You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2023/05/08 00:21:38 UTC
[ranger] branch RANGER-3923 updated: RANGER-3923: renamed owner => admin for dataset, datashare, project
This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push:
new 4bede6fe3 RANGER-3923: renamed owner => admin for dataset, datashare, project
4bede6fe3 is described below
commit 4bede6fe3a72c0620dd85ab6f302c594bdb7ae5e
Author: Madhan Neethiraj <ma...@apache.org>
AuthorDate: Thu May 4 20:24:46 2023 -0700
RANGER-3923: renamed owner => admin for dataset, datashare, project
---
.../ranger/plugin/errors/ValidationErrorCode.java | 2 +-
.../org/apache/ranger/plugin/model/RangerGds.java | 24 +++----
.../main/python/apache_ranger/model/ranger_gds.py | 12 ++--
.../src/main/python/sample_gds_client.py | 12 ++--
.../optimized/current/ranger_core_db_mysql.sql | 6 +-
.../optimized/current/ranger_core_db_postgres.sql | 6 +-
.../org/apache/ranger/entity/XXGdsDataShare.java | 14 ++--
.../org/apache/ranger/entity/XXGdsDataset.java | 14 ++--
.../org/apache/ranger/entity/XXGdsProject.java | 14 ++--
.../ranger/service/RangerGdsDataShareService.java | 4 +-
.../ranger/service/RangerGdsDatasetService.java | 4 +-
.../ranger/service/RangerGdsProjectService.java | 4 +-
.../ranger/validation/RangerGdsValidator.java | 84 +++++++++++-----------
13 files changed, 100 insertions(+), 100 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
index 94e227ce6..e07c2d7d0 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
@@ -137,7 +137,7 @@ public enum ValidationErrorCode {
GDS_VALIDATION_ERR_NON_EXISTING_ROLE(4103, "Role [{0}] does not exist"),
GDS_VALIDATION_ERR_NON_EXISTING_SERVICE(4104, "Service [{0}] does not exist"),
GDS_VALIDATION_ERR_NON_EXISTING_ZONE(4105, "Zone [{0}] does not exist"),
- GDS_VALIDATION_ERR_NOT_OWNER(4106, "User [{0}] is not an owner"),
+ GDS_VALIDATION_ERR_NOT_ADMIN(4106, "User [{0}] is not an admin for {1} [{2}]"),
GDS_VALIDATION_ERR_SERVICE_NAME_MISSING(4107, "Service name not provided"),
GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT(4108, "Dataset with name [{0}] already exists. ID=[{1}]"),
GDS_VALIDATION_ERR_DATASET_NAME_NOT_FOUND(4109, "Dataset with name [{0}] does not exist"),
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerGds.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerGds.java
index 8cb4fdcd2..7e13defa9 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerGds.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerGds.java
@@ -89,7 +89,7 @@ public class RangerGds {
private static final long serialVersionUID = 1L;
private String name;
- private List<RangerPrincipal> owners;
+ private List<RangerPrincipal> admins;
private RangerGdsACL acl;
private String termsOfUse;
@@ -99,9 +99,9 @@ public class RangerGds {
public void setName(String name) { this.name = name; }
- public List<RangerPrincipal> getOwners() { return owners; }
+ public List<RangerPrincipal> getAdmins() { return admins; }
- public void setOwners(List<RangerPrincipal> owners) { this.owners = owners; }
+ public void setAdmins(List<RangerPrincipal> admins) { this.admins = admins; }
public RangerGdsACL getAcl() { return acl; }
@@ -118,7 +118,7 @@ public class RangerGds {
super.toString(sb);
sb.append("name={").append(name).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admin={").append(admins).append("} ")
.append("acl={").append(acl).append("} ")
.append("termsOfUse={").append(termsOfUse).append("} ")
.append("}");
@@ -136,7 +136,7 @@ public class RangerGds {
private static final long serialVersionUID = 1L;
private String name;
- private List<RangerPrincipal> owners;
+ private List<RangerPrincipal> admins;
private RangerGdsACL acl;
private String termsOfUse;
@@ -146,9 +146,9 @@ public class RangerGds {
public void setName(String name) { this.name = name; }
- public List<RangerPrincipal> getOwners() { return owners; }
+ public List<RangerPrincipal> getAdmins() { return admins; }
- public void setOwners(List<RangerPrincipal> owners) { this.owners = owners; }
+ public void setAdmins(List<RangerPrincipal> admins) { this.admins = admins; }
public RangerGdsACL getAcl() { return acl; }
@@ -165,7 +165,7 @@ public class RangerGds {
super.toString(sb);
