You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2017/09/14 16:21:02 UTC
[2/2] ranger git commit: RANGER-1647: Missed upgrade patch file from
previous checkin
RANGER-1647: Missed upgrade patch file from previous checkin
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/109f2218
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/109f2218
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/109f2218
Branch: refs/heads/ranger-0.7
Commit: 109f2218df687a2ce6085ec6e94d3c7d7664ff2d
Parents: dbe1a3a
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Wed Sep 13 16:32:49 2017 -0700
Committer: Sailaja Polavarapu <sp...@hortonworks.com>
Committed: Wed Sep 13 16:32:49 2017 -0700
----------------------------------------------------------------------
.../PatchForTagServiceDefUpdate_J10008.java | 202 +++++++++++++++++++
1 file changed, 202 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/109f2218/security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
new file mode 100644
index 0000000..918fe1e
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForTagServiceDefUpdate_J10008.java
@@ -0,0 +1,202 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.patch;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+import org.apache.ranger.biz.RangerBizUtil;
+import org.apache.ranger.biz.ServiceDBStore;
+import org.apache.ranger.common.JSONUtil;
+import org.apache.ranger.common.RangerValidatorFactory;
+import org.apache.ranger.common.StringUtil;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
+import org.apache.ranger.plugin.model.validation.RangerValidator.Action;
+import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
+import org.apache.ranger.service.RangerPolicyService;
+import org.apache.ranger.service.XPermMapService;
+import org.apache.ranger.service.XPolicyService;
+import org.apache.ranger.util.CLIUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.apache.ranger.entity.XXServiceDef;
+import java.util.List;
+import java.util.Map;
+
+@Component
+public class PatchForTagServiceDefUpdate_J10008 extends BaseLoader {
+ private static final Logger logger = Logger.getLogger(PatchForTagServiceDefUpdate_J10008.class);
+ public static final String SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME = "tag";
+ public static final String SCRIPT_POLICY_CONDITION_NAME = "expression";
+
+ @Autowired
+ RangerDaoManager daoMgr;
+
+ @Autowired
+ ServiceDBStore svcDBStore;
+
+ @Autowired
+ JSONUtil jsonUtil;
+
+ @Autowired
+ RangerPolicyService policyService;
+
+ @Autowired
+ StringUtil stringUtil;
+
+ @Autowired
+ XPolicyService xPolService;
+
+ @Autowired
+ XPermMapService xPermMapService;
+
+ @Autowired
+ RangerBizUtil bizUtil;
+
+ @Autowired
+ RangerValidatorFactory validatorFactory;
+
+ @Autowired
+ ServiceDBStore svcStore;
+
+ public static void main(String[] args) {
+ logger.info("main()");
+ try {
+ PatchForTagServiceDefUpdate_J10008 loader = (PatchForTagServiceDefUpdate_J10008) CLIUtil.getBean(PatchForTagServiceDefUpdate_J10008.class);
+ loader.init();
+ while (loader.isMoreToProcess()) {
+ loader.load();
+ }
+ logger.info("Load complete. Exiting!!!");
+ System.exit(0);
+ } catch (Exception e) {
+ logger.error("Error loading", e);
+ System.exit(1);
+ }
+ }
+
+ @Override
+ public void init() throws Exception {
+ // Do Nothing
+ }
+
+ @Override
+ public void execLoad() {
+ logger.info("==> PatchForTagServiceDefUpdate.execLoad()");
+ try {
+ updateTagServiceDef();
+ } catch (Exception e) {
+ logger.error("Error whille updateTagServiceDef()data.", e);
+ }
+ logger.info("<== PatchForTagServiceDefUpdate.execLoad()");
+ }
+
+ @Override
+ public void printStats() {
+ logger.info("PatchForTagServiceDefUpdate data ");
+ }
+
+ private void updateTagServiceDef(){
+ RangerServiceDef embeddedTagServiceDef = null;
+ RangerServiceDef dbTagServiceDef = null;
+ List<RangerServiceDef.RangerPolicyConditionDef> embeddedTagPolicyConditionDefs = null;
+ XXServiceDef xXServiceDefObj = null;
+ try{
+ embeddedTagServiceDef=EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
+ if(embeddedTagServiceDef!=null){
+ embeddedTagPolicyConditionDefs = embeddedTagServiceDef.getPolicyConditions();
+ if (embeddedTagPolicyConditionDefs == null) {
+ logger.error("Policy Conditions are empyt in tag service def json");
+ return;
+ }
+
+ if (checkScriptPolicyCondPresent(embeddedTagPolicyConditionDefs) == false) {
+ logger.error(SCRIPT_POLICY_CONDITION_NAME + "policy condition not found!!");
+ return;
+ }
+
+ xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
+ if (xXServiceDefObj == null) {
+ logger.error("Service def for " + SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME + " is not found!!");
+ return;
+ }
+
+ Map<String, String> serviceDefOptionsPreUpdate=null;
+ String jsonStrPreUpdate=null;
+ jsonStrPreUpdate=xXServiceDefObj.getDefOptions();
+ if (!StringUtils.isEmpty(jsonStrPreUpdate)) {
+ serviceDefOptionsPreUpdate=jsonUtil.jsonToMap(jsonStrPreUpdate);
+ }
+ xXServiceDefObj=null;
+ dbTagServiceDef=svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
+
+ if(dbTagServiceDef!=null){
+ dbTagServiceDef.setPolicyConditions(embeddedTagPolicyConditionDefs);
+ RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
+ validator.validate(dbTagServiceDef, Action.UPDATE);
+
+ svcStore.updateServiceDef(dbTagServiceDef);
+
+ xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME);
+ if(xXServiceDefObj!=null) {
+ String jsonStrPostUpdate=xXServiceDefObj.getDefOptions();
+ Map<String, String> serviceDefOptionsPostUpdate = null;
+ if (!StringUtils.isEmpty(jsonStrPostUpdate)) {
+ serviceDefOptionsPostUpdate =jsonUtil.jsonToMap(jsonStrPostUpdate);
+ }
+ if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
+ if(serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
+ String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+ if (preUpdateValue == null) {
+ serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+ } else {
+ serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
+ }
+ xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
+ daoMgr.getXXServiceDef().update(xXServiceDefObj);
+ }
+ }
+ }
+ }
+ }
+ }catch(Exception e)
+ {
+ logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_TAG_NAME+"service-def", e);
+ }
+ }
+
+ private boolean checkScriptPolicyCondPresent(List<RangerServiceDef.RangerPolicyConditionDef> policyCondDefs) {
+ boolean ret = false;
+ for(RangerServiceDef.RangerPolicyConditionDef policyCondDef : policyCondDefs) {
+ if ( SCRIPT_POLICY_CONDITION_NAME.equals(policyCondDef.getName()) ) {
+ ret = true ;
+ break;
+ }
+ }
+ return ret;
+ }
+
+ private String mapToJsonString(Map<String, String> map) throws Exception{
+ String ret = null;
+ if(map != null) {
+ ret = jsonUtil.readMapToString(map);
+ }
+ return ret;
+ }
+}