You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2022/04/29 12:39:25 UTC
[ranger] branch ranger-2.3 updated (e6dc5b505 -> 249177c15)
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a change to branch ranger-2.3
in repository https://gitbox.apache.org/repos/asf/ranger.git
from e6dc5b505 RANGER-3389 : Swagger UI Support for Ranger REST API.
new f7bdb4428 RANGER-3725 : Update atlas default audit filter to filter Atlas entity-read events by Nifi user.
new 249177c15 RANGER-3735 : Behaviour change in external user status.
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../service-defs/ranger-servicedef-atlas.json | 2 +-
.../optimized/current/ranger_core_db_mysql.sql | 1 +
.../optimized/current/ranger_core_db_oracle.sql | 1 +
.../optimized/current/ranger_core_db_postgres.sql | 1 +
.../current/ranger_core_db_sqlanywhere.sql | 2 +
.../optimized/current/ranger_core_db_sqlserver.sql | 1 +
.../main/java/org/apache/ranger/biz/UserMgr.java | 1 +
.../java/org/apache/ranger/db/XXPortalUserDao.java | 11 ++++
...> PatchForExternalUserStatusUpdate_J10056.java} | 62 ++++++++++------------
...PatchForSolrSvcDefAndPoliciesUpdate_J10055.java | 46 +++++++++++++++-
.../main/resources/META-INF/jpa_named_queries.xml | 6 ++-
11 files changed, 96 insertions(+), 38 deletions(-)
copy security-admin/src/main/java/org/apache/ranger/patch/{PatchForXGlobalState_J10036.java => PatchForExternalUserStatusUpdate_J10056.java} (50%)
[ranger] 01/02: RANGER-3725 : Update atlas default audit filter to filter Atlas entity-read events by Nifi user.
Posted by pr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch ranger-2.3
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit f7bdb442803355739c3dd5fcc3a79235d122a8f8
Author: mateen.mansoori <ma...@gmail.com>
AuthorDate: Fri Apr 29 15:11:00 2022 +0530
RANGER-3725 : Update atlas default audit filter to filter Atlas entity-read events by Nifi user.
Signed-off-by: pradeep <pr...@apache.org>
---
.../service-defs/ranger-servicedef-atlas.json | 2 +-
...PatchForSolrSvcDefAndPoliciesUpdate_J10055.java | 46 +++++++++++++++++++++-
2 files changed, 46 insertions(+), 2 deletions(-)
diff --git a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
index 7495b794d..960f10123 100644
--- a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
+++ b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
@@ -477,7 +477,7 @@
"validationMessage": "",
"uiHint":"",
"label": "Ranger Default Audit Filters",
- "defaultValue": "[ {'accessResult': 'DENIED', 'isAudited': true}, {'users':['atlas'] ,'isAudited':false} ]"
+ "defaultValue": "[ {'accessResult': 'DENIED', 'isAudited': true}, {'users':['atlas'] ,'isAudited':false}, {'accessResult':'ALLOWED', 'isAudited':false, 'actions':['entity-read'], 'accessTypes':['entity-read'], 'users':['nifi']} ]"
}
],
"options": {
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
index 345e26ddb..dacfab696 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForSolrSvcDefAndPoliciesUpdate_J10055.java
@@ -27,6 +27,7 @@ import java.util.Map;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.biz.SecurityZoneDBStore;
import org.apache.ranger.biz.ServiceDBStore;
@@ -45,6 +46,7 @@ import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
import org.apache.ranger.plugin.model.RangerSecurityZone;
import org.apache.ranger.plugin.model.RangerSecurityZone.RangerSecurityZoneService;
import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef;
import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
import org.apache.ranger.plugin.model.validation.RangerValidator.Action;
import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
@@ -135,7 +137,16 @@ public class PatchForSolrSvcDefAndPoliciesUpdate_J10055 extends BaseLoader {
logger.error("Error whille executing PatchForSolrSvcDefAndPoliciesUpdate_J10055.", e);
System.exit(1);
}
- logger.info("<== PatchForSolrSvcDefAndPoliciesUpdate_J10055.execLoad()");
+
+ try {
+ // For RANGER-3725 - Update atlas default audit filter
+ updateDefaultAuditFilter(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+ } catch (Throwable t) {
+ logger.error("Failed to update atlas default audit filter, Error - ", t);
+ System.exit(1);
+ }
+
+ logger.info("<== PatchForSolrSvcDefAndPoliciesUpdate_J10055.execLoad()");
}
private void updateExistingRangerResPolicy(Long svcDefId) throws Exception {
@@ -468,4 +479,37 @@ public class PatchForSolrSvcDefAndPoliciesUpdate_J10055 extends BaseLoader {
}
logger.info("<== PatchForSolrSvcDefAndPoliciesUpdate_J10055.deleteOldAccessTypeRefs(" + svcDefId + ")");
}
+
+ private void updateDefaultAuditFilter(final String svcDefName) throws Exception {
+ logger.info("==> PatchForSolrSvcDefAndPoliciesUpdate_J10055.updateAtlasDefaultAuditFilter()");
+ final RangerServiceDef embeddedAtlasServiceDef = EmbeddedServiceDefsUtil.instance()
+ .getEmbeddedServiceDef(svcDefName);
