You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/08/27 02:50:22 UTC
[2/4] incubator-ranger git commit: RANGER-274: Updates to tag model
and tag REST APIs
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/agents-common/src/test/resources/admin/service-defs/test-hive-servicedef.json
----------------------------------------------------------------------
diff --git a/agents-common/src/test/resources/admin/service-defs/test-hive-servicedef.json b/agents-common/src/test/resources/admin/service-defs/test-hive-servicedef.json
new file mode 100644
index 0000000..53b1926
--- /dev/null
+++ b/agents-common/src/test/resources/admin/service-defs/test-hive-servicedef.json
@@ -0,0 +1,226 @@
+{
+ "id":3,
+ "name": "hive",
+ "implClass": "org.apache.ranger.services.hive.RangerServiceHive",
+ "label": "Hive Server2",
+ "description": "Hive Server2",
+ "guid": "3e1afb5a-184a-4e82-9d9c-87a5cacc243c",
+ "resources":
+ [
+ {
+ "itemId": 1,
+ "name": "database",
+ "type": "string",
+ "level": 10,
+ "parent": "",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Hive Database",
+ "description": "Hive Database"
+ },
+
+ {
+ "itemId": 2,
+ "name": "table",
+ "type": "string",
+ "level": 20,
+ "parent": "database",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Hive Table",
+ "description": "Hive Table"
+ },
+
+ {
+ "itemId": 3,
+ "name": "udf",
+ "type": "string",
+ "level": 20,
+ "parent": "database",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Hive UDF",
+ "description": "Hive UDF"
+ },
+
+ {
+ "itemId": 4,
+ "name": "column",
+ "type": "string",
+ "level": 30,
+ "parent": "table",
+ "mandatory": true,
+ "lookupSupported": true,
+ "recursiveSupported": false,
+ "excludesSupported": true,
+ "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+ "matcherOptions": { "wildCard":true, "ignoreCase":true },
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Hive Column",
+ "description": "Hive Column"
+ }
+ ],
+
+ "accessTypes":
+ [
+ {
+ "itemId": 1,
+ "name": "select",
+ "label": "select"
+ },
+
+ {
+ "itemId": 2,
+ "name": "update",
+ "label": "update"
+ },
+
+ {
+ "itemId": 3,
+ "name": "create",
+ "label": "Create"
+ },
+
+ {
+ "itemId": 4,
+ "name": "drop",
+ "label": "Drop"
+ },
+
+ {
+ "itemId": 5,
+ "name": "alter",
+ "label": "Alter"
+ },
+
+ {
+ "itemId": 6,
+ "name": "index",
+ "label": "Index"
+ },
+
+ {
+ "itemId": 7,
+ "name": "lock",
+ "label": "Lock"
+ },
+
+ {
+ "itemId": 8,
+ "name": "all",
+ "label": "All",
+ "impliedGrants":
+ [
+ "select",
+ "update",
+ "create",
+ "drop",
+ "alter",
+ "index",
+ "lock"
+ ]
+ }
+ ],
+
+ "configs":
+ [
+ {
+ "itemId": 1,
+ "name": "username",
+ "type": "string",
+ "mandatory": true,
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Username"
+ },
+
+ {
+ "itemId": 2,
+ "name": "password",
+ "type": "password",
+ "mandatory": true,
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Password"
+ },
+
+ {
+ "itemId": 3,
+ "name": "jdbc.driverClassName",
+ "type": "string",
+ "mandatory": true,
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "defaultValue": "org.apache.hive.jdbc.HiveDriver"
+ },
+
+ {
+ "itemId": 4,
+ "name": "jdbc.url",
+ "type": "string",
+ "mandatory": true,
+ "defaultValue": "",
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":""
+ },
+
+ {
+ "itemId": 5,
+ "name": "commonNameForCertificate",
+ "type": "string",
+ "mandatory": false,
+ "validationRegEx":"",
+ "validationMessage": "",
+ "uiHint":"",
+ "label": "Common Name for Certificate"
+ }
+ ],
+
+ "enums":
+ [
+
+ ],
+
+ "contextEnrichers":
+ [
+ ],
+
+ "policyConditions":
+ [
+ {
+ "itemId":1,
+ "name":"not-accessed-together",
+ "evaluator": "org.apache.ranger.plugin.conditionevaluator.RangerHiveResourcesNotAccessedTogetherCondition",
+ "evaluatorOptions" : {},
+ "label":"Not Accessed Together?",
+ "description": "List of Hive resources"
+ }
+ ]
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json
----------------------------------------------------------------------
diff --git a/agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json b/agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json
index 9e59cb0..86332e3 100644
--- a/agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json
+++ b/agents-common/src/test/resources/policyengine/test_policyengine_tag_hdfs.json
@@ -105,7 +105,7 @@
"itemId": 1,
"name" : "TagEnricher",
"enricher" : "org.apache.ranger.plugin.contextenricher.RangerTagProvider",
- "enricherOptions" : {"tagProviderType":"FILESTORE_BASED_TAG_PROVIDER", "pollingInterval":-1, "useTestTagProvider":"false", "dataFile":"/etc/ranger/data/resourceTags.txt"}
+ "enricherOptions" : {"tagProviderType":"FILESTORE_BASED_TAG_PROVIDER", "pollingInterval":-1, "dataFile":"/etc/ranger/data/resourceTags.txt"}
}
],
"policyConditions": [
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json
----------------------------------------------------------------------
diff --git a/agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json b/agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json
index 7898223..f7fab3d 100644
--- a/agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json
+++ b/agents-common/src/test/resources/policyengine/test_policyengine_tag_hive.json
@@ -130,7 +130,7 @@
"itemId": 1,
"name" : "TagEnricher",
"enricher" : "org.apache.ranger.plugin.contextenricher.RangerTagProvider",
- "enricherOptions" : {"tagProviderType":"FILESTORE_BASED_TAG_PROVIDER", "pollingInterval":-1, "useTestTagProvider":"true", "dataFile":"/etc/ranger/data/resourceTags.txt"}
+ "enricherOptions" : {"tagProviderType":"FILESTORE_BASED_TAG_PROVIDER", "pollingInterval":-1, "dataFile":"/etc/ranger/data/resourceTags.txt"}
}
],
"policyConditions": [
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
index 852b98d..22c2a30 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java
@@ -19,12 +19,7 @@
package org.apache.ranger.authorization.hive.authorizer;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.audit.model.AuthzAuditEvent;
@@ -97,7 +92,10 @@ public class RangerHiveAuditHandler extends RangerDefaultAuditHandler {
RangerHiveResource resource = (RangerHiveResource)request.getResource();
String resourcePath = auditEvent.getResourcePath() + "," + resource.getColumn();
auditEvent.setResourcePath(resourcePath);
- auditEvent.getTags().addAll(getTags(request));
+ Set<String> tags = getTags(request);
+ if (tags != null) {
+ auditEvent.getTags().addAll(tags);
+ }
} else { // new event as this approval was due to a different policy.
AuthzAuditEvent auditEvent = createAuditEvent(result);
auditEvents.put(policyId, auditEvent);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java
----------------------------------------------------------------------
diff --git a/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java b/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java
index b3ddcdc..b49fb3a 100644
--- a/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java
+++ b/knox-agent/src/main/java/org/apache/ranger/admin/client/RangerAdminJersey2RESTClient.java
@@ -34,8 +34,7 @@ import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.security.AccessControlException;
-import org.apache.ranger.plugin.model.RangerTaggedResource;
-import org.apache.ranger.plugin.model.RangerTaggedResourceKey;
+import org.apache.ranger.plugin.model.RangerTag;
import org.apache.ranger.plugin.util.*;
import com.google.gson.Gson;
@@ -204,8 +203,8 @@ public class RangerAdminJersey2RESTClient implements RangerAdminClient {
}
@Override
- public TagServiceResources getTaggedResources(Long lastTimestamp) throws Exception {
- throw new Exception("RangerAdminjersey2RESTClient.getTaggedResource() -- *** NOT IMPLEMENTED *** ");
+ public ServiceTags getServiceTagsIfUpdated(long lastKnownVersion) throws Exception {
+ throw new Exception("RangerAdminjersey2RESTClient.getServiceTagsIfUpdated() -- *** NOT IMPLEMENTED *** ");
}
@Override
@@ -223,22 +222,6 @@ public class RangerAdminJersey2RESTClient implements RangerAdminClient {
}
- @Override
- public List<RangerTaggedResource> setTagsForResources(List<RangerTaggedResourceKey> keys, List<RangerTaggedResource.RangerResourceTag> tags) throws Exception {
- throw new Exception("RangerAdminjersey2RESTClient.setTagsForResources() -- *** NOT IMPLEMENTED *** ");
- }
-
- @Override
- public RangerTaggedResource setTagsForResource(RangerTaggedResourceKey key, List<RangerTaggedResource.RangerResourceTag> tags) throws Exception {
- throw new Exception("RangerAdminjersey2RESTClient.setTagsForResource() -- *** NOT IMPLEMENTED *** ");
- }
-
- @Override
- public RangerTaggedResource updateTagsForResource(RangerTaggedResourceKey key, List<RangerTaggedResource.RangerResourceTag> tagsToAdd,
- List<RangerTaggedResource.RangerResourceTag> tagsToDelete) throws Exception {
- throw new Exception("RangerAdminjersey2RESTClient.updateTagsForResource() -- *** NOT IMPLEMENTED *** ");
- }
-
// package level methods left so (and not private only for testability!) Not intended for use outside this class!!
