You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2016/03/23 06:51:23 UTC
[2/3] incubator-ranger git commit: RANGER-873: Ranger policy model to
support data masking
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
index 517de20..89daaea 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
@@ -30,25 +30,13 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ranger.authorization.utils.StringUtil;
import org.apache.ranger.db.RangerDaoManager;
-import org.apache.ranger.entity.XXAccessTypeDef;
-import org.apache.ranger.entity.XXGroup;
-import org.apache.ranger.entity.XXPolicy;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXPolicyItem;
-import org.apache.ranger.entity.XXPolicyItemAccess;
-import org.apache.ranger.entity.XXPolicyItemCondition;
-import org.apache.ranger.entity.XXPolicyItemGroupPerm;
-import org.apache.ranger.entity.XXPolicyItemUserPerm;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXPolicyResourceMap;
-import org.apache.ranger.entity.XXPortalUser;
-import org.apache.ranger.entity.XXResourceDef;
-import org.apache.ranger.entity.XXService;
-import org.apache.ranger.entity.XXUser;
+import org.apache.ranger.entity.*;
import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
import org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator;
import org.apache.ranger.plugin.util.RangerPerfTracer;
@@ -243,6 +231,7 @@ public class RangerPolicyRetriever {
final Map<Long, String> accessTypes = new HashMap<Long, String>();
final Map<Long, String> conditions = new HashMap<Long, String>();
final Map<Long, String> resourceDefs = new HashMap<Long, String>();
+ final Map<Long, String> dataMasks = new HashMap<Long, String>();
String getUserName(Long userId) {
String ret = null;
@@ -377,6 +366,26 @@ public class RangerPolicyRetriever {
return ret;
}
+
+ String getDataMaskName(Long dataMaskDefId) {
+ String ret = null;
+
+ if(dataMaskDefId != null) {
+ ret = dataMasks.get(dataMaskDefId);
+
+ if(ret == null) {
+ XXDataMaskTypeDef xDataMaskDef = daoMgr.getXXDataMaskTypeDef().getById(dataMaskDefId);
+
+ if(xDataMaskDef != null) {
+ ret = xDataMaskDef.getName();
+
+ resourceDefs.put(dataMaskDefId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
}
static List<XXPolicy> asList(XXPolicy policy) {
@@ -399,6 +408,7 @@ public class RangerPolicyRetriever {
final ListIterator<XXPolicyItemGroupPerm> iterGroupPerms;
final ListIterator<XXPolicyItemAccess> iterAccesses;
final ListIterator<XXPolicyItemCondition> iterConditions;
+ final ListIterator<XXPolicyItemDataMaskInfo> iterDataMaskInfos;
RetrieverContext(XXService xService) {
Long serviceId = xService == null ? null : xService.getId();
@@ -411,6 +421,7 @@ public class RangerPolicyRetriever {
List<XXPolicyItemGroupPerm> xGroupPerms = daoMgr.getXXPolicyItemGroupPerm().findByServiceId(serviceId);
List<XXPolicyItemAccess> xAccesses = daoMgr.getXXPolicyItemAccess().findByServiceId(serviceId);
List<XXPolicyItemCondition> xConditions = daoMgr.getXXPolicyItemCondition().findByServiceId(serviceId);
+ List<XXPolicyItemDataMaskInfo> xDataMaskInfos = daoMgr.getXXPolicyItemDataMaskInfo().findByServiceId(serviceId);
this.service = xService;
this.iterPolicy = xPolicies.listIterator();
@@ -421,6 +432,7 @@ public class RangerPolicyRetriever {
this.iterGroupPerms = xGroupPerms.listIterator();
this.iterAccesses = xAccesses.listIterator();
this.iterConditions = xConditions.listIterator();
+ this.iterDataMaskInfos = xDataMaskInfos.listIterator();
}
RetrieverContext(XXPolicy xPolicy) {
@@ -438,6 +450,7 @@ public class RangerPolicyRetriever {
List<XXPolicyItemGroupPerm> xGroupPerms = daoMgr.getXXPolicyItemGroupPerm().findByPolicyId(policyId);
List<XXPolicyItemAccess> xAccesses = daoMgr.getXXPolicyItemAccess().findByPolicyId(policyId);
List<XXPolicyItemCondition> xConditions = daoMgr.getXXPolicyItemCondition().findByPolicyId(policyId);
+ List<XXPolicyItemDataMaskInfo> xDataMaskInfos = daoMgr.getXXPolicyItemDataMaskInfo().findByPolicyId(policyId);
this.service = xService;
this.iterPolicy = xPolicies.listIterator();
@@ -448,6 +461,7 @@ public class RangerPolicyRetriever {
this.iterGroupPerms = xGroupPerms.listIterator();
this.iterAccesses = xAccesses.listIterator();
this.iterConditions = xConditions.listIterator();
+ this.iterDataMaskInfos = xDataMaskInfos.listIterator();
}
RangerPolicy getNextPolicy() {
@@ -534,7 +548,8 @@ public class RangerPolicyRetriever {
|| iterUserPerms.hasNext()
|| iterGroupPerms.hasNext()
|| iterAccesses.hasNext()
- || iterConditions.hasNext();
+ || iterConditions.hasNext()
+ || iterDataMaskInfos.hasNext();
return !moreToProcess;
}
@@ -577,9 +592,30 @@ public class RangerPolicyRetriever {
XXPolicyItem xPolicyItem = iterPolicyItems.next();
if(xPolicyItem.getPolicyid().equals(policy.getId())) {
- RangerPolicyItem policyItem = new RangerPolicyItem();
+ final RangerPolicyItem policyItem;
+ final RangerDataMaskPolicyItem dataMaskPolicyItem;
+
+ if(xPolicyItem.getItemType() == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATA_MASKING) {
+ dataMaskPolicyItem = new RangerDataMaskPolicyItem();
+ policyItem = dataMaskPolicyItem;
+ } else {
+ dataMaskPolicyItem = null;
+ policyItem = new RangerPolicyItem();
+ }
- policyItem.setDelegateAdmin(xPolicyItem.getDelegateAdmin());
+
+ while(iterAccesses.hasNext()) {
+ XXPolicyItemAccess xAccess = iterAccesses.next();
+
+ if(xAccess.getPolicyitemid().equals(xPolicyItem.getId())) {
+ policyItem.getAccesses().add(new RangerPolicyItemAccess(lookupCache.getAccessType(xAccess.getType()), xAccess.getIsallowed()));
+ } else {
+ if(iterAccesses.hasPrevious()) {
+ iterAccesses.previous();
+ }
+ break;
+ }
+ }
while(iterUserPerms.hasNext()) {
XXPolicyItemUserPerm xUserPerm = iterUserPerms.next();
@@ -607,19 +643,6 @@ public class RangerPolicyRetriever {
}
}
- while(iterAccesses.hasNext()) {
- XXPolicyItemAccess xAccess = iterAccesses.next();
-
- if(xAccess.getPolicyitemid().equals(xPolicyItem.getId())) {
- policyItem.getAccesses().add(new RangerPolicyItemAccess(lookupCache.getAccessType(xAccess.getType()), xAccess.getIsallowed()));
- } else {
- if(iterAccesses.hasPrevious()) {
- iterAccesses.previous();
- }
- break;
- }
- }
-
RangerPolicyItemCondition condition = null;
Long prevConditionType = null;
while(iterConditions.hasNext()) {
@@ -645,6 +668,24 @@ public class RangerPolicyRetriever {
}
}
+ policyItem.setDelegateAdmin(xPolicyItem.getDelegateAdmin());
+
+ if(dataMaskPolicyItem != null) {
+ while (iterDataMaskInfos.hasNext()) {
+ XXPolicyItemDataMaskInfo xDataMaskInfo = iterDataMaskInfos.next();
+
+ if (xDataMaskInfo.getPolicyitemid().equals(xPolicyItem.getId())) {
+ dataMaskPolicyItem.setDataMaskInfo(new RangerPolicyItemDataMaskInfo(lookupCache.getDataMaskName(xDataMaskInfo.getType()), xDataMaskInfo.getConditionExpr(), xDataMaskInfo.getValueExpr()));
+ } else {
+ if (iterDataMaskInfos.hasPrevious()) {
+ iterDataMaskInfos.previous();
+ }
+ break;
+ }
+ }
+ }
+
+
int itemType = xPolicyItem.getItemType() == null ? RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW : xPolicyItem.getItemType();
if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW) {
@@ -655,6 +696,8 @@ public class RangerPolicyRetriever {
policy.getAllowExceptions().add(policyItem);
} else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS) {
policy.getDenyExceptions().add(policyItem);
+ } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATA_MASKING) {
+ policy.getDataMaskPolicyItems().add(dataMaskPolicyItem);
} else { // unknown itemType.. set to default type
policy.getPolicyItems().add(policyItem);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 432c443..8699d5a 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -30,49 +30,10 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ranger.authorization.hadoop.config.RangerConfiguration;
import org.apache.ranger.common.*;
-import org.apache.ranger.db.RangerDaoManager;
-import org.apache.ranger.db.XXAccessTypeDefDao;
-import org.apache.ranger.db.XXAccessTypeDefGrantsDao;
-import org.apache.ranger.db.XXContextEnricherDefDao;
-import org.apache.ranger.db.XXEnumDefDao;
-import org.apache.ranger.db.XXEnumElementDefDao;
-import org.apache.ranger.db.XXPolicyConditionDefDao;
-import org.apache.ranger.db.XXPolicyItemAccessDao;
-import org.apache.ranger.db.XXPolicyItemConditionDao;
-import org.apache.ranger.db.XXPolicyItemDao;
-import org.apache.ranger.db.XXPolicyItemGroupPermDao;
-import org.apache.ranger.db.XXPolicyItemUserPermDao;
-import org.apache.ranger.db.XXPolicyResourceDao;
-import org.apache.ranger.db.XXPolicyResourceMapDao;
-import org.apache.ranger.db.XXResourceDefDao;
-import org.apache.ranger.db.XXServiceConfigDefDao;
-import org.apache.ranger.db.XXServiceConfigMapDao;
-import org.apache.ranger.db.XXServiceDao;
-import org.apache.ranger.entity.XXAccessTypeDef;
-import org.apache.ranger.entity.XXAccessTypeDefGrants;
-import org.apache.ranger.entity.XXContextEnricherDef;
-import org.apache.ranger.entity.XXDBBase;
-import org.apache.ranger.entity.XXDataHist;
-import org.apache.ranger.entity.XXEnumDef;
-import org.apache.ranger.entity.XXEnumElementDef;
-import org.apache.ranger.entity.XXGroup;
-import org.apache.ranger.entity.XXPolicy;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXPolicyItem;
-import org.apache.ranger.entity.XXPolicyItemAccess;
-import org.apache.ranger.entity.XXPolicyItemCondition;
-import org.apache.ranger.entity.XXPolicyItemGroupPerm;
-import org.apache.ranger.entity.XXPolicyItemUserPerm;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXPolicyResourceMap;
-import org.apache.ranger.entity.XXResourceDef;
-import org.apache.ranger.entity.XXService;
-import org.apache.ranger.entity.XXServiceConfigDef;
-import org.apache.ranger.entity.XXServiceConfigMap;
-import org.apache.ranger.entity.XXServiceDef;
-import org.apache.ranger.entity.XXTrxLog;
-import org.apache.ranger.entity.XXUser;
+import org.apache.ranger.db.*;
+import org.apache.ranger.entity.*;
import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
@@ -82,6 +43,8 @@ import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef;
@@ -249,6 +212,7 @@ public class ServiceDBStore extends AbstractServiceStore {
List<RangerPolicyConditionDef> policyConditions = serviceDef.getPolicyConditions();
List<RangerContextEnricherDef> contextEnrichers = serviceDef.getContextEnrichers();
List<RangerEnumDef> enums = serviceDef.getEnums();
+ RangerDataMaskDef dataMaskDef = serviceDef.getDataMaskDef();
// While creating, value of version should be 1.
