You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2015/10/14 02:34:37 UTC
[1/3] incubator-ranger git commit: RANGER-526 : Provide REST API to
change user role
Repository: incubator-ranger
Updated Branches:
refs/heads/ranger-0.5 ecdaa6c1b -> a94e793db
RANGER-526 : Provide REST API to change user role
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/bd8caf44
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/bd8caf44
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/bd8caf44
Branch: refs/heads/ranger-0.5
Commit: bd8caf441a296d6788335c370098157a708baeeb
Parents: ecdaa6c
Author: Gautam Borad <ga...@apache.org>
Authored: Tue Oct 13 12:40:19 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Tue Oct 13 20:33:50 2015 -0400
----------------------------------------------------------------------
.../db/mysql/patches/009-updated_schema.sql | 2 +-
.../db/oracle/patches/009-updated_schema.sql | 2 +-
.../db/postgres/xa_core_db_postgres.sql | 2 +-
.../db/sqlanywhere/xa_core_db_sqlanywhere.sql | 2 +-
.../db/sqlserver/xa_core_db_sqlserver.sql | 2 +-
.../java/org/apache/ranger/biz/UserMgr.java | 9 +-
.../java/org/apache/ranger/biz/XUserMgr.java | 165 ++++++
.../apache/ranger/db/XXGroupPermissionDao.java | 2 +-
.../java/org/apache/ranger/rest/XUserREST.java | 41 ++
.../ranger/security/context/RangerAPIList.java | 4 +
.../security/context/RangerAPIMapping.java | 4 +
.../CustomLogoutSuccessHandler.java | 1 +
.../RangerAuthFailureHandler.java | 1 +
.../RangerAuthSuccessHandler.java | 2 +-
.../RangerAuthenticationEntryPoint.java | 1 +
.../security/web/filter/MyRememberMeFilter.java | 7 +-
.../RangerSecurityContextFormationFilter.java | 5 +-
security-admin/src/main/webapp/login.jsp | 4 +-
.../java/org/apache/ranger/biz/TestUserMgr.java | 187 ++++++-
.../org/apache/ranger/biz/TestXUserMgr.java | 511 ++++++++++++++++++-
20 files changed, 922 insertions(+), 32 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/db/mysql/patches/009-updated_schema.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/mysql/patches/009-updated_schema.sql b/security-admin/db/mysql/patches/009-updated_schema.sql
index c5aa728..beaeda6 100644
--- a/security-admin/db/mysql/patches/009-updated_schema.sql
+++ b/security-admin/db/mysql/patches/009-updated_schema.sql
@@ -52,7 +52,7 @@ CREATE TABLE `x_service` (
`upd_by_id` bigint(20) DEFAULT NULL,
`version` bigint(20) DEFAULT NULL,
`type` bigint(20) DEFAULT NULL,
-`name` varchar(512) DEFAULT NULL,
+`name` varchar(255) DEFAULT NULL,
`policy_version` bigint(20) DEFAULT NULL,
`policy_update_time`datetime DEFAULT NULL,
`description` varchar(1024) DEFAULT NULL,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/db/oracle/patches/009-updated_schema.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/oracle/patches/009-updated_schema.sql b/security-admin/db/oracle/patches/009-updated_schema.sql
index ef5ff3c..293d6a5 100644
--- a/security-admin/db/oracle/patches/009-updated_schema.sql
+++ b/security-admin/db/oracle/patches/009-updated_schema.sql
@@ -63,7 +63,7 @@ added_by_id NUMBER(20) DEFAULT NULL NULL,
upd_by_id NUMBER(20) DEFAULT NULL NULL,
version NUMBER(20) DEFAULT NULL NULL,
type NUMBER(20) DEFAULT NULL NULL,
-name varchar(512) DEFAULT NULL NULL,
+name varchar(255) DEFAULT NULL NULL,
policy_version NUMBER(20) DEFAULT NULL NULL,
policy_update_time DATE DEFAULT NULL NULL,
description VARCHAR(1024) DEFAULT NULL NULL,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/db/postgres/xa_core_db_postgres.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/postgres/xa_core_db_postgres.sql b/security-admin/db/postgres/xa_core_db_postgres.sql
index 5a76442..8245c23 100644
--- a/security-admin/db/postgres/xa_core_db_postgres.sql
+++ b/security-admin/db/postgres/xa_core_db_postgres.sql
@@ -492,7 +492,7 @@ added_by_id BIGINT DEFAULT NULL NULL,
upd_by_id BIGINT DEFAULT NULL NULL,
version BIGINT DEFAULT NULL NULL,
type BIGINT DEFAULT NULL NULL,
-name VARCHAR(512) DEFAULT NULL NULL,
+name VARCHAR(255) DEFAULT NULL NULL,
policy_version BIGINT DEFAULT NULL NULL,
policy_update_time TIMESTAMP DEFAULT NULL NULL,
description VARCHAR(1024) DEFAULT NULL NULL,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/db/sqlanywhere/xa_core_db_sqlanywhere.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlanywhere/xa_core_db_sqlanywhere.sql b/security-admin/db/sqlanywhere/xa_core_db_sqlanywhere.sql
index 0760cb8..b063bad 100644
--- a/security-admin/db/sqlanywhere/xa_core_db_sqlanywhere.sql
+++ b/security-admin/db/sqlanywhere/xa_core_db_sqlanywhere.sql
@@ -312,7 +312,7 @@ create table dbo.x_service (
upd_by_id bigint DEFAULT NULL NULL,
version bigint DEFAULT NULL NULL,
type bigint DEFAULT NULL NULL,
- name varchar(512) DEFAULT NULL NULL,
+ name varchar(255) DEFAULT NULL NULL,
policy_version bigint DEFAULT NULL NULL,
policy_update_time datetime DEFAULT NULL NULL,
description varchar(1024) DEFAULT NULL NULL,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
index 25d374e..f2e9644 100644
--- a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
@@ -1778,7 +1778,7 @@ CREATE TABLE [dbo].[x_service] (
[upd_by_id] [bigint] DEFAULT NULL NULL,
[version] [bigint] DEFAULT NULL NULL,
[type] [bigint] DEFAULT NULL NULL,
- [name] [varchar](512) DEFAULT NULL NULL,
+ [name] [varchar](255) DEFAULT NULL NULL,
[policy_version] [bigint] DEFAULT NULL NULL,
[policy_update_time] [datetime2] DEFAULT NULL NULL,
[description] [varchar](1024) DEFAULT NULL NULL,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index ff0ea01..8fbad1f 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -304,7 +304,7 @@ public class UserMgr {
return gjUser;
}
- private boolean updateRoles(Long userId, Collection<String> rolesList) {
+ public boolean updateRoles(Long userId, Collection<String> rolesList) {
boolean rolesUpdated = false;
if (rolesList == null || rolesList.size() == 0) {
return false;
@@ -352,12 +352,13 @@ public class UserMgr {
* @param vStrings
*/
public void setUserRoles(Long userId, List<VXString> vStringRolesList) {
- checkAccess(userId);
List<String> stringRolesList = new ArrayList<String>();
for (VXString vXString : vStringRolesList) {
stringRolesList.add(vXString.getValue());
}
- updateRoles(userId, stringRolesList);
+ xUserMgr.checkAccessRoles(stringRolesList);
+ VXPortalUser oldUserProfile=getUserProfile(userId);
+ xUserMgr.updateUserRolesPermissions(oldUserProfile, stringRolesList);
}
/**
@@ -634,7 +635,7 @@ public class UserMgr {
.getXXUserPermission().findByUserPermissionIdAndIsAllowed(
userProfile.getId());
List<XXGroupPermission> xxGroupPermissions = daoManager
- .getXXGroupPermission().findbyVXPoratUserId(
+ .getXXGroupPermission().findbyVXPortalUserId(
userProfile.getId());
List<VXGroupPermission> groupPermissions = new ArrayList<VXGroupPermission>();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 5f43bc0..b860877 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -80,6 +80,10 @@ import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletResponse;
import org.apache.ranger.view.VXResponse;
