You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/11/11 21:41:38 UTC
[1/2] incubator-ranger git commit: RANGER-702: optimize policy
download performance
Repository: incubator-ranger
Updated Branches:
refs/heads/master 49e890e26 -> 7c185e1f5
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java b/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java
index dc375f5..b10d2fd 100644
--- a/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java
+++ b/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java
@@ -27,33 +27,9 @@ import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.UserSessionBase;
import org.apache.ranger.db.RangerDaoManager;
-import org.apache.ranger.db.XXAccessTypeDefDao;
-import org.apache.ranger.db.XXGroupDao;
-import org.apache.ranger.db.XXPolicyConditionDefDao;
-import org.apache.ranger.db.XXPolicyItemAccessDao;
-import org.apache.ranger.db.XXPolicyItemConditionDao;
-import org.apache.ranger.db.XXPolicyItemDao;
-import org.apache.ranger.db.XXPolicyResourceDao;
-import org.apache.ranger.db.XXPolicyResourceMapDao;
-import org.apache.ranger.db.XXPortalUserDao;
-import org.apache.ranger.db.XXResourceDefDao;
-import org.apache.ranger.db.XXServiceConfigMapDao;
import org.apache.ranger.db.XXServiceDao;
-import org.apache.ranger.db.XXServiceDefDao;
-import org.apache.ranger.db.XXUserDao;
-import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXPolicy;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXPolicyItem;
-import org.apache.ranger.entity.XXPolicyItemAccess;
-import org.apache.ranger.entity.XXPolicyItemCondition;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXPolicyResourceMap;
-import org.apache.ranger.entity.XXPortalUser;
-import org.apache.ranger.entity.XXResourceDef;
import org.apache.ranger.entity.XXService;
-import org.apache.ranger.entity.XXServiceConfigMap;
-import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
@@ -201,794 +177,6 @@ public class TestRangerPolicyService {
}
@Test
- public void test3PopulateViewBean() {
- XXServiceConfigMapDao xServiceConfigMapDao = Mockito
- .mock(XXServiceConfigMapDao.class);
- XXPortalUserDao xPortalUserDao = Mockito.mock(XXPortalUserDao.class);
- XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
- XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
- XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class);
- XXPolicyResourceDao xPolicyResourceDao = Mockito
- .mock(XXPolicyResourceDao.class);
- XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito
- .mock(XXPolicyResourceMapDao.class);
- XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class);
- XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito
- .mock(XXPolicyItemAccessDao.class);
- XXAccessTypeDefDao xAccessTypeDefDao = Mockito
- .mock(XXAccessTypeDefDao.class);
- XXAccessTypeDef xAccessTypeDef = Mockito.mock(XXAccessTypeDef.class);
- XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito
- .mock(XXPolicyConditionDefDao.class);
- XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
- .mock(XXPolicyItemConditionDao.class);
-
- XXUserDao xUserDao = Mockito.mock(XXUserDao.class);
- XXGroupDao xGroupDao = Mockito.mock(XXGroupDao.class);
-
- XXPolicy policy = policy();
-
- XXService xService = xService();
- String name = "fdfdfds";
-
- List<XXServiceConfigMap> svcConfigMapList = new ArrayList<XXServiceConfigMap>();
- XXServiceConfigMap xConfMap = new XXServiceConfigMap();
- xConfMap.setAddedByUserId(null);
- xConfMap.setConfigkey(name);
- xConfMap.setConfigvalue(name);
- xConfMap.setCreateTime(new Date());
- xConfMap.setServiceId(null);
-
- xConfMap.setUpdatedByUserId(null);
- xConfMap.setUpdateTime(new Date());
- svcConfigMapList.add(xConfMap);
-
- XXPortalUser tUser = new XXPortalUser();
- tUser.setAddedByUserId(Id);
- tUser.setCreateTime(new Date());
- tUser.setEmailAddress("test@gmail.com");
- tUser.setFirstName(name);
- tUser.setId(Id);
- tUser.setLastName(name);
-
- XXServiceDef xServiceDef = new XXServiceDef();
- xServiceDef.setAddedByUserId(Id);
- xServiceDef.setCreateTime(new Date());
- xServiceDef.setDescription("test");
- xServiceDef.setGuid("1427365526516_835_0");
- xServiceDef.setId(Id);
-
- List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>();
- XXResourceDef resourceDef = new XXResourceDef();
- resourceDef.setAddedByUserId(Id);
- resourceDef.setCreateTime(new Date());
- resourceDef.setDefid(Id);
- resourceDef.setDescription("test");
- resourceDef.setId(Id);
- resDefList.add(resourceDef);
-
- XXPolicyResource policyResource = new XXPolicyResource();
- policyResource.setId(Id);
- policyResource.setCreateTime(new Date());
- policyResource.setAddedByUserId(Id);
- policyResource.setIsExcludes(false);
- policyResource.setIsRecursive(false);
- policyResource.setPolicyId(Id);
- policyResource.setResDefId(Id);
- policyResource.setUpdatedByUserId(Id);
- policyResource.setUpdateTime(new Date());
-
- List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>();
- XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap();
- policyResourceMap.setAddedByUserId(Id);
- policyResourceMap.setCreateTime(new Date());
- policyResourceMap.setId(Id);
- policyResourceMap.setOrder(1);
- policyResourceMap.setResourceId(Id);
- policyResourceMap.setUpdatedByUserId(Id);
- policyResourceMap.setUpdateTime(new Date());
- policyResourceMap.setValue("1L");
- policyResourceMapList.add(policyResourceMap);
-
- List<XXPolicyItem> xPolicyItemList = new ArrayList<XXPolicyItem>();
- XXPolicyItem xPolicyItem = new XXPolicyItem();
- xPolicyItem.setDelegateAdmin(false);
- xPolicyItem.setAddedByUserId(null);
- xPolicyItem.setCreateTime(new Date());
- xPolicyItem.setGUID(null);
- xPolicyItem.setId(Id);
- xPolicyItem.setOrder(null);
- xPolicyItem.setPolicyId(Id);
- xPolicyItem.setUpdatedByUserId(null);
- xPolicyItem.setUpdateTime(new Date());
- xPolicyItemList.add(xPolicyItem);
-
- List<XXPolicyItemAccess> policyItemAccessList = new ArrayList<XXPolicyItemAccess>();
- XXPolicyItemAccess policyItemAccess = new XXPolicyItemAccess();
- policyItemAccess.setAddedByUserId(Id);
- policyItemAccess.setCreateTime(new Date());
- policyItemAccess.setPolicyitemid(Id);
- policyItemAccess.setId(Id);
- policyItemAccess.setOrder(1);
- policyItemAccess.setUpdatedByUserId(Id);
- policyItemAccess.setUpdateTime(new Date());
- policyItemAccessList.add(policyItemAccess);
-
- List<XXPolicyConditionDef> xConditionDefList = new ArrayList<XXPolicyConditionDef>();
- XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef();
- policyConditionDefObj.setAddedByUserId(Id);
- policyConditionDefObj.setCreateTime(new Date());
- policyConditionDefObj.setDefid(Id);
- policyConditionDefObj.setDescription("policy conditio");
- policyConditionDefObj.setId(Id);
- policyConditionDefObj.setName(name);
- policyConditionDefObj.setOrder(1);
- policyConditionDefObj.setLabel("label");
- xConditionDefList.add(policyConditionDefObj);
-
- List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
- XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
- policyItemCondition.setAddedByUserId(Id);
- policyItemCondition.setCreateTime(new Date());
- policyItemCondition.setType(1L);
- policyItemCondition.setId(Id);
- policyItemCondition.setOrder(1);
- policyItemCondition.setPolicyItemId(Id);
- policyItemCondition.setUpdatedByUserId(Id);
- policyItemCondition.setUpdateTime(new Date());
- policyItemConditionList.add(policyItemCondition);
-
- List<String> usersList = new ArrayList<String>();
- List<String> groupsList = new ArrayList<String>();
- Mockito.when(daoManager.getXXPortalUser()).thenReturn(xPortalUserDao);
- Mockito.when(xPortalUserDao.getById(Id)).thenReturn(tUser);
-
- Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
- Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(
- xServiceDef);
-
- Mockito.when(daoManager.getXXServiceConfigMap()).thenReturn(
- xServiceConfigMapDao);
- Mockito.when(xServiceConfigMapDao.findByServiceId(xService.getId()))
- .thenReturn(svcConfigMapList);
-
- Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
- Mockito.when(xServiceDao.getById(policy.getService())).thenReturn(
- xService);
-
- Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao);
- Mockito.when(xResourceDefDao.findByPolicyId(policy.getId()))
- .thenReturn(resDefList);
-
- Mockito.when(daoManager.getXXPolicyResource()).thenReturn(
- xPolicyResourceDao);
- Mockito.when(
- xPolicyResourceDao.findByResDefIdAndPolicyId(
- resourceDef.getId(), policy.getId())).thenReturn(
- policyResource);
-
- Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn(
- xPolicyResourceMapDao);
- Mockito.when(
- xPolicyResourceMapDao.findByPolicyResId(policyResource.getId()))
- .thenReturn(policyResourceMapList);
-
- Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao);
- Mockito.when(xPolicyItemDao.findByPolicyId(policy.getId())).thenReturn(
- xPolicyItemList);
-
- Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn(
- xPolicyItemAccessDao);
- Mockito.when(
- xPolicyItemAccessDao.findByPolicyItemId(policyItemAccess
- .getId())).thenReturn(policyItemAccessList);
-
- Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn(
- xAccessTypeDefDao);
- Mockito.when(xAccessTypeDefDao.getById(policyItemAccess.getType()))
- .thenReturn(xAccessTypeDef);
-
- Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn(
- xPolicyConditionDefDao);
- Mockito.when(
- xPolicyConditionDefDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(xConditionDefList);
-
- Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
- xPolicyItemConditionDao);
- Mockito.when(
- xPolicyItemConditionDao.findByPolicyItemAndDefId(
- xPolicyItem.getId(), policyConditionDefObj.getId()))
- .thenReturn(policyItemConditionList);
-
- Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao);
- Mockito.when(xUserDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(usersList);
-
- Mockito.when(daoManager.getXXGroup()).thenReturn(xGroupDao);
- Mockito.when(xGroupDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(groupsList);
-
- RangerPolicy dbRangerPolicy = policyService.populateViewBean(policy);
- Assert.assertNotNull(dbRangerPolicy);
- Assert.assertEquals(dbRangerPolicy.getId(), policy.getId());
- Assert.assertEquals(dbRangerPolicy.getName(), policy.getName());
-
- Assert.assertEquals(dbRangerPolicy.getDescription(),
- policy.getDescription());
- Assert.assertEquals(dbRangerPolicy.getGuid(), policy.getGuid());
-
- Assert.assertEquals(dbRangerPolicy.getVersion(), policy.getVersion());
- Assert.assertEquals(dbRangerPolicy.getIsAuditEnabled(),
- policy.getIsAuditEnabled());
-
- Mockito.verify(daoManager).getXXService();
- Mockito.verify(daoManager).getXXResourceDef();
- Mockito.verify(daoManager).getXXPolicyResource();
- Mockito.verify(daoManager).getXXPolicyResourceMap();
- Mockito.verify(daoManager).getXXPolicyItem();
- Mockito.verify(daoManager).getXXPolicyItemAccess();
- Mockito.verify(daoManager).getXXAccessTypeDef();
- Mockito.verify(daoManager).getXXPolicyConditionDef();
- Mockito.verify(daoManager).getXXPolicyItemCondition();
