You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/01/31 21:38:51 UTC
[8/8] incubator-ranger git commit: RANGER-203: moved
pluggable-service-model implementation from plugin-common to exiting project
ranger-plugin-common
RANGER-203: moved pluggable-service-model implementation from plugin-common to exiting project ranger-plugin-common
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/217e1892
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/217e1892
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/217e1892
Branch: refs/heads/stack
Commit: 217e18924017500a0871b2a7cb47d2095960b8cf
Parents: 46633a9
Author: Madhan Neethiraj <ma...@apache.org>
Authored: Sat Jan 31 12:38:28 2015 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Sat Jan 31 12:38:28 2015 -0800
----------------------------------------------------------------------
.../.settings/org.eclipse.core.resources.prefs | 3 +
agents-common/pom.xml | 4 +
.../ranger/plugin/audit/RangerAuditHandler.java | 31 +
.../plugin/audit/RangerDefaultAuditHandler.java | 231 +++
.../plugin/model/RangerBaseModelObject.java | 179 ++
.../ranger/plugin/model/RangerPolicy.java | 686 ++++++++
.../ranger/plugin/model/RangerService.java | 216 +++
.../ranger/plugin/model/RangerServiceDef.java | 1320 +++++++++++++++
.../policyengine/RangerAccessRequest.java | 48 +
.../policyengine/RangerAccessRequestImpl.java | 208 +++
.../plugin/policyengine/RangerAccessResult.java | 157 ++
.../policyengine/RangerMutableResource.java | 27 +
.../plugin/policyengine/RangerPolicyEngine.java | 54 +
.../policyengine/RangerPolicyEngineImpl.java | 254 +++
.../plugin/policyengine/RangerResource.java | 33 +
.../plugin/policyengine/RangerResourceImpl.java | 107 ++
.../RangerAbstractPolicyEvaluator.java | 79 +
.../RangerDefaultPolicyEvaluator.java | 446 +++++
.../policyevaluator/RangerPolicyEvaluator.java | 35 +
.../RangerAbstractResourceMatcher.java | 226 +++
.../RangerDefaultResourceMatcher.java | 101 ++
.../RangerPathResourceMatcher.java | 151 ++
.../resourcematcher/RangerResourceMatcher.java | 35 +
.../ranger/plugin/service/RangerBasePlugin.java | 178 ++
.../plugin/service/RangerBaseService.java | 55 +
.../plugin/service/ResourceLookupContext.java | 72 +
.../ranger/plugin/store/ServiceStore.java | 74 +
.../plugin/store/ServiceStoreFactory.java | 113 ++
.../ranger/plugin/store/file/BaseFileStore.java | 390 +++++
.../plugin/store/file/ServiceFileStore.java | 1589 ++++++++++++++++++
.../plugin/store/rest/ServiceRESTStore.java | 609 +++++++
.../ranger/plugin/util/PolicyRefresher.java | 154 ++
.../ranger/plugin/util/RangerRESTClient.java | 376 +++++
.../apache/ranger/plugin/util/SearchFilter.java | 116 ++
.../ranger/plugin/util/ServicePolicies.java | 125 ++
.../service-defs/ranger-servicedef-hbase.json | 50 +
.../service-defs/ranger-servicedef-hdfs.json | 60 +
.../service-defs/ranger-servicedef-hive.json | 43 +
.../service-defs/ranger-servicedef-knox.json | 34 +
.../service-defs/ranger-servicedef-storm.json | 46 +
.../plugin/policyengine/TestPolicyEngine.java | 145 ++
.../ranger/plugin/store/TestServiceStore.java | 248 +++
.../ranger/plugin/util/TestPolicyRefresher.java | 183 ++
.../policyengine/test_policyengine_hbase.json | 159 ++
.../policyengine/test_policyengine_hdfs.json | 156 ++
.../policyengine/test_policyengine_hive.json | 261 +++
agents-impl/.gitignore | 1 +
hbase-agent/pom.xml | 5 -
hdfs-agent/pom.xml | 5 -
hive-agent/pom.xml | 5 -
jisql/.gitignore | 4 +
lookup-client/.gitignore | 1 +
.../ranger/plugin/audit/RangerAuditHandler.java | 31 -
.../plugin/audit/RangerDefaultAuditHandler.java | 231 ---
.../plugin/model/RangerBaseModelObject.java | 179 --
.../ranger/plugin/model/RangerPolicy.java | 686 --------
.../ranger/plugin/model/RangerService.java | 216 ---
.../ranger/plugin/model/RangerServiceDef.java | 1320 ---------------
.../policyengine/RangerAccessRequest.java | 48 -
.../policyengine/RangerAccessRequestImpl.java | 208 ---
.../plugin/policyengine/RangerAccessResult.java | 157 --
.../policyengine/RangerMutableResource.java | 27 -
.../plugin/policyengine/RangerPolicyEngine.java | 54 -
.../policyengine/RangerPolicyEngineImpl.java | 254 ---
.../plugin/policyengine/RangerResource.java | 33 -
.../plugin/policyengine/RangerResourceImpl.java | 107 --
.../RangerAbstractPolicyEvaluator.java | 79 -
.../RangerDefaultPolicyEvaluator.java | 446 -----
.../policyevaluator/RangerPolicyEvaluator.java | 35 -
.../RangerAbstractResourceMatcher.java | 226 ---
.../RangerDefaultResourceMatcher.java | 101 --
.../RangerPathResourceMatcher.java | 151 --
.../resourcematcher/RangerResourceMatcher.java | 35 -
.../ranger/plugin/service/RangerBasePlugin.java | 178 --
.../plugin/service/RangerBaseService.java | 55 -
.../plugin/service/ResourceLookupContext.java | 72 -
.../ranger/plugin/store/ServiceStore.java | 74 -
.../plugin/store/ServiceStoreFactory.java | 113 --
.../ranger/plugin/store/file/BaseFileStore.java | 390 -----
.../plugin/store/file/ServiceFileStore.java | 1589 ------------------
.../plugin/store/rest/ServiceRESTStore.java | 609 -------
.../ranger/plugin/util/PolicyRefresher.java | 154 --
.../ranger/plugin/util/RangerRESTClient.java | 376 -----
.../apache/ranger/plugin/util/SearchFilter.java | 116 --
.../ranger/plugin/util/ServicePolicies.java | 125 --
.../service-defs/ranger-servicedef-hbase.json | 50 -
.../service-defs/ranger-servicedef-hdfs.json | 60 -
.../service-defs/ranger-servicedef-hive.json | 43 -
.../service-defs/ranger-servicedef-knox.json | 34 -
.../service-defs/ranger-servicedef-storm.json | 46 -
.../plugin/policyengine/TestPolicyEngine.java | 145 --
.../ranger/plugin/store/TestServiceStore.java | 248 ---
.../ranger/plugin/util/TestPolicyRefresher.java | 183 --
.../policyengine/test_policyengine_hbase.json | 159 --
.../policyengine/test_policyengine_hdfs.json | 156 --
.../policyengine/test_policyengine_hive.json | 261 ---
pom.xml | 1 -
security-admin/.gitignore | 1 +
.../.settings/org.eclipse.wst.common.component | 5 +-
security-admin/pom.xml | 17 +-
storm-agent/.gitignore | 1 +
unixauthclient/.gitignore | 1 +
102 files changed, 9882 insertions(+), 9892 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/.settings/org.eclipse.core.resources.prefs
----------------------------------------------------------------------
diff --git a/agents-common/.settings/org.eclipse.core.resources.prefs b/agents-common/.settings/org.eclipse.core.resources.prefs
index e9441bb..29abf99 100644
--- a/agents-common/.settings/org.eclipse.core.resources.prefs
+++ b/agents-common/.settings/org.eclipse.core.resources.prefs
@@ -1,3 +1,6 @@
eclipse.preferences.version=1
encoding//src/main/java=UTF-8
+encoding//src/main/resources=UTF-8
+encoding//src/test/java=UTF-8
+encoding//src/test/resources=UTF-8
encoding/<project>=UTF-8