@@ -360,6 +324,82 @@ public class ServiceDBStore extends AbstractServiceStore {
xElement = xxEnumEleDefDao.create(xElement);
}
}
+
+ if(dataMaskDef != null) {
+ List<RangerDataMaskTypeDef> dataMaskTypes = dataMaskDef.getMaskTypes();
+ List<String> supportedAccessTypes = dataMaskDef.getSupportedAccessTypes();
+ List<String> supportedResources = dataMaskDef.getSupportedResources();
+
+ if(CollectionUtils.isNotEmpty(dataMaskTypes)) {
+ XXDataMaskTypeDefDao xxDataMaskDefDao = daoMgr.getXXDataMaskTypeDef();
+ for (int i = 0; i < dataMaskTypes.size(); i++) {
+ RangerDataMaskTypeDef dataMask = dataMaskTypes.get(i);
+
+ XXDataMaskTypeDef xDataMaskDef = new XXDataMaskTypeDef();
+ xDataMaskDef = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xDataMaskDef, createdSvcDef,
+ RangerServiceDefService.OPERATION_CREATE_CONTEXT);
+ xDataMaskDef.setOrder(i);
+ xDataMaskDef = xxDataMaskDefDao.create(xDataMaskDef);
+ }
+ }
+
+ if(CollectionUtils.isNotEmpty(supportedAccessTypes)) {
+ List<XXAccessTypeDef> xxAccessTypeDefs = xxATDDao.findByServiceDefId(xServiceDef.getId());
+
+ for(String accessType : supportedAccessTypes) {
+ boolean found = false;
+ for(XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
+ if(StringUtils.equals(xxAccessTypeDef.getName(), accessType)) {
+ found = true;
+ break;
+ }
+ }
+
+ if(! found) {
+ throw restErrorUtil.createRESTException("accessType with name: "
+ + accessType + " does not exists", MessageEnums.DATA_NOT_FOUND);
+ }
+ }
+
+ for(XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
+ boolean isDatamaskingSupported = supportedAccessTypes.contains(xxAccessTypeDef.getName());
+
+ if(xxAccessTypeDef.isDatamaskingSupported() != isDatamaskingSupported) {
+ xxAccessTypeDef.setDatamaskingSupported(isDatamaskingSupported);
+ xxATDDao.update(xxAccessTypeDef);
+ }
+ }
+ }
+
+ if(CollectionUtils.isNotEmpty(supportedResources)) {
+ List<XXResourceDef> xxResourceDefs = xxResDefDao.findByServiceDefId(xServiceDef.getId());
+
+ for(String resource : supportedResources) {
+ boolean found = false;
+ for(XXResourceDef xxResourceDef : xxResourceDefs) {
+ if(StringUtils.equals(xxResourceDef.getName(), resource)) {
+ found = true;
+ break;
+ }
+ }
+
+ if(! found) {
+ throw restErrorUtil.createRESTException("resource with name: "
+ + resource + " does not exists", MessageEnums.DATA_NOT_FOUND);
+ }
+ }
+
+ for(XXResourceDef xxResourceDef : xxResourceDefs) {
+ boolean isDatamaskingSupported = supportedResources.contains(xxResourceDef.getName());
+
+ if(xxResourceDef.isDatamaskingSupported() != isDatamaskingSupported) {
+ xxResourceDef.setDatamaskingSupported(isDatamaskingSupported);
+ xxResDefDao.update(xxResourceDef);
+ }
+ }
+ }
+ }
+
RangerServiceDef createdServiceDef = serviceDefService.getPopulatedViewObject(createdSvcDef);
dataHistService.createObjectDataHistory(createdServiceDef, RangerDataHistService.ACTION_CREATE);
@@ -406,6 +446,7 @@ public class ServiceDBStore extends AbstractServiceStore {
List<RangerPolicyConditionDef> policyConditions = serviceDef.getPolicyConditions() != null ? serviceDef.getPolicyConditions() : new ArrayList<RangerPolicyConditionDef>();
List<RangerContextEnricherDef> contextEnrichers = serviceDef.getContextEnrichers() != null ? serviceDef.getContextEnrichers() : new ArrayList<RangerContextEnricherDef>();
List<RangerEnumDef> enums = serviceDef.getEnums() != null ? serviceDef.getEnums() : new ArrayList<RangerEnumDef>();
+ RangerDataMaskDef dataMaskDef = serviceDef.getDataMaskDef();
serviceDef.setCreateTime(existing.getCreateTime());
serviceDef.setGuid(existing.getGuid());
@@ -414,7 +455,7 @@ public class ServiceDBStore extends AbstractServiceStore {
serviceDef = serviceDefService.update(serviceDef);
XXServiceDef createdSvcDef = daoMgr.getXXServiceDef().getById(serviceDefId);
- updateChildObjectsOfServiceDef(createdSvcDef, configs, resources, accessTypes, policyConditions, contextEnrichers, enums);
+ updateChildObjectsOfServiceDef(createdSvcDef, configs, resources, accessTypes, policyConditions, contextEnrichers, enums, dataMaskDef);
RangerServiceDef updatedSvcDef = getServiceDef(serviceDefId);
dataHistService.createObjectDataHistory(updatedSvcDef, RangerDataHistService.ACTION_UPDATE);
@@ -429,10 +470,10 @@ public class ServiceDBStore extends AbstractServiceStore {
return updatedSvcDef;
}
- public void updateChildObjectsOfServiceDef(XXServiceDef createdSvcDef, List<RangerServiceConfigDef> configs,
+ private void updateChildObjectsOfServiceDef(XXServiceDef createdSvcDef, List<RangerServiceConfigDef> configs,
List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes,
List<RangerPolicyConditionDef> policyConditions, List<RangerContextEnricherDef> contextEnrichers,
- List<RangerEnumDef> enums) {
+ List<RangerEnumDef> enums, RangerServiceDef.RangerDataMaskDef dataMaskDef) {
Long serviceDefId = createdSvcDef.getId();
@@ -765,6 +806,110 @@ public class ServiceDBStore extends AbstractServiceStore {
xxEnumDefDao.remove(xEnumDef);
}
}
+
+ List<RangerDataMaskTypeDef> dataMasks = dataMaskDef == null || dataMaskDef.getMaskTypes() == null ? new ArrayList<RangerDataMaskTypeDef>() : dataMaskDef.getMaskTypes();
+ List<String> supportedAccessTypes = dataMaskDef == null || dataMaskDef.getSupportedAccessTypes() == null ? new ArrayList<String>() : dataMaskDef.getSupportedAccessTypes();
+ List<String> supportedResources = dataMaskDef == null || dataMaskDef.getSupportedResources() == null ? new ArrayList<String>() : dataMaskDef.getSupportedResources();
+ XXDataMaskTypeDefDao dataMaskTypeDao = daoMgr.getXXDataMaskTypeDef();
+ List<XXDataMaskTypeDef> xxDataMaskTypes = dataMaskTypeDao.findByServiceDefId(serviceDefId);
+ // create or update dataMasks
+ for (RangerServiceDef.RangerDataMaskTypeDef dataMask : dataMasks) {
+ boolean found = false;
+ for (XXDataMaskTypeDef xxDataMask : xxDataMaskTypes) {
+ if (xxDataMask.getItemId() != null && xxDataMask.getItemId().equals(dataMask.getItemId())) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Updating existing dataMask with itemId=" + dataMask.getItemId());
+ }
+
+ found = true;
+ xxDataMask = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xxDataMask, createdSvcDef,
+ RangerServiceDefService.OPERATION_UPDATE_CONTEXT);
+ xxDataMask = dataMaskTypeDao.update(xxDataMask);
+ dataMask = serviceDefService.populateXXToRangerDataMaskTypeDef(xxDataMask);
+ break;
+ }
+ }
+
+ if (!found) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Creating dataMask with itemId=" + dataMask.getItemId() + "");
+ }
+
+ XXDataMaskTypeDef xxDataMask = new XXDataMaskTypeDef();
+ xxDataMask = serviceDefService.populateRangerDataMaskDefToXX(dataMask, xxDataMask, createdSvcDef, RangerServiceDefService.OPERATION_CREATE_CONTEXT);
+ xxDataMask = dataMaskTypeDao.create(xxDataMask);
+ }
+ }
+
+ // remove dataMasks
+ for (XXDataMaskTypeDef xxDataMask : xxDataMaskTypes) {
+ boolean found = false;
+ for (RangerDataMaskTypeDef dataMask : dataMasks) {
+ if (xxDataMask.getItemId() != null && xxDataMask.getItemId().equals(dataMask.getItemId())) {
+ found = true;
+ break;
+ }
+ }
+ if (!found) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("Deleting dataMask with itemId=" + xxDataMask.getItemId());
+ }
+
+ dataMaskTypeDao.remove(xxDataMask);
+ }
+ }
+
+ List<XXAccessTypeDef> xxAccessTypeDefs = xxATDDao.findByServiceDefId(serviceDefId);
+
+ for(String accessType : supportedAccessTypes) {
+ boolean found = false;
+ for(XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
+ if(StringUtils.equals(xxAccessTypeDef.getName(), accessType)) {
