You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/01/14 02:33:41 UTC
incubator-ranger git commit: RANGER-203: Policy implementation
updated to support permissions & policy condition
Repository: incubator-ranger
Updated Branches:
refs/heads/stack ea89bb5f4 -> 81cfaef6d
RANGER-203: Policy implementation updated to support permissions & policy condition
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/81cfaef6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/81cfaef6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/81cfaef6
Branch: refs/heads/stack
Commit: 81cfaef6d7c3e2a5c63c56e36dab0381788c08be
Parents: ea89bb5
Author: Gautam Borad <gb...@gmail.com>
Authored: Tue Jan 13 17:33:20 2015 -0800
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Tue Jan 13 17:33:20 2015 -0800
----------------------------------------------------------------------
.../ranger/plugin/model/RangerServiceDef.java | 38 +-
.../service-defs/ranger-servicedef-hbase.json | 8 +-
.../service-defs/ranger-servicedef-hdfs.json | 2 -
.../service-defs/ranger-servicedef-hive.json | 10 +-
.../service-defs/ranger-servicedef-knox.json | 4 +-
.../service-defs/ranger-servicedef-storm.json | 2 +-
.../scripts/models/BackboneFormDataType.js | 23 +-
.../scripts/modules/globalize/message/en.js | 5 +-
.../src/main/webapp/scripts/utils/XAUtils.js | 78 +++-
.../scripts/views/policies/GroupPermList.js | 378 ++++++++++---------
.../scripts/views/policies/RangerPolicyForm.js | 116 ++----
.../views/policies/RangerPolicyTableLayout.js | 2 +-
.../scripts/views/policies/UserPermList.js | 34 +-
security-admin/src/main/webapp/styles/xa.css | 11 +-
.../templates/policies/GroupPermItem.html | 33 +-
.../templates/policies/GroupPermList.html | 2 +-
.../policies/RangerPolicyForm_tmpl.html | 11 +-
.../webapp/templates/policies/UserPermItem.html | 12 +-
18 files changed, 416 insertions(+), 353 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
index e701762..f1fe7a8 100644
--- a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
+++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java
@@ -635,7 +635,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
}
/**
- * @param uiType the type to set
+ * @param type the type to set
*/
public void setSubType(String subType) {
this.subType = subType;
@@ -756,6 +756,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
private static final long serialVersionUID = 1L;
private String name = null;
+ private String type = null;
private Integer level = null;
private String parent = null;
private Boolean mandatory = null;
@@ -766,7 +767,6 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
private String matcherOptions = null;
private String label = null;
private String description = null;
- private String uiType = null;
private String rbKeyLabel = null;
private String rbKeyDescription = null;
@@ -775,8 +775,9 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
this(null, null, null, null, null, null, null, null, null, null, null, null, null, null);
}
- public RangerResourceDef(String name, Integer level, String parent, Boolean mandatory, Boolean lookupSupported, Boolean recursiveSupported, Boolean excludesSupported, String matcher, String matcherOptions, String label, String description, String uiType, String rbKeyLabel, String rbKeyDescription) {
+ public RangerResourceDef(String name, String type, Integer level, String parent, Boolean mandatory, Boolean lookupSupported, Boolean recursiveSupported, Boolean excludesSupported, String matcher, String matcherOptions, String label, String description, String rbKeyLabel, String rbKeyDescription) {
setName(name);
+ setType(type);
setLevel(level);
setParent(parent);
setMandatory(mandatory);
@@ -787,7 +788,6 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
setMatcher(matcherOptions);
setLabel(label);
setDescription(description);
- setUIType(uiType);
setRbKeyLabel(rbKeyLabel);
setRbKeyDescription(rbKeyDescription);
}
@@ -807,6 +807,20 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
}
/**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
* @return the level
*/
public Integer getLevel() {
@@ -947,20 +961,6 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
}
/**
- * @return the uiType
- */
- public String getUIType() {
- return uiType;
- }
-
- /**
- * @param uiType the uiType to set
- */
- public void setUIType(String uiType) {
- this.uiType = uiType;
- }
-
- /**
* @return the rbKeyLabel
*/
public String getRbKeyLabel() {
@@ -1000,6 +1000,7 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
public StringBuilder toString(StringBuilder sb) {
sb.append("RangerResourceDef={");
sb.append("name={").append(name).append("} ");
+ sb.append("type={").append(type).append("} ");
sb.append("level={").append(level).append("} ");
sb.append("parent={").append(parent).append("} ");
sb.append("mandatory={").append(mandatory).append("} ");
@@ -1010,7 +1011,6 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S
sb.append("matcherOptions={").append(matcherOptions).append("} ");
sb.append("label={").append(label).append("} ");
sb.append("description={").append(description).append("} ");
- sb.append("uiType={").append(uiType).append("} ");
sb.append("rbKeyLabel={").append(rbKeyLabel).append("} ");
sb.append("rbKeyDescription={").append(rbKeyDescription).append("} ");
sb.append("}");
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json
index 20911c7..f9ead37 100644
--- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json
+++ b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json
@@ -33,9 +33,9 @@
],
"resources":
[
- {"name":"table","type":"select2","level":1,"parent":"","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Table","description":"HBase Table"},
- {"name":"column-family","type":"select2","level":2,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column-family","description":"HBase Column-family"},
- {"name":"column","type":"select2","level":3,"parent":"column-family","mandatory":true,"lookupSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column","description":"HBase Column"}
+ {"name":"table","type":"string","level":1,"parent":"","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Table","description":"HBase Table"},
