You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/16 03:44:40 UTC
[10/12] incubator-ranger git commit: RANGER-194: Rename classes under
web-admin project
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/biz/XABizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XABizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/XABizUtil.java
deleted file mode 100644
index 0177682..0000000
--- a/security-admin/src/main/java/org/apache/ranger/biz/XABizUtil.java
+++ /dev/null
@@ -1,1313 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package org.apache.ranger.biz;
-
-import java.io.File;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.log4j.Logger;
-import org.apache.ranger.common.AppConstants;
-import org.apache.ranger.common.ContextUtil;
-import org.apache.ranger.common.GUIDUtil;
-import org.apache.ranger.common.PropertiesUtil;
-import org.apache.ranger.common.RESTErrorUtil;
-import org.apache.ranger.common.StringUtil;
-import org.apache.ranger.common.UserSessionBase;
-import org.apache.ranger.common.XACommonEnums;
-import org.apache.ranger.common.XAConstants;
-import org.apache.ranger.common.db.BaseDao;
-import org.apache.ranger.db.XADaoManager;
-import org.apache.ranger.entity.XXAsset;
-import org.apache.ranger.entity.XXDBBase;
-import org.apache.ranger.entity.XXGroup;
-import org.apache.ranger.entity.XXPermMap;
-import org.apache.ranger.entity.XXPortalUser;
-import org.apache.ranger.entity.XXResource;
-import org.apache.ranger.entity.XXTrxLog;
-import org.apache.ranger.entity.XXUser;
-import org.apache.ranger.service.AbstractBaseResourceService;
-import org.apache.ranger.view.VXDataObject;
-import org.apache.ranger.view.VXPortalUser;
-import org.apache.ranger.view.VXResource;
-import org.apache.ranger.view.VXResponse;
-import org.apache.ranger.view.VXString;
-import org.apache.ranger.view.VXStringList;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import java.util.Random;
-
-import org.apache.commons.io.FilenameUtils;
-import org.apache.commons.io.IOCase;
-
-@Component
-public class XABizUtil {
- static final Logger logger = Logger.getLogger(XABizUtil.class);
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XADaoManager daoManager;
-
- @Autowired
- StringUtil stringUtil;
-
- @Autowired
- UserMgr userMgr;
-
- Set<Class<?>> groupEditableClasses;
- private Class<?>[] groupEditableClassesList = {};
-
- Map<String, Integer> classTypeMappings = new HashMap<String, Integer>();
- private int maxFirstNameLength;
- int maxDisplayNameLength = 150;
- boolean defaultAutoApprove = true;
- boolean showBlockedContent = true;
- public final String EMPTY_CONTENT_DISPLAY_NAME = "...";
- boolean enableResourceAccessControl;
- private Random random;
- private static final String PATH_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst0123456789-_.";
- private static char[] PATH_CHAR_SET = PATH_CHARS.toCharArray();
- private static int PATH_CHAR_SET_LEN = PATH_CHAR_SET.length;
-
- static String fileSeparator = PropertiesUtil.getProperty(
- "xa.file.separator", "/");
-
- public XABizUtil() {
- maxFirstNameLength = Integer.parseInt(PropertiesUtil.getProperty(
- "xa.user.firstname.maxlength", "16"));
- maxDisplayNameLength = PropertiesUtil.getIntProperty(
- "xa.bookmark.name.maxlen", maxDisplayNameLength);
- showBlockedContent = PropertiesUtil.getBooleanProperty(
- "xa.content.show_blocked", showBlockedContent);
- defaultAutoApprove = PropertiesUtil.getBooleanProperty(
- "xa.mod.default", defaultAutoApprove);
-
- groupEditableClasses = new HashSet<Class<?>>(
- Arrays.asList(groupEditableClassesList));
- enableResourceAccessControl = PropertiesUtil.getBooleanProperty(
- "xa.resource.accessControl.enabled", true);
- random = new Random();
- }
-
- public <T extends XXDBBase> List<? extends XXDBBase> getParentObjects(T object) {
- List<XXDBBase> parentObjectList = null;
- // if (checkParentAcess.contains(object.getMyClassType())) {
- // parentObjectList = new ArrayList<MBase>();
- // }
- return parentObjectList;
- }
-
- public int getClassType(Class<?> klass) {
- String className = klass.getName();
- // See if this mapping is already in the database
- Integer classType = classTypeMappings.get(className);
- if (classType == null) {
- // Instantiate the class and call the getClassType method
- if (XXDBBase.class.isAssignableFrom(klass)) {
- try {
- XXDBBase gjObj = (XXDBBase) klass.newInstance();
- classType = gjObj.getMyClassType();
- classTypeMappings.put(className, classType);
- } catch (Throwable ex) {
- logger.error("Error instantiating object for class "
- + className, ex);
- }
- }
- }
- if (classType == null) {
- return XACommonEnums.CLASS_TYPE_NONE;
- } else {
- return classType;
- }
- }
-
- // Access control methods
- public void checkSystemAdminAccess() {
- UserSessionBase currentUserSession = ContextUtil
- .getCurrentUserSession();
- if (currentUserSession != null && currentUserSession.isUserAdmin()) {
- return;
- }
- throw restErrorUtil
- .create403RESTException("Only System Administrators can add accounts");
- }
-
- /**
- * @param contentType
- * @return
- */
- public int getMimeTypeInt(String contentType) {
- if (contentType.equalsIgnoreCase("JPEG")
- || contentType.equalsIgnoreCase("JPG")
- || contentType.endsWith("jpg") || contentType.endsWith("jpeg")) {
- return XAConstants.MIME_JPEG;
- }
- if (contentType.equalsIgnoreCase("PNG") || contentType.endsWith("png")) {
- return XAConstants.MIME_PNG;
- }
- return XAConstants.MIME_UNKNOWN;
- }
-
- /**
- * @param mimeType
- * @return
- */
- public String getMimeType(int mimeType) {
- switch (mimeType) {
- case XAConstants.MIME_JPEG:
- return "jpg";
- case XAConstants.MIME_PNG:
- return "png";
- }
- return "";
- }
-
- /**
- * @param contentType
- * @return
- */
- public String getImageExtension(String contentType) {
- if (contentType.toLowerCase().endsWith("jpg")
- || contentType.toLowerCase().endsWith("jpeg")) {
- return "jpg";
- } else if (contentType.toLowerCase().endsWith("png")) {
- return "png";
- }
- return "";
- }
-
- /**
- * @param file
