You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2020/05/29 22:48:36 UTC
[ranger] branch master updated: RANGER-2841: Moved
RangerUserStoreRefresher out of RangerUserStoreEnricher and added
RangerRESTClient as one of the paramenter for RangerUserStoreRefresher
constructor
This is an automated email from the ASF dual-hosted git repository.
spolavarapu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new d8e9c48 RANGER-2841: Moved RangerUserStoreRefresher out of RangerUserStoreEnricher and added RangerRESTClient as one of the paramenter for RangerUserStoreRefresher constructor
d8e9c48 is described below
commit d8e9c489d4bff72cb80661a268b35d5a01688586
Author: Sailaja Polavarapu <sp...@cloudera.com>
AuthorDate: Fri May 29 14:19:37 2020 -0700
RANGER-2841: Moved RangerUserStoreRefresher out of RangerUserStoreEnricher and added RangerRESTClient as one of the paramenter for RangerUserStoreRefresher constructor
---
.../contextenricher/RangerUserStoreEnricher.java | 267 +------------
.../contextenricher/RangerUserStoreRefresher.java | 427 +++++++++++++++++++++
2 files changed, 432 insertions(+), 262 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
index fd4e11e..cc892d8 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
@@ -19,8 +19,6 @@
package org.apache.ranger.plugin.contextenricher;
-import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -31,13 +29,7 @@ import org.apache.ranger.plugin.util.DownloadTrigger;
import org.apache.ranger.plugin.util.RangerUserStore;
import org.apache.ranger.plugin.util.RangerPerfTracer;
import org.apache.ranger.plugin.util.RangerAccessRequestUtil;
-import org.apache.ranger.plugin.util.RangerServiceNotFoundException;
-
import java.io.File;
-import java.io.Reader;
-import java.io.Writer;
-import java.io.FileWriter;
-import java.io.FileReader;
import java.util.Timer;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
@@ -106,7 +98,7 @@ public class RangerUserStoreEnricher extends RangerAbstractContextEnricher {
userStoreRetriever.setPluginConfig(getPluginConfig());
userStoreRetriever.init(enricherDef.getEnricherOptions());
- userStoreRefresher = new RangerUserStoreRefresher(userStoreRetriever, this, -1L, userStoreDownloadQueue, cacheFile);
+ userStoreRefresher = new RangerUserStoreRefresher(userStoreRetriever, this, null, -1L, userStoreDownloadQueue, cacheFile);
try {
userStoreRefresher.populateUserStoreInfo();
@@ -178,6 +170,10 @@ public class RangerUserStoreEnricher extends RangerAbstractContextEnricher {
}
}
+ public boolean isDisableCacheIfServiceNotFound() {
+ return disableCacheIfServiceNotFound;
+ }
+
public RangerUserStore getRangerUserStore() {return this.rangerUserStore;}
public void setRangerUserStore(final RangerUserStore rangerUserStore) {
@@ -249,257 +245,4 @@ public class RangerUserStoreEnricher extends RangerAbstractContextEnricher {
}
}
- static class RangerUserStoreRefresher extends Thread {
- private static final Log LOG = LogFactory.getLog(RangerUserStoreRefresher.class);
- private static final Log PERF_REFRESHER_INIT_LOG = RangerPerfTracer.getPerfLogger("userstore.init");
-
- //private final RangerAdminClient adminClient;
- private final RangerUserStoreRetriever userStoreRetriever;
- private final RangerUserStoreEnricher userStoreEnricher;
- private long lastKnownVersion;
- private final BlockingQueue<DownloadTrigger> userStoreDownloadQueue;
- private long lastActivationTimeInMillis;
-
- private final String cacheFile;
- private boolean hasProvidedUserStoreToReceiver;
- private Gson gson;
-
- RangerUserStoreRefresher(RangerUserStoreRetriever userStoreRetriever, RangerUserStoreEnricher userStoreEnricher,
- long lastKnownVersion, BlockingQueue<DownloadTrigger> userStoreDownloadQueue,
- String cacheFile) {
- this.userStoreRetriever = userStoreRetriever;
- this.userStoreEnricher = userStoreEnricher;
- this.lastKnownVersion = lastKnownVersion;
- this.userStoreDownloadQueue = userStoreDownloadQueue;
- this.cacheFile = cacheFile;
- try {
- gson = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").create();
- } catch(Throwable excp) {
- LOG.fatal("failed to create GsonBuilder object", excp);
