You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2015/04/27 22:08:45 UTC
incubator-ranger git commit: RANGER-429 : Add new role (KEY_ADMIN)
for KMS permissions in Ranger Admin
Repository: incubator-ranger
Updated Branches:
refs/heads/master 7dea10875 -> cafe86970
RANGER-429 : Add new role (KEY_ADMIN) for KMS permissions in Ranger Admin
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/cafe8697
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/cafe8697
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/cafe8697
Branch: refs/heads/master
Commit: cafe869708244c3334259f5c297e32e8a772204d
Parents: 7dea108
Author: Gautam Borad <gb...@gmail.com>
Authored: Mon Apr 27 22:18:35 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Mon Apr 27 16:07:39 2015 -0400
----------------------------------------------------------------------
.../db/mysql/patches/014-createkeyadmin.sql | 47 +++++++++++++
.../db/oracle/patches/014-createkeyadmin.sql | 73 ++++++++++++++++++++
.../db/postgres/xa_core_db_postgres.sql | 4 ++
.../db/sqlserver/xa_core_db_sqlserver.sql | 6 ++
.../java/org/apache/ranger/biz/UserMgr.java | 1 +
.../java/org/apache/ranger/biz/XUserMgr.java | 36 +++++++++-
.../apache/ranger/common/RangerConstants.java | 2 +-
.../java/org/apache/ranger/rest/XUserREST.java | 9 ++-
.../org/apache/ranger/service/XUserService.java | 4 ++
.../src/main/resources/xa_default.properties | 2 +-
.../scripts/collection_bases/VXUserListBase.js | 12 ++++
.../src/main/webapp/scripts/mgrs/SessionMgr.js | 4 +-
.../src/main/webapp/scripts/models/VXUser.js | 13 ++++
.../scripts/modules/globalize/message/en.js | 3 +-
.../src/main/webapp/scripts/utils/XAEnums.js | 3 +-
.../views/reports/OperationDiffDetail.js | 4 ++
.../scripts/views/user/UserProfileForm.js | 4 ++
.../main/webapp/scripts/views/users/UserForm.js | 4 ++
.../scripts/views/users/UserTableLayout.js | 63 ++++++++++++++++-
.../templates/users/UserTableLayout_tmpl.html | 12 +++-
20 files changed, 294 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/db/mysql/patches/014-createkeyadmin.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/mysql/patches/014-createkeyadmin.sql b/security-admin/db/mysql/patches/014-createkeyadmin.sql
new file mode 100644
index 0000000..99a3036
--- /dev/null
+++ b/security-admin/db/mysql/patches/014-createkeyadmin.sql
@@ -0,0 +1,47 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+drop procedure if exists create_key_admin;
+
+delimiter ;;
+create procedure create_key_admin() begin
+DECLARE loginID varchar(1024);
+ /* check tables exist or not */
+ if exists (select * from information_schema.columns where table_schema=database() and table_name = 'x_portal_user') then
+ if exists (select * from information_schema.columns where table_schema=database() and table_name = 'x_portal_user_role') then
+ if exists (select * from information_schema.columns where table_schema=database() and table_name = 'x_user') then
+ /* check record for login id keyadmin exist or not */
+ if not exists (select * from x_user where user_name = 'admin') then
+ INSERT INTO x_user(create_time,update_time,added_by_id,upd_by_id,user_name,descr,status) values (UTC_TIMESTAMP(), UTC_TIMESTAMP(),NULL,NULL,'admin','Administrator',0);
+ end if;
+ if not exists (select * from x_portal_user where login_id = 'keyadmin') then
+ INSERT INTO x_portal_user(create_time,update_time,added_by_id,upd_by_id,first_name,last_name,pub_scr_name,login_id,password,email,status,user_src,notes) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,'keyadmin','','keyadmin','keyadmin','a05f34d2dce2b4688fa82e82a89ba958','keyadmin',1,0,NULL);
+ end if;