Gson getGson() {
return new GsonBuilder()
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
index 922c86c..f50687a 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/TagDBStore.java
@@ -48,22 +48,20 @@ import org.apache.ranger.entity.XXTagResourceMap;
import org.apache.ranger.entity.XXTaggedResource;
import org.apache.ranger.entity.XXTaggedResourceValue;
import org.apache.ranger.entity.XXTaggedResourceValueMap;
-import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.*;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
-import org.apache.ranger.plugin.model.RangerServiceDef;
-import org.apache.ranger.plugin.model.RangerTagDef;
-import org.apache.ranger.plugin.model.RangerTaggedResource;
import org.apache.ranger.plugin.model.RangerTagDef.RangerTagAttributeDef;
-import org.apache.ranger.plugin.model.RangerTaggedResource.RangerResourceTag;
-import org.apache.ranger.plugin.model.RangerTaggedResourceKey;
+import org.apache.ranger.plugin.model.RangerTag;
import org.apache.ranger.plugin.policyresourcematcher.RangerDefaultPolicyResourceMatcher;
+import org.apache.ranger.plugin.store.AbstractTagStore;
import org.apache.ranger.plugin.store.PList;
import org.apache.ranger.plugin.store.ServiceStore;
import org.apache.ranger.plugin.store.TagStore;
import org.apache.ranger.plugin.util.SearchFilter;
-import org.apache.ranger.plugin.util.TagServiceResources;
+import org.apache.ranger.plugin.util.ServiceTags;
import org.apache.ranger.service.RangerAuditFields;
import org.apache.ranger.service.RangerTagDefService;
+import org.apache.ranger.service.RangerTagService;
import org.apache.ranger.service.RangerTaggedResourceService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -76,6 +74,9 @@ public class TagDBStore implements TagStore {
RangerTagDefService rangerTagDefService;
@Autowired
+ RangerTagService rangerTagService;
+
+ @Autowired
RangerTaggedResourceService rangerTaggedResourceService;
@Autowired
@@ -269,115 +270,42 @@ public class TagDBStore implements TagStore {
return rangerTagDefService.searchRangerTagDefs(filter);
}
- @Override
- public RangerTaggedResource createTaggedResource(RangerTaggedResource resource, boolean createOrUpdate) throws Exception {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> TagDBStore.createTaggedResource(" + resource + ")");
- }
+ /*
+ private XXTag createTagAttributes(RangerTag tag) {
+ XXTag xTag = new XXTag();
- RangerTaggedResource ret = null;
- RangerTaggedResource existing = null;
- boolean updateResource = false;
+ xTag.setExternalId(tag.getExternalId());
+ xTag.setName(tag.getName());
+ xTag.setGuid(guidUtil.genGUID());
+ xTag = (XXTag) rangerAuditFields.populateAuditFieldsForCreate(xTag);
- existing = getResource(resource.getKey());
+ xTag = daoManager.getXXTag().create(xTag);
- if (existing != null) {
- if (!createOrUpdate) {
- throw errorUtil.createRESTException("resource(s) with same specification already exists", MessageEnums.ERROR_DUPLICATE_OBJECT);
- } else {
- updateResource = true;
- }
- }
+ for (Entry<String, String> attr : tag.getAttributeValues().entrySet()) {
+ XXTagAttribute xTagAttr = new XXTagAttribute();
- if (!updateResource) {
- if (resource.getId() != null) {
- existing = getResource(resource.getId());
- }
+ xTagAttr.setTagId(xTag.getId());
+ xTagAttr.setName(attr.getKey());
+ xTagAttr.setValue(attr.getValue());
+ xTagAttr.setGuid(guidUtil.genGUID());
+ xTagAttr = (XXTagAttribute) rangerAuditFields.populateAuditFieldsForCreate(xTagAttr);
- if (existing != null) {
- if (!createOrUpdate) {
- throw errorUtil.createRESTException(resource.getId() + ": resource already exists (id=" + existing.getId() + ")", MessageEnums.ERROR_DUPLICATE_OBJECT);
- } else {
- updateResource = true;
- }
- }
+ xTagAttr = daoManager.getXXTagAttribute().create(xTagAttr);
}
- try {
- if (updateResource) {
- ret = updateTaggedResource(resource);
- } else {
- ret = rangerTaggedResourceService.create(resource);
-
- ret.setKey(resource.getKey());
- ret.setTags(resource.getTags());
- RangerTaggedResourceKey resKey = createResourceSpecForTaggedResource(ret);
- List<RangerResourceTag> tags = createTagsForTaggedResource(ret);
-
- if (resKey == null || tags == null) {
- throw errorUtil.createRESTException("failed to save resource '" + resource.getId() + "'", MessageEnums.ERROR_CREATING_OBJECT);
- }
- }
- } catch (Exception excp) {
- LOG.warn("TagDBStore.createTaggedResource: failed to save resource '" + resource.getId() + "'", excp);
- throw errorUtil.createRESTException("failed to save resource '" + resource.getId() + "'", MessageEnums.ERROR_CREATING_OBJECT);
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== TagDBStore.createTaggedResource(" + resource + ")");
- }
- return ret;
+ return xTag;
}
- private List<RangerResourceTag> createTagsForTaggedResource(RangerTaggedResource resource) {
-
- List<RangerResourceTag> tags = resource.getTags();
-
- if (tags == null) {
- return null;
- }
-
- for (RangerResourceTag tag : tags) {
- XXTag xTag = new XXTag();
-
- xTag.setExternalId(tag.getExternalId());
- xTag.setName(tag.getName());
- xTag.setGuid(guidUtil.genGUID());
- xTag = (XXTag) rangerAuditFields.populateAuditFieldsForCreate(xTag);
-
- xTag = daoManager.getXXTag().create(xTag);
-
- for (Entry<String, String> attr : tag.getAttributeValues().entrySet()) {
- XXTagAttribute xTagAttr = new XXTagAttribute();
-
- xTagAttr.setTagId(xTag.getId());
- xTagAttr.setName(attr.getKey());
- xTagAttr.setValue(attr.getValue());
- xTagAttr.setGuid(guidUtil.genGUID());
- xTagAttr = (XXTagAttribute) rangerAuditFields.populateAuditFieldsForCreate(xTagAttr);
-
- xTagAttr = daoManager.getXXTagAttribute().create(xTagAttr);
- }
-
- XXTagResourceMap tagResMap = new XXTagResourceMap();
- tagResMap.setTaggedResId(resource.getId());
- tagResMap.setTagId(xTag.getId());
- tagResMap.setGuid(guidUtil.genGUID());
- tagResMap = (XXTagResourceMap) rangerAuditFields.populateAuditFieldsForCreate(tagResMap);
-
- tagResMap = daoManager.getXXTagResourceMap().create(tagResMap);
+ private void deleteTagAttributes(Long tagId) {
+ List<XXTagAttribute> tagAttrList = daoManager.getXXTagAttribute().findByTagId(tagId);
+ for (XXTagAttribute tagAttr : tagAttrList) {
+ daoManager.getXXTagAttribute().remove(tagAttr);
}
-
- return tags;
}
- private RangerTaggedResourceKey createResourceSpecForTaggedResource(RangerTaggedResource resource) {
-
- if (resource.getKey() == null) {
- return null;
- }
+ private void createResourceSpecForResource(RangerServiceResource resource) {
- String serviceName = resource.getKey().getServiceName();
+ String serviceName = resource.getServiceName();
XXService xService = daoManager.getXXService().findByName(serviceName);
if (xService == null) {
@@ -389,14 +317,13 @@ public class TagDBStore implements TagStore {
throw errorUtil.createRESTException("No Service-Def found with ID: " + xService.getType(), MessageEnums.ERROR_CREATING_OBJECT);
}
- RangerTaggedResourceKey resKey = resource.getKey();
- Map<String, RangerPolicy.RangerPolicyResource> resourceSpec = resKey.getResourceSpec();
+ Map<String, RangerPolicy.RangerPolicyResource> resourceSpec = resource.getResourceSpec();
for (Entry<String, RangerPolicyResource> resSpec : resourceSpec.entrySet()) {
XXResourceDef xResDef = daoManager.getXXResourceDef().findByNameAndServiceDefId(resSpec.getKey(), xServiceDef.getId());
if (xResDef == null) {
- LOG.error("TagDBStore.createTaggedResource: ResourceType is not valid [" + resSpec.getKey() + "]");
+ LOG.error("TagDBStore.createResource: ResourceType is not valid [" + resSpec.getKey() + "]");
throw errorUtil.createRESTException("Resource Type is not valid [" + resSpec.getKey() + "]", MessageEnums.DATA_NOT_FOUND);
}
@@ -426,253 +353,407 @@ public class TagDBStore implements TagStore {
sortOrder++;
}
}
- return resKey;
}
+ private void deleteResourceValue(Long resourceId) {
+ List<XXTaggedResourceValue> taggedResValueList = daoManager.getXXTaggedResourceValue().findByTaggedResId(resourceId);
+ for (XXTaggedResourceValue taggedResValue : taggedResValueList) {
+ List<XXTaggedResourceValueMap> taggedResValueMapList = daoManager.getXXTaggedResourceValueMap().findByResValueId(taggedResValue.getId());
+ for (XXTaggedResourceValueMap taggedResValueMap : taggedResValueMapList) {
+ daoManager.getXXTaggedResourceValueMap().remove(taggedResValueMap);
+ }
+ daoManager.getXXTaggedResourceValue().remove(taggedResValue);
+ }
+ }
+
+ private void updateResourceSpecForResource(RangerServiceResource updResource) {
+
+ if (updResource != null) {
+ deleteResourceValue(updResource.getId());
+ }
+
+ createResourceSpecForResource(updResource);
+ }
+ */
+
@Override
- public RangerTaggedResource updateTaggedResource(RangerTaggedResource resource) throws Exception {
+ public RangerTag createTag(RangerTag tag) throws Exception
+ {
+ throw new Exception("Not implemented");
- RangerTaggedResource existing = getResource(resource.getId());
- if (existing == null) {
