You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2017/01/17 17:46:08 UTC
incubator-ranger git commit: RANGER-1304 : Analytics Metric for
Ranger usage
Repository: incubator-ranger
Updated Branches:
refs/heads/master 7e1c021bd -> 2fb94cc54
RANGER-1304 : Analytics Metric for Ranger usage
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/2fb94cc5
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/2fb94cc5
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/2fb94cc5
Branch: refs/heads/master
Commit: 2fb94cc54e60e87d190f14f21f0d29f750894adf
Parents: 7e1c021
Author: Ankita Sinha <an...@freestoneinfotech.com>
Authored: Fri Jan 13 16:25:47 2017 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Tue Jan 17 12:45:59 2017 -0500
----------------------------------------------------------------------
.../scripts/ranger-admin-services.sh | 15 +-
.../org/apache/ranger/biz/RangerBizUtil.java | 4 +
.../org/apache/ranger/common/db/BaseDao.java | 23 +
.../apache/ranger/patch/cliutil/MetricUtil.java | 446 +++++++++++++++++++
.../ranger/view/VXMetricAuditDetailsCount.java | 94 ++++
.../ranger/view/VXMetricContextEnricher.java | 66 +++
.../apache/ranger/view/VXMetricPolicyCount.java | 80 ++++
.../ranger/view/VXMetricServiceCount.java | 77 ++++
.../ranger/view/VXMetricUserGroupCount.java | 79 ++++
9 files changed, 882 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/embeddedwebserver/scripts/ranger-admin-services.sh
----------------------------------------------------------------------
diff --git a/embeddedwebserver/scripts/ranger-admin-services.sh b/embeddedwebserver/scripts/ranger-admin-services.sh
index c19598a..fb0b2a7 100755
--- a/embeddedwebserver/scripts/ranger-admin-services.sh
+++ b/embeddedwebserver/scripts/ranger-admin-services.sh
@@ -17,10 +17,13 @@
if [[ -z $1 ]]; then
echo "Invalid argument [$1];"
- echo "Usage: Only start | stop | restart | version, are supported."
+ echo "Usage: Only start | stop | restart | metric | version , are supported."
+ echo "For Metric Usage: metric -type policies | audits | usergroup | services | database | contextenrichers | denyconditions"
exit;
fi
action=$1
+arg2=$2
+arg3=$3
action=`echo $action | tr '[:lower:]' '[:upper:]'`
realScriptPath=`readlink -f $0`
realScriptDir=`dirname $realScriptPath`
@@ -132,6 +135,11 @@ stop(){
fi
}
+
+metric(){
+ java ${JAVA_OPTS} -Dlogdir=${RANGER_ADMIN_LOG_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/:${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/lib/*:${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/META-INF:${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/lib/*:${XAPOLICYMGR_EWS_DIR}/webapp/META-INF:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*:${RANGER_HADOOP_CONF_DIR}/*:$CLASSPATH" org.apache.ranger.patch.cliutil.MetricUtil ${arg2} ${arg3} 2>/dev/null
+}
+
if [ "${action}" == "START" ]; then
if [ -f "$pidf" ] ; then
pid=`cat $pidf`
@@ -153,12 +161,15 @@ elif [ "${action}" == "RESTART" ]; then
echo "Restarting Apache Ranger Admin"
stop;
start;
+elif [ "${action}" == "METRIC" ]; then
+ metric;
elif [ "${action}" == "VERSION" ]; then
cd ${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/lib
java -cp ranger-util-*.jar org.apache.ranger.common.RangerVersionInfo
exit;
else
echo "Invalid argument [$1];"
- echo "Usage: Only start | stop | restart | version, are supported."
+ echo "Usage: Only start | stop | restart | metric | version, are supported."