+import org.apache.ranger.entity.XXPortalUserRole;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.ranger.view.VXString;
+import org.apache.ranger.view.VXStringList;
@Component
public class XUserMgr extends XUserMgrBase {
@@ -1131,4 +1135,165 @@ public class XUserMgr extends XUserMgrBase {
vxAuditMapList.setTotalCount(auditMapList.size());
}
+ public void checkAccessRoles(List<String> stringRolesList) {
+ UserSessionBase session = ContextUtil.getCurrentUserSession();
+ if (session != null && stringRolesList!=null) {
+ if (!session.isUserAdmin() && !session.isKeyAdmin()) {
+ throw restErrorUtil.create403RESTException("Permission"
+ + " denied. LoggedInUser="
+ + (session != null ? session.getXXPortalUser().getId()
+ : "Not Logged In")
+ + " ,isn't permitted to perform the action.");
+ }else{
+ if (session.isUserAdmin() && stringRolesList.contains(RangerConstants.ROLE_KEY_ADMIN)) {
+ throw restErrorUtil.create403RESTException("Permission"
+ + " denied. LoggedInUser="
+ + (session != null ? session.getXXPortalUser().getId()
+ : "")
+ + " isn't permitted to perform the action.");
+ }
+ if (session.isKeyAdmin() && stringRolesList.contains(RangerConstants.ROLE_SYS_ADMIN)) {
+ throw restErrorUtil.create403RESTException("Permission"
+ + " denied. LoggedInUser="
+ + (session != null ? session.getXXPortalUser().getId()
+ : "")
+ + " isn't permitted to perform the action.");
+ }
+ }
+ }else{
+ VXResponse vXResponse = new VXResponse();
+ vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
+ vXResponse.setMsgDesc("Bad Credentials");
+ throw restErrorUtil.generateRESTException(vXResponse);
+ }
+ }
+
+ public VXStringList setUserRolesByExternalID(Long userId, List<VXString> vStringRolesList) {
+ List<String> roleListNewProfile = new ArrayList<String>();
+ if(vStringRolesList!=null){
+ for (VXString vXString : vStringRolesList) {
+ roleListNewProfile.add(vXString.getValue());
+ }
+ }
+ checkAccessRoles(roleListNewProfile);
+ VXUser vXUser=getXUser(userId);
+ List<XXPortalUserRole> portalUserRoleList =null;
+ if(vXUser!=null && roleListNewProfile.size()>0){
+ VXPortalUser oldUserProfile = userMgr.getUserProfileByLoginId(vXUser.getName());
+ if(oldUserProfile!=null){
+ updateUserRolesPermissions(oldUserProfile,roleListNewProfile);
+ portalUserRoleList = daoManager.getXXPortalUserRole().findByUserId(oldUserProfile.getId());
+ return getStringListFromUserRoleList(portalUserRoleList);
+ }else{
+ throw restErrorUtil.createRESTException("User ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }else{
+ throw restErrorUtil.createRESTException("User ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }
+
+ public VXStringList setUserRolesByName(String userName, List<VXString> vStringRolesList) {
+ List<String> roleListNewProfile = new ArrayList<String>();
+ if(vStringRolesList!=null){
+ for (VXString vXString : vStringRolesList) {
+ roleListNewProfile.add(vXString.getValue());
+ }
+ }
+ checkAccessRoles(roleListNewProfile);
+ if(userName!=null && roleListNewProfile.size()>0){
+ VXPortalUser oldUserProfile = userMgr.getUserProfileByLoginId(userName);
+ if(oldUserProfile!=null){
+ updateUserRolesPermissions(oldUserProfile,roleListNewProfile);
+ List<XXPortalUserRole> portalUserRoleList = daoManager.getXXPortalUserRole().findByUserId(oldUserProfile.getId());
+ return getStringListFromUserRoleList(portalUserRoleList);
+ }else{
+ throw restErrorUtil.createRESTException("Login ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }else{
+ throw restErrorUtil.createRESTException("Login ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
+ }
+
+ }
+
+ public VXStringList getUserRolesByExternalID(Long userId) {
+ VXUser vXUser=getXUser(userId);
+ if(vXUser==null){
+ throw restErrorUtil.createRESTException("Please provide a valid ID", MessageEnums.INVALID_INPUT_DATA);
+ }
+ List<XXPortalUserRole> portalUserRoleList =null;
+ VXPortalUser oldUserProfile = userMgr.getUserProfileByLoginId(vXUser.getName());
+ if(oldUserProfile!=null){
+ portalUserRoleList = daoManager.getXXPortalUserRole().findByUserId(oldUserProfile.getId());
+ return getStringListFromUserRoleList(portalUserRoleList);
+ }else{
+ throw restErrorUtil.createRESTException("User ID doesn't exist.", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }
+
+ public VXStringList getUserRolesByName(String userName) {
+ VXPortalUser vXPortalUser=null;
+ if(userName!=null && !userName.trim().isEmpty()){
+ vXPortalUser = userMgr.getUserProfileByLoginId(userName);
+ if(vXPortalUser!=null && vXPortalUser.getUserRoleList()!=null){
+ List<XXPortalUserRole> portalUserRoleList = daoManager.getXXPortalUserRole().findByUserId(vXPortalUser.getId());
+ return getStringListFromUserRoleList(portalUserRoleList);
+ }else{
+ throw restErrorUtil.createRESTException("Please provide a valid userName", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }else{
+ throw restErrorUtil.createRESTException("Please provide a valid userName", MessageEnums.INVALID_INPUT_DATA);
+ }
+ }
+
+ public void updateUserRolesPermissions(VXPortalUser oldUserProfile,List<String> roleListNewProfile){
+ //update permissions start
+ Collection<String> roleListUpdatedProfile =new ArrayList<String>();
+ if (oldUserProfile != null && oldUserProfile.getId() != null) {
+ Collection<String> roleListOldProfile = oldUserProfile.getUserRoleList();
+ if(roleListNewProfile!=null && roleListOldProfile!=null){
+ for (String role : roleListNewProfile) {
+ if(role!=null && !roleListOldProfile.contains(role)){
+ roleListUpdatedProfile.add(role);
+ }
+ }
+ }
+ }
+ if(roleListUpdatedProfile!=null && roleListUpdatedProfile.size()>0){
+ oldUserProfile.setUserRoleList(roleListUpdatedProfile);
+ List<XXUserPermission> xuserPermissionList = daoManager
+ .getXXUserPermission()
+ .findByUserPermissionId(oldUserProfile.getId());
+ if (xuserPermissionList!=null && xuserPermissionList.size()>0){
+ for (XXUserPermission xXUserPermission : xuserPermissionList) {
+ if (xXUserPermission != null) {
+ xUserPermissionService.deleteResource(xXUserPermission.getId());
+ }
+ }
+ }
+ assignPermissionToUser(oldUserProfile,true);
+ if(roleListUpdatedProfile!=null && roleListUpdatedProfile.size()>0){
+ userMgr.updateRoles(oldUserProfile.getId(), oldUserProfile.getUserRoleList());
+ }
+ }
+ //update permissions end
+ }
+
+ public VXStringList getStringListFromUserRoleList(
+ List<XXPortalUserRole> listXXPortalUserRole) {
+ if(listXXPortalUserRole==null){
+ return null;
+ }
+ List<VXString> xStrList = new ArrayList<VXString>();
+ VXString vXStr=null;
+ for (XXPortalUserRole userRole : listXXPortalUserRole) {
+ if(userRole!=null){
+ vXStr = new VXString();
+ vXStr.setValue(userRole.getUserRole());
+ xStrList.add(vXStr);
+ }
+ }
+ VXStringList vXStringList = new VXStringList(xStrList);
+ return vXStringList;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
index db69cea..18ca9e3 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXGroupPermissionDao.java
@@ -80,7 +80,7 @@ public class XXGroupPermissionDao extends BaseDao<XXGroupPermission> {
}
