You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2022/01/21 04:07:14 UTC
[ranger] branch master updated: RANGER-3551: Analyze & optimize module permissions related API (Part-1)
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 5d07d12 RANGER-3551: Analyze & optimize module permissions related API (Part-1)
5d07d12 is described below
commit 5d07d125ffd1b331a4c195d68c442e8c94d95237
Author: Mahesh Bandal <ma...@cloudera.com>
AuthorDate: Fri Dec 17 18:26:18 2021 +0530
RANGER-3551: Analyze & optimize module permissions related API (Part-1)
Created new API /permissionlist to reduce response object size of the permission listing page.
Also, optimized code for GET API /permission/{id}
Signed-off-by: pradeep <pr...@apache.org>
---
.../main/java/org/apache/ranger/biz/XUserMgr.java | 65 ++++--------
.../java/org/apache/ranger/biz/XUserMgrBase.java | 4 +
.../org/apache/ranger/common/SearchCriteria.java | 13 ++-
.../org/apache/ranger/db/XXGroupPermissionDao.java | 19 +++-
.../org/apache/ranger/db/XXUserPermissionDao.java | 17 +++
.../java/org/apache/ranger/rest/XUserREST.java | 21 ++++
.../service/AbstractBaseResourceService.java | 11 ++
.../ranger/service/XGroupPermissionService.java | 36 +++----
.../apache/ranger/service/XModuleDefService.java | 51 ++++++---
.../ranger/service/XUserPermissionService.java | 38 +++----
.../org/apache/ranger/view/VXModulePermission.java | 73 +++++++++++++
.../apache/ranger/view/VXModulePermissionList.java | 72 +++++++++++++
.../main/resources/META-INF/jpa_named_queries.xml | 21 ++--
.../collection_bases/VXModuleDefListBase.js | 6 +-
.../src/main/webapp/scripts/utils/XAUtils.js | 5 +-
.../views/permissions/ModulePermsTableLayout.js | 6 +-
.../java/org/apache/ranger/biz/TestXUserMgr.java | 117 +++++++++------------
.../service/TestXGroupPermissionService.java | 5 +-
18 files changed, 384 insertions(+), 196 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index f7a52f0..1c2ef52 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -1126,44 +1126,25 @@ public class XUserMgr extends XUserMgrBase {
if(!StringUtils.equals(xModuleDef.getModule(), vXModuleDef.getModule())) {
throw restErrorUtil.createRESTException("Module name change is not allowed!", MessageEnums.DATA_NOT_UPDATABLE);
}
- VXModuleDef vModuleDefPopulateOld = xModuleDefService.populateViewBean(xModuleDef);
- List<XXGroupPermission> xgroupPermissionList = daoManager.getXXGroupPermission().findByModuleId(vXModuleDef.getId(), true);
- Map<Long, XXGroup> xXGroupMap=xGroupService.getXXGroupIdXXGroupMap();
- if(xXGroupMap==null || xXGroupMap.isEmpty()){
- for (XXGroupPermission xGrpPerm : xgroupPermissionList) {
- VXGroupPermission vXGrpPerm = xGroupPermissionService.populateViewBean(xGrpPerm);
- groupPermListOld.add(vXGrpPerm);
- }
- }else{
- groupPermListOld=xGroupPermissionService.getPopulatedVXGroupPermissionList(xgroupPermissionList,xXGroupMap,vModuleDefPopulateOld);
- }
- vModuleDefPopulateOld.setGroupPermList(groupPermListOld);
+ Map<Long, Object[]> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserNameMap();
+ Map<Long, String> xXGroupMap = xGroupService.getXXGroupIdNameMap();
+ VXModuleDef vModuleDefPopulateOld = xModuleDefService.populateViewBean(xModuleDef, xXPortalUserIdXXUserMap, xXGroupMap, true);
+ groupPermListOld = vModuleDefPopulateOld.getGroupPermList();
+ userPermListOld = vModuleDefPopulateOld.getUserPermList();
+ Map<Long, VXUserPermission> userPermMapOld = xUserPermissionService.convertVListToVMap(userPermListOld);
+ Map<Long, VXGroupPermission> groupPermMapOld = xGroupPermissionService.convertVListToVMap(groupPermListOld);
- List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByModuleId(vXModuleDef.getId(), true);
- Map<Long, XXUser> xXPortalUserIdXXUserMap=xUserService.getXXPortalUserIdXXUserMap();
- if(xXPortalUserIdXXUserMap==null || xXPortalUserIdXXUserMap.isEmpty()){
- for (XXUserPermission xUserPerm : xuserPermissionList) {
- VXUserPermission vUserPerm = xUserPermissionService.populateViewBean(xUserPerm);
- userPermListOld.add(vUserPerm);
- }
- }else{
- userPermListOld=xUserPermissionService.getPopulatedVXUserPermissionList(xuserPermissionList,xXPortalUserIdXXUserMap,vModuleDefPopulateOld);
- }
- vModuleDefPopulateOld.setUserPermList(userPermListOld);
-
- if (groupPermListOld != null && groupPermListNew != null) {
+ if (groupPermMapOld != null && groupPermListNew != null) {
for (VXGroupPermission newVXGroupPerm : groupPermListNew) {
-
boolean isExist = false;
-
- for (VXGroupPermission oldVXGroupPerm : groupPermListOld) {
- if (newVXGroupPerm.getModuleId().equals(oldVXGroupPerm.getModuleId()) && newVXGroupPerm.getGroupId().equals(oldVXGroupPerm.getGroupId())) {
- if (!newVXGroupPerm.getIsAllowed().equals(oldVXGroupPerm.getIsAllowed())) {
- oldVXGroupPerm.setIsAllowed(newVXGroupPerm.getIsAllowed());
- oldVXGroupPerm = this.updateXGroupPermission(oldVXGroupPerm);
- }
- isExist = true;
+ VXGroupPermission oldVXGroupPerm = groupPermMapOld.get(newVXGroupPerm.getGroupId());
+ if (oldVXGroupPerm != null && newVXGroupPerm.getGroupId().equals(oldVXGroupPerm.getGroupId())
+ && newVXGroupPerm.getModuleId().equals(oldVXGroupPerm.getModuleId())) {
+ isExist = true;
+ if (!newVXGroupPerm.getIsAllowed().equals(oldVXGroupPerm.getIsAllowed())) {
+ oldVXGroupPerm.setIsAllowed(newVXGroupPerm.getIsAllowed());
+ oldVXGroupPerm = this.updateXGroupPermission(oldVXGroupPerm);
}
}
if (!isExist) {
@@ -1172,17 +1153,17 @@ public class XUserMgr extends XUserMgrBase {
}
}
- if (userPermListOld != null && userPermListNew != null) {
+ if (userPermMapOld != null && userPermListNew != null) {
for (VXUserPermission newVXUserPerm : userPermListNew) {
boolean isExist = false;
- for (VXUserPermission oldVXUserPerm : userPermListOld) {
- if (newVXUserPerm.getModuleId().equals(oldVXUserPerm.getModuleId()) && newVXUserPerm.getUserId().equals(oldVXUserPerm.getUserId())) {
