You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2020/10/05 20:08:37 UTC
[ranger] branch master updated (e533963 -> 166dfb6)
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git.
from e533963 RANGER-3013: Remove minor version of 'jna' jar file
new 4763786 RANGER-3016: Ranger service/ repo delete improvements
new 370cb67 RANGER-3011 : Code improvement for Audit Access Log Detail popup.
new 166dfb6 RANGER-3014: Revert "RANGER-2789: GET API service/xusers/users turns very slow when there are more than 1000 users"
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../java/org/apache/ranger/biz/ServiceDBStore.java | 102 +++++++++------
.../main/java/org/apache/ranger/entity/XXUser.java | 6 -
.../org/apache/ranger/service/XUserService.java | 141 +--------------------
.../apache/ranger/service/XUserServiceBase.java | 130 -------------------
.../main/java/org/apache/ranger/view/VXUser.java | 19 ---
.../views/reports/AuditAccessLogDetailView.js | 5 +-
6 files changed, 64 insertions(+), 339 deletions(-)
[ranger] 03/03: RANGER-3014: Revert "RANGER-2789: GET API
service/xusers/users turns very slow when there are more than 1000 users"
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 166dfb6c478faba275766e5e2566031231a7decb
Author: Mahesh Bandal <ma...@gmail.com>
AuthorDate: Sat Oct 3 02:39:27 2020 +0530
RANGER-3014: Revert "RANGER-2789: GET API service/xusers/users turns very slow when there are more than 1000 users"
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../main/java/org/apache/ranger/entity/XXUser.java | 6 -
.../org/apache/ranger/service/XUserService.java | 141 +--------------------
.../apache/ranger/service/XUserServiceBase.java | 130 -------------------
.../main/java/org/apache/ranger/view/VXUser.java | 19 ---
4 files changed, 1 insertion(+), 295 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXUser.java b/security-admin/src/main/java/org/apache/ranger/entity/XXUser.java
index 14f0b64..0464e7b 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXUser.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXUser.java
@@ -37,8 +37,6 @@ import org.apache.ranger.common.AppConstants;
import org.apache.ranger.common.RangerCommonEnums;
import org.apache.ranger.common.RangerConstants;
-import java.util.Objects;
-
@Entity
@Table(name="x_user")
@@ -287,8 +285,4 @@ public class XXUser extends XXDBBase implements java.io.Serializable {
return null;
}
- @Override
- public int hashCode() {
- return Objects.hash(super.hashCode(), name, description, status, credStoreId);
- }
}
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XUserService.java b/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
index 4b0c7e3..adb8e60 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XUserService.java
@@ -25,19 +25,13 @@ import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
-import java.util.Objects;
import java.util.Set;
-import java.util.stream.Collectors;
-
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.collections4.MapUtils;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.common.AppConstants;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RangerCommonEnums;
import org.apache.ranger.common.RangerConstants;
-import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SortField;
import org.apache.ranger.common.StringUtil;
@@ -50,13 +44,10 @@ import org.apache.ranger.entity.XXUser;
import org.apache.ranger.util.RangerEnumUtil;
import org.apache.ranger.view.VXPortalUser;
import org.apache.ranger.view.VXUser;
-import org.apache.ranger.view.VXUserList;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
-
-import static java.util.function.Function.identity;
-import static java.util.stream.Collectors.toMap;
+import org.springframework.util.CollectionUtils;
@Service
@Scope("singleton")
@@ -215,19 +206,6 @@ public class XUserService extends XUserServiceBase<XXUser, VXUser> {
}
@Override
- protected List<VXUser> mapEntityToViewBeans(Map<VXUser, XXUser> vxUserXXUserMap) {