sb.append("name={").append(name).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admins={").append(admins).append("} ")
.append("acl={").append(acl).append("} ")
.append("termsOfUse={").append(termsOfUse).append("} ")
.append("}");
@@ -183,7 +183,7 @@ public class RangerGds {
private static final long serialVersionUID = 1L;
private String name;
- private List<RangerPrincipal> owners;
+ private List<RangerPrincipal> admins;
private String service;
private String zone;
private String conditionExpr;
@@ -197,9 +197,9 @@ public class RangerGds {
public void setName(String name) { this.name = name; }
- public List<RangerPrincipal> getOwners() { return owners; }
+ public List<RangerPrincipal> getAdmins() { return admins; }
- public void setOwners(List<RangerPrincipal> owners) { this.owners = owners; }
+ public void setAdmins(List<RangerPrincipal> admins) { this.admins = admins; }
public String getService() { return service; }
@@ -240,7 +240,7 @@ public class RangerGds {
super.toString(sb);
sb.append("name={").append(name).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admins={").append(admins).append("} ")
.append("service={").append(service).append("} ")
.append("zone={").append(zone).append("} ")
.append("conditionExpr={").append(conditionExpr).append("} ")
diff --git a/intg/src/main/python/apache_ranger/model/ranger_gds.py b/intg/src/main/python/apache_ranger/model/ranger_gds.py
index 7db5afbc7..b891ee1bd 100644
--- a/intg/src/main/python/apache_ranger/model/ranger_gds.py
+++ b/intg/src/main/python/apache_ranger/model/ranger_gds.py
@@ -80,14 +80,14 @@ class RangerDataset(RangerGdsBaseModelObject):
RangerGdsBaseModelObject.__init__(self, attrs)
self.name = attrs.get('name')
- self.owners = attrs.get('owners')
+ self.admins = attrs.get('admins')
self.acl = attrs.get('acl')
self.termsOfUse = attrs.get('termsOfUse')
def type_coerce_attrs(self):
super(RangerDataset, self).type_coerce_attrs()
- self.owners = type_coerce_list(self.owners, RangerPrincipal)
+ self.admins = type_coerce_list(self.admins, RangerPrincipal)
self.acl = type_coerce_dict(self.acl, RangerGdsACL)
@@ -99,14 +99,14 @@ class RangerProject(RangerGdsBaseModelObject):
RangerGdsBaseModelObject.__init__(self, attrs)
self.name = attrs.get('name')
- self.owners = attrs.get('owners')
+ self.admins = attrs.get('admins')
self.acl = attrs.get('acl')
self.termsOfUse = attrs.get('termsOfUse')
def type_coerce_attrs(self):
super(RangerProject, self).type_coerce_attrs()
- self.owners = type_coerce_list(self.owners, RangerPrincipal)
+ self.admins = type_coerce_list(self.admins, RangerPrincipal)
self.acl = type_coerce_dict(self.acl, RangerGdsACL)
@@ -118,7 +118,7 @@ class RangerDataShare(RangerGdsBaseModelObject):
RangerGdsBaseModelObject.__init__(self, attrs)
self.name = attrs.get('name')
- self.owners = attrs.get('owners')
+ self.admins = attrs.get('admins')
self.service = attrs.get('service')
self.zone = attrs.get('zone')
self.conditionExpr = attrs.get('conditionExpr')
@@ -129,7 +129,7 @@ class RangerDataShare(RangerGdsBaseModelObject):
def type_coerce_attrs(self):
super(RangerDataShare, self).type_coerce_attrs()
- self.owners = type_coerce_list(self.owners, RangerPrincipal)
+ self.admins = type_coerce_list(self.admins, RangerPrincipal)
self.defaultMasks = type_coerce_dict(self.defaultMasks, RangerPolicyItemDataMaskInfo)
diff --git a/ranger-examples/sample-client/src/main/python/sample_gds_client.py b/ranger-examples/sample-client/src/main/python/sample_gds_client.py
index 7967ef474..35e80609a 100644
--- a/ranger-examples/sample-client/src/main/python/sample_gds_client.py
+++ b/ranger-examples/sample-client/src/main/python/sample_gds_client.py
@@ -30,20 +30,20 @@ ranger = RangerClient(ranger_url, ranger_auth)
gds = RangerGdsClient(ranger)
-dataset_1 = RangerDataset({ 'name': 'dataset-1', 'description': 'the first dataset!', 'owners': [ { 'type': PrincipalType.USER, 'name': 'John.Doe' } ], 'acl': {}, 'termsOfUse': None })
-dataset_2 = RangerDataset({ 'name': 'dataset-2', 'description': 'the second dataset!', 'owners': [ { 'type': PrincipalType.GROUP, 'name': 'sales' } ], 'acl': {}, 'termsOfUse': None })