+ {"name":"column-family","type":"string","level":2,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column-family","description":"HBase Column-family"},
+ {"name":"column","type":"string","level":3,"parent":"column-family","mandatory":true,"lookupSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column","description":"HBase Column"}
],
"accessTypes":
[
@@ -46,7 +46,5 @@
],
"policyConditions":
[
- {
- }
]
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json
index 907b6d3..adf4a29 100644
--- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json
+++ b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json
@@ -55,7 +55,5 @@
],
"policyConditions":
[
- {
- }
]
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json
index c18f0a0..81cf928 100644
--- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json
+++ b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json
@@ -21,10 +21,10 @@
],
"resources":
[
- {"name":"database","type":"select2","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Database","description":"Hive Database"},
- {"name":"table","type":"select2","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Table","description":"Hive Table"},
- {"name":"udf","type":"select2","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive UDF","description":"Hive UDF"},
- {"name":"column","type":"select2","level":3,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Column","description":"Hive Column"}
+ {"name":"database","type":"string","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Database","description":"Hive Database"},
+ {"name":"table","type":"string","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Table","description":"Hive Table"},
+ {"name":"udf","type":"string","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive UDF","description":"Hive UDF"},
+ {"name":"column","type":"string","level":3,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Column","description":"Hive Column"}
],
"accessTypes":
[
@@ -39,7 +39,5 @@
],
"policyConditions":
[
- {
- }
]
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json
index d12b9c9..7ce09ff 100644
--- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json
+++ b/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json
@@ -20,8 +20,8 @@
],
"resources":
[
- {"name":"topology","type":"select2","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Topology","description":"Knox Topology"},
- {"name":"service","type":"select2","level":2,"parent":"topology","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Service","description":"Knox Service"}
+ {"name":"topology","type":"string","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Topology","description":"Knox Topology"},
+ {"name":"service","type":"string","level":2,"parent":"topology","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Service","description":"Knox Service"}
],
"accessTypes":
[
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json
----------------------------------------------------------------------
diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json
index 5475dea..6a7d8bb 100644
--- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json
+++ b/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json
@@ -20,7 +20,7 @@
],
"resources":
[
- {"name":"topology","type":"select2","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Storm Topology","description":"Storm Topology"}
+ {"name":"topology","type":"string","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Storm Topology","description":"Storm Topology"}
],
"accessTypes":
[
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js b/security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js
index 6a040af..7b02ef9 100644
--- a/security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js
+++ b/security-admin/src/main/webapp/scripts/models/BackboneFormDataType.js
@@ -30,7 +30,19 @@ define(function(require) {
if (v != null) {
var formObj = {};
switch (v.type) {
- case 'string':formObj.type = 'Text';break;
+ case 'string':
+ if(!_.isUndefined(v.lookupSupported) && v.lookupSupported ){
+ formObj.type = 'Select2Remote';
+ formObj.pluginAttr = form.getPlugginAttr(false),
+ formObj.editorAttrs = {'data-placeholder': v.label },
+ formObj.options = function(callback, editor){
+ callback();
+ },
+ formObj.onFocusOpen = true
+ }else{
+ formObj.type = 'Text';
+ }
+ break;
case 'bool':
formObj.type = 'Checkbox';
formObj.options = { y : 'Yes',n : 'No'};
@@ -41,15 +53,6 @@ define(function(require) {
formObj.type = 'Select';
formObj.options = _.pluck(_.compact(enumObj.elements),'label');
break;
- case 'select2' :
- formObj.type = 'Select2Remote';
- formObj.pluginAttr = form.getPlugginAttr(false),
- formObj.editorAttrs = {'data-placeholder': v.label },
- formObj.options = function(callback, editor){
- callback();
- },
- formObj.onFocusOpen = true
- break;
case 'path' :
formObj.type = 'Text';
form.initilializePathPlugin = true;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
index 85ae4b0..fa39365 100644
--- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
+++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
@@ -206,7 +206,7 @@ define(function(require) {
topologyName : 'Topology Name',
serivceName : 'Service Name',
ipAddress : 'IP Address',
-
+ delegatedAdmin : 'Delegate Admin'
},
btn : {
add : 'Add',
@@ -258,7 +258,8 @@ define(function(require) {
searchForPolicy :"Search for your policy...",
searchForYourUser :"Search for your users...",
searchForYourGroup :"Search for your groups...",
- access : 'Access'
+ access : 'Access',
+ policyCondition : 'Policy Condtions'
},
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/utils/XAUtils.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
index 41ebe43..24850a7 100644
--- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js
+++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js
@@ -305,6 +305,13 @@ define(function(require) {
});
};
+ XAUtils.filterResultByText = function(results , selectedVals){
+ return _.filter(results,function(obj){
+ if($.inArray(obj.text,selectedVals) < 0)
+ return obj;