+ found = true;
+ break;
+ }
+ }
+
+ if(! found) {
+ throw restErrorUtil.createRESTException("accessType with name: "
+ + accessType + " does not exists", MessageEnums.DATA_NOT_FOUND);
+ }
+ }
+
+ for(XXAccessTypeDef xxAccessTypeDef : xxAccessTypeDefs) {
+ boolean isDatamaskingSupported = supportedAccessTypes.contains(xxAccessTypeDef.getName());
+
+ if(xxAccessTypeDef.isDatamaskingSupported() != isDatamaskingSupported) {
+ xxAccessTypeDef.setDatamaskingSupported(isDatamaskingSupported);
+ xxATDDao.update(xxAccessTypeDef);
+ }
+ }
+
+ List<XXResourceDef> xxResourceDefs = xxResDefDao.findByServiceDefId(serviceDefId);
+
+ for(String resource : supportedResources) {
+ boolean found = false;
+ for(XXResourceDef xxResourceDef : xxResourceDefs) {
+ if(StringUtils.equals(xxResourceDef.getName(), resource)) {
+ found = true;
+ break;
+ }
+ }
+
+ if(! found) {
+ throw restErrorUtil.createRESTException("resource with name: "
+ + resource + " does not exists", MessageEnums.DATA_NOT_FOUND);
+ }
+ }
+
+ for(XXResourceDef xxResourceDef : xxResourceDefs) {
+ boolean isDatamaskingSupported = supportedResources.contains(xxResourceDef.getName());
+
+ if(xxResourceDef.isDatamaskingSupported() != isDatamaskingSupported) {
+ xxResourceDef.setDatamaskingSupported(isDatamaskingSupported);
+ xxResDefDao.update(xxResourceDef);
+ }
+ }
}
@Override
@@ -806,6 +951,12 @@ public class ServiceDBStore extends AbstractServiceStore {
}
}
+ XXDataMaskTypeDefDao dataMaskDao = daoMgr.getXXDataMaskTypeDef();
+ List<XXDataMaskTypeDef> dataMaskDefs = dataMaskDao.findByServiceDefId(serviceDefId);
+ for(XXDataMaskTypeDef dataMaskDef : dataMaskDefs) {
+ dataMaskDao.remove(dataMaskDef);
+ }
+
List<XXAccessTypeDef> accTypeDefs = daoMgr.getXXAccessTypeDef().findByServiceDefId(serviceDefId);
for(XXAccessTypeDef accessType : accTypeDefs) {
deleteXXAccessTypeDef(accessType);
@@ -1415,6 +1566,7 @@ public class ServiceDBStore extends AbstractServiceStore {
List<RangerPolicyItem> denyPolicyItems = policy.getDenyPolicyItems();
List<RangerPolicyItem> allowExceptions = policy.getAllowExceptions();
List<RangerPolicyItem> denyExceptions = policy.getDenyExceptions();
+ List<RangerDataMaskPolicyItem> dataMaskItems = policy.getDataMaskPolicyItems();
policy.setVersion(Long.valueOf(1));
updatePolicySignature(policy);
@@ -1439,6 +1591,7 @@ public class ServiceDBStore extends AbstractServiceStore {
createNewPolicyItemsForPolicy(policy, xCreatedPolicy, denyPolicyItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY);
createNewPolicyItemsForPolicy(policy, xCreatedPolicy, allowExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW_EXCEPTIONS);
createNewPolicyItemsForPolicy(policy, xCreatedPolicy, denyExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS);
+ createNewDataMaskPolicyItemsForPolicy(policy, xCreatedPolicy, dataMaskItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATA_MASKING);
handlePolicyUpdate(service);
RangerPolicy createdPolicy = policyService.getPopulatedViewObject(xCreatedPolicy);
dataHistService.createObjectDataHistory(createdPolicy, RangerDataHistService.ACTION_CREATE);
@@ -1491,6 +1644,7 @@ public class ServiceDBStore extends AbstractServiceStore {
List<RangerPolicyItem> denyPolicyItems = policy.getDenyPolicyItems();
List<RangerPolicyItem> allowExceptions = policy.getAllowExceptions();
List<RangerPolicyItem> denyExceptions = policy.getDenyExceptions();
+ List<RangerDataMaskPolicyItem> dataMaskPolicyItems = policy.getDataMaskPolicyItems();
policy.setCreateTime(xxExisting.getCreateTime());
policy.setGuid(xxExisting.getGuid());
@@ -1511,7 +1665,8 @@ public class ServiceDBStore extends AbstractServiceStore {
createNewPolicyItemsForPolicy(policy, newUpdPolicy, denyPolicyItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY);
createNewPolicyItemsForPolicy(policy, newUpdPolicy, allowExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW_EXCEPTIONS);
createNewPolicyItemsForPolicy(policy, newUpdPolicy, denyExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS);
-
+ createNewDataMaskPolicyItemsForPolicy(policy, newUpdPolicy, dataMaskPolicyItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATA_MASKING);
+
handlePolicyUpdate(service);
RangerPolicy updPolicy = policyService.getPopulatedViewObject(newUpdPolicy);
dataHistService.createObjectDataHistory(updPolicy, RangerDataHistService.ACTION_UPDATE);
@@ -2100,93 +2255,132 @@ public class ServiceDBStore extends AbstractServiceStore {
}
}
- private void createNewPolicyItemsForPolicy(RangerPolicy policy, XXPolicy xPolicy, List<RangerPolicyItem> policyItems, XXServiceDef xServiceDef, int policyItemType) throws Exception {
-
- for (int itemOrder = 0; itemOrder < policyItems.size(); itemOrder++) {
- RangerPolicyItem policyItem = policyItems.get(itemOrder);
- XXPolicyItem xPolicyItem = new XXPolicyItem();
- xPolicyItem = (XXPolicyItem) rangerAuditFields.populateAuditFields(
- xPolicyItem, xPolicy);
- xPolicyItem.setDelegateAdmin(policyItem.getDelegateAdmin());
- xPolicyItem.setItemType(policyItemType);
- xPolicyItem.setIsEnabled(Boolean.TRUE);
- xPolicyItem.setComments(null);
- xPolicyItem.setPolicyId(policy.getId());
- xPolicyItem.setOrder(itemOrder);
- xPolicyItem = daoMgr.getXXPolicyItem().create(xPolicyItem);
-
- List<RangerPolicyItemAccess> accesses = policyItem.getAccesses();
- for (int i = 0; i < accesses.size(); i++) {
- RangerPolicyItemAccess access = accesses.get(i);
-
- XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef()
- .findByNameAndServiceId(access.getType(),
- xPolicy.getService());
- if (xAccTypeDef == null) {
- throw new Exception(access.getType() + ": is not a valid access-type. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
- }
+ private XXPolicyItem createNewPolicyItemForPolicy(RangerPolicy policy, XXPolicy xPolicy, RangerPolicy.RangerPolicyItem policyItem, XXServiceDef xServiceDef, int itemOrder, int policyItemType) throws Exception {
+ XXPolicyItem xPolicyItem = new XXPolicyItem();
- XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
- xPolItemAcc = (XXPolicyItemAccess) rangerAuditFields.populateAuditFields(xPolItemAcc, xPolicyItem);
- xPolItemAcc.setIsAllowed(access.getIsAllowed());
+ xPolicyItem = (XXPolicyItem) rangerAuditFields.populateAuditFields(xPolicyItem, xPolicy);
- xPolItemAcc.setType(xAccTypeDef.getId());
- xPolItemAcc.setPolicyitemid(xPolicyItem.getId());
- xPolItemAcc.setOrder(i);
- xPolItemAcc = daoMgr.getXXPolicyItemAccess()
- .create(xPolItemAcc);
+ xPolicyItem.setDelegateAdmin(policyItem.getDelegateAdmin());
+ xPolicyItem.setItemType(policyItemType);
+ xPolicyItem.setIsEnabled(Boolean.TRUE);
+ xPolicyItem.setComments(null);
+ xPolicyItem.setPolicyId(policy.getId());
+ xPolicyItem.setOrder(itemOrder);
+ xPolicyItem = daoMgr.getXXPolicyItem().create(xPolicyItem);
+
+ List<RangerPolicyItemAccess> accesses = policyItem.getAccesses();
+ for (int i = 0; i < accesses.size(); i++) {
+ RangerPolicyItemAccess access = accesses.get(i);
+
+ XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef()
+ .findByNameAndServiceId(access.getType(),
+ xPolicy.getService());
+ if (xAccTypeDef == null) {
+ throw new Exception(access.getType() + ": is not a valid access-type. policy='" + policy.getName() + "' service='" + policy.getService() + "'");
}
- List<String> users = policyItem.getUsers();
- for(int i = 0; i < users.size(); i++) {
- String user = users.get(i);
- XXUser xUser = daoMgr.getXXUser().findByUserName(user);
- if(xUser == null) {