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/pom.xml
----------------------------------------------------------------------
diff --git a/agents-common/pom.xml b/agents-common/pom.xml
index a26f45d..e2e904a 100644
--- a/agents-common/pom.xml
+++ b/agents-common/pom.xml
@@ -52,6 +52,10 @@
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
<dependency>
<groupId>security_plugins.ranger-plugins-audit</groupId>
<artifactId>ranger-plugins-audit</artifactId>
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java
new file mode 100644
index 0000000..45a63c2
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.audit;
+
+import java.util.Collection;
+
+import org.apache.ranger.plugin.policyengine.RangerAccessResult;
+
+
+public interface RangerAuditHandler {
+ void logAudit(RangerAccessResult result);
+
+ void logAudit(Collection<RangerAccessResult> results);
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
new file mode 100644
index 0000000..feb6e98
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
@@ -0,0 +1,231 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.audit;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.audit.model.AuthzAuditEvent;
+import org.apache.ranger.audit.provider.AuditProviderFactory;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef;
+import org.apache.ranger.plugin.policyengine.RangerAccessRequest;
+import org.apache.ranger.plugin.policyengine.RangerAccessResult;
+import org.apache.ranger.plugin.policyengine.RangerResource;
+
+
+public class RangerDefaultAuditHandler implements RangerAuditHandler {
+ private static final Log LOG = LogFactory.getLog(RangerDefaultAuditHandler.class);
+
+ private static final String RESOURCE_SEP = "/";
+
+
+ public RangerDefaultAuditHandler() {
+ }
+
+ @Override
+ public void logAudit(RangerAccessResult result) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.logAudit(" + result + ")");
+ }
+
+ AuthzAuditEvent event = getAuthzEvents(result);
+
+ logAuthzAudit(event);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.logAudit(" + result + ")");
+ }
+ }
+
+ @Override
+ public void logAudit(Collection<RangerAccessResult> results) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.logAudit(" + results + ")");
+ }
+
+ Collection<AuthzAuditEvent> events = getAuthzEvents(results);
+
+ logAuthzAudits(events);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.logAudit(" + results + ")");
+ }
+ }
+
+
+ public AuthzAuditEvent getAuthzEvents(RangerAccessResult result) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.getAuthzEvents(" + result + ")");
+ }
+
+ AuthzAuditEvent ret = null;
+
+ RangerAccessRequest request = result != null ? result.getAccessRequest() : null;
+
+ if(request != null && result != null && result.getIsAudited()) {
+ RangerServiceDef serviceDef = result.getServiceDef();
+ String resourceType = getResourceName(request.getResource(), serviceDef);
+ String resourcePath = getResourceValueAsString(request.getResource(), serviceDef);
+
+ ret = createAuthzAuditEvent();
+
+ ret.setRepositoryName(result.getServiceName());
+ ret.setRepositoryType(result.getServiceType());
+ ret.setResourceType(resourceType);
+ ret.setResourcePath(resourcePath);
+ ret.setRequestData(request.getRequestData());
+ ret.setEventTime(request.getAccessTime());
+ ret.setUser(request.getUser());
+ ret.setAccessType(request.getAction());
+ ret.setAccessResult((short)(result.getIsAllowed() ? 1 : 0));
+ ret.setPolicyId(result.getPolicyId());
+ ret.setAclEnforcer("ranger-acl"); // TODO: review
+ ret.setAction(request.getAccessType());
+ ret.setClientIP(request.getClientIPAddress());
+ ret.setClientType(request.getClientType());
+ ret.setAgentHostname(null);
+ ret.setAgentId(null);
+ ret.setEventId(null);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.getAuthzEvents(" + result + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public Collection<AuthzAuditEvent> getAuthzEvents(Collection<RangerAccessResult> results) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.getAuthzEvents(" + results + ")");
+ }
+
+ List<AuthzAuditEvent> ret = null;
+
+ if(results != null) {
+ // TODO: optimize the number of audit logs created
+ for(RangerAccessResult result : results) {
+ AuthzAuditEvent event = getAuthzEvents(result);
+
+ if(event == null) {
+ continue;
+ }
+
+ if(ret == null) {
+ ret = new ArrayList<AuthzAuditEvent>();
+ }
+
+ ret.add(event);
+ }
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.getAuthzEvents(" + results + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public void logAuthzAudit(AuthzAuditEvent auditEvent) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")");
+ }
+
+ if(auditEvent != null) {
+ AuditProviderFactory.getAuditProvider().log(auditEvent);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")");
+ }
+ }
+
+ public void logAuthzAudits(Collection<AuthzAuditEvent> auditEvents) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")");
+ }
+
+ if(auditEvents != null) {
+ for(AuthzAuditEvent auditEvent : auditEvents) {
+ logAuthzAudit(auditEvent);
+ }
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")");
+ }
+ }
+
+ public AuthzAuditEvent createAuthzAuditEvent() {
+ return new AuthzAuditEvent();
+ }
+
+ public String getResourceName(RangerResource resource, RangerServiceDef serviceDef) {
+ String ret = null;
+
+ if(resource != null && serviceDef != null && serviceDef.getResources() != null) {
+ List<RangerResourceDef> resourceDefs = serviceDef.getResources();
+
+ for(int idx = resourceDefs.size() - 1; idx >= 0; idx--) {
+ RangerResourceDef resourceDef = resourceDefs.get(idx);
+
+ if(resourceDef == null || !resource.exists(resourceDef.getName())) {
+ continue;
+ }
+
+ ret = resourceDef.getName();
+
+ break;
+ }
+ }
+
+ return ret;
+ }
+
+ public String getResourceValueAsString(RangerResource resource, RangerServiceDef serviceDef) {
+ String ret = null;
+
+ if(resource != null && serviceDef != null && serviceDef.getResources() != null) {
+ StringBuilder sb = new StringBuilder();
+
+ for(RangerResourceDef resourceDef : serviceDef.getResources()) {
+ if(resourceDef == null || !resource.exists(resourceDef.getName())) {
+ continue;
+ }
+
+ if(sb.length() > 0) {
+ sb.append(RESOURCE_SEP);
+ }
+
+ sb.append(resource.getValue(resourceDef.getName()));
+ }
+
+ if(sb.length() > 0) {
+ ret = sb.toString();
+ }
+ }
+
+ return ret;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
new file mode 100644
index 0000000..b90d387
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
@@ -0,0 +1,179 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.Date;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private Long id = null;
+ private String guid = null;
+ private Boolean isEnabled = null;
+ private String createdBy = null;
