You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/20 02:27:28 UTC
[2/4] incubator-ranger git commit: RANGER-203: Framework to extend
Ranger security to new components in a pluggable way
RANGER-203: Framework to extend Ranger security to new components in a pluggable way
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/e99d911d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/e99d911d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/e99d911d
Branch: refs/heads/stack
Commit: e99d911dc94fd70ad46e6c2e5568aa64d9eb1bab
Parents: 06ca853
Author: Madhan Neethiraj <ma...@apache.org>
Authored: Thu Dec 18 14:47:56 2014 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Thu Dec 18 14:47:56 2014 -0800
----------------------------------------------------------------------
plugin-common/pom.xml | 42 +
.../plugin/manager/ServiceDefManager.java | 141 +++
.../ranger/plugin/manager/ServiceManager.java | 250 ++++
.../plugin/model/RangerBaseModelObject.java | 166 +++
.../ranger/plugin/model/RangerPolicy.java | 633 ++++++++++
.../ranger/plugin/model/RangerService.java | 190 +++
.../ranger/plugin/model/RangerServiceDef.java | 1146 ++++++++++++++++++
.../policyengine/RangerAccessRequest.java | 42 +
.../policyengine/RangerAccessRequestImpl.java | 98 ++
.../plugin/policyengine/RangerPolicyEngine.java | 32 +
.../policyengine/RangerPolicyEngineImpl.java | 114 ++
.../plugin/policyengine/RangerResource.java | 31 +
.../plugin/policyengine/RangerResourceImpl.java | 137 +++
.../ranger/plugin/store/ServiceDefStore.java | 38 +
.../ranger/plugin/store/ServiceStore.java | 56 +
.../ranger/plugin/store/file/BaseFileStore.java | 354 ++++++
.../plugin/store/file/ServiceDefFileStore.java | 357 ++++++
.../plugin/store/file/ServiceFileStore.java | 577 +++++++++
.../service-defs/ranger-servicedef-hbase.json | 51 +
.../service-defs/ranger-servicedef-hdfs.json | 61 +
.../service-defs/ranger-servicedef-hive.json | 45 +
.../service-defs/ranger-servicedef-knox.json | 34 +
.../service-defs/ranger-servicedef-storm.json | 46 +
.../plugin/manager/TestServiceManager.java | 203 ++++
pom.xml | 1 +
security-admin/pom.xml | 5 +
26 files changed, 4850 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/pom.xml
----------------------------------------------------------------------
diff --git a/plugin-common/pom.xml b/plugin-common/pom.xml
new file mode 100644
index 0000000..f0d4efe
--- /dev/null
+++ b/plugin-common/pom.xml
@@ -0,0 +1,42 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.ranger</groupId>
+ <artifactId>ranger</artifactId>
+ <version>0.4.0</version>
+ </parent>
+ <artifactId>plugin-common</artifactId>
+ <name>ranger-plugin-common</name>
+ <description>Ranger Plugin Common Library</description>
+ <dependencies>
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-core-asl</artifactId>
+ <version>${codehaus.jackson.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ <version>${codehaus.jackson.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ <version>${log4j.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ <version>${commons.logging.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-common</artifactId>
+ <version>${hadoop-common.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceDefManager.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceDefManager.java b/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceDefManager.java
new file mode 100644
index 0000000..ce7dbf0
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceDefManager.java
@@ -0,0 +1,141 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.manager;
+
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.store.ServiceDefStore;
+import org.apache.ranger.plugin.store.file.ServiceDefFileStore;
+
+
+public class ServiceDefManager {
+ private static final Log LOG = LogFactory.getLog(ServiceDefManager.class);
+
+ private ServiceDefStore sdStore = null;
+
+ public ServiceDefManager() {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.ServiceDefManager()");
+ }
+
+ init();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.ServiceDefManager()");
+ }
+ }
+
+ public RangerServiceDef create(RangerServiceDef serviceDef) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.create(" + serviceDef + ")");
+ }
+
+ RangerServiceDef ret = sdStore.create(serviceDef);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.create(" + serviceDef + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public RangerServiceDef update(RangerServiceDef serviceDef) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.update(" + serviceDef + ")");
+ }
+
+ RangerServiceDef ret = sdStore.update(serviceDef);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.update(" + serviceDef + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public void delete(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.delete(" + id + ")");
+ }
+
+ sdStore.delete(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.delete(" + id + ")");
+ }
+ }
+
+ public RangerServiceDef get(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.get(" + id + ")");
+ }
+
+ RangerServiceDef ret = sdStore.get(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.get(" + id + ")");
+ }
+
+ return ret;
+ }
+
+ public RangerServiceDef getByName(String name) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.getByName(" + name + ")");
+ }
+
+ RangerServiceDef ret = sdStore.getByName(name);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.getByName(" + name + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public List<RangerServiceDef> getAll() throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.getAll()");
+ }
+
+ List<RangerServiceDef> ret = sdStore.getAll();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.getAll(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ private void init() {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceDefManager.init()");
+ }
+
+ sdStore = new ServiceDefFileStore(); // TODO: store type should be configurable
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceDefManager.init()");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceManager.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceManager.java b/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceManager.java
new file mode 100644
index 0000000..7b947ea
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/manager/ServiceManager.java
@@ -0,0 +1,250 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.manager;
+
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.store.ServiceStore;
+import org.apache.ranger.plugin.store.file.ServiceFileStore;
+
+
+public class ServiceManager {
