You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2015/03/17 01:12:38 UTC
[1/2] incubator-ranger git commit: RANGER-308 : Provide Auditing of
policy updates in new Service Model
Repository: incubator-ranger
Updated Branches:
refs/heads/master a200d82d8 -> 15b139011
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
index c0cf23a..9f0b02a 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java
@@ -1,13 +1,27 @@
package org.apache.ranger.service;
+import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import org.apache.ranger.common.AppConstants;
+import org.apache.ranger.common.JSONUtil;
+import org.apache.ranger.common.PropertiesUtil;
+import org.apache.ranger.common.SearchField;
+import org.apache.ranger.common.SearchField.DATA_TYPE;
+import org.apache.ranger.common.SearchField.SEARCH_TYPE;
+import org.apache.ranger.common.SearchUtil;
+import org.apache.ranger.common.SortField;
+import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceConfigMap;
+import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.util.SearchFilter;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
@@ -15,6 +29,44 @@ import org.springframework.stereotype.Service;
@Scope("singleton")
public class RangerServiceService extends RangerServiceServiceBase<XXService, RangerService> {
+ @Autowired
+ JSONUtil jsonUtil;
+
+ private String hiddenPasswordString;
+
+ static HashMap<String, VTrxLogAttr> trxLogAttrs = new HashMap<String, VTrxLogAttr>();
+ String actionCreate;
+ String actionUpdate;
+ String actionDelete;
+ static {
+ trxLogAttrs.put("name", new VTrxLogAttr("name", "Service Name", false));
+ trxLogAttrs.put("description", new VTrxLogAttr("description", "Service Description", false));
+ trxLogAttrs.put("isEnabled", new VTrxLogAttr("isEnabled", "Service Status", false));
+ trxLogAttrs.put("configs", new VTrxLogAttr("configs", "Connection Configurations", false));
+ trxLogAttrs.put("policyVersion", new VTrxLogAttr("policyVersion", "Policy Version", false));
+ trxLogAttrs.put("policyUpdateTime", new VTrxLogAttr("policyUpdateTime", "Policy Update Time", false));
+ }
+
+ public RangerServiceService() {
+ super();
+ hiddenPasswordString = PropertiesUtil.getProperty("xa.password.hidden", "*****");
+ actionCreate = "create";
+ actionUpdate = "update";
+ actionDelete = "delete";
+
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE, "xSvcDef.name", DATA_TYPE.STRING,
+ SEARCH_TYPE.FULL, "XXServiceDef xSvcDef", "obj.type = xSvcDef.id"));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE_ID, "obj.type", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_NAME, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL));
+
+ sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime"));
+ sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime"));
+ sortFields.add(new SortField(SearchFilter.SERVICE_ID, "obj.id"));
+ sortFields.add(new SortField(SearchFilter.SERVICE_NAME, "obj.name"));
+ }
+
@Override
protected void validateForCreate(RangerService vObj) {
// TODO Auto-generated method stub
@@ -45,7 +97,7 @@ public class RangerServiceService extends RangerServiceServiceBase<XXService, Ra
return this.populateViewBean(xService);
}
- public List<RangerService> getServices(SearchFilter filter) {
+ public List<RangerService> getAllServices() {
List<XXService> xxServiceList = daoMgr.getXXService().getAll();
List<RangerService> serviceList = new ArrayList<RangerService>();
@@ -55,5 +107,147 @@ public class RangerServiceService extends RangerServiceServiceBase<XXService, Ra
}
return serviceList;
}
+
+ public List<XXTrxLog> getTransactionLog(RangerService vService, int action){
+ return getTransactionLog(vService, null, action);
+ }
+
+ public List<XXTrxLog> getTransactionLog(RangerService vObj, XXService mObj, int action) {
+ if (vObj == null && (action == 0 || action != OPERATION_UPDATE_CONTEXT)) {
+ return null;
+ }
+ List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
+ Field[] fields = vObj.getClass().getDeclaredFields();
+
+ try {
+ Field nameField = vObj.getClass().getDeclaredField("name");
+ nameField.setAccessible(true);
+ String objectName = "" + nameField.get(vObj);
+
+ for (Field field : fields) {
+ if (!trxLogAttrs.containsKey(field.getName())) {
+ continue;
+ }
+ XXTrxLog xTrxLog = processFieldToCreateTrxLog(field,
+ objectName, nameField, vObj, mObj, action);
+ if (xTrxLog != null) {
+ trxLogList.add(xTrxLog);
+ }
+ }
+ Field[] superClassFields = vObj.getClass().getSuperclass().getDeclaredFields();
+ for(Field field : superClassFields) {
+ if(field.getName().equalsIgnoreCase("isEnabled")) {
+ XXTrxLog xTrx = processFieldToCreateTrxLog(field, objectName, nameField, vObj, mObj, action);
+ if(xTrx != null) {
+ trxLogList.add(xTrx);
+ }
+ break;
+ }
+ }
+ } catch (IllegalAccessException e) {
+ e.printStackTrace();
+ } catch (NoSuchFieldException e) {
+ e.printStackTrace();
+ }
+ return trxLogList;
+ }
+
+ @SuppressWarnings("unchecked")
+ private XXTrxLog processFieldToCreateTrxLog(Field field, String objectName,
+ Field nameField, RangerService vObj, XXService mObj, int action) {
+
+ String actionString = "";
+
+ field.setAccessible(true);
+ String fieldName = field.getName();
+ XXTrxLog xTrxLog = new XXTrxLog();
+
+ try {
+ VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
+
+ xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
+
+ String value = null;
+ boolean isEnum = vTrxLogAttr.isEnum();
+ if (isEnum) {
+
+ } else if (fieldName.equalsIgnoreCase("configs")) {
+ Map<String, String> configs = (field.get(vObj) != null) ? (Map<String, String>) field
+ .get(vObj) : new HashMap<String, String>();
+
+ value = jsonUtil.readMapToString(configs);
+ } else {
+ value = "" + field.get(vObj);
+ }
+
+ if (action == OPERATION_CREATE_CONTEXT) {
+ if (stringUtil.isEmpty(value)) {
+ return null;
+ }
+ xTrxLog.setNewValue(value);
+ actionString = actionCreate;
+ } else if (action == OPERATION_DELETE_CONTEXT) {
+ xTrxLog.setPreviousValue(value);
+ actionString = actionDelete;
+ } else if (action == OPERATION_UPDATE_CONTEXT) {
+ actionString = actionUpdate;
+ String oldValue = null;
+ Field[] mFields = mObj.getClass().getDeclaredFields();
+ for (Field mField : mFields) {
+ mField.setAccessible(true);
+ String mFieldName = mField.getName();
+ if (fieldName.equalsIgnoreCase(mFieldName)) {
+ if (isEnum) {
+
+ } else {
+ oldValue = mField.get(mObj) + "";
+ }
+ break;
+ }
+ }
+ if (fieldName.equalsIgnoreCase("configs")) {
+ Map<String, String> vConfig = jsonUtil.jsonToMap(value);
+ RangerService oldService = this.populateViewBean(mObj);
+ Map<String, String> xConfig = oldService.getConfigs();
+
+ Map<String, String> newConfig = new HashMap<String, String>();
+ Map<String, String> oldConfig = new HashMap<String, String>();
+
+ for (Entry<String, String> entry : vConfig.entrySet()) {
+
+ String key = entry.getKey();
+ if (!xConfig.containsKey(key)) {
+ newConfig.put(key, entry.getValue());
+ } else if (!entry.getValue().equalsIgnoreCase(
+ xConfig.get(key))) {
+ if (key.equalsIgnoreCase("password")
+ && entry.getValue().equalsIgnoreCase(
+ hiddenPasswordString)) {
+ continue;
+ }
+ newConfig.put(key, entry.getValue());
+ oldConfig.put(key, xConfig.get(key));
+ }
+ }
+ oldValue = jsonUtil.readMapToString(oldConfig);
+ value = jsonUtil.readMapToString(newConfig);
+ }
+ if (value.equalsIgnoreCase(oldValue)) {
+ return null;
+ }
+ xTrxLog.setPreviousValue(oldValue);
+ xTrxLog.setNewValue(value);
+ }
+ } catch (IllegalArgumentException | IllegalAccessException e) {
+ e.printStackTrace();
+ }
+
+ xTrxLog.setAction(actionString);
+ xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_SERVICE);
+ xTrxLog.setObjectId(vObj.getId());
+ xTrxLog.setObjectName(objectName);
+
+ return xTrxLog;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java
index 32823aa..6f484ec 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java
@@ -1,11 +1,15 @@
package org.apache.ranger.service;
+import java.util.ArrayList;
+import java.util.List;
+
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.common.GUIDUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.util.SearchFilter;
public abstract class RangerServiceServiceBase<T extends XXService, V extends RangerService> extends RangerBaseModelService<T, V> {
@@ -46,4 +50,16 @@ public abstract class RangerServiceServiceBase<T extends XXService, V extends Ra
return vObj;
}
+ @SuppressWarnings("unchecked")
+ public List<RangerService> searchRangerPolicies(SearchFilter searchFilter) {
+ List<RangerService> serviceList = new ArrayList<RangerService>();
+
+ List<XXService> xSvcList = (List<XXService>) searchResources(searchFilter, searchFields, sortFields, null);
+ for(XXService xSvc : xSvcList) {
+ serviceList.add(populateViewBean((T) xSvc));
+ }
+
+ return serviceList;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
----------------------------------------------------------------------
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index a25a1bc..e304fd4 100644
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -362,5 +362,9 @@
and obj.objectClassType = :classType ORDER BY obj.id</query>
</named-query>
+ <!-- XXTrxLog -->
+ <named-query name="XXTrxLog.findLogForMaxIdOfClassType">
+ <query>select MAX(obj.objectId) from XXTrxLog obj where obj.objectClassType = :classType</query>
+ </named-query>
</entity-mappings>
\ No newline at end of file
[2/2] incubator-ranger git commit: RANGER-308 : Provide Auditing of
policy updates in new Service Model
Posted by ve...@apache.org.
