You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by di...@apache.org on 2023/06/20 14:23:19 UTC
[ranger] branch master updated: RANGER-4081 - If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error
This is an automated email from the ASF dual-hosted git repository.
dineshkumar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 846213982 RANGER-4081 - If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error
846213982 is described below
commit 84621398238f61fbfafe9d38c8171db77ab334fc
Author: Dhaval.Rajpara <dh...@gmail.com>
AuthorDate: Tue Jun 13 15:11:19 2023 +0530
RANGER-4081 - If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error
Signed-off-by: Dineshkumar Yadav <di...@outlook.com>
---
.../java/org/apache/ranger/biz/ServiceDBStore.java | 4 +
.../org/apache/ranger/common/RangerSearchUtil.java | 7 ++
.../java/org/apache/ranger/rest/ServiceREST.java | 28 +++++--
.../src/main/webapp/react-webapp/src/App.jsx | 14 ++++
.../main/webapp/react-webapp/src/utils/XAEnums.js | 6 +-
.../main/webapp/react-webapp/src/utils/XAUtils.js | 8 ++
.../main/webapp/react-webapp/src/utils/fetchAPI.js | 17 +++-
.../webapp/react-webapp/src/views/ErrorPage.jsx | 13 ++-
.../main/webapp/react-webapp/src/views/Layout.jsx | 37 ++++++--
.../src/views/PermissionsModule/EditPermission.jsx | 10 +--
.../views/PolicyListing/AddUpdatePolicyForm.jsx | 95 ++++++++++++---------
.../views/PolicyListing/PolicyListingTabView.jsx | 13 +--
.../src/views/SecurityZone/SecurityZoneForm.jsx | 4 +-
.../src/views/SecurityZone/ZoneListing.jsx | 4 +-
.../views/ServiceManager/ServiceAuditFilter.jsx | 8 +-
.../src/views/ServiceManager/ServiceForm.jsx | 98 ++++++++++++----------
.../groups_details/GroupForm.jsx | 4 +-
.../UserGroupRoleListing/role_details/RoleForm.jsx | 2 +-
.../users_details/EditUserView.jsx | 2 +-
.../scripts/model_bases/RangerServiceDefBase.js | 2 +-
.../main/webapp/scripts/models/RangerServiceDef.js | 5 +-
.../webapp/scripts/modules/globalize/message/en.js | 3 +-
.../src/main/webapp/scripts/utils/XAUtils.js | 6 ++
.../main/webapp/scripts/views/common/ErrorView.js | 3 +
.../webapp/scripts/views/service/ServiceCreate.js | 3 +
25 files changed, 267 insertions(+), 129 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 7030542d9..1f9801ba2 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -1916,6 +1916,10 @@ public class ServiceDBStore extends AbstractServiceStore {
// TODO: As of now we are allowing SYS_ADMIN to read all the
// services including KMS
+ if (xService == null) {
+ throw restErrorUtil.createRESTException("Data Not Found for given Id",
+ MessageEnums.DATA_NOT_FOUND, id, null, "readResource : No Object found with given id.");
+ }
if (!bizUtil.hasAccess(xService, null)) {
throw restErrorUtil.createRESTException("Logged in user is not allowed to read service, id: " + id,
MessageEnums.OPER_NO_PERMISSION);
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index 8030fe7a4..e8aab9af5 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -182,6 +182,13 @@ public class RangerSearchUtil extends SearchUtil {
MessageEnums.INVALID_INPUT_DATA, null, SearchFilter.PAGE_SIZE);
ret.setMaxRows(validatePageSize(pageSize));
+ if (request.getParameter(SearchFilter.POLICY_TYPE) != null) {
+ int policyType = restErrorUtil.parseInt(request.getParameter(SearchFilter.POLICY_TYPE), 0,
+ "Invalid value for parameter policyType", MessageEnums.INVALID_INPUT_DATA, null,
+ SearchFilter.POLICY_TYPE);
+ ret.setParam(SearchFilter.POLICY_TYPE, Integer.toString(policyType));
+ }
+
ret.setGetCount(restErrorUtil.parseBoolean(request.getParameter("getCount"), true));
String sortBy = restErrorUtil.validateString(request.getParameter(SearchFilter.SORT_BY),
StringUtil.VALIDATION_ALPHA, "Invalid value for parameter sortBy", MessageEnums.INVALID_INPUT_DATA,
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 6348d0287..e91d3bc71 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -33,6 +33,7 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import java.util.TreeMap;
+import java.util.stream.IntStream;
import java.util.Objects;
import javax.annotation.Nonnull;
@@ -59,6 +60,7 @@ import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.math.NumberUtils;
import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.authorization.hadoop.config.RangerAdminConfig;
import org.apache.ranger.authorization.utils.StringUtil;
@@ -446,15 +448,18 @@ public class ServiceREST {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServiceDef(serviceDefId=" + id + ")");
}
XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(id);
- if(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(xServiceDef.getName())) {
