You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2017/08/22 04:39:31 UTC
[1/2] ranger git commit: RANGER-1724: On Report listing page for
masking/row filter policies show only mask/row filter conditions.
Repository: ranger
Updated Branches:
refs/heads/master c8058ad80 -> d4cf12264
RANGER-1724: On Report listing page for masking/row filter policies show only mask/row filter conditions.
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/f6d4f116
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/f6d4f116
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/f6d4f116
Branch: refs/heads/master
Commit: f6d4f116c5ecf0a656b1cba3846cfd3cbd9e5393
Parents: c8058ad
Author: Nitin Galave <ni...@gmail.com>
Authored: Thu Aug 3 10:10:49 2017 +0530
Committer: Mehul Parikh <me...@apache.org>
Committed: Tue Aug 22 10:07:13 2017 +0530
----------------------------------------------------------------------
.../scripts/modules/globalize/message/en.js | 3 +-
.../scripts/views/common/CustomSubgrid.js | 8 +-
.../scripts/views/policies/PermissionList.js | 5 +-
.../views/policies/RangerPolicyTableLayout.js | 2 +-
.../views/reports/PlugableServiceDiffDetail.js | 12 +-
.../scripts/views/reports/UserAccessLayout.js | 152 +++++++++++++++----
security-admin/src/main/webapp/styles/xa.css | 10 ++
.../common/ServiceManagerLayout_tmpl.html | 3 +-
.../PlugableServicePolicyDeleteDiff_tmpl.html | 4 +-
.../reports/PlugableServicePolicyDiff_tmpl.html | 4 +-
10 files changed, 162 insertions(+), 41 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index af7bdfe..d5f9fef 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -330,7 +330,8 @@ define(function(require) {
type :'Policy for all type.',
udf :'Hive udf.',
pluginStatus :'Plugin Status',
- clusterName :'Name of ambari cluster'
+ clusterName :'Name of ambari cluster',
+ url :'Hive url.',
},
msg : {
deletePolicyValidationMsg : 'Policy does not have any settings for the specific resource. Policy will be deleted. Press [Ok] to continue. Press [Cancel] to edit the policy.',
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/views/common/CustomSubgrid.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/common/CustomSubgrid.js b/security-admin/src/main/webapp/scripts/views/common/CustomSubgrid.js
index 0c7e52a..ad89a13 100644
--- a/security-admin/src/main/webapp/scripts/views/common/CustomSubgrid.js
+++ b/security-admin/src/main/webapp/scripts/views/common/CustomSubgrid.js
@@ -152,7 +152,9 @@ define(function(require){
var labelName = this.column.attributes.label;
$(this.el).html("");
if (this.state == "collasped"){
- $(this.el).parent().addClass("warning");
+// $(this.el).parent().addClass("warning");
+// Add warning class to sub grid table
+ $(this.el).addClass("warning");
this.state = "expanded";
this.subrow = new SubgridCustomRow({
columns: this.column.collection,
@@ -164,7 +166,9 @@ define(function(require){
$(this.el).parent("tr").after(this.subrow.render().$el);
} else {
if( $(this.el).parent().siblings('.warning').length <= 1 ){
- $(this.el).parent().removeClass("warning")
+// $(this.el).parent().removeClass("warning")
+// Remove warning class from sub grid table
+ $(this.el).removeClass("warning")
}
this.state = "collasped";
this.subrow.remove();
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
index 067bf3b..bb64984 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/PermissionList.js
@@ -485,7 +485,7 @@ define(function(require) {
});
this.$el.find('input[data-id="maskTypeCustom"]').on('change', function(e){
if(!_.isUndefined(that.model.get('dataMaskInfo'))){
- that.model.get('dataMaskInfo').valueExpr = e.currentTarget.value;
+ that.model.get('dataMaskInfo').valueExpr = _.escape(e.currentTarget.value);
}
}).trigger('change');
if(!this.accessPermSetForTagMasking){
@@ -707,6 +707,7 @@ define(function(require) {
$(this).siblings('[data-id="maskTypeCustom"]').css("display","");
}else{
$(this).siblings('[data-id="maskTypeCustom"]').css("display","none");
+ $(this).siblings('[data-id="maskTypeCustom"]').val(" ")
}
$(this).html("<span class='label label-info'>" + obj.text + "</span>");
@@ -723,7 +724,7 @@ define(function(require) {
});
this.$el.find('input[data-id="maskTypeCustom"]').on('change', function(e){
if(!_.isUndefined(that.model.get('dataMaskInfo'))){
- that.model.get('dataMaskInfo').valueExpr = e.currentTarget.value;
+ that.model.get('dataMaskInfo').valueExpr = _.escape(e.currentTarget.value);
}
}).trigger('change');
},
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
index eb88686..09e2e16 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
@@ -354,7 +354,7 @@ define(function(require){
table:localization.tt('lbl.tableName') , tag : localization.tt('h.tagsMsg'),