RANGER-308 : Provide Auditing of policy updates in new Service Model
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/15b13901
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/15b13901
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/15b13901
Branch: refs/heads/master
Commit: 15b13901119c7bd4e8dc23260622328a0e2a1aa2
Parents: a200d82
Author: Gautam Borad <gb...@gmail.com>
Authored: Fri Mar 13 17:16:37 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Mon Mar 16 20:11:33 2015 -0400
----------------------------------------------------------------------
.../ranger/plugin/model/RangerPolicy.java | 161 ++++++
.../ranger/plugin/model/RangerServiceDef.java | 548 +++++++++++++++++++
.../apache/ranger/plugin/util/SearchFilter.java | 45 ++
.../org/apache/ranger/biz/ServiceDBStore.java | 140 +++--
.../java/org/apache/ranger/common/JSONUtil.java | 24 +-
.../apache/ranger/common/RangerSearchUtil.java | 252 ++++++++-
.../java/org/apache/ranger/db/XXTrxLogDao.java | 11 +
.../org/apache/ranger/rest/ServiceREST.java | 12 +-
.../ranger/service/RangerBaseModelService.java | 133 ++++-
.../ranger/service/RangerPolicyService.java | 316 +++++++++++
.../ranger/service/RangerPolicyServiceBase.java | 19 +
.../ranger/service/RangerServiceDefService.java | 20 +-
.../service/RangerServiceDefServiceBase.java | 13 +
.../ranger/service/RangerServiceService.java | 196 ++++++-
.../service/RangerServiceServiceBase.java | 16 +
.../resources/META-INF/jpa_named_queries.xml | 4 +
16 files changed, 1817 insertions(+), 93 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
index cdcda0e..3092c79 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
@@ -370,6 +370,47 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((isExcludes == null) ? 0 : isExcludes.hashCode());
+ result = prime * result
+ + ((isRecursive == null) ? 0 : isRecursive.hashCode());
+ result = prime * result
+ + ((values == null) ? 0 : values.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerPolicyResource other = (RangerPolicyResource) obj;
+ if (isExcludes == null) {
+ if (other.isExcludes != null)
+ return false;
+ } else if (!isExcludes.equals(other.isExcludes))
+ return false;
+ if (isRecursive == null) {
+ if (other.isRecursive != null)
+ return false;
+ } else if (!isRecursive.equals(other.isRecursive))
+ return false;
+ if (values == null) {
+ if (other.values != null)
+ return false;
+ } else if (!values.equals(other.values))
+ return false;
+ return true;
+ }
+
}
public static class RangerPolicyItem implements java.io.Serializable {
@@ -561,6 +602,60 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((accesses == null) ? 0 : accesses.hashCode());
+ result = prime * result
+ + ((conditions == null) ? 0 : conditions.hashCode());
+ result = prime * result
+ + ((delegateAdmin == null) ? 0 : delegateAdmin.hashCode());
+ result = prime * result
+ + ((groups == null) ? 0 : groups.hashCode());
+ result = prime * result + ((users == null) ? 0 : users.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerPolicyItem other = (RangerPolicyItem) obj;
+ if (accesses == null) {
+ if (other.accesses != null)
+ return false;
+ } else if (!accesses.equals(other.accesses))
+ return false;
+ if (conditions == null) {
+ if (other.conditions != null)
+ return false;
+ } else if (!conditions.equals(other.conditions))
+ return false;
+ if (delegateAdmin == null) {
+ if (other.delegateAdmin != null)
+ return false;
+ } else if (!delegateAdmin.equals(other.delegateAdmin))
+ return false;
+ if (groups == null) {
+ if (other.groups != null)
+ return false;
+ } else if (!groups.equals(other.groups))
+ return false;
+ if (users == null) {
+ if (other.users != null)
+ return false;
+ } else if (!users.equals(other.users))
+ return false;
+ return true;
+ }
+
}
public static class RangerPolicyItemAccess implements java.io.Serializable {
@@ -627,6 +722,39 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((isAllowed == null) ? 0 : isAllowed.hashCode());
+ result = prime * result + ((type == null) ? 0 : type.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerPolicyItemAccess other = (RangerPolicyItemAccess) obj;
+ if (isAllowed == null) {
+ if (other.isAllowed != null)
+ return false;
+ } else if (!isAllowed.equals(other.isAllowed))
+ return false;
+ if (type == null) {
+ if (other.type != null)
+ return false;
+ } else if (!type.equals(other.type))
+ return false;
+ return true;
+ }
+
}
public static class RangerPolicyItemCondition implements java.io.Serializable {
@@ -700,5 +828,38 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((type == null) ? 0 : type.hashCode());
+ result = prime * result
+ + ((values == null) ? 0 : values.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerPolicyItemCondition other = (RangerPolicyItemCondition) obj;
+ if (type == null) {
+ if (other.type != null)
+ return false;
+ } else if (!type.equals(other.type))
+ return false;
+ if (values == null) {
+ if (other.values != null)
+ return false;
+ } else if (!values.equals(other.values))
+ return false;
+ return true;
+ }
+
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
index 91e3b48..e7d1a1c 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -542,6 +542,46 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((defaultIndex == null) ? 0 : defaultIndex.hashCode());
+ result = prime * result
+ + ((elements == null) ? 0 : elements.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerEnumDef other = (RangerEnumDef) obj;
+ if (defaultIndex == null) {
+ if (other.defaultIndex != null)
+ return false;
+ } else if (!defaultIndex.equals(other.defaultIndex))
+ return false;
+ if (elements == null) {
+ if (other.elements != null)
+ return false;
+ } else if (!elements.equals(other.elements))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ return true;
+ }
+
}
@@ -623,6 +663,45 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((label == null) ? 0 : label.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result
+ + ((rbKeyLabel == null) ? 0 : rbKeyLabel.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerEnumElementDef other = (RangerEnumElementDef) obj;
+ if (label == null) {
+ if (other.label != null)
+ return false;
+ } else if (!label.equals(other.label))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null)
+ return false;
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel))
+ return false;
+ return true;
+ }
+
}
@@ -874,6 +953,123 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((defaultValue == null) ? 0 : defaultValue.hashCode());
+ result = prime * result
+ + ((description == null) ? 0 : description.hashCode());
+ result = prime * result + ((label == null) ? 0 : label.hashCode());
+ result = prime * result
+ + ((mandatory == null) ? 0 : mandatory.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime
+ * result
+ + ((rbKeyDescription == null) ? 0 : rbKeyDescription
+ .hashCode());
+ result = prime * result
+ + ((rbKeyLabel == null) ? 0 : rbKeyLabel.hashCode());
+ result = prime
+ * result
+ + ((rbKeyValidationMessage == null) ? 0
+ : rbKeyValidationMessage.hashCode());
+ result = prime * result
+ + ((subType == null) ? 0 : subType.hashCode());
+ result = prime * result + ((type == null) ? 0 : type.hashCode());
+ result = prime * result
+ + ((uiHint == null) ? 0 : uiHint.hashCode());
+ result = prime
+ * result
+ + ((validationMessage == null) ? 0 : validationMessage
+ .hashCode());
+ result = prime
+ * result
+ + ((validationRegEx == null) ? 0 : validationRegEx
+ .hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerServiceConfigDef other = (RangerServiceConfigDef) obj;
+ if (defaultValue == null) {
+ if (other.defaultValue != null)
+ return false;
+ } else if (!defaultValue.equals(other.defaultValue))
+ return false;
+ if (description == null) {
+ if (other.description != null)
+ return false;
+ } else if (!description.equals(other.description))
+ return false;
+ if (label == null) {
+ if (other.label != null)
+ return false;
+ } else if (!label.equals(other.label))
+ return false;
+ if (mandatory == null) {
+ if (other.mandatory != null)
+ return false;
+ } else if (!mandatory.equals(other.mandatory))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (rbKeyDescription == null) {
+ if (other.rbKeyDescription != null)
+ return false;
+ } else if (!rbKeyDescription.equals(other.rbKeyDescription))
+ return false;
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null)
+ return false;
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel))
+ return false;
+ if (rbKeyValidationMessage == null) {
+ if (other.rbKeyValidationMessage != null)
+ return false;
+ } else if (!rbKeyValidationMessage
+ .equals(other.rbKeyValidationMessage))
+ return false;
+ if (subType == null) {
+ if (other.subType != null)
+ return false;
+ } else if (!subType.equals(other.subType))
+ return false;
+ if (type == null) {
+ if (other.type != null)
+ return false;
+ } else if (!type.equals(other.type))
+ return false;
+ if (uiHint == null) {
+ if (other.uiHint != null)
+ return false;
+ } else if (!uiHint.equals(other.uiHint))
+ return false;
+ if (validationMessage == null) {
+ if (other.validationMessage != null)
+ return false;
+ } else if (!validationMessage.equals(other.validationMessage))
+ return false;
+ if (validationRegEx == null) {
+ if (other.validationRegEx != null)
+ return false;
+ } else if (!validationRegEx.equals(other.validationRegEx))
+ return false;
+ return true;
+ }
+
}
@@ -1210,6 +1406,164 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((description == null) ? 0 : description.hashCode());
