You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/12 02:30:01 UTC
[18/51] [partial] incubator-ranger git commit: RANGER-194: Rename
packages from xasecure to apache ranger
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/rest/AssetREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/rest/AssetREST.java b/security-admin/src/main/java/com/xasecure/rest/AssetREST.java
deleted file mode 100644
index 2662409..0000000
--- a/security-admin/src/main/java/com/xasecure/rest/AssetREST.java
+++ /dev/null
@@ -1,655 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.rest;
-
-import java.io.File;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.Encoded;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Scope;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.xasecure.biz.AssetMgr;
-import com.xasecure.biz.XABizUtil;
-import com.xasecure.common.PropertiesUtil;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.StringUtil;
-import com.xasecure.common.XACommonEnums;
-import com.xasecure.common.XASearchUtil;
-import com.xasecure.common.annotation.XAAnnotationClassName;
-import com.xasecure.common.annotation.XAAnnotationJSMgrName;
-import com.xasecure.service.AbstractBaseResourceService;
-import com.xasecure.service.XAccessAuditService;
-import com.xasecure.service.XAgentService;
-import com.xasecure.service.XAssetService;
-import com.xasecure.service.XCredentialStoreService;
-import com.xasecure.service.XPolicyExportAuditService;
-import com.xasecure.service.XPolicyService;
-import com.xasecure.service.XResourceService;
-import com.xasecure.service.XTrxLogService;
-import com.xasecure.view.VXAccessAuditList;
-import com.xasecure.view.VXAsset;
-import com.xasecure.view.VXAssetList;
-import com.xasecure.view.VXCredentialStore;
-import com.xasecure.view.VXCredentialStoreList;
-import com.xasecure.view.VXLong;
-import com.xasecure.view.VXPermMap;
-import com.xasecure.view.VXPolicy;
-import com.xasecure.view.VXPolicyExportAuditList;
-import com.xasecure.view.VXResource;
-import com.xasecure.view.VXResourceList;
-import com.xasecure.view.VXResponse;
-import com.xasecure.view.VXString;
-import com.xasecure.view.VXStringList;
-import com.xasecure.view.VXTrxLogList;
-
-@Path("assets")
-@Component
-@Scope("request")
-@XAAnnotationJSMgrName("AssetMgr")
-@Transactional(propagation = Propagation.REQUIRES_NEW)
-public class AssetREST {
- static Logger logger = Logger.getLogger(AssetREST.class);
-
- @Autowired
- XASearchUtil searchUtil;
-
- @Autowired
- AssetMgr assetMgr;
-
- @Autowired
- XAssetService xAssetService;
-
- @Autowired
- XResourceService xResourceService;
-
- @Autowired
- XPolicyService xPolicyService;
-
- @Autowired
- XCredentialStoreService xCredentialStoreService;
-
- @Autowired
- XAgentService xAgentService;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XPolicyExportAuditService xPolicyExportAudits;
-
- @Autowired
- XTrxLogService xTrxLogService;
-
- @Autowired
- XABizUtil msBizUtil;
-
- @Autowired
- XAccessAuditService xAccessAuditService;
-
- @GET
- @Path("/assets/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXAsset getXAsset(@PathParam("id") Long id) {
- return assetMgr.getXAsset(id);
- }
-
- @POST
- @Path("/assets")
- @Produces({ "application/xml", "application/json" })
- public VXAsset createXAsset(VXAsset vXAsset) {
- return assetMgr.createXAsset(vXAsset);
- }
-
- @PUT
- @Path("/assets/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXAsset updateXAsset(VXAsset vXAsset) {
- return assetMgr.updateXAsset(vXAsset);
- }
-
- @DELETE
- @Path("/assets/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXAsset.class)
- public void deleteXAsset(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = true;
- assetMgr.deleteXAsset(id, force);
- }
-
- @POST
- @Path("/assets/testConfig")
- @Produces({ "application/xml", "application/json" })
- public VXResponse testConfig(VXAsset vXAsset) {
- return assetMgr.testConfig(vXAsset);
- }
-
- @GET
- @Path("/assets")
- @Produces({ "application/xml", "application/json" })
- @SuppressWarnings("rawtypes")
- public VXAssetList searchXAssets(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAssetService.sortFields);
-
- searchUtil.extractIntList(request, searchCriteria, "status", "status",
- "status");
- // searchUtil.extractStringList(request, searchCriteria, "status",
- // "status", "status", null, StringUtil.VALIDATION_TEXT);
- Object status = searchCriteria.getParamValue("status");
- if (status == null || ((Collection) status).size() == 0) {
- ArrayList<Integer> valueList = new ArrayList<Integer>();
- valueList.add(XACommonEnums.STATUS_DISABLED);
- valueList.add(XACommonEnums.STATUS_ENABLED);
- searchCriteria.addParam("status", valueList);
- }
- return assetMgr.searchXAssets(searchCriteria);
- }
-
- @GET
- @Path("/assets/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXAssets(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAssetService.sortFields);
-
- searchUtil.extractIntList(request, searchCriteria, "status", "status",
- "status");
- Object status = searchCriteria.getParamValue("status");
- if (status == null || ((Collection) status).size() == 0) {
- ArrayList<Integer> valueList = new ArrayList<Integer>();
- valueList.add(XACommonEnums.STATUS_DISABLED);
- valueList.add(XACommonEnums.STATUS_ENABLED);
- searchCriteria.addParam("status", valueList);
- }
- return assetMgr.getXAssetSearchCount(searchCriteria);
- }
-
- @GET
- @Path("/resources/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXResource getXResource(@PathParam("id") Long id) {
- return assetMgr.getXResource(id);
- }
-
- @POST
- @Path("/resources")
- @Produces({ "application/xml", "application/json" })
- public VXResource createXResource(VXResource vXResource) {
- vXResource=assetMgr.createXResource(vXResource);
- return vXResource;
-
- }
-
- @PUT
- @Path("/resources/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXResource updateXResource(VXResource vXResource) {
- return assetMgr.updateXResource(vXResource);
- }
-
- @DELETE
- @Path("/resources/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXResource.class)
- public void deleteXResource(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- assetMgr.deleteXResource(id, force);
- }
-
- @GET
- @Path("/resources")
- @Produces({ "application/xml", "application/json" })
- public VXResourceList searchXResources(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xResourceService.sortFields);
- // searchUtil.extractStringList(request, searchCriteria, "name", "Name",
- // "name", null, StringUtil.VALIDATION_TEXT);
-
- searchUtil.extractString(request, searchCriteria, "name",
- "Resource Path", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "policyName",
- "Policy name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "columns",
- "Column name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "columnFamilies",
- "Column Family", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "tables",
- "Tables", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "udfs",
- "UDFs", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "databases",
- "Databases", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "groupName",
- "Group Name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractInt(request, searchCriteria, "resourceType",
- "Resource Type");
- searchUtil.extractInt(request, searchCriteria, "assetType",
- "Asset Type");
- searchUtil.extractInt(request, searchCriteria, "isEncrypt",
- "Is Encrypt");
- searchUtil.extractInt(request, searchCriteria, "isRecursive",
- "Is Recursive");
- searchUtil.extractLong(request, searchCriteria, "assetId", "Asset Id");
- searchUtil.extractString(request, searchCriteria, "userName",
- "User Name", StringUtil.VALIDATION_TEXT);
-
- searchUtil.extractLongList(request, searchCriteria, "userId",
- "User Id", "userId");
- // searchUtil.extractLong(request, searchCriteria, "userId",
- // "User Id");
- // searchUtil.extractLong(request, searchCriteria, "groupId",
- // "Group Id");
- searchUtil.extractLongList(request, searchCriteria, "groupId",
- "Group Id", "groupId");
-
- searchUtil.extractString(request, searchCriteria, "topologies",
- "Topology Name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "services",
- "Service Name", StringUtil.VALIDATION_TEXT);
-
- // searchUtil.extractIntList(request, searchCriteria, "status",
- // "status", "status");
-
- // SearchGroup outerGroup = new SearchGroup(SearchGroup.CONDITION.OR);
- // // Get the search fields for objectClassType and objectId
- // SearchField userId = null;
- // SearchField groupId = null;
- // SearchField resourceId = null;
- // List<SearchField> searchFields = xResourceService.searchFields;
- // for (SearchField searchField : searchFields) {
- // if (searchField.getClientFieldName().equals("userId") &&