+
+ });
+ };
XAUtils.scrollToField = function(field){
$("html, body").animate({
scrollTop: field.position().top-80
@@ -376,14 +383,18 @@ define(function(require) {
if(!model.isNew()){
if(!_.isUndefined(model.get('policyItems'))){
var policyItems = model.get('policyItems');
- var groupPolicyItems = _.filter(policyItems,function(m){if(!_.isEmpty(m.groups)) return m;});
- _.each(groupPolicyItems,function(obj){
+// var groupPolicyItems = _.filter(policyItems,function(m){if(!_.isEmpty(m.groups)) return m;});
+ _.each(policyItems,function(obj){
+ var groupNames = null, userNames = null;
+ if(!_.isEmpty(obj.groups)) groupNames = obj.groups.join(',');
+ if(!_.isEmpty(obj.users)) userNames = obj.users.join(',');
var m = new Backbone.Model({
-// groupId : groupIds.join(','),
- groupName : obj.groups.join(','),
-// ipAddress : values[0].ipAddress,
+ groupName : groupNames,
+ userName : userNames,
+ accesses : obj.accesses,
+ conditions : obj.conditions,
+ delegateAdmin: obj.delegateAdmin,
editMode : true,
- accesses : obj.accesses
});
formInputColl.add(m);
@@ -409,7 +420,8 @@ define(function(require) {
userName : obj.users.join(','),
// ipAddress : values[0].ipAddress,
editMode : true,
- accesses : obj.accesses
+ accesses : obj.accesses,
+ conditions : obj.conditions
});
coll.add(m);
@@ -643,5 +655,57 @@ define(function(require) {
that.$(that.rForm.el).removeClass("policy-disabled");
}
};
+ XAUtils.customXEditableForPolicyCond = function(template) {
+// $.fn.editable.defaults.mode = 'inline';
+ var PolicyConditions = function (options) {
+ this.init('policyConditions', options, PolicyConditions.defaults);
+ };
+
+ //inherit from Abstract input
+ $.fn.editableutils.inherit(PolicyConditions, $.fn.editabletypes.abstractinput);
+
+ $.extend(PolicyConditions.prototype, {
+ render: function() {
+ this.$input = this.$tpl.find('input');
+ },
+
+ value2str: function(value) {
+ var str = '';
+ if(value) {
+ for(var k in value) {
+ str = str + k + ':' + value[k] + ';';
+ }
+ }
+ return str;
+ },
+
+ value2input: function(value) {
+ _.each(value, function(val,name){
+ this.$input.filter('[name='+name+']').val(value[name]);
+ },this);
+ },
+
+ input2value: function() {
+ var obj={};
+ _.each(this.$input,function(input){
+ var name = input.name;
+ var val = this.$input.filter('[name="'+name+'"]').val()
+ obj[name] = val;
+ },this);
+
+ return obj;
+ },
+ activate: function() {
+ this.$input.first().focus()
+ },
+ });
+
+ PolicyConditions.defaults = $.extend({}, $.fn.editabletypes.abstractinput.defaults, {
+ tpl: template,
+
+ inputclass: ''
+ });
+ $.fn.editabletypes.policyConditions = PolicyConditions;
+ };
return XAUtils;
});
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/views/policies/GroupPermList.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/GroupPermList.js b/security-admin/src/main/webapp/scripts/views/policies/GroupPermList.js
index 2f15b58..3fe0a6e 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/GroupPermList.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/GroupPermList.js
@@ -37,128 +37,150 @@ define(function(require) {
tagName : 'tr',
templateHelpers : function(){
-
return {
- permissions : this.accessTypes,//this.getPerms(),
- policyKnox : this.policyType == XAEnums.ServiceType.Service_KNOX.value ? true :false,
-// policyStorm : this.policyType == XAEnums.ServiceType.Service_STORM.value ? true :false,
+ permissions : this.accessTypes,
+ policyConditions: this.policyConditions,
isModelNew : !this.model.has('editMode'),
- stormPerms : this.stormPermsIds.length == 14 ? _.union(this.stormPermsIds,[-1]) : this.stormPermsIds
-
+ perms : this.permsIds.length == 14 ? _.union(this.permsIds,[-1]) : this.permsIds,
};
},
ui : {
selectGroups : '[data-js="selectGroups"]',
- inputIPAddress : '[data-js="ipAddress"]',
- tags : '[class=tags]'
+ selectUsers : '[data-js="selectUsers"]',
+ addPerms : 'a[data-js="permissions"]',
+ conditionsTags : '[class=tags1]',
+ delegatedAdmin : 'input[data-js="delegatedAdmin"]'
},
events : {
'click [data-action="delete"]' : 'evDelete',
'click td' : 'evClickTD',
'change [data-js="selectGroups"]': 'evSelectGroup',
- 'change [data-js="ipAddress"]' : 'evIPAddress'
+ 'change [data-js="selectUsers"]': 'evSelectUser',
+ 'change input[class="policy-conditions"]' : 'policyCondtionChange'
},
initialize : function(options) {
- _.extend(this, _.pick(options, 'groupList','policyType','accessTypes'));
- //this.subjectList = this.mStudent.getSubjectList();
- this.stormPermsIds = [];
- if(this.policyType == XAEnums.AssetType.ASSET_STORM.value){
- if(this.model.has('editMode') && this.model.get('editMode')){
- this.stormPermsIds = _.map(this.model.get('_vPermList'), function(p){
- if(XAEnums.XAPermType.XA_PERM_TYPE_ADMIN.value != p.permType)
- return p.permType;
- });
- }
- }
+ _.extend(this, _.pick(options, 'groupList','policyType','accessTypes','policyConditions','userList'));
+ this.setupPermissionsAndConditions();
},
onRender : function() {
- var that = this;
+ this.setupFormForEditMode();
+
+ this.createDropDown(this.ui.selectGroups, this.groupList, true);
+ this.createDropDown(this.ui.selectUsers, this.userList, false);
+ this.dropDownChange(this.ui.selectGroups);
+ this.dropDownChange(this.ui.selectUsers);
+
+ this.renderPerms();
+ this.renderPolicyCondtion();
+ },
+ setupFormForEditMode : function() {
this.accessItems = _.map(this.accessTypes, function(perm){
if(!_.isUndefined(perm))
return {'type':perm.label,isAllowed : false}
});
-
- if(!_.isUndefined(this.model.get('groupName'))){
- this.ui.selectGroups.val(this.model.get('groupName').split(','));
- }
- if(!_.isUndefined(this.model.get('ipAddress'))){
- this.ui.inputIPAddress.val(this.model.get('ipAddress').toString());
- }
if(this.model.has('editMode') && this.model.get('editMode')){
+ if(!_.isUndefined(this.model.get('groupName')) && !_.isNull(this.model.get('groupName'))){
+ this.ui.selectGroups.val(this.model.get('groupName').split(','));
+ }
+ if(!_.isUndefined(this.model.get('userName')) && !_.isNull(this.model.get('userName'))){
+ this.ui.selectUsers.val(this.model.get('userName').split(','));
+ }
+
+ if(!_.isUndefined(this.model.get('conditions'))){