+ set loginID = (select id from x_portal_user where login_id = 'keyadmin');
+ if not exists (select * from x_portal_user_role where user_id =loginID ) then
+ INSERT INTO x_portal_user_role(create_time,update_time,added_by_id,upd_by_id,user_id,user_role,status) VALUES (UTC_TIMESTAMP(),UTC_TIMESTAMP(),NULL,NULL,loginID,'ROLE_KEY_ADMIN',1);
+ end if;
+ if not exists (select * from x_user where user_name = 'keyadmin') then
+ INSERT INTO x_user(create_time,update_time,added_by_id,upd_by_id,user_name,descr,status) values (UTC_TIMESTAMP(), UTC_TIMESTAMP(),NULL,NULL,'keyadmin','keyadmin',0);
+ end if;
+ end if;
+ end if;
+ end if;
+end;;
+
+delimiter ;
+call create_key_admin();
+
+drop procedure if exists create_key_admin;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/db/oracle/patches/014-createkeyadmin.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/oracle/patches/014-createkeyadmin.sql b/security-admin/db/oracle/patches/014-createkeyadmin.sql
new file mode 100644
index 0000000..92d4b21
--- /dev/null
+++ b/security-admin/db/oracle/patches/014-createkeyadmin.sql
@@ -0,0 +1,73 @@
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements. See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License. You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DECLARE
+ t_count number:=0;
+ v_count number:=0;
+ loginID number:=0;
+ sql_stmt VARCHAR2(1000);
+ first_name VARCHAR2(20):='rangerusersync';
+ scr_name VARCHAR2(20):='rangerusersync';
+ login_name VARCHAR2(20):='rangerusersync';
+ password VARCHAR2(50):='70b8374d3dfe0325aaa5002a688c7e3b';
+ user_role VARCHAR2(20):='ROLE_SYS_ADMIN';
+ email VARCHAR2(20):='rangerusersync';
+BEGIN
+ select count(*) into t_count from user_tables where table_name IN('X_PORTAL_USER','X_PORTAL_USER_ROLE','X_USER');
+ if (t_count = 3) then
+ select count(*) into v_count from x_portal_user where login_id = login_name;
+ if (v_count = 0) then
+ sql_stmt := 'INSERT INTO x_portal_user(ID,CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS,USER_SRC) VALUES (X_PORTAL_USER_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,NULL,:2,:3,:4,:5,1,0)';
+ EXECUTE IMMEDIATE sql_stmt USING first_name,scr_name,login_name,password,email;
+ commit;
+ end if;
+ select id into loginID from x_portal_user where login_id = login_name;
+ if (loginID > 0) then
+ sql_stmt := 'INSERT INTO x_portal_user_role(id,create_time,update_time,user_id,user_role,status) VALUES (X_PORTAL_USER_ROLE_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,:2,1)';
+ EXECUTE IMMEDIATE sql_stmt USING loginID,user_role;
+ commit;
+ end if;
+ select count(*) into v_count from x_user where user_name = login_name;
+ if (v_count = 0) then
+ sql_stmt := 'INSERT INTO x_user(id,create_time,update_time,user_name,descr,status) values (X_USER_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,:2,0)';
+ EXECUTE IMMEDIATE sql_stmt USING login_name,login_name;
+ commit;
+ end if;
+ first_name :='keyadmin';
+ scr_name :='keyadmin';
+ login_name :='keyadmin';
+ password :='a05f34d2dce2b4688fa82e82a89ba958';
+ user_role :='ROLE_KEY_ADMIN';
+ email :='keyadmin';
+ select count(*) into v_count from x_portal_user where login_id = login_name;
+ if (v_count = 0) then
+ sql_stmt := 'INSERT INTO x_portal_user(ID,CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS,USER_SRC) VALUES (X_PORTAL_USER_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,NULL,:2,:3,:4,:5,1,0)';
+ EXECUTE IMMEDIATE sql_stmt USING first_name,scr_name,login_name,password,email;
+ commit;
+ end if;
+ select id into loginID from x_portal_user where login_id = login_name;
+ if (loginID > 0) then