+ private String updatedBy = null;
+ private Date createTime = null;
+ private Date updateTime = null;
+ private Long version = null;
+
+ /**
+ *
+ */
+ public RangerBaseModelObject() {
+ setIsEnabled(null);
+ }
+
+ public void updateFrom(RangerBaseModelObject other) {
+ setIsEnabled(other.getIsEnabled());
+ }
+
+ /**
+ * @return the id
+ */
+ public Long getId() {
+ return id;
+ }
+ /**
+ * @param id the id to set
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+ /**
+ * @return the guid
+ */
+ public String getGuid() {
+ return guid;
+ }
+ /**
+ * @param guid the guid to set
+ */
+ public void setGuid(String guid) {
+ this.guid = guid;
+ }
+ /**
+ * @return the isEnabled
+ */
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+ /**
+ * @param isEnabled the isEnabled to set
+ */
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled;
+ }
+ /**
+ * @return the createdBy
+ */
+ public String getCreatedBy() {
+ return createdBy;
+ }
+ /**
+ * @param createdBy the createdBy to set
+ */
+ public void setCreatedBy(String createdBy) {
+ this.createdBy = createdBy;
+ }
+ /**
+ * @return the updatedBy
+ */
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
+ /**
+ * @param updatedBy the updatedBy to set
+ */
+ public void setUpdatedBy(String updatedBy) {
+ this.updatedBy = updatedBy;
+ }
+ /**
+ * @return the createTime
+ */
+ public Date getCreateTime() {
+ return createTime;
+ }
+ /**
+ * @param createTime the createTime to set
+ */
+ public void setCreateTime(Date createTime) {
+ this.createTime = createTime;
+ }
+ /**
+ * @return the updateTime
+ */
+ public Date getUpdateTime() {
+ return updateTime;
+ }
+ /**
+ * @param updateTime the updateTime to set
+ */
+ public void setUpdateTime(Date updateTime) {
+ this.updateTime = updateTime;
+ }
+ /**
+ * @return the version
+ */
+ public Long getVersion() {
+ return version;
+ }
+ /**
+ * @param version the version to set
+ */
+ public void setVersion(Long version) {
+ this.version = version;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("id={").append(id).append("} ");
+ sb.append("guid={").append(guid).append("} ");
+ sb.append("isEnabled={").append(isEnabled).append("} ");
+ sb.append("createdBy={").append(createdBy).append("} ");
+ sb.append("updatedBy={").append(updatedBy).append("} ");
+ sb.append("createTime={").append(createTime).append("} ");
+ sb.append("updateTime={").append(updateTime).append("} ");
+ sb.append("version={").append(version).append("} ");
+
+ return sb;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
new file mode 100644
index 0000000..78ba6e2
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
@@ -0,0 +1,686 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerPolicy extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String service = null;
+ private String name = null;
+ private String description = null;
+ private Boolean isAuditEnabled = null;
+ private Map<String, RangerPolicyResource> resources = null;
+ private List<RangerPolicyItem> policyItems = null;
+
+
+ /**
+ * @param type
+ */
+ public RangerPolicy() {
+ this(null, null, null, null, null);
+ }
+
+ /**
+ * @param type
+ * @param name
+ * @param description
+ * @param resources
+ * @param policyItems
+ */
+ public RangerPolicy(String service, String name, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) {
+ super();
+
+ setService(service);
+ setName(name);
+ setDescription(description);
+ setIsAuditEnabled(null);
+ setResources(resources);
+ setPolicyItems(policyItems);
+ }
+
+ /**
+ * @param other
+ */
+ public void updateFrom(RangerPolicy other) {
+ super.updateFrom(other);
+
+ setService(other.getService());
+ setName(other.getName());
+ setDescription(other.getDescription());
+ setIsAuditEnabled(other.getIsAuditEnabled());
+ setResources(other.getResources());
+ setPolicyItems(other.getPolicyItems());
+ }
+
+ /**
+ * @return the type
+ */
+ public String getService() {
+ return service;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setService(String service) {
+ this.service = service;
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the isAuditEnabled
+ */
+ public Boolean getIsAuditEnabled() {
+ return isAuditEnabled;
+ }
+
+ /**
+ * @param isEnabled the isEnabled to set
+ */
+ public void setIsAuditEnabled(Boolean isAuditEnabled) {
+ this.isAuditEnabled = isAuditEnabled == null ? Boolean.TRUE : isAuditEnabled;
+ }
+
+ /**
+ * @return the resources
+ */
+ public Map<String, RangerPolicyResource> getResources() {
+ return resources;
+ }
+
+ /**
+ * @param configs the resources to set
+ */
+ public void setResources(Map<String, RangerPolicyResource> resources) {
+ if(this.resources == null) {
+ this.resources = new HashMap<String, RangerPolicyResource>();
+ }
+
+ if(this.resources == resources) {
+ return;
+ }
+
+ this.resources.clear();
+
+ if(resources != null) {
+ for(Map.Entry<String, RangerPolicyResource> e : resources.entrySet()) {
+ this.resources.put(e.getKey(), e.getValue());
+ }
+ }
+ }
+
+ /**
+ * @return the policyItems
+ */
+ public List<RangerPolicyItem> getPolicyItems() {
+ return policyItems;
+ }
+
+ /**
+ * @param policyItems the policyItems to set
+ */
+ public void setPolicyItems(List<RangerPolicyItem> policyItems) {
+ if(this.policyItems == null) {
+ this.policyItems = new ArrayList<RangerPolicyItem>();
+ }
+
+ if(this.policyItems == policyItems) {
+ return;
+ }
+
+ this.policyItems.clear();
+
+ if(policyItems != null) {
+ for(RangerPolicyItem policyItem : policyItems) {
+ this.policyItems.add(policyItem);
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicy={");
+
+ super.toString(sb);
+
+ sb.append("service={").append(service).append("} ");
+ sb.append("name={").append(name).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("isAuditEnabled={").append(isAuditEnabled).append("} ");
+
+ sb.append("resources={");
+ if(resources != null) {
+ for(Map.Entry<String, RangerPolicyResource> e : resources.entrySet()) {
+ sb.append(e.getKey()).append("={");
+ e.getValue().toString(sb);
+ sb.append("} ");
+ }
+ }
+ sb.append("} ");
+
+ sb.append("policyItems={");
+ if(policyItems != null) {
+ for(RangerPolicyItem policyItem : policyItems) {
+ if(policyItem != null) {
+ policyItem.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+
+
+ public static class RangerPolicyResource implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private List<String> values = null;
+ private Boolean isExcludes = null;
+ private Boolean isRecursive = null;
+
+
+ public RangerPolicyResource() {
+ this((List<String>)null, null, null);
+ }
+
+ public RangerPolicyResource(String value, Boolean isExcludes, Boolean isRecursive) {
+ setValue(value);
+ setIsExcludes(isExcludes);
+ setIsRecursive(isRecursive);
+ }
+