+ _.each(this.model.get('conditions'), function(obj){
+ this.$el.find('input[data-js="'+obj.type+'"]').val(obj.value.toString())
+ },this);
+ }
_.each(this.model.get('accesses'), function(p){
if(p.isAllowed){
this.$el.find('input[data-name="' + p.type + '"]').attr('checked', 'checked');
_.each(this.accessItems,function(obj){ if(obj.type == p.type) obj.isAllowed=true;})
}
},this);
+
+ if(!_.isUndefined(this.model.get('delegateAdmin')) && this.model.get('delegateAdmin')){
+ this.ui.delegatedAdmin.attr('checked', 'checked');
+ }
}
- this.createGroupDropDown();
- this.groupDropDownChange();
- if(this.policyType == XAEnums.AssetType.ASSET_STORM.value){
- this.renderStormPerms();
+ },
+ setupPermissionsAndConditions : function() {
+ var that = this;
+ this.permsIds = [], this.conditions = {};
+ //Set Permissions obj
+ if( this.model.has('editMode') && this.model.get('editMode')){
+ _.each(this.model.get('accesses'), function(p){
+ if(p.isAllowed){
+ var access = _.find(that.accessTypes,function(obj){if(obj.label == p.type) return obj});
+ this.permsIds.push(access.name);
+ }
+
+ }, this);
+ //Set PolicyCondtion Obj to show in edit mode
+ _.each(this.model.get('conditions'), function(p){
+ this.conditions[p.type] = p.value;
+ }, this);
}
},
- groupDropDownChange : function(){
+ dropDownChange : function($select){
var that = this;
- this.ui.selectGroups.on('change',function(e){
+ $select.on('change',function(e){
// console.log(e.currentTarget.value);
+ var name = ($(e.currentTarget).attr('data-js') == that.ui.selectGroups.attr('data-js')) ? 'group': 'user';
that.checkDirtyFieldForDropDown(e);
- var duplicateGroupName = false;
that.toggleAddButton(e);
if(e.removed != undefined){
- var gIdArr = [],gNameArr = [];
- gIdArr = _.without(that.model.get('groupId').split(','), e.removed.id);
- if(that.model.get('groupName') != undefined)
- gNameArr = _.without(that.model.get('groupName').split(','), e.removed.text);
- if(!_.isEmpty(gIdArr)){
- that.model.set('groupId',gIdArr.join(','));
- that.model.set('groupName',gNameArr.join(','));
+ var gNameArr = [];
+ if(that.model.get(name+'Name') != undefined)
+ gNameArr = _.without(that.model.get(name+'Name').split(','), e.removed.text);
+ if(!_.isEmpty(gNameArr)){
+ that.model.set(name+'Name',gNameArr.join(','));
}else{
- that.model.unset('groupId');
- that.model.unset('groupName');
+ that.model.unset(name+'Name');
}
return;
}
if(!_.isUndefined(e.added)){
- that.model.set('groupId', e.currentTarget.value);
- var groupNameList = _.map($(e.currentTarget).select2("data"), function(obj){return obj.text});
- that.model.set('groupName',groupNameList.toString())
+ var nameList = _.map($(e.currentTarget).select2("data"), function(obj){return obj.text});
+ that.model.set(name+'Name',nameList.toString());
}
});
},
- createGroupDropDown :function(){
+ createDropDown :function($select, list, typeGroup){
var that = this;
- if(this.model.has('editMode') && !_.isEmpty(this.ui.selectGroups.val())){
- var temp = this.ui.selectGroups.val().split(",");
+ var placeholder = (typeGroup) ? 'Select Group' : 'Select User';
+ var url = (typeGroup) ? "service/xusers/groups" : "service/xusers/users";
+ if(this.model.has('editMode') && !_.isEmpty($select.val())){
+ var temp = $select.val().split(",");
_.each(temp , function(name){
- if(_.isUndefined(that.groupList.where({ name : name}))){
- var group = new VXGroup({name: name});
- group.fetch({async:false}).done(function(){
- that.groupList.add(group);
+ if(_.isUndefined(list.where({ name : name}))){
+ var model;
+ model = typeGroup ? new VXGroup({name: name}) : new VXUser({name: name});
+ model.fetch({async:false}).done(function(){
+ list.add(model);
});
}
});
}
- this.groupArr = this.groupList.map(function(m){
+ var tags = list.map(function(m){
return { id : m.id+"" , text : m.get('name')};
});
- this.ui.selectGroups.select2({
+ $select.select2({
closeOnSelect : true,
- placeholder : 'Select Group',
+ placeholder : placeholder,
// maximumSelectionSize : 1,
width :'220px',
tokenSeparators: [",", " "],
- tags : this.groupArr,
+ tags : tags,
initSelection : function (element, callback) {
var data = [];
- console.log(that.groupList);
+ console.log(list);
$(element.val().split(",")).each(function () {
- var obj = _.findWhere(that.groupArr,{text:this});
+ var obj = _.findWhere(tags,{text:this});
data.push({id: obj.id, text: this})
});
callback(data);
@@ -174,7 +196,7 @@ define(function(require) {
}*/
},
ajax: {
- url: "service/xusers/groups",
+ url: url,
dataType: 'json',
data: function (term, page) {
return {name : term};
@@ -183,13 +205,15 @@ define(function(require) {
var results = [] , selectedVals = [];
/*if(!_.isEmpty(that.ui.selectGroups.select2('val')))
selectedVals = that.ui.selectGroups.select2('val');*/
- selectedVals = that.getGroupSelectdValues();
+ selectedVals = that.getGroupSelectdValues($select, typeGroup);
if(data.resultSize != "0"){
//if(data.vXGroups.length > 1){
-
- results = data.vXGroups.map(function(m, i){ return {id : m.id+"", text: m.name}; });
+ if(typeGroup)
+ results = data.vXGroups.map(function(m, i){ return {id : m.id+"", text: m.name}; });
+ else
+ results = data.vXUsers.map(function(m, i){ return {id : m.id+"", text: m.name}; });
if(!_.isEmpty(selectedVals))
- results = XAUtil.filterResultByIds(results, selectedVals);
+ results = XAUtil.filterResultByText(results, selectedVals);
// console.log(results.length);
return {results : results};
//}
@@ -210,15 +234,105 @@ define(function(require) {
}
}).on('select2-focus', XAUtil.select2Focus);
},
- getGroupSelectdValues : function(){
+ renderPerms :function(){
+ var that = this;
+// var permArr = _.pick(XAEnums.XAPermType, XAUtil.getStormActions(this.policyType));
+ this.perms = _.map(this.accessTypes,function(m){return {text:m.label, value:m.name};});
+ this.perms.push({'value' : -1, 'text' : 'Select/Deselect All'});
+ this.ui.addPerms.editable({
+ emptytext : 'Add Permissions',
+ source: this.perms,
+ value : this.permsIds,
+ display: function(values,srcData) {
+ if(_.isNull(values) || _.isEmpty(values)){
+ $(this).empty();
+ that.model.unset('accesses');
+ return;
+ }
+ if(_.contains(values,"-1")){
