You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/20 02:27:29 UTC
[3/4] incubator-ranger git commit: RANGER-203: added ServiceREST
implementation
RANGER-203: added ServiceREST implementation
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/941ae692
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/941ae692
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/941ae692
Branch: refs/heads/stack
Commit: 941ae6924e610bf44d9ccddca52e3f21f82310e1
Parents: e99d911
Author: Madhan Neethiraj <ma...@apache.org>
Authored: Thu Dec 18 14:51:10 2014 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Thu Dec 18 14:51:10 2014 -0800
----------------------------------------------------------------------
.../org/apache/ranger/common/ServiceUtil.java | 463 +++++++++++++++
.../org/apache/ranger/rest/ServiceREST.java | 573 +++++++++++++++++++
2 files changed, 1036 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/941ae692/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
new file mode 100644
index 0000000..8a990da
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
@@ -0,0 +1,463 @@
+package org.apache.ranger.common;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXGroup;
+import org.apache.ranger.entity.XXUser;
+import org.apache.ranger.plugin.model.RangerBaseModelObject;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
+import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.view.VXAsset;
+import org.apache.ranger.view.VXAuditMap;
+import org.apache.ranger.view.VXDataObject;
+import org.apache.ranger.view.VXPermMap;
+import org.apache.ranger.view.VXResource;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class ServiceUtil {
+
+ static Map<String, Integer> mapServiceTypeToAssetType = new HashMap<String, Integer>();
+ static Map<String, Integer> mapAccessTypeToPermType = new HashMap<String, Integer>();
+
+ @Autowired
+ JSONUtil jsonUtil;
+
+ @Autowired
+ RangerDaoManager xaDaoMgr;
+
+ static {
+ mapServiceTypeToAssetType.put("hdfs", new Integer(RangerCommonEnums.ASSET_HDFS));
+ mapServiceTypeToAssetType.put("hbase", new Integer(RangerCommonEnums.ASSET_HBASE));
+ mapServiceTypeToAssetType.put("hive", new Integer(RangerCommonEnums.ASSET_HIVE));
+ mapServiceTypeToAssetType.put("knox", new Integer(RangerCommonEnums.ASSET_KNOX));
+ mapServiceTypeToAssetType.put("storm", new Integer(RangerCommonEnums.ASSET_STORM));
+
+ mapAccessTypeToPermType.put("Unknown", 0);
+ mapAccessTypeToPermType.put("Reset", 1);
+ mapAccessTypeToPermType.put("Read", 2);
+ mapAccessTypeToPermType.put("Write", 3);
+ mapAccessTypeToPermType.put("Create", 4);
+ mapAccessTypeToPermType.put("Delete", 5);
+ mapAccessTypeToPermType.put("Admin", 6);
+ mapAccessTypeToPermType.put("Obfuscate", 7);
+ mapAccessTypeToPermType.put("Mask", 8);
+ mapAccessTypeToPermType.put("Execute", 9);
+ mapAccessTypeToPermType.put("Select", 10);
+ mapAccessTypeToPermType.put("Update", 11);
+ mapAccessTypeToPermType.put("Drop", 12);
+ mapAccessTypeToPermType.put("Alter", 13);
+ mapAccessTypeToPermType.put("Index", 14);
+ mapAccessTypeToPermType.put("Lock", 15);
+ mapAccessTypeToPermType.put("All", 16);
+ mapAccessTypeToPermType.put("Allow", 17);
+ mapAccessTypeToPermType.put("submitTopology", 18);
+ mapAccessTypeToPermType.put("fileUpload", 19);
+ mapAccessTypeToPermType.put("getNimbusConf", 20);
+ mapAccessTypeToPermType.put("getClusterInfo", 21);
+ mapAccessTypeToPermType.put("fileDownload", 22);
+ mapAccessTypeToPermType.put("killTopology", 23);
+ mapAccessTypeToPermType.put("rebalance", 24);
+ mapAccessTypeToPermType.put("activate", 25);
+ mapAccessTypeToPermType.put("deactivate", 26);
+ mapAccessTypeToPermType.put("getTopologyConf", 27);
+ mapAccessTypeToPermType.put("getTopology", 28);
+ mapAccessTypeToPermType.put("getUserTopology", 29);
+ mapAccessTypeToPermType.put("getTopologyInfo", 30);
+ mapAccessTypeToPermType.put("uploadNewCredentials", 31);
+ }
+
+ public RangerService toRangerService(VXAsset asset) {
+ if(asset == null) {
+ return null;
+ }
+
+ RangerService ret = new RangerService();
+
+ dataObjectToRangerObject(asset, ret);
+
+ ret.setType(toServiceType(asset.getAssetType()));
+ ret.setName(asset.getName());
+ ret.setDescription(asset.getDescription());
+ ret.setIsEnabled(asset.getActiveStatus() == RangerCommonEnums.STATUS_ENABLED);
+ ret.setConfigs(jsonUtil.jsonToMap(asset.getConfig()));