+ final List<RangerServiceConfigDef> embdSvcConfDefList = embeddedAtlasServiceDef != null ? embeddedAtlasServiceDef.getConfigs() : new ArrayList<RangerServiceConfigDef>();
+ String embdAuditFilterStr = StringUtils.EMPTY;
+
+ if (CollectionUtils.isNotEmpty(embdSvcConfDefList)) {
+ for (RangerServiceConfigDef embdSvcConfDef : embdSvcConfDefList) {
+ if (StringUtils.equals(embdSvcConfDef.getName(), ServiceDBStore.RANGER_PLUGIN_AUDIT_FILTERS)) {
+ embdAuditFilterStr = embdSvcConfDef.getDefaultValue(); // new audit filter str
+ break;
+ }
+ }
+ }
+
+ if (StringUtils.isNotEmpty(embdAuditFilterStr)) {
+ final RangerServiceDef serviceDbDef = this.svcDBStore.getServiceDefByName(svcDefName);
+ for (RangerServiceConfigDef dbSvcDefConfig : serviceDbDef.getConfigs()) {
+ if (dbSvcDefConfig != null && StringUtils.equals(dbSvcDefConfig.getName(), ServiceDBStore.RANGER_PLUGIN_AUDIT_FILTERS)) {
+ final String dbAuditFilterStr = dbSvcDefConfig.getDefaultValue();
+ if (!StringUtils.equalsIgnoreCase(dbAuditFilterStr, embdAuditFilterStr)) {
+ dbSvcDefConfig.setDefaultValue(embdAuditFilterStr);
+ this.svcDBStore.updateServiceDef(serviceDbDef);
+ logger.info("Updated " + serviceDbDef.getName() + " service default audit filter.");
+ }
+ break;
+ }
+ }
+ }
+ logger.info("<== PatchForSolrSvcDefAndPoliciesUpdate_J10055.updateAtlasDefaultAuditFilter()");
+ }
}
[ranger] 02/02: RANGER-3735 : Behaviour change in external user status.
Posted by pr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch ranger-2.3
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 249177c15ea1aa7a0d19171695b4d386c96693cb
Author: mateen.mansoori <ma...@gmail.com>
AuthorDate: Fri Apr 29 15:59:59 2022 +0530
RANGER-3735 : Behaviour change in external user status.
Signed-off-by: pradeep <pr...@apache.org>
---
.../optimized/current/ranger_core_db_mysql.sql | 1 +
.../optimized/current/ranger_core_db_oracle.sql | 1 +
.../optimized/current/ranger_core_db_postgres.sql | 1 +
.../current/ranger_core_db_sqlanywhere.sql | 2 +
.../optimized/current/ranger_core_db_sqlserver.sql | 1 +
.../main/java/org/apache/ranger/biz/UserMgr.java | 1 +
.../java/org/apache/ranger/db/XXPortalUserDao.java | 11 +++
.../PatchForExternalUserStatusUpdate_J10056.java | 85 ++++++++++++++++++++++
.../main/resources/META-INF/jpa_named_queries.xml | 6 +-
9 files changed, 108 insertions(+), 1 deletion(-)
diff --git a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
index df6e5c3b9..309c4196b 100644
--- a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
+++ b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
@@ -1857,4 +1857,5 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10053',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10054',UTC_TIMESTAMP(),'Ranger 3.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10055',UTC_TIMESTAMP(),'Ranger 3.0.0',UTC_TIMESTAMP(),'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10056',UTC_TIMESTAMP(),'Ranger 3.0.0',UTC_TIMESTAMP(),'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('JAVA_PATCHES',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
diff --git a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
index 512d98fb1..1af0a04ac 100644
--- a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
+++ b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
@@ -2045,5 +2045,6 @@ INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,act
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval,'J10053',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval,'J10054',sys_extract_utc(systimestamp),'Ranger 3.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval,'J10055',sys_extract_utc(systimestamp),'Ranger 3.0.0',sys_extract_utc(systimestamp),'localhost','Y');
+INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval,'J10056',sys_extract_utc(systimestamp),'Ranger 3.0.0',sys_extract_utc(systimestamp),'localhost','Y');
INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval,'JAVA_PATCHES',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
commit;
diff --git a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
index 18bae1705..baa6288d2 100644
--- a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
+++ b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
@@ -1989,6 +1989,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10053',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10054',current_timestamp,'Ranger 3.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10055',current_timestamp,'Ranger 3.0.0',current_timestamp,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10056',current_timestamp,'Ranger 3.0.0',current_timestamp,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('JAVA_PATCHES',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
DROP VIEW IF EXISTS vx_trx_log;
diff --git a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
index d3449e8c2..5e8070ba2 100644
--- a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
+++ b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
