You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2020/02/06 18:15:53 UTC
[ranger] branch master updated: RANGER-2684: Add Kudu service
definition
This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 0b23df7 RANGER-2684: Add Kudu service definition
0b23df7 is described below
commit 0b23df7801062cc7836f2e162e1775101898add4
Author: Hao Hao <ha...@cloudera.com>
AuthorDate: Thu Feb 6 10:15:23 2020 -0800
RANGER-2684: Add Kudu service definition
---
.../plugin/store/EmbeddedServiceDefsUtil.java | 8 +-
.../service-defs/ranger-servicedef-kudu.json | 176 +++++++++++++++++++++
distro/src/main/assembly/admin-web.xml | 17 ++
plugin-kudu/.gitignore | 1 +
plugin-kudu/pom.xml | 60 +++++++
.../ranger/services/kudu/RangerServiceKudu.java | 45 ++++++
pom.xml | 2 +
7 files changed, 308 insertions(+), 1 deletion(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
index 2b007d2..882ca2f 100755
--- a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java
@@ -48,7 +48,7 @@ public class EmbeddedServiceDefsUtil {
// following servicedef list should be reviewed/updated whenever a new embedded service-def is added
- public static final String DEFAULT_BOOTSTRAP_SERVICEDEF_LIST = "tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas,nifi,nifi-registry,sqoop,kylin,elasticsearch,presto,ozone";
+ public static final String DEFAULT_BOOTSTRAP_SERVICEDEF_LIST = "tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas,nifi,nifi-registry,sqoop,kylin,elasticsearch,presto,ozone,kudu";
private static final String PROPERTY_SUPPORTED_SERVICE_DEFS = "ranger.supportedcomponents";
private Set<String> supportedServiceDefs;
public static final String EMBEDDED_SERVICEDEF_TAG_NAME = "tag";
@@ -71,6 +71,7 @@ public class EmbeddedServiceDefsUtil {
public static final String EMBEDDED_SERVICEDEF_ELASTICSEARCH_NAME = "elasticsearch";
public static final String EMBEDDED_SERVICEDEF_PRESTO_NAME = "presto";
public static final String EMBEDDED_SERVICEDEF_OZONE_NAME = "ozone";
+ public static final String EMBEDDED_SERVICEDEF_KUDU_NAME = "kudu";
public static final String PROPERTY_CREATE_EMBEDDED_SERVICE_DEFS = "ranger.service.store.create.embedded.service-defs";
@@ -87,6 +88,7 @@ public class EmbeddedServiceDefsUtil {
public static final String ATLAS_IMPL_CLASS_NAME = "org.apache.ranger.services.atlas.RangerServiceAtlas";
public static final String PRESTO_IMPL_CLASS_NAME = "org.apache.ranger.services.presto.RangerServicePresto";
public static final String OZONE_IMPL_CLASS_NAME = "org.apache.ranger.services.ozone.RangerServiceOzone";
+ public static final String KUDU_IMPL_CLASS_NAME = "org.apache.ranger.services.kudu.RangerServiceKudu";
private static EmbeddedServiceDefsUtil instance = new EmbeddedServiceDefsUtil();
@@ -110,6 +112,7 @@ public class EmbeddedServiceDefsUtil {
private RangerServiceDef elasticsearchServiceDef;
private RangerServiceDef prestoServiceDef;
private RangerServiceDef ozoneServiceDef;
+ private RangerServiceDef kuduServiceDef;
private RangerServiceDef tagServiceDef;
@@ -158,6 +161,7 @@ public class EmbeddedServiceDefsUtil {
elasticsearchServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_ELASTICSEARCH_NAME);
prestoServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_PRESTO_NAME);
ozoneServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_OZONE_NAME);
+ kuduServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_KUDU_NAME);
// Ensure that tag service def is updated with access types of all service defs
store.updateTagServiceDefForAccessTypes();
@@ -237,6 +241,8 @@ public class EmbeddedServiceDefsUtil {
public long getOzoneServiceDefId() { return getId(ozoneServiceDef); }
+ public long getKuduServiceDefId() { return getId(kuduServiceDef); }
+
public RangerServiceDef getEmbeddedServiceDef(String defType) throws Exception {
RangerServiceDef serviceDef=null;
if(StringUtils.isNotEmpty(defType)){
diff --git a/agents-common/src/main/resources/service-defs/ranger-servicedef-kudu.json b/agents-common/src/main/resources/service-defs/ranger-servicedef-kudu.json
new file mode 100644
index 0000000..e2a8b72
--- /dev/null
+++ b/agents-common/src/main/resources/service-defs/ranger-servicedef-kudu.json
@@ -0,0 +1,176 @@
+{
+ "id":105,
+ "name": "kudu",
+ "implClass": "org.apache.ranger.services.kudu.RangerServiceKudu",
+ "label": "Kudu",
+ "description": "Kudu",
+ "guid": "",
+ "resources":
+ [
+ {
+ "itemId": 1,
+ "name": "database",
+ "type": "string",
+ "level": 10,
+ "parent": "",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Database",
+ "description": "Database",
+ "isValidLeaf": true
+ },
+
+ {
+ "itemId": 2,
+ "name": "table",
+ "type": "string",
+ "level": 20,
+ "parent": "database",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Table",
+ "description": "Table",
+ "isValidLeaf": true
+ },
+ {
+ "itemId": 3,
+ "name": "column",
+ "type": "string",
