You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ab...@apache.org on 2017/03/15 00:34:33 UTC
[1/3] ranger git commit: RANGER-1348:Atlas Autocompletion not working
properly
Repository: ranger
Updated Branches:
refs/heads/ranger-0.7 121d1a981 -> c9e943570
RANGER-1348:Atlas Autocompletion not working properly
Signed-off-by: Colm O hEigeartaigh <co...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/74e86ca1
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/74e86ca1
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/74e86ca1
Branch: refs/heads/ranger-0.7
Commit: 74e86ca146e01415c350940817131dbaeb5a6a02
Parents: 121d1a9
Author: zhangqiang2 <zh...@zte.com.cn>
Authored: Wed Mar 1 03:59:39 2017 -0500
Committer: Abhay Kulkarni <ak...@hortonworks.com>
Committed: Tue Mar 14 17:01:43 2017 -0700
----------------------------------------------------------------------
.../services/atlas/RangerServiceAtlas.java | 100 ++-
.../services/atlas/client/AtlasClient.java | 687 +++++++++++++++----
.../atlas/client/AtlasConnectionMgr.java | 4 +-
.../services/atlas/client/AtlasResourceMgr.java | 65 +-
.../json/model/ResourceEntityResponse.java | 60 ++
.../json/model/ResourceOperationResponse.java | 83 +++
.../json/model/ResourceTaxonomyResponse.java | 50 ++
.../atlas/json/model/ResourceTermResponse.java | 51 ++
.../atlas/json/model/ResourceTypeResponse.java | 53 ++
9 files changed, 920 insertions(+), 233 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
index ba4d263..7e7dfe3 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
@@ -30,61 +30,59 @@ import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.services.atlas.client.AtlasResourceMgr;
-
public class RangerServiceAtlas extends RangerBaseService {
- private static final Log LOG = LogFactory.getLog(RangerServiceAtlas.class);
-
- public RangerServiceAtlas() {
- super();
- }
+ private static final Log LOG = LogFactory.getLog(RangerServiceAtlas.class);
- @Override
- public void init(RangerServiceDef serviceDef, RangerService service) {
- super.init(serviceDef, service);
- }
+ public RangerServiceAtlas() {
+ super();
+ }
- @Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> responseMap = new HashMap<String, Object>();
- String serviceName = getServiceName();
- if(LOG.isDebugEnabled()) {
- LOG.debug("==> RangerServiceAtlas.validateConfig Service: (" + serviceName + " )");
- }
- if ( configs != null) {
- try {
- responseMap = AtlasResourceMgr.validateConfig(serviceName, configs);
- } catch (Exception e) {
- LOG.error("<== RangerServiceAtlas.validateConfig Error:" + e);
- throw e;
- }
- }
- if(LOG.isDebugEnabled()) {
- LOG.debug("<== RangerServiceAtlas.validateConfig Response : (" + responseMap + " )");
- }
- return responseMap;
- }
+ @Override
+ public void init(RangerServiceDef serviceDef, RangerService service) {
+ super.init(serviceDef, service);
+ }
+ @Override
+ public HashMap<String, Object> validateConfig() throws Exception {
+ HashMap<String, Object> responseMap = new HashMap<String, Object>();
+ String serviceName = getServiceName();
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceAtlas.validateConfig Service: ("+ serviceName + " )");
+ }
+ if (configs != null) {
+ try {
+ responseMap = AtlasResourceMgr.validateConfig(serviceName,configs);
+ } catch (Exception e) {
+ LOG.error("<== RangerServiceAtlas.validateConfig Error:" + e);
+ throw e;
+ }
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceAtlas.validateConfig Response : ("+ responseMap + " )");
+ }
+ return responseMap;
+ }
- @Override
- public List<String> lookupResource(ResourceLookupContext context) throws Exception {
- List<String> ret = new ArrayList<String>();
- String serviceName = getServiceName();
- Map<String,String> configs = getConfigs();
- if(LOG.isDebugEnabled()) {
- LOG.debug("==> RangerServiceAtlas.lookupResource Context: (" + context + ")");
- }
- if (context != null) {
- try {