+ result = prime
+ * result
+ + ((excludesSupported == null) ? 0 : excludesSupported
+ .hashCode());
+ result = prime * result + ((label == null) ? 0 : label.hashCode());
+ result = prime * result + ((level == null) ? 0 : level.hashCode());
+ result = prime
+ * result
+ + ((lookupSupported == null) ? 0 : lookupSupported
+ .hashCode());
+ result = prime * result
+ + ((mandatory == null) ? 0 : mandatory.hashCode());
+ result = prime * result
+ + ((matcher == null) ? 0 : matcher.hashCode());
+ result = prime
+ * result
+ + ((matcherOptions == null) ? 0 : matcherOptions.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result
+ + ((parent == null) ? 0 : parent.hashCode());
+ result = prime
+ * result
+ + ((rbKeyDescription == null) ? 0 : rbKeyDescription
+ .hashCode());
+ result = prime * result
+ + ((rbKeyLabel == null) ? 0 : rbKeyLabel.hashCode());
+ result = prime
+ * result
+ + ((rbKeyValidationMessage == null) ? 0
+ : rbKeyValidationMessage.hashCode());
+ result = prime
+ * result
+ + ((recursiveSupported == null) ? 0 : recursiveSupported
+ .hashCode());
+ result = prime * result + ((type == null) ? 0 : type.hashCode());
+ result = prime * result
+ + ((uiHint == null) ? 0 : uiHint.hashCode());
+ result = prime
+ * result
+ + ((validationMessage == null) ? 0 : validationMessage
+ .hashCode());
+ result = prime
+ * result
+ + ((validationRegEx == null) ? 0 : validationRegEx
+ .hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerResourceDef other = (RangerResourceDef) obj;
+ if (description == null) {
+ if (other.description != null)
+ return false;
+ } else if (!description.equals(other.description))
+ return false;
+ if (excludesSupported == null) {
+ if (other.excludesSupported != null)
+ return false;
+ } else if (!excludesSupported.equals(other.excludesSupported))
+ return false;
+ if (label == null) {
+ if (other.label != null)
+ return false;
+ } else if (!label.equals(other.label))
+ return false;
+ if (level == null) {
+ if (other.level != null)
+ return false;
+ } else if (!level.equals(other.level))
+ return false;
+ if (lookupSupported == null) {
+ if (other.lookupSupported != null)
+ return false;
+ } else if (!lookupSupported.equals(other.lookupSupported))
+ return false;
+ if (mandatory == null) {
+ if (other.mandatory != null)
+ return false;
+ } else if (!mandatory.equals(other.mandatory))
+ return false;
+ if (matcher == null) {
+ if (other.matcher != null)
+ return false;
+ } else if (!matcher.equals(other.matcher))
+ return false;
+ if (matcherOptions == null) {
+ if (other.matcherOptions != null)
+ return false;
+ } else if (!matcherOptions.equals(other.matcherOptions))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (parent == null) {
+ if (other.parent != null)
+ return false;
+ } else if (!parent.equals(other.parent))
+ return false;
+ if (rbKeyDescription == null) {
+ if (other.rbKeyDescription != null)
+ return false;
+ } else if (!rbKeyDescription.equals(other.rbKeyDescription))
+ return false;
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null)
+ return false;
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel))
+ return false;
+ if (rbKeyValidationMessage == null) {
+ if (other.rbKeyValidationMessage != null)
+ return false;
+ } else if (!rbKeyValidationMessage
+ .equals(other.rbKeyValidationMessage))
+ return false;
+ if (recursiveSupported == null) {
+ if (other.recursiveSupported != null)
+ return false;
+ } else if (!recursiveSupported.equals(other.recursiveSupported))
+ return false;
+ if (type == null) {
+ if (other.type != null)
+ return false;
+ } else if (!type.equals(other.type))
+ return false;
+ if (uiHint == null) {
+ if (other.uiHint != null)
+ return false;
+ } else if (!uiHint.equals(other.uiHint))
+ return false;
+ if (validationMessage == null) {
+ if (other.validationMessage != null)
+ return false;
+ } else if (!validationMessage.equals(other.validationMessage))
+ return false;
+ if (validationRegEx == null) {
+ if (other.validationRegEx != null)
+ return false;
+ } else if (!validationRegEx.equals(other.validationRegEx))
+ return false;
+ return true;
+ }
+
}
@@ -1332,6 +1686,52 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((impliedGrants == null) ? 0 : impliedGrants.hashCode());
+ result = prime * result + ((label == null) ? 0 : label.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result
+ + ((rbKeyLabel == null) ? 0 : rbKeyLabel.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerAccessTypeDef other = (RangerAccessTypeDef) obj;
+ if (impliedGrants == null) {
+ if (other.impliedGrants != null)
+ return false;
+ } else if (!impliedGrants.equals(other.impliedGrants))
+ return false;
+ if (label == null) {
+ if (other.label != null)
+ return false;
+ } else if (!label.equals(other.label))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null)
+ return false;
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel))
+ return false;
+ return true;
+ }
+
}
@@ -1553,6 +1953,112 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((description == null) ? 0 : description.hashCode());
+ result = prime * result
+ + ((evaluator == null) ? 0 : evaluator.hashCode());
+ result = prime
+ * result
+ + ((evaluatorOptions == null) ? 0 : evaluatorOptions
+ .hashCode());
+ result = prime * result + ((label == null) ? 0 : label.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime
+ * result
+ + ((rbKeyDescription == null) ? 0 : rbKeyDescription
+ .hashCode());
+ result = prime * result
+ + ((rbKeyLabel == null) ? 0 : rbKeyLabel.hashCode());
+ result = prime
+ * result
+ + ((rbKeyValidationMessage == null) ? 0
+ : rbKeyValidationMessage.hashCode());
+ result = prime * result
+ + ((uiHint == null) ? 0 : uiHint.hashCode());
+ result = prime
+ * result
+ + ((validationMessage == null) ? 0 : validationMessage
+ .hashCode());
+ result = prime
+ * result
+ + ((validationRegEx == null) ? 0 : validationRegEx
+ .hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerPolicyConditionDef other = (RangerPolicyConditionDef) obj;
+ if (description == null) {
+ if (other.description != null)
+ return false;
+ } else if (!description.equals(other.description))
+ return false;
+ if (evaluator == null) {
+ if (other.evaluator != null)
+ return false;
+ } else if (!evaluator.equals(other.evaluator))
+ return false;
+ if (evaluatorOptions == null) {
+ if (other.evaluatorOptions != null)
+ return false;
+ } else if (!evaluatorOptions.equals(other.evaluatorOptions))
+ return false;
+ if (label == null) {
+ if (other.label != null)
+ return false;
+ } else if (!label.equals(other.label))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (rbKeyDescription == null) {
+ if (other.rbKeyDescription != null)
+ return false;
+ } else if (!rbKeyDescription.equals(other.rbKeyDescription))
+ return false;
+ if (rbKeyLabel == null) {
+ if (other.rbKeyLabel != null)
+ return false;
+ } else if (!rbKeyLabel.equals(other.rbKeyLabel))
+ return false;
+ if (rbKeyValidationMessage == null) {
+ if (other.rbKeyValidationMessage != null)
+ return false;
+ } else if (!rbKeyValidationMessage
+ .equals(other.rbKeyValidationMessage))
+ return false;
+ if (uiHint == null) {
+ if (other.uiHint != null)
+ return false;
+ } else if (!uiHint.equals(other.uiHint))
+ return false;
+ if (validationMessage == null) {
+ if (other.validationMessage != null)
+ return false;
+ } else if (!validationMessage.equals(other.validationMessage))
+ return false;
+ if (validationRegEx == null) {
+ if (other.validationRegEx != null)
+ return false;
+ } else if (!validationRegEx.equals(other.validationRegEx))
+ return false;
+ return true;
+ }
+
}
public static class RangerContextEnricherDef implements java.io.Serializable {
@@ -1633,5 +2139,47 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
return sb;
}
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((enricher == null) ? 0 : enricher.hashCode());
+ result = prime
+ * result
+ + ((enricherOptions == null) ? 0 : enricherOptions
+ .hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ RangerContextEnricherDef other = (RangerContextEnricherDef) obj;
+ if (enricher == null) {
+ if (other.enricher != null)
+ return false;
+ } else if (!enricher.equals(other.enricher))
+ return false;
+ if (enricherOptions == null) {
+ if (other.enricherOptions != null)
+ return false;
+ } else if (!enricherOptions.equals(other.enricherOptions))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ return true;
+ }
+
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
index d67df8d..c669f23 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
@@ -46,6 +46,11 @@ public class SearchFilter {
public static final String SORT_BY = "sortBy";
private Map<String, String> params = null;
+ int startIndex = 0;
+ int maxRows = Integer.MAX_VALUE;
+ boolean getCount = true;
+ String sortBy = null;
+ String sortType = null;
public SearchFilter() {
this(null);
@@ -115,6 +120,46 @@ public class SearchFilter {
return MapUtils.isEmpty(params);
}
+ public int getStartIndex() {
+ return startIndex;
+ }
+
+ public void setStartIndex(int startIndex) {
+ this.startIndex = startIndex;
+ }
+
+ public int getMaxRows() {
+ return maxRows;
+ }
+
+ public void setMaxRows(int maxRows) {
+ this.maxRows = maxRows;
+ }
+
+ public boolean isGetCount() {
+ return getCount;
+ }
+
+ public void setGetCount(boolean getCount) {
+ this.getCount = getCount;
+ }
+
+ public String getSortBy() {
+ return sortBy;
+ }
+
+ public void setSortBy(String sortBy) {
+ this.sortBy = sortBy;
+ }
+
+ public String getSortType() {
