT NULL NULL,
+service_id BIGINT NOT NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
+is_enabled tinyint DEFAULT '1' NOT NULL,
+service_resource_elements_text TEXT DEFAULT NULL NULL,
+primary key (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+CREATE INDEX x_rms_service_resource_IDX_service_id ON x_rms_service_resource(service_id);
+
+
+CREATE TABLE dbo.x_rms_notification (
+id BIGINT IDENTITY NOT NULL ,
+hms_name VARCHAR(128) DEFAULT NULL NULL,
+notification_id BIGINT DEFAULT NULL NULL,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+change_type VARCHAR(64) DEFAULT NULL NULL,
+hl_resource_id BIGINT DEFAULT NULL NULL,
+hl_service_id BIGINT DEFAULT NULL NULL,
+ll_resource_id BIGINT DEFAULT NULL NULL,
+ll_service_id BIGINT DEFAULT NULL NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_notification_FK_hl_service_id FOREIGN KEY(hl_service_id) REFERENCES x_service(id),
+CONSTRAINT x_rms_notification_FK_ll_service_id FOREIGN KEY(ll_service_id) REFERENCES x_service(id)
+);
+
+CREATE INDEX x_rms_notification_IDX_notification_id ON x_rms_notification(notification_id);
+CREATE INDEX x_rms_notification_IDX_hms_name_notification_id ON x_rms_notification(hms_name, notification_id);
+CREATE INDEX x_rms_notification_IDX_hl_service_id ON x_rms_notification(hl_service_id);
+CREATE INDEX x_rms_notification_IDX_ll_service_id ON x_rms_notification(ll_service_id);
+
+CREATE TABLE dbo.x_rms_resource_mapping(
+id BIGINT IDENTITY NOT NULL ,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+hl_resource_id BIGINT NOT NULL,
+ll_resource_id BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_res_map_UK_hl_res_id_ll_res_id UNIQUE(hl_resource_id, ll_resource_id),
+CONSTRAINT x_rms_res_map_FK_hl_res_id FOREIGN KEY(hl_resource_id) REFERENCES x_rms_service_resource(id),
+CONSTRAINT x_rms_res_map_FK_ll_res_id FOREIGN KEY(ll_resource_id) REFERENCES x_rms_service_resource(id)
+);
+
+CREATE INDEX x_rms_resource_mapping_IDX_hl_resource_id ON x_rms_resource_mapping(hl_resource_id);
+CREATE INDEX x_rms_resource_mapping_IDX_ll_resource_id ON x_rms_resource_mapping(ll_resource_id);
+
+CREATE TABLE dbo.x_rms_mapping_provider (
+id BIGINT IDENTITY NOT NULL ,
+change_timestamp TIMESTAMP DEFAULT NULL NULL,
+name VARCHAR(128) DEFAULT NULL NULL,
+last_known_version BIGINT NOT NULL,
+PRIMARY KEY (id),
+CONSTRAINT x_rms_mapping_provider_UK_name UNIQUE(name)
+);
diff --git a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
index d4476a3..addb566 100644
--- a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
@@ -3851,6 +3851,196 @@ GO
PRINT 'Created function dbo.getXportalUIdByLoginId successfully'
GO
+IF (OBJECT_ID('x_rms_service_res_FK_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_service_resource] DROP CONSTRAINT x_rms_service_res_FK_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification_FK_hl_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_notification] DROP CONSTRAINT x_rms_notification_FK_hl_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification_FK_ll_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_notification] DROP CONSTRAINT x_rms_notification_FK_ll_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_res_map_FK_hl_res_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_resource_mapping] DROP CONSTRAINT x_rms_res_map_FK_hl_res_id
+END
+GO
+IF (OBJECT_ID('x_rms_res_map_FK_ll_res_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_resource_mapping] DROP CONSTRAINT x_rms_res_map_FK_ll_res_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_notification]
+END
+GO
+IF (OBJECT_ID('x_rms_resource_mapping') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_resource_mapping]
+END
+GO
+IF (OBJECT_ID('x_rms_mapping_provider') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_mapping_provider]
+END
+GO
+IF (OBJECT_ID('x_rms_service_resource') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_service_resource]
+END
+GO
+
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+CREATE TABLE [dbo].[x_rms_service_resource](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [guid] [varchar](64) NOT NULL,
+ [create_time] [datetime2] DEFAULT NULL NULL,
+ [update_time] [datetime2] DEFAULT NULL NULL,
+ [added_by_id] [bigint] DEFAULT NULL NULL,
+ [upd_by_id] [bigint] DEFAULT NULL NULL,
+ [version] [bigint] DEFAULT NULL NULL,
+ [service_id] [bigint] NOT NULL,
+ [resource_signature] [varchar](128) DEFAULT NULL NULL,
+ [is_enabled] [tinyint] DEFAULT 1 NOT NULL,
+ [service_resource_elements_text] [nvarchar](max) DEFAULT NULL NULL,
+ PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+CONSTRAINT [x_rms_service_resource$x_service_res_UK_guid] UNIQUE NONCLUSTERED
+(
+ [guid] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_service_resource] WITH CHECK ADD CONSTRAINT [x_rms_service_res_FK_service_id] FOREIGN KEY([service_id]) REFERENCES [dbo].[x_service] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_service_resource_IDX_service_id] ON [x_rms_service_resource]
+(
+ [service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+CREATE TABLE [dbo].[x_rms_notification](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [hms_name] [VARCHAR](128) NULL DEFAULT NULL,
+ [notification_id] [bigint] NULL DEFAULT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [change_type] [VARCHAR](64) NULL DEFAULT NULL,
+ [hl_resource_id] [bigint] NULL DEFAULT NULL,
+ [hl_service_id] [bigint] NULL DEFAULT NULL,
+ [ll_resource_id] [bigint] NULL DEFAULT NULL,
+ [ll_service_id] [bigint] NULL DEFAULT NULL,
+
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_notification] WITH CHECK ADD CONSTRAINT [x_rms_notification_FK_hl_service_id] FOREIGN KEY([hl_service_id])
+REFERENCES [dbo].[x_service] ([id])
+ALTER TABLE [dbo].[x_rms_notification] WITH CHECK ADD CONSTRAINT [x_rms_notification_FK_ll_service_id] FOREIGN KEY([ll_service_id])
+REFERENCES [dbo].[x_service] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_notification_id] ON [x_rms_notification]
+(
+ [notification_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_hms_name_notification_id] ON [x_rms_notification]
+(
+ [hms_name] ASC,[notification_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_hl_service_id] ON [x_rms_notification]
+(
+ [hl_service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_ll_service_id] ON [x_rms_notification]
+(
+ [ll_service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+
+CREATE TABLE [dbo].[x_rms_resource_mapping](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [hl_resource_id] [bigint] NOT NULL,
+ [ll_resource_id] [bigint] NOT NULL,
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+ CONSTRAINT [x_rms_res_map_UK_hl_res_id_ll_res_id] UNIQUE NONCLUSTERED
+(
+ [hl_resource_id] ASC, [ll_resource_id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_resource_mapping] WITH CHECK ADD CONSTRAINT [x_rms_res_map_FK_hl_res_id] FOREIGN KEY([hl_resource_id])
+REFERENCES [dbo].[x_rms_service_resource] ([id])