+dataset_1 = RangerDataset({ 'name': 'dataset-1', 'description': 'the first dataset!', 'admins': [ { 'type': PrincipalType.USER, 'name': 'John.Doe' } ], 'acl': {}, 'termsOfUse': None })
+dataset_2 = RangerDataset({ 'name': 'dataset-2', 'description': 'the second dataset!', 'admins': [ { 'type': PrincipalType.GROUP, 'name': 'sales' } ], 'acl': {}, 'termsOfUse': None })
-project_1 = RangerProject({ 'name': 'project-1', 'description': 'the first project!', 'owners': [ { 'type': PrincipalType.USER, 'name': 'Diane.Scott' } ], 'acl': {}, 'termsOfUse': None })
-project_2 = RangerProject({ 'name': 'project-2', 'description': 'the second project!', 'owners': [ { 'type': PrincipalType.GROUP, 'name': 'marketing' } ], 'acl': {}, 'termsOfUse': None })
+project_1 = RangerProject({ 'name': 'project-1', 'description': 'the first project!', 'admins': [ { 'type': PrincipalType.USER, 'name': 'Diane.Scott' } ], 'acl': {}, 'termsOfUse': None })
+project_2 = RangerProject({ 'name': 'project-2', 'description': 'the second project!', 'admins': [ { 'type': PrincipalType.GROUP, 'name': 'marketing' } ], 'acl': {}, 'termsOfUse': None })
-hive_share_1 = RangerDataShare({ 'name': 'datashare-1', 'description': 'the first datashare!', 'owners': [ { 'type': PrincipalType.USER, 'name': 'Sandy.Williams' } ], 'termsOfUse': None })
+hive_share_1 = RangerDataShare({ 'name': 'datashare-1', 'description': 'the first datashare!', 'admins': [ { 'type': PrincipalType.USER, 'name': 'Sandy.Williams' } ], 'termsOfUse': None })
hive_share_1.service = 'dev_hive'
hive_share_1.zone = None
hive_share_1.conditionExpr = "HAS_TAG('SCAN_COMPLETE')"
hive_share_1.defaultAccessTypes = [ '_READ' ]
hive_share_1.defaultMasks = { 'HAS_TAG("PII")': { 'dataMaskType': 'MASK' } }
-hdfs_share_1 = RangerDataShare({ 'name': 'datashare-2', 'description': 'the second datashare!', 'owners': [ { 'type': PrincipalType.GROUP, 'name': 'finance' } ], 'termsOfUse': None })
+hdfs_share_1 = RangerDataShare({ 'name': 'datashare-2', 'description': 'the second datashare!', 'admins': [ { 'type': PrincipalType.GROUP, 'name': 'finance' } ], 'termsOfUse': None })
hdfs_share_1.service = 'dev_hdfs'
hdfs_share_1.zone = None
hdfs_share_1.conditionExpr = "HAS_TAG('SCAN_COMPLETE')"
diff --git a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
index 0c4c7e8ff..96623aa8e 100644
--- a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
+++ b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
@@ -1691,7 +1691,7 @@ CREATE TABLE `x_gds_dataset` (
, `is_enabled` TINYINT(1) NOT NULL DEFAULT '1'
, `name` VARCHAR(512) NOT NULL
, `description` TEXT NULL DEFAULT NULL
- , `owners` TEXT NOT NULL
+ , `admins` TEXT NOT NULL
, `acl` TEXT NULL DEFAULT NULL
, `terms_of_use` TEXT NULL DEFAULT NULL
, `options` TEXT NULL DEFAULT NULL
@@ -1714,7 +1714,7 @@ CREATE TABLE `x_gds_project` (
, `is_enabled` TINYINT(1) NOT NULL DEFAULT '1'
, `name` VARCHAR(512) NOT NULL
, `description` TEXT NULL DEFAULT NULL
- , `owners` TEXT NOT NULL
+ , `admins` TEXT NOT NULL
, `acl` TEXT NULL DEFAULT NULL
, `terms_of_use` TEXT NULL DEFAULT NULL
, `options` TEXT NULL DEFAULT NULL
@@ -1737,7 +1737,7 @@ CREATE TABLE `x_gds_data_share`(
, `is_enabled` TINYINT(1) NOT NULL DEFAULT '1'
, `name` VARCHAR(512) NOT NULL
, `description` TEXT NULL DEFAULT NULL
- , `owners` TEXT NOT NULL
+ , `admins` TEXT NOT NULL
, `service_id` BIGINT(20) NOT NULL
, `zone_id` BIGINT(20) NOT NULL
, `condition_expr` TEXT NULL
diff --git a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
index fccffa0a2..68d26b527 100644
--- a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
+++ b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
@@ -1677,7 +1677,7 @@ CREATE TABLE x_gds_dataset (
, is_enabled BOOLEAN NOT NULL DEFAULT '1'
, name VARCHAR(512) NOT NULL
, description TEXT NULL DEFAULT NULL
- , owners TEXT NOT NULL
+ , admins TEXT NOT NULL
, acl TEXT NULL DEFAULT NULL
, terms_of_use TEXT NULL DEFAULT NULL
, options TEXT NULL DEFAULT NULL
@@ -1702,7 +1702,7 @@ CREATE TABLE x_gds_project (
, is_enabled BOOLEAN NOT NULL DEFAULT '1'
, name VARCHAR(512) NOT NULL
, description TEXT NULL DEFAULT NULL
- , owners TEXT NOT NULL
+ , admins TEXT NOT NULL
, acl TEXT NULL DEFAULT NULL
, terms_of_use TEXT NULL DEFAULT NULL
, options TEXT NULL DEFAULT NULL