- throw errorUtil.createRESTException(resource.getId() + ": resource does not exist (id=" + resource.getId() + ")", MessageEnums.DATA_NOT_FOUND);
+ /*
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagDBStore.createTag(" + tag + ")");
}
- RangerTaggedResource ret = null;
+ throw new Exception("Not implemented");
+
+
+
+ RangerTag ret = null;
- try {
- if (StringUtils.isEmpty(resource.getCreatedBy())) {
- resource.setCreatedBy(existing.getCreatedBy());
- }
- if (resource.getCreateTime() == null) {
- resource.setCreateTime(existing.getCreateTime());
- }
- if (StringUtils.isEmpty(resource.getGuid())) {
- resource.setGuid(existing.getGuid());
- }
- ret = rangerTaggedResourceService.update(resource);
- ret.setTags(resource.getTags());
- ret.setKey(resource.getKey());
+ try {
- RangerTaggedResourceKey updKey = updateResourceSpecForTaggedResource(ret);
- List<RangerResourceTag> updTags = updateTagsForTaggedResource(ret);
+ ret = rangerTagService.getPopulatedViewObject(createTagAttributes(tag));
- ret.setKey(updKey);
- ret.setTags(updTags);
+ } catch (Exception e) {
+ throw errorUtil.createRESTException("failed to save tag [" + tag.getName() + "]", MessageEnums.ERROR_CREATING_OBJECT);
+ }
- } catch (Exception excp) {
- LOG.warn("TagDBStore.updateTagDef(): failed to save resource '" + resource.getId() + "'", excp);
- throw new Exception("failed to save resource '" + resource.getId() + "'", excp);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagDBStore.createTag(" + tag + ")");
}
return ret;
+ */
}
- private RangerTaggedResourceKey updateResourceSpecForTaggedResource(RangerTaggedResource updResource) {
+ @Override
+ public RangerTag updateTag(RangerTag tag) throws Exception
+ {
- if (updResource == null) {
- return null;
+ throw new Exception("Not implemented");
+
+ /*
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagDBStore.updateTag(" + tag + ")");
}
- deleteTaggedResourceValue(updResource.getId());
+ throw new Exception("Not implemented");
- return createResourceSpecForTaggedResource(updResource);
- }
+ RangerTag ret = null;
- private List<RangerResourceTag> updateTagsForTaggedResource(RangerTaggedResource updResource) {
- if (updResource == null) {
- return null;
+ RangerTag existing = rangerTagService.read(tag.getId());
+
+ if (existing == null) {
+ throw errorUtil.createRESTException("failed to update tag [" + tag.getName() + "], Reason: No Tag found with id: [" + tag.getId() + "]",
+ MessageEnums.DATA_NOT_UPDATABLE);
}
- deleteTagsForTaggedResource(updResource.getId());
+ if (StringUtils.isEmpty(tag.getCreatedBy())) {
+ tag.setCreatedBy(existing.getCreatedBy());
+ }
+ if (tag.getCreateTime() == null) {
+ tag.setCreateTime(existing.getCreateTime());
+ }
+ if (StringUtils.isEmpty(tag.getGuid())) {
+ tag.setGuid(existing.getGuid());
+ }
- return createTagsForTaggedResource(updResource);
- }
+ deleteTagAttributes(existing.getId());
- private void deleteTaggedResourceValue(Long resourceId) {
- List<XXTaggedResourceValue> taggedResValueList = daoManager.getXXTaggedResourceValue().findByTaggedResId(resourceId);
- for (XXTaggedResourceValue taggedResValue : taggedResValueList) {
- List<XXTaggedResourceValueMap> taggedResValueMapList = daoManager.getXXTaggedResourceValueMap().findByResValueId(taggedResValue.getId());
- for (XXTaggedResourceValueMap taggedResValueMap : taggedResValueMapList) {
- daoManager.getXXTaggedResourceValueMap().remove(taggedResValueMap);
- }
- daoManager.getXXTaggedResourceValue().remove(taggedResValue);
+ createTagAttributes(tag);
+
+ ret = rangerTagService.update(tag);
+
+ ret = rangerTagService.read(ret.getId());
+
+
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagDBStore.updateTag(" + tag + ") : " + ret);
}
+
+ return ret;
+ */
}
- private void deleteTagsForTaggedResource(Long resourceId) {
- List<XXTagResourceMap> oldTagResMapList = daoManager.getXXTagResourceMap().findByTaggedResourceId(resourceId);
- for (XXTagResourceMap oldTagResMap : oldTagResMapList) {
- daoManager.getXXTagResourceMap().remove(oldTagResMap);
+ @Override
+ public void deleteTagById(Long id) throws Exception {
- List<XXTagAttribute> tagAttrList = daoManager.getXXTagAttribute().findByTagId(oldTagResMap.getTagId());
- for (XXTagAttribute tagAttr : tagAttrList) {
- daoManager.getXXTagAttribute().remove(tagAttr);
- }
- daoManager.getXXTag().remove(oldTagResMap.getTagId());
+ throw new Exception("Not implemented");
+
+ /*
+ RangerTag tag = rangerTagService.read(id);
+ deleteTagAttributes(id);
+ rangerTagService.delete(tag);
+ */
+ }
+
+ @Override
+ public RangerTag getTagById(Long id) throws Exception {
+ throw new Exception("Not implemented");
+
+ /*
+ RangerTag ret = null;
+
+ ret = rangerTagService.read(id);
+
+ return ret;
+ */
+ }
+
+ @Override
+ public List<RangerTag> getTagsByName(String name) throws Exception {
+ throw new Exception("Not implemented");
+
+ /*
+ List<RangerTag> ret = null;
+
+ if (StringUtils.isNotBlank(name)) {
+ SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_NAME, name);
+ ret = getTags(filter);
+ } else {
+ ret = null;
}
+
+ return ret;
+ */
}
@Override
- public void deleteResource(Long taggedResId) throws Exception {
+ public List<RangerTag> getTagsByExternalId(String externalId) throws Exception {
+ throw new Exception("Not implemented");
- XXTaggedResource taggedRes = daoManager.getXXTaggedResource().getById(taggedResId);
- if (taggedRes == null) {
- throw errorUtil.createRESTException("No Resource exists with Id: " + taggedResId, MessageEnums.DATA_NOT_FOUND);
+ /*
+ List<RangerTag> ret = null;
+
+ if (StringUtils.isNotBlank(externalId)) {
+ SearchFilter filter = new SearchFilter(SearchFilter.TAG_EXTERNAL_ID, externalId);
+ ret = getTags(filter);
+ } else {
+ ret = null;
}
- // Remove tags associated with resource
- deleteTagsForTaggedResource(taggedResId);
+ return ret;
+ */
+ }
- // Remove taggedResourceValue
- deleteTaggedResourceValue(taggedResId);
+ @Override
+ public List<RangerTag> getTags(SearchFilter filter) throws Exception {
+ throw new Exception("Not implemented");
- // Remove taggedResource
- daoManager.getXXTaggedResource().remove(taggedRes);
+ /*
+ List<RangerTag> ret = null;
+
+ ret = rangerTagService.searchRangerTags(filter).getList();
+
+ return ret;
+ */
}
+
@Override
- public RangerTaggedResource getResource(Long id) throws Exception {
- return rangerTaggedResourceService.read(id);
+ public RangerServiceResource createServiceResource(RangerServiceResource resource) throws Exception {
+ throw new Exception("Not implemented");
+
+ /*
+ if (LOG.isDebugEnabled()) {
+
+ LOG.debug("==> TagDBStore.createResource(" + resource + ")");
+ }
+ throw new Exception("Not implemented");
+
+ RangerServiceResource ret = null;
+
+ try {
+ ret = rangerTaggedResourceService.create(resource);
+
+ ret = rangerTaggedResourceService.read(ret.getId());
+
+ createResourceSpecForResource(ret);
+
+ } catch (Exception e) {
+ throw errorUtil.createRESTException("failed to save resource [" + resource.getId() + "]", MessageEnums.ERROR_CREATING_OBJECT);
+ }
+
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagDBStore.createResource(" + resource + ")");
+ }
+
+ return ret;
+ */
}
@Override
- public TagServiceResources getResources(String serviceName, Long lastTimestamp) throws Exception {
+ public RangerServiceResource updateServiceResource(RangerServiceResource resource) throws Exception {
+ throw new Exception("Not implemented");
- List<RangerTaggedResource> taggedResources;
+ /*
- SearchFilter filter = new SearchFilter();
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagDBStore.updateResource(" + resource + ")");
+ }
- if (StringUtils.isNotBlank(serviceName)) {
- filter.setParam(SearchFilter.TAG_RESOURCE_SERVICE_NAME, serviceName);
+ throw new Exception("Not implemented");
+
+ RangerServiceResource ret = null;
+
+ RangerServiceResource existing = rangerTaggedResourceService.read(resource.getId());
+
+
+ if (existing == null) {
+ throw errorUtil.createRESTException("failed to update tag [" + resource.getId() + "], Reason: No resource found with id: [" + resource.getId() + "]",
+ MessageEnums.DATA_NOT_UPDATABLE);
}
- if (lastTimestamp != null) {
- filter.setParam(SearchFilter.TAG_RESOURCE_TIMESTAMP, Long.toString(lastTimestamp.longValue()));
+ if (StringUtils.isEmpty(resource.getCreatedBy())) {
+ resource.setCreatedBy(existing.getCreatedBy());
+ }
+ if (resource.getCreateTime() == null) {
+ resource.setCreateTime(existing.getCreateTime());
}
+ if (StringUtils.isEmpty(resource.getGuid())) {
+ resource.setGuid(existing.getGuid());
+ }
+
+ ret = rangerTaggedResourceService.update(resource);
- taggedResources = getResources(filter);
+ ret = rangerTaggedResourceService.read(ret.getId());
- TagServiceResources ret = new TagServiceResources();
- ret.setTaggedResources(taggedResources);
- // TBD
- ret.setLastUpdateTime(new Date());
- ret.setVersion(1L);
+ updateResourceSpecForResource(ret);
+
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagDBStore.updateResource(" + resource + ") : " + ret);