+ return sortType;
+ }
+
+ public void setSortType(String sortType) {
+ this.sortType = sortType;
+ }
+
@Override
public boolean equals(Object object) {
if (object == null || !(object instanceof SearchFilter)) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 9c59933..2a30fd8 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -21,8 +21,6 @@ package org.apache.ranger.biz;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
-import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
@@ -31,7 +29,6 @@ import java.util.Map.Entry;
import javax.annotation.PostConstruct;
-import org.apache.commons.lang.ObjectUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -80,8 +77,8 @@ import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceConfigDef;
import org.apache.ranger.entity.XXServiceConfigMap;
import org.apache.ranger.entity.XXServiceDef;
+import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.entity.XXUser;
-import org.apache.ranger.plugin.model.RangerBaseModelObject;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
@@ -153,8 +150,12 @@ public class ServiceDBStore implements ServiceStore {
@Autowired
@Qualifier(value = "transactionManager")
PlatformTransactionManager txManager;
+
+ @Autowired
+ RangerBizUtil bizUtil;
private static volatile boolean legacyServiceDefsInitDone = false;
+ private Boolean populateExistingBaseFields = false;
@Override
public void init() throws Exception {
@@ -382,7 +383,7 @@ public class ServiceDBStore implements ServiceStore {
List<RangerServiceDef> ret = null;
- ret = serviceDefService.getServiceDefs(filter);
+ ret = serviceDefService.searchRangerServiceDefs(filter);
if(LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.getServiceDefs(" + filter + "): " + ret);
@@ -396,7 +397,8 @@ public class ServiceDBStore implements ServiceStore {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDefDBStore.createService(" + service + ")");
}
-
+
+ boolean createDefaultPolicy = true;
UserSessionBase usb = ContextUtil.getCurrentUserSession();
if (usb != null && usb.isUserAdmin()) {
Map<String, String> configs = service.getConfigs();
@@ -411,7 +413,14 @@ public class ServiceDBStore implements ServiceStore {
MessageEnums.ERROR_CREATING_OBJECT);
}
- service = svcService.create(service);
+ if(populateExistingBaseFields) {
+ svcService.setPopulateExistingBaseFields(true);
+ service = svcService.create(service);
+ svcService.setPopulateExistingBaseFields(false);
+ createDefaultPolicy = false;
+ } else {
+ service = svcService.create(service);
+ }
XXService xCreatedService = daoMgr.getXXService().getById(service.getId());
VXUser vXUser = null;
@@ -419,7 +428,7 @@ public class ServiceDBStore implements ServiceStore {
for (Entry<String, String> configMap : validConfigs.entrySet()) {
String configKey = configMap.getKey();
String configValue = configMap.getValue();
-
+
if(StringUtils.equalsIgnoreCase(configKey, "username")) {
String userName = stringUtil.getValidUserName(configValue);
XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
@@ -443,8 +452,13 @@ public class ServiceDBStore implements ServiceStore {
RangerService createdService = svcService.getPopulatedViewObject(xCreatedService);
dataHistService.createObjectDataHistory(createdService, RangerDataHistService.ACTION_CREATE);
- createDefaultPolicy(xCreatedService, vXUser);
-
+ List<XXTrxLog> trxLogList = svcService.getTransactionLog(createdService, RangerServiceService.OPERATION_CREATE_CONTEXT);
+ bizUtil.createTrxLog(trxLogList);
+
+ if (createDefaultPolicy) {
+ createDefaultPolicy(xCreatedService, vXUser);
+ }
+
return createdService;
} else {
LOG.debug("User id : " + usb.getUserId() + " doesn't have admin access to create repository.");
@@ -483,16 +497,16 @@ public class ServiceDBStore implements ServiceStore {
}
Map<String, String> configs = service.getConfigs();
- Map<String, String> validConfigs = validateRequiredConfigParams(
- service, configs);
+ Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
if (validConfigs == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ConfigParams cannot be null, ServiceDefDBStore.createService(" + service + ")");
}
- throw restErrorUtil.createRESTException(
- "ConfigParams cannot be null.",
- MessageEnums.ERROR_CREATING_OBJECT);
+ throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
}
+
+ List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
+
service = svcService.update(service);
XXService xUpdService = daoMgr.getXXService().getById(service.getId());
@@ -530,6 +544,7 @@ public class ServiceDBStore implements ServiceStore {
RangerService updService = svcService.getPopulatedViewObject(xUpdService);
dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE);
+ bizUtil.createTrxLog(trxLogList);
return updService;
}
@@ -560,6 +575,9 @@ public class ServiceDBStore implements ServiceStore {
svcService.delete(service);
dataHistService.createObjectDataHistory(service, RangerDataHistService.ACTION_DELETE);
+
+ List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, RangerServiceService.OPERATION_DELETE_CONTEXT);
+ bizUtil.createTrxLog(trxLogList);
}
@Override
@@ -584,9 +602,9 @@ public class ServiceDBStore implements ServiceStore {
if(LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.getServices()");
}
- List<RangerService> serviceList = svcService.getServices(filter);
+ List<RangerService> ret = svcService.searchRangerPolicies(filter);
- return serviceList;
+ return ret;
}
@Override
@@ -609,19 +627,29 @@ public class ServiceDBStore implements ServiceStore {
if(existing != null) {
throw new Exception("policy already exists: ServiceName=" + policy.getService() + "; PolicyName=" + policy.getName() + ". ID=" + existing.getId());
}
-
+
Map<String, RangerPolicyResource> resources = policy.getResources();
List<RangerPolicyItem> policyItems = policy.getPolicyItems();
- policy = policyService.create(policy);
+ if(populateExistingBaseFields) {
+ policyService.setPopulateExistingBaseFields(true);
+ policy = policyService.create(policy);
+ policyService.setPopulateExistingBaseFields(false);
+ } else {
+ policy = policyService.create(policy);
+ }
+
XXPolicy xCreatedPolicy = daoMgr.getXXPolicy().getById(policy.getId());
createNewResourcesForPolicy(policy, xCreatedPolicy, resources);
createNewPolicyItemsForPolicy(policy, xCreatedPolicy, policyItems, xServiceDef);
-
+
handlePolicyUpdate(service);
RangerPolicy createdPolicy = policyService.getPopulatedViewObject(xCreatedPolicy);
dataHistService.createObjectDataHistory(createdPolicy, RangerDataHistService.ACTION_CREATE);
+
+ List<XXTrxLog> trxLogList = policyService.getTransactionLog(createdPolicy, RangerPolicyService.OPERATION_CREATE_CONTEXT);
+ bizUtil.createTrxLog(trxLogList);
return createdPolicy;
}
@@ -632,7 +660,8 @@ public class ServiceDBStore implements ServiceStore {
LOG.debug("==> ServiceDBStore.updatePolicy(" + policy + ")");
}
- RangerPolicy existing = getPolicy(policy.getId());
+ XXPolicy xxExisting = daoMgr.getXXPolicy().getById(policy.getId());
+ RangerPolicy existing = policyService.getPopulatedViewObject(xxExisting);
if(existing == null) {
throw new Exception("no policy exists with ID=" + policy.getId());
@@ -665,6 +694,8 @@ public class ServiceDBStore implements ServiceStore {
Map<String, RangerPolicyResource> newResources = policy.getResources();
List<RangerPolicyItem> newPolicyItems = policy.getPolicyItems();
+ List<XXTrxLog> trxLogList = policyService.getTransactionLog(policy, xxExisting, RangerPolicyService.OPERATION_UPDATE_CONTEXT);
+
policy = policyService.update(policy);
XXPolicy newUpdPolicy = daoMgr.getXXPolicy().getById(policy.getId());
@@ -678,6 +709,8 @@ public class ServiceDBStore implements ServiceStore {
RangerPolicy updPolicy = policyService.getPopulatedViewObject(newUpdPolicy);
dataHistService.createObjectDataHistory(updPolicy, RangerDataHistService.ACTION_UPDATE);
+ bizUtil.createTrxLog(trxLogList);
+
return updPolicy;
}
@@ -700,6 +733,8 @@ public class ServiceDBStore implements ServiceStore {
throw new Exception("service does not exist - name='" + policy.getService());
}
+ List<XXTrxLog> trxLogList = policyService.getTransactionLog(policy, RangerPolicyService.OPERATION_DELETE_CONTEXT);
+
deleteExistingPolicyItems(policy);
deleteExistingPolicyResources(policy);
@@ -708,6 +743,8 @@ public class ServiceDBStore implements ServiceStore {
dataHistService.createObjectDataHistory(policy, RangerDataHistService.ACTION_DELETE);
+ bizUtil.createTrxLog(trxLogList);
+
LOG.info("Policy Deleted Successfully. PolicyName : " +policyName);
}
@@ -722,12 +759,7 @@ public class ServiceDBStore implements ServiceStore {
LOG.debug("==> ServiceDBStore.getPolicies()");
}
- List<RangerPolicy> ret = new ArrayList<RangerPolicy>();
- List<XXPolicy> policyList = daoMgr.getXXPolicy().getAll();
- for (XXPolicy xPolicy : policyList) {
- RangerPolicy policy = policyService.getPopulatedViewObject(xPolicy);
- ret.add(policy);
- }
+ List<RangerPolicy> ret = policyService.searchRangerPolicies(filter);
return ret;
}
@@ -737,15 +769,16 @@ public class ServiceDBStore implements ServiceStore {
if(LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.getServicePolicies(" + serviceId + ")");
}
+
+ RangerService service = getService(serviceId);
- List<XXPolicy> servicePolicyList = daoMgr.getXXPolicy().findByServiceId(serviceId);
- List<RangerPolicy> servicePolicies = new ArrayList<RangerPolicy>();
- for(XXPolicy xPolicy : servicePolicyList) {
- RangerPolicy servicePolicy = policyService.getPopulatedViewObject(xPolicy);
- servicePolicies.add(servicePolicy);
+ if(service == null) {