+ALTER TABLE [dbo].[x_rms_resource_mapping] WITH CHECK ADD CONSTRAINT [x_rms_res_map_FK_ll_res_id] FOREIGN KEY([ll_resource_id])
+REFERENCES [dbo].[x_rms_service_resource] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_resource_mapping_IDX_hl_resource_id] ON [x_rms_resource_mapping]
+(
+ [hl_resource_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+CREATE NONCLUSTERED INDEX [x_rms_resource_mapping_IDX_ll_resource_id] ON [x_rms_resource_mapping]
+(
+ [ll_resource_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+
+CREATE TABLE [dbo].[x_rms_mapping_provider](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [name] [VARCHAR](128) NOT NULL,
+ [last_known_version] [bigint] NOT NULL,
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+ CONSTRAINT [x_rms_mapping_provider_UK_name] UNIQUE NONCLUSTERED
+(
+ [name] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+
insert into x_portal_user (CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1);
insert into x_portal_user_role (CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,dbo.getXportalUIdByLoginId('admin'),'ROLE_SYS_ADMIN',1);
insert into x_user (CREATE_TIME,UPDATE_TIME,user_name,status,descr) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'admin',0,'Administrator');
@@ -3905,6 +4095,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('046',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('047',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('048',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('049',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (dbo.getXportalUIdByLoginId('admin'),dbo.getModulesIdByName('Reports'),CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,dbo.getXportalUIdByLoginId('admin'),dbo.getXportalUIdByLoginId('admin'),1);
INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (dbo.getXportalUIdByLoginId('admin'),dbo.getModulesIdByName('Resource Based Policies'),CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,dbo.getXportalUIdByLoginId('admin'),dbo.getXportalUIdByLoginId('admin'),1);
diff --git a/security-admin/db/sqlserver/patches/049-create-rms-schema.sql b/security-admin/db/sqlserver/patches/049-create-rms-schema.sql
new file mode 100644
index 0000000..e8c189d
--- /dev/null
+++ b/security-admin/db/sqlserver/patches/049-create-rms-schema.sql
@@ -0,0 +1,205 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+GO
+IF (OBJECT_ID('x_rms_service_res_FK_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_service_resource] DROP CONSTRAINT x_rms_service_res_FK_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification_FK_hl_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_notification] DROP CONSTRAINT x_rms_notification_FK_hl_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification_FK_ll_service_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_notification] DROP CONSTRAINT x_rms_notification_FK_ll_service_id
+END
+GO
+IF (OBJECT_ID('x_rms_res_map_FK_hl_res_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_resource_mapping] DROP CONSTRAINT x_rms_res_map_FK_hl_res_id
+END
+GO
+IF (OBJECT_ID('x_rms_res_map_FK_ll_res_id') IS NOT NULL)
+BEGIN
+ ALTER TABLE [dbo].[x_rms_resource_mapping] DROP CONSTRAINT x_rms_res_map_FK_ll_res_id
+END
+GO
+IF (OBJECT_ID('x_rms_notification') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_notification]
+END
+GO
+IF (OBJECT_ID('x_rms_resource_mapping') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_resource_mapping]
+END
+GO
+IF (OBJECT_ID('x_rms_mapping_provider') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_mapping_provider]
+END
+GO
+IF (OBJECT_ID('x_rms_service_resource') IS NOT NULL)
+BEGIN
+ DROP TABLE [dbo].[x_rms_service_resource]
+END
+GO
+
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+CREATE TABLE [dbo].[x_rms_service_resource](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [guid] [varchar](64) NOT NULL,
+ [create_time] [datetime2] DEFAULT NULL NULL,
+ [update_time] [datetime2] DEFAULT NULL NULL,
+ [added_by_id] [bigint] DEFAULT NULL NULL,
+ [upd_by_id] [bigint] DEFAULT NULL NULL,
+ [version] [bigint] DEFAULT NULL NULL,
+ [service_id] [bigint] NOT NULL,
+ [resource_signature] [varchar](128) DEFAULT NULL NULL,
+ [is_enabled] [tinyint] DEFAULT 1 NOT NULL,
+ [service_resource_elements_text] [nvarchar](max) DEFAULT NULL NULL,
+ PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+CONSTRAINT [x_rms_service_resource$x_service_res_UK_guid] UNIQUE NONCLUSTERED
+(
+ [guid] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_service_resource] WITH CHECK ADD CONSTRAINT [x_rms_service_res_FK_service_id] FOREIGN KEY([service_id]) REFERENCES [dbo].[x_service] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_service_resource_IDX_service_id] ON [x_rms_service_resource]
+(
+ [service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+CREATE TABLE [dbo].[x_rms_notification](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [hms_name] [VARCHAR](128) NULL DEFAULT NULL,
+ [notification_id] [bigint] NULL DEFAULT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [change_type] [VARCHAR](64) NULL DEFAULT NULL,
+ [hl_resource_id] [bigint] NULL DEFAULT NULL,
+ [hl_service_id] [bigint] NULL DEFAULT NULL,
+ [ll_resource_id] [bigint] NULL DEFAULT NULL,
+ [ll_service_id] [bigint] NULL DEFAULT NULL,
+
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_notification] WITH CHECK ADD CONSTRAINT [x_rms_notification_FK_hl_service_id] FOREIGN KEY([hl_service_id])
+REFERENCES [dbo].[x_service] ([id])
+ALTER TABLE [dbo].[x_rms_notification] WITH CHECK ADD CONSTRAINT [x_rms_notification_FK_ll_service_id] FOREIGN KEY([ll_service_id])
+REFERENCES [dbo].[x_service] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_notification_id] ON [x_rms_notification]
+(
+ [notification_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_hms_name_notification_id] ON [x_rms_notification]
+(
+ [hms_name] ASC,[notification_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_hl_service_id] ON [x_rms_notification]
+(
+ [hl_service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+CREATE NONCLUSTERED INDEX [x_rms_notification_IDX_ll_service_id] ON [x_rms_notification]
+(
+ [ll_service_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+
+CREATE TABLE [dbo].[x_rms_resource_mapping](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [hl_resource_id] [bigint] NOT NULL,
+ [ll_resource_id] [bigint] NOT NULL,
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+ CONSTRAINT [x_rms_res_map_UK_hl_res_id_ll_res_id] UNIQUE NONCLUSTERED
+(
+ [hl_resource_id] ASC, [ll_resource_id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+GO
+ALTER TABLE [dbo].[x_rms_resource_mapping] WITH CHECK ADD CONSTRAINT [x_rms_res_map_FK_hl_res_id] FOREIGN KEY([hl_resource_id])
+REFERENCES [dbo].[x_rms_service_resource] ([id])
+ALTER TABLE [dbo].[x_rms_resource_mapping] WITH CHECK ADD CONSTRAINT [x_rms_res_map_FK_ll_res_id] FOREIGN KEY([ll_resource_id])
+REFERENCES [dbo].[x_rms_service_resource] ([id])
+GO