- ret = AtlasResourceMgr.getAtlasTermResources(serviceName,configs,context);
- } catch (Exception e) {
- LOG.error( "<==RangerServiceAtlas.lookupResource Error : " + e);
- throw e;
- }
- }
- if(LOG.isDebugEnabled()) {
- LOG.debug("<== RangerServiceAtlas.lookupResource Response: (" + ret + ")");
- }
- return ret;
- }
+ @Override
+ public List<String> lookupResource(ResourceLookupContext context)throws Exception {
+ List<String> ret = new ArrayList<String>();
+ String serviceName = getServiceName();
+ Map<String, String> configs = getConfigs();
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceAtlas.lookupResource Context: ("+ context + ")");
+ }
+ if (context != null) {
+ try {
+ ret = AtlasResourceMgr.getAtlasResources(serviceName, configs,context);
+ } catch (Exception e) {
+ LOG.error("<==RangerServiceAtlas.lookupResource Error : " + e);
+ throw e;
+ }
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceAtlas.lookupResource Response: (" + ret+ ")");
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
index b959f97..62b67dc 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasClient.java
@@ -35,7 +35,15 @@ import org.apache.log4j.Logger;
import org.apache.ranger.plugin.client.BaseClient;
import org.apache.ranger.plugin.client.HadoopException;
import org.apache.ranger.plugin.util.PasswordUtils;
-
+import org.apache.ranger.services.atlas.json.model.ResourceEntityResponse;
+import org.apache.ranger.services.atlas.json.model.ResourceOperationResponse;
+import org.apache.ranger.services.atlas.json.model.ResourceOperationResponse.Results;
+import org.apache.ranger.services.atlas.json.model.ResourceTaxonomyResponse;
+import org.apache.ranger.services.atlas.json.model.ResourceTermResponse;
+import org.apache.ranger.services.atlas.json.model.ResourceTypeResponse;
+
+import com.google.gson.Gson;
+import com.google.gson.reflect.TypeToken;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
@@ -46,201 +54,588 @@ public class AtlasClient extends BaseClient {
private static final Logger LOG = Logger.getLogger(AtlasClient.class);
private static final String EXPECTED_MIME_TYPE = "application/json";
private static final String ATLAS_STATUS_API_ENDPOINT = "/j_spring_security_check";
- private static final String ATLAS_LIST_TERM_API_ENDPOINT = "/api/atlas/types";
- private static final String errMessage = " You can still save the repository and start creating "
- + "policies, but you would not be able to use autocomplete for "
- + "resource names. Check ranger_admin.log for more info.";
+ /*** TYPE **/
+ private static final String ATLAS_LIST_TYPE_API_ENDPOINT = "/api/atlas/types/";
+ /**** ENTITY **/
+ private static final String ATLAS_ENTITY_lIST_API_ENDPOINT = "/api/atlas/v1/entities";
+ /*** TERM **/
+ private static final String ATLAS_LIST_TERM_API_ENDPOINT = "/api/atlas/v1/taxonomies/Catalog/terms/";
+ /*** TAXONOMY **/
+ private static final String ATLAS_LIST_TAXONOMY_API_ENDPOINT = "/api/atlas/v1/taxonomies/";
+ /*** OPERATION **/
+ private static final String ATLAS_OPERATION_SEARCH_API_ENDPOINT = "/api/atlas/discovery/search/gremlin/query=";
+ private static final String errMessage = " You can still save the repository and start creating "
+ + "policies, but you would not be able to use autocomplete for "
+ + "resource names. Check ranger_admin.log for more info.";
private String atlasUrl;
private String userName;
private String password;
+ private String statusUrl;
- public AtlasClient(String serviceName, Map<String, String> configs) {
+ public AtlasClient(String serviceName, Map<String, String> configs) {
- super(serviceName,configs,"atlas-client");
+ super(serviceName, configs, "atlas-client");
this.atlasUrl = configs.get("atlas.rest.address");
this.userName = configs.get("username");
this.password = configs.get("password");
+ this.statusUrl = atlasUrl + ATLAS_STATUS_API_ENDPOINT;
if (this.atlasUrl == null || this.atlasUrl.isEmpty()) {