+ private static final Log LOG = LogFactory.getLog(ServiceManager.class);
+
+ private ServiceStore svcStore = null;
+
+ public ServiceManager() {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.ServiceManager()");
+ }
+
+ init();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.ServiceManager()");
+ }
+ }
+
+ public RangerService create(RangerService service) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.create(" + service + ")");
+ }
+
+ RangerService ret = svcStore.create(service);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.create(" + service + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public RangerService update(RangerService service) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.update(" + service + ")");
+ }
+
+ RangerService ret = svcStore.update(service);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.update(" + service + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public void delete(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.delete(" + id + ")");
+ }
+
+ svcStore.delete(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.delete(" + id + ")");
+ }
+ }
+
+ public RangerService get(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.get(" + id + ")");
+ }
+
+ RangerService ret = svcStore.get(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.get(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public RangerService getByName(String name) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getByName(" + name + ")");
+ }
+
+ RangerService ret = svcStore.getByName(name);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.getByName(" + name + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public List<RangerService> getAll() throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getAll()");
+ }
+
+ List<RangerService> ret = svcStore.getAll();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.getAll(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ public void validateConfig(RangerService service) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.validateConfig(" + service + ")");
+ }
+
+ // TODO: call validateConfig() on the implClass
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.validateConfig(" + service + ")");
+ }
+ }
+
+ public RangerPolicy createPolicy(RangerPolicy policy) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.createPolicy(" + policy + ")");
+ }
+
+ RangerPolicy ret = svcStore.createPolicy(policy);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.createPolicy(" + policy + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public RangerPolicy updatePolicy(RangerPolicy policy) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.updatePolicy(" + policy + ")");
+ }
+
+ RangerPolicy ret = svcStore.updatePolicy(policy);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.updatePolicy(" + policy + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public void deletePolicy(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.deletePolicy(" + id + ")");
+ }
+
+ svcStore.deletePolicy(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.deletePolicy(" + id + ")");
+ }
+ }
+
+ public RangerPolicy getPolicy(Long id) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getPolicy(" + id + ")");
+ }
+
+ RangerPolicy ret = svcStore.getPolicy(id);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.getPolicy(" + id + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public List<RangerPolicy> getPolicies(Long svcId) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getPolicies(" + svcId + ")");
+ }
+
+ List<RangerPolicy> ret = svcStore.getServicePolicies(svcId);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.getPolicies(" + svcId + "): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ public RangerPolicy getPolicyByName(String svcName, String policyName) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getPolicyByName(" + svcName + "," + policyName + ")");
+ }
+
+ RangerPolicy ret = svcStore.getPolicyByName(svcName, policyName);
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.getPolicyByName(" + svcName + "," + policyName + "): " + ret);
+ }
+
+ return ret;
+ }
+
+ public List<RangerPolicy> getAllPolicies() throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.getAllPolicies()");
+ }
+
+ List<RangerPolicy> ret = svcStore.getAllPolicies();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== getAllPolicies.getAll(): count=" + (ret == null ? 0 : ret.size()));
+ }
+
+ return ret;
+ }
+
+ private void init() {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> ServiceManager.init()");
+ }
+
+ svcStore = new ServiceFileStore(); // TODO: store type should be configurable
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== ServiceManager.init()");
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
new file mode 100644
index 0000000..85bbb3e
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java
@@ -0,0 +1,166 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.Date;
+import java.util.Map;
+import java.util.UUID;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private Long id = null;
+ private String guid = null;
+ private String createdBy = null;
+ private String updatedBy = null;
+ private Date createTime = null;
+ private Date updateTime = null;
+ private Long version = null;
+
+ /**
+ *
+ */
+ public RangerBaseModelObject() {
+ }
+
+ public void updateFrom(RangerBaseModelObject other) {
+ // Nothing to copy
+ }
+
+ /**
+ * @return the id
+ */
+ public Long getId() {
+ return id;
+ }
+ /**
+ * @param id the id to set
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+ /**
+ * @return the guid
+ */
+ public String getGuid() {
+ return guid;
+ }
+ /**
+ * @param guid the guid to set
+ */
+ public void setGuid(String guid) {
+ this.guid = guid;
+ }
+ /**
+ * @return the createdBy
+ */
+ public String getCreatedBy() {
+ return createdBy;
+ }
+ /**
+ * @param createdBy the createdBy to set
+ */
+ public void setCreatedBy(String createdBy) {
+ this.createdBy = createdBy;
+ }
+ /**
+ * @return the updatedBy
+ */
+ public String getUpdatedBy() {
+ return updatedBy;
+ }
+ /**
+ * @param updatedBy the updatedBy to set
+ */
+ public void setUpdatedBy(String updatedBy) {
+ this.updatedBy = updatedBy;
+ }
+ /**
+ * @return the createTime
+ */
+ public Date getCreateTime() {
+ return createTime;
+ }
+ /**
+ * @param createTime the createTime to set
+ */
+ public void setCreateTime(Date createTime) {
+ this.createTime = createTime;
+ }
+ /**
+ * @return the updateTime
+ */
+ public Date getUpdateTime() {
+ return updateTime;
+ }
+ /**
+ * @param updateTime the updateTime to set