+ sql_stmt := 'INSERT INTO x_portal_user_role(id,create_time,update_time,user_id,user_role,status) VALUES (X_PORTAL_USER_ROLE_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,:2,1)';
+ EXECUTE IMMEDIATE sql_stmt USING loginID,user_role;
+ commit;
+ end if;
+ select count(*) into v_count from x_user where user_name = login_name;
+ if (v_count = 0) then
+ sql_stmt := 'INSERT INTO x_user(id,create_time,update_time,user_name,descr,status) values (X_USER_SEQ.nextval,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),:1,:2,0)';
+ EXECUTE IMMEDIATE sql_stmt USING login_name,login_name;
+ commit;
+ end if;
+ end if;
+end;/
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/db/postgres/xa_core_db_postgres.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/postgres/xa_core_db_postgres.sql b/security-admin/db/postgres/xa_core_db_postgres.sql
index 574b4ec..10f614b 100644
--- a/security-admin/db/postgres/xa_core_db_postgres.sql
+++ b/security-admin/db/postgres/xa_core_db_postgres.sql
@@ -971,4 +971,8 @@ COMMIT;
INSERT INTO x_portal_user(CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS)VALUES(current_timestamp,current_timestamp,'rangerusersync','','rangerusersync','rangerusersync','70b8374d3dfe0325aaa5002a688c7e3b','rangerusersync',1);
INSERT INTO x_portal_user_role(CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS)VALUES(current_timestamp,current_timestamp,2,'ROLE_SYS_ADMIN',1);
INSERT INTO x_user(CREATE_TIME,UPDATE_TIME,user_name,status,descr)VALUES(current_timestamp,current_timestamp,'rangerusersync',0,'rangerusersync');
+COMMIT;
+INSERT INTO x_portal_user(CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS)VALUES(current_timestamp,current_timestamp,'keyadmin','','keyadmin','keyadmin','a05f34d2dce2b4688fa82e82a89ba958','keyadmin',1);
+INSERT INTO x_portal_user_role(CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS)VALUES(current_timestamp,current_timestamp,3,'ROLE_KEY_ADMIN',1);
+INSERT INTO x_user(CREATE_TIME,UPDATE_TIME,user_name,status,descr)VALUES(current_timestamp,current_timestamp,'keyadmin',0,'keyadmin');
COMMIT;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
index 207b137..11c315d 100644
--- a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
@@ -2754,4 +2754,10 @@ GO
insert into x_portal_user_role (CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,2,'ROLE_SYS_ADMIN',1);
GO
insert into x_user (CREATE_TIME,UPDATE_TIME,user_name,status,descr) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'rangerusersync',0,'rangerusersync');
+GO
+insert into x_portal_user (CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'keyadmin','','keyadmin','keyadmin','a05f34d2dce2b4688fa82e82a89ba958','keyadmin',1);
+GO
+insert into x_portal_user_role (CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,3,'ROLE_KEY_ADMIN',1);
+GO
+insert into x_user (CREATE_TIME,UPDATE_TIME,user_name,status,descr) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'keyadmin',0,'keyadmin');
exit
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 08afe79..188682c 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -126,6 +126,7 @@ public class UserMgr {
DEFAULT_ROLE_LIST.add(RangerConstants.ROLE_USER);
VALID_ROLE_LIST.add(RangerConstants.ROLE_SYS_ADMIN);
VALID_ROLE_LIST.add(RangerConstants.ROLE_USER);
+ VALID_ROLE_LIST.add(RangerConstants.ROLE_KEY_ADMIN);
}
public UserMgr() {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 512c58f..750129f 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -285,14 +285,18 @@ public class XUserMgr extends XUserMgrBase {
insertMappingUserPermisson(vXPortalUser.getId(),
moduleNameId.get(RangerConstants.MODULE_AUDIT),