- if (!newVXUserPerm.getIsAllowed().equals(oldVXUserPerm.getIsAllowed())) {
- oldVXUserPerm.setIsAllowed(newVXUserPerm.getIsAllowed());
- oldVXUserPerm = this.updateXUserPermission(oldVXUserPerm);
- }
- isExist = true;
+ VXUserPermission oldVXUserPerm = userPermMapOld.get(newVXUserPerm.getUserId());
+ if (oldVXUserPerm != null && newVXUserPerm.getUserId().equals(oldVXUserPerm.getUserId())
+ && newVXUserPerm.getModuleId().equals(oldVXUserPerm.getModuleId())) {
+ isExist = true;
+ if (!newVXUserPerm.getIsAllowed().equals(oldVXUserPerm.getIsAllowed())) {
+ oldVXUserPerm.setIsAllowed(newVXUserPerm.getIsAllowed());
+ oldVXUserPerm = this.updateXUserPermission(oldVXUserPerm);
}
}
if (!isExist) {
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
index 3ea4465..54e6d37 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgrBase.java
@@ -45,6 +45,7 @@ import org.apache.ranger.view.VXModuleDefList;
import org.apache.ranger.view.VXPermMap;
import org.apache.ranger.view.VXPermMapList;
import org.apache.ranger.view.VXUser;
+import org.apache.ranger.view.VXModulePermissionList;
import org.apache.ranger.view.VXUserList;
import org.apache.ranger.view.VXUserPermissionList;
import org.springframework.beans.factory.annotation.Autowired;
@@ -280,6 +281,9 @@ public class XUserMgrBase {
public VXModuleDefList searchXModuleDef(SearchCriteria searchCriteria) {
return xModuleDefService.searchModuleDef(searchCriteria);
}
+ public VXModulePermissionList searchXModuleDefList(SearchCriteria searchCriteria) {
+ return xModuleDefService.searchModuleDefList(searchCriteria);
+ }
public VXUserPermissionList searchXUserPermission(SearchCriteria searchCriteria) {
return xUserPermissionService.searchXUserPermission(searchCriteria);
diff --git a/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java b/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java
index 2016680..a919dc4 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java
@@ -28,7 +28,6 @@ import java.util.HashSet;
import java.util.List;
import java.util.Set;
-import org.apache.ranger.biz.RangerBizUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -188,12 +187,12 @@ public class SearchCriteria {
*/
public void setDistinct(boolean isDistinct) {
- int dbFlavor = RangerBizUtil.getDBFlavor();
- if (isDistinct && dbFlavor == AppConstants.DB_FLAVOR_ORACLE) {
- isDistinct = false;
- logger.debug("Database flavor is `ORACLE` so ignoring DISTINCT "
- + "clause from select statement.");
- }
+// int dbFlavor = RangerBizUtil.getDBFlavor();
+// if (isDistinct && dbFlavor == AppConstants.DB_FLAVOR_ORACLE) {
+// isDistinct = false;
+// logger.debug("Database flavor is `ORACLE` so ignoring DISTINCT "
+// + "clause from select statement.");
+// }
this.isDistinct = isDistinct;
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
index 265eb33..2647c6f 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
@@ -45,13 +45,13 @@ public class XXGroupPermissionDao extends BaseDao<XXGroupPermission> {
if (isUpdate) {
return getEntityManager()
.createNamedQuery(
- "XXGroupPermissionUpdate.findByModuleId",
+ "XXGroupPermissionUpdates.findByModuleId",
XXGroupPermission.class)
.setParameter("moduleId", moduleId).getResultList();
}
return getEntityManager()
.createNamedQuery(
- "XXGroupPermissionUpdates.findByModuleId",
+ "XXGroupPermission.findByModuleId",
XXGroupPermission.class)
.setParameter("moduleId", moduleId)
.setParameter("isAllowed", RangerCommonEnums.IS_ALLOWED)
@@ -131,4 +131,19 @@ public class XXGroupPermissionDao extends BaseDao<XXGroupPermission> {
}
}
+ public List<String> findModuleGroupsByModuleId(Long moduleId) {
+ if (moduleId != null) {
+ try {
+ return getEntityManager().createNamedQuery("XXGroupPermission.findModuleGroupsByModuleId", String.class)
+ .setParameter("moduleId", moduleId)
+ .setParameter("isAllowed",RangerCommonEnums.IS_ALLOWED)
+ .getResultList();
+ } catch (Exception e) {
+ logger.debug(e.getMessage());
+ }
+ } else {
+ logger.debug("ModuleId not provided.");
+ }
+ return null;
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java
index bb85e6b..bf42e28 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXUserPermissionDao.java
@@ -132,4 +132,21 @@ public class XXUserPermissionDao extends BaseDao<XXUserPermission>{
logger.debug("ModuleId not provided.");
}
}
+
+ @SuppressWarnings("unchecked")
+ public List<String> findModuleUsersByModuleId(Long moduleId) {
+ if (moduleId != null) {
+ try {
+ return getEntityManager().createNamedQuery("XXUserPermission.findModuleUsersByModuleId", String.class)
+ .setParameter("moduleId", moduleId)
+ .setParameter("isAllowed",RangerCommonEnums.IS_ALLOWED)
+ .getResultList();
+ } catch (Exception e) {
+ logger.debug(e.getMessage());
+ }
+ } else {
+ logger.debug("ModuleId not provided.");
+ }
+ return null;
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
index 4b9085d..198b940 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
@@ -978,6 +978,27 @@ public class XUserREST {
}
@GET
+ @Path("/permissionlist")
+ @Produces({ "application/xml", "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.SEARCH_X_MODULE_DEF + "\")")
+ public VXModulePermissionList searchXModuleDefList(@Context HttpServletRequest request) {
+ SearchCriteria searchCriteria = searchUtil.extractCommonCriterias(
+ request, xModuleDefService.sortFields);
+
+ searchUtil.extractString(request, searchCriteria, "module",
+ "modulename", null);
+
+ searchUtil.extractString(request, searchCriteria, "moduleDefList",
+ "id", null);
+ searchUtil.extractString(request, searchCriteria, "userName",
+ "userName", null);
+ searchUtil.extractString(request, searchCriteria, "groupName",
+ "groupName", null);
+
+ return xUserMgr.searchXModuleDefList(searchCriteria);
+ }
+
+ @GET
@Path("/permission/count")