return null;
}
- public List<XXGroupPermission> findbyVXPoratUserId(Long userId) {
+ public List<XXGroupPermission> findbyVXPortalUserId(Long userId) {
if (userId != null) {
try {
return getEntityManager()
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
index b7884eb..448a60a 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
@@ -75,6 +75,9 @@ import org.apache.ranger.view.VXModuleDef;
import org.apache.ranger.view.VXModuleDefList;
import org.apache.ranger.view.VXPermMap;
import org.apache.ranger.view.VXPermMapList;
+import org.apache.ranger.view.VXPortalUser;
+import org.apache.ranger.view.VXResponse;
+import org.apache.ranger.view.VXStringList;
import org.apache.ranger.view.VXUser;
import org.apache.ranger.view.VXUserGroupInfo;
import org.apache.ranger.view.VXUserList;
@@ -957,4 +960,42 @@ public class XUserREST {
public void modifyUserActiveStatus(HashMap<Long, Integer> statusMap){
xUserMgr.modifyUserActiveStatus(statusMap);
}
+
+ @PUT
+ @Path("/secure/users/roles/{userId}")
+ @Produces({ "application/xml", "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.SET_USER_ROLES_BY_ID + "\")")
+ public VXStringList setUserRolesByExternalID(@PathParam("userId") Long userId,
+ VXStringList roleList) {
+ return xUserMgr.setUserRolesByExternalID(userId, roleList.getVXStrings());
+ }
+
+ @PUT
+ @Path("/secure/users/roles/userName/{userName}")
+ @Produces({ "application/xml", "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.SET_USER_ROLES_BY_NAME + "\")")
+ public VXStringList setUserRolesByName(@PathParam("userName") String userName,
+ VXStringList roleList) {
+ return xUserMgr.setUserRolesByName(userName, roleList.getVXStrings());
+ }
+
+ @GET
+ @Path("/secure/users/external/{userId}")
+ @Produces({ "application/xml", "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.GET_USER_ROLES_BY_ID + "\")")
+ public VXStringList getUserRolesByExternalID(@PathParam("userId") Long userId) {
+ VXStringList vXStringList=new VXStringList();
+ vXStringList=xUserMgr.getUserRolesByExternalID(userId);
+ return vXStringList;
+ }
+
+ @GET
+ @Path("/secure/users/roles/userName/{userName}")
+ @Produces({ "application/xml", "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" + RangerAPIList.GET_USER_ROLES_BY_NAME + "\")")
+ public VXStringList getUserRolesByName(@PathParam("userName") String userName) {
+ VXStringList vXStringList=new VXStringList();
+ vXStringList=xUserMgr.getUserRolesByName(userName);
+ return vXStringList;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java b/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
index f10453c..ab16535 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIList.java
@@ -198,4 +198,8 @@ public class RangerAPIList {
public static final String SEARCH_X_GROUP_PERMISSION = "XUserREST.searchXGroupPermission";
public static final String COUNT_X_GROUP_PERMISSION = "XUserREST.countXGroupPermission";
public static final String MODIFY_USER_ACTIVE_STATUS = "XUserREST.modifyUserActiveStatus";
+ public static final String SET_USER_ROLES_BY_ID="XUserREST.setUserRolesByID";
+ public static final String SET_USER_ROLES_BY_NAME="XUserREST.setUserRolesByName";
+ public static final String GET_USER_ROLES_BY_ID="XUserREST.getUserRolesByID";
+ public static final String GET_USER_ROLES_BY_NAME="XUserREST.getUserRolesByName";
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java b/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java
index adc8e2a..f8966f5 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/context/RangerAPIMapping.java
@@ -345,6 +345,10 @@ public class RangerAPIMapping {
apiAssociatedWithUserAndGroups.add(RangerAPIList.UPDATE);
apiAssociatedWithUserAndGroups.add(RangerAPIList.SET_USER_ROLES);
apiAssociatedWithUserAndGroups.add(RangerAPIList.DEACTIVATE_USER);
+ apiAssociatedWithUserAndGroups.add(RangerAPIList.SET_USER_ROLES_BY_ID);
+ apiAssociatedWithUserAndGroups.add(RangerAPIList.SET_USER_ROLES_BY_NAME);
+ apiAssociatedWithUserAndGroups.add(RangerAPIList.GET_USER_ROLES_BY_ID);
+ apiAssociatedWithUserAndGroups.add(RangerAPIList.GET_USER_ROLES_BY_NAME);
rangerAPIMappingWithUI.put(TAB_USERS_GROUPS, apiAssociatedWithUserAndGroups);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/authentication/CustomLogoutSuccessHandler.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/CustomLogoutSuccessHandler.java b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/CustomLogoutSuccessHandler.java
index 80f5180..6a91834 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/CustomLogoutSuccessHandler.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/CustomLogoutSuccessHandler.java
@@ -45,6 +45,7 @@ public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Cache-Control", "no-cache");
+ response.setHeader("X-Frame-Options", "DENY");
String jsonStr = "";
try {
VXResponse vXResponse = new VXResponse();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthFailureHandler.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthFailureHandler.java b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthFailureHandler.java
index 94ce93a..cb4c16a 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthFailureHandler.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthFailureHandler.java
@@ -76,6 +76,7 @@ ExceptionMappingAuthenticationFailureHandler {
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Cache-Control", "no-cache");
+ response.setHeader("X-Frame-Options", "DENY");
String jsonResp = "";
try {
String msg = exception.getMessage();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java
index 62ba781..bf16a57 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java
@@ -86,7 +86,7 @@ SavedRequestAwareAuthenticationSuccessHandler {
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Cache-Control", "no-cache");
-
+ response.setHeader("X-Frame-Options", "DENY");
VXResponse vXResponse = new VXResponse();
if(!isValidUser) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
index a3f3ed5..52228dd 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
@@ -78,6 +78,7 @@ public class RangerAuthenticationEntryPoint extends
HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
String ajaxRequestHeader = request.getHeader("X-Requested-With");
+ response.setHeader("X-Frame-Options", "DENY");
if (logger.isDebugEnabled()) {
logger.debug("commence() X-Requested-With=" + ajaxRequestHeader);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/filter/MyRememberMeFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/MyRememberMeFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/MyRememberMeFilter.java
index d18006e..9867bb0 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/MyRememberMeFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/MyRememberMeFilter.java
@@ -71,8 +71,9 @@ public class MyRememberMeFilter extends RememberMeAuthenticationFilter {
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
- // TODO Auto-generated method stub
- super.doFilter(arg0, arg1, arg2);
+ HttpServletResponse res = (HttpServletResponse)arg1;