taxonomy:localization.tt('h.taxonomy') ,term: localization.tt('h.term') ,
topic:localization.tt('h.topic') ,topology:localization.tt('lbl.topologyName'),
- type:localization.tt('h.type') ,udf:localization.tt('h.udf') ,
+ type:localization.tt('h.type') ,udf:localization.tt('h.udf') , url:localization.tt('h.url')
};
var serverRsrcAttrName = _.map(resourceSearchOpt,function(opt){
return {
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js b/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
index f24fe87..914f271 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/PlugableServiceDiffDetail.js
@@ -327,14 +327,20 @@ define(function(require){
if(itemType === 'Masked Policy Items') {
// its for new created record
for(var i = 0; i < newPolicyItems.length ; i++){
- if(newPolicyItems[i].DataMasklabel){
+ if(newPolicyItems[i].DataMasklabel && newPolicyItems[i].DataMasklabel == "Custom"){
var maskingType = newPolicyItems[i].dataMaskInfo.dataMaskType;
- newPolicyItems[i].dataMaskInfo.dataMaskType = newPolicyItems[i].DataMasklabel;
+ newPolicyItems[i].dataMaskInfo.dataMaskType = newPolicyItems[i].DataMasklabel +' : '+newPolicyItems[i].dataMaskInfo.valueExpr;
+ }else if(newPolicyItems[i].DataMasklabel){
+ var maskingType = newPolicyItems[i].dataMaskInfo.dataMaskType;
+ newPolicyItems[i].dataMaskInfo.dataMaskType = newPolicyItems[i].DataMasklabel;
}
}
for(var i = 0; i < oldPolicyItems.length ; i++){
- if(oldPolicyItems[i].DataMasklabel){
+ if(oldPolicyItems[i].DataMasklabel && oldPolicyItems[i].DataMasklabel == "Custom"){
+ var maskingType = oldPolicyItems[i].dataMaskInfo.dataMaskType;
+ oldPolicyItems[i].dataMaskInfo.dataMaskType = oldPolicyItems[i].DataMasklabel +' : '+oldPolicyItems[i].dataMaskInfo.valueExpr;
+ }else if(oldPolicyItems[i].DataMasklabel){
var maskingType = oldPolicyItems[i].dataMaskInfo.dataMaskType;
oldPolicyItems[i].dataMaskInfo.dataMaskType = oldPolicyItems[i].DataMasklabel;
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js
index 197bc84..c5dc053 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/UserAccessLayout.js
@@ -141,10 +141,11 @@ define(function(require) {'use strict';
this.initializePlugins();
this.setupGroupAutoComplete();
this.renderComponentAndPolicyTypeSelect();
- //Show policies listing for each service and GET policies for each service
+ var policyType = this.ui.policyType.val();
+// Show policies listing for each service and GET policies for each service
_.each(this.policyCollList, function(obj,i){
this.renderTable(obj.collName, obj.serviceDefName);
- this.getResourceLists(obj.collName,obj.serviceDefName);
+ this.getResourceLists(obj.collName,obj.serviceDefName,policyType);
},this);
this.$el.find('[data-js="policyName"]').focus()
var urlString = XAUtil.getBaseUrl();
@@ -161,11 +162,15 @@ define(function(require) {'use strict';
{text :'Search By' , info :localization.tt('msg.searchBy')},
{text :'Resource' , info :localization.tt('msg.resourceMsg')}]
},
- getResourceLists: function(collName, serviceDefName){
+ getResourceLists: function(collName, serviceDefName , policyType){
var that = this, coll = this[collName];
that.allowDownload = false;
coll.queryParams.serviceType = serviceDefName;
+ if(policyType){
+// to set default value access type in policy type
+ coll.queryParams.policyType = policyType;
+ }
coll.fetch({
cache : false,
reset: true,
@@ -178,9 +183,13 @@ define(function(require) {'use strict';
_.each(that[collName].models,function(model,ind){
if (XAUtil.isMaskingPolicy(model.get('policyType'))) {
//'<name>Collection' must be same as subgrid custom column name
- model.attributes.allowCollection = model.get('dataMaskPolicyItems');
+ model.attributes.maskCollection = model.get('dataMaskPolicyItems');
+// Add service type in masking condition
+ _.each(model.attributes.dataMaskPolicyItems , function(m){
+ m.type = model.collection.queryParams.serviceType;
+ })
} else if (XAUtil.isRowFilterPolicy(model.get('policyType'))) {
- model.attributes.allowCollection = model.get('rowFilterPolicyItems');
+ model.attributes.rowlvlCollection = model.get('rowFilterPolicyItems');
} else {
model.attributes.allowCollection = model.get('policyItems');
}
@@ -215,16 +224,15 @@ define(function(require) {'use strict';
label: 'Groups',
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
fromRaw: function (rawValue,model, coll) {
- var startSpanEle = '<span class="label label-info cellWidth-1 float-left-margin-2" style="">',endSpanEle = '</span>';
var group_str = '';
if(_.isEmpty(model.get('groups'))){
return '<center>--</center>';
} else {
_.each(model.get('groups'),function(group,index){
if(index < 4) {
