You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2020/02/26 10:56:15 UTC
[ranger] 01/02: Revert "RANGER-2732: Batch lookup role, group,
and user IDs during policy creation"
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 575f7093f353a1ec813e344060b5cb2f5adbf392
Author: Pradeep <pr...@apache.org>
AuthorDate: Wed Feb 26 15:58:11 2020 +0530
Revert "RANGER-2732: Batch lookup role, group, and user IDs during policy creation"
This reverts commit 51c584682279c799fdc6cad93042e6b7cf461673.
---
.../org/apache/ranger/biz/PolicyRefUpdater.java | 94 +++++++++++-----------
.../main/java/org/apache/ranger/db/XXGroupDao.java | 26 +-----
.../main/java/org/apache/ranger/db/XXRoleDao.java | 23 ------
.../main/java/org/apache/ranger/db/XXUserDao.java | 29 +------
.../main/resources/META-INF/jpa_named_queries.xml | 18 -----
5 files changed, 48 insertions(+), 142 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 21624c1..41d235a 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -21,9 +21,7 @@ package org.apache.ranger.biz;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
-import java.util.Map;
import java.util.Set;
-import java.util.stream.Collectors;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
@@ -33,6 +31,7 @@ import org.apache.ranger.common.RangerCommonEnums;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXDataMaskTypeDef;
+import org.apache.ranger.entity.XXGroup;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPolicyConditionDef;
import org.apache.ranger.entity.XXPolicyRefAccessType;
@@ -43,7 +42,9 @@ import org.apache.ranger.entity.XXPolicyRefResource;
import org.apache.ranger.entity.XXPolicyRefRole;
import org.apache.ranger.entity.XXPolicyRefUser;
import org.apache.ranger.entity.XXResourceDef;
+import org.apache.ranger.entity.XXRole;
import org.apache.ranger.entity.XXServiceDef;
+import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
@@ -148,27 +149,25 @@ public class PolicyRefUpdater {
}
daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
- final Set<String> filteredRoleNames = roleNames.stream()
- .filter(str -> !StringUtils.isBlank(str)).collect(Collectors.toSet());
- Map<String, Long> roleNameIdMap = daoMgr.getXXRole().getIdsByRoleNames(filteredRoleNames);
- if (roleNameIdMap.size() != filteredRoleNames.size()) {
- RangerBizUtil.setBulkMode(false);
- for (String roleName : filteredRoleNames) {
- if (roleNameIdMap.containsKey(roleName)) {
- continue;
- }
-
- Long roleId = createRoleForPolicy(roleName);
- roleNameIdMap.put(roleName, roleId);
- }
- }
-
List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
for (String role : roleNames) {
+ if (StringUtils.isBlank(role)) {
+ continue;
+ }
+
+ XXRole xRole = daoMgr.getXXRole().findByRoleName(role);
+ Long roleId = null;
+ if (xRole != null) {
+ roleId = xRole.getId();
+ }
+ else {
+ RangerBizUtil.setBulkMode(false);
+ roleId = createRoleForPolicy(role);
+ }
XXPolicyRefRole xPolRole = new XXPolicyRefRole();
xPolRole.setPolicyId(policy.getId());
- xPolRole.setRoleId(roleNameIdMap.get(role));
+ xPolRole.setRoleId(roleId);
xPolRole.setRoleName(role);
xPolRoles.add(xPolRole);
@@ -176,27 +175,26 @@ public class PolicyRefUpdater {
RangerBizUtil.setBulkMode(oldBulkMode);
daoMgr.getXXPolicyRefRole().batchCreate(xPolRoles);
- final Set<String> filteredGroupNames = groupNames.stream()
- .filter(str -> !StringUtils.isBlank(str)).collect(Collectors.toSet());
- Map<String, Long> groupNameIdMap = daoMgr.getXXGroup().getIdsByGroupNames(filteredGroupNames);
- if (groupNameIdMap.size() != filteredGroupNames.size()) {
- RangerBizUtil.setBulkMode(false);
- for (String groupName : filteredGroupNames) {
- if (groupNameIdMap.containsKey(groupName)) {
- continue;
- }
+ List<XXPolicyRefGroup> xPolGroups = new ArrayList<>();
+ for (String group : groupNames) {