LOG.error("No value found for configuration 'atlas.rest.address'. Atlas resource lookup will fail");
- }
+ }
if (this.userName == null || this.userName.isEmpty()) {
- LOG.error("No value found for configuration 'usename'. Atlas resource lookup will fail");
- }
+ LOG.error("No value found for configuration 'username'. Atlas resource lookup will fail");
+ }
if (this.password == null || this.password.isEmpty()) {
- LOG.error("No value found for configuration 'password'. Atlas resource lookup will fail");
- }
+ LOG.error("No value found for configuration 'password'. Atlas resource lookup will fail");
+ }
if (LOG.isDebugEnabled()) {
- LOG.debug("Atlas Client is build with url [" + this.atlasUrl + "] user: [" + this.userName + "], password: [" + "*********" + "]");
+ LOG.debug("Atlas Client is build with url [" + this.atlasUrl + "] user: [" + this.userName
+ + "], password: [" + "*********" + "]");
}
}
- public List<String> getTermList( String termNameMatching, List<String> existingTermList) {
+ public List<String> getResourceList(final String resourceNameMatching, final String atlasResourceParameter,
+ final List<String> existingResourceList) {
if (LOG.isDebugEnabled()) {
- LOG.debug("Getting Atlas Terms list for termNameMatching : " + termNameMatching);
+ LOG.debug("Getting Atlas Resource list for resourceNameMatching : " + resourceNameMatching);
}
final String errMsg = errMessage;
List<String> ret = null;
-
- Callable<List<String>> callableAtlasTermListGetter = new Callable<List<String>>() {
+ Callable<List<String>> callableAtlasResourceListGetter = new Callable<List<String>>() {
@Override
public List<String> call() {
- List<String> atlasTermListGetter = null;
-
+ List<String> atlasResourceListGetter = null;
Subject subj = getLoginSubject();
-
if (subj != null) {
- atlasTermListGetter = Subject.doAs(subj, new PrivilegedAction<List<String>>() {
-
- @Override
- public List<String> run() {
-
- List<String> lret = new ArrayList<String>();
-
- String statusUrl = atlasUrl + ATLAS_STATUS_API_ENDPOINT;
- String resultUrl = atlasUrl + ATLAS_LIST_TERM_API_ENDPOINT;
-
- Client client = null;
- ClientResponse statusResponse = null;
- ClientResponse resultResponse = null;
-
- try {
- client = Client.create();
- WebResource webResource = client.resource(statusUrl);
- MultivaluedMap<String, String> formData = new MultivaluedMapImpl();
- formData.add("j_username", userName);
-
- String decryptedPwd = null;
+ atlasResourceListGetter = Subject.doAs(subj, new PrivilegedAction<List<String>>() {
+ @Override
+ public List<String> run() {
+ Client client = null;
+ List<String> lret = new ArrayList<String>();
try {
- decryptedPwd = PasswordUtils.decryptPassword(password);
- } catch (Exception ex) {
- LOG.info("Password decryption failed; trying Atlas connection with received password string");
- decryptedPwd = null;
+ client = Client.create();
+
+ if (null == resourceNameMatching || "".equals(resourceNameMatching)) {
+ lret = connectionTestResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ } else if ("type".equals(resourceNameMatching)) {
+ lret = getTypeResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ } else if ("term".equals(resourceNameMatching)) {
+ lret = getTermResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ } else if ("taxonomy".equals(resourceNameMatching)) {
+ lret = getTaxonomyResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ } else if ("entity".equals(resourceNameMatching)) {
+ lret = getEntityResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ } else if ("operation".equals(resourceNameMatching)) {
+ lret = getOperationResource(resourceNameMatching, atlasResourceParameter,
+ existingResourceList, client);
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas Resource List.";
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg,
+ null, null);
+ throw hdpException;
} finally {