- group_str += '<span class="label label-info cellWidth-1 float-left-margin-2" group-policy-id="'+model.cid+'" style="">' + _.escape(group) + endSpanEle + " ";
+ group_str += '<span class="label label-info cellWidth-1 float-left-margin-2" group-policy-id="'+model.cid+'" style="">' + _.escape(group) + '</span>' + " ";
} else {
- group_str += '<span class="label label-info cellWidth-1 float-left-margin-2" group-policy-id="'+model.cid+'" style="display:none">' + _.escape(group) + endSpanEle + " ";
+ group_str += '<span class="label label-info cellWidth-1 float-left-margin-2" group-policy-id="'+model.cid+'" style="display:none">' + _.escape(group) + '</span>' + " ";
}
});
if(model.get('groups').length > 4) {
@@ -247,16 +255,15 @@ define(function(require) {'use strict';
label: 'Users',
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
fromRaw: function (rawValue,model) {
- var startSpanEle = '<span class="label label-info cellWidth-1 float-left-margin-2" style="">',endSpanEle = '</span>';
var user_str = '';
if(_.isEmpty(model.get('users'))){
return '<center>--</center>';
} else {
_.each(model.get('users'),function(user,index){
if(index < 4) {
- user_str += '<span class="label label-info cellWidth-1 float-left-margin-2" user-policy-id="'+model.cid+'" style="">' + _.escape(user) + endSpanEle + " ";
+ user_str += '<span class="label label-info cellWidth-1 float-left-margin-2" user-policy-id="'+model.cid+'" style="">' + _.escape(user) + '</span>'+ " ";
} else {
- user_str += '<span class="label label-info cellWidth-1 float-left-margin-2" user-policy-id="'+model.cid+'" style="display:none">' + _.escape(user) + endSpanEle + " ";
+ user_str += '<span class="label label-info cellWidth-1 float-left-margin-2" user-policy-id="'+model.cid+'" style="display:none">' + _.escape(user) + '</span>'+ " ";
}
});
if(model.get('users').length > 4) {
@@ -278,13 +285,12 @@ define(function(require) {'use strict';
label: 'Accesses',
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
fromRaw: function (rawValue,model) {
- var startSpanEle = '<span class="label label-info cellWidth-1 float-left-margin-2" style="">',endSpanEle = '</span>';
var access_str = '';
_.each(model.get('accesses'),function(access,index){
if(index < 4){
- access_str += '<span class="label label-info cellWidth-1 float-left-margin-2" access-policy-id="'+model.cid+'" style="">' + access.type+ endSpanEle + " ";
+ access_str += '<span class="label label-info cellWidth-1 float-left-margin-2" access-policy-id="'+model.cid+'" style="">' + access.type+'</span>' + " ";
} else {
- access_str += '<span class="label label-info cellWidth-1 float-left-margin-2" access-policy-id="'+model.cid+'" style="display:none">' + access.type+ endSpanEle + " ";
+ access_str += '<span class="label label-info cellWidth-1 float-left-margin-2" access-policy-id="'+model.cid+'" style="display:none">' + access.type+'</span>'+ " ";
}
});
if(model.get('accesses').length > 4) {
@@ -301,6 +307,66 @@ define(function(require) {'use strict';
sortable: false
}
];
+ if(XAUtil.isMaskingPolicy(this.ui.policyType.val())){
+ subcolumns.push({
+ name: 'maskingCondition',
+ cell: 'html',
+ cell: Backgrid.HtmlCell.extend({
+ className : 'subgridTable'
+ }),
+ label: 'Masking Condition',
+ formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
+ fromRaw: function (rawValue,model) {
+ var access_str = '';
+ var servicedef = _.find(that.serviceDefList.models ,function(m){
+ return m.get('name') == model.get('type');
+ });
+ var maskValue = _.find(servicedef.get('dataMaskDef').maskTypes,function(m){
+ return m.name == model.get('dataMaskInfo').dataMaskType
+ })
+ if(maskValue.label){
+ if(maskValue.label == "Custom"){
+ var title = model.attributes.dataMaskInfo.dataMaskType +' : '+model.attributes.dataMaskInfo.valueExpr;
+ access_str = '<span class="label label-info trim-containt" title="'+_.escape(title)+'">'+_.escape(title)+'</span>';
+ }else{
+ access_str = '<span class="label label-info trim-containt" title="'+_.escape(maskValue.label)+'">'+_.escape(maskValue.label)+'</span>';
+ }
+ }else {
+ access_str ='<center>--</center>';
+ }
+ return access_str;
+ }
+ }),
+ editable: false,
+ click: false,
+ sortable: false
+
+ })
+ };
+ if(XAUtil.isRowFilterPolicy(this.ui.policyType.val())){
+ subcolumns.push({
+ name: 'rowLevelFilter',
+ cell: 'html',
+ cell: Backgrid.HtmlCell.extend({
+ className : 'subgridTable'
+ }),
+ label: 'Row Level Filter',
+ formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
+ fromRaw: function (rawValue,model) {
+ var access_str = '';
+ if(model.get('rowFilterInfo').filterExpr){
+ access_str = '<span class="label label-info trim-containt" title="'+_.escape(model.get('rowFilterInfo').filterExpr)+'">' + _.escape(model.get('rowFilterInfo').filterExpr)+ '</span>' + " ";