@Produces({ "application/xml", "application/json" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.COUNT_X_MODULE_DEF + "\")")
diff --git a/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java
index 857a002..1f2659d 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java
@@ -821,4 +821,15 @@ public abstract class AbstractBaseResourceService<T extends XXDBBase, V extends
}
}
+
+ public Map<Long,V> convertVListToVMap(List<V> vObjList) {
+ Map<Long,V> ret = new HashMap<Long,V>();
+ if (vObjList == null) {
+ return ret;
+ }
+ for (V vObj : vObjList) {
+ ret.put(vObj.getId(), vObj);
+ }
+ return ret;
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XGroupPermissionService.java b/security-admin/src/main/java/org/apache/ranger/service/XGroupPermissionService.java
index da88e3e..030f8ad 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XGroupPermissionService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XGroupPermissionService.java
@@ -18,6 +18,7 @@
package org.apache.ranger.service;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -76,28 +77,7 @@ public class XGroupPermissionService extends XGroupPermissionServiceBase<XXGroup
return vObj;
}
- public List<VXGroupPermission> getPopulatedVXGroupPermissionList(List<XXGroupPermission> xgroupPermissionList,Map<Long, XXGroup> xXGroupMap,VXModuleDef vModuleDef){
- List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
- XXGroup xXGroup=null;
- for(XXGroupPermission xgroupPermission:xgroupPermissionList){
- if(xXGroupMap.containsKey(xgroupPermission.getGroupId())){
- xXGroup =xXGroupMap.get(xgroupPermission.getGroupId());
- VXGroupPermission vXGrpPerm=new VXGroupPermission();
- vXGrpPerm.setId(xgroupPermission.getId());
- vXGrpPerm.setGroupId(xgroupPermission.getGroupId());
- vXGrpPerm.setModuleId(xgroupPermission.getModuleId());
- vXGrpPerm.setIsAllowed(xgroupPermission.getIsAllowed());
- vXGrpPerm.setCreateDate(xgroupPermission.getCreateTime());
- vXGrpPerm.setUpdateDate(xgroupPermission.getUpdateTime());
- vXGrpPerm.setGroupName(xXGroup.getName());
- vXGrpPerm.setModuleName(vModuleDef.getModule());
- vXGroupPermissionList.add(vXGrpPerm);
- }
- }
- return vXGroupPermissionList;
- }
-
- public List<VXGroupPermission> getPopulatedVXGroupPermissionListNew(List<XXGroupPermission> xgroupPermissionList,
+ public List<VXGroupPermission> getPopulatedVXGroupPermissionList(List<XXGroupPermission> xgroupPermissionList,
Map<Long, String> xXGroupMap, VXModuleDef vModuleDef) {
List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
for (XXGroupPermission xgroupPermission : xgroupPermissionList) {
@@ -116,4 +96,16 @@ public class XGroupPermissionService extends XGroupPermissionServiceBase<XXGroup
}
return vXGroupPermissionList;
}
+
+ @Override
+ public Map<Long, VXGroupPermission> convertVListToVMap(List<VXGroupPermission> vObjList) {
+ Map<Long, VXGroupPermission> ret = new HashMap<Long, VXGroupPermission>();
+ if (vObjList == null) {
+ return ret;
+ }
+ for (VXGroupPermission vObj : vObjList) {
+ ret.put(vObj.getGroupId(), vObj);
+ }
+ return ret;
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XModuleDefService.java b/security-admin/src/main/java/org/apache/ranger/service/XModuleDefService.java
index 2d5e2f1..7780879 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XModuleDefService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XModuleDefService.java
@@ -31,6 +31,8 @@ import org.apache.ranger.entity.XXUserPermission;
import org.apache.ranger.view.VXGroupPermission;
import org.apache.ranger.view.VXModuleDef;
import org.apache.ranger.view.VXModuleDefList;
+import org.apache.ranger.view.VXModulePermission;
+import org.apache.ranger.view.VXModulePermissionList;
import org.apache.ranger.view.VXUserPermission;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
@@ -90,8 +92,8 @@ public class XModuleDefService extends
@Override
public VXModuleDef populateViewBean(XXModuleDef xObj) {
VXModuleDef vModuleDef = super.populateViewBean(xObj);
- Map<Long, Object[]> xXPortalUserIdXXUserMap=xUserService.getXXPortalUserIdXXUserNameMap();
- Map<Long, String> xXGroupMap=xGroupService.getXXGroupIdNameMap();
+ Map<Long, Object[]> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserNameMap();
+ Map<Long, String> xXGroupMap = xGroupService.getXXGroupIdNameMap();
List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
List<XXUserPermission> xuserPermissionList = daoManager
@@ -104,7 +106,7 @@ public class XModuleDefService extends
vXUserPermissionList.add(vXUserPerm);
}
}else{
- vXUserPermissionList=xUserPermService.getPopulatedVXUserPermissionListNew(xuserPermissionList,xXPortalUserIdXXUserMap,vModuleDef);
+ vXUserPermissionList=xUserPermService.getPopulatedVXUserPermissionList(xuserPermissionList,xXPortalUserIdXXUserMap,vModuleDef);
}
if(CollectionUtils.isEmpty(xXGroupMap)){
for (XXGroupPermission xGrpPerm : xgroupPermissionList) {
@@ -112,7 +114,7 @@ public class XModuleDefService extends
vXGroupPermissionList.add(vXGrpPerm);
}
}else{
- vXGroupPermissionList=xGrpPermService.getPopulatedVXGroupPermissionListNew(xgroupPermissionList,xXGroupMap,vModuleDef);
+ vXGroupPermissionList=xGrpPermService.getPopulatedVXGroupPermissionList(xgroupPermissionList,xXGroupMap,vModuleDef);
}
vModuleDef.setUserPermList(vXUserPermissionList);
vModuleDef.setGroupPermList(vXGroupPermissionList);
@@ -124,19 +126,21 @@ public class XModuleDefService extends
VXModuleDefList returnList = new VXModuleDefList();
List<VXModuleDef> vXModuleDefList = new ArrayList<VXModuleDef>();
searchCriteria.setMaxRows(Integer.MAX_VALUE);
+ searchCriteria.setDistinct(true);
List<XXModuleDef> resultList = searchResources(searchCriteria, searchFields, sortFields, returnList);
+ // Filter out duplicate values retrieved from database in case of user & group permission lookup
Map<Long, XXModuleDef> matchModule = new HashMap<Long, XXModuleDef>();