- * @return
- */
- public String getFileNameWithoutExtension(File file) {
- if (file != null) {
- String fileName = file.getName();
- if (fileName.indexOf(".") > 0) {
- return fileName.substring(0, fileName.indexOf("."));
- }
- return fileName;
-
- }
- return null;
- }
-
- public String getDisplayNameForClassName(XXDBBase obj) {
- String classTypeDisplayName = XAConstants.getLabelFor_ClassTypes(obj
- .getMyClassType());
- if (classTypeDisplayName == null) {
- logger.error(
- "Error get name for class type. obj=" + obj.toString(),
- new Throwable());
- }
- return classTypeDisplayName;
- }
-
- public String getDisplayName(XXDBBase obj) {
- if (obj != null) {
- return handleGetDisplayName(obj.getMyDisplayValue());
- } else {
- return handleGetDisplayName(null);
- }
- }
-
- /**
- * @param displayValue
- * @return
- */
- private String handleGetDisplayName(String displayValue) {
- if (displayValue == null || displayValue.trim().isEmpty()) {
- return EMPTY_CONTENT_DISPLAY_NAME;
- }
-
- if (displayValue.length() > maxDisplayNameLength) {
- displayValue = displayValue.substring(0, maxDisplayNameLength - 3)
- .concat("...");
- }
- return displayValue;
- }
-
- /**
- * @param userProfile
- * @return
- */
- public String generatePublicName(VXPortalUser userProfile, XXPortalUser gjUser) {
- return generatePublicName(userProfile.getFirstName(),
- userProfile.getLastName());
- }
-
- public String generatePublicName(String firstName, String lastName) {
- String publicName = null;
- String fName = firstName;
- if (firstName.length() > maxFirstNameLength) {
- fName = firstName.substring(0, maxFirstNameLength - (1 + 3))
- + "...";
- }
- if (lastName != null && lastName.length() > 0) {
- publicName = fName + " " + lastName.substring(0, 1) + ".";
- }
- return publicName;
- }
-
- public void updateCloneReferences(XXDBBase obj) {
- if (obj == null) {
- return;
- }
- }
-
- public Long getForUserId(XXDBBase resource) {
- return null;
- }
-
- public XXDBBase getMObject(int objClassType, Long objId) {
- XXDBBase obj = null;
-
- if (objId != null) {
- BaseDao<?> dao = daoManager.getDaoForClassType(objClassType);
-
- if (dao != null) {
- obj = (XXDBBase) dao.getById(objId);
- }
- }
-
- return obj;
- }
-
- public XXDBBase getMObject(VXDataObject vXDataObject) {
- if (vXDataObject != null) {
- return getMObject(vXDataObject.getMyClassType(), vXDataObject.getId());
- }
- return null;
- }
-
- public VXDataObject getVObject(int objClassType, Long objId) {
- if (objId == null) {
- return null;
- }
- if (objClassType == XAConstants.CLASS_TYPE_USER_PROFILE) {
- return userMgr.mapXXPortalUserVXPortalUser(daoManager.getXXPortalUser().getById(
- objId));
- }
- try {
- AbstractBaseResourceService<?, ?> myService = AbstractBaseResourceService
- .getService(objClassType);
- if (myService != null) {
- return myService.readResource(objId);
- }
- } catch (Throwable t) {
- logger.error("Error reading resource. objectClassType="
- + objClassType + ", objectId=" + objId, t);
- }
- return null;
- }
-
- public void deleteReferencedObjects(XXDBBase obj) {
-
- if (obj == null) {
- return;
- }
- if (obj.getMyClassType() == XAConstants.CLASS_TYPE_NONE) {
- return;
- }
-
- }
-
- /**
- * @param obj
- */
- void deleteObjects(List<XXDBBase> objs) {
-
- }
-
- void deleteObject(XXDBBase obj) {
- AbstractBaseResourceService<?, ?> myService = AbstractBaseResourceService
- .getService(obj.getMyClassType());
- if (myService != null) {
- myService.deleteResource(obj.getId());
- } else {
- logger.error("Service not found for obj=" + obj, new Throwable());
- }
- }
-
- public <T extends XXDBBase> Class<? extends XXDBBase> getContextObject(
- int objectClassType, Long objectId) {
- return null;
- }
-
- public VXStringList mapStringListToVStringList(List<String> stringList) {
- if (stringList == null) {
- return null;
- }
-
- List<VXString> vStringList = new ArrayList<VXString>();
- for (String str : stringList) {
- VXString vXString = new VXString();
- vXString.setValue(str);
- vStringList.add(vXString);
- }
-
- return new VXStringList(vStringList);
- }
-
- /**
- * return response object if users is having permission on given resource
- *
- * @param vXResource
- * @param permission
- * @return
- */
- public VXResponse hasPermission(VXResource vXResource, int permission) {
-
- VXResponse vXResponse = new VXResponse();
- if (!enableResourceAccessControl) {
- logger.debug("Resource Access Control is disabled !!!");
- return vXResponse;
- }
-
- if (vXResource == null) {
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- vXResponse.setMsgDesc("Please provide valid policy.");
- return vXResponse;
- }
-
- String resourceNames = vXResource.getName();
- if (stringUtil.isEmpty(resourceNames)) {
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- vXResponse.setMsgDesc("Please provide valid policy.");
- return vXResponse;
- }
-
- if (isAdmin()) {
- return vXResponse;
- }
-
- Long xUserId = getXUserId();
- Long assetId = vXResource.getAssetId();
- List<XXResource> xResourceList = daoManager.getXXResource()
- .findByAssetIdAndResourceStatus(assetId,
- AppConstants.STATUS_ENABLED);
-
- XXAsset xAsset = daoManager.getXXAsset().getById(assetId);
- int assetType = xAsset.getAssetType();
-
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- vXResponse.setMsgDesc("Permission Denied !");
-
- if (assetType == AppConstants.ASSET_HIVE) {
- String[] requestResNameList = resourceNames.split(",");
- if (stringUtil.isEmpty(vXResource.getUdfs())) {
- int reqTableType = vXResource.getTableType();
- int reqColumnType = vXResource.getColumnType();
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchHivePolicy(resourceName,
- xResourceList, xUserId, permission, reqTableType,
- reqColumnType, false);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : "
- + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- } else {
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchHivePolicy(resourceName,
- xResourceList, xUserId, permission);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : "
- + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- }
- vXResponse.setStatusCode(VXResponse.STATUS_SUCCESS);
- return vXResponse;
- } else if (assetType == AppConstants.ASSET_HBASE) {
- String[] requestResNameList = resourceNames.split(",");
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchHbasePolicy(resourceName,
- xResourceList, vXResponse, xUserId, permission);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : " + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- vXResponse.setStatusCode(VXResponse.STATUS_SUCCESS);
- return vXResponse;
- } else if (assetType == AppConstants.ASSET_HDFS) {
- String[] requestResNameList = resourceNames.split(",");
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchHdfsPolicy(resourceName,
- xResourceList, xUserId, permission);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : " + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- vXResponse.setStatusCode(VXResponse.STATUS_SUCCESS);
- return vXResponse;
- } else if (assetType == AppConstants.ASSET_KNOX) {
- String[] requestResNameList = resourceNames.split(",");
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchKnoxPolicy(resourceName,
- xResourceList, vXResponse, xUserId, permission);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : " + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- vXResponse.setStatusCode(VXResponse.STATUS_SUCCESS);
- return vXResponse;
- } else if (assetType == AppConstants.ASSET_STORM) {
- String[] requestResNameList = resourceNames.split(",");
- for (String resourceName : requestResNameList) {
- boolean matchFound = matchStormPolicy(resourceName,
- xResourceList, vXResponse, xUserId, permission);
- if (!matchFound) {
- vXResponse.setMsgDesc("You're not permitted to perform "
- + "the action for resource path : " + resourceName);
- vXResponse.setStatusCode(VXResponse.STATUS_ERROR);
- return vXResponse;
- }
- }
- vXResponse.setStatusCode(VXResponse.STATUS_SUCCESS);
- return vXResponse;
- }
- return vXResponse;
- }
-
- /**
- * return true id current logged in session is owned by admin
- *
- * @return
- */
- public boolean isAdmin() {
- UserSessionBase currentUserSession = ContextUtil
- .getCurrentUserSession();
- if (currentUserSession == null) {
- logger.debug("Unable to find session.");
- return false;
- }
-
- if (currentUserSession.isUserAdmin()) {
- return true;
- }
- return false;
- }
-
- /**
- * returns current user's userID from active user sessions
- *
- * @return
- */
- public Long getXUserId() {
-
- UserSessionBase currentUserSession = ContextUtil
- .getCurrentUserSession();
- if (currentUserSession == null) {
- logger.debug("Unable to find session.");
- return null;
- }
-
- XXPortalUser user = daoManager.getXXPortalUser().getById(
- currentUserSession.getUserId());
- if (user == null) {
- logger.debug("XXPortalUser not found with logged in user id : "
- + currentUserSession.getUserId());
- return null;
- }
-
- XXUser xUser = daoManager.getXXUser().findByUserName(user.getLoginId());
- if (xUser == null) {
- logger.debug("XXPortalUser not found for user id :" + user.getId()
- + " with name " + user.getFirstName());
- return null;
- }
-
- return xUser.getId();
- }
-
- /**
- * returns true if user is having required permission on given Hdfs resource
- *
- * @param resourceName
- * @param xResourceList
- * @param xUserId
- * @param permission
- * @return
- */
- private boolean matchHdfsPolicy(String resourceName,
- List<XXResource> xResourceList, Long xUserId, int permission) {
- boolean matchFound = false;
- resourceName = replaceMetaChars(resourceName);
-
- for (XXResource xResource : xResourceList) {
- if (xResource.getResourceStatus() != AppConstants.STATUS_ENABLED) {
- continue;
- }
- Long resourceId = xResource.getId();
- matchFound = checkUsrPermForPolicy(xUserId, permission, resourceId);
- if (matchFound) {
- matchFound = false;
- String resource = xResource.getName();
- String[] dbResourceNameList = resource.split(",");
- for (String dbResourceName : dbResourceNameList) {
- if (comparePathsForExactMatch(resourceName, dbResourceName)) {
- matchFound = true;
- } else {
- if (xResource.getIsRecursive() == AppConstants.BOOL_TRUE) {
- matchFound = isRecursiveWildCardMatch(resourceName,
- dbResourceName);
- } else {
- matchFound = nonRecursiveWildCardMatch(
- resourceName, dbResourceName);
- }
- }
- if (matchFound) {
- break;
- }
- }
- if (matchFound) {
- break;
- }
- }
- }
- return matchFound;
- }
-
- /**
- * returns true if user is having required permission on given Hbase
- * resource
- *
- * @param resourceName
- * @param xResourceList
- * @param vXResponse
- * @param xUserId
- * @param permission
- * @return
- */
- public boolean matchHbasePolicy(String resourceName,
- List<XXResource> xResourceList, VXResponse vXResponse, Long xUserId,
- int permission) {
- if(stringUtil.isEmpty(resourceName) || xResourceList==null || xUserId==null){
- return false;
- }
-
- String[] splittedResources = stringUtil.split(resourceName, fileSeparator);
- if (splittedResources.length < 1 || splittedResources.length > 3) {
- logger.debug("Invalid resourceName name : " + resourceName);
- return false;
- }
-
- String tblName = splittedResources.length > 0 ? splittedResources[0] : StringUtil.WILDCARD_ASTERISK;
- String colFamName = splittedResources.length > 1 ? splittedResources[1] : StringUtil.WILDCARD_ASTERISK;
- String colName = splittedResources.length > 2 ? splittedResources[2] : StringUtil.WILDCARD_ASTERISK;
-
- boolean policyMatched = false;
- // check all resources whether Hbase policy is enabled in any resource
- // of provided resource list
- for (XXResource xResource : xResourceList) {
- if (xResource.getResourceStatus() != AppConstants.STATUS_ENABLED) {
- continue;
- }
- Long resourceId = xResource.getId();
- boolean hasPermission = checkUsrPermForPolicy(xUserId, permission, resourceId);
- // if permission is enabled then load Tables,column family and
- // columns list from resource
- if (! hasPermission) {
- continue;
- }
-
- // 1. does the policy match the table?