- // request.getParameterValues("userId")!=null) {
- // userId = searchField;
- // } else if (searchField.getClientFieldName().equals("groupId") &&
- // request.getParameterValues("groupId")!=null) {
- // groupId = searchField;
- // }else if (searchField.getClientFieldName().equals("name") &&
- // request.getParameterValues("name")!=null) {
- // resourceId = searchField;
- // }
- // }
- // if (groupId != null || userId != null || resourceId != null) {
- // SearchGroup innerGroup = new SearchGroup(SearchGroup.CONDITION.AND);
- // SearchValue searchValue=null;
- // if(userId!=null){
- // searchValue = new SearchValue(userId,
- // searchCriteria.getParamValue("userId"));
- //
- // innerGroup.addValue(searchValue);
- // }
- // if(groupId!=null){
- // searchValue = new SearchValue(groupId,
- // searchCriteria.getParamValue("groupId"));
- // innerGroup.addValue(searchValue);
- // }
- // if(resourceId!=null){
- //
- // searchValue = new SearchValue(resourceId,
- // searchCriteria.getParamValue("name"));
- // innerGroup.addValue(searchValue);
- // }
- //
- // outerGroup.addSearchGroup(innerGroup);
- // searchUtil.addSearchGroup(searchCriteria, outerGroup);
- //
- // }
- searchCriteria.setDistinct(true);
-
- return assetMgr.searchXResources(searchCriteria);
- }
-
- @GET
- @Path("/hdfs/resources")
- @Produces({ "application/xml", "application/json" })
- public VXStringList pullHdfsResources(@Context HttpServletRequest request) {
- String dataSourceName = request.getParameter("dataSourceName");
- String baseDir = request.getParameter("baseDirectory");
- return assetMgr.getHdfsResources(dataSourceName, baseDir);
- }
-
- @GET
- @Path("/hive/resources")
- @Produces({ "application/xml", "application/json" })
- public VXStringList pullHiveResources(@Context HttpServletRequest request) {
- String dataSourceName = request.getParameter("dataSourceName");
- String databaseName = request.getParameter("databaseName");
- String tableName = request.getParameter("tableName");
- String columnName = request.getParameter("columnName");
- return assetMgr.getHiveResources(dataSourceName, databaseName,
- tableName, columnName);
- }
-
- @GET
- @Path("/hbase/resources")
- @Produces({ "application/xml", "application/json" })
- public VXStringList pullHBaseResources(@Context HttpServletRequest request) {
- String dataSourceName = request.getParameter("dataSourceName");
- String tableName = request.getParameter("tableName");
- String columnFamiles = request.getParameter("columnFamilies");
- return assetMgr.getHBaseResources(dataSourceName, tableName,
- columnFamiles);
- }
-
- @GET
- @Path("/knox/resources")
- @Produces({ "application/xml", "application/json" })
- public VXStringList pullKnoxResources(@Context HttpServletRequest request) {
- String dataSourceName = request.getParameter("dataSourceName");
- String topologyName = request.getParameter("topologyName");
- String serviceName = request.getParameter("serviceName");
- return assetMgr.getKnoxResources(dataSourceName, topologyName, serviceName);
- }
-
- @GET
- @Path("/storm/resources")
- @Produces({ "application/xml", "application/json" })
- public VXStringList pullStormResources(@Context HttpServletRequest request) {
- String dataSourceName = request.getParameter("dataSourceName");
- String topologyName = request.getParameter("topologyName");
- return assetMgr.getStormResources(dataSourceName, topologyName);
- }
-
- @GET
- @Path("/resources/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXResources(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xResourceService.sortFields);
-
- return assetMgr.getXResourceSearchCount(searchCriteria);
- }
-
- @GET
- @Path("/credstores/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXCredentialStore getXCredentialStore(@PathParam("id") Long id) {
- return assetMgr.getXCredentialStore(id);
- }
-
- @POST
- @Path("/credstores")
- @Produces({ "application/xml", "application/json" })
- public VXCredentialStore createXCredentialStore(
- VXCredentialStore vXCredentialStore) {
- return assetMgr.createXCredentialStore(vXCredentialStore);
- }
-
- @PUT
- @Path("/credstores")
- @Produces({ "application/xml", "application/json" })
- public VXCredentialStore updateXCredentialStore(
- VXCredentialStore vXCredentialStore) {
- return assetMgr.updateXCredentialStore(vXCredentialStore);
- }
-
- @DELETE
- @Path("/credstores/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXCredentialStore.class)
- public void deleteXCredentialStore(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- assetMgr.deleteXCredentialStore(id, force);
- }
-
- @GET
- @Path("/credstores")
- @Produces({ "application/xml", "application/json" })
- public VXCredentialStoreList searchXCredentialStores(
- @Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xCredentialStoreService.sortFields);
- return assetMgr.searchXCredentialStores(searchCriteria);
- }
-
- @GET
- @Path("/credstores/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXCredentialStores(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xCredentialStoreService.sortFields);
- return assetMgr.getXCredentialStoreSearchCount(searchCriteria);
- }
-
- @GET
- @Path("/resource/{id}")
- public Response getXResourceFile(@Context HttpServletRequest request,
- @PathParam("id") Long id) {
- String fileType = searchUtil.extractString(request,
- new SearchCriteria(), "fileType", "File type",
- StringUtil.VALIDATION_TEXT);
-
- File file = assetMgr.getXResourceFile(id, fileType);
- return Response
- .ok(file, MediaType.APPLICATION_OCTET_STREAM)
- .header("Content-Disposition",
- "attachment;filename=" + file.getName()).build();
- }
-
- @GET
- @Path("/policyList/{repository}")
- @Encoded
- public String getResourceJSON(@Context HttpServletRequest request,
- @PathParam("repository") String repository) {
-
- boolean httpEnabled = PropertiesUtil.getBooleanProperty("http.enabled",true);
- String epoch = request.getParameter("epoch");
-
- X509Certificate[] certchain = (X509Certificate[]) request.getAttribute(
- "javax.servlet.request.X509Certificate");
-
- String ipAddress = request.getHeader("X-FORWARDED-FOR");
- if (ipAddress == null) {
- ipAddress = request.getRemoteAddr();
- }
-
- boolean isSecure = request.isSecure();
-
- String policyCount = request.getParameter("policyCount");
- String agentId = request.getParameter("agentId");
-
-// File file = assetMgr.getLatestRepoPolicy(repository,
-// certchain, httpEnabled, epoch, ipAddress, isSecure, policyCount, agentId);
-
-
-// return Response
-// .ok(file, MediaType.APPLICATION_OCTET_STREAM)
-// .header("Content-Disposition",
-// "attachment;filename=" + file.getName()).build();
-
- String file = assetMgr.getLatestRepoPolicy(repository,
- certchain, httpEnabled, epoch, ipAddress, isSecure, policyCount, agentId);
-
- return file;
- }
-
- @GET
- @Path("/exportAudit")
- @Produces({ "application/xml", "application/json" })
- public VXPolicyExportAuditList searchXPolicyExportAudits(
- @Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xPolicyExportAudits.sortFields);
- searchUtil.extractString(request, searchCriteria, "agentId",
- "The XA agent id pulling the policies.",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "clientIP",
- "The XA agent ip pulling the policies.",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "repositoryName",
- "Repository name for which export was done.",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractInt(request, searchCriteria, "httpRetCode",
- "HTTP response code for exported policy.");
- searchUtil.extractDate(request, searchCriteria, "startDate",
- "Start date for search", null);
- searchUtil.extractDate(request, searchCriteria, "endDate",
- "End date for search", null);
- return assetMgr.searchXPolicyExportAudits(searchCriteria);
- }
-
- @GET
- @Path("/report")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLogList getReportLogs(@Context HttpServletRequest request){
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xTrxLogService.sortFields);
- searchUtil.extractInt(request, searchCriteria, "objectClassType", "Class type for report.");
- searchUtil.extractString(request, searchCriteria, "attributeName",
- "Attribute Name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "action",
- "CRUD Action Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "sessionId",
- "Session Id", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "owner",
- "Owner", StringUtil.VALIDATION_TEXT);
- searchUtil.extractDate(request, searchCriteria, "startDate", "Trasaction date since", "MM/dd/yyyy");
- searchUtil.extractDate(request, searchCriteria, "endDate", "Trasaction date till", "MM/dd/yyyy");
- return assetMgr.getReportLogs(searchCriteria);
- }
-
- @GET
- @Path("/report/{transactionId}")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLogList getTransactionReport(@Context HttpServletRequest request,