+ echo "For metric Usage: metric -type policies | audits | usergroup | services | database | contextenrichers | denyconditions"
exit;
fi
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index b9a21e1..979c6f3 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -1396,6 +1396,10 @@ public class RangerBizUtil {
return AppConstants.DB_FLAVOR_UNKNOWN;
}
+ public String getDBVersion(){
+ return daoManager.getXXUser().getDBVersion();
+ }
+
public String getAuditDBType() {
return auditDBType;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
index 0916f26..6b423bb 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
@@ -250,4 +250,27 @@ public abstract class BaseDao<T> {
}
}
+ public String getDBVersion(){
+ String dbVersion="Not Available";
+ String query ="SELECT 1";
+ try{
+ if(RangerBizUtil.getDBFlavor() == AppConstants.DB_FLAVOR_MYSQL) {
+ query="SELECT version()";
+ dbVersion=(String) getEntityManager().createNativeQuery(query).getSingleResult();
+ }else if(RangerBizUtil.getDBFlavor() == AppConstants.DB_FLAVOR_ORACLE){
+ query="SELECT * from v$version where rownum<2";
+ dbVersion=(String) getEntityManager().createNativeQuery(query).getSingleResult();
+ }else if(RangerBizUtil.getDBFlavor() == AppConstants.DB_FLAVOR_POSTGRES){
+ query="SELECT version()";
+ dbVersion=(String) getEntityManager().createNativeQuery(query).getSingleResult();
+ }else if(RangerBizUtil.getDBFlavor() == AppConstants.DB_FLAVOR_SQLSERVER){
+ query="SELECT @@version";
+ dbVersion=(String) getEntityManager().createNativeQuery(query).getSingleResult();
+ }else if(RangerBizUtil.getDBFlavor() == AppConstants.DB_FLAVOR_SQLANYWHERE){
+ query="SELECT @@version";
+ dbVersion=(String) getEntityManager().createNativeQuery(query).getSingleResult();
+ }
+ }catch(Exception ex){}
+ return dbVersion;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/patch/cliutil/MetricUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/MetricUtil.java b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/MetricUtil.java
new file mode 100644
index 0000000..50a0d37
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/MetricUtil.java
@@ -0,0 +1,446 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.patch.cliutil;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.apache.ranger.biz.AssetMgr;
+import org.apache.ranger.biz.RangerBizUtil;
+import org.apache.ranger.biz.ServiceDBStore;
+import org.apache.ranger.biz.XUserMgr;
+import org.apache.ranger.common.AppConstants;
+import org.apache.ranger.common.RangerConstants;
+import org.apache.ranger.common.SearchCriteria;
+import org.apache.ranger.patch.BaseLoader;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
+import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerContextEnricherDef;
+import org.apache.ranger.plugin.store.PList;
+import org.apache.ranger.plugin.util.SearchFilter;
+import org.apache.ranger.util.CLIUtil;
+import org.apache.ranger.view.VXAccessAuditList;
+import org.apache.ranger.view.VXGroupList;
+import org.apache.ranger.view.VXMetricContextEnricher;
+import org.apache.ranger.view.VXMetricAuditDetailsCount;
+import org.apache.ranger.view.VXMetricServiceCount;
+import org.apache.ranger.view.VXMetricPolicyCount;
+import org.apache.ranger.view.VXMetricUserGroupCount;
+import org.apache.ranger.view.VXUserList;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+
+@Component
+public class MetricUtil extends BaseLoader {
+
+ private static Logger logger = Logger.getLogger(MetricUtil.class);
+
+ public static String metricType;
+
+ @Autowired
+ XUserMgr xUserMgr;
+
+ @Autowired
+ AssetMgr assetMgr;
+
+ @Autowired
+ ServiceDBStore svcStore;
+
+ @Autowired
+ RangerBizUtil xaBizUtil;
+
+ public static void main(String[] args) {
+ logger.getRootLogger().setLevel(Level.OFF);
+ logger.info("MetricUtil : main()");