+
+ return ret;
+ }
+
+ public VXAsset toVXAsset(RangerService service) {
+ if(service == null) {
+ return null;
+ }
+
+ VXAsset ret = new VXAsset();
+
+ rangerObjectToDataObject(service, ret);
+
+ ret.setAssetType(toAssetType(service.getType()));
+ ret.setName(service.getName());
+ ret.setDescription(service.getDescription());
+ ret.setActiveStatus(service.getIsEnabled() ? RangerCommonEnums.STATUS_ENABLED : RangerCommonEnums.STATUS_DISABLED);
+ ret.setConfig(jsonUtil.readMapToString(service.getConfigs()));
+
+ return ret;
+ }
+
+ public RangerPolicy toRangerPolicy(VXResource resource, RangerService service) {
+ if(resource == null) {
+ return null;
+ }
+
+ RangerPolicy ret = new RangerPolicy();
+
+ dataObjectToRangerObject(resource, ret);
+
+ if(service != null) {
+ ret.setService(service.getName());
+ } else {
+ ret.setService(resource.getAssetName());
+ }
+
+ ret.setName(resource.getPolicyName());
+ ret.setDescription(resource.getDescription());
+ ret.setIsEnabled(resource.getResourceStatus() == RangerCommonEnums.STATUS_ENABLED);
+ ret.setIsAuditEnabled(resource.getAuditList() != null && resource.getAuditList().size() > 0);
+
+ Boolean isRecursive = resource.getIsRecursive() == RangerCommonEnums.BOOL_TRUE;
+ Boolean isTableExcludes = resource.getTableType() == RangerCommonEnums.POLICY_EXCLUSION;
+ Boolean isColumnExcludes = resource.getColumnType() == RangerCommonEnums.POLICY_EXCLUSION;
+
+ toRangerResourceList(resource.getName(), "path", Boolean.FALSE, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getTables(), "table", isTableExcludes, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getColumnFamilies(), "column-family", Boolean.FALSE, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getColumns(), "column", isColumnExcludes, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getDatabases(), "database", Boolean.FALSE, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getUdfs(), "udf", Boolean.FALSE, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getTopologies(), "topology", Boolean.FALSE, isRecursive, ret.getResources());
+ toRangerResourceList(resource.getServices(), "service", Boolean.FALSE, isRecursive, ret.getResources());
+
+ HashMap<String, List<VXPermMap>> sortedPermMap = new HashMap<String, List<VXPermMap>>();
+
+ // re-group the list with permGroup as the key
+ if (resource.getPermMapList() != null) {
+ for(VXPermMap permMap : resource.getPermMapList()) {
+ String permGrp = permMap.getPermGroup();
+ List<VXPermMap> sortedList = sortedPermMap.get(permGrp);
+
+ if(sortedList == null) {
+ sortedList = new ArrayList<VXPermMap>();
+ sortedPermMap.put(permGrp, sortedList);
+ }
+
+ sortedList.add(permMap);
+ }
+ }
+
+ for (Entry<String, List<VXPermMap>> entry : sortedPermMap.entrySet()) {
+ List<String> userList = new ArrayList<String>();
+ List<String> groupList = new ArrayList<String>();
+ List<RangerPolicyItemAccess> accessList = new ArrayList<RangerPolicyItemAccess>();
+ String ipAddress = null;
+
+ for(VXPermMap permMap : entry.getValue()) {
+ if(permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) {
+ String userName = getUserName(permMap);
+
+ if (! userList.contains(userName)) {
+ userList.add(userName);
+ }
+ } else if(permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) {
+ String groupName = getGroupName(permMap);
+
+ if (! groupList.contains(groupName)) {
+ groupList.add(groupName);
+ }
+ }
+
+ accessList.add(new RangerPolicyItemAccess(toAccessType(permMap.getPermType()), Boolean.TRUE));
+
+ ipAddress = permMap.getIpAddress();
+ }
+
+ RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
+
+ policyItem.setUsers(userList);
+ policyItem.setGroups(groupList);
+ policyItem.setAccesses(accessList);
+
+ if(ipAddress != null && !ipAddress.isEmpty()) {
+ RangerPolicy.RangerPolicyItemCondition ipCondition = new RangerPolicy.RangerPolicyItemCondition("ipaddress", ipAddress);
+
+ policyItem.getConditions().add(ipCondition);
+ }
+
+ ret.getPolicyItems().add(policyItem);
+ }
+
+ return ret;
+ }
+
+ public VXResource toVXResource(RangerPolicy policy, RangerService service) {
+ if(policy == null || service == null) {
+ return null;
+ }
+
+ VXResource ret = new VXResource();
+
+ rangerObjectToDataObject(policy, ret);
+
+ ret.setAssetName(policy.getService());
+ ret.setAssetId(service.getId());