- throw new Exception(user + ": user does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
- }
- XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
- xUserPerm = (XXPolicyItemUserPerm) rangerAuditFields.populateAuditFields(xUserPerm, xPolicyItem);
- xUserPerm.setUserId(xUser.getId());
- xUserPerm.setPolicyItemId(xPolicyItem.getId());
- xUserPerm.setOrder(i);
- xUserPerm = daoMgr.getXXPolicyItemUserPerm().create(xUserPerm);
+ XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
+
+ xPolItemAcc = (XXPolicyItemAccess) rangerAuditFields.populateAuditFields(xPolItemAcc, xPolicyItem);
+ xPolItemAcc.setIsAllowed(access.getIsAllowed());
+ xPolItemAcc.setType(xAccTypeDef.getId());
+ xPolItemAcc.setPolicyitemid(xPolicyItem.getId());
+ xPolItemAcc.setOrder(i);
+
+ daoMgr.getXXPolicyItemAccess().create(xPolItemAcc);
+ }
+
+ List<String> users = policyItem.getUsers();
+ for(int i = 0; i < users.size(); i++) {
+ String user = users.get(i);
+
+ XXUser xUser = daoMgr.getXXUser().findByUserName(user);
+ if(xUser == null) {
+ throw new Exception(user + ": user does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
}
-
- List<String> groups = policyItem.getGroups();
- for(int i = 0; i < groups.size(); i++) {
- String group = groups.get(i);
+ XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
+ xUserPerm = (XXPolicyItemUserPerm) rangerAuditFields.populateAuditFields(xUserPerm, xPolicyItem);
+ xUserPerm.setUserId(xUser.getId());
+ xUserPerm.setPolicyItemId(xPolicyItem.getId());
+ xUserPerm.setOrder(i);
+ xUserPerm = daoMgr.getXXPolicyItemUserPerm().create(xUserPerm);
+ }
- XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
- if(xGrp == null) {
- throw new Exception(group + ": group does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
- }
- XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
- xGrpPerm = (XXPolicyItemGroupPerm) rangerAuditFields.populateAuditFields(xGrpPerm, xPolicyItem);
- xGrpPerm.setGroupId(xGrp.getId());
- xGrpPerm.setPolicyItemId(xPolicyItem.getId());
- xGrpPerm.setOrder(i);
- xGrpPerm = daoMgr.getXXPolicyItemGroupPerm().create(xGrpPerm);
+ List<String> groups = policyItem.getGroups();
+ for(int i = 0; i < groups.size(); i++) {
+ String group = groups.get(i);
+
+ XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
+ if(xGrp == null) {
+ throw new Exception(group + ": group does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
}
-
- List<RangerPolicyItemCondition> conditions = policyItem.getConditions();
- for(RangerPolicyItemCondition condition : conditions) {
- XXPolicyConditionDef xPolCond = daoMgr
- .getXXPolicyConditionDef().findByServiceDefIdAndName(
- xServiceDef.getId(), condition.getType());
-
- if(xPolCond == null) {
- throw new Exception(condition.getType() + ": is not a valid condition-type. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
- }
-
- for(int i = 0; i < condition.getValues().size(); i++) {
- String value = condition.getValues().get(i);
- XXPolicyItemCondition xPolItemCond = new XXPolicyItemCondition();
- xPolItemCond = (XXPolicyItemCondition) rangerAuditFields.populateAuditFields(xPolItemCond, xPolicyItem);
- xPolItemCond.setPolicyItemId(xPolicyItem.getId());
- xPolItemCond.setType(xPolCond.getId());
- xPolItemCond.setValue(value);
- xPolItemCond.setOrder(i);
- xPolItemCond = daoMgr.getXXPolicyItemCondition().create(xPolItemCond);
+ XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
+ xGrpPerm = (XXPolicyItemGroupPerm) rangerAuditFields.populateAuditFields(xGrpPerm, xPolicyItem);
+ xGrpPerm.setGroupId(xGrp.getId());
+ xGrpPerm.setPolicyItemId(xPolicyItem.getId());
+ xGrpPerm.setOrder(i);
+ xGrpPerm = daoMgr.getXXPolicyItemGroupPerm().create(xGrpPerm);
+ }
+
+ List<RangerPolicyItemCondition> conditions = policyItem.getConditions();
+ for(RangerPolicyItemCondition condition : conditions) {
+ XXPolicyConditionDef xPolCond = daoMgr
+ .getXXPolicyConditionDef().findByServiceDefIdAndName(
+ xServiceDef.getId(), condition.getType());
+
+ if(xPolCond == null) {
+ throw new Exception(condition.getType() + ": is not a valid condition-type. policy='"+ xPolicy.getName() + "' service='"+ xPolicy.getService() + "'");
+ }
+
+ for(int i = 0; i < condition.getValues().size(); i++) {
+ String value = condition.getValues().get(i);
+ XXPolicyItemCondition xPolItemCond = new XXPolicyItemCondition();
+ xPolItemCond = (XXPolicyItemCondition) rangerAuditFields.populateAuditFields(xPolItemCond, xPolicyItem);
+ xPolItemCond.setPolicyItemId(xPolicyItem.getId());
+ xPolItemCond.setType(xPolCond.getId());
+ xPolItemCond.setValue(value);
+ xPolItemCond.setOrder(i);
+
+ daoMgr.getXXPolicyItemCondition().create(xPolItemCond);
+ }
+ }
+
+ return xPolicyItem;
+ }
+
+ private void createNewPolicyItemsForPolicy(RangerPolicy policy, XXPolicy xPolicy, List<RangerPolicyItem> policyItems, XXServiceDef xServiceDef, int policyItemType) throws Exception {
+ if(CollectionUtils.isNotEmpty(policyItems)) {
+ for (int itemOrder = 0; itemOrder < policyItems.size(); itemOrder++) {
+ RangerPolicyItem policyItem = policyItems.get(itemOrder);
+ XXPolicyItem xPolicyItem = createNewPolicyItemForPolicy(policy, xPolicy, policyItem, xServiceDef, itemOrder, policyItemType);
+ }
+ }
+ }
+
+ private void createNewDataMaskPolicyItemsForPolicy(RangerPolicy policy, XXPolicy xPolicy, List<RangerDataMaskPolicyItem> policyItems, XXServiceDef xServiceDef, int policyItemType) throws Exception {
+ if(CollectionUtils.isNotEmpty(policyItems)) {
+ for (int itemOrder = 0; itemOrder < policyItems.size(); itemOrder++) {
+ RangerDataMaskPolicyItem policyItem = policyItems.get(itemOrder);
+
+ XXPolicyItem xPolicyItem = createNewPolicyItemForPolicy(policy, xPolicy, policyItem, xServiceDef, itemOrder, policyItemType);
+
+ RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = policyItem.getDataMaskInfo();
+
+ if(dataMaskInfo != null) {
+ XXDataMaskTypeDef dataMaskDef = daoMgr.getXXDataMaskTypeDef().findByNameAndServiceId(dataMaskInfo.getDataMaskType(), xPolicy.getService());
+
+ if(dataMaskDef == null) {
+ throw new Exception(dataMaskInfo.getDataMaskType() + ": is not a valid datamask-type. policy='" + policy.getName() + "' service='" + policy.getService() + "'");
+ }
+
+ XXPolicyItemDataMaskInfo xxDataMaskInfo = new XXPolicyItemDataMaskInfo();
+
+ xxDataMaskInfo.setPolicyitemid(xPolicyItem.getId());
+ xxDataMaskInfo.setType(dataMaskDef.getId());
+ xxDataMaskInfo.setConditionExpr(dataMaskInfo.getConditionExpr());
+ xxDataMaskInfo.setValueExpr(dataMaskInfo.getValueExpr());
+
+ xxDataMaskInfo = daoMgr.getXXPolicyItemDataMaskInfo().create(xxDataMaskInfo);
}
}
}
@@ -2258,7 +2452,13 @@ public class ServiceDBStore extends AbstractServiceStore {
for(XXPolicyItemAccess access : accesses) {
polItemAccDao.remove(access);
}
-
+
+ XXPolicyItemDataMaskInfoDao polItemDataMaskInfoDao = daoMgr.getXXPolicyItemDataMaskInfo();
+ List<XXPolicyItemDataMaskInfo> dataMaskInfos = polItemDataMaskInfoDao.findByPolicyItemId(polItemId);
+ for(XXPolicyItemDataMaskInfo dataMaskInfo : dataMaskInfos) {
+ polItemDataMaskInfoDao.remove(dataMaskInfo);
+ }
+
policyItemDao.remove(policyItem);
}
return true;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
index e47d10b..6988750 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
@@ -575,11 +575,19 @@ public class AppConstants extends RangerCommonEnums {
* Class type of XXTagResourceMap
*/
public static final int CLASS_TYPE_XA_TAG_RESOURCE_MAP = 1048;
+ /**
+ * CLASS_TYPE_XA_DATAMASK_DEF is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_DATAMASK_DEF".