+CREATE NONCLUSTERED INDEX [x_rms_resource_mapping_IDX_hl_resource_id] ON [x_rms_resource_mapping]
+(
+ [hl_resource_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+GO
+CREATE NONCLUSTERED INDEX [x_rms_resource_mapping_IDX_ll_resource_id] ON [x_rms_resource_mapping]
+(
+ [ll_resource_id] ASC
+)
+WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY]
+
+SET ANSI_NULLS ON
+SET QUOTED_IDENTIFIER ON
+SET ANSI_PADDING ON
+GO
+
+CREATE TABLE [dbo].[x_rms_mapping_provider](
+ [id] [bigint] IDENTITY(1,1) NOT NULL,
+ [change_timestamp] [datetime2] DEFAULT NULL NULL,
+ [name] [VARCHAR](128) NOT NULL,
+ [last_known_version] [bigint] NOT NULL,
+PRIMARY KEY CLUSTERED
+(
+ [id] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
+ CONSTRAINT [x_rms_mapping_provider_UK_name] UNIQUE NONCLUSTERED
+(
+ [name] ASC
+)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+) ON [PRIMARY]
+
+GO
+
+exit
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index fd99a88..2b77e6e 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -394,6 +394,7 @@ public class ServiceDBStore extends AbstractServiceStore {
resetPolicyUpdateLog(RETENTION_PERIOD_IN_DAYS, RangerPolicyDelta.CHANGE_TYPE_RANGER_ADMIN_START);
resetTagUpdateLog(TAG_RETENTION_PERIOD_IN_DAYS, ServiceTags.TagsChangeType.RANGER_ADMIN_START);
//createUnzonedSecurityZone();
+ initRMSDaos();
return null;
}
});
@@ -4905,6 +4906,14 @@ public class ServiceDBStore extends AbstractServiceStore {
xUserService.createXUserWithOutLogin(genericUser);
}
+ private void initRMSDaos() {
+ daoMgr.getXXService();
+ daoMgr.getXXRMSMappingProvider();
+ daoMgr.getXXRMSNotification();
+ daoMgr.getXXRMSServiceResource();
+ daoMgr.getXXRMSResourceMapping();
+ }
+
public void resetPolicyUpdateLog(int retentionInDays, Integer policyChangeType) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> resetPolicyUpdateLog(" + retentionInDays + ", " + policyChangeType + ")");
diff --git a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
index e3a7bdc..f214385 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
@@ -624,16 +624,22 @@ public class AppConstants extends RangerCommonEnums {
public static final int CLASS_TYPE_XA_ACCESS_AUDIT_V5 = 1054;
public static final int CLASS_TYPE_UGYNC_AUDIT_INFO = 1055;
- public static final int CLASS_TYPE_RANGER_SECURITY_ZONE = 1056;
- public static final int CLASS_TYPE_RANGER_ROLE = 1057;
/**
* Class type of RangerSecurityZone
*/
+ public static final int CLASS_TYPE_RANGER_SECURITY_ZONE = 1056;
+ public static final int CLASS_TYPE_RANGER_ROLE = 1057;
+
+ public static final int CLASS_TYPE_RMS_MAPPING_PROVIDER = 1058;
+ public static final int CLASS_TYPE_RMS_NOTIFICATION = 1059;
+ public static final int CLASS_TYPE_RMS_SERVICE_RESOURCE = 1060;
+ public static final int CLASS_TYPE_RMS_RESOURCE_MAPPING = 1061;
+
/**
* Max value for enum ClassTypes_MAX
*/
- public static final int ClassTypes_MAX = 1058;
+ public static final int ClassTypes_MAX = 1062;
/***************************************************************
@@ -1042,6 +1048,19 @@ public class AppConstants extends RangerCommonEnums {
if( elementValue == 1057 ) {
return "Ranger Role"; //CLASS_TYPE_RANGER_ROLE
}
+
+ if( elementValue == 1058 ) {
+ return "Ranger Security Zone"; //CLAS
+ }
+ if( elementValue == 1059 ) {
+ return "Ranger Security Zone"; //CLAS
+ }
+ if( elementValue == 1060 ) {
+ return "Ranger Security Zone"; //CLAS
+ }
+ if( elementValue == 1061 ) {
+ return "Ranger Security Zone"; //CLAS
+ }
return null;
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
index 74c3dd0..10d73a7 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
@@ -317,6 +317,11 @@ public abstract class RangerDaoManagerBase {
public XXTagChangeLogDao getXXTagChangeLog() { return new XXTagChangeLogDao(this); }
+ public XXRMSMappingProviderDao getXXRMSMappingProvider() { return new XXRMSMappingProviderDao(this); }
+ public XXRMSNotificationDao getXXRMSNotification() { return new XXRMSNotificationDao(this); }
+ public XXRMSServiceResourceDao getXXRMSServiceResource() { return new XXRMSServiceResourceDao(this); }
+ public XXRMSResourceMappingDao getXXRMSResourceMapping() { return new XXRMSResourceMappingDao(this); }
+
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXRMSMappingProviderDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXRMSMappingProviderDao.java
new file mode 100644
index 0000000..fd52d6c
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXRMSMappingProviderDao.java
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.util.Date;
+import java.util.List;
+
+import javax.persistence.NoResultException;
+
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.entity.XXRMSMappingProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+/**
+ */
+@Service
+public class XXRMSMappingProviderDao extends BaseDao<XXRMSMappingProvider> {
+
+ private static final Logger LOG = LoggerFactory.getLogger(XXRMSMappingProviderDao.class);
+
+ public XXRMSMappingProviderDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ }
+
+ public List<XXRMSMappingProvider> getResource() {
+ List<XXRMSMappingProvider> allResource = getAll();
+ return allResource;
+ }
+
+ public XXRMSMappingProvider findByName(String name) {
+ if (name == null) {
+ return null;
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXRMSMappingProvider.findByName", tClass)
+ .setParameter("name", name).getSingleResult();
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
+
+ public Long getLastKnownVersion(String providerName) {
+
+ XXRMSMappingProvider mappingProvider = findByName(providerName);
+
+ return mappingProvider != null ? mappingProvider.getLastKnownVersion() : 0L;
+ }
+
+ public void updateLastKnownVersion(String providerName, long currentNotificationId) {
+
+ XXRMSMappingProvider mappingProvider = findByName(providerName);
+
+ if (mappingProvider != null) {
+ if (currentNotificationId >= -1L) {
+ mappingProvider.setLastKnownVersion(currentNotificationId);
+ mappingProvider.setChangeTimestamp(new Date());
+ update(mappingProvider);
+ } else {
+ LOG.error("currentNotificationId cannot be set to a value less than -1");
+ }
+ } else {
+ LOG.error("Cannot update lastKnownVersion for providerName:[" + providerName + "]");
+ }
+ }
+
+
+
+}
+
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXRMSNotificationDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXRMSNotificationDao.java
new file mode 100644
index 0000000..2b6cf1a
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXRMSNotificationDao.java
@@ -0,0 +1,123 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.persistence.NoResultException;
+
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.entity.XXRMSNotification;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+/**
+ */
+@Service
+public class XXRMSNotificationDao extends BaseDao<XXRMSNotification> {
+
+ private static final Logger LOG = LoggerFactory.getLogger(XXRMSNotificationDao.class);
+
+ public XXRMSNotificationDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ }
+
+ public List<XXRMSNotification> getResource() {
+ List<XXRMSNotification> allResource = getAll();
+ return allResource;
+ }
+
+ public Long getMaxIdOfNotifications(long llServiceId, long hlServiceId) {
+ Long lastNotificationId = 0L;
+ try {
+ lastNotificationId = getEntityManager()
+ .createNamedQuery("XXRMSNotification.getMaxIdOfNotifications", Long.class)
+ .setParameter("llServiceId", llServiceId)
+ .setParameter("hlServiceId", hlServiceId)
+ .getSingleResult();
+
+ } catch (NoResultException e) {
+ LOG.debug(e.getMessage());
+ } finally{
+ if (lastNotificationId == null){
+ lastNotificationId = 0L;
+ }
+ }
+ return lastNotificationId;
+ }
+
+ public List<XXRMSNotification> getAllAfterNotificationId(long llServiceId, long hlServiceId, long notificationId) {
+ List<XXRMSNotification> notifications = new ArrayList<>();
+ try {
+ notifications = getEntityManager()
+ .createNamedQuery("XXRMSNotification.getAllAfterNotificationId", XXRMSNotification.class)
+ .setParameter("llServiceId", llServiceId)
+ .setParameter("hlServiceId", hlServiceId)
+ .setParameter("notificationId", notificationId)
+ .getResultList();
+ } catch (NoResultException e) {
+ LOG.debug("There are no relevant notifications after notification_id:[" + notificationId + "]");
+ }
+ return notifications;
+ }
+
+ public Long findLatestInvalidNotificationId(long llServiceId, long hlServiceId, long lastKnownVersion) {
+ Long latestInvalidNotificationId = -1L;
+
+ List<XXRMSNotification> notifications = getNotificationWithTypeAfterNotificationId(llServiceId, hlServiceId, "invalid", lastKnownVersion);
+
+ if (CollectionUtils.isNotEmpty(notifications)) {
+ latestInvalidNotificationId = notifications.get(notifications.size()-1).getNotificationId();
+ }
+
+ return latestInvalidNotificationId;
+ }
+
+ public List<XXRMSNotification> getNotificationWithTypeAfterNotificationId(long llServiceId, long hlServiceId, String changeType, long notificationId) {
+ List<XXRMSNotification> notifications = new ArrayList<>();
+ try {
+ notifications = getEntityManager()
+ .createNamedQuery("XXRMSNotification.getNotificationWithTypeAfterNotificationId", XXRMSNotification.class)
+ .setParameter("llServiceId", llServiceId)
+ .setParameter("hlServiceId", hlServiceId)
+ .setParameter("changeType", changeType)
+ .setParameter("notificationId", notificationId)
+ .getResultList();
+ } catch (NoResultException e) {
+
+ }
+ return notifications;
+ }
+
+ public List<XXRMSNotification> getDeletedNotificationsByHlResourceId(long hlResourceId, long lastKnownVersion) {
+ List<XXRMSNotification> notifications = new ArrayList<>();
+ try {
+ notifications = getEntityManager()
+ .createNamedQuery("XXRMSNotification.getDeletedNotificationsByHlResourceId", XXRMSNotification.class)
+ .setParameter("hlResourceId", hlResourceId)
+ .setParameter("lastKnownVersion", lastKnownVersion)
+ .getResultList();
+ } catch (NoResultException e) {
+
+ }
+ return notifications;
+ }
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXRMSResourceMappingDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXRMSResourceMappingDao.java
new file mode 100644
index 0000000..763e1ae
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXRMSResourceMappingDao.java
@@ -0,0 +1,133 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.persistence.NoResultException;
+
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.plugin.model.RangerServiceResource;
+import org.apache.ranger.entity.XXRMSResourceMapping;
+import org.apache.ranger.entity.XXRMSServiceResource;
+import org.springframework.stereotype.Service;
+
+/**
+ */
+@Service
+public class XXRMSResourceMappingDao extends BaseDao<XXRMSResourceMapping> {
+
+ //private static final Log LOG = LogFactory.getLog(XXRMSResourceMappingDao.class);
+
+ public XXRMSResourceMappingDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ }
+
+ @SuppressWarnings("unchecked")
+ public List<Object[]> getResourceMappings() {
+ return getEntityManager().createNamedQuery("XXRMSResourceMapping.getResourceMapping").getResultList();
+ }
+
+ public void deleteByHlResourceId(Long resourceId) {
+ getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.deleteByHlResourceId")
+ .setParameter("resourceId", resourceId)
+ .executeUpdate();
+ }
+
+ public void deleteByLlResourceId(Long resourceId) {
+ getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.deleteByLlResourceId")
+ .setParameter("resourceId", resourceId)
+ .executeUpdate();
+ }
+
+ public void deleteByHlAndLlResourceId(Long hlResourceId, Long llResourceId) {
+ getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.deleteByHlAndLlResourceId")
+ .setParameter("hlResourceId", hlResourceId)
+ .setParameter("llResourceId", llResourceId)
+ .executeUpdate();
+ }
+
+ public XXRMSResourceMapping findByHlAndLlResourceId(Long hlResourceId, Long llResourceId) {
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.findByHlAndLlResourceId", XXRMSResourceMapping.class)
+ .setParameter("hlResourceId", hlResourceId)
+ .setParameter("llResourceId", llResourceId)
+ .getSingleResult();
+ } catch (NoResultException e) {
+ }
+ return null;
+ }
+
+ public List<Long> findByHlResource(RangerServiceResource hlResource) {
+ return findByHlResourceId(hlResource.getId());
+ }
+
+ public List<Long> findByHlResourceId(Long hlResourceId) {
+ return getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.findByHlResourceId", Long.class)
+ .setParameter("hlResourceId", hlResourceId)
+ .getResultList();
+ }
+
+ public List<Long> findByLlResource(RangerServiceResource llResource) {
+ return findByLlResourceId(llResource.getId());
+ }
+
+ public List<Long> findByLlResourceId(Long llResourceId) {
+ return getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.findByLlResourceId", Long.class)
+ .setParameter("llResourceId", llResourceId)
+ .getResultList();
+ }
+
+ public List<RangerServiceResource> getServiceResourcesByLlResourceId(long llResourceId) {
+ List<RangerServiceResource> ret = new ArrayList<>();
+
+ List<Object[]> rows = null;
+ try {
+ rows = getEntityManager()
+ .createNamedQuery("XXRMSResourceMapping.getServiceResourcesByLlResourceId", Object[].class)
+ .setParameter("llResourceId", llResourceId)
+ .getResultList();
+ } catch (NoResultException e) {
+ // Nothing
+ }
+
+ if (CollectionUtils.isNotEmpty(rows)) {
+ for (Object[] row : rows) {
+ XXRMSServiceResource xxServiceResource = new XXRMSServiceResource();
+ xxServiceResource.setId((Long) row[0]);
+ xxServiceResource.setGuid((String) row[1]);
+ xxServiceResource.setVersion((Long) row[2]);
+ xxServiceResource.setIsEnabled((Boolean) row[3]);
+ xxServiceResource.setResourceSignature((String) row[4]);
+ xxServiceResource.setServiceId((Long) row[5]);
+ xxServiceResource.setServiceResourceElements((String) row[6]);
+ ret.add(XXRMSServiceResourceDao.populateViewBean(xxServiceResource));
+ }
+ }
+ return ret;
+ }
+
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXRMSServiceResourceDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXRMSServiceResourceDao.java