+ }
return ret;
+ */
}
@Override
- public List<RangerTaggedResource> getResources(SearchFilter filter) throws Exception {
- return getPaginatedResources(filter).getList();
+ public void deleteServiceResourceById(Long id) throws Exception {
+
+ throw new Exception("Not implemented");
+
+ /*
+ XXTaggedResource taggedRes = daoManager.getXXTaggedResource().getById(id);
+ if (taggedRes == null) {
+ throw errorUtil.createRESTException("No Resource exists with Id: " + id, MessageEnums.DATA_NOT_FOUND);
+ }
+
+ // Remove taggedResourceValue
+ deleteResourceValue(id);
+
+ // Remove taggedResource
+ daoManager.getXXTaggedResource().remove(id);
+ */
}
@Override
- public PList<RangerTaggedResource> getPaginatedResources(SearchFilter filter) throws Exception {
- return rangerTaggedResourceService.searchRangerTaggedResources(filter);
+ public List<RangerServiceResource> getServiceResourcesByExternalId(String externalId) throws Exception {
+
+ throw new Exception("Not implemented");
+
+ /*
+ List<RangerServiceResource> ret = null;
+
+
+ if (StringUtils.isNotBlank(externalId)) {
+ SearchFilter filter = new SearchFilter(SearchFilter.TAG_EXTERNAL_ID, externalId);
+ ret = getServiceResources(filter);
+ } else {
+ ret = null;
+ }
+
+ return ret;
+ */
}
@Override
- public List<String> getTags(String serviceName) throws Exception {
+ public RangerServiceResource getServiceResourceById(Long id) throws Exception {
- XXService xService = daoManager.getXXService().findByName(serviceName);
- if (xService == null) {
- throw errorUtil.createRESTException("No Service found with name [" + serviceName + "]", MessageEnums.DATA_NOT_FOUND);
- }
+ throw new Exception("Not implemented");
- List<String> tagList = daoManager.getXXTag().findTagNamesByServiceId(xService.getId());
+ /*
+ RangerServiceResource ret = null;
+ ret = rangerTaggedResourceService.read(id);
+ return ret;
+ */
+ }
- Collections.sort(tagList, new Comparator<String>() {
- @Override
- public int compare(String s1, String s2) {
- return s1.compareToIgnoreCase(s2);
- }
- });
- return tagList;
+ @Override
+ public List<RangerServiceResource> getServiceResourcesByServiceAndResourceSpec(String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) throws Exception {
+ throw new Exception("Not implemented");
}
@Override
- public List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception {
+ public List<RangerServiceResource> getServiceResources(SearchFilter filter) throws Exception{
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> TagDBStore.lookupTags(" + serviceName + ", " + tagNamePattern + ")");
- }
-
- List<String> tagNameList = getTags(serviceName);
- List<String> matchedTagList = new ArrayList<String>();
-
- if (CollectionUtils.isNotEmpty(tagNameList)) {
- Pattern p = Pattern.compile(tagNamePattern);
- for (String tagName : tagNameList) {
- Matcher m = p.matcher(tagName);
- if (LOG.isDebugEnabled()) {
- LOG.debug("TagDBStore.lookupTags) - Trying to match .... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName);
- }
- if (m.matches()) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("TagDBStore.lookupTags) - Match found.... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName);
- }
- matchedTagList.add(tagName);
- }
- }
- }
+ throw new Exception("Not implemented");
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== TagDBStore.lookupTags(" + serviceName + ", " + tagNamePattern + ")");
- }
+ /*
+ List<RangerServiceResource> ret = null;
- return matchedTagList;
+ ret = rangerTaggedResourceService.searchRangerTaggedResources(filter).getList();
+ return ret;
+ */
}
@Override
- public RangerTaggedResource getResource(RangerTaggedResourceKey key) throws Exception {
- if (key == null) {
- LOG.error("TagDBStore.getResources() - parameter 'key' is null.");
- throw errorUtil.createRESTException("TagFileStore.getResources() - parameter 'key' is null.", MessageEnums.INVALID_INPUT_DATA);
- }
+ public RangerTagResourceMap createTagResourceMap(RangerTagResourceMap tagResourceMap) throws Exception {
+ throw new Exception("Not implemented");
+ }
- XXService xService = daoManager.getXXService().findByName(key.getServiceName());
- if (xService == null) {
- LOG.error("TagDBStore.getResources() - No Service found with name [" + key.getServiceName() + "]");
- throw errorUtil.createRESTException("TagDBStore.getResources() - No Service found with name [" + key.getServiceName() + "]", MessageEnums.INVALID_INPUT_DATA);
- }
+ @Override
+ public void deleteTagResourceMapById(Long id) throws Exception {
+ throw new Exception("Not implemented");
+ }
+
+ @Override
+ public List<RangerTagResourceMap> getTagResourceMap(String externalResourceId, String externalTagId) throws Exception {
+ throw new Exception("Not implemented");
+ }
+
+ @Override
+ public RangerTagResourceMap getTagResourceMapById(Long id) throws Exception {
+ throw new Exception("Not implemented");
+ }
- RangerServiceDef serviceDef = serviceDBStore.getServiceDef(xService.getType());
- Long serviceId = xService.getId();
+ @Override
+ public List<RangerTagResourceMap> getTagResourceMaps(SearchFilter filter) throws Exception {
+ throw new Exception("Not implemented");
+ }
- RangerTaggedResource ret = null;
+ @Override
+ public ServiceTags getServiceTagsIfUpdated(String serviceName, Long lastKnownVersion) throws Exception {
+ throw new Exception("Not implemented");
+ }
- List<XXTaggedResource> taggedResList = daoManager.getXXTaggedResource().findByServiceId(serviceId);
+ @Override
+ public PList<RangerTagResourceMap> getPaginatedTagResourceMaps(SearchFilter filter) throws Exception {
+ throw new Exception("Not implemented");
+ }
- if (CollectionUtils.isEmpty(taggedResList)) {
- return null;
- }
+ @Override
+ public List<String> getTags(String serviceName) throws Exception {
+ throw new Exception("Not implemented");
+ }
- if (taggedResList.size() == 1) {
- ret = rangerTaggedResourceService.getPopulatedViewObjject(taggedResList.get(0));
- return ret;
- } else {
- for (XXTaggedResource xTaggedRes : taggedResList) {
- RangerTaggedResource taggedRes = rangerTaggedResourceService.getPopulatedViewObjject(xTaggedRes);
+ @Override
+ public List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception {
+ throw new Exception("Not implemented");
+ }
- RangerDefaultPolicyResourceMatcher policyResourceMatcher = new RangerDefaultPolicyResourceMatcher();
+ @Override
+ public List<RangerTag> getTagsForServiceResource(Long resourceId) throws Exception {
+ throw new Exception("Not implemented");
+ }
- policyResourceMatcher.setPolicyResources(taggedRes.getKey().getResourceSpec());
+ @Override
+ public List<RangerTag> getTagsForServiceResourceByExtId(String resourceExtId) throws Exception {
+ throw new Exception("Not implemented");
+ }
- policyResourceMatcher.setServiceDef(serviceDef);
- policyResourceMatcher.init();
- boolean isMatch = policyResourceMatcher.isExactMatch(key.getResourceSpec());
+ @Override
+ public List<RangerTagDef> getTagDefsByExternalId(String extId) throws Exception {
+ throw new Exception("Not implemented");
+ }
- if (isMatch) {
- return taggedRes;
- }
- }
- }
- return ret;
+ @Override
+ public List<RangerTagResourceMap> getTagResourceMapsByTagId(Long tagId) throws Exception {
+ throw new Exception("Not implemented");
}
+ @Override
+ public List<RangerTagResourceMap> getTagResourceMapsByResourceId(Long resourceId) throws Exception {
+ throw new Exception("Not implemented");
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/entity/XXTag.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXTag.java b/security-admin/src/main/java/org/apache/ranger/entity/XXTag.java
index af15b0a..46b760b 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXTag.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXTag.java
@@ -49,6 +49,12 @@ public class XXTag extends XXDBBase implements Serializable {
@Column(name = "guid", unique = true, nullable = false, length = 512)
protected String guid;
+ @Column(name = "version")
+ protected Long version;
+
+ @Column(name = "is_enabled")
+ protected Boolean isEnabled;
+
@Column(name = "tag_def_id")
protected Long tagDefId;
@@ -84,6 +90,36 @@ public class XXTag extends XXDBBase implements Serializable {
}
/**
+ * @return the version
+ */
+ public Long getVersion() {
+ return version;
+ }
+
+ /**
+ * @param version
+ * the version to set
+ */
+ public void setVersion(Long version) {
+ this.version = version;
+ }
+
+ /**
+ * @return the isEnabled
+ */
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+
+ /**
+ * @param isEnabled
+ * the isEnabled to set
+ */
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled;
+ }
+
+ /**
* @return the tagDefId
*/
public Long getTagDefId() {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
index 5af0b66..b667777 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
@@ -20,18 +20,22 @@
package org.apache.ranger.rest;