+ res.setHeader("X-Frame-Options", "DENY" );
+ super.doFilter(arg0, res, arg2);
}
/*
@@ -99,6 +100,7 @@ public class MyRememberMeFilter extends RememberMeAuthenticationFilter {
@Override
protected void onSuccessfulAuthentication(HttpServletRequest request,
HttpServletResponse response, Authentication authResult) {
+ response.setHeader("X-Frame-Options", "DENY" );
super.onSuccessfulAuthentication(request, response, authResult);
// if (logger.isDebugEnabled()) {
logger.info("onSuccessfulAuthentication() authResult=" + authResult);
@@ -119,6 +121,7 @@ public class MyRememberMeFilter extends RememberMeAuthenticationFilter {
HttpServletResponse response, AuthenticationException failed) {
logger.error("Authentication failure. failed=" + failed,
new Throwable());
+ response.setHeader("X-Frame-Options", "DENY" );
super.onUnsuccessfulAuthentication(request, response, failed);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index 52ea841..d92fcbb 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -29,6 +29,7 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
@@ -135,7 +136,9 @@ public class RangerSecurityContextFormationFilter extends GenericFilterBean {
// xUserMgr.checkPermissionRoleByGivenUrls(httpRequest.getRequestURL().toString(),httpMethod);
}
- chain.doFilter(request, response);
+ HttpServletResponse res = (HttpServletResponse)response;
+ res.setHeader("X-Frame-Options", "DENY" );
+ chain.doFilter(request, res);
} finally {
// [4]remove context from thread-local
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/main/webapp/login.jsp
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/login.jsp b/security-admin/src/main/webapp/login.jsp
index 1faae6a..0db6882 100644
--- a/security-admin/src/main/webapp/login.jsp
+++ b/security-admin/src/main/webapp/login.jsp
@@ -55,7 +55,9 @@
</head>
<body class="login" style="">
-
+ <%
+ response.setHeader("X-Frame-Options", "DENY");
+ %>
<!-- Page content
================================================== -->
<section id="signin-container" style="margin-top: 4.5px;">
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
index 479dfde..e617de6 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
@@ -105,7 +105,10 @@ public class TestUserMgr {
@Mock
SessionMgr sessionMgr;
-
+
+ @Mock
+ XUserMgr xUserMgr;
+
@Rule
public ExpectedException thrown = ExpectedException.none();
@@ -131,10 +134,9 @@ public class TestUserMgr {
return userProfile;
}
- @Ignore("Junit breakage: RANGER-425") // TODO
@Test
public void test11CreateUser() {
- setup();
+ setup();
XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
XXPortalUserRoleDao roleDao = Mockito.mock(XXPortalUserRoleDao.class);
@@ -188,10 +190,9 @@ public class TestUserMgr {
Mockito.verify(daoManager).getXXPortalUserRole();
}
- @Ignore("Junit breakage: RANGER-425") // TODO
@Test
public void test12CreateUser() {
- setup();
+ setup();
XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
XXPortalUserRoleDao roleDao = Mockito.mock(XXPortalUserRoleDao.class);
@@ -426,7 +427,7 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
xGroupPermissionDao);
Mockito.when(
- xGroupPermissionDao.findbyVXPoratUserId(userProfile.getId()))
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
.thenReturn(xGroupPermissionList);
VXPortalUser dbVXPortalUser = userMgr.createUser(userProfile);
@@ -710,7 +711,7 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
xGroupPermissionDao);
Mockito.when(
- xGroupPermissionDao.findbyVXPoratUserId(userProfile.getId()))
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
.thenReturn(xGroupPermissionList);
Mockito.when(
@@ -744,6 +745,7 @@ public class TestUserMgr {
@Test
public void test30checkAccess() {
+ setup();
XXPortalUserDao xPortalUserDao = Mockito.mock(XXPortalUserDao.class);
XXPortalUser xPortalUser = Mockito.mock(XXPortalUser.class);
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xPortalUserDao);
@@ -755,6 +757,7 @@ public class TestUserMgr {
@Test
public void test31getUserProfile() {
+ setup();
XXPortalUserDao xPortalUserDao = Mockito.mock(XXPortalUserDao.class);
XXPortalUser xPortalUser = Mockito.mock(XXPortalUser.class);
XXUserPermissionDao xUserPermissionDao = Mockito
@@ -812,7 +815,7 @@ public class TestUserMgr {
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
xGroupPermissionDao);
Mockito.when(
- xGroupPermissionDao.findbyVXPoratUserId(userProfile.getId()))
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
.thenReturn(xGroupPermissionList);
VXPortalUser dbVXPortalUser = userMgr.getUserProfile(userId);
Assert.assertNotNull(dbVXPortalUser);
@@ -825,6 +828,7 @@ public class TestUserMgr {
@Test
public void test32getUserProfileByLoginId() {
+ setup();
XXPortalUserDao xPortalUserDao = Mockito.mock(XXPortalUserDao.class);
XXPortalUser xPortalUser = Mockito.mock(XXPortalUser.class);
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xPortalUserDao);
@@ -836,24 +840,175 @@ public class TestUserMgr {
Mockito.verify(daoManager).getXXPortalUser();
}
- @Ignore("Junit breakage: RANGER-526") // TODO
+
@Test
public void test33setUserRoles() {
- XXPortalUserRoleDao xPortalUserRoleDao = Mockito.mock(XXPortalUserRoleDao.class);
+ setup();
+ XXPortalUserRoleDao xPortalUserRoleDao = Mockito
+ .mock(XXPortalUserRoleDao.class);
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ XXUserPermissionDao xUserPermissionDao = Mockito
+ .mock(XXUserPermissionDao.class);
+ XXGroupPermissionDao xGroupPermissionDao = Mockito
+ .mock(XXGroupPermissionDao.class);
+ XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
+
+ VXPortalUser userProfile = userProfile();
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+
List<VXString> vStringRolesList = new ArrayList<VXString>();
VXString vXStringObj = new VXString();
- vXStringObj.setValue("1L");
+ vXStringObj.setValue("ROLE_USER");
vStringRolesList.add(vXStringObj);
-
+
List<XXPortalUserRole> xPortalUserRoleList = new ArrayList<XXPortalUserRole>();
XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserId(userId);
XXPortalUserRole.setUserRole("ROLE_USER");
xPortalUserRoleList.add(XXPortalUserRole);
-
- Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(xPortalUserRoleDao);
- Mockito.when(xPortalUserRoleDao.findByUserId(userId))
- .thenReturn(xPortalUserRoleList);
+
+ List<XXUserPermission> xUserPermissionsList = new ArrayList<XXUserPermission>();
+ XXUserPermission xUserPermissionObj = new XXUserPermission();
+ xUserPermissionObj.setAddedByUserId(userId);
+ xUserPermissionObj.setCreateTime(new Date());
+ xUserPermissionObj.setId(userId);
+ xUserPermissionObj.setIsAllowed(1);
+ xUserPermissionObj.setModuleId(1L);
+ xUserPermissionObj.setUpdatedByUserId(userId);
+ xUserPermissionObj.setUpdateTime(new Date());
+ xUserPermissionObj.setUserId(userId);
+ xUserPermissionsList.add(xUserPermissionObj);
+
+ List<XXGroupPermission> xGroupPermissionList = new ArrayList<XXGroupPermission>();
+ XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+ xGroupPermissionObj.setAddedByUserId(userId);
+ xGroupPermissionObj.setCreateTime(new Date());