- if (MapUtils.isNotEmpty(vxUserXXUserMap)) {
- Map<String, VXUser> userNameVXUserMap = vxUserXXUserMap.keySet()
- .stream()
- .collect(toMap(VXUser::getName, identity()));
- super.mapEntityToViewBeans(vxUserXXUserMap);
- populateUserListAttributes(userNameVXUserMap);
- return new ArrayList<>(vxUserXXUserMap.keySet());
- }
- return new ArrayList<>();
- }
-
- @Override
public VXUser populateViewBean(XXUser xUser) {
VXUser vObj = super.populateViewBean(xUser);
vObj.setIsVisible(xUser.getIsVisible());
@@ -235,38 +213,6 @@ public class XUserService extends XUserServiceBase<XXUser, VXUser> {
return vObj;
}
- @Override
- public List<VXUser> populateViewBeans(List<XXUser> xUsers) {
- List<VXUser> vObjList = super.populateViewBeans(xUsers);
- if (CollectionUtils.isNotEmpty(vObjList) && CollectionUtils.isNotEmpty(xUsers) && xUsers.size() == vObjList.size()) {
- Map<Long, VXUser> xUserIdVObjMap = new HashMap<>(xUsers.size());
- for (int i = 0; i < xUsers.size(); ++i) {
- VXUser vObj = vObjList.get(i);
- XXUser xUser = xUsers.get(i);
- vObj.setIsVisible(xUser.getIsVisible());
- xUserIdVObjMap.put(xUser.getId(), vObj);
- }
- populateGroupList(xUserIdVObjMap);
- }
- return vObjList;
- }
-
- /**
- * @param searchCriteria
- * @return
- */
- @Override
- public VXUserList searchXUsers(SearchCriteria searchCriteria) {
- VXUserList returnList = new VXUserList();
-
- @SuppressWarnings("unchecked")
- List<XXUser> resultList = searchResources(searchCriteria,
- searchFields, sortFields, returnList);
-
- returnList.setVXUsers(populateViewBeans(resultList));
- return returnList;
- }
-
private void populateGroupList(Long xUserId, VXUser vObj) {
List<XXGroupUser> xGroupUserList = daoManager.getXXGroupUser()
.findByUserId(xUserId);
@@ -284,40 +230,6 @@ public class XUserService extends XUserServiceBase<XXUser, VXUser> {
vObj.setGroupNameList(groupNames);
}
- private void populateGroupList(Map<Long, VXUser> xUserIdVObjMap) {
- List<XXGroupUser> allXXGroupUsers = daoManager.getXXGroupUser().getAll();
- if (MapUtils.isNotEmpty(xUserIdVObjMap) && CollectionUtils.isNotEmpty(allXXGroupUsers)) {
- Map<Long, List<XXGroupUser>> userIdXXGroupUserMap = new HashMap<>(xUserIdVObjMap.size());
- for (Map.Entry<Long, VXUser> xUserIdVXUserEntry : xUserIdVObjMap.entrySet()) {
- Long xUserId = xUserIdVXUserEntry.getKey();
- List<XXGroupUser> xxGroupUsers = allXXGroupUsers
- .stream()
- .filter(xXGroupUser -> Objects.equals(xXGroupUser.getUserId(), xUserId))
- .collect(Collectors.toList());
- userIdXXGroupUserMap.put(xUserId, xxGroupUsers);
- }
- for (Map.Entry<Long, List<XXGroupUser>> xUserIdXXGroupUserListEntry : userIdXXGroupUserMap.entrySet()) {
- Long xUserId = xUserIdXXGroupUserListEntry.getKey();
- List<XXGroupUser> xGroupUserList = xUserIdXXGroupUserListEntry.getValue();
- Set<Long> groupIdList = new LinkedHashSet<>();
- Set<String> groupNameList = new LinkedHashSet<>();
- if (xGroupUserList != null) {
- for (XXGroupUser xGroupUser : xGroupUserList) {
- groupIdList.add(xGroupUser.getParentGroupId());
- groupNameList.add(xGroupUser.getName());
- }
- }
- List<Long> groups = new ArrayList<>(groupIdList);
- List<String> groupNames = new ArrayList<>(groupNameList);
- VXUser vObj = xUserIdVObjMap.get(xUserId);
- if (vObj != null) {
- vObj.setGroupIdList(groups);
- vObj.setGroupNameList(groupNames);
- }
- }
- }
- }
-
private void populateUserAttributes(String userName, VXUser vObj) {
if (userName != null && !userName.isEmpty()) {
List<String> userRoleList =new ArrayList<String>();
@@ -347,57 +259,6 @@ public class XUserService extends XUserServiceBase<XXUser, VXUser> {
}
}
- private void populateUserListAttributes(Map<String, VXUser> userNameVObjMap) {
- List<XXPortalUser> allXPortalUsers = daoManager.getXXPortalUser().findAllXPortalUser();
- List<XXPortalUserRole> allXPortalUserRoles = daoManager.getXXPortalUserRole().getAll();
- if (MapUtils.isNotEmpty(userNameVObjMap) && CollectionUtils.isNotEmpty(allXPortalUsers)) {