new file mode 100644
index 0000000..3a4f14a
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXRMSServiceResourceDao.java
@@ -0,0 +1,265 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.lang.reflect.Type;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+//import java.util.stream.Collectors;
+
+import javax.persistence.NoResultException;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.reflect.TypeToken;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.collections.MapUtils;
+import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.authorization.utils.JsonUtils;
+import org.apache.ranger.authorization.utils.StringUtil;
+import org.apache.ranger.common.DateUtil;
+import org.apache.ranger.common.GUIDUtil;
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.entity.XXService;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.entity.XXRMSServiceResource;
+import org.apache.ranger.plugin.model.RangerServiceResource;
+import org.springframework.stereotype.Service;
+
+@Service
+public class XXRMSServiceResourceDao extends BaseDao<XXRMSServiceResource> {
+
+ public static final Gson gsonBuilder = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").create();
+ public static final Type subsumedDataType = new TypeToken<Map<String, RangerPolicy.RangerPolicyResource>>() {}.getType();
+
+ private static RangerDaoManagerBase _daoManager = null;
+
+ public XXRMSServiceResourceDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ _daoManager = daoManager;
+ }
+
+ public XXRMSServiceResource findByGuid(String guid) {
+ if (StringUtil.isEmpty(guid)) {
+ return null;
+ }
+ try {
+ return getEntityManager().createNamedQuery("XXRMSServiceResource.findByGuid", tClass)
+ .setParameter("guid", guid).getSingleResult();
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
+
+ public List<RangerServiceResource> findByServiceId(Long serviceId) {
+ List<RangerServiceResource> ret = new ArrayList<>();
+
+ if (serviceId != null) {
+ List<Object[]> rows = null;
+ try {
+ rows = getEntityManager()
+ .createNamedQuery("XXRMSServiceResource.findByServiceId", Object[].class)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ // Nothing
+ }
+
+ if (CollectionUtils.isNotEmpty(rows)) {
+ for (Object[] row : rows) {
+ XXRMSServiceResource xxServiceResource = new XXRMSServiceResource();
+ xxServiceResource.setId((Long) row[0]);
+ xxServiceResource.setGuid((String) row[1]);
+ xxServiceResource.setVersion((Long) row[2]);
+ xxServiceResource.setIsEnabled((Boolean) row[3]);
+ xxServiceResource.setResourceSignature((String) row[4]);
+ xxServiceResource.setServiceId((Long) row[5]);
+ xxServiceResource.setServiceResourceElements((String) row[6]);
+ ret.add(XXRMSServiceResourceDao.populateViewBean(xxServiceResource));
+ }
+ }
+ }
+ return ret;
+ }
+
+ public XXRMSServiceResource findByServiceAndResourceSignature(Long serviceId, String resourceSignature) {
+ if (StringUtils.isBlank(resourceSignature)) {
+ return null;
+ }
+ try {
+ return getEntityManager().createNamedQuery("XXRMSServiceResource.findByServiceAndResourceSignature", tClass)
+ .setParameter("serviceId", serviceId).setParameter("resourceSignature", resourceSignature)
+ .getSingleResult();
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
+
+ public RangerServiceResource getServiceResourceByServiceAndResourceSignature(String serviceName, String resourceSignature) throws Exception {
+
+ RangerServiceResource ret = null;
+
+ if (StringUtils.isNotBlank(resourceSignature)) {
+
+ XXService service = daoManager.getXXService().findByName(serviceName);
+
+ if (service != null) {
+
+ try {
+ Long serviceId = service.getId();
+ XXRMSServiceResource xxServiceResource = getEntityManager().createNamedQuery("XXRMSServiceResource.findByServiceAndResourceSignature", tClass)
+ .setParameter("serviceId", serviceId).setParameter("resourceSignature", resourceSignature)
+ .getSingleResult();
+ ret = populateViewBean(xxServiceResource);
+
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
+
+ }
+ return ret;
+ }
+
+ public static RangerServiceResource populateViewBean(XXRMSServiceResource xxServiceResource) {
+
+ RangerServiceResource ret = null;
+
+ XXService service = _daoManager == null ? null : _daoManager.getXXService().getById(xxServiceResource.getServiceId());
+
+ if (service != null) {
+ ret = new RangerServiceResource();
+ ret.setId(xxServiceResource.getId());
+ ret.setCreateTime(xxServiceResource.getCreateTime());
+ ret.setUpdateTime(xxServiceResource.getUpdateTime());
+ ret.setGuid(xxServiceResource.getGuid());
+ ret.setResourceSignature(xxServiceResource.getResourceSignature());
+
+ ret.setServiceName(service.getName());
+
+ if (StringUtils.isNotEmpty(xxServiceResource.getServiceResourceElements())) {
+ Map<String, RangerPolicy.RangerPolicyResource> serviceResourceElements = gsonBuilder.fromJson(xxServiceResource.getServiceResourceElements(), subsumedDataType);
+ if (MapUtils.isNotEmpty(serviceResourceElements)) {
+ ret.setResourceElements(serviceResourceElements);
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ public XXRMSServiceResource populateEntityBean(RangerServiceResource serviceResource) {
+
+ XXRMSServiceResource ret = new XXRMSServiceResource();
+
+ ret.setId(serviceResource.getId());
+ ret.setCreateTime(serviceResource.getCreateTime() != null ? serviceResource.getCreateTime() : DateUtil.getUTCDate());
+ ret.setUpdateTime(serviceResource.getUpdateTime() != null ? serviceResource.getUpdateTime() : DateUtil.getUTCDate());
+ ret.setAddedByUserId(0L);
+ ret.setUpdatedByUserId(0L);
+
+ String guid = (StringUtils.isEmpty(serviceResource.getGuid())) ? new GUIDUtil().genGUID() : serviceResource.getGuid();
+
+ ret.setGuid(guid);
+ ret.setVersion(serviceResource.getVersion());
+ ret.setIsEnabled(serviceResource.getIsEnabled());
+ ret.setResourceSignature(serviceResource.getResourceSignature());
+
+ XXService service = daoManager.getXXService().findByName(serviceResource.getServiceName());
+
+ if (service != null) {
+
+ ret.setServiceId(service.getId());
+
+ if (MapUtils.isNotEmpty(serviceResource.getResourceElements())) {
+ String serviceResourceElements = JsonUtils.mapToJson(serviceResource.getResourceElements());
+ if (StringUtils.isNotEmpty(serviceResourceElements)) {
+ ret.setServiceResourceElements(serviceResourceElements);
+ }
+ }
+ } else {
+ ret = null;
+ }
+
+ return ret;
+ }
+
+ public RangerServiceResource createServiceResource(RangerServiceResource viewObject) {
+ XXRMSServiceResource dbObject = populateEntityBean(viewObject);
+ if (dbObject != null) {
+ dbObject = daoManager.getXXRMSServiceResource().create(dbObject);
+ if (dbObject != null) {
+ return populateViewBean(dbObject);
+ }
+ }
+ return null;
+ }
+
+ public void deleteById(Long serviceResourceId) {
+ getEntityManager()
+ .createNamedQuery("XXRMSServiceResource.deleteById")
+ .setParameter("resourceId", serviceResourceId)
+ .executeUpdate();
+ }
+
+ public List<RangerServiceResource> findByLlServiceId(long llServiceId) {