+ values = _.without(values,"-1")
+ }
+// that.checkDirtyFieldForGroup(values);
+ var permTypeArr = [];
+ var valArr = _.map(values, function(id){
+ if(!_.isUndefined(id)){
+ var obj = _.findWhere(srcData,{'value' : id});
+ permTypeArr.push({permType : obj.value});
+ return "<span class='label label-inverse'>" + obj.text + "</span>";
+ }
+ });
+ var perms = []
+ if(that.model.has('accesses')){
+ perms = that.model.get('accesses');
+ }
+ _.each(that.accessTypes, function(obj) {
+ if(_.contains(values, obj.name)){
+ var type = obj.label
+ _.each(that.accessItems, function(item){ if(item.type == type) item.isAllowed = true });
+ }
+ });
+ // Save data to model
+
+ if(!_.isEmpty(that.accessItems))
+ that.model.set('accesses', that.accessItems);
+
+ $(this).html(valArr.join(" "));
+ },
+ }).on('click', function(e) {
+ e.stopPropagation();
+ e.preventDefault();
+ that.$('input[type="checkbox"][value="-1"]').click(function(e){
+ var checkboxlist =$(this).closest('.editable-checklist').find('input[type="checkbox"][value!=-1]')
+ $(this).is(':checked') ? checkboxlist.prop('checked',true) : checkboxlist.prop('checked',false);
+
+ });
+ });
+
+ },
+ renderPolicyCondtion : function() {
+ var that = this;
+ if(this.policyConditions.length > 0){
+ var tmpl = _.map(this.policyConditions,function(obj){
+ return '<div class="editable-address margin-bottom-5"><label style="display:block !important;"><span>'+obj.label+' : </span></label><input type="text" name="'+obj.name+'" ></div>'
+ });
+ XAUtil.customXEditableForPolicyCond(tmpl.join(''));
+ this.$('#policyConditions').editable({
+ emptytext : 'Add Conditions',
+ value : this.conditions,
+ display: function(value) {
+ var continue_ = false, i = 0;
+ if(!value) {
+ $(this).empty();
+ return;
+ } // End if
+ _.each(value, function(val, name){ if(!_.isEmpty(val)) continue_ = true; });
+ if(continue_){
+ var html = _.map(value, function(val,name) {
+ var label = (i%2 == 0) ? 'label label-inverse' : 'label';
+ i++;
+ return _.isEmpty(val) ? '' : '<span class="'+label+'">'+name+' : '+ val + '</span>';
+ });
+ var cond = _.map(value, function(val, name) {return {'type' : name, 'value' :val};});
+ that.model.set('conditions', cond);
+ $(this).html(html);
+ }else{
+ that.model.unset('conditions');
+ $(this).empty();
+ }
+ } // End display option
+ }); // End editable()
+ }
+ },
+ getGroupSelectdValues : function($select, typeGroup){
var vals = [],selectedVals = [];
+ var name = typeGroup ? 'group' : 'user';
this.collection.each(function(m){
- if(!_.isUndefined(m.get('groupId'))){
- vals.push.apply(vals, m.get('groupId').split(','));
+ if(!_.isUndefined(m.get(name+'Name')) && !_.isNull(m.get(name+'Name'))){
+ vals.push.apply(vals, m.get(name+'Name').split(','));
}
});
- if(!_.isEmpty(this.ui.selectGroups.select2('val')))
- selectedVals = this.ui.selectGroups.select2('val');
+ if(!_.isEmpty($select.select2('val')))
+ selectedVals = $select.select2('val');
vals.push.apply(vals , selectedVals);
vals = $.unique(vals);
return vals;
@@ -229,40 +343,11 @@ define(function(require) {
this.toggleAddButton();
},
evClickTD : function(e){
- var that = this;
- var $el = $(e.currentTarget),permList =[],perms =[];
- if($(e.toElement).is('td')){
- var $checkbox = $el.find('input');
- $checkbox.is(':checked') ? $checkbox.prop('checked',false) : $checkbox.prop('checked',true);
- }
- var curPerm = $el.find('input').data('id');
- var curPermName = $el.find('input').data('name');
- if(!_.isUndefined(curPermName)){
- var perms = [];
- if(this.model.has('accesses')){
- if(_.isArray(this.model.get('accesses')))
- perms = this.model.get('accesses');
- else
- perms.push(this.model.get('accesses'));
- }
- if($el.find('input[type="checkbox"]').is(':checked')){
- _.each(that.accessItems, function(obj){ if(obj.type == curPermName) obj.isAllowed = true });
-
- /*if(curPermName == XAEnums.XAPermType.XA_PERM_TYPE_ADMIN.value){
- $el.parent().find('input[type="checkbox"]:not(:checked)[data-name!="'+curPermName+'"]').map(function(){
- _.each(that.accessItems, function(obj){ if(obj.type == $(this).data('name')) obj.isAllowed = true }, this);
- });
- $el.parent().find('input[type="checkbox"]').prop('checked',true);
- }*/
- } else {
- _.each(that.accessItems, function(obj){ if(obj.type == curPermName ) obj.isAllowed = false }, this);
- }
-
-// this.checkDirtyFieldForCheckBox(perms);
- if(!_.isEmpty(that.accessItems))
- this.model.set('accesses', that.accessItems);
- else
- this.model.unset('accesses');
+ var $el = $(e.currentTarget);
+ //Set Delegated Admin value
+ if(!_.isUndefined($el.find('input').data('js'))){
+ this.model.set('delegateAdmin',$el.find('input').is(':checked'))
+ return;
}
},
checkDirtyFieldForCheckBox : function(perms){
@@ -289,60 +374,17 @@ define(function(require) {
$('[data-action="addGroup"]').show();
}
},
- evIPAddress :function(e){
- if(!_.isEmpty($(e.currentTarget).val()))
- this.model.set('ipAddress',$(e.currentTarget).val().split(','));
- else
- this.model.unset('ipAddress');
- },
- renderStormPerms :function(){
- var that = this;
- var permArr = _.pick(XAEnums.XAPermType, XAUtil.getStormActions(this.policyType));
- this.stormPerms = _.map(permArr,function(m){return {text:m.label, value:m.value};});
- this.stormPerms.push({'value' : -1, 'text' : 'Select/Deselect All'});
- this.ui.tags.editable({
- placement: 'right',
-// emptytext : 'Please select',
- source: this.stormPerms,
- display: function(idList,srcData) {
- if(_.isEmpty(idList.toString())){
- $(this).html('');
- return;
- }
- if(!_.isArray(idList))
- idList = [idList];
-// that.checkDirtyFieldForGroup(values);
- var permTypeArr = [];
- var valArr = _.map(idList, function(id){
- if(!(parseInt(id) <= 0) && (!_.isNaN(parseInt(id)))){
- var obj = _.findWhere(srcData,{'value' : parseInt(id)});
- permTypeArr.push({permType : obj.value});
- return "<span class='label label-inverse'>" + obj.text + "</span>";
- }
- });
-
- if(that.model.has('_vPermList')){
- var adminPerm = _.where(that.model.get('_vPermList'),{'permType': XAEnums.XAPermType.XA_PERM_TYPE_ADMIN.value });
- permTypeArr = _.isEmpty(adminPerm) ? permTypeArr : _.union(permTypeArr,adminPerm);
- }