+ */
+ public void setUpdateTime(Date updateTime) {
+ this.updateTime = updateTime;
+ }
+ /**
+ * @return the version
+ */
+ public Long getVersion() {
+ return version;
+ }
+ /**
+ * @param version the version to set
+ */
+ public void setVersion(Long version) {
+ this.version = version;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("id={").append(id).append("} ");
+ sb.append("guid={").append(guid).append("} ");
+ sb.append("createdBy={").append(createdBy).append("} ");
+ sb.append("updatedBy={").append(updatedBy).append("} ");
+ sb.append("createTime={").append(createTime).append("} ");
+ sb.append("updateTime={").append(updateTime).append("} ");
+ sb.append("version={").append(version).append("} ");
+
+ return sb;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
new file mode 100644
index 0000000..13a9c4d
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
@@ -0,0 +1,633 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerPolicy extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String service = null;
+ private String name = null;
+ private String description = null;
+ private Boolean isEnabled = null;
+ private Boolean isAuditEnabled = null;
+ private List<RangerPolicyResource> resources = null;
+ private List<RangerPolicyItem> policyItems = null;
+
+
+ /**
+ * @param type
+ */
+ public RangerPolicy() {
+ this(null, null, null, null, null, null);
+ }
+
+ /**
+ * @param type
+ * @param name
+ * @param description
+ * @param isEnabled
+ * @param configs
+ */
+ public RangerPolicy(String service, String name, String description, Boolean isEnabled, List<RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) {
+ super();
+
+ setService(service);
+ setName(name);
+ setDescription(description);
+ setIsEnabled(isEnabled);
+ setIsAuditEnabled(null);
+ setResources(resources);
+ setPolicyItems(policyItems);
+ }
+
+ public void updateFrom(RangerPolicy other) {
+ super.updateFrom(other);
+
+ setService(other.getService());
+ setName(other.getName());
+ setDescription(other.getDescription());
+ setIsEnabled(other.getIsEnabled());
+ setIsAuditEnabled(other.getIsAuditEnabled());
+ setResources(other.getResources());
+ setPolicyItems(other.getPolicyItems());
+ }
+
+ /**
+ * @return the type
+ */
+ public String getService() {
+ return service;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setService(String service) {
+ this.service = service;
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the isEnabled
+ */
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+
+ /**
+ * @param isEnabled the isEnabled to set
+ */
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled;
+ }
+
+ /**
+ * @return the isAuditEnabled
+ */
+ public Boolean getIsAuditEnabled() {
+ return isAuditEnabled;
+ }
+
+ /**
+ * @param isEnabled the isEnabled to set
+ */
+ public void setIsAuditEnabled(Boolean isAuditEnabled) {
+ this.isAuditEnabled = isAuditEnabled == null ? Boolean.TRUE : isAuditEnabled;
+ }
+
+ /**
+ * @return the resources
+ */
+ public List<RangerPolicyResource> getResources() {
+ return resources;
+ }
+
+ /**
+ * @param configs the resources to set
+ */
+ public void setResources(List<RangerPolicyResource> resources) {
+ this.resources = new ArrayList<RangerPolicyResource>();
+
+ if(resources != null) {
+ for(RangerPolicyResource resource : resources) {
+ this.resources.add(resource);
+ }
+ }
+ }
+
+ /**
+ * @return the policyItems
+ */
+ public List<RangerPolicyItem> getPolicyItems() {
+ return policyItems;
+ }
+
+ /**
+ * @param policyItems the policyItems to set
+ */
+ public void setPolicyItems(List<RangerPolicyItem> policyItems) {
+ this.policyItems = new ArrayList<RangerPolicyItem>();
+
+ if(policyItems != null) {
+ for(RangerPolicyItem policyItem : policyItems) {
+ this.policyItems.add(policyItem);
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicy={");
+
+ super.toString(sb);
+
+ sb.append("service={").append(service).append("} ");
+ sb.append("name={").append(name).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("isEnabled={").append(isEnabled).append("} ");
+ sb.append("isAuditEnabled={").append(isAuditEnabled).append("} ");
+
+ sb.append("resources={");
+ if(resources != null) {
+ for(RangerPolicyResource resource : resources) {
+ if(resource != null) {
+ resource.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("policyItems={");
+ if(policyItems != null) {
+ for(RangerPolicyItem policyItem : policyItems) {
+ if(policyItem != null) {
+ policyItem.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+
+
+ public static class RangerPolicyResource implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private String value = null;
+ private Boolean isExcludes = null;
+ private Boolean isRecursive = null;
+
+
+ public RangerPolicyResource() {
+ this(null, null, null, null);
+ }
+
+ public RangerPolicyResource(String type, String value, Boolean isExcludes, Boolean isRecursive) {
+ setType(type);
+ setValue(value);
+ setIsExcludes(isExcludes);
+ setIsRecursive(isRecursive);
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the value
+ */
+ public String getValue() {
+ return value;
+ }
+
+ /**
+ * @param value the value to set
+ */
+ public void setValue(String value) {
+ this.value = value;
+ }
+
+ /**
+ * @return the isExcludes
+ */
+ public Boolean getIsExcludes() {
+ return isExcludes;
+ }
+
+ /**
+ * @param isExcludes the isExcludes to set
+ */
+ public void setIsExcludes(Boolean isExcludes) {
+ this.isExcludes = isExcludes == null ? Boolean.FALSE : isExcludes;
+ }
+
+ /**
+ * @return the isRecursive
+ */
+ public Boolean getIsRecursive() {
+ return isRecursive;
+ }
+
+ /**
+ * @param isRecursive the isRecursive to set
+ */
+ public void setIsRecursive(Boolean isRecursive) {
+ this.isRecursive = isRecursive == null ? Boolean.FALSE : isRecursive;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyResource={");
+ sb.append("type={").append(type).append("} ");
+ sb.append("value={").append(value).append("} ");
+ sb.append("isExcludes={").append(isExcludes).append("} ");
+ sb.append("isRecursive={").append(isRecursive).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItem implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private List<RangerPolicyItemAccess> accesses = null;
+ private List<String> users = null;
+ private List<String> groups = null;
+ private List<RangerPolicyItemCondition> conditions = null;
+ private Boolean delegateAdmin = null;
+
+ public RangerPolicyItem() {
+ this(null, null, null, null, null);
+ }
+
+ public RangerPolicyItem(List<RangerPolicyItemAccess> accessTypes, List<String> users, List<String> groups, List<RangerPolicyItemCondition> conditions, Boolean delegateAdmin) {