import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.collections.ListUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ranger.biz.ServiceDBStore;
-import org.apache.ranger.biz.TagDBStore;
+//import org.apache.ranger.biz.TagDBStore;
import org.apache.ranger.common.RESTErrorUtil;
-import org.apache.ranger.plugin.model.RangerTaggedResourceKey;
-import org.apache.ranger.plugin.model.RangerTaggedResource;
+import org.apache.ranger.plugin.model.RangerServiceResource;
+import org.apache.ranger.plugin.model.RangerTag;
+import org.apache.ranger.plugin.model.RangerTagResourceMap;
import org.apache.ranger.plugin.model.RangerTagDef;
import org.apache.ranger.plugin.store.TagStore;
+import org.apache.ranger.plugin.store.TagValidator;
+
import org.apache.ranger.plugin.store.file.TagFileStore;
import org.apache.ranger.plugin.util.SearchFilter;
-import org.apache.ranger.plugin.util.TagServiceResources;
+import org.apache.ranger.plugin.util.ServiceTags;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
@@ -60,19 +64,29 @@ public class TagREST {
@Autowired
ServiceDBStore svcStore;
- @Autowired
- TagDBStore tagStore;
+ //@Autowired
+ //TagDBStore tagStore;
+
+ TagStore tagStore;
+
+ //@Autowired
+ //TagValidator validator;
+
+ TagValidator validator;
- public TagREST() {
+ public TagREST() {
}
@PostConstruct
public void initStore() {
-
+ tagStore = TagFileStore.getInstance();
+ tagStore.setServiceStore(svcStore);
+ validator = new TagValidator();
+ validator.setTagStore(tagStore);
}
@POST
- @Path(TagRESTConstants.TAGS_RESOURCE)
+ @Path(TagRESTConstants.TAGDEFS_RESOURCE)
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
public RangerTagDef createTagDef(RangerTagDef tagDef) {
@@ -100,7 +114,7 @@ public class TagREST {
}
@PUT
- @Path(TagRESTConstants.TAG_RESOURCE + "/{id}")
+ @Path(TagRESTConstants.TAGDEF_RESOURCE + "/{id}")
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
@@ -131,7 +145,7 @@ public class TagREST {
}
@DELETE
- @Path(TagRESTConstants.TAG_RESOURCE + "/{id}")
+ @Path(TagRESTConstants.TAGDEF_RESOURCE + "/{id}")
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
public void deleteTagDef(@PathParam("id") Long id) {
@@ -155,7 +169,7 @@ public class TagREST {
}
@GET
- @Path(TagRESTConstants.TAG_RESOURCE+"/{name}")
+ @Path(TagRESTConstants.TAGDEF_RESOURCE+"/{name}")
@Produces({ "application/json", "application/xml" })
public List<RangerTagDef> getTagDefByName(@PathParam("name") String name) {
if(LOG.isDebugEnabled()) {
@@ -184,7 +198,7 @@ public class TagREST {
}
@GET
- @Path(TagRESTConstants.TAGS_RESOURCE)
+ @Path(TagRESTConstants.TAGDEFS_RESOURCE)
@Produces({ "application/json", "application/xml" })
public List<RangerTagDef> getTagDefs() {
if(LOG.isDebugEnabled()) {
@@ -213,376 +227,601 @@ public class TagREST {
}
@POST
- @Path(TagRESTConstants.RESOURCES_RESOURCE)
+ @Path(TagRESTConstants.TAGS_RESOURCE)
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public RangerTaggedResource createResource(RangerTaggedResource resource) {
+ public RangerTag createTag(RangerTag tag) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.createResource(" + resource + ")");
+ LOG.debug("==> TagREST.createTag(" + tag + ")");
}
- RangerTaggedResource ret;
+ RangerTag ret;
try {
- //RangerResourceValidator validator = validatorFactory.getResourceValidator(tagStore);
- //validator.validate(resource, Action.CREATE);
- ret = tagStore.createTaggedResource(resource, false);
+ validator.preCreateTag(tag);
+ ret = tagStore.createTag(tag);
} catch(Exception excp) {
- LOG.error("createResource(" + resource + ") failed", excp);
+ LOG.error("createTag(" + tag + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.createResource(" + resource + "): " + ret);
+ LOG.debug("<== TagREST.createTag(" + tag + "): " + ret);
}
return ret;
}
@PUT
- @Path(TagRESTConstants.RESOURCE_RESOURCE + "/{id}")
+ @Path(TagRESTConstants.TAG_RESOURCE + "{id}")
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public RangerTaggedResource updateResource(@PathParam("id") Long id, RangerTaggedResource resource) {
+
+ public RangerTag updateTagById(@PathParam("id") Long id, RangerTag tag) {
+
+ RangerTag ret;
+
+ try {
+ validator.preUpdateTagById(id, tag);
+ ret = tagStore.updateTag(tag);
+ } catch (Exception excp) {
+ LOG.error("updateTag() failed", excp);
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.updateResource(" + id + ")");
+ LOG.debug("<== TagREST.updateTag(): " + ret);
}
- if (resource.getId() == null) {
- resource.setId(id);
- } else if (!resource.getId().equals(id)) {
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST , "resource id mismatch", true);
+ return ret;
+ }
+
+ @PUT
+ @Path(TagRESTConstants.TAG_RESOURCE + "externalId/{externalId}")
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+
+ public RangerTag updateTagByExternalId(@PathParam("externalId") String externalId, RangerTag tag) {
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.updateTagByExternalId(" + externalId + ")");
}
- RangerTaggedResource ret;
+ RangerTag ret;
try {
- //RangerResourceValidator validator = validatorFactory.getResourceValidator(tagStore);
- //validator.validate(resource, Action.UPDATE);
- ret = tagStore.updateTaggedResource(resource);
- } catch(Exception excp) {
- LOG.error("updateResource(" + id + ") failed", excp);
-
+ validator.preUpdateTagByExternalId(externalId, tag);
+ ret = tagStore.updateTag(tag);
+ } catch (Exception excp) {
+ LOG.error("updateTagByExternalId(" + externalId + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
-
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.updateResource(" + resource + "): " + ret);
+ LOG.debug("<== TagREST.updateTagByExternalId(" + externalId + "): " + ret);
}
return ret;
}
@PUT
- @Path(TagRESTConstants.RESOURCE_RESOURCE + "/{id}/" +TagRESTConstants.ACTION_SUB_RESOURCE)
+ @Path(TagRESTConstants.TAG_RESOURCE + "name/{name}")
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public RangerTaggedResource updateResource(@PathParam("id") final Long id, @DefaultValue(TagRESTConstants.ACTION_ADD) @QueryParam(TagRESTConstants.ACTION_OP) String op, List<RangerTaggedResource.RangerResourceTag> resourceTagList) {
-
- RangerTaggedResource ret;
-
- if (op.equals(TagRESTConstants.ACTION_ADD) ||
- op.equals(TagRESTConstants.ACTION_REPLACE) ||
- op.equals(TagRESTConstants.ACTION_DELETE)) {
- RangerTaggedResource oldResource;
- try {
- oldResource = tagStore.getResource(id);
- } catch (Exception excp) {
- LOG.error("getResource(" + id + ") failed", excp);
+ public RangerTag updateTagByName(@PathParam("name") String name, RangerTag tag) {
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
- }
- List<RangerTaggedResource.RangerResourceTag> oldTagsAndValues = oldResource.getTags();
-
- switch (op) {
- case TagRESTConstants.ACTION_ADD:
- oldTagsAndValues.addAll(resourceTagList);
- break;
- case TagRESTConstants.ACTION_REPLACE:
- oldResource.setTags(resourceTagList);
- break;
- case TagRESTConstants.ACTION_DELETE:
- oldTagsAndValues.removeAll(resourceTagList);
- break;
- default:
- break;
- }
- oldResource.setTags(oldTagsAndValues);
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.updateTagByName(" + name + ")");
+ }
- try {
- //RangerResourceValidator validator = validatorFactory.getResourceValidator(tagStore);
- //validator.validate(resource, Action.UPDATE);
- ret = tagStore.updateTaggedResource(oldResource);
- } catch (Exception excp) {
- LOG.error("updateResource(" + id + ") failed", excp);
+ RangerTag ret;
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
- }
- } else {
- LOG.error("updateResource(" + id + ") failed, invalid operation " + op);
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, "invalid update operation", true);
+ try {
+ validator.preUpdateTagByName(name, tag);
+ ret = tagStore.updateTag(tag);
+ } catch (Exception excp) {
+ LOG.error("updateTagByName(" + name + ") failed", excp);
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.updateTagByName(" + name + "): " + ret);
}
return ret;
}
@DELETE
- @Path(TagRESTConstants.RESOURCE_RESOURCE + "/{id}")
+ @Path(TagRESTConstants.TAG_RESOURCE + "{id}")
@Produces({ "application/json", "application/xml" })
//@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- public void deleteResource(@PathParam("id") Long id) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.deleteResource(" + id + ")");
+ public void deleteTagById(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.deleteTagById(" + id +")");
}
+
try {
- //RangerResourceValidator validator = validatorFactory.getResourceValidator(tagStore);
- //validator.validate(guid, Action.DELETE);
- tagStore.deleteResource(id);
- } catch (Exception excp) {
- LOG.error("deleteResource(" + id + ") failed", excp);
+ validator.preDeleteTagById(id);
+ tagStore.deleteTagById(id);
+ } catch(Exception excp) {
+ LOG.error("deleteTag() failed", excp);
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.deleteTag()");
+ }
+ }
+
+ @DELETE
+ @Path(TagRESTConstants.TAG_RESOURCE + "externalId/{externalId}")