+ */
+ public static final int CLASS_TYPE_XA_DATAMASK_DEF = 1049;
+ /**
+ * CLASS_TYPE_RANGER_POLICY_ITEM_DATAMASK_INFO is an element of enum ClassTypes. Its value is "CLASS_TYPE_RANGER_POLICY_ITEM_DATAMASK_INFO".
+ */
+ public static final int CLASS_TYPE_RANGER_POLICY_ITEM_DATAMASK_INFO = 1050;
/**
* Max value for enum ClassTypes_MAX
*/
- public static final int ClassTypes_MAX = 1048;
+ public static final int ClassTypes_MAX = 1050;
/***************************************************************
* Enum values for Default SortOrder
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
index d9cf87a..5431553 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java
@@ -186,7 +186,13 @@ public abstract class RangerDaoManagerBase {
if (classType == AppConstants.CLASS_TYPE_XA_TAG_RESOURCE_MAP) {
return getXXTagResourceMap();
}
-
+ if (classType == AppConstants.CLASS_TYPE_XA_DATAMASK_DEF) {
+ return getXXDataMaskTypeDef();
+ }
+ if (classType == AppConstants.CLASS_TYPE_RANGER_POLICY_ITEM_DATAMASK_INFO) {
+ return getXXPolicyItemDataMaskInfo();
+ }
+
logger.error("No DaoManager found for classType=" + classType, new Throwable());
return null;
}
@@ -340,6 +346,12 @@ public abstract class RangerDaoManagerBase {
if (className.equals("XXTagResourceMap")) {
return getXXTagResourceMap();
}
+ if (className.equals("XXDataMaskTypeDef")) {
+ return getXXDataMaskTypeDef();
+ }
+ if (className.equals("XXPolicyItemDataMaskInfo")) {
+ return getXXPolicyItemDataMaskInfo();
+ }
logger.error("No DaoManager found for className=" + className, new Throwable());
return null;
@@ -548,5 +560,11 @@ public abstract class RangerDaoManagerBase {
return new XXTagResourceMapDao(this);
}
+ public XXDataMaskTypeDefDao getXXDataMaskTypeDef() { return new XXDataMaskTypeDefDao(this); }
+
+ public XXPolicyItemDataMaskInfoDao getXXPolicyItemDataMaskInfo() {
+ return new XXPolicyItemDataMaskInfoDao(this);
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java
new file mode 100644
index 0000000..f6e1aff
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXDataMaskTypeDefDao.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.persistence.NoResultException;
+
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.entity.XXDataMaskTypeDef;
+
+public class XXDataMaskTypeDefDao extends BaseDao<XXDataMaskTypeDef> {
+
+ public XXDataMaskTypeDefDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ }
+
+ public List<XXDataMaskTypeDef> findByServiceDefId(Long serviceDefId) {
+ if (serviceDefId == null) {
+ return new ArrayList<XXDataMaskTypeDef>();
+ }
+ try {
+ List<XXDataMaskTypeDef> retList = getEntityManager()
+ .createNamedQuery("XXDataMaskTypeDef.findByServiceDefId", tClass)
+ .setParameter("serviceDefId", serviceDefId).getResultList();
+ return retList;
+ } catch (NoResultException e) {
+ return new ArrayList<XXDataMaskTypeDef>();
+ }
+ }
+
+ public XXDataMaskTypeDef findByNameAndServiceId(String name, Long serviceId) {
+ if(name == null || serviceId == null) {
+ return null;
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXDataMaskTypeDef.findByNameAndServiceId", tClass)
+ .setParameter("name", name).setParameter("serviceId", serviceId)
+ .getSingleResult();
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java
new file mode 100644
index 0000000..a8418c6
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDataMaskInfoDao.java
@@ -0,0 +1,85 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.db;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.persistence.NoResultException;
+
+import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.entity.XXPolicyItemDataMaskInfo;
+
+public class XXPolicyItemDataMaskInfoDao extends BaseDao<XXPolicyItemDataMaskInfo> {
+
+ public XXPolicyItemDataMaskInfoDao(RangerDaoManagerBase daoManager) {
+ super(daoManager);
+ }
+
+ public List<XXPolicyItemDataMaskInfo> findByPolicyItemId(Long polItemId) {
+ if(polItemId == null) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemDataMaskInfo.findByPolicyItemId", tClass)
+ .setParameter("polItemId", polItemId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ }
+
+ public List<XXPolicyItemDataMaskInfo> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemDataMaskInfo.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ }
+
+ public List<XXPolicyItemDataMaskInfo> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemDataMaskInfo.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ }
+
+ public List<XXPolicyItemDataMaskInfo> findByType(Long type) {
+ if (type == null) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ try {
+ return getEntityManager().createNamedQuery("XXPolicyItemDataMaskInfo.findByType", tClass)
+ .setParameter("type", type).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemDataMaskInfo>();
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java b/security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java
index 72eeb1d..62b11ce 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXAccessTypeDef.java
@@ -94,6 +94,15 @@ public class XXAccessTypeDef extends XXDBBase implements java.io.Serializable {
protected Integer order;
/**
+ * datamaskingSupported of the XXAccessTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "datamasking_supported")
+ protected boolean datamaskingSupported;
+
+ /**
* This method sets the value to the member attribute <b> id</b> . You
* cannot set null to the attribute.
*
@@ -233,6 +242,14 @@ public class XXAccessTypeDef extends XXDBBase implements java.io.Serializable {
return this.order;
}
+ public boolean isDatamaskingSupported() {
+ return datamaskingSupported;
+ }
+
+ public void setDatamaskingSupported(boolean datamaskingSupported) {
+ this.datamaskingSupported = datamaskingSupported;
+ }
+
/*
* (non-Javadoc)
*
@@ -302,6 +319,9 @@ public class XXAccessTypeDef extends XXDBBase implements java.io.Serializable {
} else if (!rbKeyLabel.equals(other.rbKeyLabel)) {
return false;
}
+ if (datamaskingSupported != other.datamaskingSupported) {
+ return false;
+ }
return true;
}
@@ -314,7 +334,7 @@ public class XXAccessTypeDef extends XXDBBase implements java.io.Serializable {
public String toString() {
return "XXAccessTypeDef [" + super.toString() + " id=" + id
+ ", defId=" + defId + ", itemId=" + itemId + ", name=" + name + ", label=" + label
- + ", rbKeyLabel=" + rbKeyLabel + ", order=" + order + "]";
+ + ", rbKeyLabel=" + rbKeyLabel + ", datamaskingSupported=" + datamaskingSupported + ", order=" + order + "]";
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/entity/XXDataMaskTypeDef.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXDataMaskTypeDef.java b/security-admin/src/main/java/org/apache/ranger/entity/XXDataMaskTypeDef.java
new file mode 100644
index 0000000..f7480f7
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXDataMaskTypeDef.java
@@ -0,0 +1,403 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.entity;
+
+import javax.persistence.*;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@Entity
+@Cacheable
+@XmlRootElement
+@Table(name = "x_datamask_type_def")
+public class XXDataMaskTypeDef extends XXDBBase implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+ /**
+ * id of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Id
+ @SequenceGenerator(name = "x_datamask_type_def_SEQ", sequenceName = "x_datamask_type_def_SEQ", allocationSize = 1)
+ @GeneratedValue(strategy = GenerationType.AUTO, generator = "x_datamask_type_def_SEQ")
+ @Column(name = "id")
+ protected Long id;
+
+ /**
+ * defId of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "def_id")
+ protected Long defId;
+
+ /**
+ * itemId of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "item_id")
+ protected Long itemId;
+
+ /**
+ * name of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "name")
+ protected String name;
+
+ /**
+ * label of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "label")
+ protected String label;
+
+ /**
+ * description of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "description")
+ protected String description;
+
+ /**
+ * dataMaskOptions of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "datamask_options")
+ protected String dataMaskOptions;
+
+ /**
+ * rbKeyLabel of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "rb_key_label")
+ protected String rbKeyLabel;
+
+ /**
+ * rbKeyDescription of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "rb_key_description")
+ protected String rbKeyDescription;
+
+ /**
+ * order of the XXDataMaskTypeDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "sort_order")
+ protected Integer order;
+
+ /**
+ * This method sets the value to the member attribute <b> id</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param id
+ * Value to set member attribute <b> id</b>
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>id</b>
+ *
+ * @return Date - value of member attribute <b>id</b> .
+ */
+ public Long getId() {
+ return this.id;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> defId</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param defId
+ * Value to set member attribute <b> defId</b>
+ */
+ public void setDefid(Long defId) {
+ this.defId = defId;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>defId</b>
+ *
+ * @return Date - value of member attribute <b>defId</b> .