- if (!bizUtil.hasModuleAccess(RangerConstants.MODULE_TAG_BASED_POLICIES)) {
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is not having permissions on the tag module.", true);
+ if (xServiceDef != null) {
+ if (EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(xServiceDef.getName())) {
+ if (!bizUtil.hasModuleAccess(RangerConstants.MODULE_TAG_BASED_POLICIES)) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN,
+ "User is not having permissions on the tag module.", true);
+ }
+ }
+ if (!bizUtil.hasAccess(xServiceDef, null)) {
+ throw restErrorUtil.createRESTException(
+ "User is not allowed to access service-def, id: " + xServiceDef.getId(),
+ MessageEnums.OPER_NO_PERMISSION);
}
- }
- if (!bizUtil.hasAccess(xServiceDef, null)) {
- throw restErrorUtil.createRESTException(
- "User is not allowed to access service-def, id: " + xServiceDef.getId(),
- MessageEnums.OPER_NO_PERMISSION);
}
ret = svcStore.getServiceDef(id);
@@ -2997,6 +3002,13 @@ public class ServiceREST {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServicePolicies(serviceId=" + serviceId + ")");
}
+ String policyTypeStr = filter.getParam(SearchFilter.POLICY_TYPE);
+ if (policyTypeStr != null && !IntStream.of(RangerPolicy.POLICY_TYPES).anyMatch(x -> x == Integer.parseInt(policyTypeStr))) {
+ throw restErrorUtil.createRESTException("policyTypes with id: " + policyTypeStr + " does not exist",
+ MessageEnums.DATA_NOT_FOUND, Long.parseLong(policyTypeStr), null,
+ "readResource : No Object found with given id.");
+ }
+
// get all policies from the store; pick the page to return after applying filter
int savedStartIndex = filter == null ? 0 : filter.getStartIndex();
int savedMaxRows = filter == null ? Integer.MAX_VALUE : filter.getMaxRows();
diff --git a/security-admin/src/main/webapp/react-webapp/src/App.jsx b/security-admin/src/main/webapp/react-webapp/src/App.jsx
index 28df2d026..bc3cf9a7a 100644
--- a/security-admin/src/main/webapp/react-webapp/src/App.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/App.jsx
@@ -30,6 +30,7 @@ import { getUserProfile, setUserProfile } from "Utils/appState";
import LayoutComp from "Views/Layout";
import { getServiceDef, setServiceDef } from "./utils/appState";
import { filter, sortBy } from "lodash";
+
const HomeComp = lazy(() => import("Views/Home"));
const ServiceFormComp = lazy(() => import("Views/ServiceManager/ServiceForm"));
const UserProfileComp = lazy(() => import("Views/UserProfile"));
@@ -325,6 +326,19 @@ export default class App extends Component {
path="/knoxSSOWarning"
element={<ErrorPage errorCode="checkSSOTrue" />}
/>
+ {/*DATA NOT FOUND PAGE*/}
+ <Route
+ path="/dataNotFound"
+ element={<ErrorPage errorCode="400" />}
+ />
+ <Route
+ path="/pageNotFound"
+ element={<ErrorPage errorCode="404" />}
+ />
+ <Route
+ path="/forbidden"
+ element={<ErrorPage errorCode="403" />}
+ />
<Route path="/locallogin" element={<Loader />} />
{/* NOT FOUND ROUTE */}
<Route path="*" />
diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js b/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js
index be1c2cbb8..29da52dc6 100644
--- a/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js
+++ b/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js
@@ -621,7 +621,11 @@ export const PathAssociateWithModule = {
Permission: ["/permissions/models", "/permissions/:permissionId/edit"],
Profile: ["/userprofile"],
KnoxSignOut: ["/knoxSSOWarning"],
- localLogin: ["/locallogin"]
+ DataNotFound: ["/dataNotFound"],
+ PageNotFound: ["/pageNotFound"],
+ localLogin: ["/locallogin"],
+ slashPath: ["/"],
+ Forbidden: ["/forbidden"]
};
/* Access */
diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js b/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js
index ec4258d24..19c600d1a 100644
--- a/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js
@@ -151,6 +151,10 @@ export const hasAccessToPath = (pathName) => {
let moduleNames = union(userModules, groupModules);
moduleNames.push("Profile");
moduleNames.push("KnoxSignOut");
+ moduleNames.push("DataNotFound");
+ moduleNames.push("PageNotFound");
+ moduleNames.push("Forbidden");
+
moduleNames.push("localLogin");
if (isSystemAdmin() || isAuditor()) {
moduleNames.push("Permission");
@@ -1391,3 +1395,7 @@ export const checkKnoxSSO = async (navigate) => {
console.error(`Error occurred while logout! ${error}`);
}
};
+
+export const navigateTo = {
+ navigate: null
+};
diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js b/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js
index 86f8fb79d..5d9a7d5c4 100644
--- a/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js
+++ b/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js
@@ -17,7 +17,6 @@
* under the License.