- @PathParam("transactionId") String transactionId){
- return assetMgr.getTransactionReport(transactionId);
- }
-
- @GET
- @Path("/accessAudit")
- @Produces({ "application/xml", "application/json" })
- public VXAccessAuditList getAccessLogs(@Context HttpServletRequest request){
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAccessAuditService.sortFields);
- searchUtil.extractString(request, searchCriteria, "accessType",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "aclEnforcer",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "agentId",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "repoName",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "sessionId",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "requestUser",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "requestData",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "resourcePath",
- "Access Type", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "clientIP",
- "Client IP", StringUtil.VALIDATION_TEXT);
-
- searchUtil.extractInt(request, searchCriteria, "auditType", "Audit Type");
- searchUtil.extractInt(request, searchCriteria, "accessResult", "Audit Type");
- searchUtil.extractInt(request, searchCriteria, "assetId", "Audit Type");
- searchUtil.extractLong(request, searchCriteria, "policyId", "Audit Type");
- searchUtil.extractInt(request, searchCriteria, "repoType", "Audit Type");
-
- searchUtil.extractDate(request, searchCriteria, "startDate",
- "startDate", "MM/dd/yyyy");
- searchUtil.extractDate(request, searchCriteria, "endDate", "endDate",
- "MM/dd/yyyy");
- return assetMgr.getAccessLogs(searchCriteria);
- }
-
- @POST
- @Path("/resources/grant")
- @Produces({ "application/xml", "application/json" })
- public VXPolicy grantPermission(@Context HttpServletRequest request,VXPolicy vXPolicy) {
- boolean httpEnabled = PropertiesUtil.getBooleanProperty("http.enabled",true);
- X509Certificate[] certchain = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
- String ipAddress = request.getHeader("X-FORWARDED-FOR");
- if (ipAddress == null) {
- ipAddress = request.getRemoteAddr();
- }
- boolean isSecure = request.isSecure();
- String repository=null;
- if(vXPolicy!=null){
- repository=vXPolicy.getRepositoryName();
- vXPolicy.setOwner(vXPolicy.getGrantor());
- vXPolicy.setUpdatedBy(vXPolicy.getGrantor());
- }
- boolean isValidAuthentication=assetMgr.isValidHttpsAuthentication(repository,certchain,httpEnabled,ipAddress,isSecure);
- if(isValidAuthentication){
- VXResource vXResource = xPolicyService.mapPublicToXAObject(vXPolicy,AbstractBaseResourceService.OPERATION_CREATE_CONTEXT);
- vXResource=assetMgr.grantXResource(vXResource,vXPolicy);
- vXResource.setPermMapList(xPolicyService.updatePermGroup(vXResource));
- xResourceService.updateResource(vXResource);
- vXPolicy=xPolicyService.mapXAToPublicObject(vXResource);
- vXPolicy.syncResponseWithJsonRequest();
- }
- return vXPolicy;
- }
-
- @POST
- @Path("/resources/revoke")
- @Produces({ "application/xml", "application/json" })
- public VXPolicy revokePermission(@Context HttpServletRequest request,VXPolicy vXPolicy) {
- boolean httpEnabled = PropertiesUtil.getBooleanProperty("http.enabled",true);
- X509Certificate[] certchain = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
- String ipAddress = request.getHeader("X-FORWARDED-FOR");
- if (ipAddress == null) {
- ipAddress = request.getRemoteAddr();
- }
- boolean isSecure = request.isSecure();
- String repository=null;
- if(vXPolicy!=null){
- repository=vXPolicy.getRepositoryName();
- vXPolicy.setOwner(vXPolicy.getGrantor());
- vXPolicy.setUpdatedBy(vXPolicy.getGrantor());
- }
- boolean isValidAuthentication=assetMgr.isValidHttpsAuthentication(repository,certchain,httpEnabled,ipAddress,isSecure);
- if(isValidAuthentication){
- VXResource vXResource = xPolicyService.mapPublicToXAObject(vXPolicy,AbstractBaseResourceService.OPERATION_CREATE_CONTEXT);
- vXResource=assetMgr.revokeXResource(vXResource);
- vXResource.setPermMapList(xPolicyService.updatePermGroup(vXResource));
- xResourceService.updateResource(vXResource);
- vXPolicy=xPolicyService.mapXAToPublicObject(vXResource);
- vXPolicy.syncResponseWithJsonRequest();
- }
- return vXPolicy;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/rest/PublicAPIs.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/rest/PublicAPIs.java b/security-admin/src/main/java/com/xasecure/rest/PublicAPIs.java
deleted file mode 100644
index 15e3ad8..0000000
--- a/security-admin/src/main/java/com/xasecure/rest/PublicAPIs.java
+++ /dev/null
@@ -1,319 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.rest;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Scope;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.xasecure.biz.AssetMgr;
-import com.xasecure.common.AppConstants;
-import com.xasecure.common.MessageEnums;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.StringUtil;
-import com.xasecure.common.XACommonEnums;
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.XASearchUtil;
-import com.xasecure.common.annotation.XAAnnotationClassName;
-import com.xasecure.common.annotation.XAAnnotationJSMgrName;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.service.AbstractBaseResourceService;
-import com.xasecure.service.XPolicyService;
-import com.xasecure.service.XRepositoryService;
-import com.xasecure.service.XAssetService;
-import com.xasecure.service.XResourceService;
-import com.xasecure.view.VXAsset;
-import com.xasecure.view.VXAssetList;
-import com.xasecure.view.VXLong;
-import com.xasecure.view.VXPolicy;
-import com.xasecure.view.VXPolicyList;
-import com.xasecure.view.VXRepository;
-import com.xasecure.view.VXRepositoryList;
-import com.xasecure.view.VXResource;
-import com.xasecure.view.VXResourceList;
-import com.xasecure.view.VXResponse;
-
-@Path("public")
-@Component
-@Scope("request")
-@XAAnnotationJSMgrName("PublicMgr")
-@Transactional(propagation = Propagation.REQUIRES_NEW)
-public class PublicAPIs {
- static Logger logger = Logger.getLogger(PublicAPIs.class);
-
- @Autowired
- XASearchUtil searchUtil;
-
- @Autowired
- AssetMgr assetMgr;
-
- @Autowired
- XAssetService xAssetService;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XRepositoryService xRepositoryService;
-
- @Autowired
- XResourceService xResourceService;
-
- @Autowired
- XPolicyService xPolicyService;
-
- @Autowired
- StringUtil stringUtil;
-
- @Autowired
- XADaoManager xaDaoMgr;
-
- @GET
- @Path("/api/repository/{id}")
- @Produces({ "application/json", "application/xml" })
- public VXRepository getRepository(@PathParam("id") Long id) {
- VXAsset vXAsset = assetMgr.getXAsset(id);
- return xRepositoryService.mapXAToPublicObject(vXAsset);
- }
-
- @POST
- @Path("/api/repository/")
- @Produces({ "application/json", "application/xml" })
- public VXRepository createRepository(VXRepository vXRepository) {
- VXAsset vXAsset = xRepositoryService.mapPublicToXAObject(vXRepository);
- vXAsset = assetMgr.createXAsset(vXAsset);
- return xRepositoryService.mapXAToPublicObject(vXAsset);
- }
-
- @PUT
- @Path("/api/repository/{id}")
- @Produces({ "application/json", "application/xml" })
- public VXRepository updateRepository(VXRepository vXRepository,
- @PathParam("id") Long id) {
- vXRepository.setId(id);
- VXAsset vXAsset = xRepositoryService.mapPublicToXAObject(vXRepository);
- vXAsset = assetMgr.updateXAsset(vXAsset);
- return xRepositoryService.mapXAToPublicObject(vXAsset);
- }
-
- @DELETE
- @Path("/api/repository/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXAsset.class)
- public void deleteRepository(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
-
- String forceStr = request.getParameter("force");
- boolean force = true;
- if (!stringUtil.isEmpty(forceStr)) {
- force = Boolean.parseBoolean(forceStr.trim());
- }
- assetMgr.deleteXAsset(id, force);
- }
-
- // @POST
- // @Path("/api/repository/testConfig")
- // @Produces({ "application/xml", "application/json" })
- public VXResponse testConfig(VXRepository vXRepository) {
- VXAsset vXAsset = xRepositoryService.mapPublicToXAObject(vXRepository);
- return assetMgr.testConfig(vXAsset);
- }
-
- @GET
- @Path("/api/repository/")
- @Produces({ "application/json", "application/xml" })
- public VXRepositoryList searchRepositories(
- @Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAssetService.sortFields);
- searchUtil.extractString(request, searchCriteria, "name",
- "Repository Name", null);
- searchUtil.extractBoolean(request, searchCriteria, "status",
- "Activation Status");
- searchUtil.extractString(request, searchCriteria, "type",
- "Repository Type", null);
-
- searchCriteria = xRepositoryService.getMappedSearchParams(request,
- searchCriteria);