+ setAccesses(accessTypes);
+ setUsers(users);
+ setGroups(groups);
+ setConditions(conditions);
+ setDelegateAdmin(delegateAdmin);
+ }
+
+ /**
+ * @return the accesses
+ */
+ public List<RangerPolicyItemAccess> getAccesses() {
+ return accesses;
+ }
+ /**
+ * @param accesses the accesses to set
+ */
+ public void setAccesses(List<RangerPolicyItemAccess> accesses) {
+ this.accesses = new ArrayList<RangerPolicyItemAccess>();
+
+ if(accesses != null) {
+ for(RangerPolicyItemAccess access : accesses) {
+ this.accesses.add(access);
+ }
+ }
+ }
+ /**
+ * @return the users
+ */
+ public List<String> getUsers() {
+ return users;
+ }
+ /**
+ * @param users the users to set
+ */
+ public void setUsers(List<String> users) {
+ this.users = new ArrayList<String>();
+
+ if(users != null) {
+ for(String user : users) {
+ this.users.add(user);
+ }
+ }
+ }
+ /**
+ * @return the groups
+ */
+ public List<String> getGroups() {
+ return groups;
+ }
+ /**
+ * @param groups the groups to set
+ */
+ public void setGroups(List<String> groups) {
+ this.groups = new ArrayList<String>();
+
+ if(groups != null) {
+ for(String group : groups) {
+ this.groups.add(group);
+ }
+ }
+ }
+ /**
+ * @return the conditions
+ */
+ public List<RangerPolicyItemCondition> getConditions() {
+ return conditions;
+ }
+ /**
+ * @param conditions the conditions to set
+ */
+ public void setConditions(List<RangerPolicyItemCondition> conditions) {
+ this.conditions = new ArrayList<RangerPolicyItemCondition>();
+
+ if(conditions != null) {
+ for(RangerPolicyItemCondition condition : conditions) {
+ this.conditions.add(condition);
+ }
+ }
+ }
+
+ /**
+ * @return the delegateAdmin
+ */
+ public Boolean getDelegateAdmin() {
+ return delegateAdmin;
+ }
+
+ /**
+ * @param delegateAdmin the delegateAdmin to set
+ */
+ public void setDelegateAdmin(Boolean delegateAdmin) {
+ this.delegateAdmin = delegateAdmin == null ? Boolean.FALSE : delegateAdmin;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItem={");
+
+ sb.append("accessTypes={");
+ if(accesses != null) {
+ for(RangerPolicyItemAccess access : accesses) {
+ if(access != null) {
+ access.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("users={");
+ if(users != null) {
+ for(String user : users) {
+ if(user != null) {
+ sb.append(user).append(" ");
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("groups={");
+ if(groups != null) {
+ for(String group : groups) {
+ if(group != null) {
+ sb.append(group).append(" ");
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("conditions={");
+ if(conditions != null) {
+ for(RangerPolicyItemCondition condition : conditions) {
+ if(condition != null) {
+ condition.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("delegateAdmin={").append(delegateAdmin).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItemAccess implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private Boolean isAllowed = null;
+
+ public RangerPolicyItemAccess() {
+ this(null, null);
+ }
+
+ public RangerPolicyItemAccess(String type, Boolean value) {
+ setType(type);
+ setValue(value);
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the value
+ */
+ public Boolean getValue() {
+ return isAllowed;
+ }
+
+ /**
+ * @param value the value to set
+ */
+ public void setValue(Boolean isAllowed) {
+ this.isAllowed = isAllowed == null ? Boolean.FALSE : isAllowed;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItemAccess={");
+ sb.append("type={").append(type).append("} ");
+ sb.append("isAllowed={").append(isAllowed).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+ public static class RangerPolicyItemCondition implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private String value = null;
+
+ public RangerPolicyItemCondition() {
+ this(null, null);
+ }
+
+ public RangerPolicyItemCondition(String type, String value) {
+ setType(type);
+ setValue(value);
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the value
+ */
+ public String getValue() {
+ return value;
+ }
+
+ /**
+ * @param value the value to set
+ */
+ public void setValue(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyItemCondition={");
+ sb.append("type={").append(type).append("} ");
+ sb.append("value={").append(value).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
new file mode 100644
index 0000000..9bdb086
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java
@@ -0,0 +1,190 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerService extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String type = null;
+ private String name = null;
+ private String description = null;
+ private Boolean isEnabled = null;
+ private Map<String, String> configs = null;
+
+
+ /**
+ * @param type
+ */
+ public RangerService() {
+ this(null, null, null, null, null);
+ }
+
+ /**
+ * @param type
+ * @param name
+ * @param description
+ * @param isEnabled
+ * @param configs
+ */
+ public RangerService(String type, String name, String description, Boolean isEnabled, Map<String, String> configs) {
+ super();
+
+ setType(type);
+ setName(name);
+ setDescription(description);
+ setIsEnabled(isEnabled);
+ setConfigs(configs);
+ }
+
+ public void updateFrom(RangerService other) {
+ super.updateFrom(other);
+
+ setType(other.getType());
+ setName(other.getName());
+ setDescription(other.getDescription());
+ setIsEnabled(other.getIsEnabled());
+ setConfigs(other.getConfigs());
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the isEnabled
+ */
+ public Boolean getIsEnabled() {
+ return isEnabled;
+ }
+
+ /**
+ * @param isEnabled the isEnabled to set
+ */
+ public void setIsEnabled(Boolean isEnabled) {
+ this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled;
+ }
+
+ /**
+ * @return the configs
+ */
+ public Map<String, String> getConfigs() {
+ return configs;
+ }
+
+ /**
+ * @param configs the configs to set
+ */
+ public void setConfigs(Map<String, String> configs) {
+ this.configs = new HashMap<String, String>();
+
+ if(configs != null) {
+ for(Map.Entry<String, String> e : configs.entrySet()) {
+ this.configs.put(e.getKey(), e.getValue());
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerService={");
+
+ super.toString(sb);
+ sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("isEnabled={").append(isEnabled).append("} ");
+
+ sb.append("configs={");
+ if(configs != null) {
+ for(Map.Entry<String, String> e : configs.entrySet()) {
+ sb.append(e.getKey()).append("={").append(e.getValue()).append("} ");
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
new file mode 100644
index 0000000..524abea