+ } else {
+ access_str ='<center>--</center>';
+ }
+ return access_str;
+ }
+ }),
+ editable: false,
+ click: false,
+ sortable: false
+ })
+ }
var columns = {
id : {
cell : "uri",
@@ -401,18 +467,43 @@ define(function(require) {'use strict';
if(serviceDefName === XAEnums.ServiceType.SERVICE_TAG.label){
enableDenyAndExceptionsInPolicies = true;
}
+ if(XAUtil.isAccessPolicy(this.ui.policyType.val())){
+ permissions = {
+ allow:{
+ label: 'Allow Conditions',
+ cell: "subgrid-custom",
+ optionValues : subcolumns,
+ editable: false,
+ sortable: false,
+ click : false
+ }
+ };
+ }else if(XAUtil.isMaskingPolicy(this.ui.policyType.val())){
+ permissions = {
+ mask:{
+ label: 'Masking Conditions',
+ cell: "subgrid-custom",
+ optionValues : subcolumns,
+ editable: false,
+ sortable: false,
+ click : false
+ }
+ };
+ }else if(XAUtil.isRowFilterPolicy(this.ui.policyType.val())){
+ permissions = {
+ rowlvl:{
+ label: 'Row Level Conditions',
+ cell: "subgrid-custom",
+ optionValues : subcolumns,
+ editable: false,
+ sortable: false,
+ click : false
+ }
+ };
+ }
- permissions = {
- allow:{
- label: 'Allow Conditions',
- cell: "subgrid-custom",
- optionValues : subcolumns,
- editable: false,
- sortable: false,
- click : false
- }
- };
- if(enableDenyAndExceptionsInPolicies) {
+
+ if(enableDenyAndExceptionsInPolicies && that.ui.policyType.val() == 0) {
cols = {
allowExclude:{
label: 'Allow Exclude',
@@ -460,11 +551,11 @@ define(function(require) {'use strict';
data: options
});
this.ui.policyType.select2({
- closeOnSelect: true,
- placeholder: 'Select policy type',
+ closeOnSelect: false,
maximumSelectionSize : 1,
width: '220px',
- allowClear: true,
+ value : this.ui.policyType.val("0"),
+ allowClear: false,
data: policyTypes
});
@@ -666,7 +757,10 @@ define(function(require) {'use strict';
var rxName = this.ui.resourceName.val(), policyName = this.ui.policyName.val() , policyType = this.ui.policyType.val();
var params = {group : groups, user : users, polResource : rxName, policyNamePartial : policyName, policyType: policyType};
var component = (this.ui.componentType.val() != "") ? this.ui.componentType.select2('val'):undefined;
-
+ that.initializeRequiredData();
+ _.each(this.policyCollList, function(obj,i){
+ this.renderTable(obj.collName, obj.serviceDefName);
+ },this);
var compFlag = false;
if(!_.isUndefined(component)) {
compFlag = true;
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/styles/xa.css
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/styles/xa.css b/security-admin/src/main/webapp/styles/xa.css
index 06f79b5..9751d90 100644
--- a/security-admin/src/main/webapp/styles/xa.css
+++ b/security-admin/src/main/webapp/styles/xa.css
@@ -1713,6 +1713,7 @@ background-color: #444444;
}
.alert {
border:none;
+ word-break: break-all;
}
tr.disable-policy td {
background-color: #F0F0F0;
@@ -2216,3 +2217,12 @@ td.subgrid-custom-cell{
margin-left: 388px;
margin-top: -27px;
}
+.subgridTable{
+ width : 25% !important;
+}
+.trim-containt{
+ white-space: nowrap;
+ overflow: hidden;
+ text-overflow: ellipsis;
+ max-width: 95%;
+}
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html b/security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html
index 44f96ef..fec2535 100644
--- a/security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html
+++ b/security-admin/src/main/webapp/templates/common/ServiceManagerLayout_tmpl.html
@@ -35,7 +35,8 @@
<tr>
<th>
<span class="policy-title">
- <img alt="HDFS" src="images/folder-grey.png">
+ <!-- Remove alt attribut from img tag -->
+ <img src="images/folder-grey.png">
{{./this.attributes.name}}
{{#if ../operation}}
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
index 93404f0..97ad345 100644
--- a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
+++ b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDeleteDiff_tmpl.html
@@ -116,7 +116,9 @@
{{#if this.dataMaskInfo}}
<li class="change-row">
Data Mask Types:
- {{this.dataMaskInfo.dataMaskType}}
+ <i>
+ {{this.dataMaskInfo.dataMaskType}}
+ </i>
</li>
{{/if}}
</ol><br/>
http://git-wip-us.apache.org/repos/asf/ranger/blob/f6d4f116/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
index acf6d86..75c1f64 100644
--- a/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
+++ b/security-admin/src/main/webapp/templates/reports/PlugableServicePolicyDiff_tmpl.html
@@ -243,7 +243,9 @@
{{#if this.dataMaskInfo}}
<li class="change-row">
Data Mask Types:
- {{this.dataMaskInfo.dataMaskType}}
+ <i>
+ {{this.dataMaskInfo.dataMaskType}}
+ </i>
</li>
{{/if}}
</ol><br/>
[2/2] ranger git commit: RANGER-1676: Policy Details popup from
Access audit page not displaying details of masking policy.