isCreate);
- insertMappingUserPermisson(vXPortalUser.getId(),
- moduleNameId.get(RangerConstants.MODULE_KMS), isCreate);
+ /*insertMappingUserPermisson(vXPortalUser.getId(),
+ moduleNameId.get(RangerConstants.MODULE_KMS),
+ isCreate);*/
/*insertMappingUserPermisson(vXPortalUser.getId(),
moduleNameId.get(RangerConstants.MODULE_PERMISSION),
isCreate);*/
insertMappingUserPermisson(vXPortalUser.getId(),
moduleNameId.get(RangerConstants.MODULE_USER_GROUPS),
isCreate);
+ } else if (role.equals(RangerConstants.ROLE_KEY_ADMIN)) {
+ insertMappingUserPermisson(vXPortalUser.getId(),
+ moduleNameId.get(RangerConstants.MODULE_KMS), isCreate);
}
}
@@ -968,4 +972,32 @@ public class XUserMgr extends XUserMgrBase {
xGroupPermissionService.deleteResource(id);
}
+ public void modifyUserActiveStatus(HashMap<Long, Integer> statusMap) {
+ UserSessionBase session = ContextUtil.getCurrentUserSession();
+ String currentUser=null;
+ if(session!=null){
+ currentUser=session.getLoginId();
+ if(currentUser==null || currentUser.trim().isEmpty()){
+ currentUser=null;
+ }
+ }
+ if(currentUser==null){
+ return;
+ }
+ Set<Map.Entry<Long, Integer>> entries = statusMap.entrySet();
+ for (Map.Entry<Long, Integer> entry : entries) {
+ if(entry!=null && entry.getKey()!=null && entry.getValue()!=null){
+ XXUser xUser = daoManager.getXXUser().getById(entry.getKey());
+ if(xUser!=null){
+ VXPortalUser vXPortalUser = userMgr.getUserProfileByLoginId(xUser.getName());
+ if(vXPortalUser!=null){
+ if(vXPortalUser.getLoginId()!=null && !vXPortalUser.getLoginId().equalsIgnoreCase(currentUser)){
+ vXPortalUser.setStatus(entry.getValue());
+ userMgr.updateUser(vXPortalUser);
+ }
+ }
+ }
+ }
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java
index 77b51db..a3a9c7b 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java
@@ -31,7 +31,7 @@ public class RangerConstants extends RangerCommonEnums {
public final static String ROLE_INTEGRATOR = "ROLE_INTEGRATOR";
public final static String ROLE_DATA_ANALYST = "ROLE_DATA_ANALYST";
public final static String ROLE_BIZ_MGR = "ROLE_BIZ_MGR";
-
+ public final static String ROLE_KEY_ADMIN = "ROLE_KEY_ADMIN";
public final static String ROLE_USER = "ROLE_USER";
public final static String ROLE_ANON = "ROLE_ANON";
public final static String ROLE_OTHER = "ROLE_OTHER";
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
index 4c47584..4885c92 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
@@ -69,7 +69,6 @@ import org.apache.ranger.view.VXModuleDef;
import org.apache.ranger.view.VXModuleDefList;
import org.apache.ranger.view.VXPermMap;
import org.apache.ranger.view.VXPermMapList;
-import org.apache.ranger.view.VXPortalUser;
import org.apache.ranger.view.VXUser;
import org.apache.ranger.view.VXUserGroupInfo;
import org.apache.ranger.view.VXUserList;
@@ -317,6 +316,7 @@ public class XUserREST {
null);
searchUtil.extractInt(request, searchCriteria, "userSource", "User Source");
searchUtil.extractInt(request, searchCriteria, "isVisible", "User Visibility");
+ searchUtil.extractInt(request, searchCriteria, "status", "User Status");
searchUtil.extractString(request, searchCriteria, "userRoleList", "User Role",
null);
return xUserMgr.searchXUsers(searchCriteria);
@@ -834,4 +834,11 @@ public class XUserREST {
request, xGroupPermissionService.sortFields);
return xUserMgr.getXGroupPermissionSearchCount(searchCriteria);
}
+
+ @PUT
+ @Path("/secure/users/activestatus")
+ @Produces({ "application/xml", "application/json" })
+ public void modifyUserActiveStatus(HashMap<Long, Integer> statusMap){
+ xUserMgr.modifyUserActiveStatus(statusMap);
