You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2017/09/28 14:22:56 UTC
ranger git commit: RANGER-1779 : last resource gets duplicated during
update policy if policy is created through public api rest call
Repository: ranger
Updated Branches:
refs/heads/master da328b551 -> a30c43db3
RANGER-1779 : last resource gets duplicated during update policy if policy is created through public api rest call
Signed-off-by: Mehul Parikh <me...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/a30c43db
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/a30c43db
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/a30c43db
Branch: refs/heads/master
Commit: a30c43db31bc0c6b69594e2fba0f243a94a789c6
Parents: da328b5
Author: Nikhil P <ni...@gmail.com>
Authored: Wed Sep 27 14:51:46 2017 +0530
Committer: Mehul Parikh <me...@apache.org>
Committed: Thu Sep 28 19:52:27 2017 +0530
----------------------------------------------------------------------
.../org/apache/ranger/biz/ServiceDBStore.java | 26 ++--
...atchForNifiResourceUpdateExclude_J10008.java | 145 ------------------
...atchForNifiResourceUpdateExclude_J10011.java | 148 +++++++++++++++++++
3 files changed, 165 insertions(+), 154 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/a30c43db/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index da65074..bb43c53 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -27,6 +27,7 @@ import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -2925,15 +2926,22 @@ public class ServiceDBStore extends AbstractServiceStore {
xPolRes = daoMgr.getXXPolicyResource().create(xPolRes);
List<String> values = policyRes.getValues();
- if(CollectionUtils.isNotEmpty(values)){
- for(int i = 0; i < values.size(); i++) {
- if(values.get(i)!=null){
- XXPolicyResourceMap xPolResMap = new XXPolicyResourceMap();
- xPolResMap = rangerAuditFields.populateAuditFields(xPolResMap, xPolRes);
- xPolResMap.setResourceId(xPolRes.getId());
- xPolResMap.setValue(values.get(i));
- xPolResMap.setOrder(i);
- xPolResMap = daoMgr.getXXPolicyResourceMap().create(xPolResMap);
+ if (CollectionUtils.isNotEmpty(values)) {
+ Set<String> uniqueValues = new LinkedHashSet<String>(values);
+ int i = 0;
+ if (CollectionUtils.isNotEmpty(uniqueValues)) {
+ for (String uniqValue : uniqueValues) {
+ if (!StringUtils.isEmpty(uniqValue)) {
+ XXPolicyResourceMap xPolResMap = new XXPolicyResourceMap();
+ xPolResMap = (XXPolicyResourceMap) rangerAuditFields.populateAuditFields(xPolResMap,
+ xPolRes);
+ xPolResMap.setResourceId(xPolRes.getId());
+ xPolResMap.setValue(uniqValue);
+ xPolResMap.setOrder(i);
+ xPolResMap = daoMgr.getXXPolicyResourceMap().create(xPolResMap);
+ i++;
+
+ }
}
}
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/a30c43db/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
deleted file mode 100644
index 634082c..0000000
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10008.java
+++ /dev/null
@@ -1,145 +0,0 @@
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ranger.patch;
-
-import java.util.List;
-import org.apache.commons.collections.CollectionUtils;
-import org.apache.log4j.Logger;
-import org.apache.ranger.biz.ServiceDBStore;
-import org.apache.ranger.common.JSONUtil;
-import org.apache.ranger.common.RangerValidatorFactory;
-import org.apache.ranger.common.StringUtil;
-import org.apache.ranger.db.RangerDaoManager;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXResourceDef;
-import org.apache.ranger.plugin.model.RangerPolicy;
-import org.apache.ranger.plugin.model.RangerServiceDef;
-import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef;
-import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
-import org.apache.ranger.plugin.model.validation.RangerValidator.Action;
-import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
-import org.apache.ranger.service.RangerPolicyService;
-import org.apache.ranger.util.CLIUtil;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-@Component
-public class PatchForNifiResourceUpdateExclude_J10008 extends BaseLoader {
- private static final Logger logger = Logger.getLogger(PatchForHiveServiceDefUpdate_J10006.class);