- that.model.set('_vPermList', permTypeArr);
-// if(!_.isEmpty(perms))
-// that.model.set('_vPermList', perms);
-// that.model.set('_vPermList', permTypeArr);
- $(this).html(valArr.join(" "));
- },
- });
- this.$('[id^="tags-edit-"]').click(function(e) {
- e.stopPropagation();
- e.preventDefault();
- that.$('#' + $(this).data('editable') ).editable('toggle');
- that.$('input[type="checkbox"][value="-1"]').click(function(e){
- var checkboxlist =$(this).closest('.editable-checklist').find('input[type="checkbox"][value!=-1]')
- $(this).is(':checked') ? checkboxlist.prop('checked',true) : checkboxlist.prop('checked',false);
-
- });
- });
-
+ policyCondtionChange :function(e){
+ if(!_.isEmpty($(e.currentTarget).val()) && !_.isEmpty(this.policyConditions)){
+ var policyCond = { 'type' : $(e.currentTarget).attr('data-js'), 'value' : $(e.currentTarget).val() } ;
+ var conditions = [];
+ if(this.model.has('conditions')){
+ conditions = this.model.get('conditions')
+ }
+ conditions.push(policyCond);
+ this.model.set('conditions',conditions);
+ }
+
},
checkDirtyFieldForDropDown : function(e){
//that.model.has('groupId')
@@ -351,10 +393,6 @@ define(function(require) {
groupIdList = this.model.get('groupId').split(',');
XAUtil.checkDirtyField(groupIdList, e.val, $(e.currentTarget));
},
- getPerms : function(){
- var permList = _.map(this.accessTypes,function(type){ return type.label});
- return _.map(permList, function(perm){ return _.findWhere(XAEnums.XAPermType,{label:perm})})
- }
});
@@ -380,15 +418,17 @@ define(function(require) {
return {
'collection' : this.collection,
'groupList' : this.groupList,
+ 'userList' : this.userList,
'policyType' : this.policyType,
- 'accessTypes' : this.accessTypes
+ 'accessTypes' : this.accessTypes,
+ 'policyConditions' : this.rangerServiceDefModel.get('policyConditions')
};
},
events : {
'click [data-action="addGroup"]' : 'addNew'
},
initialize : function(options) {
- _.extend(this, _.pick(options, 'groupList','policyType','accessTypes','rangerServiceDefModel'));
+ _.extend(this, _.pick(options, 'groupList','policyType','accessTypes','rangerServiceDefModel','userList'));
//this.hiveGroupPerm = _.has(options,'hiveGroupPerm') ? true : false;
this.listenTo(this.groupList, 'sync', this.render, this);
if(this.collection.length == 0)
@@ -419,12 +459,14 @@ define(function(require) {
this.$('button[data-action="addGroup"]').show();
},
getPermHeaders : function(){
- var permList = _.map(this.accessTypes,function(type){ return type.label});
+ var permList = [];//_.map(this.accessTypes,function(type){ return type.label});
+
+ permList.unshift(localization.tt('lbl.delegatedAdmin'));
+ permList.unshift(localization.tt('lbl.permissions'));
if(!_.isEmpty(this.rangerServiceDefModel.get('policyConditions'))){
- _.each(this.rangerServiceDefModel.get('policyConditions'), function(cond){
- if(!_.isNull(cond) && !_.isNull(cond.label)) permList.unshift(cond.label);
- });
+ permList.unshift(localization.tt('h.policyCondition'));
}
+ permList.unshift(localization.tt('lbl.selectUser'));
permList.unshift(localization.tt('lbl.selectGroup'));
permList.push("");
return permList;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
index f0cb86b..7d35d01 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyForm.js
@@ -74,20 +74,7 @@ define(function(require){
this.permMapList = this.model.isNew() ? new VXPermMapList() : this.model.get('permMapList');
this.auditList = this.model.isNew() ? new VXAuditMapList() : this.model.get('auditList');
- //this.userList.fetch();
-
-
- /*If the model passed to the fn is new return an empty collection
- * otherwise return a collection that has models like
- * {
- * groupId : 5,
- * permissionList : [4,3]
- * }
- * The formInputList will be passed to the forminputitemlist view.
- */
-
this.formInputList = XAUtil.makeCollForGroupPermission(this.model);
- this.userPermInputList = XAUtil.makeCollForUserPermission(this.model);
},
/** all events binding here */
@@ -126,16 +113,9 @@ define(function(require){
this.initializePathPlugins();
}
this.renderCustomFields();
- /* if(!this.model.isNew()){
+ if(!this.model.isNew()){
this.setUpSwitches();
}
- if(this.model.isNew() && this.fields._vAuditListToggle.editor.getValue() == 1){
- this.model.set('auditList', new VXAuditMapList(new VXAuditMap({
- 'auditType' : XAEnums.XAAuditType.XA_AUDIT_TYPE_ALL.value,//fieldEditor.getValue()//
- 'resourceId' :this.model.get('id')
-
- })));
- }*/
this.$el.find('.field-isEnabled').find('.control-label').remove();
},
evAuditChange : function(form, fieldEditor){
@@ -154,27 +134,22 @@ define(function(require){
},
setUpSwitches :function(){
var that = this;
- var encryptStatus = false,auditStatus = false,recursiveStatus = false;
- auditStatus = this.model.has('auditList') ? true : false;
- this.fields._vAuditListToggle.editor.setValue(auditStatus);
-
- _.each(_.toArray(XAEnums.BooleanValue),function(m){
- if(parseInt(that.model.get('isEncrypt')) == m.value)
- encryptStatus = (m.label == XAEnums.BooleanValue.BOOL_TRUE.label) ? true : false;
- if(parseInt(that.model.get('isRecursive')) == m.value)
- recursiveStatus = (m.label == XAEnums.BooleanValue.BOOL_TRUE.label) ? true : false;
- });
- this.fields.isEncrypt.editor.setValue(encryptStatus);
- this.fields.isRecursive.editor.setValue(recursiveStatus);
- if(parseInt(this.model.get('resourceStatus')) != XAEnums.BooleanValue.BOOL_TRUE.value)
- this.fields.resourceStatus.editor.setValue(false);
+ this.fields.isAuditEnabled.editor.setValue(this.model.get('isAuditEnabled'));
+ this.fields.isEnabled.editor.setValue(this.model.get('isEnabled'));
},
/** all custom field rendering */
renderCustomFields: function(){
var that = this;
var accessType = this.rangerServiceDefModel.get('accessTypes').filter(function(val) { return val !== null; });
- this.groupList = new VXGroupList();
+ this.userList = new VXUserList();
var params = {sortBy : 'name'};
+ this.userList.setPageSize(100,{fetch:false});
+ this.userList.fetch({
+ cache :true,
+ data: params,
+ async : false
+ });
+ this.groupList = new VXGroupList();
this.groupList.setPageSize(100,{fetch:false});
this.groupList.fetch({
cache :true,