- VXAssetList vXAssetList = assetMgr.searchXAssets(searchCriteria);
-
- return xRepositoryService.mapToVXRepositoryList(vXAssetList);
- }
-
- @GET
- @Path("/api/repository/count")
- @Produces({ "application/json", "application/xml" })
- public VXLong countRepositories(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAssetService.sortFields);
-
- ArrayList<Integer> valueList = new ArrayList<Integer>();
- valueList.add(XAConstants.STATUS_DISABLED);
- valueList.add(XAConstants.STATUS_ENABLED);
- searchCriteria.addParam("status", valueList);
-
- return assetMgr.getXAssetSearchCount(searchCriteria);
- }
-
- @GET
- @Path("/api/policy/{id}")
- @Produces({ "application/json", "application/xml" })
- public VXPolicy getPolicy(@PathParam("id") Long id) {
- VXResource vXResource = assetMgr.getXResource(id);
- return xPolicyService.mapXAToPublicObject(vXResource);
- }
-
- @POST
- @Path("/api/policy")
- @Produces({ "application/json", "application/xml" })
- public VXPolicy createPolicy(VXPolicy vXPolicy) {
- VXResource vXResource = xPolicyService.mapPublicToXAObject(vXPolicy,
- AbstractBaseResourceService.OPERATION_CREATE_CONTEXT);
- vXResource = assetMgr.createXResource(vXResource);
- vXResource.setPermMapList(xPolicyService.updatePermGroup(vXResource));
- return xPolicyService.mapXAToPublicObject(vXResource);
-
- }
-
- @PUT
- @Path("/api/policy/{id}")
- @Produces({ "application/json", "application/xml" })
- public VXPolicy updatePolicy(VXPolicy vXPolicy, @PathParam("id") Long id) {
- vXPolicy.setId(id);
- VXResource vXResource = xPolicyService.mapPublicToXAObject(vXPolicy,
- AbstractBaseResourceService.OPERATION_UPDATE_CONTEXT);
- vXResource = assetMgr.updateXResource(vXResource);
- vXResource.setPermMapList(xPolicyService.updatePermGroup(vXResource));
- return xPolicyService.mapXAToPublicObject(vXResource);
- }
-
- @DELETE
- @Path("/api/policy/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXResource.class)
- public void deletePolicy(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- String forceStr = request.getParameter("force");
- boolean force = true;
- if (!stringUtil.isEmpty(forceStr)) {
- force = Boolean.parseBoolean(forceStr.trim());
- }
- assetMgr.deleteXResource(id, force);
- }
-
- @GET
- @Path("/api/policy")
- @Produces({ "application/json", "application/xml" })
- public VXPolicyList searchPolicies(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xResourceService.sortFields);
-
- String resourceName = request.getParameter("resourceName");
- if (!stringUtil.isEmpty(resourceName)) {
- searchCriteria.getParamList().put("name", resourceName);
- }
- searchUtil.extractString(request, searchCriteria, "policyName",
- "Policy name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "columns",
- "Column name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "columnFamilies",
- "Column Family", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "tables", "Tables",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "udfs", "UDFs",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "databases",
- "Databases", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "groupName",
- "Group Name", StringUtil.VALIDATION_TEXT);
-
- String repositoryType = request.getParameter("repositoryType");
- if (!stringUtil.isEmpty(repositoryType)) {
- searchCriteria.getParamList().put("assetType",
- AppConstants.getEnumFor_AssetType(repositoryType));
- }
-
- String isRec = request.getParameter("isRecursive");
- if (isRec != null) {
- boolean isRecursiveBool = restErrorUtil.parseBoolean(isRec,
- "Invalid value for " + "isRecursive",
- MessageEnums.INVALID_INPUT_DATA, null, "isRecursive");
- int isRecursive = (isRecursiveBool == true) ? XAConstants.BOOL_TRUE
- : XAConstants.BOOL_FALSE;
- searchCriteria.getParamList().put("isRecursive", isRecursive);
- }
-
- searchUtil.extractString(request, searchCriteria, "userName",
- "User Name", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "repositoryName",
- "Repository Name", StringUtil.VALIDATION_TEXT);
-
- String resStatus = request.getParameter("isEnabled");
- List<Integer> resList = new ArrayList<Integer>();
- if (stringUtil.isEmpty(resStatus)) {
- resList.add(XACommonEnums.STATUS_ENABLED);
- resList.add(XACommonEnums.STATUS_DISABLED);
- } else {
- boolean policyStatus = restErrorUtil.parseBoolean(resStatus,
- "Invalid value for " + "isEnabled",
- MessageEnums.INVALID_INPUT_DATA, null, "isEnabled");
- int policyStat = (policyStatus) ? XACommonEnums.STATUS_ENABLED
- : XACommonEnums.STATUS_DISABLED;
- resList.add(policyStat);
- }
- searchCriteria.getParamList().put("resourceStatus", resList);
-
- searchCriteria.setDistinct(true);
-
- VXResourceList vXResourceList = assetMgr
- .searchXResources(searchCriteria);
- return xPolicyService.mapToVXPolicyList(vXResourceList);
- }
-
- @GET
- @Path("/api/policy/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countPolicies(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xResourceService.sortFields);
-
-
- return assetMgr.getXResourceSearchCount(searchCriteria);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/rest/UserREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/rest/UserREST.java b/security-admin/src/main/java/com/xasecure/rest/UserREST.java
deleted file mode 100644
index 3bc6fef..0000000
--- a/security-admin/src/main/java/com/xasecure/rest/UserREST.java
+++ /dev/null
@@ -1,332 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.rest;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-
-import com.xasecure.biz.UserMgr;
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.XAConfigUtil;
-import com.xasecure.common.MessageEnums;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.SearchUtil;
-import com.xasecure.common.StringUtil;
-import com.xasecure.entity.XXPortalUser;
-import com.xasecure.view.VXPasswordChange;
-import com.xasecure.view.VXResponse;
-import com.xasecure.view.VXStringList;
-import com.xasecure.view.VXPortalUser;
-import com.xasecure.view.VXPortalUserList;
-import com.xasecure.util.XARestUtil;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Scope;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.xasecure.common.annotation.XAAnnotationClassName;
-import com.xasecure.common.annotation.XAAnnotationJSMgrName;
-import com.xasecure.common.annotation.XAAnnotationRestAPI;
-import com.xasecure.db.XADaoManager;
-
-
-@Path("users")
-@Component
-@Scope("request")
-@XAAnnotationJSMgrName("UserMgr")
-@Transactional(propagation = Propagation.REQUIRES_NEW)
-public class UserREST {
- static Logger logger = Logger.getLogger(UserREST.class);
-
- @Autowired
- StringUtil stringUtil;
-
- @Autowired
- XADaoManager daoManager;
-
- @Autowired
- XAConfigUtil configUtil;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- SearchUtil searchUtil;
-
- @Autowired
- UserMgr userManager;
-
- @Autowired
- XARestUtil msRestUtil;
-
- /**
- * Implements the traditional search functionalities for UserProfile
- *
- * @param request
- * @return
- */
- @GET
- @Produces({ "application/xml", "application/json" })
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public VXPortalUserList searchUsers(@Context HttpServletRequest request) {
- String[] approvedSortByParams = new String[] { "requestDate",
- "approvedDate", "activationDate", "emailAddress", "firstName",
- "lastName" };
- @SuppressWarnings("deprecation")
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, approvedSortByParams);
-
- // userId
- searchUtil.extractLong(request, searchCriteria, "userId", "User Id");
-
- // loginId
- searchUtil.extractString(request, searchCriteria, "loginId",
- "Login Id", null);
-
- // emailAddress
- searchUtil.extractString(request, searchCriteria, "emailAddress",
- "Email Address", null);
-
- // firstName
- searchUtil.extractString(request, searchCriteria, "firstName",
- "First Name", StringUtil.VALIDATION_NAME);
-
- // lastName
- searchUtil.extractString(request, searchCriteria, "lastName",
- "Last Name", StringUtil.VALIDATION_NAME);
-
- // status
- searchUtil.extractEnum(request, searchCriteria, "status", "Status",
- "statusList", XAConstants.ActivationStatus_MAX);
-
- // publicScreenName
- searchUtil.extractString(request, searchCriteria, "publicScreenName",
- "Public Screen Name", StringUtil.VALIDATION_NAME);
- // roles
- searchUtil.extractStringList(request, searchCriteria, "role", "Role",
- "roleList", configUtil.getRoles(), StringUtil.VALIDATION_NAME);
-
- return userManager.searchUsers(searchCriteria);
- }
-
- /**
- * Return the VUserProfile for the given userId
- *
- * @param userId
- * @return
- */
- @GET
- @Path("{userId}")
- @Produces({ "application/xml", "application/json" })
- public VXPortalUser getUserProfileForUser(@PathParam("userId") Long userId) {
- try {