- Mockito.verify(daoManager).getXXUser();
- Mockito.verify(daoManager).getXXGroup();
- }
-
- @Test
- public void test4GetPolicyItemListForXXPolicy() {
-
- XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class);
- XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito
- .mock(XXPolicyItemAccessDao.class);
- XXUserDao xUserDao = Mockito.mock(XXUserDao.class);
- XXGroupDao xGroupDao = Mockito.mock(XXGroupDao.class);
- XXAccessTypeDefDao xAccessTypeDefDao = Mockito
- .mock(XXAccessTypeDefDao.class);
- XXAccessTypeDef xAccessTypeDef = Mockito.mock(XXAccessTypeDef.class);
- XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito
- .mock(XXPolicyConditionDefDao.class);
- XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
- .mock(XXPolicyItemConditionDao.class);
-
- XXPolicy policy = policy();
- String name = "fdfdfds";
-
- List<XXPolicyItem> xPolicyItemList = new ArrayList<XXPolicyItem>();
- XXPolicyItem xPolicyItem = new XXPolicyItem();
- xPolicyItem.setDelegateAdmin(false);
- xPolicyItem.setAddedByUserId(null);
- xPolicyItem.setCreateTime(new Date());
- xPolicyItem.setGUID(null);
- xPolicyItem.setId(Id);
- xPolicyItem.setOrder(null);
- xPolicyItem.setPolicyId(Id);
- xPolicyItem.setUpdatedByUserId(null);
- xPolicyItem.setUpdateTime(new Date());
- xPolicyItemList.add(xPolicyItem);
-
- List<XXPolicyItemAccess> policyItemAccessList = new ArrayList<XXPolicyItemAccess>();
- XXPolicyItemAccess policyItemAccess = new XXPolicyItemAccess();
- policyItemAccess.setAddedByUserId(Id);
- policyItemAccess.setCreateTime(new Date());
- policyItemAccess.setPolicyitemid(Id);
- policyItemAccess.setId(Id);
- policyItemAccess.setOrder(1);
- policyItemAccess.setUpdatedByUserId(Id);
- policyItemAccess.setUpdateTime(new Date());
- policyItemAccessList.add(policyItemAccess);
-
- List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>();
- XXResourceDef resourceDef = new XXResourceDef();
- resourceDef.setAddedByUserId(Id);
- resourceDef.setCreateTime(new Date());
- resourceDef.setDefid(Id);
- resourceDef.setDescription("test");
- resourceDef.setId(Id);
- resDefList.add(resourceDef);
-
- XXPolicyResource policyResource = new XXPolicyResource();
- policyResource.setId(Id);
- policyResource.setCreateTime(new Date());
- policyResource.setAddedByUserId(Id);
- policyResource.setIsExcludes(false);
- policyResource.setIsRecursive(false);
- policyResource.setPolicyId(Id);
- policyResource.setResDefId(Id);
- policyResource.setUpdatedByUserId(Id);
- policyResource.setUpdateTime(new Date());
-
- List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>();
- XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap();
- policyResourceMap.setAddedByUserId(Id);
- policyResourceMap.setCreateTime(new Date());
- policyResourceMap.setId(Id);
- policyResourceMap.setOrder(1);
- policyResourceMap.setResourceId(Id);
- policyResourceMap.setUpdatedByUserId(Id);
- policyResourceMap.setUpdateTime(new Date());
- policyResourceMap.setValue("1L");
- policyResourceMapList.add(policyResourceMap);
-
- List<XXPolicyConditionDef> xConditionDefList = new ArrayList<XXPolicyConditionDef>();
- XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef();
- policyConditionDefObj.setAddedByUserId(Id);
- policyConditionDefObj.setCreateTime(new Date());
- policyConditionDefObj.setDefid(Id);
- policyConditionDefObj.setDescription("policy conditio");
- policyConditionDefObj.setId(Id);
- policyConditionDefObj.setName(name);
- policyConditionDefObj.setOrder(1);
- policyConditionDefObj.setLabel("label");
- xConditionDefList.add(policyConditionDefObj);
-
- List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
- XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
- policyItemCondition.setAddedByUserId(Id);
- policyItemCondition.setCreateTime(new Date());
- policyItemCondition.setType(1L);
- policyItemCondition.setId(Id);
- policyItemCondition.setOrder(1);
- policyItemCondition.setPolicyItemId(Id);
- policyItemCondition.setUpdatedByUserId(Id);
- policyItemCondition.setUpdateTime(new Date());
- policyItemConditionList.add(policyItemCondition);
-
- List<String> usersList = new ArrayList<String>();
- List<String> groupsList = new ArrayList<String>();
-
- Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao);
- Mockito.when(xPolicyItemDao.findByPolicyId(policy.getId())).thenReturn(
- xPolicyItemList);
-
- Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn(
- xPolicyItemAccessDao);
- Mockito.when(xPolicyItemAccessDao.findByPolicyItemId(policy.getId()))
- .thenReturn(policyItemAccessList);
-
- Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn(
- xAccessTypeDefDao);
- Mockito.when(xAccessTypeDefDao.getById(policyItemAccess.getType()))
- .thenReturn(xAccessTypeDef);
-
- Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn(
- xPolicyConditionDefDao);
- Mockito.when(
- xPolicyConditionDefDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(xConditionDefList);
-
- Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
- xPolicyItemConditionDao);
- Mockito.when(
- xPolicyItemConditionDao.findByPolicyItemAndDefId(
- xPolicyItem.getId(), policyConditionDefObj.getId()))
- .thenReturn(policyItemConditionList);
-
- Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao);
- Mockito.when(xUserDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(usersList);
-
- Mockito.when(daoManager.getXXGroup()).thenReturn(xGroupDao);
- Mockito.when(xGroupDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(groupsList);
-
- RangerPolicy vPolicy = new RangerPolicy();
- policyService.getPolicyItemListForXXPolicy(policy, vPolicy);
- Assert.assertNotNull(vPolicy.getPolicyItems());
-
- Mockito.verify(daoManager).getXXPolicyItemAccess();
- Mockito.verify(daoManager).getXXAccessTypeDef();
- Mockito.verify(daoManager).getXXPolicyConditionDef();
- Mockito.verify(daoManager).getXXPolicyItemCondition();
- Mockito.verify(daoManager).getXXUser();
- Mockito.verify(daoManager).getXXGroup();
- }
-
- @Test
- public void test5PopulateXXToRangerPolicyItem() {
- String name = "fdfdfds";
-
- XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito
- .mock(XXPolicyItemAccessDao.class);
- XXUserDao xUserDao = Mockito.mock(XXUserDao.class);
- XXGroupDao xGroupDao = Mockito.mock(XXGroupDao.class);
- XXAccessTypeDefDao xAccessTypeDefDao = Mockito
- .mock(XXAccessTypeDefDao.class);
- XXAccessTypeDef xAccessTypeDef = Mockito.mock(XXAccessTypeDef.class);
- XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito
- .mock(XXPolicyConditionDefDao.class);
- XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
- .mock(XXPolicyItemConditionDao.class);
-
- List<XXPolicyItem> xPolicyItemList = new ArrayList<XXPolicyItem>();
- XXPolicyItem xPolicyItem = new XXPolicyItem();
- xPolicyItem.setDelegateAdmin(false);
- xPolicyItem.setAddedByUserId(null);
- xPolicyItem.setCreateTime(new Date());
- xPolicyItem.setGUID(null);
- xPolicyItem.setId(Id);
- xPolicyItem.setOrder(null);
- xPolicyItem.setPolicyId(Id);
- xPolicyItem.setUpdatedByUserId(null);
- xPolicyItem.setUpdateTime(new Date());
- xPolicyItemList.add(xPolicyItem);
-
- List<XXPolicyItemAccess> policyItemAccessList = new ArrayList<XXPolicyItemAccess>();
- XXPolicyItemAccess policyItemAccess = new XXPolicyItemAccess();
- policyItemAccess.setAddedByUserId(Id);
- policyItemAccess.setCreateTime(new Date());
- policyItemAccess.setPolicyitemid(Id);
- policyItemAccess.setId(Id);
- policyItemAccess.setOrder(1);
- policyItemAccess.setUpdatedByUserId(Id);
- policyItemAccess.setUpdateTime(new Date());
- policyItemAccessList.add(policyItemAccess);
-
- List<XXPolicyConditionDef> xConditionDefList = new ArrayList<XXPolicyConditionDef>();
- XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef();
- policyConditionDefObj.setAddedByUserId(Id);
- policyConditionDefObj.setCreateTime(new Date());
- policyConditionDefObj.setDefid(Id);
- policyConditionDefObj.setDescription("policy conditio");
- policyConditionDefObj.setId(Id);
- policyConditionDefObj.setName(name);
- policyConditionDefObj.setOrder(1);
- policyConditionDefObj.setLabel("label");
- xConditionDefList.add(policyConditionDefObj);
-
- List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
- XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
- policyItemCondition.setAddedByUserId(Id);
- policyItemCondition.setCreateTime(new Date());
- policyItemCondition.setType(1L);
- policyItemCondition.setId(Id);
- policyItemCondition.setOrder(1);
- policyItemCondition.setPolicyItemId(Id);
- policyItemCondition.setUpdatedByUserId(Id);
- policyItemCondition.setUpdateTime(new Date());
- policyItemConditionList.add(policyItemCondition);
-
- List<String> usersList = new ArrayList<String>();
- List<String> groupsList = new ArrayList<String>();
-
- Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn(
- xPolicyItemAccessDao);
- Mockito.when(xPolicyItemAccessDao.findByPolicyItemId(Id)).thenReturn(
- policyItemAccessList);
-
- Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn(
- xAccessTypeDefDao);
- Mockito.when(xAccessTypeDefDao.getById(policyItemAccess.getType()))
- .thenReturn(xAccessTypeDef);
-
- Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn(
- xPolicyConditionDefDao);
- Mockito.when(
- xPolicyConditionDefDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(xConditionDefList);
-
- Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
- xPolicyItemConditionDao);
- Mockito.when(
- xPolicyItemConditionDao.findByPolicyItemAndDefId(
- xPolicyItem.getId(), policyConditionDefObj.getId()))
- .thenReturn(policyItemConditionList);
-
- Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao);
- Mockito.when(xUserDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(usersList);
-
- Mockito.when(daoManager.getXXGroup()).thenReturn(xGroupDao);
- Mockito.when(xGroupDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(groupsList);
-
- RangerPolicyItem dbRangerPolicyItem = policyService
- .populateXXToRangerPolicyItem(xPolicyItem);
- Assert.assertNotNull(dbRangerPolicyItem);
-
- Mockito.verify(daoManager).getXXPolicyItemAccess();
- Mockito.verify(daoManager).getXXAccessTypeDef();
- Mockito.verify(daoManager).getXXPolicyConditionDef();
- Mockito.verify(daoManager).getXXPolicyItemCondition();
- Mockito.verify(daoManager).getXXUser();
- Mockito.verify(daoManager).getXXGroup();
- }
-
- @Test
- public void test6GetResourcesForXXPolicy() {
-
- XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class);
- XXPolicyResourceDao xPolicyResourceDao = Mockito
- .mock(XXPolicyResourceDao.class);
- XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito
- .mock(XXPolicyResourceMapDao.class);
-
- XXPolicy policy = policy();
-
- List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>();
- XXResourceDef resourceDef = new XXResourceDef();
- resourceDef.setAddedByUserId(Id);
- resourceDef.setCreateTime(new Date());
- resourceDef.setDefid(Id);
- resourceDef.setDescription("test");
- resourceDef.setId(Id);
- resDefList.add(resourceDef);
-
- XXPolicyResource policyResource = new XXPolicyResource();