+ try {
+ MetricUtil loader = (MetricUtil) CLIUtil.getBean(MetricUtil.class);
+ loader.init();
+ if(args.length != 2){
+ System.out.println("type: Incorrect Arguments usage : -type policies | audits | usergroup | services | database | contextenrichers | denyconditions");
+ }else {
+ if((!args[0].equalsIgnoreCase("-type")) && (!args[1].equalsIgnoreCase("policies") || !args[1].equalsIgnoreCase("audits") || !args[1].equalsIgnoreCase("usergroup") || !args[1].equalsIgnoreCase("services") || !args[1].equalsIgnoreCase("database") || !args[1].equalsIgnoreCase("contextenrichers") || !args[1].equalsIgnoreCase("denyconditions"))){
+ System.out.println("type: Incorrect Arguments usage : -type policies | audits | usergroup | services | database | contextenrichers | denyconditions");
+ }else{
+ metricType = args[1];
+ if(logger.isDebugEnabled()){
+ logger.debug("Metric Type : " + metricType);
+ }
+ }
+ }
+ while (loader.isMoreToProcess()) {
+ loader.load();
+ }
+ logger.info("Load complete. Exiting!!!");
+ System.exit(0);
+ }
+ catch (Exception e) {
+ logger.error("Error loading", e);
+ System.exit(1);
+ }
+ }
+
+ @Override
+ public void init() throws Exception {
+ logger.info("==> MetricUtil.init()");
+ }
+
+ @Override
+ public void execLoad() {
+ logger.info("==> MetricUtil.execLoad()");
+ metricCalculation(metricType);
+ logger.info("<== MetricUtil.execLoad()");
+ }
+
+ @Override
+ public void printStats() {
+ }
+
+ private Object metricCalculation(String caseValue) {
+ logger.info("Metric Type : " + caseValue);
+ try {
+ SearchCriteria searchCriteria = new SearchCriteria();
+ searchCriteria.setStartIndex(0);
+ searchCriteria.setMaxRows(100);
+ searchCriteria.setGetCount(true);
+ searchCriteria.setSortType("asc");
+
+ switch (caseValue.toLowerCase()) {
+ case "usergroup":
+ try {
+ VXGroupList VXGroupList = xUserMgr.searchXGroups(searchCriteria);
+
+ long groupCount = VXGroupList.getTotalCount();
+
+ ArrayList<String> userRoleList = new ArrayList<String>();
+ userRoleList.add(RangerConstants.ROLE_SYS_ADMIN);
+ userRoleList.add(RangerConstants.ROLE_KEY_ADMIN);
+ userRoleList.add(RangerConstants.ROLE_USER);
+ searchCriteria.addParam("userRoleList", userRoleList);
+ VXUserList VXUserList = xUserMgr.searchXUsers(searchCriteria);
+ long userCount = VXUserList.getTotalCount();
+
+ VXMetricUserGroupCount metricUserGroupCount = new VXMetricUserGroupCount();
+ metricUserGroupCount.setUserCount(userCount);
+ metricUserGroupCount.setGroupCount(groupCount);
+ Gson gson = new GsonBuilder().create();
+ final String jsonUserGroupCount = gson.toJson(metricUserGroupCount);
+ System.out.println(jsonUserGroupCount);
+ } catch (Exception e) {
+ logger.error("Error for calculating Metric for usergroup : "+ e.getMessage());
+ }
+ break;
+ case "audits":
+ try{
+ VXMetricAuditDetailsCount auditObj = new VXMetricAuditDetailsCount();
+ VXMetricServiceCount deniedCountObj = getAuditsCount(0);
+ auditObj.setDenialEventsCount(deniedCountObj);
+ VXMetricServiceCount allowedCountObj = getAuditsCount(1);
+ auditObj.setAccessEventsCount(allowedCountObj);
+ long totalAuditsCount = deniedCountObj.getTotalCount() + allowedCountObj.getTotalCount();
+ auditObj.setSolrIndexCount(totalAuditsCount);
+ Gson gson = new GsonBuilder().create();
+ final String jsonAudit = gson.toJson(auditObj);
+ System.out.println(jsonAudit);
+ }catch (Exception e) {
+ logger.error("Error for calculating Metric for audits : "+e.getMessage());
+ }
+ break;
+ case "services" :
+ try{
+ SearchFilter serviceFilter = new SearchFilter();
+ serviceFilter.setMaxRows(200);
+ serviceFilter.setStartIndex(0);
+ serviceFilter.setGetCount(true);
+ serviceFilter.setSortBy("serviceId");
+ serviceFilter.setSortType("asc");
+ VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