@@ -183,29 +158,13 @@ define(function(require){
that.$('[data-customfields="groupPerms"]').html(new GroupPermList({
collection : that.formInputList,
groupList : that.groupList,
+ userList : that.userList,
model : that.model,
-// policyType : policyType,
- accessTypes : accessType,
- rangerServiceDefModel : that.rangerServiceDefModel
- }).render().el);
- });
-
- this.userList = new VXUserList();
- var params = {sortBy : 'name'};
- this.userList.setPageSize(100,{fetch:false});
- this.userList.fetch({
- cache :true,
- data: params
- }).done(function(){
- that.$('[data-customfields="userPerms"]').html(new UserPermList({
- collection : that.userPermInputList,
- model : that.model,
- userList : that.userList,
-// policyType : policyType,
accessTypes : accessType,
rangerServiceDefModel : that.rangerServiceDefModel
}).render().el);
});
+
},
beforeSave : function(){
@@ -229,39 +188,44 @@ define(function(require){
var RangerPolicyItem = Backbone.Collection.extend();
var policyItemList = new RangerPolicyItem();
- this.formInputList.each(function(m){
- if(!_.isUndefined(m.get('groupName'))){
+ policyItemList = this.setPermissionsToColl(this.formInputList, policyItemList);
+ this.model.set('policyItems', policyItemList)
+
+ //Unset attrs which are not needed
+ _.each(this.model.attributes.resources,function(obj,key){
+ this.model.unset(key, obj.values.toString())
+ },this)
+
+ },
+ setPermissionsToColl : function(list, policyItemList) {
+ list.each(function(m){
+ if(!_.isUndefined(m.get('groupName')) || !_.isUndefined(m.get("userName"))){ //groupName or userName
var RangerPolicyItem=Backbone.Model.extend()
var policyItem = new RangerPolicyItem();
- policyItem.set('groups',m.get('groupName').split(','))
+ if(!_.isUndefined(m.get('groupName')) && !_.isNull(m.get('groupName'))){
+ policyItem.set("groups",m.get("groupName").split(','));
+ }
+ if(!_.isUndefined(m.get('userName')) && !_.isNull(m.get('userName'))){
+ policyItem.set("users",m.get("userName").split(','));
+ }
+ if(!_.isUndefined(m.get('delegateAdmin'))){
+ policyItem.set("delegateAdmin",m.get("delegateAdmin"));
+ }
var RangerPolicyItemAccessList = Backbone.Collection.extend();
var rangerPlcItemAccessList = new RangerPolicyItemAccessList(m.get('accesses'));
policyItem.set('accesses', rangerPlcItemAccessList)
- policyItemList.add(policyItem)
-
- }
- }, this);
- this.userPermInputList.each(function(m){
- if(!_.isUndefined(m.get('userName'))){
- var RangerPolicyItem=Backbone.Model.extend()
- var policyItem = new RangerPolicyItem();
- policyItem.set('users',m.get('userName').split(','))
- var RangerPolicyItemAccessList = Backbone.Collection.extend();
- var rangerPlcItemAccessList = new RangerPolicyItemAccessList(m.get('accesses'));
- policyItem.set('accesses', rangerPlcItemAccessList)
+ if(!_.isUndefined(m.get('conditions'))){
+ var RangerPolicyItemConditionList = Backbone.Collection.extend();
+ var rPolicyItemCondList = new RangerPolicyItemConditionList(m.get('conditions'))
+ policyItem.set('conditions', rPolicyItemCondList)
+ }
policyItemList.add(policyItem)
}
}, this);
- this.model.set('policyItems', policyItemList)
-
- //Unset attrs which are not needed
- _.each(this.model.attributes.resources,function(obj,key){
- this.model.unset(key, obj.values.toString())
- },this)
-
+ return policyItemList;
},
/** all post render plugin initialization */
initializePathPlugins: function(){
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
index 2f4ab67..74e393e 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
@@ -328,7 +328,7 @@ define(function(require){
if(!_.isUndefined(obj) && !_.isNull(obj))
cols[obj.name]={
cell : "html",
- label : localization.tt("lbl."+obj.name),
+ label : obj.name,
editable: false,
sortable : false,
formatter: _.extend({}, Backgrid.CellFormatter.prototype, {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/scripts/views/policies/UserPermList.js
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/scripts/views/policies/UserPermList.js b/security-admin/src/main/webapp/scripts/views/policies/UserPermList.js
index fe51116..6f2e578 100644
--- a/security-admin/src/main/webapp/scripts/views/policies/UserPermList.js
+++ b/security-admin/src/main/webapp/scripts/views/policies/UserPermList.js
@@ -39,7 +39,7 @@ define(function(require) {
return {
permissions : this.accessTypes,
- policyKnox : this.policyType == XAEnums.ServiceType.Service_KNOX.value ? true :false,
+ policyConditions: this.policyConditions,
// policyStorm : this.policyType == XAEnums.ServiceType.Service_STORM.value ? true :false,
isModelNew : !this.model.has('editMode'),
stormPerms : this.stormPermsIds.length == 14 ? _.union(this.stormPermsIds,[-1]) : this.stormPermsIds
@@ -47,18 +47,17 @@ define(function(require) {
},
ui : {
selectUsers : '[data-js="selectUsers"]',
- inputIPAddress : '[data-js="ipAddress"]',
tags : '[class=tags]'
},
events : {
'click [data-action="delete"]' : 'evDelete',
'click td' : 'evClickTD',
'change [data-js="selectUsers"]': 'evSelectUser',
- 'change [data-js="ipAddress"]' : 'evIPAddress'
+ 'change input[class="policy-conditions"]' : 'policyCondtionChange'
},
initialize : function(options) {
- _.extend(this, _.pick(options, 'userList','policyType','accessTypes'));
+ _.extend(this, _.pick(options, 'userList','policyType','accessTypes','policyConditions'));
//this.subjectList = this.mStudent.getSubjectList();
this.stormPermsIds = [];
if(this.policyType == XAEnums.AssetType.ASSET_STORM.value){
@@ -82,8 +81,11 @@ define(function(require) {
if(this.model.get('userName') != undefined){
this.ui.selectUsers.val(this.model.get('userName').split(','));
}
- if(!_.isUndefined(this.model.get('ipAddress'))){
- this.ui.inputIPAddress.val(this.model.get('ipAddress').toString());
+ if(!_.isUndefined(this.model.get('conditions'))){
+ _.each(this.model.get('conditions'), function(obj){
+ console.log(obj)
+ this.$el.find('input[data-js="'+obj.type+'"]').val(obj.value.toString())
+ },this);
}
if(this.model.has('editMode') && this.model.get('editMode')){
@@ -300,11 +302,16 @@ define(function(require) {
vals = $.unique(vals);
return vals;
},
- evIPAddress :function(e){
- if(!_.isEmpty($(e.currentTarget).val()))