@@ -1727,7 +1727,7 @@ CREATE TABLE x_gds_data_share(
, is_enabled BOOLEAN NOT NULL DEFAULT '1'
, name VARCHAR(512) NOT NULL
, description TEXT NULL DEFAULT NULL
- , owners TEXT NOT NULL
+ , admins TEXT NOT NULL
, service_id BIGINT NOT NULL
, zone_id BIGINT NOT NULL
, condition_expr TEXT NULL
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataShare.java b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataShare.java
index 49dbac1ad..d3abada0d 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataShare.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataShare.java
@@ -61,8 +61,8 @@ public class XXGdsDataShare extends XXDBBase implements Serializable {
@Column(name = "description")
protected String description;
- @Column(name = "owners")
- protected String owners;
+ @Column(name = "admins")
+ protected String admins;
@Column(name = "condition_expr")
protected String conditionExpr;
@@ -117,9 +117,9 @@ public class XXGdsDataShare extends XXDBBase implements Serializable {
public void setDescription(String description) { this.description = description; }
- public String getOwners() { return owners; }
+ public String getAdmins() { return admins; }
- public void setOwners(String owners) { this.owners = owners; }
+ public void setAdmins(String admins) { this.admins = admins; }
public String getConditionExpr() { return conditionExpr; }
@@ -150,7 +150,7 @@ public class XXGdsDataShare extends XXDBBase implements Serializable {
@Override
public int hashCode() {
- return Objects.hash(id, guid, version, isEnabled, serviceId, zoneId, name, description, owners, conditionExpr, defaultAccessTypes, defaultMasks, termsOfUse, options, additionalInfo);
+ return Objects.hash(id, guid, version, isEnabled, serviceId, zoneId, name, description, admins, conditionExpr, defaultAccessTypes, defaultMasks, termsOfUse, options, additionalInfo);
}
@Override
@@ -173,7 +173,7 @@ public class XXGdsDataShare extends XXDBBase implements Serializable {
Objects.equals(zoneId, other.zoneId) &&
Objects.equals(name, other.name) &&
Objects.equals(description, other.description) &&
- Objects.equals(owners, other.owners) &&
+ Objects.equals(admins, other.admins) &&
Objects.equals(conditionExpr, other.conditionExpr) &&
Objects.equals(defaultAccessTypes, other.defaultAccessTypes) &&
Objects.equals(defaultMasks, other.defaultMasks) &&
@@ -198,7 +198,7 @@ public class XXGdsDataShare extends XXDBBase implements Serializable {
.append("zoneId={").append(zoneId).append("} ")
.append("name={").append(name).append("} ")
.append("description={").append(description).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admins={").append(admins).append("} ")
.append("conditionExpr={").append(conditionExpr).append("} ")
.append("defaultAccessTypes={").append(defaultAccessTypes).append("} ")
.append("defaultMasks={").append(defaultMasks).append("} ")
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataset.java b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataset.java
index 6fc163b47..3a722f044 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataset.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsDataset.java
@@ -55,8 +55,8 @@ public class XXGdsDataset extends XXDBBase implements Serializable {
@Column(name = "description")
protected String description;
- @Column(name = "owners")
- protected String owners;
+ @Column(name = "admins")
+ protected String admins;
@Column(name = "acl")
protected String acl;
@@ -97,9 +97,9 @@ public class XXGdsDataset extends XXDBBase implements Serializable {
public void setDescription(String description) { this.description = description; }
- public String getOwners() { return owners; }
+ public String getAdmins() { return admins; }
- public void setOwners(String owners) { this.owners = owners; }
+ public void setAdmins(String admins) { this.admins = admins; }
public String getAcl() { return acl; }
@@ -122,7 +122,7 @@ public class XXGdsDataset extends XXDBBase implements Serializable {
@Override
public int hashCode() {
- return Objects.hash(id, guid, version, isEnabled, name, description, owners, acl, termsOfUse, options, additionalInfo);
+ return Objects.hash(id, guid, version, isEnabled, name, description, admins, acl, termsOfUse, options, additionalInfo);