- if (decryptedPwd == null) {
- decryptedPwd = password;
+ if (client != null) {
+ client.destroy();
}
}
- formData.add("j_password", decryptedPwd);
+ return lret;
+ }
+ });
+ }
+ return atlasResourceListGetter;
+ }
+ };
+ try {
+ ret = timedTask(callableAtlasResourceListGetter, 5, TimeUnit.SECONDS);
+ } catch (Throwable t) {
+ LOG.error("Unable to get Atlas Resource list", t);
+ String msgDesc = "Unable to get a valid response for " + "expected mime type : [" + EXPECTED_MIME_TYPE
+ + "] ";
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ }
+ return ret;
+ }
- try {
- statusResponse = webResource.type("application/x-www-form-urlencoded").post(
- ClientResponse.class, formData);
- } catch (Exception e) {
- String msgDesc = "Unable to get a valid statusResponse for "
- + "expected mime type : [" + EXPECTED_MIME_TYPE
- + "] URL : " + statusUrl + " - got null response.";
- LOG.error(msgDesc);
- }
+ private ClientResponse getStatusResponse(Client client) {
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ try {
+ WebResource webResource = client.resource(statusUrl);
+ MultivaluedMap<String, String> formData = new MultivaluedMapImpl();
+ formData.add("j_username", userName);
+ String decryptedPwd = null;
+ try {
+ decryptedPwd = PasswordUtils.decryptPassword(password);
+ } catch (Exception ex) {
+ LOG.info("Password decryption failed; trying Atlas connection with received password string");
+ decryptedPwd = null;
+ } finally {
+ if (decryptedPwd == null) {
+ decryptedPwd = password;
+ }
+ }
+ formData.add("j_password", PasswordUtils.decryptPassword(password));
+ try {
+ statusResponse = webResource.type("application/x-www-form-urlencoded").post(ClientResponse.class,
+ formData);
+ } catch (Exception e) {
+ String msgDesc = "Unable to get a valid statusResponse for " + "expected mime type : ["
+ + EXPECTED_MIME_TYPE + "] URL : " + statusUrl + " - got null response.";
+ LOG.error(msgDesc);
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getStatusResponse():calling " + statusUrl);
+ }
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getStatusResponse():response.getStatus()= " + statusResponse.getStatus());
+ }
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas Resource List." + " URL : " + statusUrl;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ }
+ return statusResponse;
+ }
- if (LOG.isDebugEnabled()) {
- LOG.debug("getTermList():calling " + statusUrl);
- }
+ public List<String> connectionTestResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ String testConnectiontUrl = atlasUrl + ATLAS_LIST_TYPE_API_ENDPOINT;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
+ try {
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTypeResource():response.getStatus()= " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceTestConnection = client.resource(testConnectiontUrl);
+ WebResource.Builder builder = webResourceTestConnection.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ lret.add(resultResponse.getEntity(String.class));
+ } else {
+ LOG.info("connectionTestResource():response.getStatus()= " + statusResponse.getStatus()
+ + " for URL " + statusUrl + ", so returning null list");
+ LOG.info(statusResponse.getEntity(String.class));
+ lret = null;
+ }
+ }
+ } catch (Throwable t) {
+ lret = null;
+ String msgDesc = "Exception while getting Atlas Resource List." + " URL : " + statusUrl;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
+ if (client != null) {
+ client.destroy();
+ }
+ }
+ return lret;
+ }
- if (statusResponse != null) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("getTermList():response.getStatus()= " + statusResponse.getStatus());
- }
- if (statusResponse.getStatus() == 200) {
- WebResource webResource2 = client
- .resource(resultUrl);
- WebResource.Builder builder = webResource2.getRequestBuilder();
- for (NewCookie cook : statusResponse.getCookies()) { builder = builder.cookie(cook);