+ xGroupPermissionObj.setId(userId);
+ xGroupPermissionObj.setIsAllowed(1);
+ xGroupPermissionObj.setModuleId(1L);
+ xGroupPermissionObj.setUpdatedByUserId(userId);
+ xGroupPermissionObj.setUpdateTime(new Date());
+ xGroupPermissionObj.setGroupId(userId);
+ xGroupPermissionList.add(xGroupPermissionObj);
+
+ List<VXGroupPermission> groupPermList = new ArrayList<VXGroupPermission>();
+ VXGroupPermission groupPermission = new VXGroupPermission();
+ groupPermission.setId(1L);
+ groupPermission.setIsAllowed(1);
+ groupPermission.setModuleId(1L);
+ groupPermission.setGroupId(userId);
+ groupPermission.setGroupName("xyz");
+ groupPermission.setOwner("admin");
+ groupPermList.add(groupPermission);
+
+ XXModuleDef xModuleDef = new XXModuleDef();
+ xModuleDef.setUpdatedByUserId(userId);
+ xModuleDef.setAddedByUserId(userId);
+ xModuleDef.setCreateTime(new Date());
+ xModuleDef.setId(userId);
+ xModuleDef.setModule("Policy manager");
+ xModuleDef.setUpdateTime(new Date());
+ xModuleDef.setUrl("/policy manager");
+
+ VXUserPermission userPermission = new VXUserPermission();
+ userPermission.setId(1L);
+ userPermission.setIsAllowed(1);
+ userPermission.setModuleId(1L);
+ userPermission.setUserId(userId);
+ userPermission.setUserName("xyz");
+ userPermission.setOwner("admin");
+
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
+ xPortalUserRoleDao);
+ Mockito.when(xPortalUserRoleDao.findByUserId(userId)).thenReturn(
+ xPortalUserRoleList);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.getById(userId)).thenReturn(user);
+ Mockito.when(daoManager.getXXUserPermission()).thenReturn(
+ xUserPermissionDao);
+ Mockito.when(
+ xUserPermissionDao
+ .findByUserPermissionIdAndIsAllowed(userProfile.getId()))
+ .thenReturn(xUserPermissionsList);
+ Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
+ xGroupPermissionDao);
+ Mockito.when(
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
+ .thenReturn(xGroupPermissionList);
+ Mockito.when(
+ xGroupPermissionService.populateViewBean(xGroupPermissionObj))
+ .thenReturn(groupPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(
+ xUserPermissionService.populateViewBean(xUserPermissionObj))
+ .thenReturn(userPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+
+ userMgr.checkAccess(userId);
userMgr.setUserRoles(userId, vStringRolesList);
+
+ Mockito.verify(daoManager).getXXUserPermission();
+ Mockito.verify(daoManager).getXXGroupPermission();
+ Mockito.verify(xGroupPermissionService).populateViewBean(
+ xGroupPermissionObj);
+ Mockito.verify(xUserPermissionService).populateViewBean(
+ xUserPermissionObj);
}
+
+ @Test
+ public void test19updateRoles() {
+ //setup();
+ Collection<String> rolesList = new ArrayList<String>();
+ rolesList.add("ROLE_USER");
+ rolesList.add("ROLE_ADMIN");
+ XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+ XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserRole("ROLE_USER");
+ List<XXPortalUserRole> list = new ArrayList<XXPortalUserRole>();
+ list.add(XXPortalUserRole);
+ XXPortalUserRoleDao userDao = Mockito.mock(XXPortalUserRoleDao.class);
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(userDao);
+ Mockito.when(userDao.findByUserId(userId)).thenReturn(list);
+ boolean isFound = userMgr.updateRoles(userId, rolesList);
+ Assert.assertFalse(isFound);
+ }
+
+ @Test
+ public void test20UpdateUserWithPass() {
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ VXPortalUser userProfile = userProfile();
+ String userName = userProfile.getFirstName();
+ String userPassword = userProfile.getPassword();
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(
+ user);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.update(user)).thenReturn(user);
+ XXPortalUser dbXXPortalUser = userMgr.updatePasswordInSHA256(userName,
+ userPassword);
+ Assert.assertNotNull(dbXXPortalUser);
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bd8caf44/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
index cda423e..e992190 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java
@@ -61,10 +61,12 @@ import org.apache.ranger.view.VXGroupUser;
import org.apache.ranger.view.VXGroupUserList;
import org.apache.ranger.view.VXModuleDef;
import org.apache.ranger.view.VXPortalUser;
+import org.apache.ranger.view.VXStringList;
import org.apache.ranger.view.VXUser;
import org.apache.ranger.view.VXUserGroupInfo;
import org.apache.ranger.view.VXUserList;
import org.apache.ranger.view.VXUserPermission;
+import org.apache.ranger.view.VXString;
import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Rule;
@@ -211,7 +213,19 @@ public class TestXUserMgr {
return groupPermission;
}
- @Ignore("temp disable")
+ private VXPortalUser userProfile() {
+ VXPortalUser userProfile = new VXPortalUser();
+ userProfile.setEmailAddress("test@test.com");
+ userProfile.setFirstName("user12");
+ userProfile.setLastName("test12");
+ userProfile.setLoginId("134");
+ userProfile.setPassword("usertest12323");
+ userProfile.setUserSource(123);
+ userProfile.setPublicScreenName("user");
+ userProfile.setId(userId);
+ return userProfile;
+ }
+
@Test
public void test11CreateXUser() {
setup();
@@ -1147,4 +1161,499 @@ public class TestXUserMgr {
Assert.assertNotNull(list);
Mockito.verify(xUserService).getXUserByUserName(userName);
}
+
+ @Test
+ public void test45setUserRolesByExternalID() {
+ setup();
+ XXPortalUserRoleDao xPortalUserRoleDao = Mockito
+ .mock(XXPortalUserRoleDao.class);
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ XXUserPermissionDao xUserPermissionDao = Mockito
+ .mock(XXUserPermissionDao.class);
+ XXGroupPermissionDao xGroupPermissionDao = Mockito
+ .mock(XXGroupPermissionDao.class);
+ XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
+
+ VXUser vXUser = vxUser();
+ VXPortalUser userProfile = userProfile();
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+
+ List<VXString> vStringRolesList = new ArrayList<VXString>();
+ VXString vXStringObj = new VXString();
+ vXStringObj.setValue("ROLE_USER");
+ vStringRolesList.add(vXStringObj);
+
+ List<XXPortalUserRole> xPortalUserRoleList = new ArrayList<XXPortalUserRole>();
+ XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+ XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserId(userId);
+ XXPortalUserRole.setUserRole("ROLE_USER");
+ xPortalUserRoleList.add(XXPortalUserRole);
+
+ List<XXUserPermission> xUserPermissionsList = new ArrayList<XXUserPermission>();
+ XXUserPermission xUserPermissionObj = new XXUserPermission();
+ xUserPermissionObj.setAddedByUserId(userId);
+ xUserPermissionObj.setCreateTime(new Date());
+ xUserPermissionObj.setId(userId);
+ xUserPermissionObj.setIsAllowed(1);
+ xUserPermissionObj.setModuleId(1L);
+ xUserPermissionObj.setUpdatedByUserId(userId);
+ xUserPermissionObj.setUpdateTime(new Date());
+ xUserPermissionObj.setUserId(userId);
+ xUserPermissionsList.add(xUserPermissionObj);
+
+ List<XXGroupPermission> xGroupPermissionList = new ArrayList<XXGroupPermission>();
+ XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+ xGroupPermissionObj.setAddedByUserId(userId);