for (XXModuleDef moduleDef : resultList) {
matchModule.put(moduleDef.getId(), moduleDef);
}
-
List<XXModuleDef> moduleDefList = new ArrayList<XXModuleDef>(matchModule.values());
- Map<Long, Object[]> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserNameMap();
+ Map<Long, Object[]> xXPortalUserIdXXUserMap = xUserService.getXXPortalUserIdXXUserNameMap();
Map<Long, String> xXGroupMap = xGroupService.getXXGroupIdNameMap();
+
// Iterate over the result list and create the return list
for (XXModuleDef gjXModuleDef : moduleDefList) {
- VXModuleDef vXModuleDef = populateViewBean(gjXModuleDef, xXPortalUserIdXXUserMap, xXGroupMap);
+ VXModuleDef vXModuleDef = populateViewBean(gjXModuleDef, xXPortalUserIdXXUserMap, xXGroupMap, false);
vXModuleDefList.add(vXModuleDef);
}
returnList.setTotalCount(vXModuleDefList.size());
@@ -145,19 +149,19 @@ public class XModuleDefService extends
}
public VXModuleDef populateViewBean(XXModuleDef xObj, Map<Long, Object[]> xXPortalUserIdXXUserMap,
- Map<Long, String> xXGroupMap) {
+ Map<Long, String> xXGroupMap, boolean isUpdate) {
VXModuleDef vModuleDef = super.populateViewBean(xObj);
List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
List<VXGroupPermission> vXGroupPermissionList = new ArrayList<VXGroupPermission>();
- List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByModuleId(xObj.getId(),false);
- List<XXGroupPermission> xgroupPermissionList = daoManager.getXXGroupPermission().findByModuleId(xObj.getId(),false);
+ List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByModuleId(xObj.getId(),isUpdate);
+ List<XXGroupPermission> xgroupPermissionList = daoManager.getXXGroupPermission().findByModuleId(xObj.getId(),isUpdate);
if (CollectionUtils.isEmpty(xXPortalUserIdXXUserMap)) {
for (XXUserPermission xUserPerm : xuserPermissionList) {
VXUserPermission vXUserPerm = xUserPermService.populateViewBean(xUserPerm);
vXUserPermissionList.add(vXUserPerm);
}
} else {
- vXUserPermissionList = xUserPermService.getPopulatedVXUserPermissionListNew(xuserPermissionList,xXPortalUserIdXXUserMap, vModuleDef);
+ vXUserPermissionList = xUserPermService.getPopulatedVXUserPermissionList(xuserPermissionList,xXPortalUserIdXXUserMap, vModuleDef);
}
if (CollectionUtils.isEmpty(xXGroupMap)) {
for (XXGroupPermission xGrpPerm : xgroupPermissionList) {
@@ -165,10 +169,33 @@ public class XModuleDefService extends
vXGroupPermissionList.add(vXGrpPerm);
}
} else {
- vXGroupPermissionList = xGrpPermService.getPopulatedVXGroupPermissionListNew(xgroupPermissionList, xXGroupMap,vModuleDef);
+ vXGroupPermissionList = xGrpPermService.getPopulatedVXGroupPermissionList(xgroupPermissionList, xXGroupMap,vModuleDef);
}
vModuleDef.setUserPermList(vXUserPermissionList);
vModuleDef.setGroupPermList(vXGroupPermissionList);
return vModuleDef;
}
+
+ public VXModulePermissionList searchModuleDefList(SearchCriteria searchCriteria) {
+ VXModulePermissionList returnList = new VXModulePermissionList();
+ List<VXModulePermission> vXModulePermissionList = new ArrayList<VXModulePermission>();
+ searchCriteria.setMaxRows(Integer.MAX_VALUE);
+ searchCriteria.setDistinct(true);
+ List<XXModuleDef> moduleDefList = searchResources(searchCriteria, searchFields, sortFields, returnList);
+
+ // Iterate over the result list and create the return list
+ for (XXModuleDef gjXModuleDef : moduleDefList) {
+ VXModulePermission obj = new VXModulePermission();
+ obj.setId(gjXModuleDef.getId());
+ obj.setModule(gjXModuleDef.getModule());
+ List<String> userNameList = daoManager.getXXUserPermission().findModuleUsersByModuleId(gjXModuleDef.getId());
+ List<String> groupNameList = daoManager.getXXGroupPermission().findModuleGroupsByModuleId(gjXModuleDef.getId());
+ obj.setUserNameList(userNameList);
+ obj.setGroupNameList(groupNameList);
+ vXModulePermissionList.add(obj);
+ }
+ returnList.setTotalCount(vXModulePermissionList.size());
+ returnList.setvXModulePermissionList(vXModulePermissionList);
+ return returnList;
+ }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XUserPermissionService.java b/security-admin/src/main/java/org/apache/ranger/service/XUserPermissionService.java
index 963a894..9042d70 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XUserPermissionService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XUserPermissionService.java
@@ -18,13 +18,13 @@
package org.apache.ranger.service;
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.ranger.common.SearchField;
import org.apache.ranger.entity.XXModuleDef;
import org.apache.ranger.entity.XXPortalUser;
-import org.apache.ranger.entity.XXUser;
import org.apache.ranger.entity.XXUserPermission;
import org.apache.ranger.view.VXModuleDef;
import org.apache.ranger.view.VXUserPermission;
@@ -70,29 +70,7 @@ public class XUserPermissionService extends XUserPermissionServiceBase<XXUserPer
return vObj;
}
- public List<VXUserPermission> getPopulatedVXUserPermissionList(List<XXUserPermission> xuserPermissionList,Map<Long, XXUser> xXPortalUserIdXXUserMap,VXModuleDef vModuleDef){
- List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
- XXUser xXUser=null;
- for(XXUserPermission xuserPermission:xuserPermissionList){
- if(xXPortalUserIdXXUserMap.containsKey(xuserPermission.getUserId())){
- xXUser =xXPortalUserIdXXUserMap.get(xuserPermission.getUserId());
- VXUserPermission vXUserPerm=new VXUserPermission();
- vXUserPerm.setId(xuserPermission.getId());
- vXUserPerm.setUserId(xXUser.getId());
- vXUserPerm.setModuleId(xuserPermission.getModuleId());
- vXUserPerm.setIsAllowed(xuserPermission.getIsAllowed());
- vXUserPerm.setCreateDate(xuserPermission.getCreateTime());
- vXUserPerm.setUpdateDate(xuserPermission.getUpdateTime());
- vXUserPerm.setModuleName(vModuleDef.getModule());
- vXUserPerm.setLoginId(xXUser.getName());
- vXUserPerm.setUserName(xXUser.getName());
- vXUserPermissionList.add(vXUserPerm);