Posted by me...@apache.org.
RANGER-1676: Policy Details popup from Access audit page not displaying details of masking policy.
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/d4cf1226
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/d4cf1226
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/d4cf1226
Branch: refs/heads/master
Commit: d4cf1226427e8c49e63a751f4fe8bada565f64d1
Parents: f6d4f11
Author: Nitin Galave <ni...@gmail.com>
Authored: Mon Aug 21 14:56:45 2017 +0530
Committer: Mehul Parikh <me...@apache.org>
Committed: Tue Aug 22 10:08:59 2017 +0530
----------------------------------------------------------------------
.../ranger/plugin/model/RangerPolicy.java | 10 +++
.../ranger/service/RangerDataHistService.java | 10 +++
.../scripts/modules/globalize/message/en.js | 6 +-
.../scripts/views/policies/RangerPolicyRO.js | 53 +++++++++++++--
.../webapp/scripts/views/reports/AuditLayout.js | 63 +++++++++---------
.../templates/policies/RangerPolicyRO_tmpl.html | 68 ++++++++++++++++----
6 files changed, 157 insertions(+), 53 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
index 19475aa..60daed9 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
@@ -70,6 +70,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
private List<RangerPolicyItem> denyExceptions;
private List<RangerDataMaskPolicyItem> dataMaskPolicyItems;
private List<RangerRowFilterPolicyItem> rowFilterPolicyItems;
+ private String serviceType;
/**
@@ -211,6 +212,14 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
this.isAuditEnabled = isAuditEnabled == null ? Boolean.TRUE : isAuditEnabled;
}
+ public String getServiceType() {
+ return serviceType;
+ }
+
+ public void setServiceType(String serviceType) {
+ this.serviceType = serviceType;
+ }
+
/**
* @return the resources
*/
@@ -403,6 +412,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
sb.append("description={").append(description).append("} ");
sb.append("resourceSignature={").append(resourceSignature).append("} ");
sb.append("isAuditEnabled={").append(isAuditEnabled).append("} ");
+ sb.append("serviceType={").append(serviceType).append("} ");
sb.append("resources={");
if(resources != null) {
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
index e94bad4..a96d648 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
@@ -26,6 +26,8 @@ import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXDataHist;
+import org.apache.ranger.entity.XXService;
+import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerBaseModelObject;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
@@ -92,6 +94,14 @@ public class RangerDataHistService {
RangerPolicy policy = (RangerPolicy) baseModelObj;
objectName = policy.getName();
classType = AppConstants.CLASS_TYPE_RANGER_POLICY;
+ XXService xXService = daoMgr.getXXService().findByName(policy.getService());
+ XXServiceDef xxServiceDef = null;
+ if(xXService != null){
+ xxServiceDef = daoMgr.getXXServiceDef().getById(xXService.getType());
+ }
+ if(xxServiceDef != null){
+ policy.setServiceType(xxServiceDef.getName());
+ }
content = writeObjectAsString(policy);
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index d5f9fef..73b4cd3 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -208,8 +208,6 @@ define(function(require) {
selectTopologyName : 'Select Topology Name',
selectServiceName : 'Select Service Name',
topologyName : 'Topology Name',
- serivceName : 'Service Name',
- serivceType : 'Service Type',
ipAddress : 'IP Address',
isVisible : 'Visible',
delegatedAdmin : 'Delegate Admin',
@@ -242,8 +240,8 @@ define(function(require) {
selectAndAddGroup : 'Select and Add Group',
download : 'Download',
lastUpdate : 'Last Update',
- modules : 'Modules',
- clusterName : 'Cluster Name'
+ modules : 'Modules',
+ clusterName : 'Cluster Name'
},
btn : {
add : 'Add',
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js
index 0d8e3df..3011f1e 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js
@@ -35,8 +35,17 @@ define(function(require) {
template: RangerPolicyROTmpl,
templateHelpers: function() {
+ var isDelegatAdminChk;
+ if(this.policyDetails.serviceType !== XAEnums.ServiceType.SERVICE_TAG.label
+ && !XAUtils.isMaskingPolicy(this.policy.get('policyType'))
+ && !XAUtils.isRowFilterPolicy(this.policy.get('policyType'))) {
+ isDelegatAdminChk = true;
+ } else {
+ isDelegatAdminChk = false;
+ }
return {
PolicyDetails: this.policyDetails,
+ isDelegatAdmin: isDelegatAdminChk
};
},
breadCrumbs: [],
@@ -79,6 +88,12 @@ define(function(require) {
},
initializePolicyDetailsObj : function(){
+ // In this.policy service type is undefined then we take repotype.