+ xGroupPermissionObj.setCreateTime(new Date());
+ xGroupPermissionObj.setId(userId);
+ xGroupPermissionObj.setIsAllowed(1);
+ xGroupPermissionObj.setModuleId(1L);
+ xGroupPermissionObj.setUpdatedByUserId(userId);
+ xGroupPermissionObj.setUpdateTime(new Date());
+ xGroupPermissionObj.setGroupId(userId);
+ xGroupPermissionList.add(xGroupPermissionObj);
+
+ List<VXGroupPermission> groupPermList = new ArrayList<VXGroupPermission>();
+ VXGroupPermission groupPermission = new VXGroupPermission();
+ groupPermission.setId(1L);
+ groupPermission.setIsAllowed(1);
+ groupPermission.setModuleId(1L);
+ groupPermission.setGroupId(userId);
+ groupPermission.setGroupName("xyz");
+ groupPermission.setOwner("admin");
+ groupPermList.add(groupPermission);
+
+ XXModuleDef xModuleDef = new XXModuleDef();
+ xModuleDef.setUpdatedByUserId(userId);
+ xModuleDef.setAddedByUserId(userId);
+ xModuleDef.setCreateTime(new Date());
+ xModuleDef.setId(userId);
+ xModuleDef.setModule("Policy manager");
+ xModuleDef.setUpdateTime(new Date());
+ xModuleDef.setUrl("/policy manager");
+
+ VXUserPermission userPermission = new VXUserPermission();
+ userPermission.setId(1L);
+ userPermission.setIsAllowed(1);
+ userPermission.setModuleId(1L);
+ userPermission.setUserId(userId);
+ userPermission.setUserName("xyz");
+ userPermission.setOwner("admin");
+
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
+ xPortalUserRoleDao);
+ Mockito.when(xPortalUserRoleDao.findByUserId(userId)).thenReturn(
+ xPortalUserRoleList);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.getById(userId)).thenReturn(user);
+ Mockito.when(daoManager.getXXUserPermission()).thenReturn(
+ xUserPermissionDao);
+ Mockito.when(
+ xUserPermissionDao
+ .findByUserPermissionIdAndIsAllowed(userProfile.getId()))
+ .thenReturn(xUserPermissionsList);
+ Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
+ xGroupPermissionDao);
+ Mockito.when(
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
+ .thenReturn(xGroupPermissionList);
+ Mockito.when(
+ xGroupPermissionService.populateViewBean(xGroupPermissionObj))
+ .thenReturn(groupPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(
+ xUserPermissionService.populateViewBean(xUserPermissionObj))
+ .thenReturn(userPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(xUserMgr.getXUser(userId)).thenReturn(vXUser);
+ Mockito.when(userMgr.getUserProfileByLoginId(vXUser.getName()))
+ .thenReturn(userProfile);
+ VXStringList vXStringList = xUserMgr.setUserRolesByExternalID(userId,
+ vStringRolesList);
+ Assert.assertNotNull(vXStringList);
+ }
+
+ @Test
+ public void test46setUserRolesByName() {
+ setup();
+ XXPortalUserRoleDao xPortalUserRoleDao = Mockito
+ .mock(XXPortalUserRoleDao.class);
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ XXUserPermissionDao xUserPermissionDao = Mockito
+ .mock(XXUserPermissionDao.class);
+ XXGroupPermissionDao xGroupPermissionDao = Mockito
+ .mock(XXGroupPermissionDao.class);
+ XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
+
+ VXPortalUser userProfile = userProfile();
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+
+ List<VXString> vStringRolesList = new ArrayList<VXString>();
+ VXString vXStringObj = new VXString();
+ vXStringObj.setValue("ROLE_USER");
+ vStringRolesList.add(vXStringObj);
+
+ List<XXPortalUserRole> xPortalUserRoleList = new ArrayList<XXPortalUserRole>();
+ XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+ XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserId(userId);
+ XXPortalUserRole.setUserRole("ROLE_USER");
+ xPortalUserRoleList.add(XXPortalUserRole);
+
+ List<XXUserPermission> xUserPermissionsList = new ArrayList<XXUserPermission>();
+ XXUserPermission xUserPermissionObj = new XXUserPermission();
+ xUserPermissionObj.setAddedByUserId(userId);
+ xUserPermissionObj.setCreateTime(new Date());
+ xUserPermissionObj.setId(userId);
+ xUserPermissionObj.setIsAllowed(1);
+ xUserPermissionObj.setModuleId(1L);
+ xUserPermissionObj.setUpdatedByUserId(userId);
+ xUserPermissionObj.setUpdateTime(new Date());
+ xUserPermissionObj.setUserId(userId);
+ xUserPermissionsList.add(xUserPermissionObj);
+
+ List<XXGroupPermission> xGroupPermissionList = new ArrayList<XXGroupPermission>();
+ XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+ xGroupPermissionObj.setAddedByUserId(userId);
+ xGroupPermissionObj.setCreateTime(new Date());
+ xGroupPermissionObj.setId(userId);
+ xGroupPermissionObj.setIsAllowed(1);
+ xGroupPermissionObj.setModuleId(1L);
+ xGroupPermissionObj.setUpdatedByUserId(userId);
+ xGroupPermissionObj.setUpdateTime(new Date());
+ xGroupPermissionObj.setGroupId(userId);
+ xGroupPermissionList.add(xGroupPermissionObj);
+
+ List<VXGroupPermission> groupPermList = new ArrayList<VXGroupPermission>();
+ VXGroupPermission groupPermission = new VXGroupPermission();
+ groupPermission.setId(1L);
+ groupPermission.setIsAllowed(1);
+ groupPermission.setModuleId(1L);
+ groupPermission.setGroupId(userId);
+ groupPermission.setGroupName("xyz");
+ groupPermission.setOwner("admin");
+ groupPermList.add(groupPermission);
+
+ XXModuleDef xModuleDef = new XXModuleDef();
+ xModuleDef.setUpdatedByUserId(userId);
+ xModuleDef.setAddedByUserId(userId);
+ xModuleDef.setCreateTime(new Date());
+ xModuleDef.setId(userId);
+ xModuleDef.setModule("Policy manager");
+ xModuleDef.setUpdateTime(new Date());
+ xModuleDef.setUrl("/policy manager");
+
+ VXUserPermission userPermission = new VXUserPermission();
+ userPermission.setId(1L);
+ userPermission.setIsAllowed(1);
+ userPermission.setModuleId(1L);
+ userPermission.setUserId(userId);
+ userPermission.setUserName("xyz");
+ userPermission.setOwner("admin");
+
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
+ xPortalUserRoleDao);
+ Mockito.when(xPortalUserRoleDao.findByUserId(userId)).thenReturn(
+ xPortalUserRoleList);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.getById(userId)).thenReturn(user);
+ Mockito.when(daoManager.getXXUserPermission()).thenReturn(
+ xUserPermissionDao);
+ Mockito.when(
+ xUserPermissionDao
+ .findByUserPermissionIdAndIsAllowed(userProfile.getId()))
+ .thenReturn(xUserPermissionsList);
+ Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
+ xGroupPermissionDao);
+ Mockito.when(
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
+ .thenReturn(xGroupPermissionList);
+ Mockito.when(
+ xGroupPermissionService.populateViewBean(xGroupPermissionObj))
+ .thenReturn(groupPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(
+ xUserPermissionService.populateViewBean(xUserPermissionObj))
+ .thenReturn(userPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(userMgr.getUserProfileByLoginId(userProfile.getLoginId()))
+ .thenReturn(userProfile);
+ VXStringList vXStringList = xUserMgr.setUserRolesByName(
+ userProfile.getLoginId(), vStringRolesList);
+ Assert.assertNotNull(vXStringList);
+ }
+
+ @Test
+ public void test47getUserRolesByExternalID() {
+ setup();
+ XXPortalUserRoleDao xPortalUserRoleDao = Mockito
+ .mock(XXPortalUserRoleDao.class);