+ PList<RangerService> paginatedSvcs = svcStore.getPaginatedServices(serviceFilter);
+ long totalServiceCount = paginatedSvcs.getTotalCount();
+ List<RangerService> rangerServiceList = paginatedSvcs.getList();
+ Map<String,Long> services = new HashMap<String,Long>();
+ for (Object rangerService:rangerServiceList) {
+ RangerService RangerServiceObj = (RangerService) rangerService;
+ String serviceName = RangerServiceObj.getType();
+ if(!(services.containsKey(serviceName)))
+ {
+ serviceFilter.setParam("serviceType",serviceName);
+ PList<RangerService> paginatedSvcscount = svcStore.getPaginatedServices(serviceFilter);
+ services.put(serviceName,paginatedSvcscount.getTotalCount());
+ }
+ }
+ vXMetricServiceCount.setServiceCountList(services);
+ vXMetricServiceCount.setTotalCount(totalServiceCount);
+ Gson gson = new GsonBuilder().create();
+ final String jsonServices = gson.toJson(vXMetricServiceCount);
+ System.out.println(jsonServices);
+ }catch (Exception e) {
+ logger.error("Error for calculating Metric for services : "+e.getMessage());
+ }
+ break;
+ case "policies" :
+ try{
+ SearchFilter policyFilter = new SearchFilter();
+ policyFilter.setMaxRows(200);
+ policyFilter.setStartIndex(0);
+ policyFilter.setGetCount(true);
+ policyFilter.setSortBy("serviceId");
+ policyFilter.setSortType("asc");
+ VXMetricPolicyCount vXMetricPolicyCount = new VXMetricPolicyCount();
+ PList<RangerPolicy> paginatedSvcsList = svcStore.getPaginatedPolicies(policyFilter);
+ vXMetricPolicyCount.setTotalCount(paginatedSvcsList.getTotalCount());
+ Map<String,VXMetricServiceCount> servicesWithPolicy = new HashMap<String,VXMetricServiceCount>();
+ for(int k = 2;k >= 0;k--)
+ {
+ String serviceType = String.valueOf(k);
+ VXMetricServiceCount vXMetricServiceCount = getVXMetricServiceCount(serviceType);
+ if(k == 2)
+ servicesWithPolicy.put("row_filtering_policies", vXMetricServiceCount);
+ else if(k == 1)
+ servicesWithPolicy.put("masking_policies", vXMetricServiceCount);
+ else if(k == 0)
+ servicesWithPolicy.put("resource_policy", vXMetricServiceCount);
+ }
+ boolean tagFlag = false;
+ if(tagFlag == false)
+ {
+ policyFilter.setParam("serviceType","tag");
+ PList<RangerPolicy> policiestype = svcStore.getPaginatedPolicies(policyFilter);
+ Map<String,Long> tagMap= new HashMap<String,Long>();
+ long tagCount = policiestype.getTotalCount();
+ tagMap.put("tag",tagCount);
+ VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
+ vXMetricServiceCount.setServiceCountList(tagMap);
+ vXMetricServiceCount.setTotalCount(tagCount);
+ servicesWithPolicy.put("tag_based_policies",vXMetricServiceCount);
+ tagFlag = true;
+ }
+ vXMetricPolicyCount.setvXMetricServiceCount(servicesWithPolicy);
+ Gson gson = new GsonBuilder().create();
+ final String jsonPolicies = gson.toJson(vXMetricPolicyCount);
+ System.out.println(jsonPolicies);
+ }catch (Exception e) {
+ logger.error("Error for calculating Metric for policies : "+e.getMessage());
+ }
+ break;
+ case "database" :
+ try{
+ int dbFlavor = RangerBizUtil.getDBFlavor();
+ String dbFlavourType = "Unknow ";
+ if(dbFlavor == AppConstants.DB_FLAVOR_MYSQL){
+ dbFlavourType = "MYSQL ";
+ }else if(dbFlavor == AppConstants.DB_FLAVOR_ORACLE){
+ dbFlavourType = "ORACLE ";
+ }else if(dbFlavor == AppConstants.DB_FLAVOR_POSTGRES){
+ dbFlavourType = "POSTGRES ";
+ }else if(dbFlavor == AppConstants.DB_FLAVOR_SQLANYWHERE){
+ dbFlavourType = "SQLANYWHERE ";
+ }else if(dbFlavor == AppConstants.DB_FLAVOR_SQLSERVER){
+ dbFlavourType = "SQLSERVER ";
+ }
+ String dbDetail = dbFlavourType + xaBizUtil.getDBVersion();
+ Gson gson = new GsonBuilder().create();
+ final String jsonDBDetail = gson.toJson(dbDetail);
+ System.out.println(jsonDBDetail);
+ }catch (Exception e) {
+ logger.error("Error for calculating Metric for database : "+e.getMessage());
+ }
+ break;