+ throw new Exception("service does not exist - id='" + serviceId);
}
+
+ List<RangerPolicy> ret = getServicePolicies(service.getName(), filter);
- return servicePolicies;
+ return ret;
}
@Override
@@ -757,21 +790,21 @@ public class ServiceDBStore implements ServiceStore {
List<RangerPolicy> ret = new ArrayList<RangerPolicy>();
try {
- XXService service = daoMgr.getXXService().findByName(serviceName);
-
- if(service == null) {
- return ret;
+ if(filter == null) {
+ filter = new SearchFilter();
}
- List<XXPolicy> policyList = daoMgr.getXXPolicy().findByServiceId(service.getId());
- for (XXPolicy xPolicy : policyList) {
- RangerPolicy policy = policyService.getPopulatedViewObject(xPolicy);
- ret.add(policy);
- }
+ filter.setParam(SearchFilter.SERVICE_NAME, serviceName);
+
+ ret = getPolicies(filter);
} catch(Exception excp) {
LOG.error("ServiceDBStore.getServicePolicies(" + serviceName + "): failed to read policies", excp);
}
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDBStore.getServicePolicies(" + serviceName + "): count=" + ((ret == null) ? 0 : ret.size()));
+ }
+
return ret;
}
@@ -813,11 +846,6 @@ public class ServiceDBStore implements ServiceStore {
if(LOG.isDebugEnabled()) {
LOG.debug("<== ServiceDBStore.getServicePoliciesIfUpdated(" + serviceName + ", " + lastKnownVersion + "): count=" + ((ret == null || ret.getPolicies() == null) ? 0 : ret.getPolicies().size()));
}
-
- if(ret != null && ret.getPolicies() != null) {
- Collections.sort(ret.getPolicies(), idComparator);
- }
-
return ret;
}
@@ -874,7 +902,6 @@ public class ServiceDBStore implements ServiceStore {
policy.setPolicyItems(policyItems);
}
policy = createPolicy(policy);
- handlePolicyUpdate(svcService.getPopulatedViewObject(createdService));
}
@@ -1116,13 +1143,12 @@ public class ServiceDBStore implements ServiceStore {
return true;
}
- private final static Comparator<RangerBaseModelObject> idComparator = new Comparator<RangerBaseModelObject>() {
- @Override
- public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) {
- Long val1 = (o1 != null) ? o1.getId() : null;
- Long val2 = (o2 != null) ? o2.getId() : null;
+ public Boolean getPopulateExistingBaseFields() {
+ return populateExistingBaseFields;
+ }
- return ObjectUtils.compare(val1, val2);
- }
- };
-}
+ public void setPopulateExistingBaseFields(Boolean populateExistingBaseFields) {
+ this.populateExistingBaseFields = populateExistingBaseFields;
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java b/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java
index cb5f26e..38a1659 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java
@@ -25,6 +25,7 @@ package org.apache.ranger.common;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
@@ -107,6 +108,27 @@ public class JSONUtil {
}
return jsonString;
}
+
+ public String readListToString(List<?> list) {
+ ObjectMapper mapper = new ObjectMapper();
+ String jsonString = null;
+ try {
+ jsonString = mapper.writeValueAsString(list);
+ } catch (JsonParseException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (JsonMappingException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (IOException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ }
+ return jsonString;
+ }
public String writeObjectAsString(ViewBaseBean vObj) {
ObjectMapper mapper = new ObjectMapper();
@@ -129,5 +151,5 @@ public class JSONUtil {
MessageEnums.INVALID_INPUT_DATA);
}
}
-
+
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index cfdffc0..e5ad26c 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -19,44 +19,40 @@
package org.apache.ranger.common;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import javax.persistence.EntityManager;
+import javax.persistence.Query;
+
import org.apache.log4j.Logger;
+import org.apache.ranger.plugin.util.SearchFilter;
import org.springframework.stereotype.Component;
@Component
public class RangerSearchUtil extends SearchUtil {
final static Logger logger = Logger.getLogger(RangerSearchUtil.class);
- /*
- @Override
- public Query createSearchQuery(EntityManager em, String queryStr, String sortClause,
- SearchCriteria searchCriteria, List<SearchField> searchFields,
- int objectClassType, boolean hasAttributes, boolean isCountQuery){
- // [1] Build where clause
- StringBuilder queryClause = buildWhereClause(searchCriteria,
- searchFields);
+ public Query createSearchQuery(EntityManager em, String queryStr, String sortClause,
+ SearchFilter searchCriteria, List<SearchField> searchFields,
+ boolean isCountQuery) {
+ return createSearchQuery(em, queryStr, sortClause, searchCriteria, searchFields, -1, false, isCountQuery);
+ }
+
+ public Query createSearchQuery(EntityManager em, String queryStr, String sortClause,
+ SearchFilter searchCriteria, List<SearchField> searchFields,
+ int objectClassType, boolean hasAttributes, boolean isCountQuery) {
- // [2] Add domain-object-security clause if needed
- // if (objectClassType != -1
- // && !ContextUtil.getCurrentUserSession().isUserAdmin()) {
- // addDomainObjectSecuirtyClause(queryClause, hasAttributes);
- // }
+ StringBuilder queryClause = buildWhereClause(searchCriteria, searchFields);
- // [2] Add order by clause
- addOrderByClause(queryClause, sortClause);
+ super.addOrderByClause(queryClause, sortClause);
- // [3] Create Query Object
- Query query = em.createQuery(
- queryStr + queryClause);
+ Query query = em.createQuery(queryStr + queryClause);
- // [4] Resolve query parameters with values
resolveQueryParams(query, searchCriteria, searchFields);
- // [5] Resolve domain-object-security parameters
- // if (objectClassType != -1 &&
- // !securityHandler.hasModeratorPermission()) {
- // resolveDomainObjectSecuirtyParams(query, objectClassType);
- // }
-
if (!isCountQuery) {
query.setFirstResult(searchCriteria.getStartIndex());
updateQueryPageSize(query, searchCriteria);
@@ -64,5 +60,209 @@ public class RangerSearchUtil extends SearchUtil {
return query;
}
- */
+
+ private StringBuilder buildWhereClause(SearchFilter searchCriteria, List<SearchField> searchFields) {
+ return buildWhereClause(searchCriteria, searchFields, false, false);
+ }
+
+ private StringBuilder buildWhereClause(SearchFilter searchCriteria,
+ List<SearchField> searchFields, boolean isNativeQuery,
+ boolean excludeWhereKeyword) {
+
+ Map<String, String> paramList = searchCriteria.getParams();
+
+ StringBuilder whereClause = new StringBuilder(excludeWhereKeyword ? "" : "WHERE 1 = 1 ");
+
+ List<String> joinTableList = new ArrayList<String>();
+
+ for (SearchField searchField : searchFields) {
+ int startWhereLen = whereClause.length();
+
+ if (searchField.getFieldName() == null && searchField.getCustomCondition() == null) {
+ continue;
+ }
+
+ if (searchField.getDataType() == SearchField.DATA_TYPE.INTEGER) {
+ Integer paramVal = restErrorUtil.parseInt(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(),
+ MessageEnums.INVALID_INPUT_DATA, null, searchField.getClientFieldName());
+
+ Number intFieldValue = paramVal != null ? (Number) paramVal : null;
+ if (intFieldValue != null) {
+ if (searchField.getCustomCondition() == null) {
+ whereClause.append(" and ")
+ .append(searchField.getFieldName())
+ .append("=:")
+ .append(searchField.getClientFieldName());
+ } else {
+ whereClause.append(" and ").append(searchField.getCustomCondition());
+ }
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.STRING) {
+ String strFieldValue = paramList.get(searchField.getClientFieldName());
+ if (strFieldValue != null) {
+ if (searchField.getCustomCondition() == null) {
+ whereClause.append(" and ").append("LOWER(").append(searchField.getFieldName()).append(")");
+ if (searchField.getSearchType() == SearchField.SEARCH_TYPE.FULL) {
+ whereClause.append("= :").append(searchField.getClientFieldName());
+ } else {
+ whereClause.append("like :").append(searchField.getClientFieldName());
+ }
+ } else {
+ whereClause.append(" and ").append(searchField.getCustomCondition());
+ }
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.BOOLEAN) {
+ Boolean boolFieldValue = restErrorUtil.parseBoolean(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(),
+ MessageEnums.INVALID_INPUT_DATA, null, searchField.getClientFieldName());
+
+ if (boolFieldValue != null) {
+ if (searchField.getCustomCondition() == null) {
+ whereClause.append(" and ")
+ .append(searchField.getFieldName())
+ .append("=:")
+ .append(searchField.getClientFieldName());
+ } else {
+ whereClause.append(" and ").append(searchField.getCustomCondition());
+ }
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.DATE) {
+ Date fieldValue = restErrorUtil.parseDate(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(), MessageEnums.INVALID_INPUT_DATA,
+ null, searchField.getClientFieldName(), null);
+ if (fieldValue != null) {
+ if (searchField.getCustomCondition() == null) {
+ whereClause.append(" and ").append(searchField.getFieldName());
+ if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_THAN)) {
+ whereClause.append("< :");
+ } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_EQUAL_THAN)) {
+ whereClause.append("<= :");
+ } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_THAN)) {
+ whereClause.append("> :");
+ } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN)) {
+ whereClause.append(">= :");
+ }
+ whereClause.append(searchField.getClientFieldName());
+ } else {
+ whereClause.append(" and ").append(searchField.getCustomCondition());
+ }
+ }
+ }
+
+ if (whereClause.length() > startWhereLen && searchField.getJoinTables() != null) {