+ if(_.isUndefined(this.policy.get('serviceType'))){
+ this.serviceDef = this.serviceDefList.findWhere({'id' : this.repoType})
+ }else{
+ this.serviceDef = this.serviceDefList.findWhere({'name':this.policy.get('serviceType')});
+ }
var self = this;
var details = this.policyDetails = {};
details.id = this.policy.get('id');
@@ -109,6 +124,18 @@ define(function(require) {
perm.allowException = this.policy.get('allowExceptions');
perm.denyPolicyItems = this.policy.get('denyPolicyItems');
perm.denyExceptions = this.policy.get('denyExceptions');
+ if(this.policy.get('dataMaskPolicyItems')){
+ _.each(this.policy.get('dataMaskPolicyItems'), function(mask){
+ var maskingInfo = _.find(self.serviceDef.get("dataMaskDef").maskTypes, function(m){
+ return m.name == mask.dataMaskInfo.dataMaskType;
+ });
+ if(maskingInfo){
+ _.extend(mask.dataMaskInfo , _.pick(maskingInfo, 'label'));
+ }
+ })
+ perm.maskingPolicy = this.policy.get('dataMaskPolicyItems');
+ }
+ perm.rowLevelPolicy = this.policy.get('rowFilterPolicyItems');
details.createdBy = this.policy.get('createdBy');
details.createTime = Globalize.format(new Date(this.policy.get('createTime')), "MM/dd/yyyy hh:mm tt");
details.updatedBy = this.policy.get('updatedBy');
@@ -124,7 +151,9 @@ define(function(require) {
var items = [{'itemName': 'policyItems',title : 'Allow Condition'},
{'itemName': 'allowExceptions',title : 'Exclude from Allow Conditions'},
{'itemName': 'denyPolicyItems',title : 'Deny Condition'},
- {'itemName': 'denyExceptions',title : 'Exclude from Deny Conditions'},]
+ {'itemName': 'denyExceptions',title : 'Exclude from Deny Conditions'},
+ {'itemName': 'dataMaskPolicyItems',title : 'Masking Conditions'},
+ {'itemName': 'rowFilterPolicyItems',title : 'Row Level Conditions'}]
_.each(items, function(item){
if(!_.isUndefined(this.policy.get(item.itemName)) && !_.isEmpty(this.policy.get(item.itemName))){
this.policyDetails['policyItemsCond'].push({ title : item.title, headers : headers.header, policyItems : this.policy.get(item.itemName)})
@@ -145,9 +174,23 @@ define(function(require) {
getPermHeaders : function(){
var permList = [],
- policyCondition = false;
- permList.unshift(localization.tt('lbl.delegatedAdmin'));
- permList.unshift(localization.tt('lbl.permissions'));
+ policyCondition = false;
+ if(this.policyDetails.serviceType !== XAEnums.ServiceType.SERVICE_TAG.label
+ && !XAUtils.isMaskingPolicy(this.policy.get('policyType'))
+ && !XAUtils.isRowFilterPolicy(this.policy.get('policyType'))){
+ permList.unshift(localization.tt('lbl.delegatedAdmin'));
+ }
+ if(XAUtils.isRowFilterPolicy(this.policy.get('policyType'))){
+ permList.unshift(localization.tt('lbl.rowLevelFilter'));
+ }
+ if(XAUtils.isMaskingPolicy(this.policy.get('policyType'))){
+ permList.unshift(localization.tt('lbl.selectMaskingOption'));
+ }
+ if(XAUtils.isRowFilterPolicy(this.policy.get('policyType')) || XAUtils.isMaskingPolicy(this.policy.get('policyType'))){
+ permList.unshift(localization.tt('lbl.accessTypes'));
+ }else{
+ permList.unshift(localization.tt('lbl.permissions'));
+ }
if(!_.isEmpty(this.serviceDef.get('policyConditions'))){
permList.unshift(localization.tt('h.policyCondition'));
policyCondition = true;
@@ -177,6 +220,8 @@ define(function(require) {
},
getPolicyByVersion : function(ver, e){
+ //to support old policy log after updating that policy.