}
@Override
@@ -143,7 +143,7 @@ public class XXGdsDataset extends XXDBBase implements Serializable {
Objects.equals(isEnabled, other.isEnabled) &&
Objects.equals(name, other.name) &&
Objects.equals(description, other.description) &&
- Objects.equals(owners, other.owners) &&
+ Objects.equals(admins, other.admins) &&
Objects.equals(acl, other.acl) &&
Objects.equals(termsOfUse, other.termsOfUse) &&
Objects.equals(options, other.options) &&
@@ -164,7 +164,7 @@ public class XXGdsDataset extends XXDBBase implements Serializable {
.append("isEnabled={").append(isEnabled).append("} ")
.append("name={").append(name).append("} ")
.append("description={").append(description).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admins={").append(admins).append("} ")
.append("condition={").append(acl).append("} ")
.append("acl={").append(acl).append("} ")
.append("termsOfUse={").append(termsOfUse).append("} ")
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsProject.java b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsProject.java
index d5286d52c..84c9169c7 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXGdsProject.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXGdsProject.java
@@ -55,8 +55,8 @@ public class XXGdsProject extends XXDBBase implements Serializable {
@Column(name = "description")
protected String description;
- @Column(name = "owners")
- protected String owners;
+ @Column(name = "admins")
+ protected String admins;
@Column(name = "acl")
protected String acl;
@@ -96,9 +96,9 @@ public class XXGdsProject extends XXDBBase implements Serializable {
public void setDescription(String description) { this.description = description; }
- public String getOwners() { return owners; }
+ public String getAdmins() { return admins; }
- public void setOwners(String owners) { this.owners = owners; }
+ public void setAdmins(String admins) { this.admins = admins; }
public String getAcl() { return acl; }
@@ -121,7 +121,7 @@ public class XXGdsProject extends XXDBBase implements Serializable {
@Override
public int hashCode() {
- return Objects.hash(id, guid, version, isEnabled, name, description, owners, acl, termsOfUse, options, additionalInfo);
+ return Objects.hash(id, guid, version, isEnabled, name, description, admins, acl, termsOfUse, options, additionalInfo);
}
@Override
@@ -142,7 +142,7 @@ public class XXGdsProject extends XXDBBase implements Serializable {
Objects.equals(isEnabled, other.isEnabled) &&
Objects.equals(name, other.name) &&
Objects.equals(description, other.description) &&
- Objects.equals(owners, other.owners) &&
+ Objects.equals(admins, other.admins) &&
Objects.equals(acl, other.acl) &&
Objects.equals(termsOfUse, other.termsOfUse) &&
Objects.equals(options, other.options) &&
@@ -163,7 +163,7 @@ public class XXGdsProject extends XXDBBase implements Serializable {
.append("isEnabled={").append(isEnabled).append("} ")
.append("name={").append(name).append("} ")
.append("description={").append(description).append("} ")
- .append("owners={").append(owners).append("} ")
+ .append("admins={").append(admins).append("} ")
.append("condition={").append(acl).append("} ")
.append("termsOfUse={").append(termsOfUse).append("} ")
.append("options={").append(options).append("} ")
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDataShareService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDataShareService.java
index 66818753b..3c212284b 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDataShareService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDataShareService.java
@@ -221,7 +221,7 @@ public class RangerGdsDataShareService extends RangerGdsBaseModelService<XXGdsDa
xObj.setIsEnabled(vObj.getIsEnabled());
xObj.setName(vObj.getName());
xObj.setDescription(vObj.getDescription());
- xObj.setOwners(JsonUtils.listToJson(vObj.getOwners()));
+ xObj.setAdmins(JsonUtils.listToJson(vObj.getAdmins()));
xObj.setServiceId(xService.getId());
xObj.setZoneId(zoneId);
xObj.setConditionExpr(vObj.getConditionExpr());
@@ -247,7 +247,7 @@ public class RangerGdsDataShareService extends RangerGdsBaseModelService<XXGdsDa
vObj.setVersion(xObj.getVersion());
vObj.setName(xObj.getName());