- policyResource.setId(Id);
- policyResource.setCreateTime(new Date());
- policyResource.setAddedByUserId(Id);
- policyResource.setIsExcludes(false);
- policyResource.setIsRecursive(false);
- policyResource.setPolicyId(Id);
- policyResource.setResDefId(Id);
- policyResource.setUpdatedByUserId(Id);
- policyResource.setUpdateTime(new Date());
-
- List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>();
- XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap();
- policyResourceMap.setAddedByUserId(Id);
- policyResourceMap.setCreateTime(new Date());
- policyResourceMap.setId(Id);
- policyResourceMap.setOrder(1);
- policyResourceMap.setResourceId(Id);
- policyResourceMap.setUpdatedByUserId(Id);
- policyResourceMap.setUpdateTime(new Date());
- policyResourceMap.setValue("1L");
- policyResourceMapList.add(policyResourceMap);
-
- Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao);
- Mockito.when(xResourceDefDao.findByPolicyId(policy.getId()))
- .thenReturn(resDefList);
-
- Mockito.when(daoManager.getXXPolicyResource()).thenReturn(
- xPolicyResourceDao);
- Mockito.when(
- xPolicyResourceDao.findByResDefIdAndPolicyId(
- resourceDef.getId(), policy.getId())).thenReturn(
- policyResource);
-
- Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn(
- xPolicyResourceMapDao);
- Mockito.when(
- xPolicyResourceMapDao.findByPolicyResId(policyResource.getId()))
- .thenReturn(policyResourceMapList);
-
- Map<String, RangerPolicyResource> dbListMap = policyService
- .getResourcesForXXPolicy(policy);
- Assert.assertNotNull(dbListMap);
-
- Mockito.verify(daoManager).getXXResourceDef();
- Mockito.verify(daoManager).getXXPolicyResource();
- Mockito.verify(daoManager).getXXPolicyResourceMap();
- }
-
- @Test
- public void test7GetPopulatedViewObject() {
- XXPortalUserDao xPortalUserDao = Mockito.mock(XXPortalUserDao.class);
- XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
- XXServiceConfigMapDao xServiceConfigMapDao = Mockito
- .mock(XXServiceConfigMapDao.class);
- XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
- XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class);
- XXPolicyResourceDao xPolicyResourceDao = Mockito
- .mock(XXPolicyResourceDao.class);
- XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito
- .mock(XXPolicyResourceMapDao.class);
- XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class);
- XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito
- .mock(XXPolicyItemAccessDao.class);
- XXAccessTypeDefDao xAccessTypeDefDao = Mockito
- .mock(XXAccessTypeDefDao.class);
- XXAccessTypeDef xAccessTypeDef = Mockito.mock(XXAccessTypeDef.class);
- XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito
- .mock(XXPolicyConditionDefDao.class);
- XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito
- .mock(XXPolicyItemConditionDao.class);
- XXUserDao xUserDao = Mockito.mock(XXUserDao.class);
- XXGroupDao xGroupDao = Mockito.mock(XXGroupDao.class);
-
- XXPolicy policy = policy();
- XXService xService = xService();
- String name = "fdfdfds";
-
- XXPortalUser tUser = new XXPortalUser();
- tUser.setAddedByUserId(Id);
- tUser.setCreateTime(new Date());
- tUser.setEmailAddress("test@gmail.com");
- tUser.setFirstName(name);
- tUser.setId(Id);
- tUser.setLastName(name);
-
- XXServiceDef xServiceDef = new XXServiceDef();
- xServiceDef.setAddedByUserId(Id);
- xServiceDef.setCreateTime(new Date());
- xServiceDef.setDescription("test");
- xServiceDef.setGuid("1427365526516_835_0");
- xServiceDef.setId(Id);
-
- List<XXServiceConfigMap> srcConfigMapList = new ArrayList<XXServiceConfigMap>();
- XXServiceConfigMap xConfMap = new XXServiceConfigMap();
- xConfMap.setAddedByUserId(null);
- xConfMap.setConfigkey(name);
- xConfMap.setConfigvalue(name);
- xConfMap.setCreateTime(new Date());
- xConfMap.setServiceId(null);
- xConfMap.setUpdatedByUserId(null);
- xConfMap.setUpdateTime(new Date());
- srcConfigMapList.add(xConfMap);
-
- List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>();
- XXResourceDef resourceDef = new XXResourceDef();
- resourceDef.setAddedByUserId(Id);
- resourceDef.setCreateTime(new Date());
- resourceDef.setDefid(Id);
- resourceDef.setDescription("test");
- resourceDef.setId(Id);
- resDefList.add(resourceDef);
-
- XXPolicyResource policyResource = new XXPolicyResource();
- policyResource.setId(Id);
- policyResource.setCreateTime(new Date());
- policyResource.setAddedByUserId(Id);
- policyResource.setIsExcludes(false);
- policyResource.setIsRecursive(false);
- policyResource.setPolicyId(Id);
- policyResource.setResDefId(Id);
- policyResource.setUpdatedByUserId(Id);
- policyResource.setUpdateTime(new Date());
-
- List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>();
- XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap();
- policyResourceMap.setAddedByUserId(Id);
- policyResourceMap.setCreateTime(new Date());
- policyResourceMap.setId(Id);
- policyResourceMap.setOrder(1);
- policyResourceMap.setResourceId(Id);
- policyResourceMap.setUpdatedByUserId(Id);
- policyResourceMap.setUpdateTime(new Date());
- policyResourceMap.setValue("1L");
- policyResourceMapList.add(policyResourceMap);
-
- List<XXPolicyItem> xPolicyItemList = new ArrayList<XXPolicyItem>();
- XXPolicyItem xPolicyItem = new XXPolicyItem();
- xPolicyItem.setDelegateAdmin(false);
- xPolicyItem.setAddedByUserId(null);
- xPolicyItem.setCreateTime(new Date());
- xPolicyItem.setGUID(null);
- xPolicyItem.setId(Id);
- xPolicyItem.setOrder(null);
- xPolicyItem.setPolicyId(Id);
- xPolicyItem.setUpdatedByUserId(null);
- xPolicyItem.setUpdateTime(new Date());
- xPolicyItemList.add(xPolicyItem);
-
- List<XXPolicyItemAccess> policyItemAccessList = new ArrayList<XXPolicyItemAccess>();
- XXPolicyItemAccess policyItemAccess = new XXPolicyItemAccess();
- policyItemAccess.setAddedByUserId(Id);
- policyItemAccess.setCreateTime(new Date());
- policyItemAccess.setPolicyitemid(Id);
- policyItemAccess.setId(Id);
- policyItemAccess.setOrder(1);
- policyItemAccess.setUpdatedByUserId(Id);
- policyItemAccess.setUpdateTime(new Date());
- policyItemAccessList.add(policyItemAccess);
-
- List<XXPolicyConditionDef> xConditionDefList = new ArrayList<XXPolicyConditionDef>();
- XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef();
- policyConditionDefObj.setAddedByUserId(Id);
- policyConditionDefObj.setCreateTime(new Date());
- policyConditionDefObj.setDefid(Id);
- policyConditionDefObj.setDescription("policy conditio");
- policyConditionDefObj.setId(Id);
- policyConditionDefObj.setName(name);
- policyConditionDefObj.setOrder(1);
- policyConditionDefObj.setLabel("label");
- xConditionDefList.add(policyConditionDefObj);
-
- List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>();
- XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition();
- policyItemCondition.setAddedByUserId(Id);
- policyItemCondition.setCreateTime(new Date());
- policyItemCondition.setType(1L);
- policyItemCondition.setId(Id);
- policyItemCondition.setOrder(1);
- policyItemCondition.setPolicyItemId(Id);
- policyItemCondition.setUpdatedByUserId(Id);
- policyItemCondition.setUpdateTime(new Date());
- policyItemConditionList.add(policyItemCondition);
-
- List<String> usersList = new ArrayList<String>();
- List<String> groupsList = new ArrayList<String>();
-
- Mockito.when(daoManager.getXXPortalUser()).thenReturn(xPortalUserDao);
- Mockito.when(xPortalUserDao.getById(Id)).thenReturn(tUser);
-
- Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
- Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(
- xServiceDef);
-
- Mockito.when(daoManager.getXXServiceConfigMap()).thenReturn(
- xServiceConfigMapDao);
- Mockito.when(xServiceConfigMapDao.findByServiceId(xService.getId()))
- .thenReturn(srcConfigMapList);
-
- Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
- Mockito.when(xServiceDao.getById(policy.getService())).thenReturn(
- xService);
-
- Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao);
- Mockito.when(xResourceDefDao.findByPolicyId(policy.getId()))
- .thenReturn(resDefList);
-
- Mockito.when(daoManager.getXXPolicyResource()).thenReturn(
- xPolicyResourceDao);
- Mockito.when(
- xPolicyResourceDao.findByResDefIdAndPolicyId(
- resourceDef.getId(), policy.getId())).thenReturn(
- policyResource);
-
- Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn(
- xPolicyResourceMapDao);
- Mockito.when(
- xPolicyResourceMapDao.findByPolicyResId(policyResource.getId()))
- .thenReturn(policyResourceMapList);
-
- Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao);
- Mockito.when(xPolicyItemDao.findByPolicyId(policy.getId())).thenReturn(
- xPolicyItemList);
-
- Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn(
- xPolicyItemAccessDao);
- Mockito.when(xPolicyItemAccessDao.findByPolicyItemId(policy.getId()))
- .thenReturn(policyItemAccessList);
-
- Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn(
- xAccessTypeDefDao);
- Mockito.when(xAccessTypeDefDao.getById(policyItemAccess.getType()))
- .thenReturn(xAccessTypeDef);
-
- Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn(
- xPolicyConditionDefDao);
- Mockito.when(
- xPolicyConditionDefDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(xConditionDefList);
-
- Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn(
- xPolicyItemConditionDao);
- Mockito.when(
- xPolicyItemConditionDao.findByPolicyItemAndDefId(
- xPolicyItem.getId(), policyConditionDefObj.getId()))
- .thenReturn(policyItemConditionList);
-
- Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao);
- Mockito.when(xUserDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(usersList);
-
- Mockito.when(daoManager.getXXGroup()).thenReturn(xGroupDao);
- Mockito.when(xGroupDao.findByPolicyItemId(xPolicyItem.getId()))
- .thenReturn(groupsList);
-
- RangerPolicy dbRangerPolicy = policyService
- .getPopulatedViewObject(policy);
- Assert.assertNotNull(dbRangerPolicy);
- Assert.assertEquals(dbRangerPolicy.getId(), policy.getId());
- Assert.assertEquals(dbRangerPolicy.getName(), policy.getName());
- Assert.assertEquals(dbRangerPolicy.getDescription(),
- policy.getDescription());
- Assert.assertEquals(dbRangerPolicy.getGuid(), policy.getGuid());
- Assert.assertEquals(dbRangerPolicy.getVersion(), policy.getVersion());
- Assert.assertEquals(dbRangerPolicy.getIsAuditEnabled(),
- policy.getIsAuditEnabled());
- Mockito.verify(daoManager).getXXPolicyItemAccess();
- Mockito.verify(daoManager).getXXAccessTypeDef();
- Mockito.verify(daoManager).getXXPolicyConditionDef();
- Mockito.verify(daoManager).getXXPolicyItemCondition();
- Mockito.verify(daoManager).getXXUser();
- Mockito.verify(daoManager).getXXGroup();
- }
-
- @Test
public void test8getTransactionLog() {
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
RangerPolicy rangerPolicy = rangerPolicy();
@@ -1002,5 +190,4 @@ public class TestRangerPolicyService {
rangerPolicy, 1);
Assert.assertNotNull(dbXXTrxLogList);
}
-
}
[2/2] incubator-ranger git commit: RANGER-702: optimize policy
download performance
Posted by ma...@apache.org.