- }
- }
-
- public long getLastActivationTimeInMillis() {
- return lastActivationTimeInMillis;
- }
-
- public void setLastActivationTimeInMillis(long lastActivationTimeInMillis) {
- this.lastActivationTimeInMillis = lastActivationTimeInMillis;
- }
-
- @Override
- public void run() {
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> RangerUserStoreRefresher().run()");
- }
-
- while (true) {
-
- try {
- RangerPerfTracer perf = null;
-
- if(RangerPerfTracer.isPerfTraceEnabled(PERF_REFRESHER_INIT_LOG)) {
- perf = RangerPerfTracer.getPerfTracer(PERF_REFRESHER_INIT_LOG,
- "RangerUserStoreRefresher.run(lastKnownVersion=" + lastKnownVersion + ")");
- }
- DownloadTrigger trigger = userStoreDownloadQueue.take();
- populateUserStoreInfo();
- trigger.signalCompletion();
-
- RangerPerfTracer.log(perf);
-
- } catch (InterruptedException excp) {
- LOG.debug("RangerUserStoreRefresher().run() : interrupted! Exiting thread", excp);
- break;
- }
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== RangerUserStoreRefresher().run()");
- }
- }
-
- private void populateUserStoreInfo() throws InterruptedException {
-
- RangerUserStore rangerUserStore = null;
- if (userStoreEnricher != null) {
- try {
- rangerUserStore = userStoreRetriever.retrieveUserStoreInfo(lastKnownVersion, lastActivationTimeInMillis);
-
- if (rangerUserStore == null) {
- if (!hasProvidedUserStoreToReceiver) {
- rangerUserStore = loadFromCache();
- }
- }
-
- if (rangerUserStore != null) {
- userStoreEnricher.setRangerUserStore(rangerUserStore);
- if (rangerUserStore.getUserStoreVersion() != -1L) {
- saveToCache(rangerUserStore);
- }
- LOG.info("RangerUserStoreRefresher.populateUserStoreInfo() - Updated userstore-cache to new version, lastKnownVersion=" + lastKnownVersion + "; newVersion="
- + (rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion()));
- hasProvidedUserStoreToReceiver = true;
- lastKnownVersion = rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion();
- setLastActivationTimeInMillis(System.currentTimeMillis());
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("RangerUserStoreRefresher.populateUserStoreInfo() - No need to update userstore-cache. lastKnownVersion=" + lastKnownVersion);
- }
- }
- } catch (RangerServiceNotFoundException snfe) {
- LOG.error("Caught ServiceNotFound exception :", snfe);
-
- // Need to clean up local userstore cache
- if (userStoreEnricher.disableCacheIfServiceNotFound) {
- disableCache();
- setLastActivationTimeInMillis(System.currentTimeMillis());
- lastKnownVersion = -1L;
- }
- } catch (InterruptedException interruptedException) {
- throw interruptedException;
- } catch (Exception e) {
- LOG.error("Encountered unexpected exception. Ignoring", e);
- }
- } else {
- LOG.error("RangerUserStoreRefresher.populateUserStoreInfo() - no userstore receiver to update userstore-cache");
- }
- }
-
- public void cleanup() {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> RangerUserStoreRefresher.cleanup()");
- }
-
- stopRefresher();
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== RangerUserStoreRefresher.cleanup()");
- }
- }
-
- public void startRefresher() {
- try {
- super.start();
- } catch (Exception excp) {
- LOG.error("RangerUserStoreRefresher.startRetriever() - failed to start, exception=" + excp);
- }
- }
-
- public void stopRefresher() {
-
- if (super.isAlive()) {
- super.interrupt();
-
- try {
- super.join();
- } catch (InterruptedException excp) {
- LOG.error("RangerUserStoreRefresher.stopRefresher(): error while waiting for thread to exit", excp);
- }
- }
- }
-
-
- private RangerUserStore loadFromCache() {
- RangerUserStore rangerUserStore = null;
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> RangerUserStoreRefreher.loadFromCache()");
- }
-
- File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
-
- if (cacheFile != null && cacheFile.isFile() && cacheFile.canRead()) {
- Reader reader = null;
-
- try {
- reader = new FileReader(cacheFile);
-
- rangerUserStore = gson.fromJson(reader, RangerUserStore.class);
-
- } catch (Exception excp) {
- LOG.error("failed to load userstore information from cache file " + cacheFile.getAbsolutePath(), excp);