+ */
+ public Long getDefid() {
+ return this.defId;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> itemId</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param itemId
+ * Value to set member attribute <b> itemId</b>
+ */
+ public void setItemId(Long itemId) {
+ this.itemId = itemId;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>itemId</b>
+ *
+ * @return Long - value of member attribute <b>itemId</b> .
+ */
+ public Long getItemId() {
+ return this.itemId;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> name</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param name
+ * Value to set member attribute <b> name</b>
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>name</b>
+ *
+ * @return Date - value of member attribute <b>name</b> .
+ */
+ public String getName() {
+ return this.name;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> label</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param label
+ * Value to set member attribute <b> label</b>
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>label</b>
+ *
+ * @return Date - value of member attribute <b>label</b> .
+ */
+ public String getLabel() {
+ return this.label;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> description</b> .
+ *
+ * @param description
+ * Value to set member attribute <b> description</b>
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>description</b>
+ *
+ * @return String - value of member attribute <b>description</b> .
+ */
+ public String getDescription() {
+ return this.description;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> dataMaskOptions</b> .
+ *
+ * @param dataMaskOptions
+ * Value to set member attribute <b> dataMaskOptions</b>
+ */
+ public void setDataMaskOptions(String dataMaskOptions) {
+ this.dataMaskOptions = dataMaskOptions;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>dataMaskOptions</b>
+ *
+ * @return String - value of member attribute <b>dataMaskOptions</b> .
+ */
+ public String getDataMaskOptions() {
+ return this.dataMaskOptions;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> rbKeyLabel</b> .
+ * You cannot set null to the attribute.
+ *
+ * @param rbKeyLabel
+ * Value to set member attribute <b> rbKeyLabel</b>
+ */
+ public void setRbkeylabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>rbKeyLabel</b>
+ *
+ * @return Date - value of member attribute <b>rbKeyLabel</b> .
+ */
+ public String getRbkeylabel() {
+ return this.rbKeyLabel;
+ }
+ /**
+ * This method sets the value to the member attribute <b> rbKeyDescription</b> .
+ *
+ * @param rbKeyDescription
+ * Value to set member attribute <b> rbKeyDescription</b>
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>rbKeyDescription</b>
+ *
+ * @return String - value of member attribute <b>rbKeyDescription</b> .
+ */
+ public String getRbKeyDescription() {
+ return this.rbKeyDescription;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> order</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param order
+ * Value to set member attribute <b> order</b>
+ */
+ public void setOrder(Integer order) {
+ this.order = order;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>order</b>
+ *
+ * @return Date - value of member attribute <b>order</b> .
+ */
+ public Integer getOrder() {
+ return this.order;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ if (!super.equals(obj)) {
+ return false;
+ }
+ if (this == obj) {
+ return true;
+ }
+ if (!super.equals(obj)) {
+ return false;
+ }
+ if (getClass() != obj.getClass()) {
+ return false;
+ }
+ XXDataMaskTypeDef other = (XXDataMaskTypeDef) obj;
+ if (defId == null) {
+ if (other.defId != null) {
+ return false;
+ }
+ } else if (!defId.equals(other.defId)) {
+ return false;
+ }
+ if (itemId == null) {
+ if (other.itemId != null) {
+ return false;
+ }
+ } else if (!itemId.equals(other.itemId)) {
+ return false;
+ }
+ if (id == null) {
+ if (other.id != null) {
+ return false;
+ }
+ } else if (!id.equals(other.id)) {
+ return false;
+ }
+ if (label == null) {
+ if (other.label != null) {
+ return false;
+ }
+ } else if (!label.equals(other.label)) {
+ return false;
+ }
+ if (name == null) {
+ if (other.name != null) {
+ return false;
+ }
+ } else if (!name.equals(other.name)) {
+ return false;
+ }
+ if (order == null) {
+ if (other.order != null) {
+ return false;
+ }
+ } else if (!order.equals(other.order)) {
+ return false;
+ }
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null) {
+ return false;
+ }
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel)) {
+ return false;
+ }
+ return true;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ return "XXDataMaskTypeDef [" + super.toString() + " id=" + id
+ + ", defId=" + defId + ", itemId=" + itemId + ", name=" + name + ", label=" + label
+ + ", rbKeyLabel=" + rbKeyLabel + ", order=" + order + "]";
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemDataMaskInfo.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemDataMaskInfo.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemDataMaskInfo.java
new file mode 100644
index 0000000..391f5a8
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemDataMaskInfo.java
@@ -0,0 +1,282 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.entity;
+
+import javax.persistence.*;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@Entity
+@Cacheable
+@XmlRootElement
+@Table(name = "x_policy_item_datamask")
+public class XXPolicyItemDataMaskInfo extends XXDBBase implements
+ java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+ /**
+ * id of the XXPolicyItemDataMaskInfo
+ * <ul>
+ * </ul>
+ *
+ */
+ @Id
+ @SequenceGenerator(name = "x_policy_item_datamask_SEQ", sequenceName = "x_policy_item_datamask_SEQ", allocationSize = 1)
+ @GeneratedValue(strategy = GenerationType.AUTO, generator = "x_policy_item_datamask_SEQ")
+ @Column(name = "id")
+ protected Long id;
+
+ /**
+ * Global Id for the object
+ * <ul>
+ * <li>The maximum length for this attribute is <b>512</b>.
+ * </ul>
+ *
+ */
+ @Column(name = "guid", unique = true, nullable = false, length = 512)
+ protected String GUID;
+
+ /**
+ * policyItemId of the XXPolicyItemDataMaskInfo
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "policy_item_id")
+ protected Long policyItemId;
+
+ /**
+ * type of the XXPolicyItemDataMaskInfo
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "type")
+ protected Long type;
+
+ /**
+ * isAllowed of the XXPolicyItemDataMaskInfo
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "condition_expr")
+ protected String conditionExpr;
+
+ /**
+ * order of the XXPolicyItemDataMaskInfo
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "value_expr")
+ protected String valueExpr;
+
+ /**
+ * This method sets the value to the member attribute <b> id</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param id
+ * Value to set member attribute <b> id</b>
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>id</b>
+ *
+ * @return Date - value of member attribute <b>id</b> .
+ */
+ public Long getId() {
+ return this.id;
+ }
+
+ /**
+ * @return the gUID
+ */
+ public String getGUID() {
+ return GUID;
+ }
+
+ /**
+ * @param gUID
+ * the gUID to set
+ */
+ public void setGUID(String gUID) {
+ GUID = gUID;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> policyItemId</b> .
+ * You cannot set null to the attribute.
+ *
+ * @param policyItemId
+ * Value to set member attribute <b> policyItemId</b>
+ */
+ public void setPolicyitemid(Long policyItemId) {
+ this.policyItemId = policyItemId;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>policyItemId</b>
+ *
+ * @return Date - value of member attribute <b>policyItemId</b> .
+ */
+ public Long getPolicyitemid() {
+ return this.policyItemId;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> type</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param type
+ * Value to set member attribute <b> type</b>
+ */
+ public void setType(Long type) {
+ this.type = type;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>type</b>
+ *
+ * @return Date - value of member attribute <b>type</b> .
+ */
+ public Long getType() {
+ return this.type;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> conditionExpr</b> .
+ * You cannot set null to the attribute.
+ *
+ * @param conditionExpr
+ * Value to set member attribute <b> conditionExpr</b>
+ */
+ public void setConditionExpr(String conditionExpr) {
+ this.conditionExpr = conditionExpr;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>valueExpr</b>
+ *
+ * @return String - value of member attribute <b>valueExpr</b> .
+ */
+ public String getConditionExpr() {
+ return this.valueExpr;
+ }
+
+ /**
+ * This method sets the value to the member attribute <b> valueExpr</b> . You
+ * cannot set null to the attribute.
+ *
+ * @param valueExpr
+ * Value to set member attribute <b> valueExpr</b>
+ */
+ public void setValueExpr(String valueExpr) {
+ this.valueExpr = valueExpr;
+ }
+
+ /**
+ * Returns the value for the member attribute <b>valueExpr</b>
+ *
+ * @return String - value of member attribute <b>valueExpr</b> .
+ */
+ public String getValueExpr() {
+ return this.valueExpr;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ if (!super.equals(obj)) {
+ return false;
+ }
+ if (this == obj) {
+ return true;
+ }
+ if (!super.equals(obj)) {
+ return false;
+ }
+ if (getClass() != obj.getClass()) {
+ return false;
+ }
+ XXPolicyItemDataMaskInfo other = (XXPolicyItemDataMaskInfo) obj;
+ if (id == null) {
+ if (other.id != null) {
+ return false;
+ }
+ } else if (!id.equals(other.id)) {
+ return false;
+ }
+ if (conditionExpr == null) {
+ if (other.conditionExpr != null) {
+ return false;
+ }
+ } else if (!conditionExpr.equals(other.conditionExpr)) {
+ return false;
+ }
+ if (valueExpr == null) {
+ if (other.valueExpr != null) {
+ return false;
+ }
+ } else if (!valueExpr.equals(other.valueExpr)) {
+ return false;
+ }
+ if (policyItemId == null) {
+ if (other.policyItemId != null) {
+ return false;
+ }
+ } else if (!policyItemId.equals(other.policyItemId)) {
+ return false;
+ }
+ if (type == null) {
+ if (other.type != null) {
+ return false;
+ }
+ } else if (!type.equals(other.type)) {
+ return false;
+ }
+ if (GUID == null) {
+ if (other.GUID != null) {
+ return false;
+ }
+ } else if (!GUID.equals(other.GUID)) {
+ return false;
+ }
+ return true;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ return "XXPolicyItemDataMaskInfo [" + super.toString() + " id=" + id
+ + ", guid=" + GUID + ", policyItemId="
+ + policyItemId + ", type=" + type + ", conditionExpr=" + conditionExpr
+ + ", valueExpr=" + valueExpr + "]";
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java b/security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java
index 54f716d..8a2b6e0 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXResourceDef.java
@@ -229,6 +229,15 @@ public class XXResourceDef extends XXDBBase implements java.io.Serializable {
protected Integer order;
/**
+ * datamaskingSupported of the XXResourceDef
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "datamasking_supported")
+ protected boolean datamaskingSupported;
+
+ /**
* This method sets the value to the member attribute <b> id</b> . You
* cannot set null to the attribute.