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteTagByExternalId(@PathParam("externalId") String externalId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.deleteTagByExternalId(" + externalId + ")");
+ }
+
+ try {
+ RangerTag exist = validator.preDeleteTagByExternalId(externalId);
+ tagStore.deleteTagById(exist.getId());
+ } catch(Exception excp) {
+ LOG.error("deleteTagByExternalId(" + externalId + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.deleteResource(" + id + ")");
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.deleteTagByExternalId(" + externalId + ")");
}
+ }
+ @DELETE
+ @Path(TagRESTConstants.TAG_RESOURCE + "name/{name}")
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteTagByName(@PathParam("name") String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.deleteTagByName(" + name + ")");
+ }
+
+ try {
+ RangerTag exist = validator.preDeleteTagByName(name);
+ tagStore.deleteTagById(exist.getId());
+ } catch(Exception excp) {
+ LOG.error("deleteTagByName(" + name + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.deleteTagByName(" + name + ")");
+ }
}
@GET
- @Path(TagRESTConstants.RESOURCE_RESOURCE + "/{id}")
+ @Path(TagRESTConstants.TAGS_RESOURCE + "{id}")
@Produces({ "application/json", "application/xml" })
- public RangerTaggedResource getResource(@PathParam("id") Long id) {
+ public RangerTag getTagById(@PathParam("id") Long id) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.getResource(" + id + ")");
+ LOG.debug("==> TagREST.getTagById(" + id + ")");
}
-
- RangerTaggedResource ret;
+ RangerTag ret;
try {
- ret = tagStore.getResource(id);
+ ret = tagStore.getTagById(id);
} catch(Exception excp) {
- LOG.error("getResource(" + id + ") failed", excp);
+ LOG.error("getTagById(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
- if(ret == null) {
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getTagById(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path(TagRESTConstants.TAGS_RESOURCE + "externalId/{externalId}")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerTag> getTagsByExternalId(@PathParam("externalId") String externalId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getTagsByExternalId(" + externalId + ")");
+ }
+ List<RangerTag> ret;
+
+ try {
+ ret = tagStore.getTagsByExternalId(externalId);
+ } catch(Exception excp) {
+ LOG.error("getTagsByExternalId(" + externalId + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.getResource(" + id + "): " + ret);
+ LOG.debug("<== TagREST.getTagsByExternalId(" + externalId + "): " + ret);
}
return ret;
}
- // This API is typically used by plug-in to get selected tagged resources from RangerAdmin
+ @GET
+ @Path(TagRESTConstants.TAGS_RESOURCE + "name/{name}")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerTag> getTagsByName(@PathParam("name") String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getTagsByName(" + name + ")");
+ }
+ List<RangerTag> ret;
+
+ try {
+ ret = tagStore.getTagsByName(name);
+ } catch(Exception excp) {
+ LOG.error("getTagsByName(" + name + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getTagsByName(" + name + "): " + ret);
+ }
+
+ return ret;
+ }
@GET
- @Path(TagRESTConstants.RESOURCES_UPDATED_RESOURCE)
+ @Path(TagRESTConstants.TAGS_RESOURCE)
@Produces({ "application/json", "application/xml" })
- public TagServiceResources getResources(@QueryParam(TagRESTConstants.SERVICE_NAME_PARAM) String serviceName,
- @QueryParam(TagRESTConstants.TAG_TIMESTAMP_PARAM) Long lastTimestamp) {
+ public List<RangerTag> getAllTags() {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.getResources(" + serviceName + ", " + lastTimestamp + ")");
+ LOG.debug("==> TagREST.getAllTags()");
}
- TagServiceResources ret = null;
+ List<RangerTag> ret;
try {
- ret = tagStore.getResources(serviceName, lastTimestamp);
+ ret = tagStore.getTags(new SearchFilter());
} catch(Exception excp) {
- LOG.error("getResources(" + serviceName + ") failed", excp);
+ LOG.error("getAllTags() failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
+ if (CollectionUtils.isEmpty(ret)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getAllTags() - No tags found");
+ }
+ }
if(LOG.isDebugEnabled()) {
- LOG.debug("<==> TagREST.getResources(" + serviceName + ", " + lastTimestamp + ")");
+ LOG.debug("<== TagREST.getAllTags(): " + ret);
}
return ret;
}
- // This API is typically used by GUI to get all available tags from RangerAdmin
+ @POST
+ @Path(TagRESTConstants.RESOURCES_RESOURCE)
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public RangerServiceResource createServiceResource(RangerServiceResource resource) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.createServiceResource(" + resource + ")");
+ }
- @GET
- @Path(TagRESTConstants.TAGNAMES_RESOURCE)
+ RangerServiceResource ret;
+
+ try {
+ validator.preCreateServiceResource(resource);
+ ret = tagStore.createServiceResource(resource);
+ } catch(Exception excp) {
+ LOG.error("createServiceResource(" + resource + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.createServiceResource(" + resource + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @PUT
+ @Path(TagRESTConstants.RESOURCE_RESOURCE + "{id}")
@Produces({ "application/json", "application/xml" })
- public List<String> getTagNames(@QueryParam(TagRESTConstants.SERVICE_NAME_PARAM) String serviceName) {
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public RangerServiceResource updateServiceResourceById(@PathParam("id") Long id, RangerServiceResource resource) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.getTagNames(" + serviceName + ")");
+ LOG.debug("==> TagREST.updateServiceResourceById(" + id + ")");
}
- List<String> tagNames = null;
+ RangerServiceResource ret;
try {
- tagNames = tagStore.getTags(serviceName);
+ validator.preUpdateServiceResourceById(id, resource);
+ ret = tagStore.updateServiceResource(resource);
} catch(Exception excp) {
- LOG.error("getTags(" + serviceName + ") failed", excp);
+ LOG.error("updateServiceResourceById(" + resource + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.getTagNames(" + serviceName + ")");
+ LOG.debug("<== TagREST.updateServiceResourceById(" + id + "): " + ret);
}
- return tagNames;
+ return ret;
}
- // This API is typically used by GUI to help lookup available tags from RangerAdmin to help tag-policy writer. It
- // may also be used to validate configuration parameters of a tag-service
+ @PUT
+ @Path(TagRESTConstants.RESOURCE_RESOURCE + "externalId/{externalId}")
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
- @GET
- @Path(TagRESTConstants.LOOKUP_TAGS_RESOURCE)
+ public RangerServiceResource updateServiceResourceByExternalId(@PathParam("externalId") String externalId, RangerServiceResource resource) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.updateServiceResourceByExternalId(" + externalId + ", " + resource + ")");
+ }
+ RangerServiceResource ret;
+ try {
+ validator.preUpdateServiceResourceByExternalId(externalId, resource);
+ ret = tagStore.updateServiceResource(resource);
+ } catch(Exception excp) {
+ LOG.error("updateServiceResourceByExternalId(" + externalId + ", " + resource + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.updateServiceResourceByExternalId(" + externalId + ", " + resource + "): " + ret);
+ }
+ return ret;
+ }
+
+ @DELETE
+ @Path(TagRESTConstants.RESOURCE_RESOURCE + "{id}")
@Produces({ "application/json", "application/xml" })
- public List<String> lookupTags(@QueryParam(TagRESTConstants.SERVICE_NAME_PARAM) String serviceName,
- @DefaultValue(".*") @QueryParam(TagRESTConstants.TAG_PATTERN_PARAM) String tagNamePattern) {
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteServiceResourceById(@PathParam("id") Long id) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.lookupTags(" + serviceName + ", " + tagNamePattern + ")");
+ LOG.debug("==> TagREST.deleteServiceResourceById(" + id + ")");
+ }
+ try {
+ validator.preDeleteServiceResourceById(id);
+ tagStore.deleteServiceResourceById(id);
+ } catch (Exception excp) {
+ LOG.error("deleteServiceResourceById() failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.deleteServiceResourceById(" + id + ")");
+ }
+ }
+
+ @DELETE
+ @Path(TagRESTConstants.RESOURCE_RESOURCE + "externalId/{externalId}")
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteServiceResourceByExternalId(@PathParam("externalId") String externalId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.deleteServiceResourceByExternalId(" + externalId + ")");
}
- List<String> matchingTagNames = null;
try {
- matchingTagNames = tagStore.lookupTags(serviceName, tagNamePattern);
+ RangerServiceResource exist = validator.preDeleteServiceResourceByExternalId(externalId);
+ tagStore.deleteServiceResourceById(exist.getId());
} catch(Exception excp) {
- LOG.error("lookupTags(" + serviceName + ") failed", excp);
+ LOG.error("deleteServiceResourceByExternalId(" + externalId + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.lookupTags(" + serviceName + ")");