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ XXUserPermissionDao xUserPermissionDao = Mockito
+ .mock(XXUserPermissionDao.class);
+ XXGroupPermissionDao xGroupPermissionDao = Mockito
+ .mock(XXGroupPermissionDao.class);
+ XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
+
+ VXUser vXUser = vxUser();
+ VXPortalUser userProfile = userProfile();
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+
+ List<VXString> vStringRolesList = new ArrayList<VXString>();
+ VXString vXStringObj = new VXString();
+ vXStringObj.setValue("ROLE_USER");
+ vStringRolesList.add(vXStringObj);
+
+ List<XXPortalUserRole> xPortalUserRoleList = new ArrayList<XXPortalUserRole>();
+ XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+ XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserId(userId);
+ XXPortalUserRole.setUserRole("ROLE_USER");
+ xPortalUserRoleList.add(XXPortalUserRole);
+
+ List<XXUserPermission> xUserPermissionsList = new ArrayList<XXUserPermission>();
+ XXUserPermission xUserPermissionObj = new XXUserPermission();
+ xUserPermissionObj.setAddedByUserId(userId);
+ xUserPermissionObj.setCreateTime(new Date());
+ xUserPermissionObj.setId(userId);
+ xUserPermissionObj.setIsAllowed(1);
+ xUserPermissionObj.setModuleId(1L);
+ xUserPermissionObj.setUpdatedByUserId(userId);
+ xUserPermissionObj.setUpdateTime(new Date());
+ xUserPermissionObj.setUserId(userId);
+ xUserPermissionsList.add(xUserPermissionObj);
+
+ List<XXGroupPermission> xGroupPermissionList = new ArrayList<XXGroupPermission>();
+ XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+ xGroupPermissionObj.setAddedByUserId(userId);
+ xGroupPermissionObj.setCreateTime(new Date());
+ xGroupPermissionObj.setId(userId);
+ xGroupPermissionObj.setIsAllowed(1);
+ xGroupPermissionObj.setModuleId(1L);
+ xGroupPermissionObj.setUpdatedByUserId(userId);
+ xGroupPermissionObj.setUpdateTime(new Date());
+ xGroupPermissionObj.setGroupId(userId);
+ xGroupPermissionList.add(xGroupPermissionObj);
+
+ List<VXGroupPermission> groupPermList = new ArrayList<VXGroupPermission>();
+ VXGroupPermission groupPermission = new VXGroupPermission();
+ groupPermission.setId(1L);
+ groupPermission.setIsAllowed(1);
+ groupPermission.setModuleId(1L);
+ groupPermission.setGroupId(userId);
+ groupPermission.setGroupName("xyz");
+ groupPermission.setOwner("admin");
+ groupPermList.add(groupPermission);
+
+ XXModuleDef xModuleDef = new XXModuleDef();
+ xModuleDef.setUpdatedByUserId(userId);
+ xModuleDef.setAddedByUserId(userId);
+ xModuleDef.setCreateTime(new Date());
+ xModuleDef.setId(userId);
+ xModuleDef.setModule("Policy manager");
+ xModuleDef.setUpdateTime(new Date());
+ xModuleDef.setUrl("/policy manager");
+
+ VXUserPermission userPermission = new VXUserPermission();
+ userPermission.setId(1L);
+ userPermission.setIsAllowed(1);
+ userPermission.setModuleId(1L);
+ userPermission.setUserId(userId);
+ userPermission.setUserName("xyz");
+ userPermission.setOwner("admin");
+
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
+ xPortalUserRoleDao);
+ Mockito.when(xPortalUserRoleDao.findByUserId(userId)).thenReturn(
+ xPortalUserRoleList);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.getById(userId)).thenReturn(user);
+ Mockito.when(daoManager.getXXUserPermission()).thenReturn(
+ xUserPermissionDao);
+ Mockito.when(
+ xUserPermissionDao
+ .findByUserPermissionIdAndIsAllowed(userProfile.getId()))
+ .thenReturn(xUserPermissionsList);
+ Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
+ xGroupPermissionDao);
+ Mockito.when(
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
+ .thenReturn(xGroupPermissionList);
+ Mockito.when(
+ xGroupPermissionService.populateViewBean(xGroupPermissionObj))
+ .thenReturn(groupPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(
+ xUserPermissionService.populateViewBean(xUserPermissionObj))
+ .thenReturn(userPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(xUserMgr.getXUser(userId)).thenReturn(vXUser);
+ Mockito.when(userMgr.getUserProfileByLoginId(vXUser.getName()))
+ .thenReturn(userProfile);
+ VXStringList vXStringList = xUserMgr.getUserRolesByExternalID(userId);
+ Assert.assertNotNull(vXStringList);
+ }
+
+ @Test
+ public void test48getUserRolesByName() {
+ setup();
+ XXPortalUserRoleDao xPortalUserRoleDao = Mockito
+ .mock(XXPortalUserRoleDao.class);
+ XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+ XXUserPermissionDao xUserPermissionDao = Mockito
+ .mock(XXUserPermissionDao.class);
+ XXGroupPermissionDao xGroupPermissionDao = Mockito
+ .mock(XXGroupPermissionDao.class);
+ XXModuleDefDao xModuleDefDao = Mockito.mock(XXModuleDefDao.class);
+
+ VXPortalUser userProfile = userProfile();
+ Collection<String> userRoleList = new ArrayList<String>();
+ userRoleList.add("ROLE_USER");
+ userProfile.setUserRoleList(userRoleList);
+
+ XXPortalUser user = new XXPortalUser();
+ user.setEmailAddress(userProfile.getEmailAddress());
+ user.setFirstName(userProfile.getFirstName());
+ user.setLastName(userProfile.getLastName());
+ user.setLoginId(userProfile.getLoginId());
+ user.setPassword(userProfile.getPassword());
+ user.setUserSource(userProfile.getUserSource());
+ user.setPublicScreenName(userProfile.getPublicScreenName());
+ user.setId(userProfile.getId());
+
+ List<VXString> vStringRolesList = new ArrayList<VXString>();
+ VXString vXStringObj = new VXString();
+ vXStringObj.setValue("ROLE_USER");
+ vStringRolesList.add(vXStringObj);
+
+ List<XXPortalUserRole> xPortalUserRoleList = new ArrayList<XXPortalUserRole>();
+ XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+ XXPortalUserRole.setId(userId);
+ XXPortalUserRole.setUserId(userId);
+ XXPortalUserRole.setUserRole("ROLE_USER");
+ xPortalUserRoleList.add(XXPortalUserRole);
+
+ List<XXUserPermission> xUserPermissionsList = new ArrayList<XXUserPermission>();
+ XXUserPermission xUserPermissionObj = new XXUserPermission();
+ xUserPermissionObj.setAddedByUserId(userId);
+ xUserPermissionObj.setCreateTime(new Date());
+ xUserPermissionObj.setId(userId);
+ xUserPermissionObj.setIsAllowed(1);
+ xUserPermissionObj.setModuleId(1L);
+ xUserPermissionObj.setUpdatedByUserId(userId);
+ xUserPermissionObj.setUpdateTime(new Date());
+ xUserPermissionObj.setUserId(userId);
+ xUserPermissionsList.add(xUserPermissionObj);
+
+ List<XXGroupPermission> xGroupPermissionList = new ArrayList<XXGroupPermission>();
+ XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+ xGroupPermissionObj.setAddedByUserId(userId);
+ xGroupPermissionObj.setCreateTime(new Date());
+ xGroupPermissionObj.setId(userId);
+ xGroupPermissionObj.setIsAllowed(1);
+ xGroupPermissionObj.setModuleId(1L);
+ xGroupPermissionObj.setUpdatedByUserId(userId);
+ xGroupPermissionObj.setUpdateTime(new Date());
+ xGroupPermissionObj.setGroupId(userId);
+ xGroupPermissionList.add(xGroupPermissionObj);
+
+ List<VXGroupPermission> groupPermList = new ArrayList<VXGroupPermission>();
+ VXGroupPermission groupPermission = new VXGroupPermission();
+ groupPermission.setId(1L);
+ groupPermission.setIsAllowed(1);
+ groupPermission.setModuleId(1L);