- @Autowired
- RangerDaoManager daoMgr;
-
- @Autowired
- ServiceDBStore svcDBStore;
-
- @Autowired
- JSONUtil jsonUtil;
-
- @Autowired
- StringUtil stringUtil;
-
- @Autowired
- RangerValidatorFactory validatorFactory;
-
- @Autowired
- ServiceDBStore svcStore;
-
- @Autowired
- RangerPolicyService policyService;
-
- public static void main(String[] args) {
- logger.info("main()");
- try {
- PatchForNifiResourceUpdateExclude_J10008 loader = (PatchForNifiResourceUpdateExclude_J10008) CLIUtil.getBean(PatchForNifiResourceUpdateExclude_J10008.class);
- loader.init();
- while (loader.isMoreToProcess()) {
- loader.load();
- }
- logger.info("Load complete. Exiting!!!");
- System.exit(0);
- } catch (Exception e) {
- logger.error("Error loading", e);
- System.exit(1);
- }
- }
-
- @Override
- public void init() throws Exception {
- // Do Nothing
- }
-
- @Override
- public void execLoad() {
- logger.info("==> PatchForNifiResourceUpdateExclude.execLoad()");
- try {
- updateNifiServiceDef();
- } catch (Exception e) {
- logger.error("Error whille updateNifiServiceDef()data.", e);
- }
- logger.info("<== PatchForNifiResourceUpdateExclude.execLoad()");
- }
-
- @Override
- public void printStats() {
- logger.info("updateNifiServiceDef data ");
- }
-
- private void updateNifiServiceDef(){
- RangerServiceDef ret = null;
- RangerServiceDef dbNifiServiceDef = null;
- try {
- dbNifiServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME);
- if (dbNifiServiceDef != null) {
- List<RangerResourceDef> rRDefList = null;
- rRDefList = dbNifiServiceDef.getResources();
- if (CollectionUtils.isNotEmpty(rRDefList)) {
- for (RangerResourceDef rRDef : rRDefList) {
-
- if (rRDef.getExcludesSupported()) {
- rRDef.setExcludesSupported(false);
- }
-
- XXResourceDef sdf=daoMgr.getXXResourceDef().findByNameAndServiceDefId(rRDef.getName(), dbNifiServiceDef.getId());
- long ResourceDefId=sdf.getId();
- List<XXPolicyResource> RangerPolicyResourceList=daoMgr.getXXPolicyResource().findByResDefId(ResourceDefId);
- if (CollectionUtils.isNotEmpty(RangerPolicyResourceList)){
- for(XXPolicyResource RangerPolicyResource : RangerPolicyResourceList){
- if(RangerPolicyResource.getIsexcludes()){
- RangerPolicy rPolicy=svcDBStore.getPolicy(RangerPolicyResource.getPolicyid());
- rPolicy.setIsEnabled(false);
- svcStore.updatePolicy(rPolicy);
- }
- }
- }
- }
- }
- RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
- validator.validate(dbNifiServiceDef, Action.UPDATE);
- ret = svcStore.updateServiceDef(dbNifiServiceDef);
- }
- if (ret == null) {
- logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME+ "service-def");
- System.exit(1);
- }
- } catch (Exception e) {
- logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME + "service-def", e);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/ranger/blob/a30c43db/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10011.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10011.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10011.java
new file mode 100644
index 0000000..1c48eeb
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForNifiResourceUpdateExclude_J10011.java
@@ -0,0 +1,148 @@
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.patch;
+
+import java.util.List;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.log4j.Logger;
+import org.apache.ranger.biz.ServiceDBStore;
+import org.apache.ranger.common.JSONUtil;
+import org.apache.ranger.common.RangerValidatorFactory;
+import org.apache.ranger.common.StringUtil;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXPolicyResource;
+import org.apache.ranger.entity.XXResourceDef;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef;
+import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
+import org.apache.ranger.plugin.model.validation.RangerValidator.Action;
+import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
+import org.apache.ranger.service.RangerPolicyService;
+import org.apache.ranger.util.CLIUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+/**
+ * Disables the Nifi plugin's exclude toggle in Ranger UI.