- Map<String, XXPortalUser> loginIdXXPortalUserMap = new HashMap<>(allXPortalUsers.size());
- Map<Long, List<XXPortalUserRole>> userIdRoleMap = new HashMap<>();
- for (XXPortalUser xPortalUser : allXPortalUsers) {
- loginIdXXPortalUserMap.put(xPortalUser.getLoginId(), xPortalUser);
- List<XXPortalUserRole> xxPortalUserRoles = new ArrayList<>();
- if (allXPortalUserRoles != null) {
- for (XXPortalUserRole xPortalUserRole : allXPortalUserRoles) {
- if (Objects.equals(xPortalUserRole.getUserId(), xPortalUser.getId())) {
- xxPortalUserRoles.add(xPortalUserRole);
- }
- }
- }
- userIdRoleMap.put(xPortalUser.getId(), xxPortalUserRoles);
- }
-
- for (Map.Entry<String, VXUser> userNameVObjEntry : userNameVObjMap.entrySet()) {
- String userName = userNameVObjEntry.getKey();
- VXUser vObj = userNameVObjEntry.getValue();
- if (userName != null && !userName.isEmpty()) {
- List<String> userRoleList = new ArrayList<>();
- XXPortalUser xXPortalUser = loginIdXXPortalUserMap.get(userName);
- if (xXPortalUser != null) {
- vObj.setFirstName(xXPortalUser.getFirstName());
- vObj.setLastName(xXPortalUser.getLastName());
- vObj.setPassword(PropertiesUtil.getProperty("ranger.password.hidden"));
- String emailAddress = xXPortalUser.getEmailAddress();
- if (emailAddress != null
- && stringUtil.validateEmail(emailAddress)) {
- vObj.setEmailAddress(xXPortalUser.getEmailAddress());
- }
- vObj.setStatus(xXPortalUser.getStatus());
- vObj.setUserSource(xXPortalUser.getUserSource());
- List<XXPortalUserRole> gjUserRoleList = userIdRoleMap.get(
- xXPortalUser.getId());
- for (XXPortalUserRole gjUserRole : gjUserRoleList) {
- userRoleList.add(gjUserRole.getUserRole());
- }
- }
- if(userRoleList==null || userRoleList.isEmpty()){
- userRoleList.add(RangerConstants.ROLE_USER);
- }
- vObj.setUserRoleList(userRoleList);
- }
- }
- }
- }
-
public List<XXTrxLog> getTransactionLog(VXUser vResource, String action) {
return getTransactionLog(vResource, null, action);
}
diff --git a/security-admin/src/main/java/org/apache/ranger/service/XUserServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/XUserServiceBase.java
index 4fcdda2..9cdc14e 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/XUserServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/XUserServiceBase.java
@@ -24,27 +24,17 @@
*/
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.function.Function;
-
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.collections4.MapUtils;
-import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.SearchCriteria;
-import org.apache.ranger.common.UserSessionBase;
-import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.UserInfo;
import org.apache.ranger.view.VXUser;
import org.apache.ranger.view.VXUserList;
-import static java.util.stream.Collectors.toMap;
-
public abstract class XUserServiceBase<T extends XXUser, V extends VXUser>
extends AbstractBaseResourceService<T, V> {
public static final String NAME = "XUser";
@@ -76,126 +66,6 @@ public abstract class XUserServiceBase<T extends XXUser, V extends VXUser>
return vObj;
}
- protected List<VXUser> mapEntityToViewBeans(Map<VXUser, XXUser> vxUserXXUserMap) {
- List<VXUser> vxUsers = new ArrayList<>();
- if (MapUtils.isNotEmpty(vxUserXXUserMap)) {
- for (Map.Entry<VXUser, XXUser> vxUserXXUserEntry : vxUserXXUserMap.entrySet()) {
- VXUser vObj = vxUserXXUserEntry.getKey();
- XXUser mObj = vxUserXXUserEntry.getValue();
- vObj.setName(mObj.getName());
- vObj.setIsVisible(mObj.getIsVisible());
- vObj.setDescription(mObj.getDescription());
- vObj.setCredStoreId(mObj.getCredStoreId());
- vObj.setOtherAttributes(mObj.getOtherAttributes());
- vxUsers.add(vObj);
- }
- }
- return vxUsers;
- }
-
- public List<VXUser> populateViewBeans(List<XXUser> resources) {
- List<VXUser> viewBeans = new ArrayList<>();
- if (CollectionUtils.isNotEmpty(resources)) {
- Map<XXUser, VXUser> resourceViewBeanMap = new HashMap<>(resources.size());