*/
import axios from "axios";
-import history from "./history";
import ErrorPage from "../views/ErrorPage";
import {
RANGER_REST_CSRF_ENABLED,
@@ -26,6 +25,7 @@ import {
CSRFToken
} from "./appConstants";
import { toast } from "react-toastify";
+import { navigateTo } from "./XAUtils";
let csrfEnabled = false;
let restCsrfCustomHeader = null;
@@ -88,6 +88,21 @@ async function fetchApi(axiosConfig = {}, otherConf = {}) {
window.location.replace("login.jsp?sessionTimeout=true");
}
}
+ if (
+ error?.response?.status === 400 &&
+ (error?.response?.data?.messageList?.[0]?.name == "DATA_NOT_FOUND" ||
+ error?.response?.data?.messageList?.[0]?.name == "INVALID_INPUT_DATA")
+ ) {
+ navigateTo.navigate("/dataNotFound", { replace: true });
+ }
+ if (error?.response?.status === 404) {
+ navigateTo.navigate("/pageNotFound", { replace: true });
+ return;
+ }
+ if (error?.response?.status === 403) {
+ navigateTo.navigate("/forbidden", { replace: true });
+ return;
+ }
throw error;
}
}
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx
index 6ed0ed9a8..9e99e5077 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx
@@ -21,7 +21,6 @@ import React, { useState, useEffect } from "react";
import { useNavigate } from "react-router-dom";
import errorIcon from "Images/error-404-icon.png";
import { Button } from "react-bootstrap";
-import { PathAssociateWithModule } from "../utils/XAEnums";
export const ErrorPage = (props) => {
const [errorCode, setErrorCode] = useState(null);
@@ -63,6 +62,10 @@ export const ErrorPage = (props) => {
setErrorCode("Page not found (404).");
setErrorInfo("Sorry, this page isn't here or has moved.");
}
+ if (props.errorCode == "400") {
+ setErrorCode("Data Not Found (400).");
+ setErrorInfo("Data not found for given page.");
+ }
});
return (
@@ -80,7 +83,13 @@ export const ErrorPage = (props) => {
</div>
</div>
<div className="mt-2">
- <Button size="sm" onClick={() => navigate(-1)} className="mr-1">
+ <Button
+ size="sm"
+ onClick={() =>
+ props.errorCode == "checkSSOTrue" ? navigate(-1) : navigate(-2)
+ }
+ className="mr-1"
+ >
<i className="fa-fw fa fa-long-arrow-left"></i> Go back
</Button>
{props.errorCode !== "checkSSOTrue" && (
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx
index f27f4de40..49edc2861 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx
@@ -19,19 +19,28 @@
import React, { useState, useEffect } from "react";
import { Button, Modal } from "react-bootstrap";
-import { useLocation, Outlet, Navigate, useNavigate } from "react-router-dom";
+import {
+ useLocation,
+ Outlet,
+ Navigate,
+ useNavigate,
+ matchRoutes
+} from "react-router-dom";
import ErrorPage from "./ErrorPage";
-import { hasAccessToPath, checkKnoxSSO } from "Utils/XAUtils";
+import { hasAccessToPath, checkKnoxSSO, navigateTo } from "Utils/XAUtils";
import { useIdleTimer } from "react-idle-timer";
import { getUserProfile } from "Utils/appState";
import SideBar from "./SideBar/SideBar";
import { Loader } from "../components/CommonComponents";
import { Suspense } from "react";
+import { PathAssociateWithModule } from "../utils/XAEnums";
+import { flatMap, includes, values } from "lodash";
const Layout = () => {
let location = useLocation();
const navigate = useNavigate();
const userProfile = getUserProfile();
+ navigateTo.navigate = useNavigate();
const [open, setOpen] = useState(false);
const [timer, setTimer] = useState(0);
@@ -120,17 +129,29 @@ const Layout = () => {
<SideBar />
</div>
{location.pathname === "/" &&
- window.location.pathname !== "/locallogin" && (
+ window.location.pathname !== "/locallogin" &&
+ window.location.pathname != "/dataNotFound" &&
+ window.location.pathname != "/pageNotFound" &&
+ window.location.pathname != "/forbidden" && (
<Navigate to="/policymanager/resource" replace={true} />
)}
<div id="content" className="content-body">
<div id="ranger-content">
- {hasAccessToPath(location.pathname) ? (
- <Suspense fallback={<Loader />}>
- <Outlet />
- </Suspense>
+ {matchRoutes(
+ flatMap(values(PathAssociateWithModule)).map((val) => ({
+ path: val
+ })),
+ location.pathname
+ ) ? (
+ hasAccessToPath(location.pathname) ? (
+ <Suspense fallback={<Loader />}>
+ <Outlet />
+ </Suspense>
+ ) : (
+ <ErrorPage errorCode="401" />
+ )
) : (
- <ErrorPage errorCode="401" />
+ <ErrorPage errorCode="404" />
)}
</div>
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx
index f2570e458..a3e55dfbd 100755
--- a/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx
@@ -190,20 +190,20 @@ const EditPermission = (props) => {
url: `xusers/permission/${permissionId}`,
params: {}
});
- data = permissionResp.data;
+ data = permissionResp?.data;
} catch (error) {
console.error(`Error occurred while fetching Permissions ! ${error}`);
}
- groups = reverse(data.groupPermList);
- users = reverse(data.userPermList);
+ groups = reverse(data?.groupPermList);
+ users = reverse(data?.userPermList);
dispatch({
type: "SET_DATA",
data,
- grpData: groups.map((obj) => ({
+ grpData: groups?.map((obj) => ({
label: obj.groupName,
value: obj.groupId
})),
- usrData: users.map((obj) => ({
+ usrData: users?.map((obj) => ({
label: obj.userName,
value: obj.userId
}))
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx
index ee3d21d15..a27cbaa28 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx
@@ -95,7 +95,7 @@ function reducer(state, action) {
loader: false,
serviceDetails: action.serviceDetails,
serviceCompDetails: action.serviceCompDetails,
- policyData: action.policyData,
+ policyData: action?.policyData,
formData: action.formData
};
default:
@@ -219,6 +219,21 @@ export default function AddUpdatePolicyForm(props) {
let serviceCompData = serviceDefs?.allServiceDefs?.find((servicedef) => {
return servicedef.name == serviceData.type;
});
+ if (serviceCompData) {
+ let serviceDefPolicyType = 0;
+ if (
+ serviceCompData?.dataMaskDef &&
+ Object.keys(serviceCompData.dataMaskDef).length != 0
+ )
+ serviceDefPolicyType++;
+ if (
+ serviceCompData?.rowFilterDef &&
+ Object.keys(serviceCompData.rowFilterDef).length != 0
+ )
+ serviceDefPolicyType++;
+ if (+policyType > serviceDefPolicyType)
+ navigate("/pageNotFound", { replace: true });
+ }
let policyData = null;
if (policyId) {
policyData = await fetchPolicyData();
@@ -287,63 +302,63 @@ export default function AddUpdatePolicyForm(props) {
data.policyItems =
policyId && policyData?.policyItems?.length > 0
? setPolicyItemVal(
- policyData.policyItems,
- serviceCompData.accessTypes,
+ policyData?.policyItems,
+ serviceCompData?.accessTypes,
null,
- serviceCompData.name
+ serviceCompData?.name
)
: [{}];
data.allowExceptions =
policyId && policyData?.allowExceptions?.length > 0
? setPolicyItemVal(
- policyData.allowExceptions,
- serviceCompData.accessTypes,
+ policyData?.allowExceptions,
+ serviceCompData?.accessTypes,
null,
- serviceCompData.name
+ serviceCompData?.name
)
: [{}];
data.denyPolicyItems =
policyId && policyData?.denyPolicyItems?.length > 0
? setPolicyItemVal(
- policyData.denyPolicyItems,
- serviceCompData.accessTypes,
+ policyData?.denyPolicyItems,
+ serviceCompData?.accessTypes,
null,
- serviceCompData.name
+ serviceCompData?.name
)
: [{}];
data.denyExceptions =
policyId && policyData?.denyExceptions?.length > 0
? setPolicyItemVal(
policyData.denyExceptions,
- serviceCompData.accessTypes,
+ serviceCompData?.accessTypes,
null,
- serviceCompData.name
+ serviceCompData?.name
)
: [{}];
data.dataMaskPolicyItems =
policyId && policyData?.dataMaskPolicyItems?.length > 0
? setPolicyItemVal(
policyData.dataMaskPolicyItems,
- serviceCompData.dataMaskDef.accessTypes,
- serviceCompData.dataMaskDef.maskTypes,
- serviceCompData.name
+ serviceCompData?.dataMaskDef?.accessTypes,
+ serviceCompData?.dataMaskDef?.maskTypes,
+ serviceCompData?.name
)
: [{}];
data.rowFilterPolicyItems =
policyId && policyData?.rowFilterPolicyItems?.length > 0
? setPolicyItemVal(
policyData.rowFilterPolicyItems,
- serviceCompData.rowFilterDef.accessTypes,
+ serviceCompData?.rowFilterDef?.accessTypes,
null,
- serviceCompData.name
+ serviceCompData?.name
)
: [{}];
if (policyId) {
- data.policyName = policyData.name;
- data.isEnabled = policyData.isEnabled;
- data.policyPriority = policyData.policyPriority == 0 ? false : true;
- data.description = policyData.description;
- data.isAuditEnabled = policyData.isAuditEnabled;
+ data.policyName = policyData?.name;
+ data.isEnabled = policyData?.isEnabled;
+ data.policyPriority = policyData?.policyPriority == 0 ? false : true;
+ data.description = policyData?.description;
+ data.isAuditEnabled = policyData?.isAuditEnabled;
data.policyLabel =
policyData &&
policyData?.policyLabels?.map((val) => {
@@ -352,32 +367,32 @@ export default function AddUpdatePolicyForm(props) {
let serviceCompResourcesDetails;
if (
RangerPolicyType.RANGER_MASKING_POLICY_TYPE.value ==
- policyData.policyType
+ policyData?.policyType
) {
- serviceCompResourcesDetails = serviceCompData.dataMaskDef.resources;
+ serviceCompResourcesDetails = serviceCompData?.dataMaskDef?.resources;