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XUserService.java b/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
index 7f6c8e4..37be6f6 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
@@ -110,6 +110,10 @@ public class XUserService extends XUserServiceBase<XXUser, VXUser> {
searchFields.add(new SearchField("isVisible", "obj.isVisible",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL ));
+ searchFields.add(new SearchField("status", "xXPortalUser.status",
+ SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL,
+ "XXPortalUser xXPortalUser", "xXPortalUser.loginId = obj.name "));
+
createdByUserId = new Long(PropertiesUtil.getIntProperty(
"xa.xuser.createdByUserId", 1));
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/resources/xa_default.properties
----------------------------------------------------------------------
diff --git a/security-admin/src/main/resources/xa_default.properties b/security-admin/src/main/resources/xa_default.properties
index 6686dde..997561a 100644
--- a/security-admin/src/main/resources/xa_default.properties
+++ b/security-admin/src/main/resources/xa_default.properties
@@ -33,7 +33,7 @@ xa.ajax.auth.failure.page=/ajax_failure.jsp
xa.logout.success.page=/login.jsp?action=logged_out
#Role list
-xa.users.roles.list=ROLE_SYS_ADMIN, ROLE_USER, ROLE_OTHER, ROLE_ANON
+xa.users.roles.list=ROLE_SYS_ADMIN, ROLE_USER, ROLE_OTHER, ROLE_ANON, ROLE_KEY_ADMIN
#Mail listing
xa.mail.enabled=true
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/collection_bases/VXUserListBase.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/collection_bases/VXUserListBase.js b/security-admin/src/main/webapp/scripts/collection_bases/VXUserListBase.js
index 3745bc0..c349741 100644
--- a/security-admin/src/main/webapp/scripts/collection_bases/VXUserListBase.js
+++ b/security-admin/src/main/webapp/scripts/collection_bases/VXUserListBase.js
@@ -82,6 +82,18 @@ define(function(require){
return this.constructor.nonCrudOperation.call(this, url, 'PUT', options);
},
+
+ setStatus : function(postData , options){
+ var url = XAGlobals.baseURL + 'xusers/secure/users/activestatus';
+
+ options = _.extend({
+ data : JSON.stringify(postData),
+ contentType : 'application/json',
+ dataType : 'json'
+ }, options);
+
+ return this.constructor.nonCrudOperation.call(this, url, 'PUT', options);
+ },
},{
/**
* Table Cols to be passed to Backgrid
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js
index a75c264..6449c50 100644
--- a/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js
+++ b/security-admin/src/main/webapp/scripts/mgrs/SessionMgr.js
@@ -128,7 +128,9 @@ define(function(require){
SessionMgr.isSystemAdmin = function(){
return this.userInRole('ROLE_SYS_ADMIN') ? true : false;
};
-
+ SessionMgr.isKeyAdmin = function(){
+ return this.userInRole('ROLE_KEY_ADMIN') ? true : false;
+ };
SessionMgr.isUser = function(){
var roles = this.getRoleInUserSchool();
return $.inArray('ROLE_USER',roles) != -1 ? true : false ;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/models/VXUser.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/models/VXUser.js b/security-admin/src/main/webapp/scripts/models/VXUser.js
index 875b828..8bbdbec 100644
--- a/security-admin/src/main/webapp/scripts/models/VXUser.js
+++ b/security-admin/src/main/webapp/scripts/models/VXUser.js
@@ -38,6 +38,7 @@ define(function(require){
_.extend(this, selectable);
this.bindErrorEvents();
this.toView();
+ this.toViewStatus();
},
toView : function(){
@@ -52,6 +53,18 @@ define(function(require){
this.set('isVisible', visible);
},
+ toViewStatus : function(){
+ if(!_.isUndefined(this.get('status'))){