- String[] xTables = stringUtil.isEmpty(xResource.getTables()) ? null : stringUtil.split(xResource.getTables(), ",");
-
- boolean matchFound = (xTables == null || xTables.length == 0) ? true : matchPath(tblName, xTables);
-
- if(matchFound) {
- // 2. does the policy match the column?
- String[] xColumnFamilies = stringUtil.isEmpty(xResource.getColumnFamilies()) ? null : stringUtil.split(xResource.getColumnFamilies(), ",");
-
- matchFound = (xColumnFamilies == null || xColumnFamilies.length == 0) ? true : matchPath(colFamName, xColumnFamilies);
-
- if(matchFound) {
- // 3. does the policy match the columnFamily?
- String[] xColumns = stringUtil.isEmpty(xResource.getColumns()) ? null : stringUtil.split(xResource.getColumns(), ",");
-
- matchFound = (xColumns == null || xColumns.length == 0) ? true : matchPath(colName, xColumns);
- }
- }
-
- if (matchFound) {
- policyMatched = true;
- break;
- }
- }
- return policyMatched;
- }
-
- public boolean matchHivePolicy(String resourceName,
- List<XXResource> xResourceList, Long xUserId, int permission) {
- return matchHivePolicy(resourceName, xResourceList, xUserId,
- permission, 0, 0, true);
- }
-
- /**
- * returns true if user is having required permission on given Hive resource
- *
- * @param resourceName
- * @param xResourceList
- * @param xUserId
- * @param permission
- * @param reqTableType
- * @param reqColumnType
- * @param isUdfPolicy
- * @return
- */
- public boolean matchHivePolicy(String resourceName,
- List<XXResource> xResourceList, Long xUserId, int permission,
- int reqTableType, int reqColumnType, boolean isUdfPolicy) {
-
- if(stringUtil.isEmpty(resourceName) || xResourceList==null || xUserId==null){
- return false;
- }
-
- String[] splittedResources = stringUtil.split(resourceName, fileSeparator);// get list of resources
- if (splittedResources.length < 1 || splittedResources.length > 3) {
- logger.debug("Invalid resource name : " + resourceName);
- return false;
- }
-
- String dbName = splittedResources.length > 0 ? splittedResources[0] : StringUtil.WILDCARD_ASTERISK;
- String tblName = splittedResources.length > 1 ? splittedResources[1] : StringUtil.WILDCARD_ASTERISK;
- String colName = splittedResources.length > 2 ? splittedResources[2] : StringUtil.WILDCARD_ASTERISK;
-
- boolean policyMatched = false;
- for (XXResource xResource : xResourceList) {
- if (xResource.getResourceStatus() != AppConstants.STATUS_ENABLED) {
- continue;
- }
-
- Long resourceId = xResource.getId();
- boolean hasPermission = checkUsrPermForPolicy(xUserId, permission, resourceId);
-
- if (! hasPermission) {
- continue;
- }
-
- // 1. does the policy match the database?
- String[] xDatabases = stringUtil.isEmpty(xResource.getDatabases()) ? null : stringUtil.split(xResource.getDatabases(), ",");
-
- boolean matchFound = (xDatabases == null || xDatabases.length == 0) ? true : matchPath(dbName, xDatabases);
-
- if (! matchFound) {
- continue;
- }
-
- // Type(either UDFs policy or non-UDFs policy) of current policy
- // should be of same as type of policy being iterated
- if (!stringUtil.isEmpty(xResource.getUdfs()) && !isUdfPolicy) {
- continue;
- }
-
- if (isUdfPolicy) {
- // 2. does the policy match the UDF?
- String[] xUdfs = stringUtil.isEmpty(xResource.getUdfs()) ? null : stringUtil.split(xResource.getUdfs(), ",");
-
- if(! matchPath(tblName, xUdfs)) {
- continue;
- } else {
- policyMatched = true;
- break;
- }
- } else {
- // 2. does the policy match the table?
- String[] xTables = stringUtil.isEmpty(xResource.getTables()) ? null : stringUtil.split(xResource.getTables(), ",");
-
- matchFound = (xTables == null || xTables.length == 0) ? true : matchPath(tblName, xTables);
-
- if(xResource.getTableType() == AppConstants.POLICY_EXCLUSION) {
- matchFound = !matchFound;
- }
-
- if (!matchFound) {
- continue;
- }
-
- // 3. does current policy match the column?