- VXPortalUser userProfile = userManager.getUserProfile(userId);
- if (userProfile != null) {
- if (logger.isDebugEnabled()) {
- logger.debug("getUserProfile() Found User userId=" + userId);
- }
- } else {
- logger.debug("getUserProfile() Not found userId=" + userId);
- }
- return userProfile;
- } catch (Throwable t) {
- logger.error("getUserProfile() no user session. error="
- + t.toString());
- }
- return null;
- }
-
- @POST
- @Consumes({ "application/json", "application/xml" })
- @Produces({ "application/xml", "application/json" })
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public VXPortalUser create(VXPortalUser userProfile,
- @Context HttpServletRequest servletRequest) {
- logger.info("create:" + userProfile.getEmailAddress());
-
- return userManager.createUser(userProfile);
- }
-
- // API to add user with default account
- @POST
- @Path("/default")
- @Consumes({ "application/json", "application/xml" })
- @Produces({ "application/xml", "application/json" })
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public VXPortalUser createDefaultAccountUser(VXPortalUser userProfile,
- @Context HttpServletRequest servletRequest) {
- logger.info("create:" + userProfile.getEmailAddress());
- return userManager.createDefaultAccountUser(userProfile);
- }
-
-
- @PUT
- @Consumes({ "application/json", "application/xml" })
- @Produces({ "application/xml", "application/json" })
- @XAAnnotationRestAPI(updates_classes = "VUserProfile")
- public VXPortalUser update(VXPortalUser userProfile,
- @Context HttpServletRequest servletRequest) {
- logger.info("update:" + userProfile.getEmailAddress());
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(userProfile.getId());
- userManager.checkAccess(gjUser);
- if (gjUser != null) {
- msRestUtil.validateVUserProfileForUpdate(gjUser, userProfile);
- gjUser = userManager.updateUser(userProfile);
- return userManager.mapXXPortalUserVXPortalUser(gjUser);
- } else {
- logger.info("update(): Invalid userId provided: userId="
- + userProfile.getId());
- throw restErrorUtil.createRESTException("serverMsg.userRestUser",
- MessageEnums.DATA_NOT_FOUND, null, null,
- userProfile.toString());
- }
- }
-
- @PUT
- @Path("/{userId}/roles")
- @Produces({ "application/xml", "application/json" })
- public VXResponse setUserRoles(@PathParam("userId") Long userId,
- VXStringList roleList) {
- userManager.checkAccess(userId);
- userManager.setUserRoles(userId, roleList.getVXStrings());
- VXResponse response = new VXResponse();
- response.setStatusCode(VXResponse.STATUS_SUCCESS);
- return response;
- }
-
- /**
- * Deactivate the user
- *
- * @param userId
- * @return
- */
- @POST
- @Path("{userId}/deactivate")
- @Produces({ "application/xml", "application/json" })
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXPortalUser.class)
- public VXPortalUser deactivateUser(@PathParam("userId") Long userId) {
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(userId);
- if (gjUser == null) {
- logger.info("update(): Invalid userId provided: userId=" + userId);
- throw restErrorUtil.createRESTException("serverMsg.userRestUser",
- MessageEnums.DATA_NOT_FOUND, null, null, "" + userId);
- }
- return userManager.deactivateUser(gjUser);
- }
-
- /**
- * This method returns the VUserProfile for the current session
- *
- * @param request
- * @return
- */
- @GET
- @Path("/profile")
- @Produces({ "application/xml", "application/json" })
- public VXPortalUser getUserProfile(@Context HttpServletRequest request) {
- try {
- logger.debug("getUserProfile(). httpSessionId="
- + request.getSession().getId());
- VXPortalUser userProfile = userManager.getUserProfileByLoginId();
- return userProfile;
- } catch (Throwable t) {
- logger.error(
- "getUserProfile() no user session. error=" + t.toString(),
- t);
- }
- return null;
- }
-
- @GET
- @Path("/firstnames")
- @Produces({ "application/xml", "application/json" })
- public String suggestUserFirstName(@QueryParam("letters") String letters,
- @Context HttpServletRequest req) {
- return null;
- }
-
- /**
- * @param userId
- * @param changePassword
- * @return
- */
- @POST
- @Path("{userId}/passwordchange")
- @Produces({ "application/xml", "application/json" })
- public VXResponse changePassword(@PathParam("userId") Long userId,
- VXPasswordChange changePassword) {
- logger.info("changePassword:" + userId);
-
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(userId);
- if (gjUser == null) {
- logger.warn("SECURITY:changePassword(): Invalid userId provided: userId="
- + userId);
- throw restErrorUtil.createRESTException("serverMsg.userRestUser",
- MessageEnums.DATA_NOT_FOUND, null, null, "" + userId);
- }
-
- userManager.checkAccess(gjUser);
- changePassword.setId(userId);
- VXResponse ret = userManager.changePassword(changePassword);
- return ret;
- }
-
- /**
- *
- * @param userId
- * @param changeEmail
- * @return
- */
- @POST
- @Path("{userId}/emailchange")
- @Produces({ "application/xml", "application/json" })
- public VXPortalUser changeEmailAddress(@PathParam("userId") Long userId,
- VXPasswordChange changeEmail) {
- logger.info("changeEmail:" + userId);
-
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(userId);
- if (gjUser == null) {
- logger.warn("SECURITY:changeEmail(): Invalid userId provided: userId="
- + userId);
- throw restErrorUtil.createRESTException("serverMsg.userRestUser",
- MessageEnums.DATA_NOT_FOUND, null, null, "" + userId);
- }
-
- userManager.checkAccess(gjUser);
- changeEmail.setId(userId);
- VXPortalUser ret = userManager.changeEmailAddress(gjUser, changeEmail);
- return ret;
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/rest/XAuditREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/rest/XAuditREST.java b/security-admin/src/main/java/com/xasecure/rest/XAuditREST.java
deleted file mode 100644
index 9afacba..0000000
--- a/security-admin/src/main/java/com/xasecure/rest/XAuditREST.java
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.rest;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.*;
-import javax.ws.rs.core.*;
-
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.SearchUtil;
-import com.xasecure.service.*;
-import com.xasecure.biz.*;
-import com.xasecure.view.*;
-
-import com.xasecure.rest.*;
-import com.xasecure.biz.*;
-import com.xasecure.common.annotation.XAAnnotationClassName;
-import com.xasecure.common.annotation.XAAnnotationJSMgrName;
-import com.xasecure.view.*;
-import com.xasecure.service.*;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Scope;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-@Path("xaudit")
-@Component
-@Scope("request")
-@XAAnnotationJSMgrName("XAuditMgr")
-@Transactional(propagation = Propagation.REQUIRES_NEW)
-public class XAuditREST {
- static Logger logger = Logger.getLogger(XAuditREST.class);
-
- @Autowired
- SearchUtil searchUtil;
-
- @Autowired
- XAuditMgr xAuditMgr;
-
- @Autowired
- XTrxLogService xTrxLogService;
-
- @Autowired
- XAccessAuditService xAccessAuditService;
- // Handle XTrxLog
- @GET
- @Path("/trx_log/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLog getXTrxLog(
- @PathParam("id") Long id) {
- return xAuditMgr.getXTrxLog(id);
- }
-
- @POST
- @Path("/trx_log")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLog createXTrxLog(VXTrxLog vXTrxLog) {
- return xAuditMgr.createXTrxLog(vXTrxLog);
- }
-
- @PUT
- @Path("/trx_log")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLog updateXTrxLog(VXTrxLog vXTrxLog) {
- return xAuditMgr.updateXTrxLog(vXTrxLog);
- }
-
- @DELETE
- @Path("/trx_log/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXTrxLog.class)
- public void deleteXTrxLog(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- xAuditMgr.deleteXTrxLog(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XTrxLogs
- *
- * @param request
- * @return
- */
- @GET
- @Path("/trx_log")
- @Produces({ "application/xml", "application/json" })
- public VXTrxLogList searchXTrxLogs(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xTrxLogService.sortFields);
- return xAuditMgr.searchXTrxLogs(searchCriteria);
- }
-
- @GET
- @Path("/trx_log/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXTrxLogs(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xTrxLogService.sortFields);
-
- return xAuditMgr.getXTrxLogSearchCount(searchCriteria);
- }
-
-
- /**
- * Implements the traditional search functionalities for XAccessAudits
- *
- * @param request
- * @return
- */
- @GET
- @Path("/access_audit")
- @Produces({ "application/xml", "application/json" })
- public VXAccessAuditList searchXAccessAudits(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAccessAuditService.sortFields);
- return xAuditMgr.searchXAccessAudits(searchCriteria);
- }
-
- @GET
- @Path("/access_audit/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXAccessAudits(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAccessAuditService.sortFields);