+ case "contextenrichers":
+ try
+ {
+ SearchFilter filter = new SearchFilter();
+ filter.setStartIndex(0);
+ VXMetricContextEnricher serviceWithContextEnrichers= new VXMetricContextEnricher();
+ PList<RangerServiceDef> paginatedSvcDefs = svcStore.getPaginatedServiceDefs(filter);
+ List<RangerServiceDef> repoTypeList = paginatedSvcDefs.getList();
+ if(repoTypeList != null){
+ for (RangerServiceDef repoType:repoTypeList)
+ {
+ RangerServiceDef rangerServiceDefObj = (RangerServiceDef)repoType;
+ String name = rangerServiceDefObj.getName();
+ List<RangerContextEnricherDef> contextEnrichers = rangerServiceDefObj.getContextEnrichers();
+ if(contextEnrichers != null && contextEnrichers.size() > 0){
+ serviceWithContextEnrichers.setServiceName(name);
+ serviceWithContextEnrichers.setTotalCount(contextEnrichers.size());
+ }
+ }
+ }
+ Gson gson = new GsonBuilder().create();
+ final String jsonContextEnrichers = gson.toJson(serviceWithContextEnrichers);
+ System.out.println(jsonContextEnrichers);
+ }
+ catch (Exception e) {
+ logger.error("Error for calculating Metric for contextenrichers : "+e.getMessage());
+ }
+ break;
+ case "denyconditions":
+ try {
+ SearchFilter policyFilter1 = new SearchFilter();
+ policyFilter1.setMaxRows(200);
+ policyFilter1.setStartIndex(0);
+ policyFilter1.setGetCount(true);
+ policyFilter1.setSortBy("serviceId");
+ policyFilter1.setSortType("asc");
+
+ int denyCount = 0;
+ Map<String, Integer> denyconditionsonMap = new HashMap<String, Integer>();
+ PList<RangerServiceDef> paginatedSvcDefs = svcStore.getPaginatedServiceDefs(policyFilter1);
+ if(paginatedSvcDefs != null){
+ List<RangerServiceDef> rangerServiceDef = paginatedSvcDefs.getList();
+ if(rangerServiceDef != null && rangerServiceDef.size() > 0)
+ {
+ for(int i=0; i<rangerServiceDef.size(); i++)
+ {
+ if(rangerServiceDef.get(i) != null){
+ String serviceDef = rangerServiceDef.get(i).getName();
+ if (!StringUtils.isEmpty(serviceDef)){
+ policyFilter1.setParam("serviceType", serviceDef);
+ PList<RangerPolicy> policiesList = svcStore.getPaginatedPolicies(policyFilter1);
+ if(policiesList != null && policiesList.getListSize() > 0){
+ int policyListCount = policiesList.getListSize();
+ if (policyListCount > 0 && policiesList.getList() != null) {
+ List<RangerPolicy> policies = policiesList.getList();
+ for(int j=0; j<policies.size(); j++){
+ if(policies.get(j) != null){
+ List<RangerPolicyItem> policyItem = policies.get(j).getDenyPolicyItems();
+ if(policyItem != null && policyItem.size() > 0){
+ if(denyconditionsonMap.get(serviceDef) != null){
+ denyCount = denyconditionsonMap.get(serviceDef) + denyCount + policyItem.size();
+ }else{
+ denyCount = denyCount + policyItem.size();
+ }
+ }
+ List<RangerPolicyItem> policyItemExclude = policies.get(j).getDenyExceptions();
+ if(policyItemExclude != null && policyItemExclude.size() > 0){
+ if(denyconditionsonMap.get(serviceDef) != null){
+ denyCount = denyconditionsonMap.get(serviceDef) + denyCount + policyItemExclude.size();
+ }else{
+ denyCount = denyCount + policyItemExclude.size();
+ }
+ }
+ }
+ }
+ }
+ }
+ policyFilter1.removeParam("serviceType");
+ }
+ denyconditionsonMap.put(serviceDef, denyCount);
+ denyCount = 0;
+ }
+ }
+ }
+ }
+ Gson gson = new GsonBuilder().create();
+ String jsonContextDenyCondtionOn = gson.toJson(denyconditionsonMap);
+ System.out.println(jsonContextDenyCondtionOn);
+ } catch (Exception e) {
+ logger.error("Error for calculating Metric for denyconditions : "+ e.getMessage());
+ }
+ break;
+ default:
+ System.out.println("type: Incorrect Arguments usage : -type policies | audits | usergroup | services | database | contextenrichers | denyconditions");
+ logger.info("Please enter the valid arguments for Metric Calculation");
+ break;
+ }
+ } catch(Exception e) {