+ if (StringUtils.isBlank(group)) {
+ continue;
+ }
- Long groupId = createGroupForPolicy(groupName);
- groupNameIdMap.put(groupName, groupId);
+ XXGroup xGroup = daoMgr.getXXGroup().findByGroupName(group);
+ Long groupId = null;
+ if (xGroup != null) {
+ groupId = xGroup.getId();
+ }
+ else {
+ RangerBizUtil.setBulkMode(false);
+ groupId = createGroupForPolicy(group);
}
- }
- List<XXPolicyRefGroup> xPolGroups = new ArrayList<>();
- for (String group : filteredGroupNames) {
XXPolicyRefGroup xPolGroup = new XXPolicyRefGroup();
xPolGroup.setPolicyId(policy.getId());
- xPolGroup.setGroupId(groupNameIdMap.get(group));
+ xPolGroup.setGroupId(groupId);
xPolGroup.setGroupName(group);
xPolGroups.add(xPolGroup);
@@ -204,27 +202,27 @@ public class PolicyRefUpdater {
RangerBizUtil.setBulkMode(oldBulkMode);
daoMgr.getXXPolicyRefGroup().batchCreate(xPolGroups);
- final Set<String> filteredUserNames = userNames.stream()
- .filter(str -> !StringUtils.isBlank(str)).collect(Collectors.toSet());
- Map<String, Long> userNameIdMap = daoMgr.getXXUser().getIdsByUserNames(filteredUserNames);
- if (userNameIdMap.size() != filteredUserNames.size()) {
- RangerBizUtil.setBulkMode(false);
- for (String userName : filteredUserNames) {
- if (userNameIdMap.containsKey(userName)) {
- continue;
- }
+ List<XXPolicyRefUser> xPolUsers = new ArrayList<>();
+ for (String user : userNames) {
+ if (StringUtils.isBlank(user)) {
+ continue;
+ }
- Long userId = createUserForPolicy(userName);
- userNameIdMap.put(userName, userId);
+ XXUser xUser = daoMgr.getXXUser().findByUserName(user);
+ Long userId = null;
+ if(xUser != null){
+ userId = xUser.getId();
+ }
+ else {
+ RangerBizUtil.setBulkMode(false);
+
+ userId = createUserForPolicy(user);
}
- }
- List<XXPolicyRefUser> xPolUsers = new ArrayList<>();
- for (String user : filteredUserNames) {
XXPolicyRefUser xPolUser = new XXPolicyRefUser();
xPolUser.setPolicyId(policy.getId());
- xPolUser.setUserId(userNameIdMap.get(user));
+ xPolUser.setUserId(userId);
xPolUser.setUserName(user);
xPolUsers.add(xPolUser);
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java
index 04633db..1bd59f8 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXGroupDao.java
@@ -21,21 +21,15 @@
import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-import javax.persistence.NoResultException;
-
-import org.apache.commons.collections.CollectionUtils;
import org.apache.ranger.common.db.BaseDao;
import org.apache.ranger.entity.XXGroup;
import org.springframework.stereotype.Service;
@Service
public class XXGroupDao extends BaseDao<XXGroup> {
+
public XXGroupDao(RangerDaoManagerBase daoManager) {
super(daoManager);
}
@@ -73,22 +67,4 @@ public class XXGroupDao extends BaseDao<XXGroup> {
return null;
}
- public Map<String, Long> getIdsByGroupNames(Collection<String> groupNames) {
- Map<String, Long> ret = Collections.emptyMap();
- if (!CollectionUtils.isEmpty(groupNames)) {
- try {
- Collection<Object[]> result = getEntityManager()
- .createNamedQuery("XXGroup.getIdsByGroupNames", Object[].class)
- .setParameter("names", groupNames)
- .getResultList();
- ret = result.stream().collect(
- Collectors.toMap(
- object -> (String)(object[1]),
- object -> (Long)(object[0])));
- } catch (NoResultException e) {
- // ignore
- }
- }
- return ret;
- }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXRoleDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXRoleDao.java
index 185f70a..8528652 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXRoleDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXRoleDao.java
@@ -17,7 +17,6 @@
package org.apache.ranger.db;
-import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.ListUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.common.db.BaseDao;