@@ -2405,6 +2405,8 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
GO
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10055',CURRENT_TIMESTAMP,'Ranger 3.0.0',CURRENT_TIMESTAMP,'localhost','Y');
GO
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10056',CURRENT_TIMESTAMP,'Ranger 3.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+GO
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('JAVA_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
GO
exit
diff --git a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
index 4e10f783a..8b5833eae 100644
--- a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
@@ -4186,6 +4186,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10053',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10054',CURRENT_TIMESTAMP,'Ranger 3.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10055',CURRENT_TIMESTAMP,'Ranger 3.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('J10056',CURRENT_TIMESTAMP,'Ranger 3.0.0',CURRENT_TIMESTAMP,'localhost','Y');
INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('JAVA_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
GO
CREATE VIEW [dbo].[vx_trx_log] AS
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 7e55b5e1e..2fdc9e7bb 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -628,6 +628,7 @@ public class UserMgr {
gjUser.setPublicScreenName(userProfile.getPublicScreenName());
gjUser.setOtherAttributes(userProfile.getOtherAttributes());
gjUser.setSyncSource(userProfile.getSyncSource());
+ gjUser.setStatus(userProfile.getStatus());
if (userProfile.getFirstName() != null
&& userProfile.getLastName() != null
&& !userProfile.getFirstName().trim().isEmpty()
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java
index b4fdf027b..8d15a324e 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPortalUserDao.java
@@ -117,4 +117,15 @@ public class XXPortalUserDao extends BaseDao<XXPortalUser> {
return null;
}
}
+
+ public List<XXPortalUser> findByUserSourceAndStatus(final int source, final int status) {
+ try {
+ return getEntityManager().createNamedQuery("XXPortalUser.findByUserSourceAndStatus", tClass)
+ .setParameter("userSource", source)
+ .setParameter("status", status)
+ .getResultList();
+ } catch (Exception e) {
+ return null;
+ }
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForExternalUserStatusUpdate_J10056.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForExternalUserStatusUpdate_J10056.java
new file mode 100644
index 000000000..f1ed0978c
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForExternalUserStatusUpdate_J10056.java
@@ -0,0 +1,85 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.patch;
+
+import java.util.List;
+
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.ranger.common.RangerCommonEnums;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.db.XXPortalUserDao;
+import org.apache.ranger.entity.XXPortalUser;
+import org.apache.ranger.util.CLIUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PatchForExternalUserStatusUpdate_J10056 extends BaseLoader {
+
+ private static final Logger logger = LoggerFactory.getLogger(PatchForExternalUserStatusUpdate_J10056.class);
+
+ @Autowired
+ private RangerDaoManager rngrDaoMgr;
+
+ public static void main(String[] args) {
+ try {
+ PatchForExternalUserStatusUpdate_J10056 loader = (PatchForExternalUserStatusUpdate_J10056) CLIUtil
+ .getBean(PatchForExternalUserStatusUpdate_J10056.class);
+ loader.init();
+ while (loader.isMoreToProcess()) {
+ loader.load();
+ }
+ logger.info("Load complete. Exiting!!!");
+ System.exit(0);
+ } catch (Exception e) {
+ logger.error("Error loading", e);
+ System.exit(1);
+ }
+ }
+
+ @Override
+ public void init() throws Exception {
+ // Do Nothing
+ }
+
+ @Override
+ public void printStats() {
+ // TODO Auto-generated method stub
+ }
+
+ @Override
+ public void execLoad() {
+ updateExternalUserStatus();
+ }
+
+ private void updateExternalUserStatus() {
+ XXPortalUserDao dao = this.rngrDaoMgr.getXXPortalUser();
+ List<XXPortalUser> xXPortalUsers = dao.findByUserSourceAndStatus(RangerCommonEnums.USER_EXTERNAL,RangerCommonEnums.ACT_STATUS_DISABLED);
+
+ if(CollectionUtils.isNotEmpty(xXPortalUsers)) {
+ for (XXPortalUser xxPortalUser : xXPortalUsers) {
+ if (xxPortalUser != null) {
+ xxPortalUser.setStatus(RangerCommonEnums.ACT_STATUS_ACTIVE);
+ dao.update(xxPortalUser, true);
+ }
+ }
+ }
+ }
+}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index b2a748f2c..7e69cc4a3 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -1187,7 +1187,11 @@
<query>SELECT xxPortalUser FROM XXPortalUser xxPortalUser
</query>
</named-query>
-
+
+ <named-query name="XXPortalUser.findByUserSourceAndStatus">
+ <query>SELECT obj FROM XXPortalUser obj WHERE obj.userSource=:userSource and obj.status=:status</query>
+ </named-query>
+
<!-- VXModuleDef -->
<named-query name="XXModuleDef.findByModuleId">
<query>SELECT obj FROM XXModuleDef obj