RANGER-702: optimize policy download performance
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/7c185e1f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/7c185e1f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/7c185e1f
Branch: refs/heads/master
Commit: 7c185e1f5a8881fd7a7ad0d60abd756b3cd416ec
Parents: 49e890e
Author: Madhan Neethiraj <ma...@apache.org>
Authored: Fri Nov 6 01:09:04 2015 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Wed Nov 11 12:39:39 2015 -0800
----------------------------------------------------------------------
.../ranger/plugin/util/RangerPerfTracer.java | 80 ++
.../ranger/biz/RangerPolicyRetriever.java | 672 +++++++++++++++
.../org/apache/ranger/biz/ServiceDBStore.java | 21 +-
.../apache/ranger/db/XXPolicyItemAccessDao.java | 26 +
.../ranger/db/XXPolicyItemConditionDao.java | 26 +
.../org/apache/ranger/db/XXPolicyItemDao.java | 16 +
.../ranger/db/XXPolicyItemGroupPermDao.java | 25 +
.../ranger/db/XXPolicyItemUserPermDao.java | 25 +
.../apache/ranger/db/XXPolicyResourceDao.java | 13 +
.../ranger/db/XXPolicyResourceMapDao.java | 25 +
.../org/apache/ranger/rest/ServiceREST.java | 302 +++++--
.../ranger/service/RangerBaseModelService.java | 133 ++-
.../ranger/service/RangerPolicyService.java | 10 +-
.../ranger/service/RangerPolicyServiceBase.java | 121 ---
.../RangerPolicyWithAssignedIdService.java | 12 +-
.../resources/META-INF/jpa_named_queries.xml | 104 ++-
.../src/main/webapp/WEB-INF/log4j.xml | 16 +
.../ranger/service/TestRangerPolicyService.java | 813 -------------------
18 files changed, 1394 insertions(+), 1046 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPerfTracer.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPerfTracer.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPerfTracer.java
new file mode 100644
index 0000000..fc84bcd
--- /dev/null
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerPerfTracer.java
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.util;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.commons.lang.StringUtils;
+
+public class RangerPerfTracer {
+ private final Log logger;
+ private final String tag;
+ private final long startTimeMs;
+
+ public static Log getPerfLogger(String name) {
+ return LogFactory.getLog("ranger.perf." + name);
+ }
+
+ public static Log getPerfLogger(Class<?> cls) {
+ return RangerPerfTracer.getPerfLogger(cls.getName());
+ }
+
+ public static boolean isPerfTraceEnabled(Log logger) {
+ return logger.isInfoEnabled();
+ }
+
+ public static RangerPerfTracer getPerfTracer(Log logger, String tag) {
+ return logger.isInfoEnabled() ? new RangerPerfTracer(logger, tag) : null;
+ }
+
+ public static RangerPerfTracer getPerfTracer(Log logger, Object... tagParts) {
+ return logger.isInfoEnabled() ? new RangerPerfTracer(logger, StringUtils.join(tagParts)) : null;
+ }
+
+ public static void log(RangerPerfTracer tracer) {
+ if(tracer != null) {
+ tracer.log();
+ }
+ }
+
+ public RangerPerfTracer(Log logger, String tag) {
+ this.logger = logger;
+ this.tag = tag;
+ startTimeMs = System.currentTimeMillis();
+ }
+
+ public final String getTag() {
+ return tag;
+ }
+
+ public final long getStartTime() {
+ return startTimeMs;
+ }
+
+ public final long getElapsedTime() {
+ return System.currentTimeMillis() - startTimeMs;
+ }
+
+ public void log() {
+ if(logger.isInfoEnabled()) {
+ logger.info("[PERF] " + tag + ": " + getElapsedTime());
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
new file mode 100644
index 0000000..4c65178
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java
@@ -0,0 +1,672 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.biz;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.authorization.utils.StringUtil;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXAccessTypeDef;
+import org.apache.ranger.entity.XXGroup;
+import org.apache.ranger.entity.XXPolicy;
+import org.apache.ranger.entity.XXPolicyConditionDef;
+import org.apache.ranger.entity.XXPolicyItem;
+import org.apache.ranger.entity.XXPolicyItemAccess;
+import org.apache.ranger.entity.XXPolicyItemCondition;
+import org.apache.ranger.entity.XXPolicyItemGroupPerm;
+import org.apache.ranger.entity.XXPolicyItemUserPerm;
+import org.apache.ranger.entity.XXPolicyResource;
+import org.apache.ranger.entity.XXPolicyResourceMap;
+import org.apache.ranger.entity.XXPortalUser;
+import org.apache.ranger.entity.XXResourceDef;
+import org.apache.ranger.entity.XXService;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
+import org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator;
+import org.apache.ranger.plugin.util.RangerPerfTracer;
+
+
+public class RangerPolicyRetriever {
+ static final Log LOG = LogFactory.getLog(RangerPolicyRetriever.class);
+ static final Log PERF_LOG = RangerPerfTracer.getPerfLogger("db.RangerPolicyRetriever");
+
+ final RangerDaoManager daoMgr;
+ final LookupCache lookupCache;
+
+ public RangerPolicyRetriever(RangerDaoManager daoMgr) {
+ this.daoMgr = daoMgr;
+ this.lookupCache = new LookupCache();
+ }
+
+ public List<RangerPolicy> getServicePolicies(Long serviceId) {
+ List<RangerPolicy> ret = null;
+
+ if(serviceId != null) {
+ XXService xService = getXXService(serviceId);
+
+ if(xService != null) {
+ ret = getServicePolicies(xService);
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getServicePolicies(serviceId=" + serviceId + "): service not found");
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ public List<RangerPolicy> getServicePolicies(String serviceName) {
+ List<RangerPolicy> ret = null;
+
+ if(serviceName != null) {
+ XXService xService = getXXService(serviceName);
+
+ if(xService != null) {
+ ret = getServicePolicies(xService);
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getServicePolicies(serviceName=" + serviceName + "): service not found");
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ public List<RangerPolicy> getServicePolicies(XXService xService) {
+ String serviceName = xService == null ? null : xService.getName();
+ Long serviceId = xService == null ? null : xService.getId();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerPolicyRetriever.getServicePolicies(serviceName=" + serviceName + ", serviceId=" + serviceId + ")");
+ }
+
+ List<RangerPolicy> ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "RangerPolicyRetriever.getServicePolicies(serviceName=" + serviceName + ", serviceId=" + serviceId + ")");
+ }
+
+ if(xService != null) {
+ RetrieverContext ctx = new RetrieverContext(xService);
+
+ ret = ctx.getAllPolicies();
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getServicePolicies(xService=" + xService + "): invalid parameter");
+ }
+ }
+
+ RangerPerfTracer.log(perf);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerPolicyRetriever.getServicePolicies(serviceName=" + serviceName + ", serviceId=" + serviceId + "): policyCount=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ public RangerPolicy getPolicy(Long policyId) {
+ RangerPolicy ret = null;
+
+ if(policyId != null) {
+ XXPolicy xPolicy = getXXPolicy(policyId);
+
+ if(xPolicy != null) {
+ ret = getPolicy(xPolicy);
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getPolicy(policyId=" + policyId + "): policy not found");
+ }
+ }
+
+ }
+
+ return ret;
+ }
+
+ public RangerPolicy getPolicy(XXPolicy xPolicy) {
+ RangerPolicy ret = null;
+
+ if(xPolicy != null) {
+ XXService xService = getXXService(xPolicy.getService());
+
+ if(xService != null) {
+ ret = getPolicy(xPolicy, xService);
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getPolicy(policyId=" + xPolicy.getId() + "): service not found (serviceId=" + xPolicy.getService() + ")");
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ public RangerPolicy getPolicy(XXPolicy xPolicy, XXService xService) {
+ Long policyId = xPolicy == null ? null : xPolicy.getId();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerPolicyRetriever.getPolicy(" + policyId + ")");
+ }
+
+ RangerPolicy ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "RangerPolicyRetriever.getPolicy(policyId=" + policyId + ")");
+ }
+
+ if(xPolicy != null && xService != null) {
+ RetrieverContext ctx = new RetrieverContext(xPolicy, xService);
+
+ ret = ctx.getNextPolicy();
+ } else {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("RangerPolicyRetriever.getPolicy(xPolicy=" + xPolicy + ", xService=" + xService + "): invalid parameter(s)");
+ }
+ }
+
+ RangerPerfTracer.log(perf);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerPolicyRetriever.getPolicy(" + policyId + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ private XXService getXXService(Long serviceId) {
+ XXService ret = null;
+
+ if(serviceId != null) {
+ ret = daoMgr.getXXService().getById(serviceId);
+ }
+
+ return ret;
+ }
+
+ private XXService getXXService(String serviceName) {
+ XXService ret = null;
+
+ if(serviceName != null) {
+ ret = daoMgr.getXXService().findByName(serviceName);
+ }
+
+ return ret;
+ }
+
+ private XXPolicy getXXPolicy(Long policyId) {
+ XXPolicy ret = null;
+
+ if(policyId != null) {
+ ret = daoMgr.getXXPolicy().getById(policyId);
+ }
+
+ return ret;
+ }
+
+ class LookupCache {
+ final Map<Long, String> userNames = new HashMap<Long, String>();
+ final Map<Long, String> userScreenNames = new HashMap<Long, String>();
+ final Map<Long, String> groupNames = new HashMap<Long, String>();
+ final Map<Long, String> accessTypes = new HashMap<Long, String>();
+ final Map<Long, String> conditions = new HashMap<Long, String>();
+ final Map<Long, String> resourceDefs = new HashMap<Long, String>();
+
+ String getUserName(Long userId) {
+ String ret = null;
+
+ if(userId != null) {
+ ret = userNames.get(userId);
+
+ if(ret == null) {
+ XXPortalUser user = daoMgr.getXXPortalUser().getById(userId);
+
+ if(user != null) {
+ ret = user.getLoginId();
+
+ userNames.put(userId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ String getUserScreenName(Long userId) {
+ String ret = null;
+
+ if(userId != null) {
+ ret = userScreenNames.get(userId);
+
+ if(ret == null) {
+ XXPortalUser user = daoMgr.getXXPortalUser().getById(userId);
+
+ if(user != null) {
+ ret = user.getPublicScreenName();
+
+ if (StringUtil.isEmpty(ret)) {
+ ret = user.getFirstName();
+
+ if(StringUtil.isEmpty(ret)) {
+ ret = user.getLoginId();
+ } else {
+ if(!StringUtil.isEmpty(user.getLastName())) {
+ ret += (" " + user.getLastName());
+ }
+ }
+ }
+
+ if(ret != null) {
+ userScreenNames.put(userId, ret);
+ }
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ String getGroupName(Long groupId) {
+ String ret = null;
+
+ if(groupId != null) {
+ ret = groupNames.get(groupId);
+
+ if(ret == null) {
+ XXGroup group = daoMgr.getXXGroup().getById(groupId);
+
+ if(group != null) {
+ ret = group.getName();
+
+ groupNames.put(groupId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ String getAccessType(Long accessTypeId) {
+ String ret = null;
+
+ if(accessTypeId != null) {
+ ret = accessTypes.get(accessTypeId);
+
+ if(ret == null) {
+ XXAccessTypeDef xAccessType = daoMgr.getXXAccessTypeDef().getById(accessTypeId);
+
+ if(xAccessType != null) {
+ ret = xAccessType.getName();
+
+ accessTypes.put(accessTypeId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ String getConditionType(Long conditionDefId) {
+ String ret = null;
+
+ if(conditionDefId != null) {
+ ret = conditions.get(conditionDefId);
+
+ if(ret == null) {
+ XXPolicyConditionDef xPolicyConditionDef = daoMgr.getXXPolicyConditionDef().getById(conditionDefId);
+
+ if(xPolicyConditionDef != null) {
+ ret = xPolicyConditionDef.getName();
+
+ conditions.put(conditionDefId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ String getResourceName(Long resourceDefId) {
+ String ret = null;
+
+ if(resourceDefId != null) {
+ ret = resourceDefs.get(resourceDefId);
+
+ if(ret == null) {
+ XXResourceDef xResourceDef = daoMgr.getXXResourceDef().getById(resourceDefId);
+
+ if(xResourceDef != null) {
+ ret = xResourceDef.getName();
+
+ resourceDefs.put(resourceDefId, ret);
+ }
+ }
+ }
+
+ return ret;
+ }
+ }
+
+ static List<XXPolicy> asList(XXPolicy policy) {
+ List<XXPolicy> ret = new ArrayList<XXPolicy>();
+
+ if(policy != null) {
+ ret.add(policy);
+ }
+
+ return ret;
+ }
+
+ class RetrieverContext {
+ final XXService service;
+ final ListIterator<XXPolicy> iterPolicy;
+ final ListIterator<XXPolicyResource> iterResources;
+ final ListIterator<XXPolicyResourceMap> iterResourceMaps;
+ final ListIterator<XXPolicyItem> iterPolicyItems;
+ final ListIterator<XXPolicyItemUserPerm> iterUserPerms;
+ final ListIterator<XXPolicyItemGroupPerm> iterGroupPerms;
+ final ListIterator<XXPolicyItemAccess> iterAccesses;
+ final ListIterator<XXPolicyItemCondition> iterConditions;
+
+ RetrieverContext(XXService xService) {
+ Long serviceId = xService == null ? null : xService.getId();
+
+ List<XXPolicy> xPolicies = daoMgr.getXXPolicy().findByServiceId(serviceId);