+ ret.setAssetType(toAssetType(service.getType()));
+ ret.setPolicyName(policy.getName());
+ ret.setDescription(policy.getDescription());
+ ret.setResourceStatus(policy.getIsEnabled() ? RangerCommonEnums.STATUS_ENABLED : RangerCommonEnums.STATUS_DISABLED);
+
+ List<VXAuditMap> auditList = null;
+ if(policy.getIsAuditEnabled()) {
+ VXAuditMap auditMap = new VXAuditMap();
+
+ auditMap.setResourceId(policy.getId());
+ auditMap.setAuditType(1);
+
+ auditList = new ArrayList<VXAuditMap>();
+ auditList.add(auditMap);
+ }
+ ret.setAuditList(auditList);
+
+ for(RangerPolicy.RangerPolicyResource res : policy.getResources()) {
+ if(res.getType().equalsIgnoreCase("path")) {
+ ret.setName(addResource(ret.getName(), res.getValue()));
+ ret.setIsRecursive(Boolean.TRUE.equals(res.getIsRecursive()) ? RangerCommonEnums.BOOL_TRUE : RangerCommonEnums.BOOL_FALSE);
+ } else if(res.getType().equalsIgnoreCase("table")) {
+ ret.setTables(addResource(ret.getTables(), res.getValue()));
+ ret.setTableType(Boolean.TRUE.equals(res.getIsExcludes()) ? RangerCommonEnums.POLICY_EXCLUSION : RangerCommonEnums.POLICY_INCLUSION);
+ } else if(res.getType().equalsIgnoreCase("column-family")) {
+ ret.setColumnFamilies(addResource(ret.getColumnFamilies(), res.getValue()));
+ } else if(res.getType().equalsIgnoreCase("column")) {
+ ret.setColumns(addResource(ret.getColumns(), res.getValue()));
+ ret.setColumnType(Boolean.TRUE.equals(res.getIsExcludes()) ? RangerCommonEnums.POLICY_EXCLUSION : RangerCommonEnums.POLICY_INCLUSION);
+ } else if(res.getType().equalsIgnoreCase("database")) {
+ ret.setDatabases(addResource(ret.getDatabases(), res.getValue()));
+ } else if(res.getType().equalsIgnoreCase("udf")) {
+ ret.setUdfs(addResource(ret.getUdfs(), res.getValue()));
+ } else if(res.getType().equalsIgnoreCase("topology")) {
+ ret.setTopologies(addResource(ret.getTopologies(), res.getValue()));
+ } else if(res.getType().equalsIgnoreCase("service")) {
+ ret.setServices(addResource(ret.getServices(), res.getValue()));
+ }
+ }
+
+ List<VXPermMap> permMapList = new ArrayList<VXPermMap>();
+
+ int permGroup = 0;
+ for(RangerPolicy.RangerPolicyItem policyItem : policy.getPolicyItems()) {
+ String ipAddress = null;
+
+ for(RangerPolicy.RangerPolicyItemCondition condition : policyItem.getConditions()) {
+ if(condition.getType() == "ipaddress") {
+ ipAddress = condition.getValue();
+ }
+
+ if(ipAddress != null && !ipAddress.isEmpty()) {
+ break; // only 1 IP-address per permMap
+ }
+ }
+
+ for(String userName : policyItem.getUsers()) {
+ for(RangerPolicyItemAccess access : policyItem.getAccesses()) {
+ VXPermMap permMap = new VXPermMap();
+
+ permMap.setPermFor(AppConstants.XA_PERM_FOR_USER);
+ permMap.setPermGroup(new Integer(permGroup).toString());
+ permMap.setUserName(userName);
+ permMap.setUserId(getUserId(userName));
+ permMap.setPermType(toPermType(access.getType()));
+ permMap.setIpAddress(ipAddress);
+
+ permMapList.add(permMap);
+ }
+ }
+ permGroup++;
+
+ for(String groupName : policyItem.getGroups()) {
+ for(RangerPolicyItemAccess access : policyItem.getAccesses()) {
+ VXPermMap permMap = new VXPermMap();
+
+ permMap.setPermFor(AppConstants.XA_PERM_FOR_GROUP);
+ permMap.setPermGroup(new Integer(permGroup).toString());
+ permMap.setGroupName(groupName);
+ permMap.setGroupId(getGroupId(groupName));
+ permMap.setPermType(toPermType(access.getType()));
+ permMap.setIpAddress(ipAddress);
+
+ permMapList.add(permMap);
+ }
+ }
+ permGroup++;
+ }
+ ret.setPermMapList(permMapList);
+
+ return ret;
+ }
+
+ private List<RangerPolicy.RangerPolicyResource> toRangerResourceList(String resourceString, String resourceType, Boolean isExcludes, Boolean isRecursive, List<RangerPolicy.RangerPolicyResource> resList) {
+ List<RangerPolicy.RangerPolicyResource> ret = resList == null ? new ArrayList<RangerPolicy.RangerPolicyResource>() : resList;
+
+ if(resourceString != null) {
+ for(String resource : resourceString.split(",")) {
+ ret.add(new RangerPolicy.RangerPolicyResource(resourceType, resource, isExcludes, isRecursive));
+ }
+ }
+
+ return ret;
+ }
+
+ public static String toServiceType(int assetType) {
+ String ret = null;
+
+ for(Map.Entry<String, Integer> e : mapServiceTypeToAssetType.entrySet()) {
+ if(e.getValue().intValue() == assetType) {
+ ret = e.getKey();
+
+ break;
+ }
+ }
+
+ return ret;
+ }
+
+ public static Integer toAssetType(String serviceType) {