vObj.setDescription(xObj.getDescription());
- vObj.setOwners(JsonUtils.jsonToRangerPrincipalList(xObj.getOwners()));
+ vObj.setAdmins(JsonUtils.jsonToRangerPrincipalList(xObj.getAdmins()));
vObj.setService(serviceName);
vObj.setZone(zoneName);
vObj.setConditionExpr(xObj.getConditionExpr());
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDatasetService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDatasetService.java
index a9c030b1e..0f17e97ea 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDatasetService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsDatasetService.java
@@ -158,7 +158,7 @@ public class RangerGdsDatasetService extends RangerGdsBaseModelService<XXGdsData
xObj.setIsEnabled(vObj.getIsEnabled());
xObj.setName(vObj.getName());
xObj.setDescription(vObj.getDescription());
- xObj.setOwners(JsonUtils.listToJson(vObj.getOwners()));
+ xObj.setAdmins(JsonUtils.listToJson(vObj.getAdmins()));
xObj.setAcl(JsonUtils.objectToJson(vObj.getAcl()));
xObj.setTermsOfUse(vObj.getTermsOfUse());
xObj.setOptions(JsonUtils.mapToJson(vObj.getOptions()));
@@ -174,7 +174,7 @@ public class RangerGdsDatasetService extends RangerGdsBaseModelService<XXGdsData
vObj.setVersion(xObj.getVersion());
vObj.setName(xObj.getName());
vObj.setDescription(xObj.getDescription());
- vObj.setOwners(JsonUtils.jsonToRangerPrincipalList(xObj.getOwners()));
+ vObj.setAdmins(JsonUtils.jsonToRangerPrincipalList(xObj.getAdmins()));
vObj.setAcl(JsonUtils.jsonToObject(xObj.getAcl(), RangerGds.RangerGdsACL.class));
vObj.setTermsOfUse(xObj.getTermsOfUse());
vObj.setOptions(JsonUtils.jsonToMapStringString(xObj.getOptions()));
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsProjectService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsProjectService.java
index 3dc53bd61..f1454bf61 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsProjectService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsProjectService.java
@@ -158,7 +158,7 @@ public class RangerGdsProjectService extends RangerGdsBaseModelService<XXGdsProj
xObj.setIsEnabled(vObj.getIsEnabled());
xObj.setName(vObj.getName());
xObj.setDescription(vObj.getDescription());
- xObj.setOwners(JsonUtils.listToJson(vObj.getOwners()));
+ xObj.setAdmins(JsonUtils.listToJson(vObj.getAdmins()));
xObj.setAcl(JsonUtils.objectToJson(vObj.getAcl()));
xObj.setTermsOfUse(vObj.getTermsOfUse());
xObj.setOptions(JsonUtils.mapToJson(vObj.getOptions()));
@@ -174,7 +174,7 @@ public class RangerGdsProjectService extends RangerGdsBaseModelService<XXGdsProj
vObj.setVersion(xObj.getVersion());
vObj.setName(xObj.getName());
vObj.setDescription(xObj.getDescription());
- vObj.setOwners(JsonUtils.jsonToRangerPrincipalList(xObj.getOwners()));
+ vObj.setAdmins(JsonUtils.jsonToRangerPrincipalList(xObj.getAdmins()));
vObj.setAcl(JsonUtils.jsonToObject(xObj.getAcl(), RangerGds.RangerGdsACL.class));
vObj.setTermsOfUse(xObj.getTermsOfUse());
vObj.setOptions(JsonUtils.jsonToMapStringString(xObj.getOptions()));
diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
index 7ab7dc583..5814e96f7 100644
--- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
+++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
@@ -64,7 +64,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT, "name", dataset.getName(), existing));
}
- validatePrincipals(dataset.getOwners(), "owners", result);
+ validatePrincipals(dataset.getAdmins(), "admins", result);
validateAcl(dataset.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -83,10 +83,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_NOT_FOUND, "name", dataset.getName()));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "dataset", existing.getName(), existing.getAdmins(), result);
}
- validatePrincipals(dataset.getOwners(), "owners", result);
+ validatePrincipals(dataset.getAdmins(), "admins", result);
validateAcl(dataset.getAcl(), "acl", result);
}
@@ -106,7 +106,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_ID_NOT_FOUND, "id", datasetId));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "dataset", existing.getName(), existing.getAdmins(), result);
}
}
@@ -127,7 +127,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT, "name", project.getName(), existing));