-
- return xAuditMgr.getXAccessAuditSearchCount(searchCriteria);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/rest/XUserREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/rest/XUserREST.java b/security-admin/src/main/java/com/xasecure/rest/XUserREST.java
deleted file mode 100644
index 8a4f875..0000000
--- a/security-admin/src/main/java/com/xasecure/rest/XUserREST.java
+++ /dev/null
@@ -1,594 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.rest;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.*;
-import javax.ws.rs.core.*;
-
-import com.xasecure.biz.SessionMgr;
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.DateUtil;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.SearchField;
-import com.xasecure.common.SearchUtil;
-import com.xasecure.common.StringUtil;
-import com.xasecure.entity.XXAuthSession;
-import com.xasecure.service.AuthSessionService;
-import com.xasecure.view.*;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Scope;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.xasecure.biz.*;
-import com.xasecure.common.annotation.XAAnnotationClassName;
-import com.xasecure.common.annotation.XAAnnotationJSMgrName;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.service.*;
-import com.xasecure.view.*;
-
-@Path("xusers")
-@Component
-@Scope("request")
-@XAAnnotationJSMgrName("XUserMgr")
-@Transactional(propagation = Propagation.REQUIRES_NEW)
-public class XUserREST {
- static Logger logger = Logger.getLogger(XUserREST.class);
-
- @Autowired
- SearchUtil searchUtil;
-
- @Autowired
- XUserMgr xUserMgr;
-
- @Autowired
- XGroupService xGroupService;
-
- @Autowired
- XUserService xUserService;
-
- @Autowired
- XGroupUserService xGroupUserService;
-
- @Autowired
- XGroupGroupService xGroupGroupService;
-
- @Autowired
- XPermMapService xPermMapService;
-
- @Autowired
- XAuditMapService xAuditMapService;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XADaoManager xADaoManager;
-
- @Autowired
- SessionMgr sessionMgr;
-
- @Autowired
- AuthSessionService authSessionService;
-
- // Handle XGroup
- @GET
- @Path("/groups/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXGroup getXGroup(@PathParam("id") Long id) {
- return xUserMgr.getXGroup(id);
- }
-
- @GET
- @Path("/secure/groups/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXGroup secureGetXGroup(@PathParam("id") Long id) {
- return xUserMgr.getXGroup(id);
- }
-
- @POST
- @Path("/groups")
- @Produces({ "application/xml", "application/json" })
- public VXGroup createXGroup(VXGroup vXGroup) {
- return xUserMgr.createXGroupWithoutLogin(vXGroup);
- }
-
- @POST
- @Path("/secure/groups")
- @Produces({ "application/xml", "application/json" })
- public VXGroup secureCreateXGroup(VXGroup vXGroup) {
- return xUserMgr.createXGroup(vXGroup);
- }
-
- @PUT
- @Path("/groups")
- @Produces({ "application/xml", "application/json" })
- public VXGroup updateXGroup(VXGroup vXGroup) {
- return xUserMgr.updateXGroup(vXGroup);
- }
-
- @PUT
- @Path("/secure/groups/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXGroup secureUpdateXGroup(VXGroup vXGroup) {
- return xUserMgr.updateXGroup(vXGroup);
- }
-
-
- @DELETE
- @Path("/groups/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXGroup.class)
- public void deleteXGroup(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = true;
- xUserMgr.deleteXGroup(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XGroups
- *
- * @param request
- * @return
- */
- @GET
- @Path("/groups")
- @Produces({ "application/xml", "application/json" })
- public VXGroupList searchXGroups(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupService.sortFields);
- searchUtil.extractString(request, searchCriteria, "name", "group name",
- StringUtil.VALIDATION_NAME);
- searchUtil.extractString(request, searchCriteria, "groupSource", "group source",
- StringUtil.VALIDATION_NAME);
- return xUserMgr.searchXGroups(searchCriteria);
- }
-
- @GET
- @Path("/groups/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXGroups(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupService.sortFields);
-
- return xUserMgr.getXGroupSearchCount(searchCriteria);
- }
-
- // Handle XUser
- @GET
- @Path("/users/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXUser getXUser(@PathParam("id") Long id) {
- return xUserMgr.getXUser(id);
- }
-
- @GET
- @Path("/secure/users/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXUser secureGetXUser(@PathParam("id") Long id) {
- return xUserMgr.getXUser(id);
- }
-
- @POST
- @Path("/users")
- @Produces({ "application/xml", "application/json" })
- public VXUser createXUser(VXUser vXUser) {
- return xUserMgr.createXUserWithOutLogin(vXUser);
- }
-
- @POST
- @Path("/secure/users")
- @Produces({ "application/xml", "application/json" })
- public VXUser secureCreateXUser(VXUser vXUser) {
- return xUserMgr.createXUser(vXUser);
- }
-
- @PUT
- @Path("/users")
- @Produces({ "application/xml", "application/json" })
- public VXUser updateXUser(VXUser vXUser) {
- return xUserMgr.updateXUser(vXUser);
- }
-
- @PUT
- @Path("/secure/users/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXUser secureUpdateXUser(VXUser vXUser) {
- return xUserMgr.updateXUser(vXUser);
- }
-
- @DELETE
- @Path("/users/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXUser.class)
- public void deleteXUser(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = true;
- xUserMgr.deleteXUser(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XUsers
- *
- * @param request
- * @return
- */
- @GET
- @Path("/users")
- @Produces({ "application/xml", "application/json" })
- public VXUserList searchXUsers(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xUserService.sortFields);
-
- searchUtil.extractString(request, searchCriteria, "name", "User name",
- StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "emailAddress", "Email Address",
- null);
- searchUtil.extractInt(request, searchCriteria, "userSource", "User Source");
- searchUtil.extractString(request, searchCriteria, "userRoleList", "User Role",
- null);
- return xUserMgr.searchXUsers(searchCriteria);
- }
-
- @GET
- @Path("/users/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXUsers(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xUserService.sortFields);
-
- return xUserMgr.getXUserSearchCount(searchCriteria);
- }
-
- // Handle XGroupUser
- @GET
- @Path("/groupusers/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXGroupUser getXGroupUser(@PathParam("id") Long id) {
- return xUserMgr.getXGroupUser(id);
- }
-
- @POST
- @Path("/groupusers")
- @Produces({ "application/xml", "application/json" })
- public VXGroupUser createXGroupUser(VXGroupUser vXGroupUser) {
- return xUserMgr.createXGroupUser(vXGroupUser);
- }
-
- @PUT
- @Path("/groupusers")
- @Produces({ "application/xml", "application/json" })
- public VXGroupUser updateXGroupUser(VXGroupUser vXGroupUser) {
- return xUserMgr.updateXGroupUser(vXGroupUser);
- }
-
- @DELETE
- @Path("/groupusers/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXGroupUser.class)
- public void deleteXGroupUser(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = true;
- xUserMgr.deleteXGroupUser(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XGroupUsers
- *
- * @param request
- * @return
- */
- @GET
- @Path("/groupusers")
- @Produces({ "application/xml", "application/json" })
- public VXGroupUserList searchXGroupUsers(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupUserService.sortFields);
- return xUserMgr.searchXGroupUsers(searchCriteria);
- }
-
- @GET
- @Path("/groupusers/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXGroupUsers(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupUserService.sortFields);
-
- return xUserMgr.getXGroupUserSearchCount(searchCriteria);
- }
-
- // Handle XGroupGroup
- @GET
- @Path("/groupgroups/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXGroupGroup getXGroupGroup(@PathParam("id") Long id) {
- return xUserMgr.getXGroupGroup(id);
- }
-
- @POST
- @Path("/groupgroups")
- @Produces({ "application/xml", "application/json" })
- public VXGroupGroup createXGroupGroup(VXGroupGroup vXGroupGroup) {
- return xUserMgr.createXGroupGroup(vXGroupGroup);
- }
-
- @PUT
- @Path("/groupgroups")
- @Produces({ "application/xml", "application/json" })
- public VXGroupGroup updateXGroupGroup(VXGroupGroup vXGroupGroup) {
- return xUserMgr.updateXGroupGroup(vXGroupGroup);
- }
-
- @DELETE
- @Path("/groupgroups/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXGroupGroup.class)
- public void deleteXGroupGroup(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- xUserMgr.deleteXGroupGroup(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XGroupGroups
- *
- * @param request
- * @return
