You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2020/10/06 17:44:06 UTC
[ranger] branch ranger-2.2 updated: RANGER-3020: Normalize naming
and processing of config parameters for chained plugin
This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch ranger-2.2
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.2 by this push:
new 645ad2f RANGER-3020: Normalize naming and processing of config parameters for chained plugin
645ad2f is described below
commit 645ad2f6b4a79c62a5ff5694cbc6b7bb198570fc
Author: Abhay Kulkarni <ab...@apache.org>
AuthorDate: Tue Oct 6 10:42:41 2020 -0700
RANGER-3020: Normalize naming and processing of config parameters for chained plugin
---
.../hadoop/config/RangerChainedPluginConfig.java | 96 ++++++++++++++++------
1 file changed, 70 insertions(+), 26 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
index 81cebf4..de2aff1 100644
--- a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
+++ b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerChainedPluginConfig.java
@@ -19,43 +19,63 @@
package org.apache.ranger.authorization.hadoop.config;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
public class RangerChainedPluginConfig extends RangerPluginConfig {
+
+ private static final Log LOG = LogFactory.getLog(RangerChainedPluginConfig.class);
+
+ private final String[] legacySSLProperties = new String[] {"xasecure.policymgr.clientssl.keystore", "xasecure.policymgr.clientssl.keystore.type", "xasecure.policymgr.clientssl.keystore.credential.file","xasecure.policymgr.clientssl.truststore", "xasecure.policymgr.clientssl.truststore.credential.file", "hadoop.security.credential.provider.path"};
+ private final String[] chainedPluginPropertyPrefixes = new String[] { ".chained.services"};
+
public RangerChainedPluginConfig(String serviceType, String serviceName, String appId, RangerPluginConfig sourcePluginConfig) {
super(serviceType, serviceName, appId, sourcePluginConfig);
- // add necessary config "overrides", so that RangerAdminClient implementations (like RangerAdminRESTClient)
- // will use configurations from ranger-<source-service-type>-security.xml (sourcePluginConfig) to connect to Ranger Admin
+ // Copy all of properties from sourcePluginConfig except chained properties but with converted propertyPrefix
+ copyProperties(sourcePluginConfig, sourcePluginConfig.getPropertyPrefix());
- set(getPropertyPrefix() + ".service.name", serviceName);
- copyProperty(sourcePluginConfig, ".policy.source.impl");
- copyProperty(sourcePluginConfig, ".policy.cache.dir");
- copyProperty(sourcePluginConfig, ".policy.rest.url");
- copyProperty(sourcePluginConfig, ".policy.rest.ssl.config.file");
- copyProperty(sourcePluginConfig, ".policy.pollIntervalMs", 30 * 1000);
- copyProperty(sourcePluginConfig, ".policy.rest.client.connection.timeoutMs", 120 * 1000);
- copyProperty(sourcePluginConfig, ".policy.rest.read.timeoutMs", 30 * 1000);
- copyProperty(sourcePluginConfig, ".policy.rest.supports.policy.deltas");
- copyProperty(sourcePluginConfig, ".tag.rest.supports.tag.deltas");
-
- // SSL configurations
- String[] legacySSLProperties = new String[] {"xasecure.policymgr.clientssl.keystore", "xasecure.policymgr.clientssl.keystore.type", "xasecure.policymgr.clientssl.keystore.credential.file","xasecure.policymgr.clientssl.truststore", "xasecure.policymgr.clientssl.truststore.credential.file", "hadoop.security.credential.provider.path"};
- copyLegacySSLProperties(sourcePluginConfig, legacySSLProperties);
+ // Copy SSL configurations from sourcePluginConfig
+ copyLegacySSLProperties(sourcePluginConfig);
+
+ // Override copied properties from those in sourcePluginConfig with getPropertyPrefix()
+ copyProperties(sourcePluginConfig, getPropertyPrefix());
+ // Copy chained properties
+ copyChainedProperties(sourcePluginConfig, getPropertyPrefix());
+
+ set(getPropertyPrefix() + ".service.name", serviceName);
}
- protected void copyProperty(RangerPluginConfig sourcePluginConfig, String propertySuffix) {
- String value = sourcePluginConfig.get("ranger.plugin." + sourcePluginConfig.getServiceType() + propertySuffix);
- if (value != null) {
- set(getPropertyPrefix() + propertySuffix, sourcePluginConfig.get("ranger.plugin." + sourcePluginConfig.getServiceType() + propertySuffix));
+ private void copyProperties(RangerPluginConfig sourcePluginConfig, String propertyPrefix) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> copyProperties: propertyPrefix:[" + propertyPrefix + "]");
}
- }
+ for (String propName : sourcePluginConfig.getProperties().stringPropertyNames()) {
+ String value = sourcePluginConfig.get(propName);
- protected void copyProperty(RangerPluginConfig sourcePluginConfig, String propertySuffix, int defaultValue) {
- setInt(getPropertyPrefix() + propertySuffix, sourcePluginConfig.getInt("ranger.plugin" + sourcePluginConfig.getServiceType() + propertySuffix, defaultValue));
+ if (value != null && propName.startsWith(propertyPrefix)) {
+ String suffix = propName.substring(propertyPrefix.length());
+ if (!isExcludedSuffix(suffix)) {
+ set(getPropertyPrefix() + suffix, value);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("set property:[" + getPropertyPrefix() + suffix + "] to value:[" + value + "]");
+ }
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Not copying property :[" + propName + "] value from sourcePluginConfig");
+ }
+ }
+ }
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== copyProperties: propertyPrefix:[" + propertyPrefix + "]");
+ }
}
- private void copyLegacySSLProperties(RangerPluginConfig sourcePluginConfig, String[] legacyPropertyNames) {
- for (String legacyPropertyName : legacyPropertyNames) {
+ private void copyLegacySSLProperties(RangerPluginConfig sourcePluginConfig) {
+ for (String legacyPropertyName : legacySSLProperties) {
String value = sourcePluginConfig.get(legacyPropertyName);
if (value != null) {
set(legacyPropertyName, value);
@@ -63,7 +83,31 @@ public class RangerChainedPluginConfig extends RangerPluginConfig {
}
}
- protected String printProperties() {
+ private void copyChainedProperties(RangerPluginConfig sourcePluginConfig, String propertyPrefix) {
+ for (String propName : sourcePluginConfig.getProperties().stringPropertyNames()) {
+ String value = sourcePluginConfig.get(propName);
+
+ if (value != null && propName.startsWith(propertyPrefix)) {
+ String suffix = propName.substring(propertyPrefix.length());
+ for (String chainedPropertyPrefix : chainedPluginPropertyPrefixes) {
+ if (StringUtils.startsWith(suffix, chainedPropertyPrefix)) {
+ set(getPropertyPrefix() + suffix, value);
+ }
+ }
+ }
+ }
+ }
+
+ private boolean isExcludedSuffix(String suffix) {
+ for (String excludedSuffix : chainedPluginPropertyPrefixes) {
+ if (StringUtils.startsWith(suffix, excludedSuffix)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private String printProperties() {
StringBuilder sb = new StringBuilder();
boolean seenOneProp = false;
for (String propName : this.getProperties().stringPropertyNames()) {