} else if (
RangerPolicyType.RANGER_ROW_FILTER_POLICY_TYPE.value ==
- policyData.policyType
+ policyData?.policyType
) {
- serviceCompResourcesDetails = serviceCompData.rowFilterDef.resources;
+ serviceCompResourcesDetails = serviceCompData?.rowFilterDef?.resources;
} else {
- serviceCompResourcesDetails = serviceCompData.resources;
+ serviceCompResourcesDetails = serviceCompData?.resources;
}
- if (policyData.resources) {
+ if (policyData?.resources) {
let lastResourceLevel = [];
- Object.entries(policyData.resources).map(([key, value]) => {
+ Object.entries(policyData?.resources).map(([key, value]) => {
let setResources = find(serviceCompResourcesDetails, ["name", key]);
- data[`resourceName-${setResources.level}`] = setResources;
- data[`value-${setResources.level}`] = value.values.map((m) => {
+ data[`resourceName-${setResources?.level}`] = setResources;
+ data[`value-${setResources?.level}`] = value.values.map((m) => {
return { label: m, value: m };
});
- if (setResources.excludesSupported) {
- data[`isExcludesSupport-${setResources.level}`] =
+ if (setResources?.excludesSupported) {
+ data[`isExcludesSupport-${setResources?.level}`] =
value.isExcludes == false;
}
- if (setResources.recursiveSupported) {
- data[`isRecursiveSupport-${setResources.level}`] =
- value.isRecursive;
+ if (setResources?.recursiveSupported) {
+ data[`isRecursiveSupport-${setResources?.level}`] =
+ value?.isRecursive;
}
lastResourceLevel.push({
level: setResources.level,
@@ -389,16 +404,16 @@ export default function AddUpdatePolicyForm(props) {
"parent",
lastResourceLevel.name
]);
- if (setLastResources) {
+ if (setLastResources && setLastResources?.isValidLeaf) {
data[`resourceName-${setLastResources.level}`] = {
label: "None",
value: "none"
};
}
}
- if (policyData.validitySchedules) {
+ if (policyData?.validitySchedules) {
data["validitySchedules"] = [];
- policyData.validitySchedules.filter((val) => {
+ policyData?.validitySchedules.filter((val) => {
let obj = {};
if (val.endTime) {
obj["endTime"] = moment(val.endTime, "YYYY/MM/DD HH:mm:ss");
@@ -1084,7 +1099,7 @@ export default function AddUpdatePolicyForm(props) {
getEnumElementByValue(
RangerPolicyType,
+input.value
- ).label
+ )?.label
}
</Badge>
</h6>
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx
index 606b56832..633290f75 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx
@@ -99,10 +99,10 @@ export const PolicyListingTabView = () => {
url: `plugins/services/${params.serviceId}`
});
getAllServicesData = await fetchApi({
- url: `plugins/services?serviceType=${getServiceData.data.type}`
+ url: `plugins/services?serviceType=${getServiceData?.data?.type}`
});
getServiceDefData = serviceDefs?.allServiceDefs?.find((serviceDef) => {
- return serviceDef.name == getServiceData.data.type;
+ return serviceDef.name == getServiceData?.data?.type;
});
isTagView =
@@ -123,8 +123,8 @@ export const PolicyListingTabView = () => {
dispatch({
type: "SERVICES_DATA",
- allServicesData: getAllServicesData.data.services,
- serviceData: getServiceData.data,
+ allServicesData: getAllServicesData?.data?.services,
+ serviceData: getServiceData?.data,
serviceDefData: getServiceDefData
});
@@ -315,8 +315,9 @@ export const PolicyListingTabView = () => {
/>
{loader ? (
<Loader />
- ) : isRenderMasking(serviceDefData.dataMaskDef) ||
- isRenderRowFilter(serviceDefData.rowFilterDef) ? (
+ ) : (isRenderMasking(serviceDefData.dataMaskDef) ||
+ isRenderRowFilter(serviceDefData.rowFilterDef)) &&
+ params.policyType < 3 ? (
<Tabs
id="PolicyListing"
activeKey={params.policyType}
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
index 1324a856c..ea76fa823 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx
@@ -207,7 +207,7 @@ const SecurityZoneForm = (props) => {
);
toast.error(error.response.data.msgDesc);
}
- setZone(zoneResp.data);
+ setZone(zoneResp?.data);
}
setLoader(false);
@@ -467,7 +467,7 @@ const SecurityZoneForm = (props) => {
sortBy(filterServiceDef.resources, "itemId"),
["parent", lastResourceLevel.name]
);
- if (setLastResources) {
+ if (setLastResources && setLastResources?.isValidLeaf) {
serviceResource[`resourceName-${setLastResources.level}`] = {
label: "None",
value: "none"
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx
index fe66cfe01..ea6ba813a 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx
@@ -80,7 +80,9 @@ class ZoneListing extends Component {
zoneList = sortBy(zoneList, ["name"]);
if (zoneId !== undefined) {