+ return findByServiceId(llServiceId);
+ }
+
+ public List<RangerServiceResource> getLlResourceIdForHlResourceId(long hlResourceId, long lastKnownVersion) {
+ List<RangerServiceResource> ret = new ArrayList<>();
+ try {
+ List<XXRMSServiceResource> list = getEntityManager().createNamedQuery("XXRMSServiceResource.getLlResourceIdForHlResourceId", tClass)
+ .setParameter("hlResourceId", hlResourceId)
+ .setParameter("lastKnownVersion", lastKnownVersion)
+ .getResultList();
+ if (CollectionUtils.isNotEmpty(list)) {
+ //ret = list.stream().map(XXRMSServiceResourceDao::populateViewBean).collect(Collectors.toList());
+ for (XXRMSServiceResource entityBean : list) {
+ RangerServiceResource viewBean = populateViewBean(entityBean);
+ ret.add(viewBean);
+ }
+ }
+ } catch (NoResultException e) {
+ }
+ return ret;
+ }
+
+ public void purge(long llServiceId, long hlServiceId) {
+ List<Long> list = getEntityManager()
+ .createNamedQuery("XXRMSServiceResource.getByLlOrHlServiceId", Long.class)
+ .setParameter("llServiceId", llServiceId)
+ .setParameter("hlServiceId", hlServiceId)
+ .getResultList();
+
+ if (CollectionUtils.isNotEmpty(list)) {
+ for (long id : list) {
+ getEntityManager().createNamedQuery("XXRMSResourceMapping.deleteByLlOrHlResourceId")
+ .setParameter("resourceId", id)
+ .executeUpdate();
+ }
+
+ getEntityManager().createNamedQuery("XXRMSServiceResource.deleteByLlOrHlServiceId")
+ .setParameter("llServiceId", llServiceId)
+ .setParameter("hlServiceId", hlServiceId)
+ .executeUpdate();
+ }
+ }
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXRMSMappingProvider.java b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSMappingProvider.java
new file mode 100644
index 0000000..135c275
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSMappingProvider.java
@@ -0,0 +1,186 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.entity;
+
+import org.apache.ranger.common.AppConstants;
+
+import java.io.Serializable;
+import java.util.Date;
+
+import javax.persistence.Cacheable;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.SequenceGenerator;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@Entity
+@Cacheable
+@Table(name="x_rms_mapping_provider")
+@XmlRootElement
+public class XXRMSMappingProvider implements Serializable {
+ private static final long serialVersionUID = 1L;
+
+ @Id
+ @SequenceGenerator(name = "X_RMS_MAPPING_PROVIDER_SEQ", sequenceName = "X_RMS_MAPPING_PROVIDER_SEQ", allocationSize = 1)
+ @GeneratedValue(strategy = GenerationType.AUTO, generator = "X_RMS_MAPPING_PROVIDER_SEQ")
+ @Column(name = "id")
+ protected Long id;
+ @Temporal(TemporalType.TIMESTAMP)
+ @Column(name="change_timestamp")
+ protected Date changeTimestamp;
+ public Date getChangeTimestamp() {
+ return changeTimestamp;
+ }
+ public void setChangeTimestamp(Date changeTimestamp) {
+ this.changeTimestamp = changeTimestamp;
+ }
+
+ @Column(name = "name")
+ protected String name;
+
+ @Column(name = "last_known_version")
+ protected Long lastKnownVersion;
+
+ public XXRMSMappingProvider() {}
+
+ public XXRMSMappingProvider(String name) {
+ setName(name);
+ setLastKnownVersion(-1L);
+ }
+
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ public Long getId() {
+ return id;
+ }
+
+ /**
+ * @return name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name
+ * the serviceId to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the resourceSignature
+ */
+ public Long getLastKnownVersion() {
+ return lastKnownVersion;
+ }
+
+ /**
+ * @param lastKnownVersion
+ * the lastKnownVersion to set
+ */
+ public void setLastKnownVersion(Long lastKnownVersion) {
+ this.lastKnownVersion = lastKnownVersion;
+ }
+
+ public int getMyClassType() {
+ return AppConstants.CLASS_TYPE_RMS_MAPPING_PROVIDER;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((id == null) ? 0 : id.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result + ((lastKnownVersion == null) ? 0 : lastKnownVersion.hashCode());
+ return result;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (!super.equals(obj))
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ XXRMSMappingProvider other = (XXRMSMappingProvider) obj;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (id == null) {
+ if (other.id != null)
+ return false;
+ } else if (!id.equals(other.id))
+ return false;
+ if (lastKnownVersion == null) {
+ if (other.lastKnownVersion != null)
+ return false;
+ } else if (!lastKnownVersion.equals(other.lastKnownVersion))
+ return false;
+ return true;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ toString(sb);
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("{ ");
+ sb.append("id={").append(id).append("} ");
+ sb.append("changeTimestamp={" + changeTimestamp + "} ");
+ sb.append("resourceSignature={").append(name).append("} ");
+ sb.append("serviceId={").append(lastKnownVersion).append("} ");
+ sb.append(" }");
+
+ return sb;
+ }
+
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXRMSNotification.java b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSNotification.java
new file mode 100644
index 0000000..8ae8293
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSNotification.java
@@ -0,0 +1,147 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.entity;
+
+import org.apache.ranger.common.AppConstants;
+
+import java.io.Serializable;
+import java.util.Date;
+
+import javax.persistence.Cacheable;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.SequenceGenerator;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@Entity
+@Cacheable(false)
+@Table(name="x_rms_notification")
+@XmlRootElement
+public class XXRMSNotification implements Serializable {
+ private static final long serialVersionUID = 1L;
+
+ @Id
+ @SequenceGenerator(name="X_RMS_NOTIFICATION_SEQ",sequenceName="X_RMS_NOTIFICATION_SEQ",allocationSize=1)
+ @GeneratedValue(strategy=GenerationType.AUTO,generator="X_RMS_NOTIFICATION_SEQ")
+ @Column(name="ID")
+ protected Long id;
+ public Long getId() {
+ return id;
+ }
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ @Column(name="hms_name", length=128)
+ protected String hmsName;
+ public String getHmsName() {
+ return hmsName;
+ }
+ public void setHmsName(String hmsName) {
+ this.hmsName = hmsName;
+ }
+
+ @Column(name="notification_id")
+ protected Long notificationId;
+ public Long getNotificationId() {
+ return notificationId;
+ }
+ public void setNotificationId(Long notificationId) {
+ this.notificationId = notificationId;
+ }
+
+ @Temporal(TemporalType.TIMESTAMP)
+ @Column(name="change_timestamp")
+ protected Date changeTimestamp;
+ public Date getChangeTimestamp() {
+ return changeTimestamp;
+ }
+ public void setChangeTimestamp(Date changeTimestamp) {
+ this.changeTimestamp = changeTimestamp;
+ }
+
+ @Column(name="change_type" , length=64 )
+ protected String changeType;
+ public String getChangeType() {
+ return changeType;
+ }
+ public void setChangeType(String changeType) {
+ this.changeType = changeType;
+ }
+