+ public RangerPolicyResource(List<String> values, Boolean isExcludes, Boolean isRecursive) {
+ setValues(values);
+ setIsExcludes(isExcludes);
+ setIsRecursive(isRecursive);
+ }
+
+ /**
+ * @return the values
+ */
+ public List<String> getValues() {
+ return values;
+ }
+
+ /**
+ * @param values the values to set
+ */
+ public void setValues(List<String> values) {
+ if(this.values == null) {
+ this.values = new ArrayList<String>();
+ }
+
+ if(this.values == values) {
+ return;
+ }
+
+ this.values.clear();
+
+ if(values != null) {
+ for(String value : values) {
+ this.values.add(value);
+ }
+ }
+ }
+
+ /**
+ * @param value the value to set
+ */
+ public void setValue(String value) {
+ if(this.values == null) {
+ this.values = new ArrayList<String>();
+ }
+
+ this.values.clear();
+
+ this.values.add(value);
+ }
+
+ /**
+ * @return the isExcludes
+ */
+ public Boolean getIsExcludes() {
+ return isExcludes;
+ }
+
+ /**
+ * @param isExcludes the isExcludes to set
+ */
+ public void setIsExcludes(Boolean isExcludes) {
+ this.isExcludes = isExcludes == null ? Boolean.FALSE : isExcludes;
+ }
+
+ /**
+ * @return the isRecursive
+ */
+ public Boolean getIsRecursive() {
+ return isRecursive;
+ }
+
+ /**
+ * @param isRecursive the isRecursive to set
+ */
+ public void setIsRecursive(Boolean isRecursive) {
+ this.isRecursive = isRecursive == null ? Boolean.FALSE : isRecursive;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyResource={");
+ sb.append("values={");
+ if(values != null) {
+ for(String value : values) {
+ sb.append(value).append(" ");
+ }
+ }
+ sb.append("} ");
+ sb.append("isExcludes={").append(isExcludes).append("} ");
+ sb.append("isRecursive={").append(isRecursive).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItem implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private List<RangerPolicyItemAccess> accesses = null;
+ private List<String> users = null;
+ private List<String> groups = null;
+ private List<RangerPolicyItemCondition> conditions = null;
+ private Boolean delegateAdmin = null;
+
+ public RangerPolicyItem() {
+ this(null, null, null, null, null);
+ }
+
+ public RangerPolicyItem(List<RangerPolicyItemAccess> accessTypes, List<String> users, List<String> groups, List<RangerPolicyItemCondition> conditions, Boolean delegateAdmin) {
+ setAccesses(accessTypes);
+ setUsers(users);
+ setGroups(groups);
+ setConditions(conditions);
+ setDelegateAdmin(delegateAdmin);
+ }
+
+ /**
+ * @return the accesses
+ */
+ public List<RangerPolicyItemAccess> getAccesses() {
+ return accesses;
+ }
+ /**
+ * @param accesses the accesses to set
+ */
+ public void setAccesses(List<RangerPolicyItemAccess> accesses) {
+ if(this.accesses == null) {
+ this.accesses = new ArrayList<RangerPolicyItemAccess>();
+ }
+
+ if(this.accesses == accesses) {
+ return;
+ }
+
+ if(accesses != null) {
+ for(RangerPolicyItemAccess access : accesses) {
+ this.accesses.add(access);
+ }
+ }
+ }
+ /**
+ * @return the users
+ */
+ public List<String> getUsers() {
+ return users;
+ }
+ /**
+ * @param users the users to set
+ */
+ public void setUsers(List<String> users) {
+ if(this.users == null) {
+ this.users = new ArrayList<String>();
+ }
+
+ if(this.users == users) {
+ return;
+ }
+
+ if(users != null) {
+ for(String user : users) {
+ this.users.add(user);
+ }
+ }
+ }
+ /**
+ * @return the groups
+ */
+ public List<String> getGroups() {
+ return groups;
+ }
+ /**
+ * @param groups the groups to set
+ */
+ public void setGroups(List<String> groups) {
+ if(this.groups == null) {
+ this.groups = new ArrayList<String>();
+ }
+
+ if(this.groups == groups) {
+ return;
+ }
+
+ if(groups != null) {
+ for(String group : groups) {
+ this.groups.add(group);
+ }
+ }
+ }
+ /**
+ * @return the conditions
+ */
+ public List<RangerPolicyItemCondition> getConditions() {
+ return conditions;
+ }
+ /**
+ * @param conditions the conditions to set
+ */
+ public void setConditions(List<RangerPolicyItemCondition> conditions) {
+ if(this.conditions == null) {
+ this.conditions = new ArrayList<RangerPolicyItemCondition>();
+ }
+
+ if(this.conditions == conditions) {
+ return;
+ }
+
+ if(conditions != null) {
+ for(RangerPolicyItemCondition condition : conditions) {
+ this.conditions.add(condition);
+ }
+ }
+ }
+
+ /**
+ * @return the delegateAdmin
+ */
+ public Boolean getDelegateAdmin() {
+ return delegateAdmin;
+ }
+
+ /**
+ * @param delegateAdmin the delegateAdmin to set
+ */
+ public void setDelegateAdmin(Boolean delegateAdmin) {
+ this.delegateAdmin = delegateAdmin == null ? Boolean.FALSE : delegateAdmin;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItem={");
+
+ sb.append("accessTypes={");
+ if(accesses != null) {
+ for(RangerPolicyItemAccess access : accesses) {
+ if(access != null) {
+ access.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("users={");
+ if(users != null) {
+ for(String user : users) {
+ if(user != null) {
+ sb.append(user).append(" ");
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("groups={");
+ if(groups != null) {
+ for(String group : groups) {
+ if(group != null) {
+ sb.append(group).append(" ");
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("conditions={");
+ if(conditions != null) {
+ for(RangerPolicyItemCondition condition : conditions) {
+ if(condition != null) {
+ condition.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("delegateAdmin={").append(delegateAdmin).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItemAccess implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private Boolean isAllowed = null;
+
+ public RangerPolicyItemAccess() {
+ this(null, null);
+ }
+
+ public RangerPolicyItemAccess(String type) {
+ this(type, null);
+ }
+
+ public RangerPolicyItemAccess(String type, Boolean isAllowed) {
+ setType(type);
+ setIsAllowed(isAllowed);
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the isAllowed
+ */
+ public Boolean getIsAllowed() {
+ return isAllowed;
+ }
+
+ /**
+ * @param isAllowed the isAllowed to set
+ */
+ public void setIsAllowed(Boolean isAllowed) {
+ this.isAllowed = isAllowed == null ? Boolean.TRUE : isAllowed;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItemAccess={");
+ sb.append("type={").append(type).append("} ");
+ sb.append("isAllowed={").append(isAllowed).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItemCondition implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private String value = null;
+
+ public RangerPolicyItemCondition() {
+ this(null, null);
+ }
+
+ public RangerPolicyItemCondition(String type, String value) {
+ setType(type);
+ setValue(value);
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the value
+ */
+ public String getValue() {
+ return value;
+ }
+
+ /**
+ * @param value the value to set
+ */
+ public void setValue(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItemCondition={");