- String[] xColumns = stringUtil.isEmpty(xResource.getColumns()) ? null : stringUtil.split(xResource.getColumns(), ",");
-
- matchFound = (xColumns == null || xColumns.length == 0) ? true : matchPath(colName, xColumns);
-
- if(xResource.getColumnType() == AppConstants.POLICY_EXCLUSION) {
- matchFound = !matchFound;
- }
-
- if (!matchFound) {
- continue;
- } else {
- policyMatched = true;
- break;
- }
- }
- }
- return policyMatched;
- }
- /**
- * returns true if user is having required permission on given Hbase
- * resource
- *
- * @param resourceName
- * @param xResourceList
- * @param vXResponse
- * @param xUserId
- * @param permission
- * @return
- */
- private boolean matchKnoxPolicy(String resourceName,
- List<XXResource> xResourceList, VXResponse vXResponse, Long xUserId,
- int permission) {
-
- String[] splittedResources = stringUtil.split(resourceName,
- fileSeparator);
- int numberOfResources = splittedResources.length;
- if (numberOfResources < 1 || numberOfResources > 3) {
- logger.debug("Invalid policy name : " + resourceName);
- return false;
- }
-
- boolean policyMatched = false;
- // check all resources whether Knox policy is enabled in any resource
- // of provided resource list
- for (XXResource xResource : xResourceList) {
- if (xResource.getResourceStatus() != AppConstants.STATUS_ENABLED) {
- continue;
- }
- Long resourceId = xResource.getId();
- boolean hasPermission = checkUsrPermForPolicy(xUserId, permission,
- resourceId);
- // if permission is enabled then load Topologies,services list from resource
- if (hasPermission) {
- String[] xTopologies = (xResource.getTopologies() == null || xResource
- .getTopologies().equalsIgnoreCase("")) ? null : stringUtil
- .split(xResource.getTopologies(), ",");
- String[] xServices = (xResource.getServices() == null || xResource
- .getServices().equalsIgnoreCase("")) ? null
- : stringUtil.split(xResource.getServices(), ",");
-
- boolean matchFound = false;
-
- for (int index = 0; index < numberOfResources; index++) {
- matchFound = false;
- // check whether given table resource matches with any
- // existing topology resource
- if (index == 0) {
- if(xTopologies!=null){
- for (String xTopology : xTopologies) {
- if (matchPath(splittedResources[index], xTopology)) {
- matchFound = true;
- continue;
- }
- }
- }
- if(!matchFound) {
- break;
- }
- } // check whether given service resource matches with
- // any existing service resource
- else if (index == 1) {
- if(xServices!=null){
- for (String xService : xServices) {
- if (matchPath(splittedResources[index],
- xService)) {
- matchFound = true;
- continue;
- }
- }
- }
- if(!matchFound) {
- break;
- }
- }
- }
- if (matchFound) {
- policyMatched = true;
- break;
- }
- }
- }
- return policyMatched;
- }
-
- /**
- * returns true if user is having required permission on given STORM
- * resource
- *
- * @param resourceName
- * @param xResourceList
- * @param vXResponse
- * @param xUserId
- * @param permission
- * @return
- */
- private boolean matchStormPolicy(String resourceName,
- List<XXResource> xResourceList, VXResponse vXResponse, Long xUserId,
- int permission) {
-
- String[] splittedResources = stringUtil.split(resourceName,
- fileSeparator);
- int numberOfResources = splittedResources.length;
- if (numberOfResources < 1 || numberOfResources > 3) {
- logger.debug("Invalid policy name : " + resourceName);
- return false;
- }
-
- boolean policyMatched = false;
- // check all resources whether Knox policy is enabled in any resource
- // of provided resource list
- for (XXResource xResource : xResourceList) {
- if (xResource.getResourceStatus() != AppConstants.STATUS_ENABLED) {
- continue;
- }
- Long resourceId = xResource.getId();
- boolean hasPermission = checkUsrPermForPolicy(xUserId, permission,
- resourceId);
- // if permission is enabled then load Topologies,services list from resource
- if (hasPermission) {
- String[] xTopologies = (xResource.getTopologies() == null || xResource
- .getTopologies().equalsIgnoreCase("")) ? null : stringUtil
- .split(xResource.getTopologies(), ",");
- /*String[] xServices = (xResource.getServices() == null || xResource
- .getServices().equalsIgnoreCase("")) ? null
- : stringUtil.split(xResource.getServices(), ",");*/
-
- boolean matchFound = false;
-
- for (int index = 0; index < numberOfResources; index++) {
- matchFound = false;
- // check whether given table resource matches with any
- // existing topology resource
- if (index == 0) {
- if(xTopologies!=null){
- for (String xTopology : xTopologies) {
- if (matchPath(splittedResources[index], xTopology)) {
- matchFound = true;
- continue;
- }
- }
- }
- } // check whether given service resource matches with
- // any existing service resource
- /*else if (index == 1) {
- if(xServices!=null){
- for (String xService : xServices) {
- if (matchPath(splittedResources[index],
- xService)) {
- matchFound = true;
- continue;
- }
- }
- }
- }*/
- }
- if (matchFound) {
- policyMatched = true;
- break;
- }
- }
- }
- return policyMatched;
- }
-
- /**
- * returns path without meta characters
- *
- * @param path
- * @return
- */
- public String replaceMetaChars(String path) {
- if (path == null || path.isEmpty()) {
- return path;
- }
-
- if (path.contains("*")) {
- String replacement = getRandomString(5, 60);
- path = path.replaceAll("\\*", replacement);
- }
- if (path.contains("?")) {
- String replacement = getRandomString(1, 1);
- path = path.replaceAll("\\?", replacement);
- }
- return path;
- }
-
- /**
- * returns random String of given length range
- *
- * @param minLen
- * @param maxLen
- * @return
- */
- private String getRandomString(int minLen, int maxLen) {