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -0,0 +1,1146 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.model;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+import org.codehaus.jackson.annotate.JsonAutoDetect;
+import org.codehaus.jackson.annotate.JsonIgnoreProperties;
+import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
+import org.codehaus.jackson.map.annotate.JsonSerialize;
+
+
+@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY)
+@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL )
+@JsonIgnoreProperties(ignoreUnknown=true)
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RangerServiceDef extends RangerBaseModelObject implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String implClass = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+ private List<RangerServiceConfigDef> configs = null;
+ private List<RangerResourceDef> resources = null;
+ private List<RangerAccessTypeDef> accessTypes = null;
+ private List<RangerPolicyConditionDef> policyConditions = null;
+ private List<RangerEnumDef> enums = null;
+
+
+ public RangerServiceDef() {
+ this(null, null, null, null, null, null, null, null, null);
+ }
+
+ public RangerServiceDef(String name, String implClass, String label, String description, List<RangerServiceConfigDef> configs, List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes, List<RangerPolicyConditionDef> policyConditions, List<RangerEnumDef> enums) {
+ super();
+
+ setName(name);
+ setImplClass(implClass);
+ setLabel(label);
+ setDescription(description);
+ setConfigs(configs);
+ setResources(resources);
+ setAccessTypes(accessTypes);
+ setPolicyConditions(policyConditions);
+ setEnums(enums);
+ }
+
+ public void updateFrom(RangerServiceDef other) {
+ setName(other.getName());
+ setImplClass(other.getImplClass());
+ setLabel(other.getLabel());
+ setDescription(other.getDescription());
+ setConfigs(other.getConfigs());
+ setResources(other.getResources());
+ setAccessTypes(other.getAccessTypes());
+ setPolicyConditions(other.getPolicyConditions());
+ setEnums(other.getEnums());
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the implClass
+ */
+ public String getImplClass() {
+ return implClass;
+ }
+
+ /**
+ * @param implClass the implClass to set
+ */
+ public void setImplClass(String implClass) {
+ this.implClass = implClass;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ /**
+ * @return the configs
+ */
+ public List<RangerServiceConfigDef> getConfigs() {
+ return configs;
+ }
+
+ /**
+ * @param configs the configs to set
+ */
+ public void setConfigs(List<RangerServiceConfigDef> configs) {
+ this.configs = new ArrayList<RangerServiceConfigDef>();
+
+ if(configs != null) {
+ for(RangerServiceConfigDef config : configs) {
+ this.configs.add(config);
+ }
+ }
+ }
+
+ /**
+ * @return the resources
+ */
+ public List<RangerResourceDef> getResources() {
+ return resources;
+ }
+
+ /**
+ * @param resources the resources to set
+ */
+ public void setResources(List<RangerResourceDef> resources) {
+ this.resources = new ArrayList<RangerResourceDef>();
+
+ if(resources != null) {
+ for(RangerResourceDef resource : resources) {
+ this.resources.add(resource);
+ }
+ }
+ }
+
+ /**
+ * @return the accessTypes
+ */
+ public List<RangerAccessTypeDef> getAccessTypes() {
+ return accessTypes;
+ }
+
+ /**
+ * @param accessTypes the accessTypes to set
+ */
+ public void setAccessTypes(List<RangerAccessTypeDef> accessTypes) {
+ this.accessTypes = new ArrayList<RangerAccessTypeDef>();
+
+ if(accessTypes != null) {
+ for(RangerAccessTypeDef accessType : accessTypes) {
+ this.accessTypes.add(accessType);
+ }
+ }
+ }
+
+ /**
+ * @return the policyConditions
+ */
+ public List<RangerPolicyConditionDef> getPolicyConditions() {
+ return policyConditions;
+ }
+
+ /**
+ * @param policyConditions the policyConditions to set
+ */
+ public void setPolicyConditions(List<RangerPolicyConditionDef> policyConditions) {
+ this.policyConditions = new ArrayList<RangerPolicyConditionDef>();
+
+ if(policyConditions != null) {
+ for(RangerPolicyConditionDef policyCondition : policyConditions) {
+ this.policyConditions.add(policyCondition);
+ }
+ }
+ }
+
+ /**
+ * @return the enums
+ */
+ public List<RangerEnumDef> getEnums() {
+ return enums;
+ }
+
+ /**
+ * @param enums the enums to set
+ */
+ public void setEnums(List<RangerEnumDef> enums) {
+ this.enums = new ArrayList<RangerEnumDef>();
+
+ if(enums != null) {
+ for(RangerEnumDef enum1 : enums) {
+ this.enums.add(enum1);
+ }
+ }
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerServiceDef={");
+
+ super.toString(sb);
+
+ sb.append("name={").append(name).append("} ");
+ sb.append("implClass={").append(implClass).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+
+ sb.append("configs={");
+ if(configs != null) {
+ for(RangerServiceConfigDef config : configs) {
+ if(config != null) {
+ config.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("resources={");
+ if(resources != null) {
+ for(RangerResourceDef resource : resources) {
+ if(resource != null) {
+ resource.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("accessTypes={");
+ if(accessTypes != null) {
+ for(RangerAccessTypeDef accessType : accessTypes) {
+ if(accessType != null) {
+ accessType.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("policyConditions={");
+ if(policyConditions != null) {
+ for(RangerPolicyConditionDef policyCondition : policyConditions) {
+ if(policyCondition != null) {
+ policyCondition.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("enums={");
+ if(enums != null) {
+ for(RangerEnumDef e : enums) {
+ if(e != null) {
+ e.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+
+ sb.append("}");
+
+ return sb;
+ }
+
+
+ public static class RangerEnumDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private List<RangerEnumElementDef> elements = null;
+ private Integer defaultIndex = null;
+
+
+ public RangerEnumDef() {
+ this(null, null, null);
+ }
+
+ public RangerEnumDef(String name, List<RangerEnumElementDef> elements, Integer defaultIndex) {
+ setName(name);
+ setElements(elements);
+ setDefaultIndex(defaultIndex);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the elements
+ */
+ public List<RangerEnumElementDef> getElements() {
+ return elements;
+ }
+
+ /**
+ * @param elements the elements to set
+ */
+ public void setElements(List<RangerEnumElementDef> elements) {
+ this.elements = new ArrayList<RangerEnumElementDef>();
+
+ if(elements != null) {
+ for(RangerEnumElementDef element : elements) {
+ this.elements.add(element);
+ }
+ }
+ }
+
+ /**
+ * @return the defaultIndex
+ */
+ public Integer getDefaultIndex() {
+ return defaultIndex;
+ }
+
+ /**