+ groupPermission.setGroupId(userId);
+ groupPermission.setGroupName("xyz");
+ groupPermission.setOwner("admin");
+ groupPermList.add(groupPermission);
+
+ XXModuleDef xModuleDef = new XXModuleDef();
+ xModuleDef.setUpdatedByUserId(userId);
+ xModuleDef.setAddedByUserId(userId);
+ xModuleDef.setCreateTime(new Date());
+ xModuleDef.setId(userId);
+ xModuleDef.setModule("Policy manager");
+ xModuleDef.setUpdateTime(new Date());
+ xModuleDef.setUrl("/policy manager");
+
+ VXUserPermission userPermission = new VXUserPermission();
+ userPermission.setId(1L);
+ userPermission.setIsAllowed(1);
+ userPermission.setModuleId(1L);
+ userPermission.setUserId(userId);
+ userPermission.setUserName("xyz");
+ userPermission.setOwner("admin");
+
+ Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(
+ xPortalUserRoleDao);
+ Mockito.when(xPortalUserRoleDao.findByUserId(userId)).thenReturn(
+ xPortalUserRoleList);
+ Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+ Mockito.when(userDao.getById(userId)).thenReturn(user);
+ Mockito.when(daoManager.getXXUserPermission()).thenReturn(
+ xUserPermissionDao);
+ Mockito.when(
+ xUserPermissionDao
+ .findByUserPermissionIdAndIsAllowed(userProfile.getId()))
+ .thenReturn(xUserPermissionsList);
+ Mockito.when(daoManager.getXXGroupPermission()).thenReturn(
+ xGroupPermissionDao);
+ Mockito.when(
+ xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId()))
+ .thenReturn(xGroupPermissionList);
+ Mockito.when(
+ xGroupPermissionService.populateViewBean(xGroupPermissionObj))
+ .thenReturn(groupPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(
+ xUserPermissionService.populateViewBean(xUserPermissionObj))
+ .thenReturn(userPermission);
+ Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+ Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong()))
+ .thenReturn(xModuleDef);
+ Mockito.when(userMgr.getUserProfileByLoginId(userProfile.getLoginId()))
+ .thenReturn(userProfile);
+ VXStringList vXStringList = xUserMgr.getUserRolesByName(userProfile
+ .getLoginId());
+ Assert.assertNotNull(vXStringList);
+ }
}
[3/3] incubator-ranger git commit: RANGER-697 : KeyAdmin role user
should see only KMS related audit access logs in Audit tab
Posted by ve...@apache.org.
RANGER-697 : KeyAdmin role user should see only KMS related audit access logs in Audit tab
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/a94e793d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/a94e793d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/a94e793d
Branch: refs/heads/ranger-0.5
Commit: a94e793db824b97165eab42ed60538c76d53920b
Parents: 86d0ba0
Author: Gautam Borad <ga...@apache.org>
Authored: Tue Oct 13 17:34:13 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Tue Oct 13 20:34:14 2015 -0400
----------------------------------------------------------------------
.../main/java/org/apache/ranger/rest/AssetREST.java | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/a94e793d/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
index 79cea02..775c647 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
@@ -51,8 +51,11 @@ import org.apache.ranger.common.ServiceUtil;
import org.apache.ranger.common.StringUtil;
import org.apache.ranger.common.annotation.RangerAnnotationClassName;
import org.apache.ranger.common.annotation.RangerAnnotationJSMgrName;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.plugin.util.GrantRevokeRequest;
import org.apache.ranger.plugin.util.SearchFilter;
import org.apache.ranger.plugin.util.ServicePolicies;
@@ -134,7 +137,9 @@ public class AssetREST {
@Autowired
ServiceREST serviceREST;
-
+ @Autowired
+ RangerDaoManager daoManager;
+
@GET
@Path("/assets/{id}")
@Produces({ "application/xml", "application/json" })
@@ -645,6 +650,13 @@ public class AssetREST {
"startDate", "MM/dd/yyyy");
searchUtil.extractDate(request, searchCriteria, "endDate", "endDate",
"MM/dd/yyyy");
+
+ boolean isKeyAdmin = msBizUtil.isKeyAdmin();
+ XXServiceDef xxServiceDef = daoManager.getXXServiceDef().findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_KMS_NAME);
+ if(isKeyAdmin && xxServiceDef != null){
+ searchCriteria.getParamList().put("repoType", xxServiceDef.getId());
+ }
+
return assetMgr.getAccessLogs(searchCriteria);
}
[2/3] incubator-ranger git commit: RANGER-681 : Update default sync
intervals for LDAP and UNIX
Posted by ve...@apache.org.
RANGER-681 : Update default sync intervals for LDAP and UNIX
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/86d0ba0c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/86d0ba0c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/86d0ba0c
Branch: refs/heads/ranger-0.5
Commit: 86d0ba0c920da9d2f78278b710c8cf8107ac925e
Parents: bd8caf4
Author: Gautam Borad <ga...@apache.org>
Authored: Tue Oct 13 15:44:06 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Tue Oct 13 20:34:02 2015 -0400
----------------------------------------------------------------------
.../config/UserGroupSyncConfig.java | 21 ++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/86d0ba0c/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
index 7240fce..c1b305b 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
@@ -75,11 +75,11 @@ public class UserGroupSyncConfig {
private static final String UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_PARAM = "ranger.usersync.sleeptimeinmillisbetweensynccycle" ;
- private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE = 30000L ;
+ private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE = 60000L;
- private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_UNIX_DEFAULT_VALUE = 300000L ;
+ private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_UNIX_DEFAULT_VALUE = 60000L;
- private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_LDAP_DEFAULT_VALUE = 21600000L ;
+ private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_LDAP_DEFAULT_VALUE = 3600000L;
private static final String UGSYNC_SOURCE_CLASS_PARAM = "ranger.usersync.source.impl.class";
@@ -365,9 +365,18 @@ public class UserGroupSyncConfig {
}
else {
long ret = Long.parseLong(val) ;
- if (ret < UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE) {
- LOG.info("Sleep Time Between Cycle can not be lower than [" + UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE + "] millisec. resetting to min value.") ;
- ret = UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE ;
+ long min_interval;
+ if (LGSYNC_SOURCE_CLASS.equals(getUserGroupSource().getClass().getName())) {
+ min_interval = UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_LDAP_DEFAULT_VALUE ;
+ }else if(UGSYNC_SOURCE_CLASS.equals(getUserGroupSource().getClass().getName())){
+ min_interval = UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_UNIX_DEFAULT_VALUE;
+ } else {
+ min_interval = UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE ;
+ }
+ if(ret < min_interval)
+ {
+ LOG.info("Sleep Time Between Cycle can not be lower than [" + min_interval + "] millisec. resetting to min value.") ;
+ ret = min_interval;
}
return ret;
}