- StringBuilder sb = new StringBuilder();
- int len = getRandomInt(minLen, maxLen);
- for (int i = 0; i < len; i++) {
- int charIdx = random.nextInt(PATH_CHAR_SET_LEN);
- sb.append(PATH_CHAR_SET[charIdx]);
- }
- return sb.toString();
- }
-
- /**
- * return random integer number for given range
- *
- * @param min
- * @param max
- * @return
- */
- private int getRandomInt(int min, int max) {
- if (min == max) {
- return min;
- } else {
- int interval = max - min;
- int randomNum = random.nextInt();
- return ((Math.abs(randomNum) % interval) + min);
- }
- }
-
- /**
- * returns true if given userID is having specified permission on specified
- * resource
- *
- * @param xUserId
- * @param permission
- * @param resourceId
- * @return
- */
- private boolean checkUsrPermForPolicy(Long xUserId, int permission,
- Long resourceId) {
- // this snippet load user groups and permission map list from DB
- List<XXGroup> userGroups = new ArrayList<XXGroup>();
- List<XXPermMap> permMapList = new ArrayList<XXPermMap>();
- userGroups = daoManager.getXXGroup().findByUserId(xUserId);
- permMapList = daoManager.getXXPermMap().findByResourceId(resourceId);
- Long publicGroupId = getPublicGroupId();
- boolean matchFound = false;
- for (XXPermMap permMap : permMapList) {
- if (permMap.getPermType() == permission) {
- if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
- // check whether permission is enabled for public group or a group to which user belongs
- matchFound = (publicGroupId != null && publicGroupId == permMap.getGroupId()) || isGroupInList(permMap.getGroupId(), userGroups);
- } else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
- // check whether permission is enabled to user
- matchFound = permMap.getUserId().equals(xUserId);
- }
- }
- if (matchFound) {
- break;
- }
- }
- return matchFound;
- }
-
- public Long getPublicGroupId() {
- XXGroup xXGroupPublic = daoManager.getXXGroup().findByGroupName(XAConstants.GROUP_PUBLIC);
-
- return xXGroupPublic != null ? xXGroupPublic.getId() : null;
- }
-
- /**
- * returns true is given group id is in given group list
- *
- * @param groupId
- * @param xGroupList
- * @return
- */
- public boolean isGroupInList(Long groupId, List<XXGroup> xGroupList) {
- for (XXGroup xGroup : xGroupList) {
- if (xGroup.getId().equals(groupId)) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * returns true if given path matches in same level or sub directories with
- * given wild card pattern
- *
- * @param pathToCheck
- * @param wildcardPath
- * @return
- */
- public boolean isRecursiveWildCardMatch(String pathToCheck,
- String wildcardPath) {
- if (pathToCheck != null) {
- if (wildcardPath != null && wildcardPath.equals(fileSeparator)) {
- return true;
- }
- StringBuilder sb = new StringBuilder();
- for (String p : pathToCheck.split(fileSeparator)) {
- sb.append(p);
- boolean matchFound = FilenameUtils.wildcardMatch(sb.toString(),
- wildcardPath);
- if (matchFound) {
- return true;
- }
- sb.append(fileSeparator);
- }
- sb = null;
- }
- return false;
- }
-
- /**
- * return List<Integer>
- *
- * List of all possible parent return type for some specific resourceType
- *
- * @param resourceType
- * , assetType
- *
- */
- public List<Integer> getResorceTypeParentHirearchy(int resourceType,
- int assetType) {
- List<Integer> resourceTypeList = new ArrayList<Integer>();
-
- if (assetType == AppConstants.ASSET_HDFS) {
- resourceTypeList.add(AppConstants.RESOURCE_PATH);
- } else if (assetType == AppConstants.ASSET_HIVE) {
- resourceTypeList.add(AppConstants.RESOURCE_DB);
- if (resourceType == AppConstants.RESOURCE_TABLE) {
- resourceTypeList.add(AppConstants.RESOURCE_TABLE);
- } else if (resourceType == AppConstants.RESOURCE_UDF) {
- resourceTypeList.add(AppConstants.RESOURCE_UDF);
- } else if (resourceType == AppConstants.RESOURCE_COLUMN) {
- resourceTypeList.add(AppConstants.RESOURCE_TABLE);
- resourceTypeList.add(AppConstants.RESOURCE_COLUMN);
- }
- } else if (assetType == AppConstants.ASSET_HBASE) {
- resourceTypeList.add(AppConstants.RESOURCE_TABLE);
- if (resourceType == AppConstants.RESOURCE_COL_FAM) {
- resourceTypeList.add(AppConstants.RESOURCE_COL_FAM);
- } else if (resourceType == AppConstants.RESOURCE_COLUMN) {
- resourceTypeList.add(AppConstants.RESOURCE_COL_FAM);
- resourceTypeList.add(AppConstants.RESOURCE_COLUMN);
- }
- }
-
- return resourceTypeList;
- }
-
- /**
- * return true if both path matches exactly, wild card matching is not
- * checked
- *
- * @param path1
- * @param path2
- * @return
- */
- public boolean comparePathsForExactMatch(String path1, String path2) {
- String pathSeparator = fileSeparator;
- if (!path1.endsWith(pathSeparator)) {
- path1 = path1.concat(pathSeparator);
- }
- if (!path2.endsWith(pathSeparator)) {
- path2 = path2.concat(pathSeparator);
- }
- return path1.equalsIgnoreCase(path2);
- }
-
- /**
- * return true if both path matches at same level path, this function does
- * not match sub directories
- *
- * @param pathToCheck
- * @param wildcardPath
- * @return
- */
- public boolean nonRecursiveWildCardMatch(String pathToCheck,
- String wildcardPath) {
- if (pathToCheck != null && wildcardPath != null) {
-
- List<String> pathToCheckArray = new ArrayList<String>();
- List<String> wildcardPathArray = new ArrayList<String>();
-
- for (String p : pathToCheck.split(fileSeparator)) {
- pathToCheckArray.add(p);
- }
- for (String w : wildcardPath.split(fileSeparator)) {
- wildcardPathArray.add(w);
- }
-
- if (pathToCheckArray.size() == wildcardPathArray.size()) {
- boolean match = false;
- for (int index = 0; index < pathToCheckArray.size(); index++) {
- match = matchPath(pathToCheckArray.get(index),