+ List<XXPolicyResource> xResources = daoMgr.getXXPolicyResource().findByServiceId(serviceId);
+ List<XXPolicyResourceMap> xResourceMaps = daoMgr.getXXPolicyResourceMap().findByServiceId(serviceId);
+ List<XXPolicyItem> xPolicyItems = daoMgr.getXXPolicyItem().findByServiceId(serviceId);
+ List<XXPolicyItemUserPerm> xUserPerms = daoMgr.getXXPolicyItemUserPerm().findByServiceId(serviceId);
+ List<XXPolicyItemGroupPerm> xGroupPerms = daoMgr.getXXPolicyItemGroupPerm().findByServiceId(serviceId);
+ List<XXPolicyItemAccess> xAccesses = daoMgr.getXXPolicyItemAccess().findByServiceId(serviceId);
+ List<XXPolicyItemCondition> xConditions = daoMgr.getXXPolicyItemCondition().findByServiceId(serviceId);
+
+ this.service = xService;
+ this.iterPolicy = xPolicies.listIterator();
+ this.iterResources = xResources.listIterator();
+ this.iterResourceMaps = xResourceMaps.listIterator();
+ this.iterPolicyItems = xPolicyItems.listIterator();
+ this.iterUserPerms = xUserPerms.listIterator();
+ this.iterGroupPerms = xGroupPerms.listIterator();
+ this.iterAccesses = xAccesses.listIterator();
+ this.iterConditions = xConditions.listIterator();
+ }
+
+ RetrieverContext(XXPolicy xPolicy) {
+ this(xPolicy, getXXService(xPolicy.getService()));
+ }
+
+ RetrieverContext(XXPolicy xPolicy, XXService xService) {
+ Long policyId = xPolicy == null ? null : xPolicy.getId();
+
+ List<XXPolicy> xPolicies = asList(xPolicy);
+ List<XXPolicyResource> xResources = daoMgr.getXXPolicyResource().findByPolicyId(policyId);
+ List<XXPolicyResourceMap> xResourceMaps = daoMgr.getXXPolicyResourceMap().findByPolicyId(policyId);
+ List<XXPolicyItem> xPolicyItems = daoMgr.getXXPolicyItem().findByPolicyId(policyId);
+ List<XXPolicyItemUserPerm> xUserPerms = daoMgr.getXXPolicyItemUserPerm().findByPolicyId(policyId);
+ List<XXPolicyItemGroupPerm> xGroupPerms = daoMgr.getXXPolicyItemGroupPerm().findByPolicyId(policyId);
+ List<XXPolicyItemAccess> xAccesses = daoMgr.getXXPolicyItemAccess().findByPolicyId(policyId);
+ List<XXPolicyItemCondition> xConditions = daoMgr.getXXPolicyItemCondition().findByPolicyId(policyId);
+
+ this.service = xService;
+ this.iterPolicy = xPolicies.listIterator();
+ this.iterResources = xResources.listIterator();
+ this.iterResourceMaps = xResourceMaps.listIterator();
+ this.iterPolicyItems = xPolicyItems.listIterator();
+ this.iterUserPerms = xUserPerms.listIterator();
+ this.iterGroupPerms = xGroupPerms.listIterator();
+ this.iterAccesses = xAccesses.listIterator();
+ this.iterConditions = xConditions.listIterator();
+ }
+
+ RangerPolicy getNextPolicy() {
+ RangerPolicy ret = null;
+
+ if(iterPolicy.hasNext()) {
+ XXPolicy xPolicy = iterPolicy.next();
+
+ if(xPolicy != null) {
+ ret = new RangerPolicy();
+
+ ret.setId(xPolicy.getId());
+ ret.setGuid(xPolicy.getGuid());
+ ret.setIsEnabled(xPolicy.getIsEnabled());
+ ret.setCreatedBy(lookupCache.getUserScreenName(xPolicy.getAddedByUserId()));
+ ret.setUpdatedBy(lookupCache.getUserScreenName(xPolicy.getUpdatedByUserId()));
+ ret.setCreateTime(xPolicy.getCreateTime());
+ ret.setUpdateTime(xPolicy.getUpdateTime());
+ ret.setVersion(xPolicy.getVersion());
+ ret.setService(service == null ? null : service.getName());
+ ret.setName(xPolicy.getName());
+ ret.setPolicyType(xPolicy.getPolicyType());
+ ret.setDescription(xPolicy.getDescription());
+ ret.setResourceSignature(xPolicy.getResourceSignature());
+ ret.setIsAuditEnabled(xPolicy.getIsAuditEnabled());
+
+ getResource(ret);
+ getPolicyItems(ret);
+ }
+ }
+
+ return ret;
+ }
+
+ List<RangerPolicy> getAllPolicies() {
+ List<RangerPolicy> ret = new ArrayList<RangerPolicy>();
+
+ while(iterPolicy.hasNext()) {
+ RangerPolicy policy = getNextPolicy();
+
+ if(policy != null) {
+ ret.add(policy);
+ }
+ }
+
+ if(! hasProcessedAll()) {
+ LOG.warn("getAllPolicies(): perhaps one or more policies got updated during retrieval. Falling back to secondary method");
+
+ ret = getAllPoliciesBySecondary();
+ }
+
+ return ret;
+ }
+
+ List<RangerPolicy> getAllPoliciesBySecondary() {
+ List<RangerPolicy> ret = null;
+
+ if(service != null) {
+ List<XXPolicy> xPolicies = daoMgr.getXXPolicy().findByServiceId(service.getId());
+
+ if(CollectionUtils.isNotEmpty(xPolicies)) {
+ ret = new ArrayList<RangerPolicy>(xPolicies.size());
+
+ for(XXPolicy xPolicy : xPolicies) {
+ RetrieverContext ctx = new RetrieverContext(xPolicy, service);
+
+ RangerPolicy policy = ctx.getNextPolicy();
+
+ if(policy != null) {
+ ret.add(policy);
+ }
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ private boolean hasProcessedAll() {
+ boolean moreToProcess = iterPolicy.hasNext()
+ || iterResources.hasNext()
+ || iterResourceMaps.hasNext()
+ || iterPolicyItems.hasNext()
+ || iterUserPerms.hasNext()
+ || iterGroupPerms.hasNext()
+ || iterAccesses.hasNext()
+ || iterConditions.hasNext();
+
+ return !moreToProcess;
+ }
+
+ private void getResource(RangerPolicy policy) {
+ while(iterResources.hasNext()) {
+ XXPolicyResource xResource = iterResources.next();
+
+ if(xResource.getPolicyid().equals(policy.getId())) {
+ RangerPolicyResource resource = new RangerPolicyResource();
+
+ resource.setIsExcludes(xResource.getIsexcludes());
+ resource.setIsRecursive(xResource.getIsrecursive());
+
+ while(iterResourceMaps.hasNext()) {
+ XXPolicyResourceMap xResourceMap = iterResourceMaps.next();
+
+ if(xResourceMap.getResourceid().equals(xResource.getId())) {
+ resource.getValues().add(xResourceMap.getValue());
+ } else {
+ if(iterResourceMaps.hasPrevious()) {
+ iterResourceMaps.previous();
+ }
+ break;
+ }
+ }
+
+ policy.getResources().put(lookupCache.getResourceName(xResource.getResdefid()), resource);
+ } else if(xResource.getPolicyid().compareTo(policy.getId()) > 0) {
+ if(iterResources.hasPrevious()) {
+ iterResources.previous();
+ }
+ break;
+ }
+ }
+ }
+
+ private void getPolicyItems(RangerPolicy policy) {
+ while(iterPolicyItems.hasNext()) {
+ XXPolicyItem xPolicyItem = iterPolicyItems.next();
+
+ if(xPolicyItem.getPolicyid().equals(policy.getId())) {
+ RangerPolicyItem policyItem = new RangerPolicyItem();
+
+ policyItem.setDelegateAdmin(xPolicyItem.getDelegateAdmin());
+ policyItem.setIsEnabled(xPolicyItem.getIsEnabled());
+ policyItem.setComments(xPolicyItem.getComments());
+
+ while(iterUserPerms.hasNext()) {
+ XXPolicyItemUserPerm xUserPerm = iterUserPerms.next();
+
+ if(xUserPerm.getPolicyitemid().equals(xPolicyItem.getId())) {
+ policyItem.getUsers().add(lookupCache.getUserName(xUserPerm.getUserid()));
+ } else {
+ if(iterUserPerms.hasPrevious()) {
+ iterUserPerms.previous();
+ }
+ break;
+ }
+ }
+
+ while(iterGroupPerms.hasNext()) {
+ XXPolicyItemGroupPerm xGroupPerm = iterGroupPerms.next();
+
+ if(xGroupPerm.getPolicyitemid().equals(xPolicyItem.getId())) {
+ policyItem.getGroups().add(lookupCache.getGroupName(xGroupPerm.getGroupid()));
+ } else {
+ if(iterGroupPerms.hasPrevious()) {
+ iterGroupPerms.previous();
+ }
+ break;
+ }
+ }
+
+ while(iterAccesses.hasNext()) {
+ XXPolicyItemAccess xAccess = iterAccesses.next();
+
+ if(xAccess.getPolicyitemid().equals(xPolicyItem.getId())) {
+ policyItem.getAccesses().add(new RangerPolicyItemAccess(lookupCache.getAccessType(xAccess.getType()), xAccess.getIsallowed()));
+ } else {
+ if(iterAccesses.hasPrevious()) {
+ iterAccesses.previous();
+ }
+ break;
+ }
+ }
+
+ RangerPolicyItemCondition condition = null;
+ Long prevConditionType = null;
+ while(iterConditions.hasNext()) {
+ XXPolicyItemCondition xCondition = iterConditions.next();
+
+ if(xCondition.getPolicyitemid().equals(xPolicyItem.getId())) {
+ if(! xCondition.getType().equals(prevConditionType)) {
+ condition = new RangerPolicyItemCondition();
+ condition.setType(lookupCache.getConditionType(xCondition.getType()));
+ condition.getValues().add(xCondition.getValue());
+
+ policyItem.getConditions().add(condition);
+
+ prevConditionType = xCondition.getType();
+ } else {
+ condition.getValues().add(xCondition.getValue());
+ }
+ } else {
+ if(iterConditions.hasPrevious()) {
+ iterConditions.previous();
+ }
+ break;
+ }
+ }
+
+ int itemType = xPolicyItem.getItemType() == null ? RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW : xPolicyItem.getItemType();
+
+ if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW) {
+ policy.getPolicyItems().add(policyItem);
+ } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY) {
+ policy.getDenyPolicyItems().add(policyItem);
+ } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW_EXCEPTIONS) {
+ policy.getAllowExceptions().add(policyItem);
+ } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS) {
+ policy.getDenyExceptions().add(policyItem);
+ } else { // unknown itemType.. set to default type
+ policy.getPolicyItems().add(policyItem);
+ }
+ } else if(xPolicyItem.getPolicyid().compareTo(policy.getId()) > 0) {
+ if(iterPolicyItems.hasPrevious()) {
+ iterPolicyItems.previous();
+ }
+ break;
+ }
+ }
+ }
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 7dbf9fb..ced2f51 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -183,6 +183,7 @@ public class ServiceDBStore extends AbstractServiceStore {
@Autowired
RangerFactory factory;
+
private static volatile boolean legacyServiceDefsInitDone = false;
private Boolean populateExistingBaseFields = false;
@@ -1685,6 +1686,22 @@ public class ServiceDBStore extends AbstractServiceStore {
}
+ private List<RangerPolicy> getServicePolicies(XXService service) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDBStore.getServicePolicies(" + service.getName() + ")");
+ }
+
+ RangerPolicyRetriever policyRetriever = new RangerPolicyRetriever(daoMgr);
+
+ List<RangerPolicy> ret = policyRetriever.getServicePolicies(service);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDBStore.getServicePolicies(" + service.getName() + "): count=" + ((ret == null) ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
public PList<RangerPolicy> getPaginatedServicePolicies(String serviceName, SearchFilter filter) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.getPaginatedServicePolicies(" + serviceName + ")");
@@ -1747,12 +1764,12 @@ public class ServiceDBStore extends AbstractServiceStore {
tagPolicies.setServiceName(tagServiceDbObj.getName());
tagPolicies.setPolicyVersion(tagServiceDbObj.getPolicyVersion());
tagPolicies.setPolicyUpdateTime(tagServiceDbObj.getPolicyUpdateTime());
- tagPolicies.setPolicies(getServicePolicies(tagServiceDbObj.getName(), null));
+ tagPolicies.setPolicies(getServicePolicies(tagServiceDbObj));
tagPolicies.setServiceDef(tagServiceDef);
}
}
- policies = getServicePolicies(serviceName, null);
+ policies = getServicePolicies(serviceDbObj);
} else {
policies = new ArrayList<RangerPolicy>();
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java
index d9952e0..de37e10 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemAccessDao.java
@@ -44,6 +44,32 @@ public class XXPolicyItemAccessDao extends BaseDao<XXPolicyItemAccess> {
}
}
+ public List<XXPolicyItemAccess> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyItemAccess>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemAccess.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemAccess>();
+ }
+ }
+
+ public List<XXPolicyItemAccess> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyItemAccess>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemAccess.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemAccess>();
+ }
+ }
+
public List<XXPolicyItemAccess> findByType(Long type) {
if (type == null) {
return new ArrayList<XXPolicyItemAccess>();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java
index 4ed59f1..11596ef 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemConditionDao.java
@@ -44,6 +44,32 @@ public class XXPolicyItemConditionDao extends BaseDao<XXPolicyItemCondition> {
}
}
+ public List<XXPolicyItemCondition> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyItemCondition>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemCondition.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemCondition>();
+ }
+ }
+
+ public List<XXPolicyItemCondition> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyItemCondition>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemCondition.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemCondition>();
+ }
+ }
+
public List<XXPolicyItemCondition> findByPolicyItemAndDefId(Long polItemId,
Long polCondDefId) {
if(polItemId == null || polCondDefId == null) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDao.java
index 9c3fe2e..5677173 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemDao.java
@@ -53,4 +53,20 @@ public class XXPolicyItemDao extends BaseDao<XXPolicyItem> {
}
}
+ public List<XXPolicyItem> findByServiceId(Long serviceId) {
+ if (serviceId == null) {
+ return new ArrayList<XXPolicyItem>();
+ }
+ try {
+ List<XXPolicyItem> returnList = getEntityManager()
+ .createNamedQuery("XXPolicyItem.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ if (returnList == null) {