+ sb.append("type={").append(type).append("} ");
+ sb.append("value={").append(value).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
new file mode 100644
index 0000000..f5e4d3e
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
@@ -0,0 +1,216 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerService extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private String name = null;
+ private String description = null;
+ private Map<String, String> configs = null;
+ private Long policyVersion = null;
+ private Date policyUpdateTime = null;
+
+
+ /**
+ * @param type
+ */
+ public RangerService() {
+ this(null, null, null, null);
+ }
+
+ /**
+ * @param type
+ * @param name
+ * @param description
+ * @param configs
+ */
+ public RangerService(String type, String name, String description, Map<String, String> configs) {
+ super();
+
+ setType(type);
+ setName(name);
+ setDescription(description);
+ setConfigs(configs);
+ }
+
+ /**
+ * @param other
+ */
+ public void updateFrom(RangerService other) {
+ super.updateFrom(other);
+
+ setType(other.getType());
+ setName(other.getName());
+ setDescription(other.getDescription());
+ setConfigs(other.getConfigs());
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the configs
+ */
+ public Map<String, String> getConfigs() {
+ return configs;
+ }
+
+ /**
+ * @param configs the configs to set
+ */
+ public void setConfigs(Map<String, String> configs) {
+ if(this.configs == null) {
+ this.configs = new HashMap<String, String>();
+ }
+
+ if(this.configs == configs) {
+ return;
+ }
+
+ this.configs.clear();
+
+ if(configs != null) {
+ for(Map.Entry<String, String> e : configs.entrySet()) {
+ this.configs.put(e.getKey(), e.getValue());
+ }
+ }
+ }
+
+ /**
+ * @return the policyVersion
+ */
+ public Long getPolicyVersion() {
+ return policyVersion;
+ }
+
+ /**
+ * @param policyVersion the policyVersion to set
+ */
+ public void setPolicyVersion(Long policyVersion) {
+ this.policyVersion = policyVersion;
+ }
+
+ /**
+ * @return the policyUpdateTime
+ */
+ public Date getPolicyUpdateTime() {
+ return policyUpdateTime;
+ }
+
+ /**
+ * @param policyUpdateTime the policyUpdateTime to set
+ */
+ public void setPolicyUpdateTime(Date policyUpdateTime) {
+ this.policyUpdateTime = policyUpdateTime;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerService={");
+
+ super.toString(sb);
+ sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
+ sb.append("description={").append(description).append("} ");
+
+ sb.append("configs={");
+ if(configs != null) {
+ for(Map.Entry<String, String> e : configs.entrySet()) {
+ sb.append(e.getKey()).append("={").append(e.getValue()).append("} ");
+ }
+ }
+ sb.append("} ");
+
+ sb.append("policyVersion={").append(policyVersion).append("} ");
+ sb.append("policyUpdateTime={").append(policyUpdateTime).append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
new file mode 100644
index 0000000..2841a23
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -0,0 +1,1320 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerServiceDef extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String implClass = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+ private List<RangerServiceConfigDef> configs = null;
+ private List<RangerResourceDef> resources = null;
+ private List<RangerAccessTypeDef> accessTypes = null;
+ private List<RangerPolicyConditionDef> policyConditions = null;
+ private List<RangerEnumDef> enums = null;
+
+
+ public RangerServiceDef() {
+ this(null, null, null, null, null, null, null, null, null);
+ }
+
+ /**
+ * @param name
+ * @param implClass
+ * @param label
+ * @param description
+ * @param configs
+ * @param resources
+ * @param accessTypes
+ * @param policyConditions
+ * @param enums
+ */
+ public RangerServiceDef(String name, String implClass, String label, String description, List<RangerServiceConfigDef> configs, List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes, List<RangerPolicyConditionDef> policyConditions, List<RangerEnumDef> enums) {
+ super();
+
+ setName(name);
+ setImplClass(implClass);
+ setLabel(label);
+ setDescription(description);
+ setConfigs(configs);
+ setResources(resources);
+ setAccessTypes(accessTypes);
+ setPolicyConditions(policyConditions);
+ setEnums(enums);
+ }
+
+ /**
+ * @param other
+ */
+ public void updateFrom(RangerServiceDef other) {
+ super.updateFrom(other);
+
+ setName(other.getName());
+ setImplClass(other.getImplClass());
+ setLabel(other.getLabel());
+ setDescription(other.getDescription());
+ setConfigs(other.getConfigs());
+ setResources(other.getResources());
+ setAccessTypes(other.getAccessTypes());
+ setPolicyConditions(other.getPolicyConditions());
+ setEnums(other.getEnums());
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the implClass
+ */
+ public String getImplClass() {
+ return implClass;
+ }
+
+ /**
+ * @param implClass the implClass to set
+ */
+ public void setImplClass(String implClass) {
+ this.implClass = implClass;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ /**
+ * @return the configs
+ */
+ public List<RangerServiceConfigDef> getConfigs() {
+ return configs;
+ }
+
+ /**
+ * @param configs the configs to set
+ */
+ public void setConfigs(List<RangerServiceConfigDef> configs) {
+ if(this.configs == null) {
+ this.configs = new ArrayList<RangerServiceConfigDef>();
+ } else
+
+ if(this.configs == configs) {
+ return;
+ }
+
+ this.configs.clear();
+
+ if(configs != null) {
+ for(RangerServiceConfigDef config : configs) {
+ this.configs.add(config);
+ }
+ }
+ }
+
+ /**
+ * @return the resources
+ */
+ public List<RangerResourceDef> getResources() {
+ return resources;
+ }
+
+ /**
+ * @param resources the resources to set
+ */
+ public void setResources(List<RangerResourceDef> resources) {
+ if(this.resources == null) {
+ this.resources = new ArrayList<RangerResourceDef>();
+ }
+
+ if(this.resources == resources) {
+ return;
+ }
+
+ this.resources.clear();
+
+ if(resources != null) {
+ for(RangerResourceDef resource : resources) {
+ this.resources.add(resource);
+ }
+ }
+ }
+
+ /**
+ * @return the accessTypes
+ */
+ public List<RangerAccessTypeDef> getAccessTypes() {
+ return accessTypes;
+ }
+
+ /**
+ * @param accessTypes the accessTypes to set
+ */
+ public void setAccessTypes(List<RangerAccessTypeDef> accessTypes) {
+ if(this.accessTypes == null) {
+ this.accessTypes = new ArrayList<RangerAccessTypeDef>();
+ }
+
+ if(this.accessTypes == accessTypes) {
+ return;
+ }
+
+ this.accessTypes.clear();
+
+ if(accessTypes != null) {
+ for(RangerAccessTypeDef accessType : accessTypes) {
+ this.accessTypes.add(accessType);
+ }
+ }
+ }
+
+ /**
+ * @return the policyConditions
+ */
+ public List<RangerPolicyConditionDef> getPolicyConditions() {