+ this.policy.set('serviceType',undefined);
this.policy.fetchByVersion(ver, {
cache : false,
async : false
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
index 68be81e..aecaf95 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
@@ -116,14 +116,14 @@ define(function(require) {
this.timezone = date.replace(/^.*GMT.*\(/, "").replace(/\)$/, "");
this.initializeServiceDefColl();
if(_.isUndefined(App.vsHistory)){
- var startDateModel = new Backbone.Model({'category':'Start Date', value:Globalize.format(new Date(),"MM/dd/yyyy")});
- App.vsHistory = {'bigData':[startDateModel], 'admin':[], 'loginSession':[], 'plugin':[],'pluginStatus':[]};
+ var startDateModel = new Backbone.Model({'category':'Start Date', value:Globalize.format(new Date(),"MM/dd/yyyy")});
+ App.vsHistory = {'bigData':[startDateModel], 'admin':[], 'loginSession':[], 'plugin':[],'pluginStatus':[]};
}
},
/** all events binding here */
bindEvents : function() {
- this.listenTo(this.accessAuditList, "sync",this.showTagsAttributes, this);
+ this.listenTo(this.accessAuditList, "sync",this.showTagsAttributes, this);
},
initializeServiceDefColl : function() {
@@ -146,7 +146,7 @@ define(function(require) {
this.addSearchForBigDataTab();
this.modifyTableForSubcolumns();
}
- this.showTagsAttributes();
+ this.showTagsAttributes();
},
modifyTableForSubcolumns : function(){
@@ -190,16 +190,16 @@ define(function(require) {
this.renderBigDataTable();
this.modifyTableForSubcolumns();
this.addSearchForBigDataTab();
- this.listenTo(this.accessAuditList, "request", that.updateLastRefresh);
+ this.listenTo(this.accessAuditList, "request", that.updateLastRefresh);
this.ui.iconSearchInfo.show();
this.showTagsAttributes();
break;
case "#admin":
this.currentTab = '#admin';
- App.vsHistory.admin = XAUtils.removeEmptySearchValue(App.vsHistory.admin);
+ App.vsHistory.admin = XAUtils.removeEmptySearchValue(App.vsHistory.admin);
this.trxLogList = new VXTrxLogList();
this.renderAdminTable();
- if(_.isEmpty(App.vsHistory.admin) && _.isUndefined(App.sessionId)){
+ if(_.isEmpty(App.vsHistory.admin) && _.isUndefined(App.sessionId)){
this.trxLogList.fetch({
cache : false
});
@@ -211,16 +211,16 @@ define(function(require) {
break;
case "#loginSession":
this.currentTab = '#loginSession';
- App.vsHistory.loginSession = XAUtils.removeEmptySearchValue(App.vsHistory.loginSession);
+ App.vsHistory.loginSession = XAUtils.removeEmptySearchValue(App.vsHistory.loginSession);
this.authSessionList = new VXAuthSession();
this.renderLoginSessionTable();
//Setting SortBy as id and sortType as desc = 1
this.authSessionList.setSorting('id',1);
- if(_.isEmpty(App.vsHistory.loginSession)){
- this.authSessionList.fetch({
- cache:false,
- });
- }
+ if(_.isEmpty(App.vsHistory.loginSession)){
+ this.authSessionList.fetch({
+ cache:false,
+ });
+ }
this.addSearchForLoginSessionTab();
this.listenTo(this.authSessionList, "request", that.updateLastRefresh)
this.ui.iconSearchInfo.hide();
@@ -233,12 +233,12 @@ define(function(require) {
var params = { priAcctId : 1 };
that.renderAgentTable();
this.policyExportAuditList.setSorting('createDate',1);
- if(_.isEmpty(App.vsHistory.plugin)){
- this.policyExportAuditList.fetch({
- cache : false,
- data :params
- });
- }
+ if(_.isEmpty(App.vsHistory.plugin)){
+ this.policyExportAuditList.fetch({
+ cache : false,
+ data :params
+ });
+ }
this.addSearchForAgentTab();
this.listenTo(this.policyExportAuditList, "request", that.updateLastRefresh)
this.ui.iconSearchInfo.hide();
@@ -845,19 +845,18 @@ define(function(require) {
Backgrid.Row.prototype.initialize.apply(this, args);
},
onClick: function (e) {
- var self = this;
- if($(e.target).hasClass('tagsColumn') || $(e.target).closest('td').hasClass("tagsColumn")){
- return;
- }
+ var self = this ;
+ if($(e.target).hasClass('tagsColumn') || $(e.target).closest('td').hasClass("tagsColumn")){
+ return;