*
@@ -644,6 +653,14 @@ public class XXResourceDef extends XXDBBase implements java.io.Serializable {
return this.order;
}
+ public boolean isDatamaskingSupported() {
+ return datamaskingSupported;
+ }
+
+ public void setDatamaskingSupported(boolean datamaskingSupported) {
+ this.datamaskingSupported = datamaskingSupported;
+ }
+
/*
* (non-Javadoc)
*
@@ -779,6 +796,9 @@ public class XXResourceDef extends XXDBBase implements java.io.Serializable {
} else if (!type.equals(other.type)) {
return false;
}
+ if (datamaskingSupported != other.datamaskingSupported) {
+ return false;
+ }
return true;
}
@@ -803,7 +823,9 @@ public class XXResourceDef extends XXDBBase implements java.io.Serializable {
+ ", rbKeyLabel="+ rbKeyLabel
+ ", rbKeyDescription=" + rbKeyDescription
+ ", rbKeyValidationMessage=" + rbKeyValidationMessage
- + ", order=" + order + "]";
+ + ", order=" + order
+ + ", datamaskingSupported=" + datamaskingSupported
+ + "]";
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
index b256a92..1195a50 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
@@ -90,7 +90,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends
}
xObj.setService(xService.getId());
xObj.setName(vObj.getName());
- xObj.setPolicyType(vObj.getPolicyType());
+ xObj.setPolicyType(vObj.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : vObj.getPolicyType());
xObj.setDescription(vObj.getDescription());
xObj.setResourceSignature(vObj.getResourceSignature());
xObj.setIsAuditEnabled(vObj.getIsAuditEnabled());
@@ -107,7 +107,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends
vObj.setVersion(xObj.getVersion());
vObj.setService(xService.getName());
vObj.setName(xObj.getName());
- vObj.setPolicyType(xObj.getPolicyType());
+ vObj.setPolicyType(xObj.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xObj.getPolicyType());
vObj.setDescription(xObj.getDescription());
vObj.setResourceSignature(xObj.getResourceSignature());
vObj.setIsEnabled(xObj.getIsEnabled());
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
index ee92291..7a172d4 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
@@ -33,19 +33,12 @@ import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SortField;
import org.apache.ranger.common.SearchField.DATA_TYPE;
import org.apache.ranger.common.SearchField.SEARCH_TYPE;
-import org.apache.ranger.entity.XXAccessTypeDef;
-import org.apache.ranger.entity.XXContextEnricherDef;
-import org.apache.ranger.entity.XXDBBase;
-import org.apache.ranger.entity.XXEnumDef;
-import org.apache.ranger.entity.XXEnumElementDef;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXResourceDef;
-import org.apache.ranger.entity.XXServiceConfigDef;
-import org.apache.ranger.entity.XXServiceDef;
-import org.apache.ranger.entity.XXServiceDefBase;
+import org.apache.ranger.entity.*;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerDataMaskTypeDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef;
@@ -120,7 +113,7 @@ public abstract class RangerServiceDefServiceBase<T extends XXServiceDefBase, V
List<XXPolicyConditionDef> xPolicyConditions = daoMgr.getXXPolicyConditionDef()
.findByServiceDefId(serviceDefId);
if (!stringUtil.isEmpty(xPolicyConditions)) {
- List<RangerPolicyConditionDef> policyConditions = new ArrayList<RangerServiceDef.RangerPolicyConditionDef>();
+ List<RangerPolicyConditionDef> policyConditions = new ArrayList<RangerPolicyConditionDef>();
for (XXPolicyConditionDef xPolicyCondDef : xPolicyConditions) {
RangerPolicyConditionDef policyCondition = populateXXToRangerPolicyConditionDef(xPolicyCondDef);
policyConditions.add(policyCondition);
@@ -131,7 +124,7 @@ public abstract class RangerServiceDefServiceBase<T extends XXServiceDefBase, V
List<XXContextEnricherDef> xContextEnrichers = daoMgr.getXXContextEnricherDef()
.findByServiceDefId(serviceDefId);
if (!stringUtil.isEmpty(xContextEnrichers)) {
- List<RangerContextEnricherDef> contextEnrichers = new ArrayList<RangerServiceDef.RangerContextEnricherDef>();
+ List<RangerContextEnricherDef> contextEnrichers = new ArrayList<RangerContextEnricherDef>();
for (XXContextEnricherDef xContextEnricherDef : xContextEnrichers) {
RangerContextEnricherDef contextEnricher = populateXXToRangerContextEnricherDef(xContextEnricherDef);
contextEnrichers.add(contextEnricher);
@@ -148,6 +141,36 @@ public abstract class RangerServiceDefServiceBase<T extends XXServiceDefBase, V
}
serviceDef.setEnums(enums);
}
+
+ RangerDataMaskDef dataMaskDef = new RangerDataMaskDef();
+ List<XXDataMaskTypeDef> xDataMaskTypes = daoMgr.getXXDataMaskTypeDef().findByServiceDefId(serviceDefId);
+ if (!stringUtil.isEmpty(xDataMaskTypes)) {
+ List<RangerDataMaskTypeDef> dataMaskTypes = new ArrayList<RangerDataMaskTypeDef>();
+ for (XXDataMaskTypeDef xDataMaskType : xDataMaskTypes) {
+ RangerDataMaskTypeDef dataMaskType = populateXXToRangerDataMaskTypeDef(xDataMaskType);
+ dataMaskTypes.add(dataMaskType);
+ }
+
+ dataMaskDef.setMaskTypes(dataMaskTypes);
+ }
+
+ if (!stringUtil.isEmpty(xResources)) {
+ for (XXResourceDef xResource : xResources) {
+ if (xResource.isDatamaskingSupported()) {
+ dataMaskDef.getSupportedResources().add(xResource.getName());
+ }
+ }
+ }
+
+ if (!stringUtil.isEmpty(xAccessTypes)) {
+ for (XXAccessTypeDef xAtd : xAccessTypes) {
+ if(xAtd.isDatamaskingSupported()) {
+ dataMaskDef.getSupportedAccessTypes().add(xAtd.getName());
+ }
+ }
+ }
+ serviceDef.setDataMaskDef(dataMaskDef);
+
return serviceDef;
}
@@ -446,6 +469,39 @@ public abstract class RangerServiceDefServiceBase<T extends XXServiceDefBase, V
return vObj;
}
+ public XXDataMaskTypeDef populateRangerDataMaskDefToXX(RangerDataMaskTypeDef vObj, XXDataMaskTypeDef xObj,
+ XXServiceDef serviceDef, int operationContext) {
+ if(serviceDef == null) {
+ LOG.error("RangerServiceDefServiceBase.populateRangerDataMaskDefToXX, serviceDef can not be null");
+ throw restErrorUtil.createRESTException("RangerServiceDef cannot be null.", MessageEnums.DATA_NOT_FOUND);
+ }
+
+ xObj = (XXDataMaskTypeDef) rangerAuditFields.populateAuditFields(xObj, serviceDef);
+ xObj.setDefid(serviceDef.getId());
+ xObj.setItemId(vObj.getItemId());
+ xObj.setName(vObj.getName());
+ xObj.setLabel(vObj.getLabel());
+ xObj.setDescription(vObj.getDescription());
+ xObj.setDataMaskOptions(mapToJsonString(vObj.getDataMaskOptions()));
+ xObj.setRbkeylabel(vObj.getRbKeyLabel());
+ xObj.setRbKeyDescription(vObj.getRbKeyDescription());
+ xObj.setOrder(AppConstants.DEFAULT_SORT_ORDER);
+ return xObj;
+ }
+
+ public RangerDataMaskTypeDef populateXXToRangerDataMaskTypeDef(XXDataMaskTypeDef xObj) {
+ RangerDataMaskTypeDef vObj = new RangerDataMaskTypeDef();
+ vObj.setItemId(xObj.getItemId());
+ vObj.setName(xObj.getName());
+ vObj.setLabel(xObj.getLabel());
+ vObj.setDescription(xObj.getDescription());
+ vObj.setDataMaskOptions(jsonStringToMap(xObj.getDataMaskOptions()));
+ vObj.setRbKeyLabel(xObj.getRbkeylabel());
+ vObj.setRbKeyDescription(xObj.getRbKeyDescription());
+
+ return vObj;
+ }
+
@SuppressWarnings("unchecked")
public RangerServiceDefList searchRangerServiceDefs(SearchFilter searchFilter) {
RangerServiceDefList retList = new RangerServiceDefList();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
----------------------------------------------------------------------
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index a75ca93..2bb66ca 100644
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -365,6 +365,16 @@
<query>select obj from XXEnumDef obj where obj.defId = :serviceDefId</query>
</named-query>
+ <!-- XXDataMaskTypeDef -->
+ <named-query name="XXDataMaskTypeDef.findByServiceDefId">
+ <query>select obj from XXDataMaskTypeDef obj where obj.defId = :serviceDefId</query>
+ </named-query>
+
+ <named-query name="XXDataMaskTypeDef.findByNameAndServiceId">
+ <query>select obj from XXDataMaskTypeDef obj, XXService xSvc where
+ obj.name = :name and xSvc.id = :serviceId and obj.defId = xSvc.type</query>
+ </named-query>
+
<!-- XXServiceConfigMap -->
<named-query name="XXServiceConfigMap.findByServiceId">