- }
- }
- return vXUserPermissionList;
- }
-
- public List<VXUserPermission> getPopulatedVXUserPermissionListNew(List<XXUserPermission> xuserPermissionList,
+ public List<VXUserPermission> getPopulatedVXUserPermissionList(List<XXUserPermission> xuserPermissionList,
Map<Long, Object[]> xXPortalUserIdXXUserMap, VXModuleDef vModuleDef) {
List<VXUserPermission> vXUserPermissionList = new ArrayList<VXUserPermission>();
Object[] xXUser = null;
@@ -114,4 +92,16 @@ public class XUserPermissionService extends XUserPermissionServiceBase<XXUserPer
}
return vXUserPermissionList;
}
+
+ @Override
+ public Map<Long, VXUserPermission> convertVListToVMap(List<VXUserPermission> vObjList) {
+ Map<Long,VXUserPermission> ret = new HashMap<Long,VXUserPermission>();
+ if (vObjList == null) {
+ return ret;
+ }
+ for (VXUserPermission vObj : vObjList) {
+ ret.put(vObj.getUserId(), vObj);
+ }
+ return ret;
+ }
}
\ No newline at end of file
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXModulePermission.java b/security-admin/src/main/java/org/apache/ranger/view/VXModulePermission.java
new file mode 100644
index 0000000..9830d2f
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXModulePermission.java
@@ -0,0 +1,73 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.view;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+
+public class VXModulePermission extends VXDataObject implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+ protected String module;
+ protected List<String> userNameList = new ArrayList<String>();
+ protected List<String> groupNameList = new ArrayList<String>();
+
+ public String getModule() {
+ return module;
+ }
+ public void setModule(String module) {
+ this.module = module;
+ }
+ public List<String> getUserNameList() {
+ return userNameList;
+ }
+ public void setUserNameList(List<String> userNameList) {
+ this.userNameList = userNameList;
+ }
+ public List<String> getGroupNameList() {
+ return groupNameList;
+ }
+ public void setGroupNameList(List<String> groupNameList) {
+ this.groupNameList = groupNameList;
+ }
+
+ @Override
+ public String toString() {
+ String str = "VXModulePermission={";
+ str += super.toString();
+ str += "id={" + id + "} ";
+ str += "module={" + module + " } ";
+ str += "userNameList={" + userNameList + " } ";
+ str += "groupNameList={" + groupNameList + " } ";
+ str += "}";
+ return str;
+ }
+}
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXModulePermissionList.java b/security-admin/src/main/java/org/apache/ranger/view/VXModulePermissionList.java
new file mode 100644
index 0000000..032e044
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXModulePermissionList.java
@@ -0,0 +1,72 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.view;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.apache.ranger.common.view.VList;
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility = Visibility.NONE, setterVisibility = Visibility.NONE, fieldVisibility = Visibility.ANY)
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+
+public class VXModulePermissionList extends VList {
+
+ private static final long serialVersionUID = 1L;
+
+ List<VXModulePermission> vXModulePermissionList = new ArrayList<VXModulePermission>();
+
+ public VXModulePermissionList() {
+ super();
+ }
+
+ public VXModulePermissionList(List<VXModulePermission> objList) {
+ super(objList);
+ this.vXModulePermissionList = objList;
+ }
+
+ public List<VXModulePermission> getvXModulePermissionList() {
+ return vXModulePermissionList;
+ }
+
+ public void setvXModulePermissionList(List<VXModulePermission> vXModulePermissionList) {
+ this.vXModulePermissionList = vXModulePermissionList;
+ }
+
+ @Override
+ public int getListSize() {
+ if(vXModulePermissionList != null) {
+ return vXModulePermissionList.size();
+ }
+ return 0;
+ }
+
+ @Override
+ public List<VXModulePermission> getList() {
+ return vXModulePermissionList;
+ }
+}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index c19ec49..d25fdc0 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -1086,6 +1086,10 @@
<query>DELETE FROM XXUserPermission obj WHERE obj.moduleId=:moduleId</query>
</named-query>
+ <named-query name="XXUserPermission.findModuleUsersByModuleId">
+ <query>select xpu.loginId from XXUserPermission xump, XXPortalUser xpu where xump.moduleId=:moduleId and xump.isAllowed=:isAllowed and xump.userId = xpu.id </query>
+ </named-query>
+
<!-- XXGroupPermission -->
<named-query name="XXGroupPermission.findByGroupId">
<query>SELECT obj FROM XXGroupPermission obj
@@ -1095,18 +1099,12 @@
<named-query name="XXGroupPermission.findByModuleId">
<query>SELECT obj FROM XXGroupPermission obj
- WHERE obj.moduleId=:moduleId AND Obj.isAllowed=:isAllowed
+ WHERE obj.moduleId=:moduleId AND obj.isAllowed=:isAllowed
</query>
</named-query>
-
+
<named-query name="XXGroupPermissionUpdates.findByModuleId">
<query>SELECT obj FROM XXGroupPermission obj
- WHERE obj.moduleId=:moduleId AND Obj.isAllowed=:isAllowed
- </query>
- </named-query>
-
- <named-query name="XXGroupPermissionUpdate.findByModuleId">
- <query>SELECT obj FROM XXGroupPermission obj
WHERE obj.moduleId=:moduleId
</query>
</named-query>
@@ -1126,7 +1124,12 @@
<named-query name="XXGroupPermission.deleteByModuleId">
<query>DELETE FROM XXGroupPermission obj WHERE obj.moduleId=:moduleId</query>
</named-query>
-
+
+ <named-query name="XXGroupPermission.findModuleGroupsByModuleId">
+ <query>select xg.name from XXGroupPermission xgmp, XXGroup xg where xgmp.moduleId=:moduleId and xgmp.isAllowed=:isAllowed and xgmp.groupId =xg.id </query>
+ </named-query>
+
+
<named-query name="XXPortalUser.findByUserName">
<query>SELECT Obj FROM XXPortalUser obj
WHERE obj.loginId=:loginId
diff --git a/security-admin/src/main/webapp/scripts/collection_bases/VXModuleDefListBase.js b/security-admin/src/main/webapp/scripts/collection_bases/VXModuleDefListBase.js