+ for (String table : searchField.getJoinTables()) {
+ if (!joinTableList.contains(table)) {
+ joinTableList.add(table);
+ }
+ }
+ whereClause.append(" and (").append(searchField.getJoinCriteria()).append(")");
+ }
+ }
+ for (String joinTable : joinTableList) {
+ whereClause.insert(0, ", " + joinTable + " ");
+ }
+
+ return whereClause;
+ }
+
+ protected void resolveQueryParams(Query query, SearchFilter searchCriteria, List<SearchField> searchFields) {
+
+ Map<String, String> paramList = searchCriteria.getParams();
+
+ for (SearchField searchField : searchFields) {
+
+ if (searchField.getDataType() == SearchField.DATA_TYPE.INTEGER) {
+ Integer paramVal = restErrorUtil.parseInt(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(),
+ MessageEnums.INVALID_INPUT_DATA, null, searchField.getClientFieldName());
+
+ Number intFieldValue = paramVal != null ? (Number) paramVal : null;
+ if (intFieldValue != null) {
+ query.setParameter(searchField.getClientFieldName(), intFieldValue);
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.STRING) {
+ String strFieldValue = paramList.get(searchField.getClientFieldName());
+ if (strFieldValue != null) {
+ if (searchField.getSearchType() == SearchField.SEARCH_TYPE.FULL) {
+ query.setParameter(searchField.getClientFieldName(), strFieldValue.trim().toLowerCase());
+ } else {
+ query.setParameter(searchField.getClientFieldName(), "%" + strFieldValue.trim().toLowerCase() + "%");
+ }
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.BOOLEAN) {
+ Boolean boolFieldValue = restErrorUtil.parseBoolean(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(),
+ MessageEnums.INVALID_INPUT_DATA, null, searchField.getClientFieldName());
+
+ if (boolFieldValue != null) {
+ query.setParameter(searchField.getClientFieldName(), boolFieldValue);
+ }
+ } else if (searchField.getDataType() == SearchField.DATA_TYPE.DATE) {
+ Date fieldValue = restErrorUtil.parseDate(paramList.get(searchField.getClientFieldName()),
+ "Invalid value for " + searchField.getClientFieldName(), MessageEnums.INVALID_INPUT_DATA,
+ null, searchField.getClientFieldName(), null);
+ if (fieldValue != null) {
+ query.setParameter(searchField.getClientFieldName(), fieldValue);
+ }
+ }
+ }
+ }
+
+ public void updateQueryPageSize(Query query, SearchFilter searchCriteria) {
+ int pageSize = super.validatePageSize(searchCriteria.getMaxRows());
+ query.setMaxResults(pageSize);
+
+ query.setHint("eclipselink.jdbc.max-rows", "" + pageSize);
+ }
+
+ public String constructSortClause(SearchFilter searchCriteria, List<SortField> sortFields) {
+ String sortBy = searchCriteria.getSortBy();
+ String querySortBy = null;
+
+ if (!stringUtil.isEmpty(sortBy)) {
+ sortBy = sortBy.trim();
+ for (SortField sortField : sortFields) {
+ if (sortBy.equalsIgnoreCase(sortField.getParamName())) {
+ querySortBy = sortField.getFieldName();
+ // Override the sortBy using the normalized value
+ searchCriteria.setSortBy(sortField.getParamName());
+ break;
+ }
+ }
+ }
+
+ if (querySortBy == null) {
+ for (SortField sortField : sortFields) {
+ if (sortField.isDefault()) {
+ querySortBy = sortField.getFieldName();
+ // Override the sortBy using the default value
+ searchCriteria.setSortBy(sortField.getParamName());
+ searchCriteria.setSortType(sortField.getDefaultOrder().name());
+ break;
+ }
+ }
+ }
+
+ if (querySortBy != null) {
+ String sortType = searchCriteria.getSortType();
+ String querySortType = "asc";
+ if (sortType != null) {
+ if (sortType.equalsIgnoreCase("asc") || sortType.equalsIgnoreCase("desc")) {
+ querySortType = sortType;
+ } else {
+ logger.error("Invalid sortType. sortType=" + sortType);
+ }
+ }
+
+ if(querySortType!=null){
+ searchCriteria.setSortType(querySortType.toLowerCase());
+ }
+ String sortClause = " ORDER BY " + querySortBy + " " + querySortType;
+
+ return sortClause;
+ }
+ return null;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/db/XXTrxLogDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXTrxLogDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXTrxLogDao.java
index df73d72..63e0d63 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXTrxLogDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXTrxLogDao.java
@@ -52,5 +52,16 @@ public class XXTrxLogDao extends BaseDao<XXTrxLog> {
return xTrxLogList;
}
+
+ public Long findMaxObjIdOfClassType(int classType) {
+
+ try {
+ return (Long) getEntityManager().createNamedQuery("XXTrxLog.findLogForMaxIdOfClassType")
+ .setParameter("classType", classType)
+ .getSingleResult();
+ } catch (NoResultException e) {
+ return null;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index e3492ee..617a084 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1062,12 +1062,16 @@ public class ServiceREST {
private SearchFilter getSearchFilter(HttpServletRequest request) {
- if(request == null || MapUtils.isEmpty(request.getParameterMap())) {
+ if(request == null) {
return null;
}
-
+
SearchFilter ret = new SearchFilter();
+ if(MapUtils.isEmpty(request.getParameterMap())) {
+ ret.setParams(new HashMap<String, String>());
+ }
+
ret.setParam(SearchFilter.LOGIN_USER, request.getParameter(SearchFilter.LOGIN_USER));
ret.setParam(SearchFilter.SERVICE_TYPE, request.getParameter(SearchFilter.SERVICE_TYPE));
ret.setParam(SearchFilter.SERVICE_TYPE_ID, request.getParameter(SearchFilter.SERVICE_TYPE_ID));
@@ -1079,6 +1083,8 @@ public class ServiceREST {
ret.setParam(SearchFilter.USER, request.getParameter(SearchFilter.USER));
ret.setParam(SearchFilter.GROUP, request.getParameter(SearchFilter.GROUP));
ret.setParam(SearchFilter.SORT_BY, request.getParameter(SearchFilter.SORT_BY));
+ ret.setParam(SearchFilter.START_INDEX, request.getParameter(SearchFilter.START_INDEX));
+ ret.setParam(SearchFilter.PAGE_SIZE, request.getParameter(SearchFilter.PAGE_SIZE));
for(Map.Entry<String, String[]> e : request.getParameterMap().entrySet()) {
String name = e.getKey();
@@ -1094,7 +1100,7 @@ public class ServiceREST {
private void createPolicyDownloadAudit(String serviceName, Long lastKnownVersion, String pluginId, ServicePolicies policies, int httpRespCode, HttpServletRequest request) {
try {
- String ipAddress = request.getHeader("X-FORWARDED-FOR");
+ String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null) {
ipAddress = request.getRemoteAddr();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
index 962f50c..78b846c 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java
@@ -2,20 +2,32 @@ package org.apache.ranger.service;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.TypeVariable;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.Date;
+import java.util.List;
+
+import javax.persistence.EntityManager;
+import javax.persistence.Query;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.common.ContextUtil;
import org.apache.ranger.common.DateUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.RESTErrorUtil;
+import org.apache.ranger.common.RangerSearchUtil;
+import org.apache.ranger.common.SearchField;
+import org.apache.ranger.common.SortField;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.db.BaseDao;
+import org.apache.ranger.common.view.VList;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXDBBase;
import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.plugin.model.RangerBaseModelObject;
+import org.apache.ranger.plugin.util.SearchFilter;
import org.springframework.beans.factory.annotation.Autowired;
public abstract class RangerBaseModelService<T extends XXDBBase, V extends RangerBaseModelObject> {
@@ -30,12 +42,26 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
@Autowired
protected RESTErrorUtil restErrorUtil;
+
+ @Autowired
+ protected RangerSearchUtil searchUtil;
+
+ @Autowired
+ RangerBizUtil bizUtil;
public static final int OPERATION_CREATE_CONTEXT = 1;
public static final int OPERATION_UPDATE_CONTEXT = 2;
+ public static final int OPERATION_DELETE_CONTEXT = 3;
protected Class<T> tEntityClass;
protected Class<V> tViewClass;
+ private Boolean populateExistingBaseFields;
+ protected String tClassName;
+
+ public List<SortField> sortFields = new ArrayList<SortField>();
+ public List<SearchField> searchFields = new ArrayList<SearchField>();
+ protected final String countQueryStr;
+ protected String queryStr;
BaseDao<T> entityDao;
@@ -56,6 +82,15 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
} else {
LOG.fatal("Cannot find class for template", new Throwable());
}
+
+ if (tEntityClass != null) {
+ tClassName = tEntityClass.getName();
+ }
+
+ populateExistingBaseFields = false;
+
+ countQueryStr = "SELECT COUNT(obj) FROM " + tEntityClass.getName() + " obj ";
+ queryStr = "SELECT obj FROM " + tClassName + " obj ";
}
protected abstract T mapViewToEntityBean(V viewBean, T t,
@@ -154,10 +189,32 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
if (operationContext == OPERATION_CREATE_CONTEXT) {
entityObj = createEntityObject();
- createTime = DateUtil.getUTCDate();
- updTime = DateUtil.getUTCDate();
- createdById = ContextUtil.getCurrentUserId();
- updById = ContextUtil.getCurrentUserId();
+ if(!populateExistingBaseFields) {
+ createTime = DateUtil.getUTCDate();
+ updTime = DateUtil.getUTCDate();
+ createdById = ContextUtil.getCurrentUserId();
+ updById = ContextUtil.getCurrentUserId();
+ } else if(populateExistingBaseFields) {
+ createTime = vObj.getCreateTime() != null ? vObj.getCreateTime() : DateUtil.getUTCDate();
+ updTime = vObj.getUpdateTime() != null ? vObj.getUpdateTime() : DateUtil.getUTCDate();
+
+ // If this is the case then vObj.createdBy and vObj.updatedBy must be loginId of user.