+ return policyConditions;
+ }
+
+ /**
+ * @param policyConditions the policyConditions to set
+ */
+ public void setPolicyConditions(List<RangerPolicyConditionDef> policyConditions) {
+ if(this.policyConditions == null) {
+ this.policyConditions = new ArrayList<RangerPolicyConditionDef>();
+ }
+
+ if(this.policyConditions == policyConditions) {
+ return;
+ }
+
+ this.policyConditions.clear();
+
+ if(policyConditions != null) {
+ for(RangerPolicyConditionDef policyCondition : policyConditions) {
+ this.policyConditions.add(policyCondition);
+ }
+ }
+ }
+
+ /**
+ * @return the enums
+ */
+ public List<RangerEnumDef> getEnums() {
+ return enums;
+ }
+
+ /**
+ * @param enums the enums to set
+ */
+ public void setEnums(List<RangerEnumDef> enums) {
+ if(this.enums == null) {
+ this.enums = new ArrayList<RangerEnumDef>();
+ }
+
+ if(this.enums == enums) {
+ return;
+ }
+
+ this.enums.clear();
+
+ if(enums != null) {
+ for(RangerEnumDef enum1 : enums) {
+ this.enums.add(enum1);
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerServiceDef={");
+
+ super.toString(sb);
+
+ sb.append("name={").append(name).append("} ");
+ sb.append("implClass={").append(implClass).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+
+ sb.append("configs={");
+ if(configs != null) {
+ for(RangerServiceConfigDef config : configs) {
+ if(config != null) {
+ config.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("resources={");
+ if(resources != null) {
+ for(RangerResourceDef resource : resources) {
+ if(resource != null) {
+ resource.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("accessTypes={");
+ if(accessTypes != null) {
+ for(RangerAccessTypeDef accessType : accessTypes) {
+ if(accessType != null) {
+ accessType.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("policyConditions={");
+ if(policyConditions != null) {
+ for(RangerPolicyConditionDef policyCondition : policyConditions) {
+ if(policyCondition != null) {
+ policyCondition.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("enums={");
+ if(enums != null) {
+ for(RangerEnumDef e : enums) {
+ if(e != null) {
+ e.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+
+
+ public static class RangerEnumDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private List<RangerEnumElementDef> elements = null;
+ private Integer defaultIndex = null;
+
+
+ public RangerEnumDef() {
+ this(null, null, null);
+ }
+
+ public RangerEnumDef(String name, List<RangerEnumElementDef> elements, Integer defaultIndex) {
+ setName(name);
+ setElements(elements);
+ setDefaultIndex(defaultIndex);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the elements
+ */
+ public List<RangerEnumElementDef> getElements() {
+ return elements;
+ }
+
+ /**
+ * @param elements the elements to set
+ */
+ public void setElements(List<RangerEnumElementDef> elements) {
+ if(this.elements == null) {
+ this.elements = new ArrayList<RangerEnumElementDef>();
+ }
+
+ if(this.elements == elements) {
+ return;
+ }
+
+ this.elements.clear();
+
+ if(elements != null) {
+ for(RangerEnumElementDef element : elements) {
+ this.elements.add(element);
+ }
+ }
+ }
+
+ /**
+ * @return the defaultIndex
+ */
+ public Integer getDefaultIndex() {
+ return defaultIndex;
+ }
+
+ /**
+ * @param defaultIndex the defaultIndex to set
+ */
+ public void setDefaultIndex(Integer defaultIndex) {
+ this.defaultIndex = (defaultIndex != null && this.elements.size() > defaultIndex) ? defaultIndex : 0;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerEnumDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("elements={");
+ if(elements != null) {
+ for(RangerEnumElementDef element : elements) {
+ if(element != null) {
+ element.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+ sb.append("defaultIndex={").append(defaultIndex).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerEnumElementDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String label = null;
+ private String rbKeyLabel = null;
+
+
+ public RangerEnumElementDef() {
+ this(null, null, null);
+ }
+
+ public RangerEnumElementDef(String name, String label, String rbKeyLabel) {
+ setName(name);
+ setLabel(label);
+ setRbKeyLabel(rbKeyLabel);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerEnumElementDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerServiceConfigDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String type = null;
+ private String subType = null;
+ private Boolean mandatory = null;
+ private String defaultValue = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerServiceConfigDef() {
+ this(null, null, null, null, null, null, null, null, null);
+ }
+
+ public RangerServiceConfigDef(String name, String type, String subType, Boolean mandatory, String defaultValue, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setType(type);
+ setSubType(subType);
+ setMandatory(mandatory);
+ setDefaultValue(defaultValue);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getSubType() {
+ return subType;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setSubType(String subType) {
+ this.subType = subType;
+ }
+
+ /**
+ * @return the mandatory
+ */
+ public Boolean getMandatory() {
+ return mandatory;
+ }
+
+ /**
+ * @param mandatory the mandatory to set
+ */
+ public void setMandatory(Boolean mandatory) {
+ this.mandatory = mandatory == null ? Boolean.FALSE : mandatory;
+ }
+
+ /**
+ * @return the defaultValue
+ */
+ public String getDefaultValue() {
+ return defaultValue;
+ }
+
+ /**
+ * @param defaultValue the defaultValue to set
+ */
+ public void setDefaultValue(String defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerServiceConfigDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
+ sb.append("subType={").append(subType).append("} ");
+ sb.append("mandatory={").append(mandatory).append("} ");
+ sb.append("defaultValue={").append(defaultValue).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerResourceDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String type = null;
+ private Integer level = null;
+ private String parent = null;
+ private Boolean mandatory = null;
+ private Boolean lookupSupported = null;
+ private Boolean recursiveSupported = null;
+ private Boolean excludesSupported = null;
+ private String matcher = null;
+ private String matcherOptions = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerResourceDef() {
+ this(null, null, null, null, null, null, null, null, null, null, null, null, null, null);
+ }
+
+ public RangerResourceDef(String name, String type, Integer level, String parent, Boolean mandatory, Boolean lookupSupported, Boolean recursiveSupported, Boolean excludesSupported, String matcher, String matcherOptions, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setType(type);