index 3ebee8f..4970c6c 100644
--- a/security-admin/src/main/webapp/scripts/collection_bases/VXModuleDefListBase.js
+++ b/security-admin/src/main/webapp/scripts/collection_bases/VXModuleDefListBase.js
@@ -28,7 +28,7 @@ define(function(require){
var VXModuleDefListBase = XABaseCollection.extend(
/** @lends VXModuleDefListBase.prototype */
{
- url: XAGlobals.baseURL + 'xusers/permission',
+ url: XAGlobals.baseURL + 'xusers/permissionlist',
model : VXModuleDef,
@@ -38,8 +38,8 @@ define(function(require){
* @constructs
*/
initialize : function() {
- this.modelName = 'VXModuleDef';
- this.modelAttrName = 'vXModuleDef';
+ this.modelName = 'vXModulePermissionList';
+ this.modelAttrName = 'vXModulePermissionList';
this.bindErrorEvents();
},
/**
diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
index bddf53d..63006a4 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
@@ -553,10 +553,11 @@ define(function(require) {
};
XAUtils.showGroupsOrUsers = function(rawValue, model, userOrGroups) {
- var showMoreLess = false, objArr, lastShowMoreCnt = 1, j = 1, listShownCnt = 5000;
+ var showMoreLess = false, objArr, lastShowMoreCnt = 1, j = 1, listShownCnt = 1000;
if (!_.isArray(rawValue) && rawValue.length == 0)
return '--';
- objArr = (userOrGroups == 'groups') ? _.pluck(rawValue, 'groupName') : _.pluck(rawValue, 'userName');
+ // objArr = (userOrGroups == 'groups') ? _.pluck(rawValue, 'groupName') : _.pluck(rawValue, 'userName');
+ objArr = rawValue;
var newObjArr = _.map(objArr, function(name, i) {
if (i >= 4) {
var eleStr = '', span = '<span class="badge badge-info float-left-margin-2" policy-' + userOrGroups
diff --git a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js
index cd4641f..f53bb72 100644
--- a/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/permissions/ModulePermsTableLayout.js
@@ -136,8 +136,7 @@ define(function(require){
editable: false,
sortable : false
},
- groupPermList : {
- reName : 'groupPermList',
+ groupNameList : {
cell : Backgrid.HtmlCell.extend({className: 'cellWidth-1'}),
label : localization.tt("lbl.group"),
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
@@ -153,8 +152,7 @@ define(function(require){
sortable : false
},
//Hack for backgrid plugin doesn't allow to have same column name
- userPermList : {
- reName : 'userPermList',
+ userNameList : {
cell : Backgrid.HtmlCell.extend({className: 'cellWidth-1'}),
label : localization.tt("lbl.users"),
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
index bee65bb..eb2d6b3 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
@@ -1346,27 +1346,35 @@ public class TestXUserMgr {
public void test26updateXModuleDefPermission() {
XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
XXModuleDef xModuleDef = xxModuleDef();
- XXUserPermissionDao xUserPermissionDao = Mockito.mock(XXUserPermissionDao.class);
- XXGroupPermissionDao xGroupPermissionDao = Mockito.mock(XXGroupPermissionDao.class);
VXModuleDef vXModuleDef = vxModuleDef();
Mockito.when(xModuleDefService.updateResource(vXModuleDef)).thenReturn(vXModuleDef);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
Mockito.when(xModuleDefDao.getById(userId)).thenReturn(xModuleDef);
- Mockito.when(xModuleDefService.populateViewBean(xModuleDef)).thenReturn(vXModuleDef);
- Mockito.when(daoManager.getXXUserPermission()).thenReturn(xUserPermissionDao);
- Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
+ Map<Long, String> xXGroupNameMap = new HashMap<Long, String>();
+ xXGroupNameMap.put(userId, groupName);
+ Mockito.when(xGroupService.getXXGroupIdNameMap()).thenReturn(xXGroupNameMap);
+ Object[] objArr = new Object[] {userId ,userId,userLoginID};
+ Map<Long, Object[]> xXUserMap =new HashMap<Long, Object[]>();
+ xXUserMap.put(userId, objArr);
+ Mockito.when(xUserService.getXXPortalUserIdXXUserNameMap()).thenReturn(xXUserMap);
+ Mockito.when(xModuleDefService.populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true)).thenReturn(vXModuleDef);
List<XXGroupPermission> xXGroupPermissions=new ArrayList<XXGroupPermission>();
XXGroupPermission xGroupPermissionObj = xxGroupPermission();
xXGroupPermissions.add(xGroupPermissionObj);
VXGroupPermission groupPermission=vxGroupPermission();
- Mockito.when(xGroupPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXGroupPermissions);
- Mockito.when(xGroupPermissionService.populateViewBean(xGroupPermissionObj)).thenReturn(groupPermission);
List<XXUserPermission> xXUserPermissions=new ArrayList<XXUserPermission>();
XXUserPermission xUserPermissionObj=xxUserPermission();
xXUserPermissions.add(xUserPermissionObj);
VXUserPermission vxUserPermission=vxUserPermission();
- Mockito.when(xUserPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXUserPermissions);
- Mockito.when(xUserPermissionService.populateViewBean(xUserPermissionObj)).thenReturn(vxUserPermission);
+
+ Map<Long, VXGroupPermission> groupPermMapOld = new HashMap<Long, VXGroupPermission>();
+ groupPermMapOld.put(groupPermission.getGroupId(), groupPermission);
+ Mockito.when(xGroupPermissionService.convertVListToVMap((List<VXGroupPermission>) Mockito.any())).thenReturn(groupPermMapOld);
+
+ Map<Long, VXUserPermission> userPermMapOld = new HashMap<Long, VXUserPermission>();
+ userPermMapOld.put(vxUserPermission.getUserId(), vxUserPermission);
+ Mockito.when(xUserPermissionService.convertVListToVMap((List<VXUserPermission>) Mockito.any())).thenReturn(userPermMapOld);
+
UserSessionBase userSession = Mockito.mock(UserSessionBase.class);
Set<UserSessionBase> userSessions = new HashSet<UserSessionBase>();
userSessions.add(userSession);
@@ -1385,10 +1393,7 @@ public class TestXUserMgr {
Assert.assertEquals(dbMuduleDef.getGroupPermList(),vXModuleDef.getGroupPermList());
Mockito.verify(xModuleDefService).updateResource(vXModuleDef);
Mockito.verify(daoManager).getXXModuleDef();