+ }
+ if(this.model.get('repoType')){
+ var repoType = this.model.get('repoType');
+ }
var policyId = this.model.get('policyId');
if(policyId == -1){
return;
}
- var serviceDef = that.serviceDefList.findWhere({'id':this.model.get('repoType')});
- if(_.isUndefined(serviceDef)){
- return ;
- }
- var eventTime = this.model.get('eventTime');
+ var eventTime = this.model.get('eventTime');
var policy = new RangerPolicy({
id: policyId
@@ -866,17 +865,19 @@ define(function(require) {
var view = new RangerPolicyRO({
policy: policy,
policyVersionList : policyVersionList,
- serviceDef: serviceDef,
- eventTime : eventTime
+ serviceDefList: that.serviceDefList,
+ eventTime : eventTime,
+ repoType : repoType
});
var modal = new Backbone.BootstrapModal({
animate : true,
content : view,
title: localization.tt("h.policyDetails"),
okText :localization.tt("lbl.ok"),
- allowCancel : false,
+ allowCancel : true,
escape : true
}).open();
+ modal.$el.find('.cancel').hide();
var policyVerEl = modal.$el.find('.modal-footer').prepend('<div class="policyVer pull-left"></div>').find('.policyVer');
policyVerEl.append('<i id="preVer" class="icon-chevron-left '+ ((policy.get('version')>1) ? 'active' : '') +'"></i><text>Version '+ policy.get('version') +'</text>').find('#preVer').click(function(e){
view.previousVer(e);
http://git-wip-us.apache.org/repos/asf/ranger/blob/d4cf1226/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html
index 6ff5329..f298fd0 100644
--- a/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html
+++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html
@@ -17,12 +17,12 @@
<div class="serviceInfo row-fluid">
<div class="pull-left">
<p>
- <strong>{{tt 'lbl.serivceName'}} :</strong> {{PolicyDetails.service}}
+ <strong>{{tt 'lbl.serviceName'}} :</strong> {{PolicyDetails.service}}
</p>
</div>
<div class="pull-right">
<p>
- <strong>{{tt 'lbl.serivceType'}} :</strong> {{PolicyDetails.serviceType}}
+ <strong>{{tt 'lbl.serviceType'}} :</strong> {{PolicyDetails.serviceType}}
</p>
</div>
</div>
@@ -66,9 +66,15 @@
<td>
{{tt 'lbl.description'}}
</td>
- <td>
- {{PolicyDetails.description}}
- </td>
+ {{#ifCond PolicyDetails.description '==' ""}}
+ <td>
+ --
+ </td>
+ {{else}}
+ <td>
+ {{PolicyDetails.description}}
+ </td>
+ {{/ifCond}}
</tr>
{{#if PolicyDetails.isRecursive}}
<tr>
@@ -106,12 +112,24 @@
<tbody>
{{#each this.policyItems}}
<tr>
- <td>{{#each this.groups}}
- <span class="label label-info">{{this}}</span>
- {{/each}}</td>
- <td>{{#each this.users}}
- <span class="label label-info">{{this}}</span>
- {{/each}}</td>
+ <td>
+ {{#if this.groups}}
+ {{#each this.groups}}
+ <span class="label label-info">{{this}}</span>
+ {{/each}}
+ {{else}}
+ --
+ {{/if}}
+ </td>
+ <td>
+ {{#if this.users}}
+ {{#each this.users}}
+ <span class="label label-info">{{this}}</span>
+ {{/each}}
+ {{else}}
+ --
+ {{/if}}
+ </td>
{{#if ../../PolicyDetails.policyCondition}}
<td>
{{#if this.conditions}}
@@ -131,9 +149,31 @@
<td>{{#each this.accesses}}
<span class="label label-info">{{#if this.isAllowed}}{{this.type}}{{/if}}</span>
{{/each}}</td>
- <td>
- <input type="checkbox" {{#if this.delegateAdmin}}checked{{/if}} disabled="disabled">
- </td>
+ {{#if this.dataMaskInfo}}
+ {{#ifCond this.dataMaskInfo.dataMaskType '==' "CUSTOM"}}
+ <td>
+ <span class="label label-info ">{{this.dataMaskInfo.label}} : {{this.dataMaskInfo.valueExpr}} </span>
+ </td>
+ {{else}}
+ <td>
+ <span class="label label-info">{{this.dataMaskInfo.label}}</span>
+ </td>
+ {{/ifCond}}
+ {{/if}}
+ {{#if this.rowFilterInfo}}
+ <td>
+ {{#if this.rowFilterInfo.filterExpr}}
+ <span class="label label-info">{{this.rowFilterInfo.filterExpr}}</span>
+ {{else}}
+ --
+ {{/if}}
+ </td>
+ {{/if}}
+ {{#if ../../isDelegatAdmin}}
+ <td>
+ <input type="checkbox" {{#if this.delegateAdmin}}checked{{/if}} disabled="disabled">
+ </td>
+ {{/if}}
</tr>
{{/each}}
</tbody>