+ logger.error("Error for calculating Metric : "+e.getMessage());
+ }
+ return null;
+ }
+
+ private VXMetricServiceCount getVXMetricServiceCount(String serviceType) throws Exception
+ {
+ SearchFilter policyFilter1 = new SearchFilter();
+ policyFilter1.setMaxRows(200);
+ policyFilter1.setStartIndex(0);
+ policyFilter1.setGetCount(true);
+ policyFilter1.setSortBy("serviceId");
+ policyFilter1.setSortType("asc");
+ policyFilter1.setParam("policyType",serviceType);
+ PList<RangerPolicy> policies = svcStore.getPaginatedPolicies(policyFilter1);
+ PList<RangerService> paginatedSvcsSevice = svcStore.getPaginatedServices(policyFilter1);
+
+ List<RangerService> rangerServiceList = paginatedSvcsSevice.getList();
+
+ Map<String,Long> servicesforPolicyType = new HashMap<String,Long>();
+ long tagCount = 0;
+ for (Object rangerService : rangerServiceList) {
+ RangerService rangerServiceObj = (RangerService) rangerService;
+ String serviceName = rangerServiceObj.getType();
+ if(!(servicesforPolicyType.containsKey(serviceName)))
+ {
+ policyFilter1.setParam("serviceType",serviceName);
+ PList<RangerPolicy> policiestype = svcStore.getPaginatedPolicies(policyFilter1);
+ long count = policiestype.getTotalCount();
+ if(count != 0)
+ {
+ if(!serviceName.equalsIgnoreCase("tag")){
+ servicesforPolicyType.put(serviceName,count);
+ }
+ else{
+ tagCount=count;
+ }
+ }
+ }
+ }
+ VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
+ vXMetricServiceCount.setServiceCountList(servicesforPolicyType);
+ long totalCountOfPolicyType = policies.getTotalCount()-tagCount;
+ vXMetricServiceCount.setTotalCount(totalCountOfPolicyType);
+ return vXMetricServiceCount;
+ }
+
+ private VXMetricServiceCount getAuditsCount(int accessResult) throws Exception {
+
+ long totalCountOfAudits = 0;
+ SearchFilter filter = new SearchFilter();
+ filter.setStartIndex(0);
+
+ Map<String,Long> servicesRepoType = new HashMap<String,Long>();
+ VXMetricServiceCount vXMetricServiceCount = new VXMetricServiceCount();
+ PList<RangerServiceDef> paginatedSvcDefs = svcStore.getPaginatedServiceDefs(filter);
+ Iterable<RangerServiceDef> repoTypeGet = paginatedSvcDefs.getList();
+ for (Object repo:repoTypeGet) {
+ RangerServiceDef rangerServiceDefObj = (RangerServiceDef)repo;
+ long id = rangerServiceDefObj.getId();
+ String serviceRepoName = rangerServiceDefObj.getName();
+ SearchCriteria searchCriteriaWithType = new SearchCriteria();
+ searchCriteriaWithType.getParamList().put("repoType",id);
+ searchCriteriaWithType.getParamList().put("accessResult", accessResult);
+ VXAccessAuditList vXAccessAuditListwithType = assetMgr.getAccessLogs(searchCriteriaWithType);
+ long toltalCountOfRepo = vXAccessAuditListwithType.getTotalCount();
+ if(toltalCountOfRepo != 0)
+ {
+ servicesRepoType.put(serviceRepoName, toltalCountOfRepo);
+ totalCountOfAudits += toltalCountOfRepo;
+ }
+ }
+ vXMetricServiceCount.setServiceCountList(servicesRepoType);
+ vXMetricServiceCount.setTotalCount(totalCountOfAudits);
+ return vXMetricServiceCount;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/view/VXMetricAuditDetailsCount.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXMetricAuditDetailsCount.java b/security-admin/src/main/java/org/apache/ranger/view/VXMetricAuditDetailsCount.java
new file mode 100644
index 0000000..ada6e82
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXMetricAuditDetailsCount.java
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.view;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class VXMetricAuditDetailsCount implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ protected Long solrIndexCount;
+ protected VXMetricServiceCount accessEventsCount;
+ protected VXMetricServiceCount denialEventsCount;
+
+ /**
+ * Default constructor. This will set all the attributes to default value.