}
- validatePrincipals(project.getOwners(), "owners", result);
+ validatePrincipals(project.getAdmins(), "admins", result);
validateAcl(project.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -146,10 +146,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_NOT_FOUND, "name", project.getName()));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "project", existing.getName(), existing.getAdmins(), result);
}
- validatePrincipals(project.getOwners(), "owners", result);
+ validatePrincipals(project.getAdmins(), "admins", result);
validateAcl(project.getAcl(), "acl", result);
}
@@ -169,7 +169,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_ID_NOT_FOUND, "id", projectId));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "project", existing.getName(), existing.getAdmins(), result);
}
}
@@ -192,7 +192,7 @@ public class RangerGdsValidator {
validateServiceZoneAdmin(dataShare.getService(), dataShare.getZone(), result);
- validatePrincipals(dataShare.getOwners(), "owners", result);
+ validatePrincipals(dataShare.getAdmins(), "admins", result);
validateAccessTypes(dataShare.getService(), "defaultAccessTypes", dataShare.getDefaultAccessTypes(), result);
validateMaskTypes(dataShare.getService(), "defaultMasks", dataShare.getDefaultMasks(), result);
@@ -212,10 +212,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_NOT_FOUND, "name", dataShare.getName()));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", existing.getName(), existing.getAdmins(), result);
}
- validatePrincipals(dataShare.getOwners(), "owners", result);
+ validatePrincipals(dataShare.getAdmins(), "admins", result);
validateAccessTypes(dataShare.getService(), "defaultAccessTypes", dataShare.getDefaultAccessTypes(), result);
validateMaskTypes(dataShare.getService(), "defaultMasks", dataShare.getDefaultMasks(), result);
}
@@ -236,7 +236,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_ID_NOT_FOUND, "id", dataShareId));
} else {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), existing.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", existing.getName(), existing.getAdmins(), result);
}
}
@@ -262,7 +262,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_SHARED_RESOURCE_NAME_CONFLICT, "name", resource.getName(), dataShare.getName(), existing));
} else {
if (!dataProvider.isAdminUser() && !dataProvider.isServiceAdmin(dataShare.getService()) && !dataProvider.isZoneAdmin(dataShare.getZone())) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataShare.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", dataShare.getName(), dataShare.getAdmins(), result);
}
}
}
@@ -288,7 +288,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_ID_NOT_FOUND, "dataShareId", resource.getDataShareId()));
} else {
if (!dataProvider.isAdminUser() && !dataProvider.isServiceAdmin(dataShare.getService()) && !dataProvider.isZoneAdmin(dataShare.getZone())) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataShare.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", dataShare.getName(), dataShare.getAdmins(), result);
}
}
}
@@ -314,7 +314,7 @@ public class RangerGdsValidator {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_ID_NOT_FOUND, "dataShareId", existing.getDataShareId()));
} else {
if (!dataProvider.isAdminUser() && !dataProvider.isServiceAdmin(dataShare.getService()) && !dataProvider.isZoneAdmin(dataShare.getZone())) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataShare.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", dataShare.getName(), dataShare.getAdmins(), result);
}
}
}
@@ -343,7 +343,7 @@ public class RangerGdsValidator {
if (dataShare != null) {
if (!dataProvider.isAdminUser() && !dataProvider.isServiceAdmin(dataShare.getService()) && !dataProvider.isZoneAdmin(dataShare.getZone())) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataShare.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", dataShare.getName(), dataShare.getAdmins(), result);
}
}
@@ -390,16 +390,16 @@ public class RangerGdsValidator {
}
if (dataShare != null && dataset != null) {
- boolean requireDataShareOwner = false;
- boolean requireDatasetOwner = false;
+ boolean requireDataShareAdmin = false;
+ boolean requireDatasetAdmin = false;