+ * @param defaultIndex the defaultIndex to set
+ */
+ public void setDefaultIndex(Integer defaultIndex) {
+ this.defaultIndex = (defaultIndex != null && this.elements.size() > defaultIndex) ? defaultIndex : 0;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerEnumDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("elements={");
+ if(elements != null) {
+ for(RangerEnumElementDef element : elements) {
+ if(element != null) {
+ element.toString(sb);
+ }
+ }
+ }
+ sb.append("} ");
+ sb.append("defaultIndex={").append(defaultIndex).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerEnumElementDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String label = null;
+ private String rbKeyLabel = null;
+
+
+ public RangerEnumElementDef() {
+ this(null, null, null);
+ }
+
+ public RangerEnumElementDef(String name, String label, String rbKeyLabel) {
+ setName(name);
+ setLabel(label);
+ setRbKeyLabel(rbKeyLabel);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerEnumElementDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerServiceConfigDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String type = null;
+ private String subType = null;
+ private Boolean mandatory = null;
+ private String defaultValue = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerServiceConfigDef() {
+ this(null, null, null, null, null, null, null, null, null);
+ }
+
+ public RangerServiceConfigDef(String name, String type, String subType, Boolean mandatory, String defaultValue, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setType(type);
+ setSubType(subType);
+ setMandatory(mandatory);
+ setDefaultValue(defaultValue);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getSubType() {
+ return subType;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setSubType(String subType) {
+ this.subType = subType;
+ }
+
+ /**
+ * @return the mandatory
+ */
+ public Boolean getMandatory() {
+ return mandatory;
+ }
+
+ /**
+ * @param mandatory the mandatory to set
+ */
+ public void setMandatory(Boolean mandatory) {
+ this.mandatory = mandatory == null ? Boolean.FALSE : mandatory;
+ }
+
+ /**
+ * @return the defaultValue
+ */
+ public String getDefaultValue() {
+ return defaultValue;
+ }
+
+ /**
+ * @param defaultValue the defaultValue to set
+ */
+ public void setDefaultValue(String defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerServiceConfigDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
+ sb.append("subType={").append(subType).append("} ");
+ sb.append("mandatory={").append(mandatory).append("} ");
+ sb.append("defaultValue={").append(defaultValue).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerResourceDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private Integer level = null;
+ private String parent = null;
+ private Boolean mandatory = null;
+ private Boolean lookupSupported = null;
+ private Boolean recursiveSupported = null;
+ private Boolean excludesSupported = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerResourceDef() {
+ this(null, null, null, null, null, null, null, null, null, null, null);
+ }
+
+ public RangerResourceDef(String name, Integer level, String parent, Boolean mandatory, Boolean lookupSupported, Boolean recursiveSupported, Boolean excludesSupported, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setLevel(level);
+ setParent(parent);
+ setMandatory(mandatory);
+ setLookupSupported(lookupSupported);
+ setRecursiveSupported(recursiveSupported);
+ setExcludesSupported(excludesSupported);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the level
+ */
+ public Integer getLevel() {
+ return level;
+ }
+
+ /**
+ * @param level the level to set
+ */
+ public void setLevel(Integer level) {
+ this.level = level == null ? 1 : level;
+ }
+
+ /**
+ * @return the parent
+ */
+ public String getParent() {
+ return parent;
+ }
+
+ /**
+ * @param parent the parent to set
+ */
+ public void setParent(String parent) {
+ this.parent = parent;
+ }
+
+ /**
+ * @return the mandatory
+ */
+ public Boolean getMandatory() {
+ return mandatory;
+ }
+
+ /**
+ * @param mandatory the mandatory to set
+ */
+ public void setMandatory(Boolean mandatory) {
+ this.mandatory = mandatory == null ? Boolean.FALSE : mandatory;
+ }
+
+ /**
+ * @return the lookupSupported
+ */
+ public Boolean getLookupSupported() {
+ return lookupSupported;
+ }
+
+ /**
+ * @param lookupSupported the lookupSupported to set
+ */
+ public void setLookupSupported(Boolean lookupSupported) {
+ this.lookupSupported = lookupSupported == null ? Boolean.FALSE : lookupSupported;
+ }
+
+ /**
+ * @return the recursiveSupported
+ */
+ public Boolean getRecursiveSupported() {
+ return recursiveSupported;
+ }
+
+ /**
+ * @param recursiveSupported the recursiveSupported to set
+ */
+ public void setRecursiveSupported(Boolean recursiveSupported) {
+ this.recursiveSupported = recursiveSupported == null ? Boolean.FALSE : recursiveSupported;
+ }
+
+ /**
+ * @return the excludesSupported
+ */
+ public Boolean getExcludesSupported() {
+ return excludesSupported;
+ }
+
+ /**
+ * @param excludesSupported the excludesSupported to set
+ */
+ public void setExcludesSupported(Boolean excludesSupported) {
+ this.excludesSupported = excludesSupported == null ? Boolean.FALSE : excludesSupported;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerResourceDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("level={").append(level).append("} ");
+ sb.append("parent={").append(parent).append("} ");
+ sb.append("mandatory={").append(mandatory).append("} ");
+ sb.append("lookupSupported={").append(lookupSupported).append("} ");
+ sb.append("recursiveSupported={").append(recursiveSupported).append("} ");
+ sb.append("excludesSupported={").append(excludesSupported).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerAccessTypeDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String label = null;
+ private String rbKeyLabel = null;
+
+
+ public RangerAccessTypeDef() {
+ this(null, null, null);
+ }
+
+ public RangerAccessTypeDef(String name, String label, String rbKeyLabel) {
+ setName(name);
+ setLabel(label);
+ setRbKeyLabel(rbKeyLabel);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerAccessTypeDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+
+
+ public static class RangerPolicyConditionDef implements java.io.Serializable {
+ private static final long serialVersionUID = 1L;
+
+ private String name = null;
+ private String evalClass = null;
+ private String label = null;
+ private String description = null;
+ private String rbKeyLabel = null;
+ private String rbKeyDescription = null;
+
+
+ public RangerPolicyConditionDef() {