+ @Column(name="hl_resource_id")
+ protected Long hlResourceId;
+ public Long getHlResourceId() {
+ return hlResourceId;
+ }
+ public void setHlResourceId(Long hlResourceId) {
+ this.hlResourceId = hlResourceId;
+ }
+
+ @Column(name="hl_service_id")
+ protected Long hlServiceId;
+ public Long getHlServiceId() {
+ return hlServiceId;
+ }
+ public void setHlServiceId(Long hlServiceId) {
+ this.hlServiceId = hlServiceId;
+ }
+
+ @Column(name="ll_resource_id")
+ protected Long llResourceId;
+ public Long getLlResourceId() {
+ return llResourceId;
+ }
+ public void setLlResourceId(Long llResourceId) {
+ this.llResourceId = llResourceId;
+ }
+
+ @Column(name="ll_service_id")
+ protected Long llServiceId;
+ public Long getLlServiceId() { return llServiceId; }
+ public void setLlServiceId(Long llServiceId) {
+ this.llServiceId = llServiceId;
+ }
+
+ public int getMyClassType() {
+ return AppConstants.CLASS_TYPE_RMS_MAPPING_PROVIDER;
+ }
+
+ public String toString( ) {
+ String str = "XXNotification={";
+ str += "hmsName={" + hmsName + "} ";
+ str += "notificationId={" + notificationId + "} ";
+ str += "changeTimestamp={" + changeTimestamp + "} ";
+ str += "changeType={" + changeType + "} ";
+ str += "hlResourceId={" + hlResourceId + "} ";
+ str += "hlServiceId={" + hlServiceId + "} ";
+ str += "llResourceId={" + llResourceId + "} ";
+ str += "llServiceId={" + llServiceId + "} ";
+ str += "}";
+
+ return str;
+ }
+
+}
\ No newline at end of file
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXRMSResourceMapping.java b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSResourceMapping.java
new file mode 100644
index 0000000..d0192fa
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSResourceMapping.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.entity;
+
+import org.apache.ranger.common.AppConstants;
+
+import javax.persistence.Cacheable;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.SequenceGenerator;
+import javax.persistence.Table;
+import javax.persistence.Temporal;
+import javax.persistence.TemporalType;
+import javax.xml.bind.annotation.XmlRootElement;
+import java.io.Serializable;
+import java.util.Date;
+
+@Entity
+@Cacheable(false)
+@Table(name="x_rms_resource_mapping")
+@XmlRootElement
+public class XXRMSResourceMapping implements Serializable {
+ private static final long serialVersionUID = 1L;
+
+ @Id
+ @SequenceGenerator(name="X_RMS_RESOURCE_MAPPING_SEQ",sequenceName="X_RMS_RESOURCE_MAPPING_SEQ",allocationSize=1)
+ @GeneratedValue(strategy=GenerationType.AUTO,generator="X_RMS_RESOURCE_MAPPING_SEQ")
+ @Column(name="id")
+ protected Long id;
+ public Long getId() {
+ return id;
+ }
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ @Temporal(TemporalType.TIMESTAMP)
+ @Column(name="change_timestamp")
+ protected Date changeTimestamp;
+ public Date getChangeTimestamp() {
+ return changeTimestamp;
+ }
+ public void setChangeTimestamp(Date changeTimestamp) {
+ this.changeTimestamp = changeTimestamp;
+ }
+
+ @Column(name="hl_resource_id")
+ protected Long hlResourceId;
+ public Long getHlResourceId() {
+ return hlResourceId;
+ }
+ public void setHlResourceId(Long hlResourceId) {
+ this.hlResourceId = hlResourceId;
+ }
+
+ @Column(name="ll_resource_id")
+ protected Long llResourceId;
+ public Long getLlResourceId() {
+ return llResourceId;
+ }
+ public void setLlResourceId(Long llResourceId) {
+ this.llResourceId = llResourceId;
+ }
+
+ public int getMyClassType() {
+ return AppConstants.CLASS_TYPE_RMS_RESOURCE_MAPPING;
+ }
+
+ public String toString( ) {
+ String str = "XXResourceMapping={";
+ str += "id={" + id + "} ";
+ str += "changeTimestamp={" + changeTimestamp + "} ";
+ str += "hlResourceId={" + hlResourceId + "} ";
+ str += "llResourceId={" + llResourceId + "} ";
+ str += "}";
+
+ return str;
+ }
+
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXRMSServiceResource.java b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSServiceResource.java
new file mode 100644
index 0000000..bf88783
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXRMSServiceResource.java
@@ -0,0 +1,257 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.entity;
+
+import org.apache.ranger.common.AppConstants;
+
+import javax.persistence.Cacheable;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.SequenceGenerator;
+import javax.persistence.Table;
+import javax.persistence.Version;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@Entity
+@Cacheable
+@Table(name="x_rms_service_resource")
+@XmlRootElement
+public class XXRMSServiceResource extends XXDBBase {
+ private static final long serialVersionUID = 1L;
+
+ @Id
+ @SequenceGenerator(name = "X_RMS_SERVICE_RESOURCE_SEQ", sequenceName = "X_RMS_SERVICE_RESOURCE_SEQ", allocationSize = 1)
+ @GeneratedValue(strategy = GenerationType.AUTO, generator = "X_RMS_SERVICE_RESOURCE_SEQ")
+ @Column(name = "id")
+ protected Long id;
+
+ @Column(name = "guid", unique = true, nullable = false, length = 512)
+ protected String guid;
+
+ @Version
+ @Column(name = "version")
+ protected Long version;
+
+ @Column(name = "is_enabled")
+ protected Boolean isEnabled;
+
+ @Column(name = "resource_signature")
+ protected String resourceSignature;
+
+ @Column(name = "service_id")
+ protected Long serviceId;
+
+ @Column(name = "service_resource_elements_text")
+ protected String serviceResourceElements;
+
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ public Long getId() {
+ return id;
+ }
+
+ /**
+ * @return the guid
+ */
+ public String getGuid() {
+ return guid;
+ }
+
+ /**
+ * @param guid
+ * the guid to set
+ */
+ public void setGuid(String guid) {
+ this.guid = guid;
+ }
+
+ /**
+ * @return the serviceId
+ */
+ public Long getServiceId() {
+ return serviceId;
+ }
+
+ /**
+ * @param serviceId
+ * the serviceId to set
+ */
+ public void setServiceId(Long serviceId) {
+ this.serviceId = serviceId;
+ }
+
+ /**
+ * @return the resourceSignature
+ */
+ public String getResourceSignature() {
+ return resourceSignature;
+ }
+
+ /**
+ * @param resourceSignature
+ * the resourceSignature to set
+ */
+ public void setResourceSignature(String resourceSignature) {
+ this.resourceSignature = resourceSignature;
+ }
+
+ /**
+ * @return the version
+ */
+ public Long getVersion() {
+ return version;
+ }
+
+ /**
+ * @param version
+ * the version to set
+ */
+ public void setVersion(Long version) {
+ this.version = version;
+ }
+
+ /**
+ * @return the isEnabled
+ */
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+
+ /**
+ * @param isEnabled
+ * the isEnabled to set
+ */
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled;
+ }
+
+ public String getServiceResourceElements() { return serviceResourceElements; }
+
+ public void setServiceResourceElements(String serviceResourceElements) {
+ this.serviceResourceElements = serviceResourceElements;
+ }
+
+ public int getMyClassType() {
+ return AppConstants.CLASS_TYPE_RMS_SERVICE_RESOURCE;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((id == null) ? 0 : id.hashCode());