+ XXPortalUser createdByUser = daoMgr.getXXPortalUser().findByLoginId(vObj.getCreatedBy());
+ XXPortalUser updByUser = daoMgr.getXXPortalUser().findByLoginId(vObj.getUpdatedBy());
+
+ if(createdByUser != null) {
+ createdById = createdByUser.getId();
+ } else {
+ createdById = ContextUtil.getCurrentUserId();
+ }
+
+ if(updByUser != null) {
+ updById = updByUser.getId();
+ } else {
+ updById = ContextUtil.getCurrentUserId();
+ }
+ entityObj.setId(vObj.getId());
+ }
} else if (operationContext == OPERATION_UPDATE_CONTEXT) {
entityObj = getDao().getById(vObj.getId());
@@ -276,5 +333,73 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range
}
return resource;
}
+
+ public Boolean getPopulateExistingBaseFields() {
+ return populateExistingBaseFields;
+ }
+
+ public void setPopulateExistingBaseFields(Boolean populateExistingBaseFields) {
+ this.populateExistingBaseFields = populateExistingBaseFields;
+ }
+
+ /*
+ * Search Operations
+ *
+ */
+
+ protected List<T> searchResources(SearchFilter searchCriteria,
+ List<SearchField> searchFieldList, List<SortField> sortFieldList,
+ VList vList) {
+
+ // Get total count of the rows which meet the search criteria
+ long count = -1;
+ if (searchCriteria.isGetCount()) {
+ count = getCountForSearchQuery(searchCriteria, searchFieldList);
+ if (count == 0) {
+ return Collections.emptyList();
+ }
+ }
+
+ String sortClause = searchUtil.constructSortClause(searchCriteria, sortFieldList);
+
+ String q = queryStr;
+ Query query = createQuery(q, sortClause, searchCriteria, searchFieldList, false);
+
+ List<T> resultList = getDao().executeQueryInSecurityContext(tEntityClass, query);
+
+ if (vList != null) {
+ vList.setPageSize(query.getMaxResults());
+ vList.setSortBy(searchCriteria.getSortBy());
+ vList.setSortType(searchCriteria.getSortType());
+ vList.setStartIndex(query.getFirstResult());
+ vList.setTotalCount(count);
+ }
+ return resultList;
+ }
+
+ protected long getCountForSearchQuery(SearchFilter searchCriteria, List<SearchField> searchFieldList) {
+
+ String q = countQueryStr;
+ Query query = createQuery(q, null, searchCriteria, searchFieldList, true);
+ Long count = getDao().executeCountQueryInSecurityContext(tEntityClass, query);
+
+ if (count == null) {
+ return 0;
+ }
+ return count.longValue();
+ }
+
+ protected Query createQuery(String searchString, String sortString, SearchFilter searchCriteria,
+ List<SearchField> searchFieldList, boolean isCountQuery) {
+
+ EntityManager em = getDao().getEntityManager();
+ Query query = searchUtil.createSearchQuery(em, searchString, sortString, searchCriteria,
+ searchFieldList, getClassType(), false, isCountQuery);
+ return query;
+ }
+
+ protected int getClassType() {
+ return bizUtil.getClassType(tEntityClass);
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
index 0c4f99a..d261151 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
@@ -1,10 +1,20 @@
package org.apache.ranger.service;
+import java.io.IOException;
+import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.ranger.common.AppConstants;
+import org.apache.ranger.common.JSONUtil;
+import org.apache.ranger.common.MessageEnums;
+import org.apache.ranger.common.SearchField;
+import org.apache.ranger.common.SortField;
+import org.apache.ranger.common.SearchField.DATA_TYPE;
+import org.apache.ranger.common.SearchField.SEARCH_TYPE;
+import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.db.XXAccessTypeDefDao;
import org.apache.ranger.db.XXPolicyResourceDao;
import org.apache.ranger.entity.XXAccessTypeDef;
@@ -16,11 +26,18 @@ import org.apache.ranger.entity.XXPolicyItemCondition;
import org.apache.ranger.entity.XXPolicyResource;
import org.apache.ranger.entity.XXPolicyResourceMap;
import org.apache.ranger.entity.XXResourceDef;
+import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
+import org.apache.ranger.plugin.util.SearchFilter;
+import org.codehaus.jackson.JsonParseException;
+import org.codehaus.jackson.map.JsonMappingException;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.codehaus.jackson.type.TypeReference;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
@@ -28,6 +45,55 @@ import org.springframework.stereotype.Service;
@Scope("singleton")
public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, RangerPolicy> {
+ @Autowired
+ JSONUtil jsonUtil;
+
+ public static final String POLICY_RESOURCE_CLASS_FIELD_NAME = "resources";
+ public static final String POLICY_ITEM_CLASS_FIELD_NAME = "policyItems";
+
+ static HashMap<String, VTrxLogAttr> trxLogAttrs = new HashMap<String, VTrxLogAttr>();
+ String actionCreate;
+ String actionUpdate;
+ String actionDelete;
+
+ static {
+ trxLogAttrs.put("name", new VTrxLogAttr("name", "Policy Name", false));
+ trxLogAttrs.put("description", new VTrxLogAttr("description", "Policy Description", false));
+ trxLogAttrs.put("isEnabled", new VTrxLogAttr("isEnabled", "Policy Status", false));
+ trxLogAttrs.put("resources", new VTrxLogAttr("resources", "Policy Resources", false));
+ trxLogAttrs.put("policyItems", new VTrxLogAttr("policyItems", "Policy Items", false));
+ }
+
+ public RangerPolicyService() {
+ super();
+ actionCreate = "create";
+ actionUpdate = "update";
+ actionDelete = "delete";
+
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE, "xSvcDef.name", DATA_TYPE.STRING,
+ SEARCH_TYPE.FULL, "XXServiceDef xSvcDef, XXService xSvc", "xSvc.type = xSvcDef.id and xSvc.id = obj.service"));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE_ID, "xSvc.type", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL,
+ "XXService xSvc", "xSvc.id = obj.service"));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_NAME, "xSvc.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL,
+ "XXService xSvc", "xSvc.id = obj.service"));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_ID, "xSvc.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL,
+ "XXService xSvc", "xSvc.id = obj.service"));
+ searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.POLICY_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.POLICY_NAME, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.USER, "xUser.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL,
+ "XXUser xUser, XXPolicyItem xPolItem, XXPolicyItemUserPerm userPerm", "obj.id = xPolItem.policyId "
+ + "and userPerm.policyItemId = xPolItem.id and xUser.id = userPerm.userId"));
+ searchFields.add(new SearchField(SearchFilter.GROUP, "xGrp.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL,
+ "XXGroup xGrp, XXPolicyItem xPolItem, XXPolicyItemGroupPerm grpPerm", "obj.id = xPolItem.policyId "
+ + "and grpPerm.policyItemId = xPolItem.id and xGrp.id = grpPerm.groupId"));
+
+ sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime"));
+ sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime"));
+ sortFields.add(new SortField(SearchFilter.POLICY_ID, "obj.id"));
+ sortFields.add(new SortField(SearchFilter.POLICY_NAME, "obj.name"));
+ }
+
@Override
protected void validateForCreate(RangerPolicy vObj) {
// TODO Auto-generated method stub
@@ -148,5 +214,255 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range
public RangerPolicy getPopulatedViewObject(XXPolicy xPolicy) {
return this.populateViewBean(xPolicy);
}
+
+ public List<XXTrxLog> getTransactionLog(RangerPolicy vPolicy, int action){
+ return getTransactionLog(vPolicy, null, action);
+ }
+
+ public List<XXTrxLog> getTransactionLog(RangerPolicy vObj, XXPolicy mObj, int action) {
+ if (vObj == null && (action == 0 || action != OPERATION_UPDATE_CONTEXT)) {
+ return null;
+ }
+ List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
+ Field[] fields = vObj.getClass().getDeclaredFields();
+
+ try {
+
+ Field nameField = vObj.getClass().getDeclaredField("name");
+ nameField.setAccessible(true);
+ String objectName = "" + nameField.get(vObj);
+
+ for (Field field : fields) {
+ if (!trxLogAttrs.containsKey(field.getName())) {
+ continue;
+ }
+ XXTrxLog xTrxLog = processFieldToCreateTrxLog(field, objectName, nameField, vObj, mObj, action);
+ if (xTrxLog != null) {
+ trxLogList.add(xTrxLog);
+ }
+ }
+
+ Field[] superClassFields = vObj.getClass().getSuperclass()
+ .getDeclaredFields();
+ for (Field field : superClassFields) {
+ if (field.getName().equalsIgnoreCase("isEnabled")) {
+ XXTrxLog xTrx = processFieldToCreateTrxLog(field, objectName, nameField, vObj, mObj, action);
+ if (xTrx != null) {
+ trxLogList.add(xTrx);
+ }
+ break;
+ }
+ }
+ } catch (IllegalAccessException illegalAcc) {
+ illegalAcc.printStackTrace();
+ } catch (NoSuchFieldException noSuchField) {
+ noSuchField.printStackTrace();
+ }
+
+ return trxLogList;
+ }
+
+ private XXTrxLog processFieldToCreateTrxLog(Field field, String objectName,
+ Field nameField, RangerPolicy vObj, XXPolicy mObj, int action) {
+
+ String actionString = "";
+
+ field.setAccessible(true);
+ String fieldName = field.getName();
+ XXTrxLog xTrxLog = new XXTrxLog();
+
+ try {
+ VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
+
+ xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName());
+
+ String value = null;
+ boolean isEnum = vTrxLogAttr.isEnum();
+ if (isEnum) {
+