+ public List<String> getTypeResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
+ try {
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTypeResource():response.getStatus()= " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceType = client.resource(atlasUrl + ATLAS_LIST_TYPE_API_ENDPOINT);
+ WebResource.Builder builder = webResourceType.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ if (resultResponse != null) {
+ String jsonString = resultResponse.getEntity(String.class).toString();
+ Gson gson = new Gson();
+ List<String> responseResourceList = new ArrayList<String>();
+ ResourceTypeResponse resourceTypeResponses = gson.fromJson(jsonString,
+ ResourceTypeResponse.class);
+ if (resourceTypeResponses != null) {
+ responseResourceList = resourceTypeResponses.getResults();
+ }
+ if (responseResourceList != null) {
+ for (String responseResource : responseResourceList) {
+ if (responseResource != null) {
+ if (existingResourceList != null && existingResourceList.contains(responseResource)) {
+ continue;
+ }
+ if (atlasResourceParameter == null || atlasResourceParameter.isEmpty()
+ || responseResource.startsWith(atlasResourceParameter)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTypeResource():Adding existsResource " + responseResource);
+ }
+ lret.add(responseResource);
}
- resultResponse = builder.get(ClientResponse.class);
- lret.add(resultResponse.getEntity(String.class));
- } else{
- LOG.info("getTermList():response.getStatus()= " + statusResponse.getStatus() + " for URL " + statusUrl + ", so returning null list");
- LOG.info(statusResponse.getEntity(String.class));
- lret = null;
}
}
- } catch (Throwable t) {
- lret = null;
- String msgDesc = "Exception while getting Atlas Term List."
- + " URL : " + statusUrl;
- HadoopException hdpException = new HadoopException(msgDesc,
- t);
- LOG.error(msgDesc, t);
- hdpException.generateResponseDataMap(false,
- BaseClient.getMessage(t), msgDesc + errMsg, null,
- null);
- throw hdpException;
-
- } finally {
- if (statusResponse != null) {
- statusResponse.close();
+ }
+ }
+ }
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas TypeResource List." + " URL : " + atlasUrl
+ + ATLAS_LIST_TYPE_API_ENDPOINT;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
+ if (client != null) {
+ client.destroy();
+ }
+ }
+ return lret;
+ }
+
+ public List<String> getEntityResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
+
+ try {
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getEntityResource():response.getStatus() = " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceEntity = client.resource(atlasUrl + ATLAS_ENTITY_lIST_API_ENDPOINT);
+ WebResource.Builder builder = webResourceEntity.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ if (resultResponse != null) {
+ String jsonString = resultResponse.getEntity(String.class).toString();
+ Gson gson = new Gson();
+ List<String> responseResourceList = new ArrayList<String>();
+ List<ResourceEntityResponse> resourceEntityResponses = gson.fromJson(jsonString,
+ new TypeToken<List<ResourceEntityResponse>>() {
+ }.getType());
+ if (resourceEntityResponses != null) {
+ for (ResourceEntityResponse resourceEntityResponse : resourceEntityResponses) {
+ if (resourceEntityResponse != null) {
+ responseResourceList.add(resourceEntityResponse.getName());
+ }
}
- if (resultResponse != null) {
- resultResponse.close();
+ if (responseResourceList != null) {
+ for (String responseResource : responseResourceList) {
+ if (responseResource != null) {
+ if (existingResourceList != null
+ && existingResourceList.contains(responseResource)) {
+ continue;
+ }
+ if (atlasResourceParameter == null || atlasResourceParameter.isEmpty()
+ || responseResource.startsWith(atlasResourceParameter)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getEntityResource():Adding existsResource "
+ + responseResource);