- } finally {
- if (reader != null) {
- try {
- reader.close();
- } catch (Exception excp) {
- LOG.error("error while closing opened cache file " + cacheFile.getAbsolutePath(), excp);
- }
- }
- }
- } else {
- LOG.warn("cache file does not exist or not readable '" + (cacheFile == null ? null : cacheFile.getAbsolutePath()) + "'");
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== RangerUserStoreRefreher.loadFromCache()");
- }
-
- return rangerUserStore;
- }
-
- public void saveToCache(RangerUserStore rangerUserStore) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> RangerUserStoreRefreher.saveToCache()");
- }
-
- if (rangerUserStore != null) {
- File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
-
- if (cacheFile != null) {
- Writer writer = null;
-
- try {
- writer = new FileWriter(cacheFile);
-
- gson.toJson(rangerUserStore, writer);
- } catch (Exception excp) {
- LOG.error("failed to save userstore information to cache file '" + cacheFile.getAbsolutePath() + "'", excp);
- } finally {
- if (writer != null) {
- try {
- writer.close();
- } catch (Exception excp) {
- LOG.error("error while closing opened cache file '" + cacheFile.getAbsolutePath() + "'", excp);
- }
- }
- }
- }
- } else {
- LOG.info("userstore information is null. Nothing to save in cache");
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== RangerUserStoreRefreher.saveToCache()");
- }
- }
-
- private void disableCache() {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> RangerUserStoreRefreher.disableCache()");
- }
-
- File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
- if (cacheFile != null && cacheFile.isFile() && cacheFile.canRead()) {
- LOG.warn("Cleaning up local userstore cache");
- String renamedCacheFile = cacheFile.getAbsolutePath() + "_" + System.currentTimeMillis();
- if (!cacheFile.renameTo(new File(renamedCacheFile))) {
- LOG.error("Failed to move " + cacheFile.getAbsolutePath() + " to " + renamedCacheFile);
- } else {
- LOG.warn("moved " + cacheFile.getAbsolutePath() + " to " + renamedCacheFile);
- }
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("No local userstore cache found. No need to disable it!");
- }
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== RangerUserStoreRefreher.disableCache()");
- }
- }
- }
-
}
\ No newline at end of file
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRefresher.java b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRefresher.java
new file mode 100644
index 0000000..867ac90
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreRefresher.java
@@ -0,0 +1,427 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.plugin.contextenricher;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.sun.jersey.api.client.ClientResponse;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.ranger.admin.client.datatype.RESTResponse;
+import org.apache.ranger.audit.provider.MiscUtil;
+import org.apache.ranger.plugin.util.RangerPerfTracer;
+import org.apache.ranger.plugin.util.DownloadTrigger;
+import org.apache.ranger.plugin.util.RangerRESTClient;
+import org.apache.ranger.plugin.util.RangerUserStore;
+import org.apache.ranger.plugin.util.RangerServiceNotFoundException;
+import org.apache.ranger.plugin.util.RangerRESTUtils;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.File;
+import java.io.Reader;
+import java.io.Writer;
+import java.io.FileWriter;
+import java.io.FileReader;
+import java.nio.channels.ClosedByInterruptException;
+import java.security.PrivilegedAction;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.BlockingQueue;
+
+public class RangerUserStoreRefresher extends Thread {
+ private static final Log LOG = LogFactory.getLog(RangerUserStoreRefresher.class);
+ private static final Log PERF_REFRESHER_INIT_LOG = RangerPerfTracer.getPerfLogger("userstore.init");
+
+ private final RangerUserStoreRetriever userStoreRetriever;
+ private final RangerUserStoreEnricher userStoreEnricher;
+ private long lastKnownVersion;
+ private final BlockingQueue<DownloadTrigger> userStoreDownloadQueue;
+ private long lastActivationTimeInMillis;