+ Integer ret = mapServiceTypeToAssetType.get(serviceType);
+
+ return ret;
+ }
+
+ public static String toAccessType(int permType) {
+ String ret = null;
+
+ for(Map.Entry<String, Integer> e : mapAccessTypeToPermType.entrySet()) {
+ if(e.getValue().intValue() == permType) {
+ ret = e.getKey();
+
+ break;
+ }
+ }
+
+ return ret;
+ }
+
+ public static Integer toPermType(String accessType) {
+ Integer ret = null;
+
+ for(Map.Entry<String, Integer> e : mapAccessTypeToPermType.entrySet()) {
+ if(e.getKey().equalsIgnoreCase(accessType)) {
+ ret = e.getValue();
+
+ break;
+ }
+ }
+
+ return ret;
+ }
+
+ private RangerBaseModelObject dataObjectToRangerObject(VXDataObject dataObject, RangerBaseModelObject rangerObject) {
+ RangerBaseModelObject ret = rangerObject;
+
+ ret.setId(dataObject.getId());
+ ret.setCreateTime(dataObject.getCreateDate());
+ ret.setUpdateTime(dataObject.getUpdateDate());
+ ret.setCreatedBy(dataObject.getOwner());
+ ret.setUpdatedBy(dataObject.getUpdatedBy());
+
+ return ret;
+ }
+
+ private VXDataObject rangerObjectToDataObject(RangerBaseModelObject rangerObject, VXDataObject dataObject) {
+ VXDataObject ret = dataObject;
+
+ ret.setId(rangerObject.getId());
+ ret.setCreateDate(rangerObject.getCreateTime());
+ ret.setUpdateDate(rangerObject.getUpdateTime());
+ ret.setOwner(rangerObject.getCreatedBy());
+ ret.setUpdatedBy(rangerObject.getUpdatedBy());
+
+ return ret;
+ }
+
+ private String addResource(String currentVal, String valToAdd) {
+ return (currentVal == null || currentVal.isEmpty()) ? valToAdd : (currentVal + "," + valToAdd);
+ }
+
+ private String getUserName(VXPermMap permMap) {
+ String userName = permMap.getUserName();
+
+ if(userName == null || userName.isEmpty()) {
+ Long userId = permMap.getUserId();
+
+ if(userId != null) {
+ XXUser xxUser = xaDaoMgr.getXXUser().getById(userId);
+
+ if(xxUser != null) {
+ userName = xxUser.getName();
+ }
+ }
+ }
+
+ return userName;
+ }
+
+ private String getGroupName(VXPermMap permMap) {
+ String groupName = permMap.getGroupName();
+
+ if(groupName == null || groupName.isEmpty()) {
+ Long groupId = permMap.getGroupId();
+
+ if(groupId != null) {
+ XXGroup xxGroup = xaDaoMgr.getXXGroup().getById(groupId);
+
+ if(xxGroup != null) {
+ groupName = xxGroup.getName();
+ }
+ }
+ }
+
+ return groupName;
+
+ }
+
+ private Long getUserId(String userName) {
+ Long userId = null;
+
+ if(userName != null) {
+ XXUser xxUser = xaDaoMgr.getXXUser().findByUserName(userName);
+
+ if(xxUser != null) {
+ userId = xxUser.getId();
+ }
+ }
+
+ return userId;
+ }
+
+ private Long getGroupId(String groupName) {
+ Long groupId = null;
+
+ if(groupName != null) {
+ XXGroup xxGroup = xaDaoMgr.getXXGroup().findByGroupName(groupName);
+
+ if(xxGroup != null) {
+ groupId = xxGroup.getId();
+ }
+ }
+
+ return groupId;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/941ae692/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
new file mode 100644
index 0000000..cc3161a
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -0,0 +1,573 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.rest;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.manager.ServiceDefManager;
+import org.apache.ranger.plugin.manager.ServiceManager;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.view.VXResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Scope;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Component;
+import org.apache.ranger.common.RESTErrorUtil;
+
+
+@Path("plugins")
+@Component
+@Scope("request")
+public class ServiceREST {
+ private static final Log LOG = LogFactory.getLog(ServiceREST.class);
+
+ @Autowired
+ RESTErrorUtil restErrorUtil;
+
+ private ServiceDefManager sdMgr = null;
+ private ServiceManager svcMgr = null;
+
+ public ServiceREST() {
+ sdMgr = new ServiceDefManager();
+ svcMgr = new ServiceManager();
+ }
+
+ @GET
+ @Path("/definitions/{id}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerServiceDef getServiceDef(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServiceDef(" + id + ")");
+ }
+
+ RangerServiceDef ret = null;
+
+ try {
+ ret = sdMgr.get(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServiceDef(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/definitions/name/{name}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerServiceDef getServiceDefByName(@PathParam("name") String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServiceDefByName(" + name + ")");