- selectedZone = zoneList.find((obj) => obj.id === +zoneId) || null;
+ selectedZone =
+ zoneList.find((obj) => obj.id === +zoneId) ||
+ this.props.navigate("/dataNotFound");
} else {
if (zoneList.length > 0) {
selectedZone = zoneList[0];
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx
index 8f1271a36..f75ddd4c3 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx
@@ -91,7 +91,7 @@ export default function ServiceAuditFilter(props) {
const getResourceData = (resourceData) => {
let dataStructure = [];
- let levels = uniq(map(serviceDefDetails.resources, "level"));
+ let levels = uniq(map(serviceDefDetails?.resources, "level"));
dataStructure = levels.map((level, index) => {
if (
@@ -151,8 +151,8 @@ export default function ServiceAuditFilter(props) {
const getAccessTypeOptions = () => {
let srcOp = [];
- srcOp = serviceDefDetails.accessTypes;
- return srcOp.map(({ label, name: value }) => ({
+ srcOp = serviceDefDetails?.accessTypes;
+ return srcOp?.map(({ label, name: value }) => ({
label,
value
}));
@@ -358,7 +358,7 @@ export default function ServiceAuditFilter(props) {
);
}
if (colName == "Permissions") {
- if (serviceDefDetails.name == "tag") {
+ if (serviceDefDetails?.name == "tag") {
return (
<td
key={`${name}.accessTypes`}
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx
index 8d03c3ffd..3652e6c16 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx
@@ -31,6 +31,7 @@ import ServiceAuditFilter from "./ServiceAuditFilter";
import TestConnection from "./TestConnection";
import {
commonBreadcrumb,
+ navigateTo,
serverError,
updateTagActive
} from "../../utils/XAUtils";
@@ -97,6 +98,15 @@ class ServiceForm extends Component {
};
componentDidMount() {
+ let servicedefs;
+
+ servicedefs = this.serviceDefData.allServiceDefs.find((id) => {
+ return id.id == this.props.params.serviceDefId;
+ });
+
+ if (servicedefs == undefined) {
+ return navigateTo.navigate("/pageNotFound", { replace: true });
+ }
this.fetchServiceDef();
}
@@ -162,31 +172,31 @@ class ServiceForm extends Component {
serviceJson["id"] = this.props.params.serviceId;
}
- serviceJson["name"] = values.name;
- serviceJson["displayName"] = values.displayName;
- serviceJson["description"] = values.description;
- serviceJson["type"] = this.state.serviceDef.name;
+ serviceJson["name"] = values?.name;
+ serviceJson["displayName"] = values?.displayName;
+ serviceJson["description"] = values?.description;
+ serviceJson["type"] = this.state?.serviceDef?.name;
serviceJson["tagService"] =
- values.tagService == null ? "" : values.tagService.value;
- serviceJson["isEnabled"] = values.isEnabled === "true";
+ values?.tagService == null ? "" : values.tagService.value;
+ serviceJson["isEnabled"] = values?.isEnabled === "true";
serviceJson["configs"] = {};
- for (const config in values.configs) {
+ for (const config in values?.configs) {
for (const jsonConfig in this.configsJson) {
if (config === this.configsJson[jsonConfig]) {
- serviceJson["configs"][jsonConfig] = values.configs[config];
+ serviceJson["configs"][jsonConfig] = values?.configs[config];
}
}
}
- if (values.customConfigs !== undefined) {
- values.customConfigs.map((config) => {
+ if (values?.customConfigs !== undefined) {
+ values.customConfigs?.map((config) => {
config !== undefined &&
(serviceJson["configs"][config.name] = config.value);
});
}
- if (values.isAuditFilter) {
+ if (values?.isAuditFilter) {
serviceJson["configs"]["ranger.plugin.audit.filters"] =
this.getAuditFiltersToSave(values.auditFilters);
} else {
@@ -316,7 +326,7 @@ class ServiceForm extends Component {
: false;
updateTagActive(isTagView);
- if (serviceDef.resources !== undefined) {
+ if (serviceDef?.resources !== undefined) {
for (const obj of serviceDef.resources) {
if (
this.props.params.serviceId === undefined &&
@@ -328,7 +338,7 @@ class ServiceForm extends Component {
}
}
- let auditFilters = find(serviceDef.configs, {
+ let auditFilters = find(serviceDef?.configs, {
name: "ranger.plugin.audit.filters"
});
@@ -375,24 +385,24 @@ class ServiceForm extends Component {
}
const serviceJson = {};
- serviceJson["name"] = serviceResp.data.name;
- serviceJson["displayName"] = serviceResp.data.displayName;
- serviceJson["description"] = serviceResp.data.description;
- serviceJson["isEnabled"] = JSON.stringify(serviceResp.data.isEnabled);
+ serviceJson["name"] = serviceResp?.data?.name;
+ serviceJson["displayName"] = serviceResp?.data?.displayName;
+ serviceJson["description"] = serviceResp?.data?.description;