+ "level": 30,
+ "parent": "table",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Column",
+ "description": "Column"
+ }
+ ],
+
+ "accessTypes":
+ [
+ {
+ "itemId": 1,
+ "name": "select",
+ "label": "SELECT",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+
+ {
+ "itemId": 2,
+ "name": "insert",
+ "label": "INSERT",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 3,
+ "name": "update",
+ "label": "UPDATE",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 4,
+ "name": "delete",
+ "label": "DELETE",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 5,
+ "name": "alter",
+ "label": "ALTER",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 6,
+ "name": "create",
+ "label": "CREATE",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 7,
+ "name": "drop",
+ "label": "DROP",
+ "impliedGrants":
+ [
+ "metadata"
+ ]
+ },
+ {
+ "itemId": 8,
+ "name": "metadata",
+ "label": "METADATA"
+ },
+ {
+ "itemId": 9,
+ "name": "all",
+ "label": "ALL",
+ "impliedGrants":
+ [
+ "select",
+ "insert",
+ "update",
+ "delete",
+ "alter",
+ "create",
+ "drop",
+ "metadata"
+ ]
+ }
+ ],
+
+ "configs":
+ [
+ ],
+
+ "enums":
+ [
+ ],
+
+ "contextEnrichers":
+ [
+ ],
+
+ "policyConditions":
+ [
+ ]
+}
+
+
+
diff --git a/distro/src/main/assembly/admin-web.xml b/distro/src/main/assembly/admin-web.xml
index 37bda35..c28066e 100644
--- a/distro/src/main/assembly/admin-web.xml
+++ b/distro/src/main/assembly/admin-web.xml
@@ -462,6 +462,23 @@
</includes>
</binaries>
</moduleSet>
+
+ <moduleSet>
+ <useAllReactorProjects>true</useAllReactorProjects>
+ <includes>
+ <include>org.apache.ranger:ranger-kudu-plugin</include>
+ </includes>
+ <binaries>
+ <outputDirectory>/ews/webapp/WEB-INF/classes/ranger-plugins/kudu</outputDirectory>
+ <includeDependencies>true</includeDependencies>
+ <unpack>false</unpack>
+ <directoryMode>755</directoryMode>
+ <fileMode>644</fileMode>
+ <includes>
+ <include>org.apache.ranger:ranger-kudu-plugin</include>
+ </includes>
+ </binaries>
+ </moduleSet>
</moduleSets>
<fileSets>
diff --git a/plugin-kudu/.gitignore b/plugin-kudu/.gitignore
new file mode 100644
index 0000000..b83d222
--- /dev/null
+++ b/plugin-kudu/.gitignore
@@ -0,0 +1 @@
+/target/
diff --git a/plugin-kudu/pom.xml b/plugin-kudu/pom.xml
new file mode 100644
index 0000000..fd13b90
--- /dev/null
+++ b/plugin-kudu/pom.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>ranger-kudu-plugin</artifactId>
+ <name>Kudu Security Plugin</name>
+ <description>Kudu Security Plugin</description>
+ <packaging>jar</packaging>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+ <parent>
+ <groupId>org.apache.ranger</groupId>
+ <artifactId>ranger</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ <relativePath>..</relativePath>
+ </parent>
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.ranger</groupId>
+ <artifactId>ranger-plugins-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ranger</groupId>
+ <artifactId>ranger-plugins-audit</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.ranger</groupId>
+ <artifactId>credentialbuilder</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-core</artifactId>
+ </dependency>
+ </dependencies>
+</project>
diff --git a/plugin-kudu/src/main/java/org/apache/ranger/services/kudu/RangerServiceKudu.java b/plugin-kudu/src/main/java/org/apache/ranger/services/kudu/RangerServiceKudu.java
new file mode 100644
index 0000000..a2b66de
--- /dev/null
+++ b/plugin-kudu/src/main/java/org/apache/ranger/services/kudu/RangerServiceKudu.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.kudu;
+
+import org.apache.ranger.plugin.service.RangerBaseService;
+import org.apache.ranger.plugin.service.ResourceLookupContext;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+/**
+ * RangerService for Apache Kudu.
+ */
+public class RangerServiceKudu extends RangerBaseService {
+
+ @Override
+ public HashMap<String, Object> validateConfig() throws Exception {
+ // TODO: implement configure validation for Kudu policies.
+ return new HashMap<>();
+ }
+
+ @Override
+ public List<String> lookupResource(ResourceLookupContext context) throws Exception {
+ // TODO: implement resource lookup for Kudu policies.
+ return new ArrayList<>();
+ }
+
+}
diff --git a/pom.xml b/pom.xml
index e574d1b..0ffbb19 100644
--- a/pom.xml
+++ b/pom.xml
@@ -243,6 +243,7 @@
<module>plugin-nifi</module>
<module>plugin-nifi-registry</module>
<module>plugin-presto</module>
+ <module>plugin-kudu</module>
<module>ugsync</module>
<module>ugsync/ldapconfigchecktool/ldapconfigcheck</module>
<module>unixauthclient</module>
@@ -524,6 +525,7 @@
<module>plugin-solr</module>
<module>plugin-nifi</module>
<module>plugin-nifi-registry</module>
+ <module>plugin-kudu</module>
<module>ugsync</module>
<module>ugsync/ldapconfigchecktool/ldapconfigcheck</module>
<module>unixauthclient</module>