+ this(null, null, null, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evalClass) {
+ this(name, evalClass, null, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evalClass, String label) {
+ this(name, evalClass, label, null, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evalClass, String label, String description) {
+ this(name, evalClass, label, description, null, null);
+ }
+
+ public RangerPolicyConditionDef(String name, String evalClass, String label, String description, String rbKeyLabel, String rbKeyDescription) {
+ setName(name);
+ setEvalClass(evalClass);
+ setLabel(label);
+ setDescription(description);
+ setRbKeyLabel(rbKeyLabel);
+ setRbKeyDescription(rbKeyDescription);
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the evalClass
+ */
+ public String getEvalClass() {
+ return evalClass;
+ }
+
+ /**
+ * @param evalClass the evalClass to set
+ */
+ public void setEvalClass(String evalClass) {
+ this.evalClass = evalClass;
+ }
+
+ /**
+ * @return the label
+ */
+ public String getLabel() {
+ return label;
+ }
+
+ /**
+ * @param label the label to set
+ */
+ public void setLabel(String label) {
+ this.label = label;
+ }
+
+ /**
+ * @return the description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * @param description the description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * @return the rbKeyLabel
+ */
+ public String getRbKeyLabel() {
+ return rbKeyLabel;
+ }
+
+ /**
+ * @param rbKeyLabel the rbKeyLabel to set
+ */
+ public void setRbKeyLabel(String rbKeyLabel) {
+ this.rbKeyLabel = rbKeyLabel;
+ }
+
+ /**
+ * @return the rbKeyDescription
+ */
+ public String getRbKeyDescription() {
+ return rbKeyDescription;
+ }
+
+ /**
+ * @param rbKeyDescription the rbKeyDescription to set
+ */
+ public void setRbKeyDescription(String rbKeyDescription) {
+ this.rbKeyDescription = rbKeyDescription;
+ }
+
+ @Override
+ public String toString( ) {
+ StringBuilder sb = new StringBuilder();
+
+ toString(sb);
+
+ return sb.toString();
+ }
+
+ public StringBuilder toString(StringBuilder sb) {
+ sb.append("RangerPolicyConditionDef={");
+ sb.append("name={").append(name).append("} ");
+ sb.append("evalClass={").append(evalClass).append("} ");
+ sb.append("label={").append(label).append("} ");
+ sb.append("description={").append(description).append("} ");
+ sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
+ sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
+ sb.append("}");
+
+ return sb;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
new file mode 100644
index 0000000..1abc3f2
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.Collection;
+
+public interface RangerAccessRequest {
+ RangerResource getResource();
+
+ Collection<String> getAccessTypes();
+
+ String getRequestUser();
+
+ Collection<String> getRequestUserGroups();
+
+ String getClientIPAddress();
+
+ String getClientType();
+
+ String getAction();
+
+ String getRequestData();
+
+ String getSessionId();
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
new file mode 100644
index 0000000..5867e67
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java
@@ -0,0 +1,98 @@
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.Collection;
+
+
+public class RangerAccessRequestImpl implements RangerAccessRequest {
+ private RangerResource resource = null;
+ private Collection<String> accessTypes = null;
+ private String requestUser = null;
+ private Collection<String> requestUserGroups = null;
+ private String clientIPAddress = null;
+ private String clientType = null;
+ private String action = null;
+ private String requestData = null;
+ private String sessionId = null;
+
+ @Override
+ public RangerResource getResource() {
+ return resource;
+ }
+
+ @Override
+ public Collection<String> getAccessTypes() {
+ return accessTypes;
+ }
+
+ @Override
+ public String getRequestUser() {
+ return requestUser;
+ }
+
+ @Override
+ public Collection<String> getRequestUserGroups() {
+ return requestUserGroups;
+ }
+
+ @Override
+ public String getClientIPAddress() {
+ return clientIPAddress;
+ }
+
+ @Override
+ public String getClientType() {
+ return clientType;
+ }
+
+ @Override
+ public String getAction() {
+ return action;
+ }
+
+ @Override
+ public String getRequestData() {
+ return requestData;
+ }
+
+ @Override
+ public String getSessionId() {
+ return sessionId;
+ }
+
+
+ public void setResource(RangerResource resource) {
+ this.resource = resource;
+ }
+
+ public void setAccessTypes(Collection<String> accessTypes) {
+ this.accessTypes = accessTypes;
+ }
+
+ public void setRequestUser(String requestUser) {
+ this.requestUser = requestUser;
+ }
+
+ public void setRequestUserGroups(Collection<String> requestUserGroups) {
+ this.requestUserGroups = requestUserGroups;
+ }
+
+ public void setClientIPAddress(String clientIPAddress) {
+ this.clientIPAddress = clientIPAddress;
+ }
+
+ public void setClientType(String clientType) {
+ this.clientType = clientType;
+ }
+
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ public void setRequestData(String requestData) {
+ this.requestData = requestData;
+ }
+
+ public void setSessionId(String sessionId) {
+ this.sessionId = sessionId;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
new file mode 100644
index 0000000..aee6716
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.List;
+
+public interface RangerPolicyEngine {
+ boolean isAccessAllowed(RangerAccessRequest request);
+
+ boolean isAccessAllowed(List<RangerAccessRequest> requests, List<Boolean> results);
+
+ void auditAccess(RangerAccessRequest request);
+
+ void auditAccess(List<RangerAccessRequest> requests, List<Boolean> results);
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
new file mode 100644
index 0000000..71274f3
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.manager.ServiceDefManager;
+import org.apache.ranger.plugin.manager.ServiceManager;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerService;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+
+
+public class RangerPolicyEngineImpl implements RangerPolicyEngine {
+ private static final Log LOG = LogFactory.getLog(RangerPolicyEngineImpl.class);
+
+ private String svcName = null;
+ private ServiceDefManager sdMgr = null;
+ private ServiceManager svcMgr = null;
+ private RangerService service = null;
+ private RangerServiceDef serviceDef = null;
+ private List<RangerPolicy> policies = null;
+
+ public RangerPolicyEngineImpl() {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerPolicyEngine()");
+ }
+
+ sdMgr = new ServiceDefManager();
+ svcMgr = new ServiceManager();
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerPolicyEngine()");