+ } else if (fieldName.equalsIgnoreCase(POLICY_RESOURCE_CLASS_FIELD_NAME)) {
+ value = processPolicyResourcesForTrxLog(field.get(vObj));
+ } else if (fieldName.equalsIgnoreCase(POLICY_ITEM_CLASS_FIELD_NAME)) {
+ value = processPolicyItemsForTrxLog(field.get(vObj));
+ } else {
+ value = "" + field.get(vObj);
+ }
+
+ if (action == OPERATION_CREATE_CONTEXT) {
+ if (stringUtil.isEmpty(value)) {
+ return null;
+ }
+ xTrxLog.setNewValue(value);
+ actionString = actionCreate;
+ } else if (action == OPERATION_DELETE_CONTEXT) {
+ xTrxLog.setPreviousValue(value);
+ actionString = actionDelete;
+ } else if (action == OPERATION_UPDATE_CONTEXT) {
+ actionString = actionUpdate;
+ String oldValue = null;
+ Field[] mFields = mObj.getClass().getDeclaredFields();
+ for (Field mField : mFields) {
+ mField.setAccessible(true);
+ String mFieldName = mField.getName();
+ if (fieldName.equalsIgnoreCase(mFieldName)) {
+ if (isEnum) {
+
+ } else {
+ oldValue = mField.get(mObj) + "";
+ }
+ break;
+ }
+ }
+ RangerPolicy oldPolicy = populateViewBean(mObj);
+ if (fieldName.equalsIgnoreCase(POLICY_RESOURCE_CLASS_FIELD_NAME)) {
+ oldValue = processPolicyResourcesForTrxLog(oldPolicy.getResources());
+ } else if (fieldName.equalsIgnoreCase(POLICY_ITEM_CLASS_FIELD_NAME)) {
+ oldValue = processPolicyItemsForTrxLog(oldPolicy.getPolicyItems());
+ }
+ if (value.equalsIgnoreCase(oldValue)) {
+ return null;
+ } else if (fieldName.equalsIgnoreCase(POLICY_RESOURCE_CLASS_FIELD_NAME)) {
+ // Compare old and new resources
+ if(compareTwoPolicyResources(value, oldValue)) {
+ return null;
+ }
+ } else if (fieldName.equalsIgnoreCase(POLICY_ITEM_CLASS_FIELD_NAME)) {
+ //Compare old and new policyItems
+ if(compareTwoPolicyItemList(value, oldValue)) {
+ return null;
+ }
+ }
+ xTrxLog.setPreviousValue(oldValue);
+ xTrxLog.setNewValue(value);
+ }
+ } catch (IllegalArgumentException | IllegalAccessException e) {
+ e.printStackTrace();
+ }
+
+ xTrxLog.setAction(actionString);
+ xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_RANGER_POLICY);
+ xTrxLog.setObjectId(vObj.getId());
+ xTrxLog.setObjectName(objectName);
+
+ return xTrxLog;
+ }
+
+ private boolean compareTwoPolicyItemList(String value, String oldValue) {
+ if (value == null && oldValue == null) {
+ return true;
+ }
+ if (value == "" && oldValue == "") {
+ return true;
+ }
+ if (stringUtil.isEmpty(value) || stringUtil.isEmpty(oldValue)) {
+ return false;
+ }
+
+ ObjectMapper mapper = new ObjectMapper();
+ try {
+ List<RangerPolicyItem> obj = mapper.readValue(value,
+ new TypeReference<List<RangerPolicyItem>>() {
+ });
+ List<RangerPolicyItem> oldObj = mapper.readValue(oldValue,
+ new TypeReference<List<RangerPolicyItem>>() {
+ });
+
+ int oldListSize = oldObj.size();
+ int listSize = obj.size();
+ if(oldListSize != listSize) {
+ return false;
+ }
+
+ for(RangerPolicyItem polItem : obj) {
+ if(!oldObj.contains(polItem)) {
+ return false;
+ }
+ }
+ return true;
+ } catch (JsonParseException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (JsonMappingException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (IOException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ }
+ }
+
+ private boolean compareTwoPolicyResources(String value, String oldValue) {
+ if (value == null && oldValue == null) {
+ return true;
+ }
+ if (value == "" && oldValue == "") {
+ return true;
+ }
+ if (stringUtil.isEmpty(value) || stringUtil.isEmpty(oldValue)) {
+ return false;
+ }
+
+ ObjectMapper mapper = new ObjectMapper();
+ try {
+ Map<String, RangerPolicyResource> obj = mapper.readValue(value,
+ new TypeReference<Map<String, RangerPolicyResource>>() {
+ });
+ Map<String, RangerPolicyResource> oldObj = mapper.readValue(oldValue,
+ new TypeReference<Map<String, RangerPolicyResource>>() {
+ });
+
+ if (obj.size() != oldObj.size()) {
+ return false;
+ }
+
+ for (String key : obj.keySet()) {
+ if (!obj.get(key).equals(oldObj.get(key))) {
+ return false;
+ }
+ }
+ return true;
+ } catch (JsonParseException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (JsonMappingException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ } catch (IOException e) {
+ throw restErrorUtil.createRESTException(
+ "Invalid input data: " + e.getMessage(),
+ MessageEnums.INVALID_INPUT_DATA);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ private String processPolicyItemsForTrxLog(Object value) {
+ if(value == null) {
+ return "";
+ }
+ List<RangerPolicyItem> rangerPolicyItems = (List<RangerPolicyItem>) value;
+ String ret = jsonUtil.readListToString(rangerPolicyItems);
+ if(ret == null) {
+ return "";
+ }
+ return ret;
+ }
+
+ @SuppressWarnings("unchecked")
+ private String processPolicyResourcesForTrxLog(Object value) {
+ if (value == null) {
+ return "";
+ }
+ Map<String, RangerPolicyResource> resources = (Map<String, RangerPolicyResource>) value;
+ String ret = jsonUtil.readMapToString(resources);
+ if(ret == null) {
+ return "";
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
index cf784cc..d19e580 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
@@ -1,11 +1,17 @@
package org.apache.ranger.service;
+import java.util.ArrayList;
+import java.util.List;
+
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.common.GUIDUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.entity.XXPolicy;
import org.apache.ranger.entity.XXService;
+import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.util.SearchFilter;
public abstract class RangerPolicyServiceBase<T extends XXPolicy, V extends RangerPolicy> extends RangerBaseModelService<T, V> {
@@ -46,4 +52,17 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicy, V extends Rang
vObj.setIsAuditEnabled(xObj.getIsAuditEnabled());
return vObj;
}
+
+ @SuppressWarnings("unchecked")
+ public List<RangerPolicy> searchRangerPolicies(SearchFilter searchFilter) {
+ List<RangerPolicy> policyList = new ArrayList<RangerPolicy>();
+
+ List<XXPolicy> xPolList = (List<XXPolicy>) searchResources(searchFilter, searchFields, sortFields, null);
+ for(XXPolicy xPol : xPolList) {
+ policyList.add(populateViewBean((T) xPol));
+ }
+
+ return policyList;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java
index 1ebbc17..acf0bf1 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java
@@ -3,6 +3,10 @@ package org.apache.ranger.service;
import java.util.ArrayList;
import java.util.List;
+import org.apache.ranger.common.SearchField;
+import org.apache.ranger.common.SortField;
+import org.apache.ranger.common.SearchField.DATA_TYPE;
+import org.apache.ranger.common.SearchField.SEARCH_TYPE;
import org.apache.ranger.entity.XXContextEnricherDef;
import org.apache.ranger.entity.XXAccessTypeDef;
import org.apache.ranger.entity.XXEnumDef;
@@ -25,6 +29,19 @@ import org.springframework.stereotype.Service;
@Scope("singleton")
public class RangerServiceDefService extends RangerServiceDefServiceBase<XXServiceDef, RangerServiceDef> {
+ public RangerServiceDefService() {
+ super();
+
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL));
+ searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL));
+
+ sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime"));
+ sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime"));
+ sortFields.add(new SortField(SearchFilter.SERVICE_TYPE_ID, "obj.id"));
+ sortFields.add(new SortField(SearchFilter.SERVICE_TYPE, "obj.name"));
+ }
+
@Override
protected void validateForCreate(RangerServiceDef vObj) {
// TODO Auto-generated method stub
@@ -37,6 +54,7 @@ public class RangerServiceDefService extends RangerServiceDefServiceBase<XXServi
// TODO Auto-generated method stub
}
+
@Override
protected RangerServiceDef populateViewBean(XXServiceDef xServiceDef) {
@@ -105,7 +123,7 @@ public class RangerServiceDefService extends RangerServiceDefServiceBase<XXServi
return serviceDef;
}
- public List<RangerServiceDef> getServiceDefs(SearchFilter filter) {
+ public List<RangerServiceDef> getAllServiceDefs() {
List<XXServiceDef> xxServiceDefList = daoMgr.getXXServiceDef().getAll();
List<RangerServiceDef> serviceDefList = new ArrayList<RangerServiceDef>();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/15b13901/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
index f6c07b3..374217f 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java
@@ -26,6 +26,7 @@ import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef;
+import org.apache.ranger.plugin.util.SearchFilter;
import org.springframework.beans.factory.annotation.Autowired;
public abstract class RangerServiceDefServiceBase<T extends XXServiceDef, V extends RangerServiceDef>
@@ -302,4 +303,16 @@ public abstract class RangerServiceDefServiceBase<T extends XXServiceDef, V exte
return vObj;
}
+ @SuppressWarnings("unchecked")
+ public List<RangerServiceDef> searchRangerServiceDefs(SearchFilter searchFilter) {
+ List<RangerServiceDef> serviceDefList = new ArrayList<RangerServiceDef>();
+
+ List<XXServiceDef> xSvcDefList = (List<XXServiceDef>) searchResources(searchFilter, searchFields, sortFields, null);
+ for(XXServiceDef xSvcDef : xSvcDefList) {
+ serviceDefList.add(populateViewBean((T) xSvcDef));
+ }
+
+ return serviceDefList;
+ }
+
}