- this.model.set('ipAddress',$(e.currentTarget).val().split(','));
- else
- this.model.unset('ipAddress');
+ policyCondtionChange :function(e){
+ if(!_.isEmpty($(e.currentTarget).val()) && !_.isEmpty(this.policyConditions)){
+ var policyCond = { 'type' : $(e.currentTarget).attr('data-js'), 'value' : $(e.currentTarget).val() } ;
+ var conditions = [];
+ if(this.model.has('conditions')){
+ conditions = this.model.get('conditions')
+ }
+ conditions.push(policyCond);
+ this.model.set('conditions',conditions);
+ }
},
renderStormPerms :function(){
var that = this;
@@ -378,7 +385,8 @@ define(function(require) {
'collection' : this.collection,
'userList' : this.userList,
'policyType' : this.policyType,
- 'accessTypes' : this.accessTypes
+ 'accessTypes' : this.accessTypes,
+ 'policyConditions' : this.rangerServiceDefModel.get('policyConditions')
};
},
events : {
@@ -422,7 +430,7 @@ define(function(require) {
if(!_.isNull(cond) && !_.isNull(cond.label)) permList.unshift(cond.label);
});
}
- permList.unshift(localization.tt('lbl.selectGroup'));
+ permList.unshift(localization.tt('lbl.selectUser'));
permList.push("");
return permList;
},
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/styles/xa.css
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/styles/xa.css b/security-admin/src/main/webapp/styles/xa.css
index d339b6b..55f3a6a 100644
--- a/security-admin/src/main/webapp/styles/xa.css
+++ b/security-admin/src/main/webapp/styles/xa.css
@@ -491,7 +491,7 @@ body {
.table-permission {
float: left;
- width: 45%
+ width: 90%
}
/* toggle */
@@ -1693,3 +1693,12 @@ margin-bottom: 0 !important;
.policy-form .field-database,.policy-form .field-table, .policy-form .field-path, .policy-form .field-topology{
clear: both;
}
+.margin-bottom-5{
+margin-bottom: 5px;
+}
+
+.popover-content {
+ overflow-y: auto;
+ padding-right: 25px;
+ max-height: 250px;
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/templates/policies/GroupPermItem.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/policies/GroupPermItem.html b/security-admin/src/main/webapp/templates/policies/GroupPermItem.html
index a53f7b6..fd1de81 100644
--- a/security-admin/src/main/webapp/templates/policies/GroupPermItem.html
+++ b/security-admin/src/main/webapp/templates/policies/GroupPermItem.html
@@ -17,35 +17,20 @@
<td>
<input type="text" data-js="selectGroups" />
</td>
-
-{{#if policyKnox}}
<td>
- <input type="text" data-js="ipAddress" placeholder="Enter IP address"/>
+ <input type="text" data-js="selectUsers" />
+</td>
+{{#if policyConditions}}
+<td>
+ <a href="#" id="policyConditions" data-type="policyConditions" data-original-title="Policy Conditions" ></a>
</td>
{{/if}}
-
-{{#if policyStorm}}
<td>
- <span class="tags" id="tags-editable-1" data-toggle="manual" data-type="checklist"
- data-value="{{stormPerms}}" data-original-title="Select Actions">
- </span>
- <a href="#" id="tags-edit-1" data-editable="tags-editable-1" class="" style="margin-left:10px;">
- {{#if isModelNew}}
- <i class="icon-plus" title="Add"></i>
- {{else}}
- <i class="icon-pencil" title="Edit"></i>
- {{/if}}
- </a>
+ <a href="#" data-js="permissions" data-type="checklist" data-title="Select permissions"></a>
</td>
-{{/if}}
-{{#each permissions}}
- <td style="cursor:pointer;">
- <input data-name="{{./this.label}}" type="checkbox">
- </td>
-{{/each}}
-
-
-
+<td>
+ <input data-js="delegatedAdmin" type="checkbox">
+</td>
<td>
<button type="button" class="btn btn-small btn-danger " data-action="delete">
<i class="icon-remove"></i>
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/templates/policies/GroupPermList.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/policies/GroupPermList.html b/security-admin/src/main/webapp/templates/policies/GroupPermList.html
index ff40e5b..070b908 100644
--- a/security-admin/src/main/webapp/templates/policies/GroupPermList.html
+++ b/security-admin/src/main/webapp/templates/policies/GroupPermList.html
@@ -15,7 +15,7 @@
limitations under the License.
--}}
<div class="control-group">
- <label class="control-label">{{tt 'lbl.groupPermissions'}}</label>
+ <label class="control-label">{{tt 'lbl.permissions'}}</label>
<div class="controls">
<table class="table-permission table-condensed">
<thead>
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html b/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html
index 6f6d737..157e9e1 100644
--- a/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html
+++ b/security-admin/src/main/webapp/templates/policies/RangerPolicyForm_tmpl.html
@@ -39,21 +39,12 @@
</p>
<div class="" data-customfields="groupPerms">
<div class="control-group">
- <label class="control-label">{{tt 'lbl.groupPermissions'}}</label>
+ <label class="control-label">{{tt 'lbl.permissions'}}</label>
<div class="controls">
<img src="images/loading.gif" style=" margin-left: 4%; margin-top: 1%;" />
</div>
</div>
</div>
- <div class="" data-customfields="userPerms">
- <div class="control-group">
- <label class="control-label">{{tt 'lbl.userPermissions'}}</label>
- <div class="controls">
- <img src="images/loading.gif" style=" margin-left: 4%; margin-top: 1%;" />
- </div>
- </div>
- </div>
- <!-- <div class="" data-fields="description"></div> -->
</fieldset>
</form>
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/81cfaef6/security-admin/src/main/webapp/templates/policies/UserPermItem.html
----------------------------------------------------------------------
diff --git a/security-admin/src/main/webapp/templates/policies/UserPermItem.html b/security-admin/src/main/webapp/templates/policies/UserPermItem.html
index b7bbad4..09304f4 100644
--- a/security-admin/src/main/webapp/templates/policies/UserPermItem.html
+++ b/security-admin/src/main/webapp/templates/policies/UserPermItem.html
@@ -17,11 +17,13 @@
<td>
<input type="text" data-js="selectUsers" />
</td>
-{{#if policyKnox}}
-<td>
- <input type="text" data-js="ipAddress" placeholder="Enter IP address"/>
-</td>
-{{/if}}
+{{#each policyConditions}}
+ {{#if this.name}}
+ <td>
+ <input type="text" data-js="{{this.name}}" placeholder="{{this.label}}" class="policy-conditions"/>
+ </td>
+ {{/if}}
+{{/each}}
{{#if policyStorm}}
<td>