+
+ private final String cacheFile;
+ private boolean hasProvidedUserStoreToReceiver;
+ private Gson gson;
+ private RangerRESTClient rangerRESTClient;
+
+ public RangerUserStoreRefresher(RangerUserStoreRetriever userStoreRetriever, RangerUserStoreEnricher userStoreEnricher,
+ RangerRESTClient restClient, long lastKnownVersion,
+ BlockingQueue<DownloadTrigger> userStoreDownloadQueue, String cacheFile) {
+ this.userStoreRetriever = userStoreRetriever;
+ this.userStoreEnricher = userStoreEnricher;
+ this.rangerRESTClient = restClient;
+ this.lastKnownVersion = lastKnownVersion;
+ this.userStoreDownloadQueue = userStoreDownloadQueue;
+ this.cacheFile = cacheFile;
+ try {
+ gson = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").create();
+ } catch(Throwable excp) {
+ LOG.fatal("failed to create GsonBuilder object", excp);
+ }
+ }
+
+ public long getLastActivationTimeInMillis() {
+ return lastActivationTimeInMillis;
+ }
+
+ public void setLastActivationTimeInMillis(long lastActivationTimeInMillis) {
+ this.lastActivationTimeInMillis = lastActivationTimeInMillis;
+ }
+
+ @Override
+ public void run() {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefresher().run()");
+ }
+
+ while (true) {
+
+ try {
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_REFRESHER_INIT_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_REFRESHER_INIT_LOG,
+ "RangerUserStoreRefresher.run(lastKnownVersion=" + lastKnownVersion + ")");
+ }
+ DownloadTrigger trigger = userStoreDownloadQueue.take();
+ populateUserStoreInfo();
+ trigger.signalCompletion();
+
+ RangerPerfTracer.log(perf);
+
+ } catch (InterruptedException excp) {
+ LOG.debug("RangerUserStoreRefresher().run() : interrupted! Exiting thread", excp);
+ break;
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefresher().run()");
+ }
+ }
+
+ public RangerUserStore populateUserStoreInfo() throws InterruptedException {
+
+ RangerUserStore rangerUserStore = null;
+ if (userStoreEnricher != null && userStoreRetriever != null) {
+ try {
+ rangerUserStore = userStoreRetriever.retrieveUserStoreInfo(lastKnownVersion, lastActivationTimeInMillis);
+
+ if (rangerUserStore == null) {
+ if (!hasProvidedUserStoreToReceiver) {
+ rangerUserStore = loadFromCache();
+ }
+ }
+
+ if (rangerUserStore != null) {
+ userStoreEnricher.setRangerUserStore(rangerUserStore);
+ if (rangerUserStore.getUserStoreVersion() != -1L) {
+ saveToCache(rangerUserStore);
+ }
+ LOG.info("RangerUserStoreRefresher.populateUserStoreInfo() - Updated userstore-cache to new version, lastKnownVersion=" + lastKnownVersion + "; newVersion="
+ + (rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion()));
+ hasProvidedUserStoreToReceiver = true;
+ lastKnownVersion = rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion();
+ setLastActivationTimeInMillis(System.currentTimeMillis());
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RangerUserStoreRefresher.populateUserStoreInfo() - No need to update userstore-cache. lastKnownVersion=" + lastKnownVersion);
+ }
+ }
+ } catch (RangerServiceNotFoundException snfe) {
+ LOG.error("Caught ServiceNotFound exception :", snfe);
+
+ // Need to clean up local userstore cache
+ if (userStoreEnricher.isDisableCacheIfServiceNotFound()) {
+ disableCache();
+ setLastActivationTimeInMillis(System.currentTimeMillis());
+ lastKnownVersion = -1L;
+ }
+ } catch (InterruptedException interruptedException) {
+ throw interruptedException;
+ } catch (Exception e) {
+ LOG.error("Encountered unexpected exception. Ignoring", e);
+ }
+ } else if (rangerRESTClient != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RangerUserStoreRefresher.populateUserStoreInfo() for Ranger Raz");
+ }
+ try {
+ rangerUserStore = retrieveUserStoreInfo();
+
+ if (rangerUserStore == null) {
+ if (!hasProvidedUserStoreToReceiver) {
+ rangerUserStore = loadFromCache();
+ }
+ }
+
+ if (rangerUserStore != null) {
+
+ if (rangerUserStore.getUserStoreVersion() != -1L) {
+ saveToCache(rangerUserStore);
+ }
+ LOG.info("RangerUserStoreRefresher.populateUserStoreInfo() - Updated userstore-cache for raz to new version, lastKnownVersion=" + lastKnownVersion + "; newVersion="