- Map<VXUser, XXUser> viewBeanResourceMap = new HashMap<>(resources.size());
- for (XXUser resource : resources) {
- VXUser viewBean = createViewObject();
- viewBean.setCredStoreId(resource.getCredStoreId());
- viewBean.setDescription(resource.getDescription());
- viewBean.setName(resource.getName());
- viewBean.setStatus(resource.getStatus());
- resourceViewBeanMap.put(resource, viewBean);
- viewBeanResourceMap.put(viewBean, resource);
- viewBeans.add(viewBean);
- }
- populateViewBeans(resourceViewBeanMap);
- mapEntityToViewBeans(viewBeanResourceMap);
- }
- return viewBeans;
- }
-
- protected void populateViewBeans(Map<XXUser, VXUser> resourceViewBeanMap) {
- mapBaseAttributesToViewBeans(resourceViewBeanMap);
- }
-
- private void mapBaseAttributesToViewBeans(Map<XXUser, VXUser> resourceViewBeanMap) {
- List<XXPortalUser> allXPortalUsers = daoManager.getXXPortalUser().findAllXPortalUser();
- if (MapUtils.isNotEmpty(resourceViewBeanMap) && CollectionUtils.isNotEmpty(allXPortalUsers)) {
- Map<Long, XXPortalUser> idXXPortalUserMap = allXPortalUsers
- .stream()
- .collect(toMap(XXPortalUser::getId, Function.identity()));
- resourceViewBeanMap.forEach((resource, viewBean) -> {
- viewBean.setId(resource.getId());
-
- // TBD: Need to review this change later
- viewBean.setMObj(resource);
- viewBean.setCreateDate(resource.getCreateTime());
- viewBean.setUpdateDate(resource.getUpdateTime());
-
- Long ownerId = resource.getAddedByUserId();
- UserSessionBase currentUserSession = ContextUtil
- .getCurrentUserSession();
-
- if (currentUserSession == null) {
- return;
- }
-
- if (ownerId != null) {
- XXPortalUser tUser = idXXPortalUserMap.get(
- resource.getAddedByUserId());
- if (tUser != null) {
- if (tUser.getPublicScreenName() != null
- && !tUser.getPublicScreenName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getPublicScreenName().trim())) {
- viewBean.setOwner(tUser.getPublicScreenName());
- } else {
- if (tUser.getFirstName() != null
- && !tUser.getFirstName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getFirstName().trim())) {
- if (tUser.getLastName() != null
- && !tUser.getLastName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getLastName().trim())) {
- viewBean.setOwner(tUser.getFirstName() + " "
- + tUser.getLastName());
- } else {
- viewBean.setOwner(tUser.getFirstName());
- }
- } else {
- viewBean.setOwner(tUser.getLoginId());
- }
- }
- }
- }
- if (resource.getUpdatedByUserId() != null) {
- XXPortalUser tUser = idXXPortalUserMap.get(
- resource.getUpdatedByUserId());
- if (tUser != null) {
- if (tUser.getPublicScreenName() != null
- && !tUser.getPublicScreenName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getPublicScreenName().trim())) {
- viewBean.setUpdatedBy(tUser.getPublicScreenName());
- } else {
- if (tUser.getFirstName() != null
- && !tUser.getFirstName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getFirstName().trim())) {
- if (tUser.getLastName() != null
- && !tUser.getLastName().trim().isEmpty()
- && !"null".equalsIgnoreCase(tUser.getLastName().trim())) {
- viewBean.setUpdatedBy(tUser.getFirstName() + " "
- + tUser.getLastName());
- } else {
- viewBean.setUpdatedBy(tUser.getFirstName());
- }
- } else {
- viewBean.setUpdatedBy(tUser.getLoginId());
- }
- }
- }
- }
- });
- }
- }
-
/**
* @param searchCriteria
* @return
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXUser.java b/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
index d6f53fd..96f6468 100644
--- a/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
@@ -25,7 +25,6 @@
*/
import java.util.Collection;
-import java.util.Objects;
import javax.xml.bind.annotation.XmlRootElement;
@@ -306,24 +305,6 @@ public class VXUser extends VXDataObject implements java.io.Serializable {
this.otherAttributes = otherAttributes;
}
- @Override
- public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
-
- VXUser vxUser = (VXUser) o;
-
- return Objects.equals(status, vxUser.status) &&
- Objects.equals(name, vxUser.name) &&