+ }
+ lret.add(responseResource);
+ }
+ }
+ }
}
+ }
+ }
+ }
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas getEntityResource List." + " URL : " + atlasUrl
+ + ATLAS_ENTITY_lIST_API_ENDPOINT;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
+ }
+ return lret;
+ }
- if (client != null) {
- client.destroy();
+ public List<String> getTermResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
+ try {
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTermResource():response.getStatus()= " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceTerm = client.resource(atlasUrl + ATLAS_LIST_TERM_API_ENDPOINT);
+ WebResource.Builder builder = webResourceTerm.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ if (resultResponse != null) {
+ String jsonString = resultResponse.getEntity(String.class).toString();
+ Gson gson = new Gson();
+ List<String> responseResourceList = new ArrayList<String>();
+ List<ResourceTermResponse> resourceTermResponses = gson.fromJson(jsonString,
+ new TypeToken<List<ResourceTermResponse>>() {
+ }.getType());
+ for (ResourceTermResponse resourceTermResponse : resourceTermResponses) {
+ responseResourceList.add(resourceTermResponse.getName());
+ }
+ if (responseResourceList != null) {
+ for (String responseResource : responseResourceList) {
+ if (responseResource != null) {
+ if (existingResourceList != null && existingResourceList.contains(responseResource)) {
+ continue;
+ }
+ if (atlasResourceParameter == null || atlasResourceParameter.isEmpty()
+ || responseResource.startsWith(atlasResourceParameter)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTermResource():Adding existsResource " + responseResource);
+ }
+ lret.add(responseResource);
+ }
+ }
}
}
- return lret;
}
- } );
}
- return atlasTermListGetter;
- }
- };
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas getTermResource List." + " URL : " + atlasUrl
+ + ATLAS_LIST_TERM_API_ENDPOINT;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
+ }
+ return lret;
+ }
+
+ public List<String> getTaxonomyResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
try {
- ret = timedTask(callableAtlasTermListGetter, 5, TimeUnit.SECONDS);
- } catch ( Throwable t) {
- LOG.error("Unable to get Atlas Terms list from [" + atlasUrl + "]", t);
- String msgDesc = "Unable to get a valid response for "
- + "expected mime type : [" + EXPECTED_MIME_TYPE
- + "] URL : " + atlasUrl;
- HadoopException hdpException = new HadoopException(msgDesc,
- t);
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTaxonomyResource():response.getStatus()= " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceTaxonomy = client.resource(atlasUrl + ATLAS_LIST_TAXONOMY_API_ENDPOINT);
+ WebResource.Builder builder = webResourceTaxonomy.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ if (resultResponse != null) {
+ String jsonString = resultResponse.getEntity(String.class).toString();
+ Gson gson = new Gson();
+ List<String> responseResourceList = new ArrayList<String>();
+ List<ResourceTaxonomyResponse> resourceTaxonomyResponses = gson.fromJson(jsonString,
+ new TypeToken<List<ResourceTaxonomyResponse>>() {
+ }.getType());
+ for (ResourceTaxonomyResponse resourceTaxonomyResponse : resourceTaxonomyResponses) {
+ responseResourceList.add(resourceTaxonomyResponse.getName());
+ }
+ if (responseResourceList != null) {
+ for (String responseResource : responseResourceList) {
+ if (responseResource != null) {
+ if (existingResourceList != null && existingResourceList.contains(responseResource)) {
+ continue;
+ }
+ if (atlasResourceParameter == null || atlasResourceParameter.isEmpty()
+ || responseResource.startsWith(atlasResourceParameter)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getTaxonomyResource():Adding existsResource " + responseResource);
+ }
+ lret.add(responseResource);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas TaxonomyResource List." + " URL : " + atlasUrl