- Mockito.verify(xModuleDefService).populateViewBean(xModuleDef);
- Mockito.verify(daoManager).getXXUserPermission();
- Mockito.verify(daoManager).getXXGroupPermission();
-
+ Mockito.verify(xModuleDefService).populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true);
vXModuleDef.setModule("UnknownModule");
Mockito.when(xModuleDefDao.getById(userId)).thenReturn(xModuleDef);
Mockito.when(restErrorUtil.createRESTException("Module name change is not allowed!",MessageEnums.DATA_NOT_UPDATABLE)).thenThrow(new WebApplicationException());
@@ -3150,15 +3155,21 @@ public class TestXUserMgr {
public void test96updateXModuleDefPermission() {
XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
XXModuleDef xModuleDef = xxModuleDef();
- XXUserPermissionDao xUserPermissionDao = Mockito.mock(XXUserPermissionDao.class);
- XXGroupPermissionDao xGroupPermissionDao = Mockito.mock(XXGroupPermissionDao.class);
VXModuleDef vXModuleDef = vxModuleDef();
Mockito.when(xModuleDefService.updateResource(vXModuleDef)).thenReturn(vXModuleDef);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
Mockito.when(xModuleDefDao.getById(userId)).thenReturn(xModuleDef);
- Mockito.when(xModuleDefService.populateViewBean(xModuleDef)).thenReturn(vXModuleDef);
- Mockito.when(daoManager.getXXUserPermission()).thenReturn(xUserPermissionDao);
- Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
+
+ Map<Long, String> xXGroupNameMap = new HashMap<Long, String>();
+ xXGroupNameMap.put(userId, groupName);
+ Mockito.when(xGroupService.getXXGroupIdNameMap()).thenReturn(xXGroupNameMap);
+
+ Object[] objArr = new Object[] {userId ,userId,userLoginID};
+ Map<Long, Object[]> xXUserMap =new HashMap<Long, Object[]>();
+ xXUserMap.put(userId, objArr);
+ Mockito.when(xUserService.getXXPortalUserIdXXUserNameMap()).thenReturn(xXUserMap);
+
+ Mockito.when(xModuleDefService.populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true)).thenReturn(vXModuleDef);
List<XXGroupPermission> xXGroupPermissions=new ArrayList<XXGroupPermission>();
XXGroupPermission xGroupPermissionObj = xxGroupPermission();
xXGroupPermissions.add(xGroupPermissionObj);
@@ -3166,31 +3177,17 @@ public class TestXUserMgr {
VXGroupPermission vXGroupPermission=vxGroupPermission();
vXGroupPermission.setIsAllowed(0);
vXGroupPermissions.add(vXGroupPermission);
- Mockito.when(xGroupPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXGroupPermissions);
List<XXUserPermission> xXUserPermissions=new ArrayList<XXUserPermission>();
XXUserPermission xUserPermissionObj=xxUserPermission();
xXUserPermissions.add(xUserPermissionObj);
VXUserPermission vxUserPermission=vxUserPermission();
vxUserPermission.setIsAllowed(0);
- Mockito.when(xUserPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXUserPermissions);
UserSessionBase userSession = Mockito.mock(UserSessionBase.class);
Set<UserSessionBase> userSessions = new HashSet<UserSessionBase>();
userSessions.add(userSession);
- Map<Long, XXGroup> xXGroupMap =new HashMap<Long, XXGroup>();
- VXGroup vxGroup=vxGroup();
- XXGroup xxGroup = new XXGroup();
- xxGroup.setId(vxGroup.getId());
- xxGroup.setName(vxGroup.getName());
- xxGroup.setDescription(vxGroup.getDescription());
- xxGroup.setIsVisible(vxGroup.getIsVisible());
- xXGroupMap.put(xGroupPermissionObj.getGroupId(), xxGroup);
- Mockito.when(xGroupService.getXXGroupIdXXGroupMap()).thenReturn(xXGroupMap);
- Map<Long, XXUser> xXUserMap =new HashMap<Long, XXUser>();
- VXUser vxUser=vxUser();
- XXUser xXUser=xxUser(vxUser);
- xXUserMap.put(xXUser.getId(), xXUser);
- Mockito.when(xUserService.getXXPortalUserIdXXUserMap()).thenReturn(xXUserMap);
- Mockito.when(xGroupPermissionService.getPopulatedVXGroupPermissionList(xXGroupPermissions,xXGroupMap,vXModuleDef)).thenReturn(vXGroupPermissions);
+ Map<Long, VXGroupPermission> groupPermMapOld = new HashMap<Long, VXGroupPermission>();
+ groupPermMapOld.put(vXGroupPermission.getGroupId(), vXGroupPermission);
+ Mockito.when(xGroupPermissionService.convertVListToVMap((List<VXGroupPermission>) Mockito.any())).thenReturn(groupPermMapOld);
Mockito.when(xGroupPermissionService.updateResource(vXGroupPermission)).thenReturn(vXGroupPermission);
XXGroupUserDao xxGroupUserDao = Mockito.mock(XXGroupUserDao.class);
Mockito.when(daoManager.getXXGroupUser()).thenReturn(xxGroupUserDao);
@@ -3198,7 +3195,9 @@ public class TestXUserMgr {
Mockito.when(xxGroupUserDao.findByGroupId(vXGroupPermission.getGroupId())).thenReturn(grpUsers);
List<VXUserPermission> userPermListOld = new ArrayList<VXUserPermission>();
userPermListOld.add(vxUserPermission);
- Mockito.when(xUserPermissionService.getPopulatedVXUserPermissionList(xXUserPermissions,xXUserMap,vXModuleDef)).thenReturn(userPermListOld);
+ Map<Long, VXUserPermission> userPermMapOld = new HashMap<Long, VXUserPermission>();
+ userPermMapOld.put(vxUserPermission.getUserId(), vxUserPermission);
+ Mockito.when(xUserPermissionService.convertVListToVMap((List<VXUserPermission>) Mockito.any())).thenReturn(userPermMapOld);
Mockito.when(xUserPermissionService.updateResource(vxUserPermission)).thenReturn(vxUserPermission);
Mockito.when(sessionMgr.getActiveUserSessionsForPortalUserId(vxUserPermission.getUserId())).thenReturn(userSessions);
VXModuleDef dbMuduleDef = xUserMgr.updateXModuleDefPermission(vXModuleDef);
@@ -3214,63 +3213,47 @@ public class TestXUserMgr {
Assert.assertEquals(dbMuduleDef.getCreateTime(),vXModuleDef.getCreateTime());
Assert.assertEquals(dbMuduleDef.getUserPermList(),vXModuleDef.getUserPermList());
Assert.assertEquals(dbMuduleDef.getGroupPermList(),vXModuleDef.getGroupPermList());
+ Mockito.verify(xModuleDefService).populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true);
Mockito.verify(xModuleDefService).updateResource(vXModuleDef);
Mockito.verify(daoManager).getXXModuleDef();
- Mockito.verify(xModuleDefService).populateViewBean(xModuleDef);