+ }
+
+ RangerServiceDef ret = null;
+
+ try {
+ ret = sdMgr.getByName(name);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServiceDefByName(" + name + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/definitions")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerServiceDef> getServiceDefs(@Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServiceDefs()");
+ }
+
+ List<RangerServiceDef> ret = null;
+
+ try {
+ ret = sdMgr.getAll();
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServiceDefs(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ @POST
+ @Path("/definitions")
+ @Produces({ "application/json", "application/xml" })
+ @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public RangerServiceDef createServiceDef(RangerServiceDef serviceDef) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.createServiceDef(" + serviceDef + ")");
+ }
+
+ RangerServiceDef ret = null;
+
+ try {
+ ret = sdMgr.create(serviceDef);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.createServiceDef(" + serviceDef + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @PUT
+ @Path("/definitions")
+ @Produces({ "application/json", "application/xml" })
+ @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public RangerServiceDef updateServiceDef(RangerServiceDef serviceDef) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.updateServiceDef(" + serviceDef + ")");
+ }
+
+ RangerServiceDef ret = null;
+
+ try {
+ ret = sdMgr.update(serviceDef);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.updateServiceDef(" + serviceDef + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @DELETE
+ @Path("/definitions/{id}")
+ @Produces({ "application/json", "application/xml" })
+ @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteServiceDef(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.deleteServiceDef(" + id + ")");
+ }
+
+ try {
+ sdMgr.delete(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.deleteServiceDef(" + id + ")");
+ }
+ }
+
+
+ @GET
+ @Path("/services/{id}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerService getService(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getService(" + id + ")");
+ }
+
+ RangerService ret = null;
+
+ try {
+ ret = svcMgr.get(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getService(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/services/name/{name}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerService getServiceByName(@PathParam("name") String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServiceByName(" + name + ")");
+ }
+
+ RangerService ret = null;
+
+ try {
+ ret = svcMgr.getByName(name);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServiceByName(" + name + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/services")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerService> getServices(@Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServices():");
+ }
+
+ List<RangerService> ret = null;
+
+ try {
+ ret = svcMgr.getAll();
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServices(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/services/count")
+ @Produces({ "application/json", "application/xml" })
+ public Long countServices(@Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.countServices():");
+ }
+
+ Long ret = null;
+
+ try {
+ List<RangerService> services = getServices(request);
+
+ ret = new Long(services == null ? 0 : services.size());
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.countServices(): " + ret);
+ }
+
+ return ret;
+ }
+
+ @POST
+ @Path("/services")
+ @Produces({ "application/json", "application/xml" })
+ public RangerService createService(RangerService service) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.createService(" + service + ")");
+ }
+
+ RangerService ret = null;
+
+ try {
+ ret = svcMgr.create(service);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.createService(" + service + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @PUT
+ @Path("/services")
+ @Produces({ "application/json", "application/xml" })
+ public RangerService updateService(RangerService service) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.updateService(): " + service);
+ }