+ */
+ public VXMetricAuditDetailsCount() {
+ }
+
+ /**
+ * @return the solrIndexCount
+ */
+ public Long getSolrIndexCount() {
+ return solrIndexCount;
+ }
+
+ /**
+ * @param solrIndexCount the solrIndexCount to set
+ */
+ public void setSolrIndexCount(Long solrIndexCount) {
+ this.solrIndexCount = solrIndexCount;
+ }
+
+ /**
+ * @return the accessEventsCount
+ */
+ public VXMetricServiceCount getAccessEventsCount() {
+ return accessEventsCount;
+ }
+
+ /**
+ * @param accessEventsCount the accessEventsCount to set
+ */
+ public void setAccessEventsCount(VXMetricServiceCount accessEventsCount) {
+ this.accessEventsCount = accessEventsCount;
+ }
+
+ /**
+ * @return the denialEventsCount
+ */
+ public VXMetricServiceCount getDenialEventsCount() {
+ return denialEventsCount;
+ }
+
+ /**
+ * @param denialEventsCount the denialEventsCount to set
+ */
+ public void setDenialEventsCount(VXMetricServiceCount denialEventsCount) {
+ this.denialEventsCount = denialEventsCount;
+ }
+
+ @Override
+ public String toString() {
+ String str = "VXMetricAuditDetailsCount=[";
+ str += "solrIndexCount={" + solrIndexCount + "},";
+ str += "accessEventsCount={" + accessEventsCount.toString() + "}, ";
+ str += "denialEventsCount={" + denialEventsCount.toString() + "} ";
+ str += "]";
+ return str;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/view/VXMetricContextEnricher.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXMetricContextEnricher.java b/security-admin/src/main/java/org/apache/ranger/view/VXMetricContextEnricher.java
new file mode 100644
index 0000000..1677ad0
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXMetricContextEnricher.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.view;
+
+public class VXMetricContextEnricher implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ String serviceName;
+ int totalCount;
+
+ /**
+ * Default constructor. This will set all the attributes to default value.
+ */
+ public VXMetricContextEnricher() {
+ }
+
+ /**
+ * @return the serviceName
+ */
+ public String getServiceName() {
+ return serviceName;
+ }
+ /**
+ * @param serviceName the serviceName to set
+ */
+ public void setServiceName(String serviceName) {
+ this.serviceName = serviceName;
+ }
+ /**
+ * @return the totalCount
+ */
+ public int getTotalCount() {
+ return totalCount;
+ }
+ /**
+ * @param totalCount the totalCount to set
+ */
+ public void setTotalCount(int totalCount) {
+ this.totalCount = totalCount;
+ }
+
+ @Override
+ public String toString() {
+ String str = "VXMeticContextEnricher=[";
+ str += "serviceName={" + serviceName + "},";
+ str += "totalCount={" + totalCount +"} ";
+ str += "]";
+ return str;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/view/VXMetricPolicyCount.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXMetricPolicyCount.java b/security-admin/src/main/java/org/apache/ranger/view/VXMetricPolicyCount.java
new file mode 100644
index 0000000..ba4a8e9
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXMetricPolicyCount.java
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.view;
+
+import java.util.HashMap;
+import java.util.Map;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class VXMetricPolicyCount implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ protected Map<String,VXMetricServiceCount> vXMetricServiceCount = new HashMap<String,VXMetricServiceCount>();
+ protected long totalCount;
+
+ /**
+ * Default constructor. This will set all the attributes to default value.