+ return new ArrayList<XXPolicyItem>();
+ }
+ return returnList;
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItem>();
+ }
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java
index fe0c806..8c05699 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemGroupPermDao.java
@@ -44,4 +44,29 @@ public class XXPolicyItemGroupPermDao extends BaseDao<XXPolicyItemGroupPerm> {
}
}
+ public List<XXPolicyItemGroupPerm> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyItemGroupPerm>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemGroupPerm.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemGroupPerm>();
+ }
+ }
+
+ public List<XXPolicyItemGroupPerm> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyItemGroupPerm>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemGroupPerm.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemGroupPerm>();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java
index d8235bc..40a0da1 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyItemUserPermDao.java
@@ -44,4 +44,29 @@ public class XXPolicyItemUserPermDao extends BaseDao<XXPolicyItemUserPerm> {
}
}
+ public List<XXPolicyItemUserPerm> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyItemUserPerm>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemUserPerm.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemUserPerm>();
+ }
+ }
+
+ public List<XXPolicyItemUserPerm> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyItemUserPerm>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyItemUserPerm.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyItemUserPerm>();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceDao.java
index 0cdb75e..4b04b96 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceDao.java
@@ -58,6 +58,19 @@ public class XXPolicyResourceDao extends BaseDao<XXPolicyResource> {
}
}
+ public List<XXPolicyResource> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyResource>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyResource.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyResource>();
+ }
+ }
+
public List<XXPolicyResource> findByResDefId(Long resDefId) {
if (resDefId == null) {
return new ArrayList<XXPolicyResource>();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceMapDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceMapDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceMapDao.java
index ecf4da0..7065737 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceMapDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyResourceMapDao.java
@@ -44,4 +44,29 @@ public class XXPolicyResourceMapDao extends BaseDao<XXPolicyResourceMap> {
}
}
+ public List<XXPolicyResourceMap> findByPolicyId(Long policyId) {
+ if(policyId == null) {
+ return new ArrayList<XXPolicyResourceMap>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyResourceMap.findByPolicyId", tClass)
+ .setParameter("policyId", policyId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyResourceMap>();
+ }
+ }
+
+ public List<XXPolicyResourceMap> findByServiceId(Long serviceId) {
+ if(serviceId == null) {
+ return new ArrayList<XXPolicyResourceMap>();
+ }
+ try {
+ return getEntityManager()
+ .createNamedQuery("XXPolicyResourceMap.findByServiceId", tClass)
+ .setParameter("serviceId", serviceId).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicyResourceMap>();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index ff4d297..9173d6e 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -80,6 +80,7 @@ import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.plugin.store.PList;
import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.plugin.util.GrantRevokeRequest;
+import org.apache.ranger.plugin.util.RangerPerfTracer;
import org.apache.ranger.plugin.util.SearchFilter;
import org.apache.ranger.plugin.util.ServicePolicies;
import org.apache.ranger.security.context.RangerAPIList;
@@ -104,6 +105,7 @@ import org.springframework.transaction.annotation.Transactional;
@Transactional(propagation = Propagation.REQUIRES_NEW)
public class ServiceREST {
private static final Log LOG = LogFactory.getLog(ServiceREST.class);
+ private static final Log PERF_LOG = RangerPerfTracer.getPerfLogger("rest.ServiceREST");
@Autowired
RESTErrorUtil restErrorUtil;
@@ -162,7 +164,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.createServiceDef(" + serviceDef + ")");
}
- RangerServiceDef ret = null;
+ RangerServiceDef ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.createServiceDef(serviceDefName=" + serviceDef.getName() + ")");
+ }
try {
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
@@ -178,6 +185,8 @@ public class ServiceREST {
LOG.error("createServiceDef(" + serviceDef + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -193,10 +202,15 @@ public class ServiceREST {
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.UPDATE_SERVICE_DEF + "\")")
public RangerServiceDef updateServiceDef(RangerServiceDef serviceDef) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> ServiceREST.updateServiceDef(" + serviceDef + ")");
+ LOG.debug("==> ServiceREST.updateServiceDef(serviceDefName=" + serviceDef.getName() + ")");
}
- RangerServiceDef ret = null;
+ RangerServiceDef ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.updateServiceDef(" + serviceDef.getName() + ")");
+ }
try {
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
@@ -212,6 +226,8 @@ public class ServiceREST {
LOG.error("updateServiceDef(" + serviceDef + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -230,6 +246,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.deleteServiceDef(" + id + ")");
}
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deleteServiceDef(serviceDefId=" + id + ")");
+ }
+
try {
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(id, Action.DELETE);
@@ -251,6 +273,8 @@ public class ServiceREST {
LOG.error("deleteServiceDef(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -267,7 +291,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServiceDef(" + id + ")");
}
- RangerServiceDef ret = null;
+ RangerServiceDef ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServiceDef(serviceDefId=" + id + ")");
+ }
try {
XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(id);
@@ -284,6 +313,8 @@ public class ServiceREST {
LOG.error("getServiceDef(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(ret == null) {
@@ -303,10 +334,15 @@ public class ServiceREST {
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.GET_SERVICE_DEF_BY_NAME + "\")")
public RangerServiceDef getServiceDefByName(@PathParam("name") String name) {
if(LOG.isDebugEnabled()) {
- LOG.debug("==> ServiceREST.getServiceDefByName(" + name + ")");
+ LOG.debug("==> ServiceREST.getServiceDefByName(serviceDefName=" + name + ")");
}
- RangerServiceDef ret = null;
+ RangerServiceDef ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServiceDefByName(", name, ")");
+ }
try {
XXServiceDef xServiceDef = daoManager.getXXServiceDef().findByName(name);
@@ -325,6 +361,8 @@ public class ServiceREST {
LOG.error("getServiceDefByName(" + name + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(ret == null) {
@@ -347,7 +385,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServiceDefs()");
}
- RangerServiceDefList ret = null;
+ RangerServiceDefList ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServiceDefs()");
+ }
PList<RangerServiceDef> paginatedSvcDefs = null;
@@ -355,24 +398,26 @@ public class ServiceREST {
try {
paginatedSvcDefs = svcStore.getPaginatedServiceDefs(filter);
+
+ if(paginatedSvcDefs != null) {
+ ret = new RangerServiceDefList();
+
+ ret.setServiceDefs(paginatedSvcDefs.getList());
+ ret.setPageSize(paginatedSvcDefs.getPageSize());
+ ret.setResultSize(paginatedSvcDefs.getResultSize());
+ ret.setStartIndex(paginatedSvcDefs.getStartIndex());
+ ret.setTotalCount(paginatedSvcDefs.getTotalCount());
+ ret.setSortBy(paginatedSvcDefs.getSortBy());
+ ret.setSortType(paginatedSvcDefs.getSortType());
+ }
} catch(WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("getServiceDefs() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
- }
-
- if(paginatedSvcDefs != null) {
- ret = new RangerServiceDefList();
-
- ret.setServiceDefs(paginatedSvcDefs.getList());
- ret.setPageSize(paginatedSvcDefs.getPageSize());
- ret.setResultSize(paginatedSvcDefs.getResultSize());
- ret.setStartIndex(paginatedSvcDefs.getStartIndex());
- ret.setTotalCount(paginatedSvcDefs.getTotalCount());
- ret.setSortBy(paginatedSvcDefs.getSortBy());
- ret.setSortType(paginatedSvcDefs.getSortType());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
@@ -390,7 +435,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.createService(" + service + ")");
}
- RangerService ret = null;
+ RangerService ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.createService(serviceName=" + service.getName() + ")");
+ }
try {
RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
@@ -411,6 +461,8 @@ public class ServiceREST {
LOG.error("createService(" + service + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -429,7 +481,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.updateService(): " + service);
}
- RangerService ret = null;
+ RangerService ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.updateService(serviceName=" + service.getName() + ")");
+ }
try {
RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
@@ -450,6 +507,8 @@ public class ServiceREST {
LOG.error("updateService(" + service + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -468,6 +527,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.deleteService(" + id + ")");
}
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deleteService(serviceId=" + id + ")");
+ }
+
try {
RangerServiceValidator validator = validatorFactory.getServiceValidator(svcStore);
validator.validate(id, Action.DELETE);
@@ -488,6 +553,8 @@ public class ServiceREST {
LOG.error("deleteService(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -504,7 +571,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getService(" + id + ")");
}
- RangerService ret = null;
+ RangerService ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getService(serviceId=" + id + ")");
+ }
try {
ret = svcStore.getService(id);
@@ -514,6 +586,8 @@ public class ServiceREST {
LOG.error("getService(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(ret == null) {
@@ -536,7 +610,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServiceByName(" + name + ")");
}
- RangerService ret = null;
+ RangerService ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getService(serviceName=" + name + ")");
+ }
try {
ret = svcStore.getServiceByName(name);
@@ -546,6 +625,8 @@ public class ServiceREST {
LOG.error("getServiceByName(" + name + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(ret == null) {
@@ -568,7 +649,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServices()");
}
- RangerServiceList ret = null;
+ RangerServiceList ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServices()");
+ }
PList<RangerService> paginatedSvcs = null;
@@ -576,25 +662,26 @@ public class ServiceREST {
try {
paginatedSvcs = svcStore.getPaginatedServices(filter);
+
+ if(paginatedSvcs != null) {
+ ret = new RangerServiceList();
+
+ ret.setServices(paginatedSvcs.getList());
+ ret.setPageSize(paginatedSvcs.getPageSize());
+ ret.setResultSize(paginatedSvcs.getResultSize());
+ ret.setStartIndex(paginatedSvcs.getStartIndex());
+ ret.setTotalCount(paginatedSvcs.getTotalCount());
+ ret.setSortBy(paginatedSvcs.getSortBy());
+ ret.setSortType(paginatedSvcs.getSortType());
+ }
} catch(WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("getServices() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
- }
-
- if(paginatedSvcs != null) {
- ret = new RangerServiceList();
-
-
- ret.setServices(paginatedSvcs.getList());
- ret.setPageSize(paginatedSvcs.getPageSize());
- ret.setResultSize(paginatedSvcs.getResultSize());
- ret.setStartIndex(paginatedSvcs.getStartIndex());
- ret.setTotalCount(paginatedSvcs.getTotalCount());
- ret.setSortBy(paginatedSvcs.getSortBy());
- ret.setSortType(paginatedSvcs.getSortType());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
@@ -608,7 +695,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServices():");
}
- List<RangerService> ret = null;
+ List<RangerService> ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServices()");
+ }
try {
ret = svcStore.getServices(filter);
@@ -618,6 +710,8 @@ public class ServiceREST {
LOG.error("getServices() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -637,7 +731,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.countServices():");
}
- Long ret = null;
+ Long ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.countService()");
+ }
try {
List<RangerService> services = getServices(request).getServices();
@@ -649,6 +748,8 @@ public class ServiceREST {