+ + (rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion()));
+ hasProvidedUserStoreToReceiver = true;
+ lastKnownVersion = rangerUserStore.getUserStoreVersion() == null ? -1L : rangerUserStore.getUserStoreVersion();
+ setLastActivationTimeInMillis(System.currentTimeMillis());
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RangerUserStoreRefresher.populateUserStoreInfo() - No need to update userstore-cache for raz. lastKnownVersion=" + lastKnownVersion);
+ }
+ }
+ }catch (InterruptedException interruptedException) {
+ throw interruptedException;
+ } catch (Exception e) {
+ LOG.error("Encountered unexpected exception. Ignoring", e);
+ }
+ }
+ else {
+ LOG.error("RangerUserStoreRefresher.populateUserStoreInfo() - no userstore receiver to update userstore-cache");
+ }
+ return rangerUserStore;
+ }
+
+ public void cleanup() {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefresher.cleanup()");
+ }
+
+ stopRefresher();
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefresher.cleanup()");
+ }
+ }
+
+ public void startRefresher() {
+ try {
+ super.start();
+ } catch (Exception excp) {
+ LOG.error("RangerUserStoreRefresher.startRetriever() - failed to start, exception=" + excp);
+ }
+ }
+
+ public void stopRefresher() {
+
+ if (super.isAlive()) {
+ super.interrupt();
+
+ try {
+ super.join();
+ } catch (InterruptedException excp) {
+ LOG.error("RangerUserStoreRefresher.stopRefresher(): error while waiting for thread to exit", excp);
+ }
+ }
+ }
+
+
+ private RangerUserStore loadFromCache() {
+ RangerUserStore rangerUserStore = null;
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefreher.loadFromCache()");
+ }
+
+ File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
+
+ if (cacheFile != null && cacheFile.isFile() && cacheFile.canRead()) {
+ Reader reader = null;
+
+ try {
+ reader = new FileReader(cacheFile);
+
+ rangerUserStore = gson.fromJson(reader, RangerUserStore.class);
+
+ } catch (Exception excp) {
+ LOG.error("failed to load userstore information from cache file " + cacheFile.getAbsolutePath(), excp);
+ } finally {
+ if (reader != null) {
+ try {
+ reader.close();
+ } catch (Exception excp) {
+ LOG.error("error while closing opened cache file " + cacheFile.getAbsolutePath(), excp);
+ }
+ }
+ }
+ } else {
+ LOG.warn("cache file does not exist or not readable '" + (cacheFile == null ? null : cacheFile.getAbsolutePath()) + "'");
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefreher.loadFromCache()");
+ }
+
+ return rangerUserStore;
+ }
+
+ public void saveToCache(RangerUserStore rangerUserStore) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefreher.saveToCache()");
+ }
+
+ if (rangerUserStore != null) {
+ File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
+
+ if (cacheFile != null) {
+ Writer writer = null;
+
+ try {
+ writer = new FileWriter(cacheFile);
+
+ gson.toJson(rangerUserStore, writer);
+ } catch (Exception excp) {
+ LOG.error("failed to save userstore information to cache file '" + cacheFile.getAbsolutePath() + "'", excp);
+ } finally {
+ if (writer != null) {
+ try {
+ writer.close();
+ } catch (Exception excp) {
+ LOG.error("error while closing opened cache file '" + cacheFile.getAbsolutePath() + "'", excp);
+ }
+ }
+ }
+ }
+ } else {
+ LOG.info("userstore information is null. Nothing to save in cache");
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefreher.saveToCache()");
+ }
+ }
+
+ private void disableCache() {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefreher.disableCache()");
+ }
+
+ File cacheFile = StringUtils.isEmpty(this.cacheFile) ? null : new File(this.cacheFile);
+ if (cacheFile != null && cacheFile.isFile() && cacheFile.canRead()) {
+ LOG.warn("Cleaning up local userstore cache");
+ String renamedCacheFile = cacheFile.getAbsolutePath() + "_" + System.currentTimeMillis();
+ if (!cacheFile.renameTo(new File(renamedCacheFile))) {
+ LOG.error("Failed to move " + cacheFile.getAbsolutePath() + " to " + renamedCacheFile);
+ } else {
+ LOG.warn("moved " + cacheFile.getAbsolutePath() + " to " + renamedCacheFile);