if (!Objects.equals(existing.getStatus(), dshInDataset.getStatus())) {
switch (existing.getStatus()) {
case NONE:
if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.REQUESTED) {
- requireDatasetOwner = true;
+ requireDatasetAdmin = true;
} else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED) {
- requireDataShareOwner = true;
+ requireDataShareAdmin = true;
} else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_INVALID_STATUS_CHANGE, "status", existing.getStatus(), dshInDataset.getStatus()));
}
@@ -407,9 +407,9 @@ public class RangerGdsValidator {
case REQUESTED:
if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.NONE) {
- requireDatasetOwner = true;
+ requireDatasetAdmin = true;
} else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED) {
- requireDataShareOwner = true;
+ requireDataShareAdmin = true;
} else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_INVALID_STATUS_CHANGE, "status", existing.getStatus(), dshInDataset.getStatus()));
}
@@ -417,7 +417,7 @@ public class RangerGdsValidator {
case GRANTED:
if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) {
- requireDatasetOwner = true;
+ requireDatasetAdmin = true;
}
break;
@@ -426,15 +426,15 @@ public class RangerGdsValidator {
break;
}
- if (requireDataShareOwner) {
+ if (requireDataShareAdmin) {
if (!dataProvider.isAdminUser() && !dataProvider.isServiceAdmin(dataShare.getService()) && !dataProvider.isZoneAdmin(dataShare.getZone())) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataShare.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "datashare", dataShare.getName(), dataShare.getAdmins(), result);
}
- } else if (requireDatasetOwner) {
+ } else if (requireDatasetAdmin) {
if (!dataProvider.isAdminUser()) {
- validateOwner(dataProvider.getCurrentUserLoginId(), dataset.getOwners(), result);
+ validateAdmin(dataProvider.getCurrentUserLoginId(), "dataset", dataset.getName(), dataset.getAdmins(), result);
}
- } else { // must be either a dataset owner or a datashare owner
+ } else { // must be either a dataset admin or a datashare admin
// TODO:
}
}
@@ -468,7 +468,7 @@ public class RangerGdsValidator {
}
if (dataShare != null && dataset != null) {
- // TODO: must be either a dataset owner or datashare owner
+ // TODO: must be either a dataset admin or datashare admin
}
}
@@ -588,23 +588,23 @@ public class RangerGdsValidator {
}
}
- private void validateOwner(String userName, List<RangerPrincipal> owners, ValidationResult result) {
- boolean isOwner = false;
+ private void validateAdmin(String userName, String objType, String objName, List<RangerPrincipal> admins, ValidationResult result) {
+ boolean isAdmin = false;
- if (owners != null) {
+ if (admins != null) {
Set<String> userGroups = null;
Set<String> userRoles = null;
- for (RangerPrincipal owner : owners) {
- if (owner.getType() == RangerPrincipal.PrincipalType.USER) {
- isOwner = StringUtils.equals(userName, owner.getName());
- } else if (owner.getType() == RangerPrincipal.PrincipalType.GROUP) {
+ for (RangerPrincipal admin : admins) {
+ if (admin.getType() == RangerPrincipal.PrincipalType.USER) {
+ isAdmin = StringUtils.equals(userName, admin.getName());
+ } else if (admin.getType() == RangerPrincipal.PrincipalType.GROUP) {
if (userGroups == null) {
userGroups = dataProvider.getGroupsForUser(userName);
}
- isOwner = userGroups.contains(owner.getName());
- } else if (owner.getType() == RangerPrincipal.PrincipalType.ROLE) {
+ isAdmin = userGroups.contains(admin.getName());
+ } else if (admin.getType() == RangerPrincipal.PrincipalType.ROLE) {
if (userRoles == null) {
if (userGroups == null) {
userGroups = dataProvider.getGroupsForUser(userName);
@@ -613,17 +613,17 @@ public class RangerGdsValidator {
userRoles = dataProvider.getRolesForUser(userName);
}
- isOwner = userRoles != null && userRoles.contains(owner.getName());
+ isAdmin = userRoles != null && userRoles.contains(admin.getName());
}
- if (isOwner) {
+ if (isAdmin) {
break;
}
}
}
- if (!isOwner) {
- result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_NOT_OWNER, null, userName));
+ if (!isAdmin) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_NOT_ADMIN, null, userName, objType, objName));
}
}