+ LOG.debug("<== TagREST.deleteServiceResourceByExternalId(" + externalId + ")");
}
- return matchingTagNames;
}
- // The following APIs will be typically used by tag-sync module
+ @GET
+ @Path(TagRESTConstants.RESOURCES_RESOURCE + "{id}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerServiceResource getServiceResourceById(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getServiceResourceById(" + id + ")");
+ }
+ RangerServiceResource ret;
+ try {
+ ret = tagStore.getServiceResourceById(id);
+ } catch(Exception excp) {
+ LOG.error("getServiceResourceById(" + id + ") failed", excp);
- // to get all tagged resources in RangerAdmin
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getServiceResourceById(" + id + "): " + ret);
+ }
+ return ret;
+ }
@GET
- @Path(TagRESTConstants.RESOURCES_ALL_RESOURCE)
+ @Path(TagRESTConstants.RESOURCES_RESOURCE + "externalId/{externalId}")
@Produces({ "application/json", "application/xml" })
- public TagServiceResources getAllTaggedResources() throws Exception {
- String emptyString = "";
- return getResources(emptyString, 0L);
- }
+ public List<RangerServiceResource> getServiceResourcesByExternalId(@PathParam("externalId") String externalId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getServiceResourceByExternalId(" + externalId + ")");
+ }
+ List<RangerServiceResource> ret;
+ try {
+ ret = tagStore.getServiceResourcesByExternalId(externalId);
+ } catch(Exception excp) {
+ LOG.error("getServiceResourceByExternalId(" + externalId + ") failed", excp);
- // to create or update a tagged resource with associated tags in RangerAdmin
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getServiceResourceByExternalId(" + externalId + "): " + ret);
+ }
+ return ret;
+ }
- @PUT
- @Path(TagRESTConstants.RESOURCE_SET_RESOURCE)
+ @POST
+ @Path(TagRESTConstants.TAGRESOURCEMAPS_RESOURCE)
@Produces({ "application/json", "application/xml" })
- public RangerTaggedResource setResource(RangerTaggedResourceKey key, List<RangerTaggedResource.RangerResourceTag> tags) throws Exception {
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public RangerTagResourceMap createTagResourceMap(@QueryParam("externalResourceId") String externalResourceId,
+ @QueryParam("externalTagId") String externalTagId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.createTagResourceMap(" + externalResourceId + ", " + externalTagId + ")");
+ }
+
+ RangerTagResourceMap tagResourceMap;
+
+ try {
+ tagResourceMap = validator.preCreateTagResourceMap(externalResourceId, externalTagId);
+ tagResourceMap = tagStore.createTagResourceMap(tagResourceMap);
+ } catch(Exception excp) {
+ LOG.error("createTagResourceMap(" + externalResourceId + ", " + externalTagId + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.setResource()");
+ LOG.debug("==> TagREST.createTagResourceMap(" + externalResourceId + ", " + externalTagId + ")");
}
- RangerTaggedResource ret = null;
+ return tagResourceMap;
+ }
- RangerTaggedResource taggedResource = new RangerTaggedResource(key, tags);
+ @DELETE
+ @Path(TagRESTConstants.TAGRESOURCEMAPS_RESOURCE)
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteTagResourceMap(@QueryParam("externalResourceId") String externalResourceId,
+ @QueryParam("externalTagId") String externalTagId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.deleteTagResourceMap(" + externalResourceId + ", " + externalTagId + ")");
+ }
try {
- ret = tagStore.createTaggedResource(taggedResource, true); // Create or Update
+ RangerTagResourceMap exist = validator.preDeleteTagResourceMap(externalResourceId, externalTagId);
+ tagStore.deleteTagResourceMapById(exist.getId());
} catch(Exception excp) {
- LOG.error("setResource() failed", excp);
- LOG.error("Could not create taggedResource, " + taggedResource);
+ LOG.error("deleteTagResourceMap(" + externalResourceId + ", " + externalTagId + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.setResource()");
+ LOG.debug("==> TagREST.deleteTagResourceMap(" + externalResourceId + ", " + externalTagId + ")");
}
+ }
+ /*
+ This leads to a WARNING in catalina.out -
+ WARNING: The following warnings have been detected with resource and/or provider classes:
+ WARNING: A HTTP GET method, public java.util.List org.apache.ranger.rest.TagREST.getServiceResources(org.apache.ranger.plugin.model.RangerServiceResource) throws java.lang.Exception, should not consume any entity.
+ Hence commented out..
+ */
+ /*
+ @GET
+ @Path(TagRESTConstants.RESOURCES_RESOURCE)
+ @Produces({ "application/json", "application/xml" })
+ //@PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public List<RangerServiceResource> getServiceResources(RangerServiceResource resource) throws Exception {
+
+ List<RangerServiceResource> ret = null;
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getServiceResources(" + resource + ")");
+ }
+ ret = tagStore.getServiceResourcesByServiceAndResourceSpec(resource.getServiceName(), resource.getResourceSpec());
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getServiceResources(" + resource + ")");
+ }
return ret;
}
+ */
- // to create or update a list of tagged resources with associated tags in RangerAdmin
+ // This API is typically used by plug-in to get selected tagged resources from RangerAdmin
- @PUT
- @Path(TagRESTConstants.RESOURCES_SET_RESOURCE)
+ @GET
+ @Path(TagRESTConstants.TAGS_DOWNLOAD + "{serviceName}")
@Produces({ "application/json", "application/xml" })
- public List<RangerTaggedResource> setResources(List<RangerTaggedResourceKey> keys, List<RangerTaggedResource.RangerResourceTag> tags) throws Exception {
- if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.setResources()");
- }
- List<RangerTaggedResource> ret = new ArrayList<>();
- if (CollectionUtils.isNotEmpty(keys)) {
- for (RangerTaggedResourceKey key : keys) {
- try {
- RangerTaggedResource taggedResource = setResource(key, tags);
- if (taggedResource != null) {
- ret.add(taggedResource);
- }
- }
- catch(Exception e) {
- // Ignore
- }
- }
+ public ServiceTags getServiceTagsIfUpdated(@PathParam("serviceName") String serviceName,
+ @QueryParam(TagRESTConstants.LAST_KNOWN_TAG_VERSION_PARAM) Long lastKnownVersion, @QueryParam("pluginId") String pluginId) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.getServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ", " + pluginId + ")");
}
+
+ ServiceTags ret = null;
+
+ try {
+ ret = tagStore.getServiceTagsIfUpdated(serviceName, lastKnownVersion);
+ } catch(Exception excp) {
+ LOG.error("getServiceTagsIfUpdated(" + serviceName + ") failed", excp);
+
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.setResources()");
+ LOG.debug("<==> TagREST.getServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ", " + pluginId + ")");
}
+
return ret;
}
- // to update a tagged resource by adding or removing tags from it in RangerAdmin
+ // This API is typically used by GUI to get all available tags from RangerAdmin
- @PUT
- @Path(TagRESTConstants.RESOURCE_UPDATE_RESOURCE)
+ @GET
+ @Path(TagRESTConstants.TAGNAMES_RESOURCE)
@Produces({ "application/json", "application/xml" })
- public RangerTaggedResource updateResourceTags(RangerTaggedResourceKey key, List<RangerTaggedResource.RangerResourceTag> tagsToAdd,
- List<RangerTaggedResource.RangerResourceTag> tagsToDelete) throws Exception {
+ public List<String> getTagNames(@QueryParam(TagRESTConstants.SERVICE_NAME_PARAM) String serviceName) {
+
if(LOG.isDebugEnabled()) {
- LOG.debug("==> TagREST.updateResource()");
+ LOG.debug("==> TagREST.getTagNames(" + serviceName + ")");
}
+ List<String> tagNames = null;
- RangerTaggedResource ret = null;
- RangerTaggedResource oldResource = null;
try {
- oldResource = tagStore.getResource(key);
- } catch (Exception excp) {
- LOG.error("getResource(" + key + ") failed", excp);
+ tagNames = tagStore.getTags(serviceName);
+ } catch(Exception excp) {
+ LOG.error("getTags(" + serviceName + ") failed", excp);
throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
- if (oldResource != null) {
- List<RangerTaggedResource.RangerResourceTag> tags = oldResource.getTags();
-
- if (CollectionUtils.isNotEmpty(tagsToAdd)) {
- tags.addAll(tagsToAdd);
- }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== TagREST.getTagNames(" + serviceName + ")");
+ }
+ return tagNames;
+ }
- if (CollectionUtils.isNotEmpty(tagsToDelete)) {
- tags.removeAll(tagsToDelete);
- }
+ // This API is typically used by GUI to help lookup available tags from RangerAdmin to help tag-policy writer. It
+ // may also be used to validate configuration parameters of a tag-service
- oldResource.setTags(tags);
+ @GET
+ @Path(TagRESTConstants.LOOKUP_TAGS_RESOURCE)
+ @Produces({ "application/json", "application/xml" })
+ public List<String> lookupTags(@QueryParam(TagRESTConstants.SERVICE_NAME_PARAM) String serviceName,