- */
- @GET
- @Path("/groupgroups")
- @Produces({ "application/xml", "application/json" })
- public VXGroupGroupList searchXGroupGroups(
- @Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupGroupService.sortFields);
- return xUserMgr.searchXGroupGroups(searchCriteria);
- }
-
- @GET
- @Path("/groupgroups/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXGroupGroups(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xGroupGroupService.sortFields);
-
- return xUserMgr.getXGroupGroupSearchCount(searchCriteria);
- }
-
- // Handle XPermMap
- @GET
- @Path("/permmaps/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXPermMap getXPermMap(@PathParam("id") Long id) {
- return xUserMgr.getXPermMap(id);
- }
-
- @POST
- @Path("/permmaps")
- @Produces({ "application/xml", "application/json" })
- public VXPermMap createXPermMap(VXPermMap vXPermMap) {
- return xUserMgr.createXPermMap(vXPermMap);
- }
-
- @PUT
- @Path("/permmaps")
- @Produces({ "application/xml", "application/json" })
- public VXPermMap updateXPermMap(VXPermMap vXPermMap) {
- return xUserMgr.updateXPermMap(vXPermMap);
- }
-
- @DELETE
- @Path("/permmaps/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXPermMap.class)
- public void deleteXPermMap(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- xUserMgr.deleteXPermMap(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XPermMaps
- *
- * @param request
- * @return
- */
- @GET
- @Path("/permmaps")
- @Produces({ "application/xml", "application/json" })
- public VXPermMapList searchXPermMaps(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xPermMapService.sortFields);
- return xUserMgr.searchXPermMaps(searchCriteria);
- }
-
- @GET
- @Path("/permmaps/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXPermMaps(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xPermMapService.sortFields);
-
- return xUserMgr.getXPermMapSearchCount(searchCriteria);
- }
-
- // Handle XAuditMap
- @GET
- @Path("/auditmaps/{id}")
- @Produces({ "application/xml", "application/json" })
- public VXAuditMap getXAuditMap(@PathParam("id") Long id) {
- return xUserMgr.getXAuditMap(id);
- }
-
- @POST
- @Path("/auditmaps")
- @Produces({ "application/xml", "application/json" })
- public VXAuditMap createXAuditMap(VXAuditMap vXAuditMap) {
- return xUserMgr.createXAuditMap(vXAuditMap);
- }
-
- @PUT
- @Path("/auditmaps")
- @Produces({ "application/xml", "application/json" })
- public VXAuditMap updateXAuditMap(VXAuditMap vXAuditMap) {
- return xUserMgr.updateXAuditMap(vXAuditMap);
- }
-
- @DELETE
- @Path("/auditmaps/{id}")
- @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @XAAnnotationClassName(class_name = VXAuditMap.class)
- public void deleteXAuditMap(@PathParam("id") Long id,
- @Context HttpServletRequest request) {
- boolean force = false;
- xUserMgr.deleteXAuditMap(id, force);
- }
-
- /**
- * Implements the traditional search functionalities for XAuditMaps
- *
- * @param request
- * @return
- */
- @GET
- @Path("/auditmaps")
- @Produces({ "application/xml", "application/json" })
- public VXAuditMapList searchXAuditMaps(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAuditMapService.sortFields);
- return xUserMgr.searchXAuditMaps(searchCriteria);
- }
-
- @GET
- @Path("/auditmaps/count")
- @Produces({ "application/xml", "application/json" })
- public VXLong countXAuditMaps(@Context HttpServletRequest request) {
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, xAuditMapService.sortFields);
-
- return xUserMgr.getXAuditMapSearchCount(searchCriteria);
- }
-
- // Handle XUser
- @GET
- @Path("/users/userName/{userName}")
- @Produces({ "application/xml", "application/json" })
- public VXUser getXUserByUserName(@Context HttpServletRequest request,
- @PathParam("userName") String userName) {
- return xUserMgr.getXUserByUserName(userName);
- }
-
- @GET
- @Path("/groups/groupName/{groupName}")
- @Produces({ "application/xml", "application/json" })
- public VXGroup getXGroupByGroupName(@Context HttpServletRequest request,
- @PathParam("groupName") String groupName) {
- return xGroupService.getGroupByGroupName(groupName);
- }
-
- @DELETE
- @Path("/users/userName/{userName}")
- public void deleteXUserByUserName(@PathParam("userName") String userName,
- @Context HttpServletRequest request) {
- boolean force = true;
- VXUser vxUser = xUserService.getXUserByUserName(userName);
- xUserMgr.deleteXUser(vxUser.getId(), force);
- }
-
- @DELETE
- @Path("/groups/groupName/{groupName}")
- public void deleteXGroupByGroupName(
- @PathParam("groupName") String groupName,
- @Context HttpServletRequest request) {
- boolean force = true;
- VXGroup vxGroup = xGroupService.getGroupByGroupName(groupName);
- xUserMgr.deleteXGroup(vxGroup.getId(), force);
- }
-
- // @POST
- // @Path("/group/{groupName}/user/{userName}")
- // @Produces({ "application/xml", "application/json" })
- // public void createXGroupAndXUser(@PathParam("groupName") String
- // groupName,
- // @PathParam("userName") String userName,
- // @Context HttpServletRequest request) {
- // xUserMgr.createXGroupAndXUser(groupName, userName);
- // }
- //
- @DELETE
- @Path("/group/{groupName}/user/{userName}")
- public void deleteXGroupAndXUser(@PathParam("groupName") String groupName,
- @PathParam("userName") String userName,
- @Context HttpServletRequest request) {
- xUserMgr.deleteXGroupAndXUser(groupName, userName);
- }
-
- @GET
- @Path("/{userId}/groups")
- @Produces({ "application/xml", "application/json" })
- public VXGroupList getXUserGroups(@Context HttpServletRequest request,
- @PathParam("userId") Long id){
- return xUserMgr.getXUserGroups(id);
- }
-
- @GET
- @Path("/{groupId}/users")
- @Produces({ "application/xml", "application/json" })
- public VXUserList getXGroupUsers(@Context HttpServletRequest request,
- @PathParam("groupId") Long id){
- return xUserMgr.getXGroupUsers(id);
- }
-
- @GET
- @Path("/authSessions")
- @Produces({ "application/xml", "application/json" })
- public VXAuthSessionList getAuthSessions(@Context HttpServletRequest request){
- SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
- request, authSessionService.AUTH_SESSION_SORT_FLDS);
- searchUtil.extractLong(request, searchCriteria, "id", "Auth Session Id");
- searchUtil.extractLong(request, searchCriteria, "userId", "User Id");
- searchUtil.extractInt(request, searchCriteria, "authStatus", "Auth Status");
- searchUtil.extractInt(request, searchCriteria, "authType", "Auth Type");
- searchUtil.extractInt(request, searchCriteria, "deviceType", "Device Type");
- searchUtil.extractString(request, searchCriteria, "firstName", "User First Name", StringUtil.VALIDATION_NAME);
- searchUtil.extractString(request, searchCriteria, "lastName", "User Last Name", StringUtil.VALIDATION_NAME);
- searchUtil.extractString(request, searchCriteria, "requestUserAgent", "User Agent", StringUtil.VALIDATION_TEXT);
- searchUtil.extractString(request, searchCriteria, "requestIP", "Request IP Address", StringUtil.VALIDATION_IP_ADDRESS);
- searchUtil.extractString(request, searchCriteria, "loginId", "Login ID", StringUtil.VALIDATION_TEXT);
- searchUtil.extractDate(request, searchCriteria, "startDate", "Start date for search", null);
- searchUtil.extractDate(request, searchCriteria, "endDate", "End date for search", null);
- return sessionMgr.searchAuthSessions(searchCriteria);
- }
-
- @GET
- @Path("/authSessions/info")
- @Produces({ "application/xml", "application/json" })
- public VXAuthSession getAuthSession(@Context HttpServletRequest request){
- String authSessionId = request.getParameter("extSessionId");
- return sessionMgr.getAuthSessionBySessionId(authSessionId);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/security/context/XAContextHolder.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/security/context/XAContextHolder.java b/security-admin/src/main/java/com/xasecure/security/context/XAContextHolder.java
deleted file mode 100644
index 8671a13..0000000
--- a/security-admin/src/main/java/com/xasecure/security/context/XAContextHolder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- /**
- *
- */
-package com.xasecure.security.context;
-
-public class XAContextHolder {
-
- private static final ThreadLocal<XASecurityContext> securityContextThreadLocal = new ThreadLocal<XASecurityContext>();
-
- private XAContextHolder() {
-
- }
-
- public static XASecurityContext getSecurityContext(){
- return securityContextThreadLocal.get();
- }
-
- public static void setSecurityContext(XASecurityContext context){
- securityContextThreadLocal.set(context);
- }
-
- public static void resetSecurityContext(){
- securityContextThreadLocal.remove();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/security/context/XASecurityContext.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/security/context/XASecurityContext.java b/security-admin/src/main/java/com/xasecure/security/context/XASecurityContext.java