+ setLevel(level);
+ setParent(parent);
+ setMandatory(mandatory);
+ setLookupSupported(lookupSupported);
+ setRecursiveSupported(recursiveSupported);
+ setExcludesSupported(excludesSupported);
+ setMatcher(matcher);
+ setMatcher(matcherOptions);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the level
+ */
+ public Integer getLevel() {
+ return level;
+ }
+
+ /**
+ * @param level the level to set
+ */
+ public void setLevel(Integer level) {
+ this.level = level == null ? 1 : level;
+ }
+
+ /**
+ * @return the parent
+ */
+ public String getParent() {
+ return parent;
+ }
+
+ /**
+ * @param parent the parent to set
+ */
+ public void setParent(String parent) {
+ this.parent = parent;
+ }
+
+ /**
+ * @return the mandatory
+ */
+ public Boolean getMandatory() {
+ return mandatory;
+ }
+
+ /**
+ * @param mandatory the mandatory to set
+ */
+ public void setMandatory(Boolean mandatory) {
+ this.mandatory = mandatory == null ? Boolean.FALSE : mandatory;
+ }
+
+ /**
+ * @return the lookupSupported
+ */
+ public Boolean getLookupSupported() {
+ return lookupSupported;
+ }
+
+ /**
+ * @param lookupSupported the lookupSupported to set
+ */
+ public void setLookupSupported(Boolean lookupSupported) {
+ this.lookupSupported = lookupSupported == null ? Boolean.FALSE : lookupSupported;
+ }
+
+ /**
+ * @return the recursiveSupported
+ */
+ public Boolean getRecursiveSupported() {
+ return recursiveSupported;
+ }
+
+ /**
+ * @param recursiveSupported the recursiveSupported to set
+ */
+ public void setRecursiveSupported(Boolean recursiveSupported) {
+ this.recursiveSupported = recursiveSupported == null ? Boolean.FALSE : recursiveSupported;
+ }
+
+ /**
+ * @return the excludesSupported
+ */
+ public Boolean getExcludesSupported() {
+ return excludesSupported;
+ }
+
+ /**
+ * @param excludesSupported the excludesSupported to set
+ */
+ public void setExcludesSupported(Boolean excludesSupported) {
+ this.excludesSupported = excludesSupported == null ? Boolean.FALSE : excludesSupported;
+ }
+
+ /**
+ * @return the matcher
+ */
+ public String getMatcher() {
+ return matcher;
+ }
+
+ /**
+ * @param matcher the matcher to set
+ */
+ public void setMatcher(String matcher) {
+ this.matcher = matcher;
+ }
+
+ /**
+ * @return the matcher
+ */
+ public String getMatcherOptions() {
+ return matcherOptions;
+ }
+
+ /**
+ * @param matcher the matcher to set
+ */
+ public void setMatcherOptions(String matcherOptions) {
+ this.matcherOptions = matcherOptions;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerResourceDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
+ sb.append("level={").append(level).append("} ");
+ sb.append("parent={").append(parent).append("} ");
+ sb.append("mandatory={").append(mandatory).append("} ");
+ sb.append("lookupSupported={").append(lookupSupported).append("} ");
+ sb.append("recursiveSupported={").append(recursiveSupported).append("} ");
+ sb.append("excludesSupported={").append(excludesSupported).append("} ");
+ sb.append("matcher={").append(matcher).append("} ");
+ sb.append("matcherOptions={").append(matcherOptions).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerAccessTypeDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String label = null;
+ private String rbKeyLabel = null;
+ private Collection<String> impliedGrants = null;
+
+
+ public RangerAccessTypeDef() {
+ this(null, null, null, null);
+ }
+
+ public RangerAccessTypeDef(String name, String label, String rbKeyLabel, Collection<String> impliedGrants) {
+ setName(name);
+ setLabel(label);
+ setRbKeyLabel(rbKeyLabel);
+ setImpliedGrants(impliedGrants);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the impliedGrants
+ */
+ public Collection<String> getImpliedGrants() {
+ return impliedGrants;
+ }
+
+ /**
+ * @param impliedGrants the impliedGrants to set
+ */
+ public void setImpliedGrants(Collection<String> impliedGrants) {
+ if(this.impliedGrants == null) {
+ this.impliedGrants = new ArrayList<String>();
+ }
+
+ if(this.impliedGrants == impliedGrants) {
+ return;
+ }
+
+ this.impliedGrants.clear();
+
+ if(impliedGrants != null) {
+ for(String impliedGrant : impliedGrants) {
+ this.impliedGrants.add(impliedGrant);
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerAccessTypeDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+
+ sb.append("impliedGrants={");
+ if(impliedGrants != null) {
+ for(String impliedGrant : impliedGrants) {
+ if(impliedGrant != null) {
+ sb.append(impliedGrant).append(" ");
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerPolicyConditionDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String evaluator = null;
+ private String evaluatorOptions = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerPolicyConditionDef() {
+ this(null, null, null, null, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions) {
+ this(name, evaluator, evaluatorOptions, null, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label) {
+ this(name, evaluator, evaluatorOptions, label, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label, String description) {
+ this(name, evaluator, evaluatorOptions, label, description, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setEvaluator(evaluator);
+ setEvaluatorOptions(evaluatorOptions);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the evaluator
+ */
+ public String getEvaluator() {
+ return evaluator;
+ }
+
+ /**
+ * @param evaluator the evaluator to set
+ */
+ public void setEvaluator(String evaluator) {
+ this.evaluator = evaluator;
+ }
+
+ /**
+ * @return the evaluator
+ */
+ public String getEvaluatorOptions() {
+ return evaluatorOptions;
+ }
+
+ /**
+ * @param evaluator the evaluator to set
+ */
+ public void setEvaluatorOptions(String evaluatorOptions) {
+ this.evaluatorOptions = evaluatorOptions;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyConditionDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("evaluator={").append(evaluator).append("} ");
+ sb.append("evaluatorOptions={").append(evaluatorOptions).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
new file mode 100644
index 0000000..56a55ae
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.Date;
+import java.util.Map;
+import java.util.Set;
+
+public interface RangerAccessRequest {
+ RangerResource getResource();
+
+ String getAccessType();
+
+ String getUser();
+
+ Set<String> getUserGroups();
+
+ Date getAccessTime();
+
+ String getClientIPAddress();
+
+ String getClientType();
+
+ String getAction();
+
+ String getRequestData();
+
+ String getSessionId();
+
+ Map<String, Object> getContext();
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
new file mode 100644
index 0000000..fff8d4c
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