- wildcardPathArray.get(index));
- if (!match)
- return match;
- }
- return match;
- }
- }
- return false;
- }
-
- /**
- * returns true if first and second path are same
- *
- * @param pathToCheckFragment
- * @param wildCardPathFragment
- * @return
- */
- private boolean matchPath(String pathToCheckFragment,
- String wildCardPathFragment) {
- if(pathToCheckFragment == null || wildCardPathFragment == null) {
- return false;
- }
-
- if (pathToCheckFragment.contains("*")
- || pathToCheckFragment.contains("?")) {
- pathToCheckFragment = replaceMetaChars(pathToCheckFragment);
-
- if (wildCardPathFragment.contains("*")
- || wildCardPathFragment.contains("?")) {
- return FilenameUtils.wildcardMatch(pathToCheckFragment,
- wildCardPathFragment, IOCase.SENSITIVE);
- } else {
- return false;
- }
- } else {
- if (wildCardPathFragment.contains("*")
- || wildCardPathFragment.contains("?")) {
- return FilenameUtils.wildcardMatch(pathToCheckFragment,
- wildCardPathFragment, IOCase.SENSITIVE);
- } else {
- return pathToCheckFragment.trim().equals(
- wildCardPathFragment.trim());
- }
- }
- }
-
- private boolean matchPath(String pathToCheck, String[] wildCardPaths) {
- if (pathToCheck != null && wildCardPaths != null) {
- for (String wildCardPath : wildCardPaths) {
- if (matchPath(pathToCheck, wildCardPath)) {
- return true;
- }
- }
- }
-
- return false;
- }
-
- /**
- * This method returns true if first parameter value is equal to others
- * argument value passed
- *
- * @param checkValue
- * @param otherValues
- * @return
- */
- public static boolean areAllEqual(int checkValue, int... otherValues) {
- for (int value : otherValues) {
- if (value != checkValue) {
- return false;
- }
- }
- return true;
- }
-
- public void createTrxLog(List<XXTrxLog> trxLogList) {
- if (trxLogList == null) {
- return;
- }
-
- UserSessionBase usb = ContextUtil.getCurrentUserSession();
- Long authSessionId = null;
- if (usb != null) {
- authSessionId = ContextUtil.getCurrentUserSession().getSessionId();
- }
- Long trxId = GUIDUtil.genLong();
-
- for (XXTrxLog xTrxLog : trxLogList) {
- xTrxLog.setTransactionId(trxId.toString());
- if (authSessionId != null) {
- xTrxLog.setSessionId("" + authSessionId);
- }
- xTrxLog.setSessionType("Spring Authenticated Session");
- xTrxLog.setRequestId(trxId.toString());
- daoManager.getXXTrxLog().create(xTrxLog);
- }
- }
-
- public static int getDBFlavor() {
-
- String dbFlavor = "";
- boolean dbFlavorPropFound = true;
-
- dbFlavor = PropertiesUtil.getProperty("xa.db.flavor");
- if (dbFlavor == null || dbFlavor.trim().isEmpty()) {
- dbFlavor = PropertiesUtil.getProperty("jdbc.dialect");
- dbFlavorPropFound = false;
- }
-
- if (dbFlavor != null && !dbFlavor.trim().isEmpty()) {
- if (dbFlavorPropFound) {
- if ("MYSQL".equalsIgnoreCase(dbFlavor)) {
- return AppConstants.DB_FLAVOR_MYSQL;
- } else if ("ORACLE".equalsIgnoreCase(dbFlavor)) {
- return AppConstants.DB_FLAVOR_ORACLE;
- } else {
- return AppConstants.DB_FLAVOR_UNKNOWN;
- }
- } else {
- if (dbFlavor.toUpperCase().contains("MYSQL")) {
- return AppConstants.DB_FLAVOR_MYSQL;
- } else if (dbFlavor.toUpperCase().contains("ORACLE")) {
- return AppConstants.DB_FLAVOR_ORACLE;
- } else {
- return AppConstants.DB_FLAVOR_UNKNOWN;
- }
- }
- } else {
- logger.error("Property : xa.db.flavor or jdbc.dialect, not found");
- return AppConstants.DB_FLAVOR_UNKNOWN;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java b/security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java
index 7031508..c1e3077 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XAuditMgrBase.java
@@ -19,9 +19,16 @@
package org.apache.ranger.biz;
-import org.apache.ranger.common.*;
-import org.apache.ranger.service.*;
-import org.apache.ranger.view.*;
+import org.apache.ranger.common.MessageEnums;
+import org.apache.ranger.common.RESTErrorUtil;
+import org.apache.ranger.common.SearchCriteria;
+import org.apache.ranger.service.XAccessAuditService;
+import org.apache.ranger.service.XTrxLogService;
+import org.apache.ranger.view.VXAccessAudit;
+import org.apache.ranger.view.VXAccessAuditList;
+import org.apache.ranger.view.VXLong;
+import org.apache.ranger.view.VXTrxLog;
+import org.apache.ranger.view.VXTrxLogList;
import org.springframework.beans.factory.annotation.Autowired;
public class XAuditMgrBase {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 7f0fe37..64ae9b3 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -26,13 +26,11 @@ import java.util.List;
import java.util.Set;
import org.apache.log4j.Logger;
-import org.apache.ranger.biz.UserMgr;
-import org.apache.ranger.biz.XABizUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.PropertiesUtil;
+import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.common.SearchCriteria;
-import org.apache.ranger.common.XAConstants;
-import org.apache.ranger.db.XADaoManager;
+import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.db.XXGroupUserDao;
import org.apache.ranger.entity.XXGroup;
import org.apache.ranger.entity.XXPortalUser;
@@ -54,16 +52,16 @@ public class XUserMgr extends XUserMgrBase {
@Autowired
XUserService xUserService;
@Autowired
- XABizUtil msBizUtil;
+ RangerBizUtil msBizUtil;
@Autowired
UserMgr userMgr;
@Autowired
- XADaoManager daoManager;
+ RangerDaoManager daoManager;
@Autowired
- XABizUtil xaBizUtil;
+ RangerBizUtil xaBizUtil;
static final Logger logger = Logger.getLogger(XUserMgr.class);
@@ -219,7 +217,7 @@ public class XUserMgr extends XUserMgrBase {
roleList=userMgr.getRolesForUser(xXPortalUser);
}
if(roleList==null || roleList.size()==0){
- roleList.add(XAConstants.ROLE_USER);
+ roleList.add(RangerConstants.ROLE_USER);
}
// TODO I've to get the transaction log from here.