- Mockito.verify(daoManager).getXXUserPermission();
- Mockito.verify(daoManager).getXXGroupPermission();
}
@Test
public void test97updateXModuleDefPermission() {
XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
XXModuleDef xModuleDef = xxModuleDef();
- XXUserPermissionDao xUserPermissionDao = Mockito.mock(XXUserPermissionDao.class);
- XXGroupPermissionDao xGroupPermissionDao = Mockito.mock(XXGroupPermissionDao.class);
VXModuleDef vXModuleDef = vxModuleDef();
Mockito.when(xModuleDefService.updateResource(vXModuleDef)).thenReturn(vXModuleDef);
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
Mockito.when(xModuleDefDao.getById(userId)).thenReturn(xModuleDef);
- Mockito.when(xModuleDefService.populateViewBean(xModuleDef)).thenReturn(vXModuleDef);
- Mockito.when(daoManager.getXXUserPermission()).thenReturn(xUserPermissionDao);
- Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
+
+ Map<Long, String> xXGroupNameMap = new HashMap<Long, String>();
+ xXGroupNameMap.put(userId, groupName);
+ Mockito.when(xGroupService.getXXGroupIdNameMap()).thenReturn(xXGroupNameMap);
+
+ Object[] objArr = new Object[] {userId ,userId,userLoginID};
+ Map<Long, Object[]> xXUserMap =new HashMap<Long, Object[]>();
+ xXUserMap.put(userId, objArr);
+ Mockito.when(xUserService.getXXPortalUserIdXXUserNameMap()).thenReturn(xXUserMap);
+
+ Mockito.when(xModuleDefService.populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true)).thenReturn(vXModuleDef);
List<XXGroupPermission> xXGroupPermissions=new ArrayList<XXGroupPermission>();
XXGroupPermission xGroupPermissionObj = xxGroupPermission();
xXGroupPermissions.add(xGroupPermissionObj);
- List<VXGroupPermission> vXGroupPermissions=new ArrayList<VXGroupPermission>();
VXGroupPermission vXGroupPermission=vxGroupPermission();
vXGroupPermission.setIsAllowed(0);
- Mockito.when(xGroupPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXGroupPermissions);
List<XXUserPermission> xXUserPermissions=new ArrayList<XXUserPermission>();
XXUserPermission xUserPermissionObj=xxUserPermission();
xXUserPermissions.add(xUserPermissionObj);
VXUserPermission vxUserPermission=vxUserPermission();
vxUserPermission.setIsAllowed(0);
- Mockito.when(xUserPermissionDao.findByModuleId(vXModuleDef.getId(),true)).thenReturn(xXUserPermissions);
UserSessionBase userSession = Mockito.mock(UserSessionBase.class);
Set<UserSessionBase> userSessions = new HashSet<UserSessionBase>();
userSessions.add(userSession);
- Map<Long, XXGroup> xXGroupMap =new HashMap<Long, XXGroup>();
- VXGroup vxGroup=vxGroup();
- XXGroup xxGroup = new XXGroup();
- xxGroup.setId(vxGroup.getId());
- xxGroup.setName(vxGroup.getName());
- xxGroup.setDescription(vxGroup.getDescription());
- xxGroup.setIsVisible(vxGroup.getIsVisible());
- xXGroupMap.put(xGroupPermissionObj.getGroupId(), xxGroup);
- Mockito.when(xGroupService.getXXGroupIdXXGroupMap()).thenReturn(xXGroupMap);
- Map<Long, XXUser> xXUserMap =new HashMap<Long, XXUser>();
- VXUser vxUser=vxUser();
- XXUser xXUser=xxUser(vxUser);
- xXUserMap.put(xXUser.getId(), xXUser);
- Mockito.when(xUserService.getXXPortalUserIdXXUserMap()).thenReturn(xXUserMap);
- Mockito.when(xGroupPermissionService.getPopulatedVXGroupPermissionList(xXGroupPermissions,xXGroupMap,vXModuleDef)).thenReturn(vXGroupPermissions);
XXGroupUserDao xxGroupUserDao = Mockito.mock(XXGroupUserDao.class);
Mockito.when(daoManager.getXXGroupUser()).thenReturn(xxGroupUserDao);
List<XXGroupUser> grpUsers =new ArrayList<XXGroupUser>();
Mockito.when(xxGroupUserDao.findByGroupId(vXGroupPermission.getGroupId())).thenReturn(grpUsers);
- List<VXUserPermission> userPermListOld = new ArrayList<VXUserPermission>();
- Mockito.when(xUserPermissionService.getPopulatedVXUserPermissionList(xXUserPermissions,xXUserMap,vXModuleDef)).thenReturn(userPermListOld);
Mockito.when(sessionMgr.getActiveUserSessionsForPortalUserId(vxUserPermission.getUserId())).thenReturn(userSessions);
Mockito.when(xGroupPermissionService.createResource((VXGroupPermission) Mockito.any())).thenReturn(vXGroupPermission);
Mockito.when(xUserPermissionService.createResource((VXUserPermission) Mockito.any())).thenReturn(vxUserPermission);
@@ -3289,9 +3272,9 @@ public class TestXUserMgr {
Assert.assertEquals(dbMuduleDef.getGroupPermList(),vXModuleDef.getGroupPermList());
Mockito.verify(xModuleDefService).updateResource(vXModuleDef);
Mockito.verify(daoManager).getXXModuleDef();
- Mockito.verify(xModuleDefService).populateViewBean(xModuleDef);
- Mockito.verify(daoManager).getXXUserPermission();
- Mockito.verify(daoManager).getXXGroupPermission();
+ Mockito.verify(xModuleDefService).populateViewBean(xModuleDef,xXUserMap,xXGroupNameMap,true);
+ Mockito.verify(xGroupService).getXXGroupIdNameMap();
+ Mockito.verify(xUserService).getXXPortalUserIdXXUserNameMap();
}
@Test
diff --git a/security-admin/src/test/java/org/apache/ranger/service/TestXGroupPermissionService.java b/security-admin/src/test/java/org/apache/ranger/service/TestXGroupPermissionService.java
index f88b23a..e2e9e2e 100644
--- a/security-admin/src/test/java/org/apache/ranger/service/TestXGroupPermissionService.java
+++ b/security-admin/src/test/java/org/apache/ranger/service/TestXGroupPermissionService.java
@@ -59,9 +59,10 @@ public class TestXGroupPermissionService {
@Test
public void test2GetPopulatedVXGroupPermissionList() {
- Map<Long, XXGroup> xXGroupMap = new HashMap<Long, XXGroup>();
List<XXGroupPermission> xgroupPermissionList = new ArrayList<XXGroupPermission>();
- xGroupPermissionService.getPopulatedVXGroupPermissionList(xgroupPermissionList, xXGroupMap, vXModuleDef);
+ Map<Long, String> xXGroupNameMap = new HashMap<Long, String>();
+ xXGroupNameMap.put(XXGroup.getId(), XXGroup.getName());
+ xGroupPermissionService.getPopulatedVXGroupPermissionList(xgroupPermissionList, xXGroupNameMap, vXModuleDef);
}
}