+ }
+ }
+
+ public void init(String serviceName) throws Exception {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerPolicyEngine.init(" + serviceName + ")");
+ }
+
+ svcName = serviceName;
+ service = svcMgr.getByName(svcName);
+
+ if(service == null) {
+ LOG.error(svcName + ": service not found");
+ } else {
+ serviceDef = sdMgr.getByName(service.getType());
+
+ if(serviceDef == null) {
+ String msg = service.getType() + ": service-def not found";
+
+ LOG.error(msg);
+
+ throw new Exception(msg);
+ }
+
+ policies = svcMgr.getPolicies(service.getId());
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("found " + (policies == null ? 0 : policies.size()) + " policies in service '" + svcName + "'");
+ }
+ }
+
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerPolicyEngine.init(" + serviceName + ")");
+ }
+ }
+
+ @Override
+ public boolean isAccessAllowed(RangerAccessRequest request) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean isAccessAllowed(List<RangerAccessRequest> requests,
+ List<Boolean> results) {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public void auditAccess(RangerAccessRequest request) {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void auditAccess(List<RangerAccessRequest> requests,
+ List<Boolean> results) {
+ // TODO Auto-generated method stub
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResource.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResource.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResource.java
new file mode 100644
index 0000000..b07f42a
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResource.java
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.List;
+
+public interface RangerResource {
+ public abstract String getOwnerUser();
+
+ public abstract String getElementValue(String type);
+
+ public abstract List<String> getElementValues(String type);
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceImpl.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceImpl.java b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceImpl.java
new file mode 100644
index 0000000..5d5a81d
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerResourceImpl.java
@@ -0,0 +1,137 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.policyengine;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+
+public class RangerResourceImpl implements RangerResource {
+ private String ownerUser = null;
+ private Map<String, Object> elements = null;
+
+
+ public RangerResourceImpl() {
+ }
+
+ @Override
+ public String getOwnerUser() {
+ return ownerUser;
+ }
+
+ @Override
+ public String getElementValue(String type) {
+ String ret = null;
+
+ if(elements != null) {
+ Object value = elements.get(type);
+
+ if(value != null) {
+ if(value instanceof String) {
+ ret = (String)value;
+ } else { // value must be a List<String>
+ @SuppressWarnings("unchecked")
+ List<String> list = (List<String>)value;
+
+ if(list != null && list.size() > 0) {
+ ret = list.get(0);
+ }
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ @Override
+ public List<String> getElementValues(String type) {
+ List<String> ret = null;
+
+ if(elements != null) {
+ Object value = elements.get(type);
+
+ if(value != null) {
+ if(value instanceof String) {
+ ret = new ArrayList<String>();
+ ret.add((String)value);
+ } else { // value must be a List<String>
+ @SuppressWarnings("unchecked")
+ List<String> tmpList = (List<String>)value;
+
+ ret = tmpList;
+ }
+ }
+ }
+
+ return ret;
+ }
+
+ public void setOwnerUser(String ownerUser) {
+ this.ownerUser = ownerUser;
+ }
+
+ public void setElement(String type, String value) {
+ if(elements == null) {
+ elements = new HashMap<String, Object>();
+ }
+
+ elements.put(type, value);
+ }
+
+ public void setElement(String type, List<String> value) {
+ if(elements == null) {
+ elements = new HashMap<String, Object>();
+ }
+
+ elements.put(type, value);
+ }
+
+ public void addElement(String type, String value) {
+ if(elements == null) {
+ elements = new HashMap<String, Object>();
+ }
+
+ Object val = elements.get(type);
+
+ if(val == null) {
+ elements.put(type, value);
+ } else {
+ List<String> list = null;
+
+ if(val instanceof String) { // convert to a list-value
+ list = new ArrayList<String>();
+
+ elements.put(type, list);
+
+ list.add((String)val);
+ } else { // value must be a List<String>
+ @SuppressWarnings("unchecked")
+ List<String> tmpList = (List<String>)val;
+
+ list = tmpList;
+ }
+
+ list.add(value);
+ }
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceDefStore.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceDefStore.java b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceDefStore.java
new file mode 100644
index 0000000..5489031
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceDefStore.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.store;
+
+import java.util.List;
+
+import org.apache.ranger.plugin.model.RangerServiceDef;
+
+public interface ServiceDefStore {
+ RangerServiceDef create(RangerServiceDef serviceDef) throws Exception;
+
+ RangerServiceDef update(RangerServiceDef serviceDef) throws Exception;
+
+ void delete(Long id) throws Exception;
+
+ RangerServiceDef get(Long id) throws Exception;
+
+ RangerServiceDef getByName(String name) throws Exception;
+
+ List<RangerServiceDef> getAll() throws Exception;
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e99d911d/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
new file mode 100644
index 0000000..c5b0724
--- /dev/null
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStore.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.plugin.store;
+
+import java.util.List;
+
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerService;
+
+public interface ServiceStore {
+ RangerService create(RangerService service) throws Exception;
+
+ RangerService update(RangerService service) throws Exception;
+
+ void delete(Long id) throws Exception;
+
+ RangerService get(Long id) throws Exception;
+
+ RangerService getByName(String name) throws Exception;
+
+ List<RangerService> getAll() throws Exception;
+
+
+ RangerPolicy createPolicy(RangerPolicy policy) throws Exception;
+
+ RangerPolicy updatePolicy(RangerPolicy policy) throws Exception;
+
+ void deletePolicy(Long id) throws Exception;
+
+ RangerPolicy getPolicy(Long id) throws Exception;
+
+ RangerPolicy getPolicyByName(String serviceName, String policyName) throws Exception;
+
+ List<RangerPolicy> getServicePolicies(String serviceName) throws Exception;
+
+ List<RangerPolicy> getServicePolicies(Long serviceId) throws Exception;
+
+ List<RangerPolicy> getAllPolicies() throws Exception;
+}