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
index 2a413d2..b20ce31 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
@@ -19,9 +19,28 @@
package org.apache.ranger.biz;
-import org.apache.ranger.common.*;
-import org.apache.ranger.service.*;
-import org.apache.ranger.view.*;
+import org.apache.ranger.common.MessageEnums;
+import org.apache.ranger.common.RESTErrorUtil;
+import org.apache.ranger.common.SearchCriteria;
+import org.apache.ranger.service.XAuditMapService;
+import org.apache.ranger.service.XGroupGroupService;
+import org.apache.ranger.service.XGroupService;
+import org.apache.ranger.service.XGroupUserService;
+import org.apache.ranger.service.XPermMapService;
+import org.apache.ranger.service.XUserService;
+import org.apache.ranger.view.VXAuditMap;
+import org.apache.ranger.view.VXAuditMapList;
+import org.apache.ranger.view.VXGroup;
+import org.apache.ranger.view.VXGroupGroup;
+import org.apache.ranger.view.VXGroupGroupList;
+import org.apache.ranger.view.VXGroupList;
+import org.apache.ranger.view.VXGroupUser;
+import org.apache.ranger.view.VXGroupUserList;
+import org.apache.ranger.view.VXLong;
+import org.apache.ranger.view.VXPermMap;
+import org.apache.ranger.view.VXPermMapList;
+import org.apache.ranger.view.VXUser;
+import org.apache.ranger.view.VXUserList;
import org.springframework.beans.factory.annotation.Autowired;
public class XUserMgrBase {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
index ac47ef0..c5bfedf 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java
@@ -19,11 +19,8 @@
package org.apache.ranger.common;
-import java.util.*;
-import org.apache.ranger.common.*;
-
-public class AppConstants extends XACommonEnums {
+public class AppConstants extends RangerCommonEnums {
/***************************************************************
* Enum values for AssetType
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java
index 026e253..eb1d573 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java
@@ -19,8 +19,8 @@
package org.apache.ranger.common;
-import org.apache.ranger.security.context.XAContextHolder;
-import org.apache.ranger.security.context.XASecurityContext;
+import org.apache.ranger.security.context.RangerContextHolder;
+import org.apache.ranger.security.context.RangerSecurityContext;
public class ContextUtil {
@@ -31,7 +31,7 @@ public class ContextUtil {
}
public static Long getCurrentUserId() {
- XASecurityContext context = XAContextHolder.getSecurityContext();
+ RangerSecurityContext context = RangerContextHolder.getSecurityContext();
if (context != null) {
UserSessionBase userSession = context.getUserSession();
if (userSession != null) {
@@ -42,7 +42,7 @@ public class ContextUtil {
}
public static String getCurrentUserPublicName() {
- XASecurityContext context = XAContextHolder.getSecurityContext();
+ RangerSecurityContext context = RangerContextHolder.getSecurityContext();
if (context != null) {
UserSessionBase userSession = context.getUserSession();
if (userSession != null) {
@@ -55,7 +55,7 @@ public class ContextUtil {
public static UserSessionBase getCurrentUserSession() {
UserSessionBase userSession = null;
- XASecurityContext context = XAContextHolder.getSecurityContext();
+ RangerSecurityContext context = RangerContextHolder.getSecurityContext();
if (context != null) {
userSession = context.getUserSession();
}
@@ -63,7 +63,7 @@ public class ContextUtil {
}
public static RequestContext getCurrentRequestContext() {
- XASecurityContext context = XAContextHolder.getSecurityContext();
+ RangerSecurityContext context = RangerContextHolder.getSecurityContext();
if (context != null) {
return context.getRequestContext();
}
@@ -71,7 +71,7 @@ public class ContextUtil {
}
public static String getCurrentUserLoginId() {
- XASecurityContext context = XAContextHolder.getSecurityContext();
+ RangerSecurityContext context = RangerContextHolder.getSecurityContext();
if (context != null) {
UserSessionBase userSession = context.getUserSession();
if (userSession != null) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java b/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java
index a553978..b710020 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java
@@ -26,6 +26,7 @@ import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
+
import org.springframework.stereotype.Component;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java b/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java
index 29b1395..6eba2e6 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java
@@ -22,8 +22,6 @@
*/
package org.apache.ranger.common;
-import java.util.Map;
-
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
@@ -45,19 +43,19 @@ public class HTTPUtil {
public int getDeviceType(String userAgent) {
if (userAgent == null) {
- return XACommonEnums.DEVICE_UNKNOWN;
+ return RangerCommonEnums.DEVICE_UNKNOWN;
}
if (userAgent.contains(IPHONE)) {
- return XACommonEnums.DEVICE_IPHONE;
+ return RangerCommonEnums.DEVICE_IPHONE;
} else if (userAgent.contains(IPAD)) {
- return XACommonEnums.DEVICE_IPAD;
+ return RangerCommonEnums.DEVICE_IPAD;
} else if (userAgent.contains(IPOD)) {
- return XACommonEnums.DEVICE_IPOD;
+ return RangerCommonEnums.DEVICE_IPOD;
} else if (userAgent.contains(ANDROID)) {
- return XACommonEnums.DEVICE_ANDROID;
+ return RangerCommonEnums.DEVICE_ANDROID;
} else {
- return XACommonEnums.DEVICE_BROWSER;
+ return RangerCommonEnums.DEVICE_BROWSER;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
index eeacd11..2901b0f 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
@@ -22,16 +22,16 @@
*/
package org.apache.ranger.common;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
-import org.apache.log4j.Logger;
+import org.apache.log4j.Logger;
import org.apache.ranger.credentialapi.CredentialReader;
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
-import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
+import org.springframework.beans.BeansException;
+import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
+import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/06ca8538/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java
index 9d05ca0..8d7d96d 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java
@@ -20,7 +20,6 @@
package org.apache.ranger.common;
import java.text.DateFormat;
-import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;