+ * After running this patch user wont be able to add exclude resource policies in NIFI.
+ */
+@Component
+public class PatchForNifiResourceUpdateExclude_J10011 extends BaseLoader {
+ private static final Logger logger = Logger.getLogger(PatchForNifiResourceUpdateExclude_J10011.class);
+ @Autowired
+ RangerDaoManager daoMgr;
+
+ @Autowired
+ ServiceDBStore svcDBStore;
+
+ @Autowired
+ JSONUtil jsonUtil;
+
+ @Autowired
+ StringUtil stringUtil;
+
+ @Autowired
+ RangerValidatorFactory validatorFactory;
+
+ @Autowired
+ ServiceDBStore svcStore;
+
+ @Autowired
+ RangerPolicyService policyService;
+
+ public static void main(String[] args) {
+ logger.info("main()");
+ try {
+ PatchForNifiResourceUpdateExclude_J10011 loader = (PatchForNifiResourceUpdateExclude_J10011) CLIUtil.getBean(PatchForNifiResourceUpdateExclude_J10011.class);
+ loader.init();
+ while (loader.isMoreToProcess()) {
+ loader.load();
+ }
+ logger.info("Load complete. Exiting!!!");
+ System.exit(0);
+ } catch (Exception e) {
+ logger.error("Error loading", e);
+ System.exit(1);
+ }
+ }
+
+ @Override
+ public void init() throws Exception {
+ // Do Nothing
+ }
+
+ @Override
+ public void execLoad() {
+ logger.info("==> PatchForNifiResourceUpdateExclude.execLoad()");
+ try {
+ updateNifiServiceDef();
+ } catch (Exception e) {
+ logger.error("Error whille updateNifiServiceDef()data.", e);
+ }
+ logger.info("<== PatchForNifiResourceUpdateExclude.execLoad()");
+ }
+
+ @Override
+ public void printStats() {
+ logger.info("updateNifiServiceDef data ");
+ }
+
+ private void updateNifiServiceDef(){
+ RangerServiceDef ret = null;
+ RangerServiceDef dbNifiServiceDef = null;
+ try {
+ dbNifiServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME);
+ if (dbNifiServiceDef != null) {
+ List<RangerResourceDef> rRDefList = null;
+ rRDefList = dbNifiServiceDef.getResources();
+ if (CollectionUtils.isNotEmpty(rRDefList)) {
+ for (RangerResourceDef rRDef : rRDefList) {
+
+ if (rRDef.getExcludesSupported()) {
+ rRDef.setExcludesSupported(false);
+ }
+
+ XXResourceDef sdf=daoMgr.getXXResourceDef().findByNameAndServiceDefId(rRDef.getName(), dbNifiServiceDef.getId());
+ long ResourceDefId=sdf.getId();
+ List<XXPolicyResource> RangerPolicyResourceList=daoMgr.getXXPolicyResource().findByResDefId(ResourceDefId);
+ if (CollectionUtils.isNotEmpty(RangerPolicyResourceList)){
+ for(XXPolicyResource RangerPolicyResource : RangerPolicyResourceList){
+ if(RangerPolicyResource.getIsexcludes()){
+ RangerPolicy rPolicy=svcDBStore.getPolicy(RangerPolicyResource.getPolicyid());
+ rPolicy.setIsEnabled(false);
+ svcStore.updatePolicy(rPolicy);
+ }
+ }
+ }
+ }
+ }
+ RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
+ validator.validate(dbNifiServiceDef, Action.UPDATE);
+ ret = svcStore.updateServiceDef(dbNifiServiceDef);
+ }
+ if (ret == null) {
+ logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME+ "service-def");
+ }
+ } catch (Exception e) {
+ logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME + "service-def", e);
+ }
+ }
+
+}