LOG.error("countServices() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -667,7 +768,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.validateConfig(" + service + ")");
}
- VXResponse ret = new VXResponse();
+ VXResponse ret = new VXResponse();
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.validateConfig(serviceName=" + service.getName() + ")");
+ }
try {
ret = serviceMgr.validateConfig(service, svcStore);
@@ -677,6 +783,8 @@ public class ServiceREST {
LOG.error("validateConfig(" + service + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -695,7 +803,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.lookupResource(" + serviceName + ")");
}
- List<String> ret = new ArrayList<String>();
+ List<String> ret = new ArrayList<String>();
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.lookupResource(serviceName=" + serviceName + ")");
+ }
try {
ret = serviceMgr.lookupResource(serviceName,context, svcStore);
@@ -705,6 +818,8 @@ public class ServiceREST {
LOG.error("lookupResource(" + serviceName + ", " + context + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -722,7 +837,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.grantAccess(" + serviceName + ", " + grantRequest + ")");
}
- RESTResponse ret = new RESTResponse();
+ RESTResponse ret = new RESTResponse();
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.grantAccess(serviceName=" + serviceName + ")");
+ }
if (serviceUtil.isValidateHttpsAuthentication(serviceName, request)) {
@@ -854,6 +974,8 @@ public class ServiceREST {
LOG.error("grantAccess(" + serviceName + ", " + grantRequest + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
ret.setStatusCode(RESTResponse.STATUS_SUCCESS);
@@ -874,7 +996,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.revokeAccess(" + serviceName + ", " + revokeRequest + ")");
}
- RESTResponse ret = new RESTResponse();
+ RESTResponse ret = new RESTResponse();
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.revokeAccess(serviceName=" + serviceName + ")");
+ }
if (serviceUtil.isValidateHttpsAuthentication(serviceName,request)) {
@@ -951,6 +1078,8 @@ public class ServiceREST {
LOG.error("revokeAccess(" + serviceName + ", " + revokeRequest + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
ret.setStatusCode(RESTResponse.STATUS_SUCCESS);
@@ -971,7 +1100,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.createPolicy(" + policy + ")");
}
- RangerPolicy ret = null;
+ RangerPolicy ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.createPolicy(policyName=" + policy.getName() + ")");
+ }
try {
// this needs to happen before validator is called
@@ -1003,6 +1137,8 @@ public class ServiceREST {
LOG.error("createPolicy(" + policy + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -1020,7 +1156,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.updatePolicy(" + policy + ")");
}
- RangerPolicy ret = null;
+ RangerPolicy ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.updatePolicy(policyId=" + policy.getId() + ")");
+ }
try {
RangerPolicyValidator validator = validatorFactory.getPolicyValidator(svcStore);
@@ -1035,6 +1176,8 @@ public class ServiceREST {
LOG.error("updatePolicy(" + policy + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -1052,6 +1195,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.deletePolicy(" + id + ")");
}
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.deletePolicy(policyId=" + id + ")");
+ }
+
try {
RangerPolicyValidator validator = validatorFactory.getPolicyValidator(svcStore);
validator.validate(id, Action.DELETE);
@@ -1067,6 +1216,8 @@ public class ServiceREST {
LOG.error("deletePolicy(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -1082,7 +1233,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getPolicy(" + id + ")");
}
- RangerPolicy ret = null;
+ RangerPolicy ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPolicy(policyId=" + id + ")");
+ }
try {
ret = svcStore.getPolicy(id);
@@ -1096,6 +1252,8 @@ public class ServiceREST {
LOG.error("getPolicy(" + id + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(ret == null) {
@@ -1117,7 +1275,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getPolicies()");
}
- RangerPolicyList ret = null;
+ RangerPolicyList ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPolicies()");
+ }
PList<RangerPolicy> paginatedPolicies = null;
@@ -1145,6 +1308,8 @@ public class ServiceREST {
LOG.error("getPolicies() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
@@ -1158,7 +1323,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getPolicies(filter)");
}
- List<RangerPolicy> ret = null;
+ List<RangerPolicy> ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getPolicies()");
+ }
try {
ret = svcStore.getPolicies(filter);
@@ -1170,6 +1340,8 @@ public class ServiceREST {
LOG.error("getPolicies() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -1187,7 +1359,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.countPolicies():");
}
- Long ret = null;
+ Long ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.countPolicies()");
+ }
try {
List<RangerPolicy> policies = getPolicies(request).getPolicies();
@@ -1201,6 +1378,8 @@ public class ServiceREST {
LOG.error("countPolicies() failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if(LOG.isDebugEnabled()) {
@@ -1219,7 +1398,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServicePolicies(" + serviceId + ")");
}
- RangerPolicyList ret = null;
+ RangerPolicyList ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServicePolicies(serviceId=" + serviceId + ")");
+ }
PList<RangerPolicy> paginatedPolicies = null;
@@ -1247,6 +1431,8 @@ public class ServiceREST {
LOG.error("getServicePolicies(" + serviceId + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if (ret == null) {
@@ -1269,7 +1455,12 @@ public class ServiceREST {
LOG.debug("==> ServiceREST.getServicePolicies(" + serviceName + ")");
}
- RangerPolicyList ret = null;
+ RangerPolicyList ret = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServicePolicies(serviceName=" + serviceName + ")");
+ }
PList<RangerPolicy> paginatedPolicies = null;
@@ -1297,6 +1488,8 @@ public class ServiceREST {
LOG.error("getServicePolicies(" + serviceName + ") failed", excp);
throw restErrorUtil.createRESTException(excp.getMessage());
+ } finally {
+ RangerPerfTracer.log(perf);
}
if (ret == null) {
@@ -1322,6 +1515,11 @@ public class ServiceREST {
ServicePolicies ret = null;
int httpCode = HttpServletResponse.SC_OK;
String logMsg = null;
+ RangerPerfTracer perf = null;
+
+ if(RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServicePoliciesIfUpdated(serviceName=" + serviceName + ", lastKnownVersion=" + lastKnownVersion + ")");
+ }
if (serviceUtil.isValidateHttpsAuthentication(serviceName, request)) {
if(lastKnownVersion == null) {
@@ -1345,6 +1543,8 @@ public class ServiceREST {
logMsg = excp.getMessage();
} finally {
createPolicyDownloadAudit(serviceName, lastKnownVersion, pluginId, ret, httpCode, request);
+
+ RangerPerfTracer.log(perf);
}
if(httpCode != HttpServletResponse.SC_OK) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
index 9ecd77e..ac251c6 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
@@ -41,8 +41,12 @@ import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.db.BaseDao;
import org.apache.ranger.common.view.VList;
import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXDBBase;
+import org.apache.ranger.entity.XXGroup;
+import org.apache.ranger.entity.XXPolicyConditionDef;
import org.apache.ranger.entity.XXPortalUser;
+import org.apache.ranger.entity.XXResourceDef;
import org.apache.ranger.plugin.model.RangerBaseModelObject;
import org.apache.ranger.plugin.store.PList;
import org.apache.ranger.plugin.util.SearchFilter;
@@ -145,53 +149,14 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
}
return entityDao;
}
-
+
protected V populateViewBean(T entityObj) {
V vObj = createViewObject();
vObj.setId(entityObj.getId());
vObj.setCreateTime(entityObj.getCreateTime());
vObj.setUpdateTime(entityObj.getUpdateTime());
-
- if (entityObj.getAddedByUserId() != null) {
- XXPortalUser tUser = daoMgr.getXXPortalUser().getById(
- entityObj.getUpdatedByUserId());
- if(tUser == null) {
- // nothing to do
- } else if (!stringUtil.isEmpty(tUser.getPublicScreenName())) {
- vObj.setCreatedBy(tUser.getPublicScreenName());
- } else {
- if (!stringUtil.isEmpty(tUser.getFirstName())) {
- if (!stringUtil.isEmpty(tUser.getLastName())) {
- vObj.setCreatedBy(tUser.getFirstName() + " "
- + tUser.getLastName());
- } else {
- vObj.setCreatedBy(tUser.getFirstName());
- }
- } else {
- vObj.setCreatedBy(tUser.getLoginId());
- }
- }
- }
- if (entityObj.getUpdatedByUserId() != null) {
- XXPortalUser tUser = daoMgr.getXXPortalUser().getById(
- entityObj.getUpdatedByUserId());
- if(tUser == null) {
- // nothing to do
- } else if (!stringUtil.isEmpty(tUser.getPublicScreenName())) {
- vObj.setUpdatedBy(tUser.getPublicScreenName());
- } else {
- if (!stringUtil.isEmpty(tUser.getFirstName())) {
- if (!stringUtil.isEmpty(tUser.getLastName())) {
- vObj.setUpdatedBy(tUser.getFirstName() + " "
- + tUser.getLastName());
- } else {
- vObj.setUpdatedBy(tUser.getFirstName());
- }
- } else {
- vObj.setUpdatedBy(tUser.getLoginId());
- }
- }
- }
+ vObj.setCreatedBy(getUserScreenName(entityObj.getAddedByUserId()));
+ vObj.setUpdatedBy(getUserScreenName(entityObj.getUpdatedByUserId()));
return mapEntityToViewBean(vObj, entityObj);
}
@@ -456,4 +421,88 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
return bizUtil.getClassType(tEntityClass);
}
+
+ protected String getUserScreenName(Long userId) {
+ String ret = null;
+
+ XXPortalUser xPortalUser = userId == null ? null : daoMgr.getXXPortalUser().getById(userId);
+
+ if(xPortalUser != null) {
+ ret = xPortalUser.getPublicScreenName();
+
+ if (stringUtil.isEmpty(ret)) {
+ ret = xPortalUser.getFirstName();
+
+ if(stringUtil.isEmpty(ret)) {
+ ret = xPortalUser.getLoginId();
+ } else {
+ if(!stringUtil.isEmpty(xPortalUser.getLastName())) {
+ ret += (" " + xPortalUser.getLastName());
+ }
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ protected String getUserName(Long userId) {
+ String ret = null;
+
+ XXPortalUser xPortalUser = userId == null ? null : daoMgr.getXXPortalUser().getById(userId);
+
+ if(xPortalUser != null) {
+ ret = xPortalUser.getLoginId();
+ }
+
+ return ret;
+ }
+
+ protected String getGroupName(Long groupId) {
+ String ret = null;
+
+ XXGroup xGroup = groupId == null ? null : daoMgr.getXXGroup().getById(groupId);
+
+ if(xGroup != null) {
+ ret = xGroup.getName();
+ }
+
+ return ret;
+ }
+
+ protected String getAccessTypeName(Long accessTypeDefId) {
+ String ret = null;
+
+ XXAccessTypeDef accessTypeDef = accessTypeDefId == null ? null : daoMgr.getXXAccessTypeDef().getById(accessTypeDefId);
+
+ if(accessTypeDef != null) {
+ ret = accessTypeDef.getName();
+ }
+
+ return ret;
+ }
+
+ protected String getConditionName(Long conditionDefId) {
+ String ret = null;
+
+ XXPolicyConditionDef conditionDef = conditionDefId == null ? null : daoMgr.getXXPolicyConditionDef().getById(conditionDefId);
+
+ if(conditionDef != null) {
+ ret = conditionDef.getName();
+ }
+
+ return ret;
+ }
+
+ protected String getResourceName(Long resourceDefId) {
+ String ret = null;
+
+ XXResourceDef resourceDef = resourceDefId == null ? null : daoMgr.getXXResourceDef().getById(resourceDefId);
+
+ if(resourceDef != null) {
+ ret = resourceDef.getName();
+ }
+
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
index 12367e6..d853972 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
@@ -24,6 +24,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.ranger.biz.RangerPolicyRetriever;
import org.apache.ranger.common.AppConstants;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.MessageEnums;
@@ -97,12 +98,9 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range
@Override
protected RangerPolicy populateViewBean(XXPolicy xPolicy) {
- RangerPolicy vPolicy = super.populateViewBean(xPolicy);
-
- Map<String, RangerPolicyResource> resources = getResourcesForXXPolicy(xPolicy);
- vPolicy.setResources(resources);
-
- getPolicyItemListForXXPolicy(xPolicy, vPolicy);
+ RangerPolicyRetriever retriever = new RangerPolicyRetriever(daoMgr);
+
+ RangerPolicy vPolicy = retriever.getPolicy(xPolicy);
return vPolicy;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
index 8c73c4c..b256a92 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
@@ -18,9 +18,7 @@
package org.apache.ranger.service;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.common.GUIDUtil;
@@ -30,25 +28,10 @@ import org.apache.ranger.common.SortField;
import org.apache.ranger.common.SearchField.DATA_TYPE;
import org.apache.ranger.common.SearchField.SEARCH_TYPE;
import org.apache.ranger.common.SortField.SORT_ORDER;
-import org.apache.ranger.db.XXAccessTypeDefDao;
-import org.apache.ranger.db.XXPolicyResourceDao;