+ var status = (this.get('status') == XAEnums.ActiveStatus.STATUS_ENABLED.value);
+ this.set('status', status);
+ }
+ },
+
+ toServerStatus : function(){
+ var status = this.get('status') ? XAEnums.ActiveStatus.STATUS_ENABLED.value : XAEnums.ActiveStatus.STATUS_DISABLED.value;
+ this.set('status', status);
+ },
+
/** This models toString() */
toString : function(){
return this.get('name');
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index 9eae73c..48cb766 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -231,7 +231,8 @@ define(function(require) {
addMore : 'Add More..',
stayOnPage : 'Stay on this page',
leavePage : 'Leave this page',
- setVisibility : 'Set Visibility'
+ setVisibility : 'Set Visibility',
+ setStatus : 'Set Status'
},
// h1, h2, h3, fieldset, title
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/utils/XAEnums.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/utils/XAEnums.js b/security-admin/src/main/webapp/scripts/utils/XAEnums.js
index 31cc9e9..1e619a0 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAEnums.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAEnums.js
@@ -49,7 +49,8 @@ define(function(require) {
XAEnums.UserRoles = mergeParams(XAEnums.UserRoles, {
ROLE_SYS_ADMIN:{value:0, label:'Admin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'},
- ROLE_USER:{value:1, label:'User', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_DENIED', tt: 'lbl.AccessResult_ACCESS_RESULT_DENIED'}
+ ROLE_USER:{value:1, label:'User', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_DENIED', tt: 'lbl.AccessResult_ACCESS_RESULT_DENIED'},
+ ROLE_KEY_ADMIN:{value:2, label:'KeyAdmin', rbkey:'xa.enum.AccessResult.ACCESS_RESULT_ALLOWED', tt: 'lbl.AccessResult_ACCESS_RESULT_ALLOWED'},
});
XAEnums.UserTypes = mergeParams(XAEnums.UserTypes, {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
index 48a3715..1b66728 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
@@ -353,10 +353,14 @@ define(function(require){
m.set('newValue',XAEnums.UserRoles.ROLE_USER.label)
else if(newRole == "ROLE_SYS_ADMIN")
m.set('newValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label)
+ else if(newRole == "ROLE_KEY_ADMIN")
+ m.set('newValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label)
if(prevRole == "ROLE_USER")
m.set('previousValue',XAEnums.UserRoles.ROLE_USER.label)
else if(prevRole == "ROLE_SYS_ADMIN")
m.set('previousValue',XAEnums.UserRoles.ROLE_SYS_ADMIN.label)
+ else if(prevRole == "ROLE_KEY_ADMIN")
+ m.set('previousValue',XAEnums.UserRoles.ROLE_KEY_ADMIN.label)
}else{
if(!m.has('attributeName'))
modelArr.push(m);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js b/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js
index e2eec02..b363a10 100644
--- a/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js
+++ b/security-admin/src/main/webapp/scripts/views/user/UserProfileForm.js
@@ -78,6 +78,8 @@ define(function(require){
if(!_.isUndefined(roleList) && roleList.length > 0){
if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_USER.value)
this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_USER.value);
+ else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN.value)
+ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN.value);
else
this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_SYS_ADMIN.value);
}
@@ -120,6 +122,8 @@ define(function(require){
this.model.set('userRoleList',["ROLE_SYS_ADMIN"]);
}else if(this.model.get('userRoleList') == XAEnums.UserRoles.ROLE_USER.value){
this.model.set('userRoleList',["ROLE_USER"]);
+ }else if(this.model.get('userRoleList') == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){