<query>select obj from XXServiceConfigMap obj where obj.serviceId = :serviceId</query>
@@ -558,6 +568,31 @@
</query>
</named-query>
+ <!-- XXPolicyItemDataMaskInfo -->
+ <named-query name="XXPolicyItemDataMaskInfo.findByPolicyItemId">
+ <query>select obj from XXPolicyItemDataMaskInfo obj where obj.policyItemId = :polItemId</query>
+ </named-query>
+
+ <named-query name="XXPolicyItemDataMaskInfo.findByPolicyId">
+ <query>select obj from XXPolicyItemDataMaskInfo obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId = :policyId
+ order by obj.policyItemId
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemDataMaskInfo.findByServiceId">
+ <query>select obj from XXPolicyItemDataMaskInfo obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by item.policyId, obj.policyItemId
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemDataMaskInfo.findByType">
+ <query>select obj from XXPolicyItemDataMaskInfo obj where obj.type = :type</query>
+ </named-query>
+
<!-- XXDataHist -->
<named-query name="XXDataHist.findLatestByObjectClassTypeAndObjectId">
<query>select obj from XXDataHist obj where obj.objectId = :objectId
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d242dd6e/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
index db958a5..5cb0290 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
@@ -28,51 +28,8 @@ import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.RangerFactory;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.UserSessionBase;
-import org.apache.ranger.db.RangerDaoManager;
-import org.apache.ranger.db.XXAccessTypeDefDao;
-import org.apache.ranger.db.XXAccessTypeDefGrantsDao;
-import org.apache.ranger.db.XXContextEnricherDefDao;
-import org.apache.ranger.db.XXDataHistDao;
-import org.apache.ranger.db.XXEnumDefDao;
-import org.apache.ranger.db.XXEnumElementDefDao;
-import org.apache.ranger.db.XXPolicyConditionDefDao;
-import org.apache.ranger.db.XXPolicyDao;
-import org.apache.ranger.db.XXPolicyItemAccessDao;
-import org.apache.ranger.db.XXPolicyItemConditionDao;
-import org.apache.ranger.db.XXPolicyItemDao;
-import org.apache.ranger.db.XXPolicyItemGroupPermDao;
-import org.apache.ranger.db.XXPolicyItemUserPermDao;
-import org.apache.ranger.db.XXPolicyResourceDao;
-import org.apache.ranger.db.XXPolicyResourceMapDao;
-import org.apache.ranger.db.XXResourceDefDao;
-import org.apache.ranger.db.XXServiceConfigDefDao;
-import org.apache.ranger.db.XXServiceConfigMapDao;
-import org.apache.ranger.db.XXServiceDao;
-import org.apache.ranger.db.XXServiceDefDao;
-import org.apache.ranger.db.XXUserDao;
-import org.apache.ranger.entity.XXAccessTypeDef;
-import org.apache.ranger.entity.XXAccessTypeDefGrants;
-import org.apache.ranger.entity.XXContextEnricherDef;
-import org.apache.ranger.entity.XXDBBase;
-import org.apache.ranger.entity.XXDataHist;
-import org.apache.ranger.entity.XXEnumDef;
-import org.apache.ranger.entity.XXEnumElementDef;
-import org.apache.ranger.entity.XXPolicy;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXPolicyItem;
-import org.apache.ranger.entity.XXPolicyItemAccess;
-import org.apache.ranger.entity.XXPolicyItemCondition;
-import org.apache.ranger.entity.XXPolicyItemGroupPerm;
-import org.apache.ranger.entity.XXPolicyItemUserPerm;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXPolicyResourceMap;
-import org.apache.ranger.entity.XXResourceDef;
-import org.apache.ranger.entity.XXService;
-import org.apache.ranger.entity.XXServiceConfigDef;
-import org.apache.ranger.entity.XXServiceConfigMap;
-import org.apache.ranger.entity.XXServiceDef;
-import org.apache.ranger.entity.XXTrxLog;
-import org.apache.ranger.entity.XXUser;
+import org.apache.ranger.db.*;
+import org.apache.ranger.entity.*;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
@@ -490,6 +447,7 @@ public class TestServiceDBStore {
XXContextEnricherDefDao xContextEnricherDefDao = Mockito
.mock(XXContextEnricherDefDao.class);
XXEnumDefDao xEnumDefDao = Mockito.mock(XXEnumDefDao.class);
+ XXDataMaskTypeDefDao xDataMaskDefDao = Mockito.mock(XXDataMaskTypeDefDao.class);
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
RangerServiceDef rangerServiceDef = rangerServiceDef();
@@ -596,6 +554,9 @@ public class TestServiceDBStore {
Mockito.when(xEnumDefDao.findByServiceDefId(serviceDefId)).thenReturn(
enumDefList);
+ Mockito.when(daoManager.getXXDataMaskTypeDef()).thenReturn(xDataMaskDefDao);
+ Mockito.when(xDataMaskDefDao.findByServiceDefId(serviceDefId)).thenReturn(new ArrayList<XXDataMaskTypeDef>());
+
Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn(null);
@@ -629,6 +590,7 @@ public class TestServiceDBStore {
@Test
public void test13deleteServiceDef() throws Exception {
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
+ XXDataMaskTypeDefDao xDataMaskDefDao = Mockito.mock(XXDataMaskTypeDefDao.class);
XXAccessTypeDefDao xAccessTypeDefDao = Mockito
.mock(XXAccessTypeDefDao.class);
XXAccessTypeDefGrantsDao xAccessTypeDefGrantsDao = Mockito
@@ -1022,6 +984,9 @@ public class TestServiceDBStore {
xServiceConfigMapDao.findByServiceId(rangerService.getId()))
.thenReturn(svcConfigMapList);
+ Mockito.when(daoManager.getXXDataMaskTypeDef()).thenReturn(xDataMaskDefDao);
+ Mockito.when(xDataMaskDefDao.findByServiceDefId(serviceDefId)).thenReturn(new ArrayList<XXDataMaskTypeDef>());
+
Mockito.when(
rangerAuditFields.populateAuditFields(
Mockito.isA(XXServiceConfigMap.class),
@@ -1339,6 +1304,7 @@ public class TestServiceDBStore {
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
XXService xService = Mockito.mock(XXService.class);
XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class);
+ XXPolicyItemDataMaskInfoDao xxPolicyItemDataMaskInfoDao = Mockito.mock(XXPolicyItemDataMaskInfoDao.class);
XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
.mock(XXPolicyItemConditionDao.class);
XXPolicyItemGroupPermDao xPolicyItemGroupPermDao = Mockito
@@ -1400,6 +1366,8 @@ public class TestServiceDBStore {
policyItem.setUpdateTime(new Date());
policyItemList.add(policyItem);
+ List<XXPolicyItemDataMaskInfo> policyItemDataMaskInfoList = new ArrayList<XXPolicyItemDataMaskInfo>();
+
List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
policyItemCondition.setAddedByUserId(Id);
@@ -1507,6 +1475,9 @@ public class TestServiceDBStore {
Mockito.when(xPolicyItemDao.findByPolicyId(policyItem.getId()))
.thenReturn(policyItemList);
+ Mockito.when(daoManager.getXXPolicyItemDataMaskInfo()).thenReturn(xxPolicyItemDataMaskInfoDao);
+ Mockito.when(xxPolicyItemDataMaskInfoDao.findByPolicyItemId(policyItem.getId())).thenReturn(policyItemDataMaskInfoList);
+
Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
xPolicyItemConditionDao);
Mockito.when(
@@ -2171,6 +2142,7 @@ public class TestServiceDBStore {
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
XXService xService = Mockito.mock(XXService.class);
XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class);
+ XXPolicyItemDataMaskInfoDao xPolicyItemDataMaskInfoDao = Mockito.mock(XXPolicyItemDataMaskInfoDao.class);
XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
.mock(XXPolicyItemConditionDao.class);
XXPolicyItemGroupPermDao xPolicyItemGroupPermDao = Mockito
@@ -2206,6 +2178,8 @@ public class TestServiceDBStore {
policyItem.setUpdateTime(new Date());
policyItemList.add(policyItem);
+ List<XXPolicyItemDataMaskInfo> policyItemDataMaskInfo = new ArrayList<XXPolicyItemDataMaskInfo>();
+
List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
policyItemCondition.setAddedByUserId(Id);
@@ -2306,6 +2280,10 @@ public class TestServiceDBStore {
Mockito.when(xPolicyItemDao.findByPolicyId(policyItem.getId()))
.thenReturn(policyItemList);
+ Mockito.when(daoManager.getXXPolicyItemDataMaskInfo()).thenReturn(xPolicyItemDataMaskInfoDao);
+ Mockito.when(xPolicyItemDataMaskInfoDao.findByPolicyId(policyItem.getId()))
+ .thenReturn(policyItemDataMaskInfo);
+
Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
xPolicyItemConditionDao);
Mockito.when(