@@ -26,11 +25,7 @@ import org.springframework.stereotype.Service;
import javax.persistence.NoResultException;
import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
@Service
public class XXRoleDao extends BaseDao<XXRole> {
@@ -68,24 +63,6 @@ public class XXRoleDao extends BaseDao<XXRole> {
return null;
}
}
- public Map<String, Long> getIdsByRoleNames(Collection<String> roleNames) {
- Map<String, Long> ret = Collections.emptyMap();
- if (!CollectionUtils.isEmpty(roleNames)) {
- try {
- Collection<Object[]> result = getEntityManager()
- .createNamedQuery("XXRole.getIdsByRoleNames", Object[].class)
- .setParameter("roleNames", roleNames)
- .getResultList();
- ret = result.stream().collect(
- Collectors.toMap(
- object -> (String)(object[1]),
- object -> (Long)(object[0])));
- } catch (NoResultException e) {
- // ignore
- }
- }
- return ret;
- }
public List<XXRole> findByServiceId(Long serviceId) {
List<XXRole> ret;
try {
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
index d3666bc..cea90c1 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXUserDao.java
@@ -19,14 +19,8 @@
package org.apache.ranger.db;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Map;
-import java.util.stream.Collectors;
-
import javax.persistence.NoResultException;
-import org.apache.commons.collections.CollectionUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.common.db.BaseDao;
import org.apache.ranger.entity.XXUser;
@@ -34,7 +28,7 @@ import org.springframework.stereotype.Service;
@Service
public class XXUserDao extends BaseDao<XXUser> {
- private static final Logger logger = Logger.getLogger(XXUserDao.class);
+ private static final Logger logger = Logger.getLogger(XXResourceDao.class);
public XXUserDao(RangerDaoManagerBase daoManager) {
super(daoManager);
@@ -56,27 +50,6 @@ public class XXUserDao extends BaseDao<XXUser> {
return null;
}
- public Map<String, Long> getIdsByUserNames(Collection<String> names) {
- Map<String, Long> ret = Collections.emptyMap();
- if (CollectionUtils.isEmpty(names)) {
- logger.debug("names is null or empty");
- } else {
- try {
- Collection<Object[]> result = getEntityManager()
- .createNamedQuery("XXUser.getIdsByUserNames", Object[].class)
- .setParameter("names", names)
- .getResultList();
- ret = result.stream().collect(
- Collectors.toMap(
- object -> (String)(object[1]),
- object -> (Long)(object[0])));
- } catch (NoResultException e) {
- // ignore
- }
- }
- return ret;
- }
-
public XXUser findByPortalUserId(Long portalUserId) {
if (portalUserId == null) {
return null;
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index a356f52..f23bf2e 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -198,24 +198,12 @@
</query>
</named-query>
- <named-query name="XXUser.getIdsByUserNames">
- <query>SELECT Obj.id, Obj.name FROM XXUser obj
- WHERE obj.name IN :names
- </query>
- </named-query>
-
<named-query name="XXGroup.findByGroupName">
<query>SELECT Obj FROM XXGroup obj
WHERE obj.name=:name
</query>
</named-query>
- <named-query name="XXGroup.getIdsByGroupNames">
- <query>SELECT Obj.id, Obj.name FROM XXGroup obj
- WHERE obj.name IN :names
- </query>
- </named-query>
-
<named-query name="XXGroupUser.deleteByGroupIdAndUserId">
<query>DELETE FROM XXGroupUser obj
WHERE obj.parentGroupId=:parentGroupId
@@ -1552,12 +1540,6 @@
<query>select obj from XXRole obj where obj.name = :roleName</query>
</named-query>
- <named-query name="XXRole.getIdsByRoleNames">
- <query>SELECT Obj.id, Obj.name FROM XXRole obj
- WHERE obj.name IN :roleNames
- </query>
- </named-query>
-
<named-query name="XXRole.findByServiceId">
<query>select obj from XXRole obj, XXPolicyRefRole policyRefRole, XXPolicy policy where obj.id = policyRefRole.roleId and policyRefRole.policyId = policy.id and policy.service = :serviceId </query>
</named-query>