+ this.model.set('userRoleList',["ROLE_KEY_ADMIN"]);
}
},
/** all post render plugin initialization */
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/views/users/UserForm.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/UserForm.js b/security-admin/src/main/webapp/scripts/views/users/UserForm.js
index 086fcb2..c94a20e 100644
--- a/security-admin/src/main/webapp/scripts/views/users/UserForm.js
+++ b/security-admin/src/main/webapp/scripts/views/users/UserForm.js
@@ -120,6 +120,8 @@ define(function(require){
if(!_.isUndefined(roleList) && roleList.length > 0){
if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_USER.value)
this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_USER.value);
+ else if(XAEnums.UserRoles[roleList[0]].value == XAEnums.UserRoles.ROLE_KEY_ADMIN.value)
+ this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_KEY_ADMIN.value);
else
this.fields.userRoleList.setValue(XAEnums.UserRoles.ROLE_SYS_ADMIN.value);
}
@@ -211,6 +213,8 @@ define(function(require){
//FOR USER ROLE
if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_USER.value){
this.model.set('userRoleList',["ROLE_USER"]);
+ }else if(this.fields.userRoleList.getValue() == XAEnums.UserRoles.ROLE_KEY_ADMIN.value){
+ this.model.set('userRoleList',["ROLE_KEY_ADMIN"]);
}else{
this.model.set('userRoleList',["ROLE_SYS_ADMIN"]);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
index 87458d5..89a9a36 100644
--- a/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/users/UserTableLayout.js
@@ -59,7 +59,9 @@ define(function(require){
btnShowLess : '[data-id="showLess"]',
btnSave : '[data-id="save"]',
btnShowHide : '[data-action="showHide"]',
- visibilityDropdown : '[data-id="visibilityDropdown"]'
+ visibilityDropdown : '[data-id="visibilityDropdown"]',
+ activeStatusDropdown : '[data-id="activeStatusDropdown"]',
+ activeStatusDiv :'[data-id="activeStatusDiv"]'
},
/** ui events hash */
@@ -70,7 +72,7 @@ define(function(require){
events['click ' + this.ui.btnShowLess] = 'onShowLess';
events['click ' + this.ui.btnSave] = 'onSave';
events['click ' + this.ui.visibilityDropdown +' li a'] = 'onVisibilityChange';
-
+ events['click ' + this.ui.activeStatusDropdown +' li a'] = 'onStatusChange';
return events;
},
@@ -162,6 +164,38 @@ define(function(require){
});
}
},
+ onStatusChange : function(e){
+ var that = this;
+ var status = $(e.currentTarget).attr('data-id') == 'Enable' ? true : false;
+ var updateMap = {};
+ var collection = this.showUsers ? this.collection : this.groupList;
+
+ _.each(collection.selected, function(s){
+ if( s.get('status') != status ){
+ s.set('status', status);
+ s.toServerStatus();
+ updateMap[s.get('id')] = s.get('status');
+ }
+ });
+
+ var clearCache = function(coll){
+ _.each(Backbone.fetchCache._cache, function(url, val){
+ var urlStr = coll.url;
+ if((val.indexOf(urlStr) != -1)){
+ Backbone.fetchCache.clearItem(val);
+ }
+ });
+ coll.fetch({reset: true, cache : false});
+ }
+ if(this.showUsers){
+ collection.setStatus(updateMap, {
+ success : function(){
+ that.chgFlags = [];
+ clearCache(collection);
+ }
+ });
+ }
+ },
renderUserTab : function(){
var that = this;
if(_.isUndefined(this.collection)){
@@ -175,6 +209,7 @@ define(function(require){
if(!_.isString(that.ui.addNewGroup)){
that.ui.addNewGroup.hide();
that.ui.addNewUser.show();
+ that.ui.activeStatusDiv.show();
}
that.$('.wrap-header').text('User List');
});
@@ -191,6 +226,7 @@ define(function(require){
}).done(function(){
that.ui.addNewUser.hide();
that.ui.addNewGroup.show();
+ that.ui.activeStatusDiv.hide();
that.$('.wrap-header').text('Group List');