- Objects.equals(description, vxUser.description) &&
- Objects.equals(credStoreId, vxUser.credStoreId);
- }
-
- @Override
- public int hashCode() {
- return Objects.hash(super.hashCode(), name, description, credStoreId, status);
- }
-
/**
* This return the bean content in string format
* @return formatedStr
[ranger] 01/03: RANGER-3016: Ranger service/ repo delete
improvements
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 4763786a4801936f4f651d7fd911907f3b788cd4
Author: Kishor Gollapalliwar <ki...@gmail.com>
AuthorDate: Tue Sep 29 18:52:14 2020 +0530
RANGER-3016: Ranger service/ repo delete improvements
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../java/org/apache/ranger/biz/ServiceDBStore.java | 102 ++++++++++++---------
1 file changed, 60 insertions(+), 42 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 2b77e6e..3f3ec47 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -139,6 +139,7 @@ import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
import org.apache.ranger.plugin.model.RangerPolicy.RangerRowFilterPolicyItem;
+import org.apache.ranger.plugin.model.RangerSecurityZone.RangerSecurityZoneService;
import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
@@ -192,7 +193,6 @@ import org.apache.ranger.view.VXMetricServiceNameCount;
import org.apache.ranger.view.VXMetricUserGroupCount;
import org.apache.ranger.view.VXPolicyLabelList;
import org.apache.ranger.view.VXPortalUser;
-import org.apache.ranger.view.VXResponse;
import org.apache.ranger.view.VXString;
import org.apache.ranger.view.VXUser;
import org.apache.ranger.view.VXUserList;
@@ -280,54 +280,54 @@ public class ServiceDBStore extends AbstractServiceStore {
@Autowired
RangerPolicyLabelHelper policyLabelsHelper;
- @Autowired
+ @Autowired
XUserService xUserService;
-
+
@Autowired
XUserMgr xUserMgr;
- @Autowired
- XGroupService xGroupService;
+ @Autowired
+ XGroupService xGroupService;
- @Autowired
+ @Autowired
PolicyRefUpdater policyRefUpdater;
@Autowired
RangerDataHistService dataHistService;
- @Autowired
- @Qualifier(value = "transactionManager")
- PlatformTransactionManager txManager;
+ @Autowired
+ @Qualifier(value = "transactionManager")
+ PlatformTransactionManager txManager;
- @Autowired
- RangerBizUtil bizUtil;
+ @Autowired
+ RangerBizUtil bizUtil;
- @Autowired
- RangerPolicyWithAssignedIdService assignedIdPolicyService;
+ @Autowired
+ RangerPolicyWithAssignedIdService assignedIdPolicyService;
- @Autowired
- RangerServiceWithAssignedIdService svcServiceWithAssignedId;
+ @Autowired
+ RangerServiceWithAssignedIdService svcServiceWithAssignedId;
- @Autowired
- RangerServiceDefWithAssignedIdService svcDefServiceWithAssignedId;
+ @Autowired
+ RangerServiceDefWithAssignedIdService svcDefServiceWithAssignedId;
- @Autowired
- RangerFactory factory;
-
- @Autowired
- JSONUtil jsonUtil;
+ @Autowired
+ RangerFactory factory;
+
+ @Autowired
+ JSONUtil jsonUtil;
@Autowired
ServiceMgr serviceMgr;
- @Autowired
- AssetMgr assetMgr;
+ @Autowired
+ AssetMgr assetMgr;
@Autowired
RangerTransactionSynchronizationAdapter transactionSynchronizationAdapter;
@Autowired
- RangerSecurityZoneServiceService securityZoneService;
+ RangerSecurityZoneServiceService securityZoneService;
@Autowired
RoleDBStore roleStore;
@@ -338,9 +338,12 @@ public class ServiceDBStore extends AbstractServiceStore {
@Autowired
UserMgr userMgr;
+ @Autowired
+ SecurityZoneDBStore securityZoneStore;
+
private static volatile boolean legacyServiceDefsInitDone = false;
private Boolean populateExistingBaseFields = false;
-
+
public static final String HIDDEN_PASSWORD_STR = "*****";
public static final String CONFIG_KEY_PASSWORD = "password";
public static final String ACCESS_TYPE_DECRYPT_EEK = "decrypteek";
@@ -1770,7 +1773,10 @@ public class ServiceDBStore extends AbstractServiceStore {
if(service == null) {
throw new Exception("no service exists with ID=" + id);
}
- restrictIfZoneService(service);
+
+ // Manage zone