-import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXPolicyBase;
-import org.apache.ranger.entity.XXPolicyConditionDef;
-import org.apache.ranger.entity.XXPolicyItem;
-import org.apache.ranger.entity.XXPolicyItemAccess;
-import org.apache.ranger.entity.XXPolicyItemCondition;
-import org.apache.ranger.entity.XXPolicyResource;
-import org.apache.ranger.entity.XXPolicyResourceMap;
-import org.apache.ranger.entity.XXResourceDef;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.plugin.model.RangerPolicy;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
-import org.apache.ranger.plugin.policyevaluator.RangerPolicyItemEvaluator;
import org.apache.ranger.plugin.util.SearchFilter;
import org.apache.ranger.view.RangerPolicyList;
import org.springframework.beans.factory.annotation.Autowired;
@@ -145,108 +128,4 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends
return retList;
}
-
- public void getPolicyItemListForXXPolicy(XXPolicyBase xPolicy, RangerPolicy policy) {
- List<XXPolicyItem> xPolicyItemList = daoMgr.getXXPolicyItem().findByPolicyId(xPolicy.getId());
-
- policy.setPolicyItems(null);
- policy.setDenyPolicyItems(null);
- policy.setAllowExceptions(null);
- policy.setDenyExceptions(null);
-
- for (XXPolicyItem xPolItem : xPolicyItemList) {
- RangerPolicyItem policyItem = populateXXToRangerPolicyItem(xPolItem);
- int itemType = xPolItem.getItemType() == null ? RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW : xPolItem.getItemType();
-
- if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW) {
- policy.getPolicyItems().add(policyItem);
- } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY) {
- policy.getDenyPolicyItems().add(policyItem);
- } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW_EXCEPTIONS) {
- policy.getAllowExceptions().add(policyItem);
- } else if(itemType == RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS) {
- policy.getDenyExceptions().add(policyItem);
- } else { // unknown itemType.. set to default type
- policy.getPolicyItems().add(policyItem);
- }
- }
- }
-
- public RangerPolicyItem populateXXToRangerPolicyItem(XXPolicyItem xPolItem) {
-
- RangerPolicyItem rangerPolItem = new RangerPolicyItem();
-
- List<XXPolicyItemAccess> xPolItemAccList = daoMgr.getXXPolicyItemAccess().findByPolicyItemId(xPolItem.getId());
- List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
-
- XXAccessTypeDefDao xAccDefDao = daoMgr.getXXAccessTypeDef();
- for (XXPolicyItemAccess xPolAccess : xPolItemAccList) {
- RangerPolicyItemAccess access = new RangerPolicyItemAccess();
- access.setIsAllowed(xPolAccess.getIsallowed());
- XXAccessTypeDef xAccessType = xAccDefDao.getById(xPolAccess.getType());
- access.setType(xAccessType.getName());
-
- accesses.add(access);
- }
- rangerPolItem.setAccesses(accesses);
-
- List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
- List<XXPolicyConditionDef> xConditionDefList = daoMgr.getXXPolicyConditionDef().findByPolicyItemId(
- xPolItem.getId());
- for (XXPolicyConditionDef xCondDef : xConditionDefList) {
-
- List<XXPolicyItemCondition> xPolCondItemList = daoMgr.getXXPolicyItemCondition().findByPolicyItemAndDefId(
- xPolItem.getId(), xCondDef.getId());
- List<String> values = new ArrayList<String>();
-
- for (XXPolicyItemCondition polCond : xPolCondItemList) {
- values.add(polCond.getValue());
- }
-
- RangerPolicyItemCondition condition = new RangerPolicyItemCondition();
- condition.setType(xCondDef.getName());
- condition.setValues(values);
-
- conditions.add(condition);
- }
- rangerPolItem.setConditions(conditions);
-
- List<String> userList = daoMgr.getXXUser().findByPolicyItemId(xPolItem.getId());
- List<String> grpList = daoMgr.getXXGroup().findByPolicyItemId(xPolItem.getId());
-
- rangerPolItem.setUsers(userList);
- rangerPolItem.setGroups(grpList);
-
- rangerPolItem.setDelegateAdmin(xPolItem.getDelegateAdmin());
- rangerPolItem.setIsEnabled(xPolItem.getIsEnabled());
- rangerPolItem.setComments(xPolItem.getComments());
- return rangerPolItem;
- }
-
- public Map<String, RangerPolicyResource> getResourcesForXXPolicy(XXPolicyBase xPolicy) {
- List<XXResourceDef> resDefList = daoMgr.getXXResourceDef().findByPolicyId(xPolicy.getId());
- Map<String, RangerPolicyResource> resources = new HashMap<String, RangerPolicyResource>();
-
- XXPolicyResourceDao xPolResDao = daoMgr.getXXPolicyResource();
- for (XXResourceDef xResDef : resDefList) {
- XXPolicyResource xPolRes = xPolResDao.findByResDefIdAndPolicyId(xResDef.getId(), xPolicy.getId());
- if (xPolRes == null) {
- continue;
- }
- List<String> values = new ArrayList<>();
- List<XXPolicyResourceMap> xPolResMapList = daoMgr.getXXPolicyResourceMap().findByPolicyResId(
- xPolRes.getId());
- for (XXPolicyResourceMap xPolResMap : xPolResMapList) {
- values.add(xPolResMap.getValue());
- }
- RangerPolicyResource resource = new RangerPolicyResource();
- resource.setValues(values);
- resource.setIsExcludes(xPolRes.getIsexcludes());
- resource.setIsRecursive(xPolRes.getIsrecursive());
-
- resources.put(xResDef.getName(), resource);
- }
- return resources;
- }
-
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java
index 0dae4bd..cf59c91 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyWithAssignedIdService.java
@@ -17,15 +17,12 @@
package org.apache.ranger.service;
-import java.util.List;
-import java.util.Map;
+import org.apache.ranger.biz.RangerPolicyRetriever;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.entity.XXPolicyBase;
import org.apache.ranger.entity.XXPolicyWithAssignedId;
import org.apache.ranger.plugin.model.RangerPolicy;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
-import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -60,12 +57,9 @@ public class RangerPolicyWithAssignedIdService extends RangerPolicyServiceBase<X
@Override
protected RangerPolicy populateViewBean(XXPolicyWithAssignedId xPolicy) {
- RangerPolicy vPolicy = super.populateViewBean(xPolicy);
+ RangerPolicyRetriever retriever = new RangerPolicyRetriever(daoMgr);
- Map<String, RangerPolicyResource> resources = getResourcesForXXPolicy(xPolicy);
- vPolicy.setResources(resources);
-
- getPolicyItemListForXXPolicy(xPolicy, vPolicy);
+ RangerPolicy vPolicy = retriever.getPolicy(xPolicy.getId());
return vPolicy;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
----------------------------------------------------------------------
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 4de99e2..4719fc9 100644
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -205,7 +205,17 @@
<!-- XXPolicyItem -->
<named-query name="XXPolicyItem.findByPolicyId">
- <query>select obj from XXPolicyItem obj where obj.policyId = :policyId order by obj.order</query>
+ <query>select obj from XXPolicyItem obj
+ where obj.policyId = :policyId
+ order by obj.id
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItem.findByServiceId">
+ <query>select obj from XXPolicyItem obj
+ where obj.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by obj.policyId, obj.id
+ </query>
</named-query>
<!-- XXPolicy -->
@@ -382,7 +392,17 @@
</named-query>
<named-query name="XXPolicyResource.findByPolicyId">
- <query>select obj from XXPolicyResource obj where obj.policyId = :policyId</query>
+ <query>select obj from XXPolicyResource obj
+ where obj.policyId = :policyId
+ order by obj.id
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyResource.findByServiceId">
+ <query>select obj from XXPolicyResource obj
+ where obj.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by obj.policyId, obj.id
+ </query>
</named-query>
<named-query name="XXPolicyResource.findByResDefId">
@@ -394,6 +414,22 @@
<query>select obj from XXPolicyResourceMap obj where obj.resourceId = :polResId order by obj.order</query>
</named-query>
+ <named-query name="XXPolicyResourceMap.findByPolicyId">
+ <query>select obj from XXPolicyResourceMap obj, XXPolicyResource res
+ where obj.resourceId = res.id
+ and res.policyId = :policyId
+ order by obj.resourceId, obj.order
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyResourceMap.findByServiceId">
+ <query>select obj from XXPolicyResourceMap obj, XXPolicyResource res
+ where obj.resourceId = res.id
+ and res.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by res.policyId, obj.resourceId, obj.order
+ </query>
+ </named-query>
+
<!-- XXPolicyItemAccess -->
<named-query name="XXPolicyItemAccess.findByPolicyItemId">
<query>select obj from XXPolicyItemAccess obj where obj.policyItemId = :polItemId order by obj.order</query>
@@ -402,6 +438,22 @@
<named-query name="XXPolicyItemAccess.findByType">
<query>select obj from XXPolicyItemAccess obj where obj.type = :type</query>
</named-query>
+
+ <named-query name="XXPolicyItemAccess.findByPolicyId">
+ <query>select obj from XXPolicyItemAccess obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId = :policyId
+ order by obj.policyItemId, obj.order
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemAccess.findByServiceId">
+ <query>select obj from XXPolicyItemAccess obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by item.policyId, obj.policyItemId, obj.order
+ </query>
+ </named-query>
<!-- XXPolicyItemCondition -->
<named-query name="XXPolicyItemCondition.findByPolicyItemId">
@@ -416,17 +468,65 @@
<named-query name="XXPolicyItemCondition.findByPolicyConditionDefId">
<query>select obj from XXPolicyItemCondition obj where obj.type = :polCondDefId</query>
</named-query>
+
+ <named-query name="XXPolicyItemCondition.findByPolicyId">
+ <query>select obj from XXPolicyItemCondition obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId = :policyId
+ order by obj.policyItemId, obj.type, obj.order
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemCondition.findByServiceId">
+ <query>select obj from XXPolicyItemCondition obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by item.policyId, obj.policyItemId, obj.type, obj.order
+ </query>
+ </named-query>
<!-- XXPolicyItemGroupPerm -->
<named-query name="XXPolicyItemGroupPerm.findByPolicyItemId">
<query>select obj from XXPolicyItemGroupPerm obj where obj.policyItemId = :polItemId order by obj.order</query>
</named-query>
+ <named-query name="XXPolicyItemGroupPerm.findByPolicyId">
+ <query>select obj from XXPolicyItemGroupPerm obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId = :policyId
+ order by obj.policyItemId, obj.order
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemGroupPerm.findByServiceId">
+ <query>select obj from XXPolicyItemGroupPerm obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by item.policyId, obj.policyItemId, obj.order
+ </query>
+ </named-query>
+
<!-- XXPolicyItemUserPerm -->
<named-query name="XXPolicyItemUserPerm.findByPolicyItemId">
<query>select obj from XXPolicyItemUserPerm obj where obj.policyItemId = :polItemId order by obj.order</query>
</named-query>
+ <named-query name="XXPolicyItemUserPerm.findByPolicyId">
+ <query>select obj from XXPolicyItemUserPerm obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId = :policyId
+ order by obj.policyItemId, obj.order
+ </query>
+ </named-query>
+
+ <named-query name="XXPolicyItemUserPerm.findByServiceId">
+ <query>select obj from XXPolicyItemUserPerm obj, XXPolicyItem item
+ where obj.policyItemId = item.id
+ and item.policyId in (select policy.id from XXPolicy policy where policy.service = :serviceId)
+ order by item.policyId, obj.policyItemId, obj.order
+ </query>
+ </named-query>
+
<!-- XXDataHist -->
<named-query name="XXDataHist.findLatestByObjectClassTypeAndObjectId">
<query>select obj from XXDataHist obj where obj.objectId = :objectId
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/7c185e1f/security-admin/src/main/webapp/WEB-INF/log4j.xml
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/WEB-INF/log4j.xml b/security-admin/src/main/webapp/WEB-INF/log4j.xml
index 22ec74e..3510d02 100644
--- a/security-admin/src/main/webapp/WEB-INF/log4j.xml
+++ b/security-admin/src/main/webapp/WEB-INF/log4j.xml
@@ -28,6 +28,15 @@
</layout>
</appender>
+ <appender name="perf_appender" class="org.apache.log4j.DailyRollingFileAppender">
+ <param name="file" value="${logdir}/ranger_admin_perf.log" />
+ <param name="datePattern" value="'.'yyyy-MM-dd" />
+ <param name="append" value="true" />
+ <layout class="org.apache.log4j.PatternLayout">
+ <param name="ConversionPattern" value="%d [%t] %m%n" />
+ </layout>
+ </appender>
+
<appender name="sql_appender" class="org.apache.log4j.DailyRollingFileAppender">
<param name="file" value="${logdir}/xa_portal_sql.log" />
<param name="datePattern" value="'.'yyyy-MM-dd" />
@@ -74,6 +83,13 @@
<appender-ref ref="xa_log_appender" />
</category>
+ <!--
+ <category name="ranger.perf" additivity="false">
+ <priority value="info" />
+ <appender-ref ref="perf_appender" />
+ </category>
+ -->
+
<category name="xa" additivity="false">
<priority value="info" />
<appender-ref ref="xa_log_appender" />