+ result = prime * result + ((guid == null) ? 0 : guid.hashCode());
+ result = prime * result + ((version == null) ? 0 : version.hashCode());
+ result = prime * result + ((isEnabled == null) ? 0 : isEnabled.hashCode());
+ result = prime * result + ((resourceSignature == null) ? 0 : resourceSignature.hashCode());
+ result = prime * result + ((serviceId == null) ? 0 : serviceId.hashCode());
+ result = prime * result + ((serviceResourceElements == null) ? 0 : serviceResourceElements.hashCode());
+ return result;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (!super.equals(obj))
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ XXRMSServiceResource other = (XXRMSServiceResource) obj;
+ if (resourceSignature == null) {
+ if (other.resourceSignature != null)
+ return false;
+ } else if (!resourceSignature.equals(other.resourceSignature))
+ return false;
+ if (guid == null) {
+ if (other.guid != null)
+ return false;
+ } else if (!guid.equals(other.guid))
+ return false;
+ if (id == null) {
+ if (other.id != null)
+ return false;
+ } else if (!id.equals(other.id))
+ return false;
+ if (isEnabled == null) {
+ if (other.isEnabled != null)
+ return false;
+ } else if (!isEnabled.equals(other.isEnabled))
+ return false;
+ if (serviceId == null) {
+ if (other.serviceId != null)
+ return false;
+ } else if (!serviceId.equals(other.serviceId))
+ return false;
+ if (version == null) {
+ if (other.version != null)
+ return false;
+ } else if (!version.equals(other.version))
+ return false;
+ if (serviceResourceElements == null) {
+ if (other.serviceResourceElements != null)
+ return false;
+ } else if (!serviceResourceElements.equals(other.serviceResourceElements))
+ return false;
+ return true;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ toString(sb);
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("{ ");
+ sb.append("id={").append(id).append("} ");
+ sb.append("guid={").append(guid).append("} ");
+ sb.append("version={").append(version).append("} ");
+ sb.append("isEnabled={").append(isEnabled).append("} ");
+ sb.append("resourceSignature={").append(resourceSignature).append("} ");
+ sb.append("serviceId={").append(serviceId).append("} ");
+ sb.append("serviceResourceElements={").append(serviceResourceElements).append("} ");
+ sb.append(" }");
+
+ return sb;
+ }
+
+}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 5813209..7d9e145 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -1659,4 +1659,100 @@
<query>delete from XXTagChangeLog obj where obj.createTime < :olderThan</query>
</named-query>
+ <!-- RMS queries -->
+
+ <named-query name="XXRMSResourceMapping.deleteByHlResourceId">
+ <query>DELETE FROM XXRMSResourceMapping obj WHERE obj.hlResourceId = :resourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.deleteByLlResourceId">
+ <query>DELETE FROM XXRMSResourceMapping obj WHERE obj.llResourceId = :resourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.findByHlAndLlResourceId">
+ <query>SELECT obj FROM XXRMSResourceMapping obj WHERE obj.hlResourceId = :hlResourceId and obj.llResourceId = :llResourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.deleteByHlAndLlResourceId">
+ <query>DELETE FROM XXRMSResourceMapping obj WHERE obj.hlResourceId = :hlResourceId and obj.llResourceId = :llResourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.deleteByLlOrHlResourceId">
+ <query>DELETE FROM XXRMSResourceMapping obj WHERE obj.hlResourceId = :resourceId or obj.llResourceId = :resourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.findByHlResourceId">
+ <query>SELECT obj.llResourceId FROM XXRMSResourceMapping obj WHERE obj.hlResourceId = :hlResourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.findByLlResourceId">
+ <query>SELECT obj.hlResourceId FROM XXRMSResourceMapping obj WHERE obj.llResourceId = :llResourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSResourceMapping.getServiceResourcesByLlResourceId">
+ <query>SELECT obj.id, obj.guid, obj.version, obj.isEnabled, obj.resourceSignature, obj.serviceId, obj.serviceResourceElements FROM XXRMSServiceResource obj where obj.id in (select mapping.hlResourceId FROM XXRMSResourceMapping mapping WHERE mapping.llResourceId = :llResourceId)
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSNotification.getMaxIdOfNotifications">
+ <query>select max(obj.notificationId) from XXRMSNotification obj where obj.llServiceId = :llServiceId and obj.hlServiceId = :hlServiceId</query>
+ </named-query>
+
+ <named-query name="XXRMSNotification.getAllAfterNotificationId">
+ <query>select obj from XXRMSNotification obj where obj.llServiceId = :llServiceId and obj.hlServiceId = :hlServiceId and obj.notificationId > :notificationId order by obj.notificationId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSNotification.getNotificationWithTypeAfterNotificationId">
+ <query>select obj from XXRMSNotification obj where obj.changeType = :changeType and obj.llServiceId = :llServiceId and obj.hlServiceId = :hlServiceId and obj.notificationId > :notificationId order by obj.notificationId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSNotification.getDeletedNotificationsByHlResourceId">
+ <query>select obj from XXRMSNotification obj where obj.changeType = 'delete' and obj.hlResourceId = :hlResourceId and obj.notificationId > :lastKnownVersion order by obj.notificationId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.getLlResourceIdForHlResourceId">
+ <query>select obj from XXRMSServiceResource obj, XXRMSNotification notification where obj.id = notification.llResourceId and
+ notification.changeType = 'add' and notification.hlResourceId = :hlResourceId and notification.notificationId > :lastKnownIndex
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.findByServiceId">
+ <query>SELECT obj.id, obj.guid, obj.version, obj.isEnabled, obj.resourceSignature, obj.serviceId, obj.serviceResourceElements FROM XXRMSServiceResource obj where obj.serviceId = :serviceId
+ order by obj.id
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.getByLlOrHlServiceId">
+ <query>select obj.id from XXRMSServiceResource obj where obj.serviceId = :llServiceId or obj.serviceId = :hlServiceId
+ order by obj.id
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.deleteByLlOrHlServiceId">
+ <query>delete from XXRMSServiceResource obj where obj.serviceId = :llServiceId or obj.serviceId = :hlServiceId</query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.findByServiceAndResourceSignature">
+ <query>select obj from XXRMSServiceResource obj where obj.serviceId = :serviceId and obj.resourceSignature = :resourceSignature</query>
+ </named-query>
+
+ <named-query name="XXRMSServiceResource.deleteById">
+ <query>DELETE FROM XXRMSServiceResource obj WHERE obj.id = :resourceId
+ </query>
+ </named-query>
+
+ <named-query name="XXRMSMappingProvider.findByName">
+ <query>select obj from XXRMSMappingProvider obj where obj.name = :name</query>
+ </named-query>
+
</entity-mappings>