+ disassociateZonesForService(service); //RANGER-3016
+
List<Long> policyIds = daoMgr.getXXPolicy().findPolicyIdsByServiceId(service.getId());
if (CollectionUtils.isNotEmpty(policyIds)) {
long totalDeletedPolicies = 0;
@@ -1848,21 +1854,6 @@ public class ServiceDBStore extends AbstractServiceStore {
}
}
- private void restrictIfZoneService(RangerService service)
- {
- String serviceName = service.getName();
- List<String> zonesNameList = daoMgr.getXXSecurityZoneDao().findZonesByServiceName(serviceName);
- if (CollectionUtils.isNotEmpty(zonesNameList)) {
- LOG.info("Can not delete service : " + serviceName
- + ", as it is already associated with " + zonesNameList.size() + " zones : " + zonesNameList);
- VXResponse vXResponse = new VXResponse();
- vXResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
- vXResponse.setMsgDesc("Can not delete service : " + serviceName
- + ", as it is already associated with " + zonesNameList.size() + " zones : " + zonesNameList);
- throw restErrorUtil.generateRESTException(vXResponse);
- }
- }
-
@Override
public List<RangerPolicy> getPoliciesByResourceSignature(String serviceName, String policySignature, Boolean isPolicyEnabled) throws Exception {
@@ -5490,4 +5481,31 @@ public class ServiceDBStore extends AbstractServiceStore {
return ret;
}
+ /**
+ * Removes given service from security zones.
+ * And if given service is the only service
+ * associated with security zone, remove zone.
+ * @param service
+ * @throws Exception
+ */
+ private void disassociateZonesForService(RangerService service) throws Exception {
+ String serviceName = service.getName();
+ List<String> zonesNameList = daoMgr.getXXSecurityZoneDao().findZonesByServiceName(serviceName);
+ if (CollectionUtils.isNotEmpty(zonesNameList)) {
+ for (String zoneName : zonesNameList) {
+ RangerSecurityZone securityZone = securityZoneStore.getSecurityZoneByName(zoneName);
+ Map<String, RangerSecurityZoneService> zoneServices = securityZone.getServices();
+
+ if (zoneServices != null && !zoneServices.isEmpty()) {
+ zoneServices.remove(serviceName);
+ securityZone.setServices(zoneServices);
+ securityZoneStore.updateSecurityZoneById(securityZone);
+
+ if (zoneServices.isEmpty()) {
+ securityZoneStore.deleteSecurityZoneByName(zoneName);
+ }
+ }
+ }
+ }
+ }
}
[ranger] 02/03: RANGER-3011 : Code improvement for Audit Access Log
Detail popup.
Posted by me...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 370cb670139a059ac53e6f0b1f18d7ca625650d7
Author: Nitin Galave <ni...@apache.org>
AuthorDate: Thu Sep 24 17:54:09 2020 +0530
RANGER-3011 : Code improvement for Audit Access Log Detail popup.
Signed-off-by: Mehul Parikh <me...@apache.org>
---
.../main/webapp/scripts/views/reports/AuditAccessLogDetailView.js | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/security-admin/src/main/webapp/scripts/views/reports/AuditAccessLogDetailView.js b/security-admin/src/main/webapp/scripts/views/reports/AuditAccessLogDetailView.js
index f70103e..8b5181b 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/AuditAccessLogDetailView.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/AuditAccessLogDetailView.js
@@ -37,11 +37,12 @@ define(function(require) {
template: AuditAccessLogDetailTmpl,
templateHelpers: function() {
- var that = this;
+ var that = this, result;
+ result = _.filter(XAEnums.AccessResult, function(e){ return e.value === that.auditaccessDetail.accessResult });
return {
auditaccessDetail : this.auditaccessDetail,
eventTime : Globalize.format(new Date(this.auditaccessDetail.eventTime), "MM/dd/yyyy hh:mm:ss tt"),
- result : this.auditaccessDetail.accessResult == 1 ? 'Allowed' : 'Denied',
+ result : result[0].label,
hiveQuery : ((this.auditaccessDetail.serviceType === XAEnums.ServiceType.Service_HIVE.label || this.auditaccessDetail.serviceType === XAEnums.ServiceType.Service_HBASE.label) &&
this.auditaccessDetail.aclEnforcer === "ranger-acl" && this.auditaccessDetail.requestData) ? true : false,