deleted file mode 100644
index 5cd8d5d..0000000
--- a/security-admin/src/main/java/com/xasecure/security/context/XASecurityContext.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- /**
- *
- */
-package com.xasecure.security.context;
-
-import java.io.Serializable;
-
-import com.xasecure.common.RequestContext;
-import com.xasecure.common.UserSessionBase;
-
-public class XASecurityContext implements Serializable{
- private static final long serialVersionUID = 1L;
- private UserSessionBase userSession;
- private RequestContext requestContext;
-
- public UserSessionBase getUserSession() {
- return userSession;
- }
-
- public void setUserSession(UserSessionBase userSession) {
- this.userSession = userSession;
- }
-
- /**
- * @return the requestContext
- */
- public RequestContext getRequestContext() {
- return requestContext;
- }
-
- /**
- * @param requestContext the requestContext to set
- */
- public void setRequestContext(RequestContext requestContext) {
- this.requestContext = requestContext;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/security/handler/Permission.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/security/handler/Permission.java b/security-admin/src/main/java/com/xasecure/security/handler/Permission.java
deleted file mode 100644
index f9ab946..0000000
--- a/security-admin/src/main/java/com/xasecure/security/handler/Permission.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.security.handler;
-public class Permission {
-
- public static final String CREATE_PERMISSION = "CREATE";
- public static final String READ_PERMISSION = "READ";
- public static final String UPDATE_PERMISSION = "UPDATE";
- public static final String DELETE_PERMISSION = "DELETE";
-
- public enum permissionType {
- CREATE, READ, UPDATE, DELETE
- };
-
- public static permissionType getPermisson(Object in) {
- String permString = in.toString();
-
- if (CREATE_PERMISSION.equals(permString)) {
- return permissionType.CREATE;
- }
-
- if (READ_PERMISSION.equals(permString)) {
- return permissionType.READ;
- }
-
- if (UPDATE_PERMISSION.equals(permString)) {
- return permissionType.UPDATE;
- }
-
- if (DELETE_PERMISSION.equals(permString)) {
- return permissionType.DELETE;
- }
-
- return null;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/security/handler/XADomainObjectSecurityHandler.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/security/handler/XADomainObjectSecurityHandler.java b/security-admin/src/main/java/com/xasecure/security/handler/XADomainObjectSecurityHandler.java
deleted file mode 100644
index 97a8733..0000000
--- a/security-admin/src/main/java/com/xasecure/security/handler/XADomainObjectSecurityHandler.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.security.handler;
-
-/**
- *
- */
-
-import java.io.Serializable;
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import com.xasecure.biz.XABizUtil;
-import com.xasecure.common.ContextUtil;
-import com.xasecure.common.PropertiesUtil;
-import com.xasecure.common.UserSessionBase;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.entity.XXDBBase;
-
-@Component
-public class XADomainObjectSecurityHandler {
-
- public static Logger logger = Logger
- .getLogger(XADomainObjectSecurityHandler.class);
-
- @Autowired
- public XADaoManager daoManager;
-
- @Autowired
- XABizUtil msBizUtil;
-
- boolean checkParentObject = false;
-
- public XADomainObjectSecurityHandler() {
- checkParentObject = PropertiesUtil.getBooleanProperty(
- "xa.db.access.filter.check.parentobject", checkParentObject);
- }
-
- /**
- * @return the daoManager
- */
- public XADaoManager getDaoManager() {
- return daoManager;
- }
-
- public <T extends XXDBBase> boolean hasAccess(T targetDomainObject,
- Permission.permissionType permission) {
- //TODO: Need to review this method and reimplement it properly
- return true;
- }
-
- public boolean hasAccess(String targetType, Serializable targetId,
- Permission.permissionType permission) {
- try {
- Class<?> clazz = Class.forName(targetType);
- Class<? extends XXDBBase> gjClazz = clazz.asSubclass(XXDBBase.class);
- return hasAccess(gjClazz, targetId, permission);
-
- } catch (ClassNotFoundException cfe) {
- logger.error("class not found:" + targetType, cfe);
- } catch (Exception e) {
- logger.error("Excepion targetType:" + targetType + " targetId:"
- + targetId, e);
- }
-
- return false;
- }
-
- public boolean hasAccess(Class<? extends XXDBBase> targetClass,
- Serializable targetId, Permission.permissionType permission) {
- try {
- Class<? extends XXDBBase> gjClazz = targetClass
- .asSubclass(XXDBBase.class);
- XXDBBase base = getDaoManager().getEntityManager().find(gjClazz,
- targetId);
- return hasAccess(base, permission);
-
- } catch (Exception e) {
- logger.error("Excepion targetType:" + targetClass + " targetId:"
- + targetId, e);
- }
-
- return false;
- }
-
- public boolean hasModeratorPermission() {
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess != null && sess.isUserAdmin()) {
- return true;
- }
- return false;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/security/listener/SpringEventListener.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/security/listener/SpringEventListener.java b/security-admin/src/main/java/com/xasecure/security/listener/SpringEventListener.java
deleted file mode 100644
index 5796eff..0000000
--- a/security-admin/src/main/java/com/xasecure/security/listener/SpringEventListener.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.security.listener;
-
-import com.xasecure.biz.SessionMgr;
-import com.xasecure.entity.XXAuthSession;
-
-import org.apache.log4j.Logger;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationListener;
-import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
-import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
-import org.springframework.security.authentication.event.AuthenticationFailureDisabledEvent;
-import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.WebAuthenticationDetails;
-
-
-public class SpringEventListener implements
- ApplicationListener<AbstractAuthenticationEvent> {
-
- static Logger logger = Logger.getLogger(SpringEventListener.class);
-
- @Autowired
- SessionMgr sessionMgr;
-
- @Override
- public void onApplicationEvent(AbstractAuthenticationEvent event) {
- try {
- if (event instanceof AuthenticationSuccessEvent) {
- process((AuthenticationSuccessEvent) event);
- } else if (event instanceof AuthenticationFailureBadCredentialsEvent) {
- process((AuthenticationFailureBadCredentialsEvent) event);
- } else if (event instanceof AuthenticationFailureDisabledEvent) {
- process((AuthenticationFailureDisabledEvent) event);
- } else {
- // igonre all other events
- }
-
- } catch (Exception e) {
- logger.error("Exception in Spring Event Listener.", e);
- }
- }
-
- protected void process(AuthenticationSuccessEvent authSuccessEvent) {
- Authentication auth = authSuccessEvent.getAuthentication();
- WebAuthenticationDetails details = (WebAuthenticationDetails) auth
- .getDetails();
- String remoteAddress = details != null ? details.getRemoteAddress()
- : "";
- String sessionId = details != null ? details.getSessionId() : "";
-
- logger.info("Login Successful:" + auth.getName() + " | Ip Address:"
- + remoteAddress + " | sessionId=" + sessionId);
-
- // success logins are processed further in
- // AKASecurityContextFormationFilter
- }
-
- protected void process(
- AuthenticationFailureBadCredentialsEvent authFailEvent) {
- Authentication auth = authFailEvent.getAuthentication();
- WebAuthenticationDetails details = (WebAuthenticationDetails) auth
- .getDetails();
- String remoteAddress = details != null ? details.getRemoteAddress()
- : "";
- String sessionId = details != null ? details.getSessionId() : "";
-
- logger.info("Login Unsuccessful:" + auth.getName() + " | Ip Address:"
- + remoteAddress + " | Bad Credentials");
-
- sessionMgr.processFailureLogin(
- XXAuthSession.AUTH_STATUS_WRONG_PASSWORD,
- XXAuthSession.AUTH_TYPE_PASSWORD, auth.getName(),
- remoteAddress, sessionId);
- }
-
- protected void process(AuthenticationFailureDisabledEvent authFailEvent) {
- Authentication auth = authFailEvent.getAuthentication();
- WebAuthenticationDetails details = (WebAuthenticationDetails) auth
- .getDetails();
- String remoteAddress = details != null ? details.getRemoteAddress()
- : "";
- String sessionId = details != null ? details.getSessionId() : "";
-
- logger.info("Login Unsuccessful:" + auth.getName() + " | Ip Address:"
- + remoteAddress);
-
- sessionMgr.processFailureLogin(XXAuthSession.AUTH_STATUS_DISABLED,
- XXAuthSession.AUTH_TYPE_PASSWORD, auth.getName(),
- remoteAddress, sessionId);
-
- }
-
-}