+
+ RangerService ret = null;
+
+ try {
+ ret = svcMgr.update(service);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.updateService(" + service + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @DELETE
+ @Path("/services/{id}")
+ @Produces({ "application/json", "application/xml" })
+ @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deleteService(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.deleteService(" + id + ")");
+ }
+
+ try {
+ svcMgr.delete(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.deleteService(" + id + ")");
+ }
+ }
+
+ @POST
+ @Path("/services/validateConfig")
+ @Produces({ "application/json", "application/xml" })
+ public VXResponse validateConfig(RangerService service) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.validateConfig(" + service + ")");
+ }
+
+ VXResponse ret = new VXResponse();
+
+ try {
+ svcMgr.validateConfig(service);
+ } catch(Exception excp) {
+ ret.setStatusCode(VXResponse.STATUS_ERROR);
+ // TODO: message
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.validateConfig(" + service + "): " + ret);
+ }
+
+ return ret;
+ }
+
+
+ @GET
+ @Path("/policies/{id}")
+ @Produces({ "application/json", "application/xml" })
+ public RangerPolicy getPolicy(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getPolicy(" + id + ")");
+ }
+
+ RangerPolicy ret = null;
+
+ try {
+ ret = svcMgr.getPolicy(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getPolicy(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/policies")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerPolicy> getPolicies(@Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getPolicies()");
+ }
+
+ List<RangerPolicy> ret = null;
+
+ try {
+ ret = svcMgr.getAllPolicies();
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getPolicies(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/policies/count")
+ @Produces({ "application/json", "application/xml" })
+ public Long countPolicies(@Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.countPolicies():");
+ }
+
+ Long ret = null;
+
+ try {
+ List<RangerPolicy> services = getPolicies(request);
+
+ ret = new Long(services == null ? 0 : services.size());
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.countPolicies(): " + ret);
+ }
+
+ return ret;
+ }
+
+ @GET
+ @Path("/services/{id}/policies")
+ @Produces({ "application/json", "application/xml" })
+ public List<RangerPolicy> getServicePolicies(@PathParam("id") Long serviceId, @Context HttpServletRequest request) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.getServicePolicies(" + serviceId + ")");
+ }
+
+ List<RangerPolicy> ret = null;
+
+ try {
+ ret = svcMgr.getPolicies(serviceId);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(ret == null) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not found", true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.getServicePolicies(" + serviceId + "): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ @POST
+ @Path("/policies")
+ @Produces({ "application/json", "application/xml" })
+ public RangerPolicy createPolicy(RangerPolicy policy) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.createPolicy(" + policy + ")");
+ }
+
+ RangerPolicy ret = null;
+
+ try {
+ ret = svcMgr.createPolicy(policy);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.createPolicy(" + policy + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @PUT
+ @Path("/policies")
+ @Produces({ "application/json", "application/xml" })
+ public RangerPolicy updatePolicy(RangerPolicy policy) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.updatePolicy(" + policy + ")");
+ }
+
+ RangerPolicy ret = null;
+
+ try {
+ ret = svcMgr.updatePolicy(policy);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.updatePolicy(" + policy + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ @DELETE
+ @Path("/policies/{id}")
+ @Produces({ "application/json", "application/xml" })
+ @PreAuthorize("hasRole('ROLE_SYS_ADMIN')")
+ public void deletePolicy(@PathParam("id") Long id) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceREST.deletePolicy(" + id + ")");
+ }
+
+ try {
+ svcMgr.deletePolicy(id);
+ } catch(Exception excp) {
+ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true);
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceREST.deletePolicy(" + id + ")");
+ }
+ }
+}