+ */
+ public VXMetricPolicyCount() {
+ }
+
+ /**
+ * @return the vXMetricServiceCount
+ */
+ public Map<String, VXMetricServiceCount> getvXMetricServiceCount() {
+ return vXMetricServiceCount;
+ }
+
+ /**
+ * @param vXMetricServiceCount the vXMetricServiceCount to set
+ */
+ public void setvXMetricServiceCount(
+ Map<String, VXMetricServiceCount> vXMetricServiceCount) {
+ this.vXMetricServiceCount = vXMetricServiceCount;
+ }
+
+ /**
+ * @return the totalCount
+ */
+ public long getTotalCount() {
+ return totalCount;
+ }
+
+ /**
+ * @param totalCount the totalCount to set
+ */
+ public void setTotalCount(long totalCount) {
+ this.totalCount = totalCount;
+ }
+
+ @Override
+ public String toString() {
+ return "VXMetricPolicyCount={totalCount="
+ + totalCount +", vXMetricServiceCount=["
+ + vXMetricServiceCount.toString()
+ + "]}";
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/view/VXMetricServiceCount.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXMetricServiceCount.java b/security-admin/src/main/java/org/apache/ranger/view/VXMetricServiceCount.java
new file mode 100644
index 0000000..07e113e
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXMetricServiceCount.java
@@ -0,0 +1,77 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.view;
+
+import java.util.HashMap;
+import java.util.Map;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class VXMetricServiceCount implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ protected Map<String,Long> serviceCountList = new HashMap<String,Long>();
+ protected Long totalCount;
+
+ /**
+ * Default constructor. This will set all the attributes to default value.
+ */
+ public VXMetricServiceCount() {
+ }
+
+ /**
+ * @return the serviceCountList
+ */
+ public Map<String, Long> getServiceCountList() {
+ return serviceCountList;
+ }
+
+ /**
+ * @param serviceCountList the serviceCountList to set
+ */
+ public void setServiceCountList(Map<String, Long> serviceCountList) {
+ this.serviceCountList = serviceCountList;
+ }
+
+ /**
+ * @return the totalCount
+ */
+ public Long getTotalCount() {
+ return totalCount;
+ }
+
+ /**
+ * @param totalCount the totalCount to set
+ */
+ public void setTotalCount(Long totalCount) {
+ this.totalCount = totalCount;
+ }
+
+ @Override
+ public String toString() {
+ return "VXMetricServiceCount={total_count=" + totalCount +", services="
+ + serviceCountList +"}";
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2fb94cc5/security-admin/src/main/java/org/apache/ranger/view/VXMetricUserGroupCount.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXMetricUserGroupCount.java b/security-admin/src/main/java/org/apache/ranger/view/VXMetricUserGroupCount.java
new file mode 100644
index 0000000..833606f
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXMetricUserGroupCount.java
@@ -0,0 +1,79 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.view;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class VXMetricUserGroupCount implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ protected Long userCount;
+ protected Long groupCount;
+
+ /**
+ * Default constructor. This will set all the attributes to default value.
+ */
+ public VXMetricUserGroupCount() {
+ }
+
+ /**
+ * @return the userCount
+ */
+ public Long getUserCount() {
+ return userCount;
+ }
+
+ /**
+ * @param userCount the userCount to set
+ */
+ public void setUserCount(Long userCount) {
+ this.userCount = userCount;
+ }
+
+ /**
+ * @return the groupCount
+ */
+ public Long getGroupCount() {
+ return groupCount;
+ }
+
+ /**
+ * @param groupCount the groupCount to set
+ */
+ public void setGroupCount(Long groupCount) {
+ this.groupCount = groupCount;
+ }
+
+ @Override
+ public String toString() {
+ String str = "VXMetricUserGroupCount={";
+ str += "userCount={" + userCount + "} ";
+ str += "groupCount={" + groupCount + "} ";
+ str += "}";
+ return str;
+ }
+}
\ No newline at end of file