+ serviceJson["isEnabled"] = JSON.stringify(serviceResp?.data?.isEnabled);
serviceJson["tagService"] =
- serviceResp.data.tagService !== undefined
+ serviceResp?.data?.tagService !== undefined
? {
- value: serviceResp.data.tagService,
- label: serviceResp.data.tagService
+ value: serviceResp?.data?.tagService,
+ label: serviceResp?.data?.tagService
}
: null;
serviceJson["configs"] = {};
- let serviceDefConfigs = map(this.state.serviceDef.configs, "name");
+ let serviceDefConfigs = map(this.state?.serviceDef?.configs, "name");
let serviceCustomConfigs = without(
- difference(keys(serviceResp.data.configs), serviceDefConfigs),
+ difference(keys(serviceResp?.data?.configs), serviceDefConfigs),
"ranger.plugin.audit.filters"
);
@@ -402,7 +412,7 @@ class ServiceForm extends Component {
});
let editCustomConfigs = serviceCustomConfigs.map((config) => {
- return { name: config, value: serviceResp.data.configs[config] };
+ return { name: config, value: serviceResp?.data?.configs[config] };
});
serviceJson["customConfigs"] =
@@ -429,7 +439,7 @@ class ServiceForm extends Component {
}
this.setState({
- service: serviceResp.data,
+ service: serviceResp?.data,
editInitialValues: serviceJson,
loader: false
});
@@ -443,9 +453,9 @@ class ServiceForm extends Component {
url: `plugins/services?serviceType=tag`,
params: params
});
- op = tagServiceResp.data.services;
+ op = tagServiceResp?.data?.services;
- return op.map((obj) => ({
+ return op?.map((obj) => ({
label: obj.displayName,
value: obj.displayName
}));
@@ -515,32 +525,32 @@ class ServiceForm extends Component {
obj.resources = {};
let lastResourceLevel = [];
- Object.entries(item.resources).map(([key, value]) => {
- let setResources = find(serviceDef.resources, ["name", key]);
- obj.resources[`resourceName-${setResources.level}`] = setResources;
- obj.resources[`value-${setResources.level}`] = value.values.map(
+ Object.entries(item.resources)?.map(([key, value]) => {
+ let setResources = find(serviceDef?.resources, ["name", key]);
+ obj.resources[`resourceName-${setResources?.level}`] = setResources;
+ obj.resources[`value-${setResources?.level}`] = value.values?.map(
(m) => {
return { label: m, value: m };
}
);
- if (setResources.excludesSupported) {
+ if (setResources?.excludesSupported) {
obj.resources[`isExcludesSupport-${setResources.level}`] =
value?.isExcludes != false;
}
- if (setResources.recursiveSupported) {
+ if (setResources?.recursiveSupported) {
obj.resources[`isRecursiveSupport-${setResources.level}`] =
value.isRecursive != false;
}
lastResourceLevel.push({
- level: setResources.level,
- name: setResources.name
+ level: setResources?.level,
+ name: setResources?.name
});
});
lastResourceLevel = maxBy(lastResourceLevel, "level");
- let setLastResources = find(serviceDef.resources, [
+ let setLastResources = find(serviceDef?.resources, [
"parent",
- lastResourceLevel.name
+ lastResourceLevel?.name
]);
if (setLastResources) {
@@ -616,7 +626,7 @@ class ServiceForm extends Component {
};
getServiceConfigs = (serviceDef) => {
- if (serviceDef.configs !== undefined) {
+ if (serviceDef?.configs !== undefined) {
let formField = [];
const filterServiceConfigs = reject(serviceDef.configs, {
name: "ranger.plugin.audit.filters"
@@ -921,9 +931,9 @@ class ServiceForm extends Component {
url: "xusers/lookup/users",
params: params
});
- op = userResp.data.vXStrings;
+ op = userResp?.data?.vXStrings;
- return op.map((obj) => ({
+ return op?.map((obj) => ({
label: obj.value,
value: obj.value
}));
@@ -936,12 +946,12 @@ class ServiceForm extends Component {
url: "xusers/lookup/groups",
params: params
});
- op = userResp.data.vXStrings;
+ op = userResp?.data?.vXStrings;
if (!inputValue) {
this.state.groupsDataRef = op;
}
- return op.map((obj) => ({
+ return op?.map((obj) => ({
label: obj.value,
value: obj.value
}));
@@ -966,9 +976,9 @@ class ServiceForm extends Component {
};
ServiceDefnBreadcrumb = () => {
let serviceDetails = {};
- serviceDetails["serviceDefId"] = this.state.serviceDef.id;
+ serviceDetails["serviceDefId"] = this.state.serviceDef?.id;
serviceDetails["serviceId"] = this.props.params.serviceId;
- if (this.state.serviceDef.name === "tag") {
+ if (this.state.serviceDef?.name === "tag") {
return commonBreadcrumb(
[
"TagBasedServiceManager",
@@ -1194,7 +1204,7 @@ class ServiceForm extends Component {
</span>
</Col>
</Row>
- {this.state.serviceDef.name !== "tag" && (
+ {this.state?.serviceDef?.name !== "tag" && (
<Row className="form-group">