+ @DefaultValue(".*") @QueryParam(TagRESTConstants.PATTERN_PARAM) String tagNamePattern) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> TagREST.lookupTags(" + serviceName + ", " + tagNamePattern + ")");
+ }
+ List<String> matchingTagNames = null;
- try {
- ret = tagStore.updateTaggedResource(oldResource);
- } catch (Exception excp) {
- LOG.error("updateResource(" + key + ") failed", excp);
+ try {
+ matchingTagNames = tagStore.lookupTags(serviceName, tagNamePattern);
+ } catch(Exception excp) {
+ LOG.error("lookupTags(" + serviceName + ") failed", excp);
- throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
- }
- } else {
- LOG.error("updateResourceTags() could not find tagged resource with key=" + key);
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== TagREST.updateResource()");
+ LOG.debug("<== TagREST.lookupTags(" + serviceName + ")");
}
-
- return ret;
+ return matchingTagNames;
}
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java b/security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java
index 02efcf3..915ff13 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/TagRESTConstants.java
@@ -20,31 +20,27 @@
package org.apache.ranger.rest;
public class TagRESTConstants {
- public static final String TAGDEF_NAME_AND_VERSION = "tag-def/v1";
+ public static final String TAGDEF_NAME_AND_VERSION = "tags";
- static final String TAGS_RESOURCE = "tags";
- static final String TAG_RESOURCE = "tag";
+ static final String TAGDEFS_RESOURCE = "/tagdefs/";
+ static final String TAGDEF_RESOURCE = "/tagdef/";
- static final String RESOURCES_RESOURCE = "resources";
- static final String RESOURCE_RESOURCE = "resource";
+ static final String TAGS_RESOURCE = "/tags/";
+ static final String TAG_RESOURCE = "/tag/";
- static final String TAGNAMES_RESOURCE = "resources/tag-names";
- static final String LOOKUP_TAGS_RESOURCE = "resources/lookup-tags";
+ static final String RESOURCES_RESOURCE = "/resources/";
+ static final String RESOURCE_RESOURCE = "/resource/";
- static final String RESOURCES_UPDATED_RESOURCE = "resources/updated-resources";
- static final String RESOURCES_ALL_RESOURCE = "resources/all-resources";
- static final String RESOURCE_SET_RESOURCE = "resources/set-resource";
- static final String RESOURCES_SET_RESOURCE = "resources/set-resources";
- static final String RESOURCE_UPDATE_RESOURCE = "resources/update-resource";
+ static final String TAGRESOURCEMAPS_RESOURCE = "/tagresourcemaps/";
- static final String ACTION_SUB_RESOURCE = "update";
- static final String ACTION_OP = "op";
- static final String ACTION_ADD = "add";
- static final String ACTION_REPLACE = "replace";
- static final String ACTION_DELETE = "delete";
- public static final String SERVICE_NAME_PARAM = "servicename";
- public static final String TAG_TIMESTAMP_PARAM = "tagtimestamp";
- public static final String TAG_PATTERN_PARAM = "tagpattern";
+ static final String TAGNAMES_RESOURCE = "/tags/names/";
+ static final String LOOKUP_TAGS_RESOURCE = "/tags/lookup/";
+
+ static final String TAGS_DOWNLOAD = "/download/";
+
+ public static final String SERVICE_NAME_PARAM = "serviceName";
+ public static final String LAST_KNOWN_TAG_VERSION_PARAM = "tagVersion";
+ public static final String PATTERN_PARAM = "pattern";
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java
index 9ed70b3..bd61ff1 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java
@@ -45,7 +45,7 @@ public class RangerTagDefService extends RangerTagDefServiceBase<XXTagDef, Range
}
- public RangerTagDef getPopulatedViewObjject(XXTagDef xObj) {
+ public RangerTagDef getPopulatedViewObject(XXTagDef xObj) {
return populateViewBean(xObj);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java
new file mode 100644
index 0000000..b5cb303
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java
@@ -0,0 +1,35 @@
+package org.apache.ranger.service;
+
+import org.apache.ranger.common.SearchField;
+import org.apache.ranger.entity.XXTag;
+import org.apache.ranger.plugin.model.RangerTag;
+import org.apache.ranger.plugin.util.SearchFilter;
+import org.springframework.stereotype.Service;
+
+/**
+ * Created by akulkarni on 8/19/15.
+ */
+
+@Service
+public class RangerTagService extends RangerTagServiceBase<XXTag, RangerTag> {
+
+ public RangerTagService() {
+ searchFields.add(new SearchField(SearchFilter.TAG_ID, "obj.id", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.TAG_NAME, "obj.name", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
+ }
+
+ @Override
+ protected void validateForCreate(RangerTag vObj) {
+
+ }
+
+ @Override
+ protected void validateForUpdate(RangerTag vObj, XXTag entityObj) {
+
+ }
+
+ public RangerTag getPopulatedViewObject(XXTag xObj) {
+ return populateViewBean(xObj);
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java
new file mode 100644
index 0000000..7a9c9da
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagServiceBase.java
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.common.GUIDUtil;
+import org.apache.ranger.common.RangerConfigUtil;
+import org.apache.ranger.entity.XXDBBase;
+import org.apache.ranger.entity.XXTagAttributeDef;
+import org.apache.ranger.entity.XXTag;
+import org.apache.ranger.plugin.model.RangerTag;
+import org.apache.ranger.plugin.model.RangerTagDef;
+import org.apache.ranger.plugin.store.PList;
+import org.apache.ranger.plugin.util.SearchFilter;
+import org.springframework.beans.factory.annotation.Autowired;
+
+public abstract class RangerTagServiceBase<T extends XXTag, V extends RangerTag> extends
+ RangerBaseModelService<T, V> {
+
+ @Autowired
+ GUIDUtil guidUtil;
+
+ @Autowired
+ RangerAuditFields<XXDBBase> rangerAuditFields;
+
+ @Autowired
+ RangerConfigUtil configUtil;
+
+ @Override
+ @SuppressWarnings("unchecked")
+ protected XXTag mapViewToEntityBean(RangerTag vObj, XXTag xObj, int OPERATION_CONTEXT) {
+ String guid = (StringUtils.isEmpty(vObj.getGuid())) ? guidUtil.genGUID() : vObj.getGuid();
+
+ xObj.setGuid(guid);
+ xObj.setVersion(vObj.getVersion());
+ xObj.setIsEnabled(vObj.getIsEnabled());
+ xObj.setName(vObj.getName());
+ return xObj;
+ }
+
+ @Override
+ @SuppressWarnings("unchecked")
+ protected RangerTag mapEntityToViewBean(RangerTag vObj, XXTag xObj) {
+
+ vObj.setGuid(xObj.getGuid());
+ vObj.setVersion(xObj.getVersion());
+ vObj.setIsEnabled(xObj.getIsEnabled());
+ vObj.setName(xObj.getName());
+
+ return vObj;
+ }
+
+ /**
+ * @param xObj
+ * @return
+ */
+ public RangerTagDef.RangerTagAttributeDef populateRangerTagAttributeDef(XXTagAttributeDef xObj) {
+ RangerTagDef.RangerTagAttributeDef attrDef = new RangerTagDef.RangerTagAttributeDef();
+ attrDef.setName(xObj.getName());
+ attrDef.setType(xObj.getType());
+ return attrDef;
+ }
+
+ @SuppressWarnings("unchecked")
+ public PList<RangerTag> searchRangerTags(SearchFilter searchFilter) {
+ PList<RangerTag> retList = new PList<RangerTag>();
+ List<RangerTag> tagList = new ArrayList<RangerTag>();
+
+ List<XXTag> xTagList = (List<XXTag>) searchRangerObjects(searchFilter, searchFields, sortFields, (PList<V>) retList);
+
+ for (XXTag xTag : xTagList) {
+ RangerTag tag = populateViewBean((T) xTag);
+ tagList.add(tag);
+ }
+
+ retList.setList(tagList);
+
+ return retList;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/83cb21e0/security-admin/src/main/java/org/apache/ranger/service/RangerTaggedResourceService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTaggedResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTaggedResourceService.java
index a0e7997..327a6b8 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerTaggedResourceService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTaggedResourceService.java
@@ -23,28 +23,28 @@ import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SearchField.DATA_TYPE;
import org.apache.ranger.common.SearchField.SEARCH_TYPE;
import org.apache.ranger.entity.XXTaggedResource;
-import org.apache.ranger.plugin.model.RangerTaggedResource;
+import org.apache.ranger.plugin.model.RangerServiceResource;
import org.apache.ranger.plugin.util.SearchFilter;
import org.springframework.stereotype.Service;
@Service
-public class RangerTaggedResourceService extends RangerTaggedResourceServiceBase<XXTaggedResource, RangerTaggedResource> {
+public class RangerTaggedResourceService extends RangerTaggedResourceServiceBase<XXTaggedResource, RangerServiceResource> {
public RangerTaggedResourceService() {
searchFields.add(new SearchField(SearchFilter.TAG_RESOURCE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL));
}
@Override
- protected void validateForCreate(RangerTaggedResource vObj) {
+ protected void validateForCreate(RangerServiceResource vObj) {
}
@Override
- protected void validateForUpdate(RangerTaggedResource vObj, XXTaggedResource entityObj) {
+ protected void validateForUpdate(RangerServiceResource vObj, XXTaggedResource entityObj) {
}
- public RangerTaggedResource getPopulatedViewObjject(XXTaggedResource xObj) {
+ public RangerServiceResource getPopulatedViewObject(XXTaggedResource xObj) {
return populateViewBean(xObj);
}