+ }
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("No local userstore cache found. No need to disable it!");
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefreher.disableCache()");
+ }
+ }
+
+ private RangerUserStore retrieveUserStoreInfo() throws Exception {
+
+ RangerUserStore rangerUserStore = null;
+
+ try {
+ rangerUserStore = getUserStoreIfUpdated(lastKnownVersion, lastActivationTimeInMillis);
+ } catch (ClosedByInterruptException closedByInterruptException) {
+ LOG.error("UserStore-retriever for raz thread was interrupted while blocked on I/O");
+ throw new InterruptedException();
+ } catch (Exception e) {
+ LOG.error("UserStore-retriever for raz encounterd exception, exception=", e);
+ LOG.error("Returning null userstore info");
+ }
+ return rangerUserStore;
+ }
+
+ private RangerUserStore getUserStoreIfUpdated(long lastKnownUserStoreVersion, long lastActivationTimeInMillis) throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerUserStoreRefreher.getUserStoreIfUpdated(" + lastKnownUserStoreVersion + ", " + lastActivationTimeInMillis + ")");
+ }
+
+ final RangerUserStore ret;
+ final UserGroupInformation user = MiscUtil.getUGILoginUser();
+ final boolean isSecureMode = user != null && UserGroupInformation.isSecurityEnabled();
+ final ClientResponse response;
+
+ Map<String, String> queryParams = new HashMap<String, String>();
+ queryParams.put(RangerRESTUtils.REST_PARAM_LAST_KNOWN_USERSTORE_VERSION, Long.toString(lastKnownUserStoreVersion));
+ queryParams.put(RangerRESTUtils.REST_PARAM_LAST_ACTIVATION_TIME, Long.toString(lastActivationTimeInMillis));
+
+ if (isSecureMode) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Checking UserStore updated as user : " + user);
+ }
+ PrivilegedAction<ClientResponse> action = new PrivilegedAction<ClientResponse>() {
+ public ClientResponse run() {
+ ClientResponse clientRes = null;
+ String relativeURL = RangerRESTUtils.REST_URL_SERVICE_SERCURE_GET_USERSTORE;
+ try {
+ clientRes = rangerRESTClient.get(relativeURL, queryParams);
+ } catch (Exception e) {
+ LOG.error("Failed to get response, Error is : "+e.getMessage());
+ }
+ return clientRes;
+ }
+ };
+ response = user.doAs(action);
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Checking UserStore updated as user : " + user);
+ }
+ String relativeURL = RangerRESTUtils.REST_URL_SERVICE_SERCURE_GET_USERSTORE;
+ response = rangerRESTClient.get(relativeURL, queryParams);
+ }
+
+ if (response == null || response.getStatus() == HttpServletResponse.SC_NOT_MODIFIED) {
+ if (response == null) {
+ LOG.error("Error getting UserStore; Received NULL response!!. secureMode=" + isSecureMode + ", user=" + user);
+ } else {
+ RESTResponse resp = RESTResponse.fromClientResponse(response);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("No change in UserStore. secureMode=" + isSecureMode + ", user=" + user
+ + ", response=" + resp
+ + ", " + "lastKnownUserStoreVersion=" + lastKnownUserStoreVersion
+ + ", " + "lastActivationTimeInMillis=" + lastActivationTimeInMillis);
+ }
+ }
+ ret = null;
+ } else if (response.getStatus() == HttpServletResponse.SC_OK) {
+ ret = response.getEntity(RangerUserStore.class);
+ } else if (response.getStatus() == HttpServletResponse.SC_NOT_FOUND) {
+ ret = null;
+ LOG.error("Error getting UserStore; service not found. secureMode=" + isSecureMode + ", user=" + user
+ + ", response=" + response.getStatus()
+ + ", " + "lastKnownUserStoreVersion=" + lastKnownUserStoreVersion
+ + ", " + "lastActivationTimeInMillis=" + lastActivationTimeInMillis);
+ String exceptionMsg = response.hasEntity() ? response.getEntity(String.class) : null;
+ LOG.warn("Received 404 error code with body:[" + exceptionMsg + "], Ignoring");
+ } else {
+ RESTResponse resp = RESTResponse.fromClientResponse(response);
+ LOG.warn("Error getting UserStore. secureMode=" + isSecureMode + ", user=" + user + ", response=" + resp);
+ ret = null;
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerUserStoreRefreher.getUserStoreIfUpdated(" + lastKnownUserStoreVersion + ", " + lastActivationTimeInMillis + "): ");
+ }
+
+ return ret;
+ }
+}