@@ -0,0 +1,208 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.commons.lang.StringUtils;
+
+
+public class RangerAccessRequestImpl implements RangerAccessRequest {
+ private RangerResource resource = null;
+ private String accessType = null;
+ private String user = null;
+ private Set<String> userGroups = null;
+ private Date accessTime = null;
+ private String clientIPAddress = null;
+ private String clientType = null;
+ private String action = null;
+ private String requestData = null;
+ private String sessionId = null;
+ private Map<String, Object> context = null;
+
+
+ public RangerAccessRequestImpl() {
+ this(null, null, null, null);
+ }
+
+ public RangerAccessRequestImpl(RangerResource resource, String accessType, String user, Set<String> userGroups) {
+ setResource(resource);
+ setAccessType(accessType);
+ setUser(user);
+ setUserGroups(userGroups);
+
+ // set remaining fields to default value
+ setAccessTime(null);
+ setClientIPAddress(null);
+ setClientType(null);
+ setAction(null);
+ setRequestData(null);
+ setSessionId(null);
+ setContext(null);
+ }
+
+ @Override
+ public RangerResource getResource() {
+ return resource;
+ }
+
+ @Override
+ public String getAccessType() {
+ return accessType;
+ }
+
+ @Override
+ public String getUser() {
+ return user;
+ }
+
+ @Override
+ public Set<String> getUserGroups() {
+ return userGroups;
+ }
+
+ @Override
+ public Date getAccessTime() {
+ return accessTime;
+ }
+
+ @Override
+ public String getClientIPAddress() {
+ return clientIPAddress;
+ }
+
+ @Override
+ public String getClientType() {
+ return clientType;
+ }
+
+ @Override
+ public String getAction() {
+ return action;
+ }
+
+ @Override
+ public String getRequestData() {
+ return requestData;
+ }
+
+ @Override
+ public String getSessionId() {
+ return sessionId;
+ }
+
+ @Override
+ public Map<String, Object> getContext() {
+ return context;
+ }
+
+
+ public void setResource(RangerResource resource) {
+ this.resource = resource;
+ }
+
+ public void setAccessType(String accessType) {
+ this.accessType = accessType;
+ }
+
+ public void setUser(String user) {
+ this.user = user;
+ }
+
+ public void setUserGroups(Set<String> userGroups) {
+ this.userGroups = (userGroups == null) ? new HashSet<String>() : userGroups;
+ }
+
+ public void setAccessTime(Date accessTime) {
+ this.accessTime = (accessTime == null) ? new Date() : accessTime;
+ }
+
+ public void setClientIPAddress(String clientIPAddress) {
+ this.clientIPAddress = clientIPAddress;
+ }
+
+ public void setClientType(String clientType) {
+ this.clientType = clientType;
+ }
+
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ public void setRequestData(String requestData) {
+ this.requestData = requestData;
+ }
+
+ public void setSessionId(String sessionId) {
+ this.sessionId = sessionId;
+ }
+
+ public void setContext(Map<String, Object> context) {
+ this.context = (context == null) ? new HashMap<String, Object>() : context;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerAccessRequestImpl={");
+
+ sb.append("resource={").append(resource).append("} ");
+ sb.append("accessType={").append(accessType).append("} ");
+ sb.append("user={").append(user).append("} ");
+
+ sb.append("userGroups={");
+ if(userGroups != null) {
+ for(String userGroup : userGroups) {
+ sb.append(userGroup).append(" ");
+ }
+ }
+
+ sb.append("accessTime={").append(accessTime).append("} ");
+ sb.append("clientIPAddress={").append(clientIPAddress).append("} ");
+ sb.append("clientType={").append(clientType).append("} ");
+ sb.append("action={").append(action).append("} ");
+ sb.append("requestData={").append(requestData).append("} ");
+ sb.append("sessionId={").append(sessionId).append("} ");
+
+
+ sb.append("context={");
+ if(context != null) {
+ for(Map.Entry<String, Object> e : context.entrySet()) {
+ sb.append(e.getKey()).append("={").append(e.getValue()).append("} ");
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java
new file mode 100644
index 0000000..2eaec16
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java
@@ -0,0 +1,157 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import org.apache.ranger.plugin.model.RangerServiceDef;
+
+
+public class RangerAccessResult {
+ private String serviceName = null;
+ private RangerServiceDef serviceDef = null;
+ private RangerAccessRequest request = null;
+
+ private boolean isAllowed = false;
+ private boolean isAudited = false;
+ private long policyId = -1;
+ private String reason = null;
+
+ public RangerAccessResult(String serviceName, RangerServiceDef serviceDef, RangerAccessRequest request) {
+ this(serviceName, serviceDef, request, false, false, -1, null);
+ }
+
+ public RangerAccessResult(String serviceName, RangerServiceDef serviceDef, RangerAccessRequest request, boolean isAllowed, boolean isAudited, long policyId, String reason) {
+ this.serviceName = serviceName;
+ this.serviceDef = serviceDef;
+ this.request = request;
+ this.isAllowed = isAllowed;
+ this.isAudited = isAudited;
+ this.policyId = policyId;
+ this.reason = reason;
+ }
+
+ /**
+ * @return the serviceName
+ */
+ public String getServiceName() {
+ return serviceName;
+ }
+
+ /**
+ * @return the serviceDef
+ */
+ public RangerServiceDef getServiceDef() {
+ return serviceDef;
+ }
+
+ /**
+ * @return the request
+ */
+ public RangerAccessRequest getAccessRequest() {
+ return request;
+ }
+
+ /**
+ * @return the isAllowed
+ */
+ public boolean getIsAllowed() {
+ return isAllowed;
+ }
+
+ /**
+ * @param isAllowed the isAllowed to set
+ */
+ public void setIsAllowed(boolean isAllowed) {
+ this.isAllowed = isAllowed;
+ }
+
+ /**
+ * @param reason the reason to set
+ */
+ public void setReason(String reason) {
+ this.reason = reason;
+ }
+
+ /**
+ * @return the isAudited
+ */
+ public boolean getIsAudited() {
+ return isAudited;
+ }
+
+ /**
+ * @param isAudited the isAudited to set
+ */
+ public void setIsAudited(boolean isAudited) {
+ this.isAudited = isAudited;
+ }
+
+ /**
+ * @return the reason
+ */
+ public String getReason() {
+ return reason;
+ }
+
+ /**
+ * @return the policyId
+ */
+ public long getPolicyId() {
+ return policyId;
+ }
+
+ /**
+ * @return the policyId
+ */
+ public void setPolicyId(long policyId) {
+ this.policyId = policyId;
+ }
+
+ public int getServiceType() {
+ int ret = -1;
+
+ if(serviceDef != null && serviceDef.getId() != null) {
+ ret = serviceDef.getId().intValue();
+ }
+
+ return ret;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerAccessResult={");
+
+ sb.append("isAllowed={").append(isAllowed).append("} ");
+ sb.append("isAudited={").append(isAudited).append("} ");
+ sb.append("policyId={").append(policyId).append("} ");
+ sb.append("reason={").append(reason).append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+}