that.$('ul').find('[data-js="groups"]').addClass('active');
that.$('ul').find('[data-js="users"]').removeClass();
@@ -317,6 +353,23 @@ define(function(require){
editable:false,
sortable:false
},
+ status : {
+ label : localization.tt("lbl.status"),
+ cell : Backgrid.HtmlCell.extend({className: 'cellWidth-1'}),
+ formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
+ fromRaw: function (rawValue, model) {
+ if(!_.isUndefined(rawValue)){
+ if(rawValue)
+ return '<span class="label label-success">'+XAEnums.ActiveStatus.STATUS_ENABLED.label+'</span>';
+ else
+ return '<span class="label label-green">'+XAEnums.ActiveStatus.STATUS_DISABLED.label+'</span>';
+ }else
+ return '--';
+ }
+ }),
+ editable:false,
+ sortable:false
+ },
};
return this.collection.constructor.getTableCols(cols, this.collection);
@@ -415,13 +468,14 @@ define(function(require){
if(this.showUsers){
placeholder = localization.tt('h.searchForYourUser');
coll = this.collection;
- searchOpt = ['User Name','Email Address','Visibility', 'Role','User Source'];//,'Start Date','End Date','Today'];
+ searchOpt = ['User Name','Email Address','Visibility', 'Role','User Source','User Status'];//,'Start Date','End Date','Today'];
var userRoleList = _.map(XAEnums.UserRoles,function(obj,key){return {label:obj.label,value:key};});
serverAttrName = [ {text : "User Name", label :"name"},
{text : "Email Address", label :"emailAddress"},
{text : "Role", label :"userRoleList", 'multiple' : true, 'optionsArr' : userRoleList},
{text : "Visibility", label :"isVisible", 'multiple' : true, 'optionsArr' : XAUtil.enumToSelectLabelValuePairs(XAEnums.VisibilityStatus)},
{text : "User Source", label :"userSource", 'multiple' : true, 'optionsArr' : XAUtil.enumToSelectLabelValuePairs(XAEnums.UserTypes)},
+ {text : "User Status", label :"status", 'multiple' : true, 'optionsArr' : XAUtil.enumToSelectLabelValuePairs(XAEnums.ActiveStatus)},
];
}else{
placeholder = localization.tt('h.searchForYourGroup');
@@ -452,6 +506,9 @@ define(function(require){
case 'Visibility':
callback(XAUtil.hackForVSLabelValuePairs(XAEnums.VisibilityStatus));
break;
+ case 'User Status':
+ callback(XAUtil.hackForVSLabelValuePairs(XAEnums.ActiveStatus));
+ break;
/*case 'Start Date' :
setTimeout(function () { XAUtil.displayDatepicker(that.ui.visualSearch, callback); }, 0);
break;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/cafe8697/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html b/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html
index 3dbefd4..6dd4b0f 100644
--- a/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html
+++ b/security-admin/src/main/webapp/templates/users/UserTableLayout_tmpl.html
@@ -26,7 +26,7 @@
<h3 class="wrap-header bold"> {{tt 'lbl.userListing'}} </h3>
<div class="wrap non-collapsible m-height ">
<div>
- <div class="span9">
+ <div class="span8">
<div class="visual_search"></div>
</div>
<div class="clearfix">
@@ -42,6 +42,16 @@
<li><a href="javascript:void(0);" data-id="hidden">{{tt 'lbl.VisibilityStatus_IS_HIDDEN'}}</a></li>
</ul>
</div>
+ <div class="btn-group btn-right" data-id="activeStatusDiv">
+ <a class="btn btn-primary dropdown-toggle" data-toggle="dropdown" href="#">
+ {{tt 'btn.setStatus'}}
+ <span class="caret"></span>
+ </a>
+ <ul class="dropdown-menu" data-id="activeStatusDropdown">
+ <li><a href="javascript:void(0);" data-id="Enable">{{tt 'lbl.ActiveStatus_STATUS_ENABLED'}}</a></li>
+ <li><a href="javascript:void(0);" data-id="Disable">{{tt 'lbl.ActiveStatus_STATUS_DISABLED'}}</a></li>
+ </ul>
+ </div>
</div>
<div data-id="r_tableList" class="clickable">
<b class="_prevNav"></b>