<Col xs={3}>
<label className="form-label pull-right">
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx
index e1fd5c0d8..3414246f0 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx
@@ -109,8 +109,8 @@ function GroupForm(props) {
}
dispatch({
type: "SET_GROUP_DATA",
- groupInfo: groupRespData.data,
- groupType: groupRespData.data.groupType,
+ groupInfo: groupRespData?.data,
+ groupType: groupRespData?.data?.groupType,
loader: false
});
};
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx
index 8052593de..6143a75be 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx
@@ -165,7 +165,7 @@ function RoleForm() {
}
dispatch({
type: "SET_ROLE_DATA",
- roleInfo: roleRespData.data,
+ roleInfo: roleRespData?.data,
loader: false
});
};
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
index 313c4c4a6..e47fccc6f 100644
--- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx
@@ -84,7 +84,7 @@ function AddUserView(props) {
}
dispatch({
type: "SET_USER_DATA",
- userInfo: userRespData.data,
+ userInfo: userRespData?.data,
loader: false
});
};
diff --git a/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js b/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js
index 7fb6e12bf..4ebd68028 100644
--- a/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js
+++ b/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js
@@ -90,7 +90,7 @@ define(function(require){
*/
initialize: function() {
this.modelName = 'RangerServiceDefBase';
- //this.bind("error", XAUtils.defaultErrorHandler);
+ // this.bind("error", XAUtils.defaultErrorHandler);
this.bindErrorEvents();
}
diff --git a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
index 210376f1a..52c384257 100644
--- a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
+++ b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js
@@ -37,7 +37,10 @@ define(function(require){
*/
initialize: function() {
this.modelName = 'RangerServiceDef';
- this.bindErrorEvents();
+ this.bind("error", function(e, error){
+ var XAUtils = require('utils/XAUtils');
+ XAUtils.defaultErrorHandler(undefined, error, e);
+ });
},
/**
* @function schema
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index 0a332fc23..f4a91939e 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -501,7 +501,8 @@ define(function(require) {
You can still open this instance of Ranger from the same web browser without re-authentication. \
To prevent additional access to Ranger, <b>close all browser windows and exit the browser</b>.',
pageNotFound : 'Sorry, this page isn\'t here or has moved.',
- resourcesLookup : 'Resouce lookup fail for current resource'
+ resourcesLookup : 'Resouce lookup fail for current resource',
+ dataNotFound : 'Data not found for given page.'
},
diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
index 200fdeab5..3c5907099 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
@@ -628,6 +628,12 @@ define(function(require) {
} else {
window.location = 'login.jsp?sessionTimeout=true';
}
+ }else if(error.status == 400 && error.responseJSON && error.responseJSON.messageList && error.responseJSON.messageList[0].name) {
+ if(error.responseJSON.messageList[0].name == "DATA_NOT_FOUND" || error.responseJSON.messageList[0].name == "INVALID_INPUT_DATA"){
+ App.rContent.show(new vError({
+ status : error.status
+ }));
+ }
}
};
XAUtils.select2Focus = function(event) {
diff --git a/security-admin/src/main/webapp/scripts/views/common/ErrorView.js b/security-admin/src/main/webapp/scripts/views/common/ErrorView.js
index 63dceb77e..392a65775 100644
--- a/security-admin/src/main/webapp/scripts/views/common/ErrorView.js
+++ b/security-admin/src/main/webapp/scripts/views/common/ErrorView.js
@@ -85,6 +85,9 @@ define(function(require){
} else if(this.status == "checkSSOTrue"){
msg = 'Sign Out Is Not Complete!'
moreInfo = localization.tt("msg.signOutIsNotComplete");
+ } else if(this.status == 400){
+ msg = 'Data Not Found (400).'
+ moreInfo = localization.tt("msg.dataNotFound");
} else {
msg = 'Page not found (404).'
moreInfo = localization.tt("msg.pageNotFound");
diff --git a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
index 10ac8b65f..b980b0a70 100644
--- a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
+++ b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js
@@ -101,6 +101,9 @@ define(function(require){
this.rangerServiceDefModel.fetch({
cache : false,
async : false
+ }).fail(function(e){
+ e.stopPropagation()
+ return
});
},
setupModel : function(){