+ + ATLAS_LIST_TAXONOMY_API_ENDPOINT;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ throw hdpException;
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
+ }
+ return lret;
+ }
- hdpException.generateResponseDataMap(false,
- BaseClient.getMessage(t), msgDesc + errMsg, null,
- null);
+ public List<String> getOperationResource(final String resourceNameMatching, final String atlasResourceParameter,
+ List<String> existingResourceList, Client client) {
+ List<String> lret = new ArrayList<String>();
+ final String errMsg = errMessage;
+ ClientResponse statusResponse = null;
+ ClientResponse resultResponse = null;
+ try {
+ client = Client.create();
+ statusResponse = getStatusResponse(client);
+ if (statusResponse != null) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getOperationResource():response.getStatus()= " + statusResponse.getStatus());
+ }
+ if (statusResponse.getStatus() == 200) {
+ WebResource webResourceEntity = client.resource(atlasUrl + ATLAS_OPERATION_SEARCH_API_ENDPOINT);
+ WebResource.Builder builder = webResourceEntity.getRequestBuilder();
+ for (NewCookie cook : statusResponse.getCookies()) {
+ builder = builder.cookie(cook);
+ }
+ resultResponse = builder.get(ClientResponse.class);
+ if (resultResponse != null) {
+ String jsonString = resultResponse.getEntity(String.class).toString();
+ Gson gson = new Gson();
+ List<String> responseResourceList = new ArrayList<String>();
+ List<ResourceOperationResponse> resourceOperationResponses = gson.fromJson(jsonString,
+ new TypeToken<List<ResourceOperationResponse>>() {
+ }.getType());
+ for (ResourceOperationResponse resourceOperationResponse : resourceOperationResponses) {
+ List<Results> results = resourceOperationResponse.getResults();
+ for (Results result : results) {
+ responseResourceList.add(result.getResult());
+ }
+ }
+ if (responseResourceList != null) {
+ for (String responseResource : responseResourceList) {
+ if (responseResource != null) {
+ if (existingResourceList != null && existingResourceList.contains(responseResource)) {
+ continue;
+ }
+ if (atlasResourceParameter == null || atlasResourceParameter.isEmpty()
+ || responseResource.startsWith(atlasResourceParameter)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("getOperationResource():Adding existsResource "
+ + responseResource);
+ }
+ lret.add(responseResource);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ } catch (Throwable t) {
+ String msgDesc = "Exception while getting Atlas OperationResource List." + " URL : " + atlasUrl
+ + ATLAS_OPERATION_SEARCH_API_ENDPOINT;
+ HadoopException hdpException = new HadoopException(msgDesc, t);
+ LOG.error(msgDesc, t);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
throw hdpException;
+
+ } finally {
+ if (statusResponse != null) {
+ statusResponse.close();
+ }
+ if (resultResponse != null) {
+ resultResponse.close();
+ }
}
- return ret;
+ return lret;
}
- public static HashMap<String, Object> connectionTest(String serviceName,
- Map<String, String> configs) {
+ public static HashMap<String, Object> connectionTest(String serviceName, Map<String, String> configs) {
String errMsg = errMessage;
boolean connectivityStatus = false;
HashMap<String, Object> responseData = new HashMap<String, Object>();
+ AtlasClient AtlasClient = getAtlasClient(serviceName, configs);
+ List<String> strList = getAtlasResource(AtlasClient, "", "", null);
- AtlasClient AtlasClient = getAtlasClient(serviceName,
- configs);
- List<String> strList = getAtlasTermResource(AtlasClient, "",null);
-
- if (strList != null && strList.size() > 0 ) {
+ if (strList != null && strList.size() > 0) {
if (LOG.isDebugEnabled()) {
- LOG.debug("TESTING Term list size" + strList.size() + " Atlas Terms");
+ LOG.debug("TESTING Resource list size" + strList.size() + " Atlas Resource");
}
connectivityStatus = true;
}
-
if (connectivityStatus) {
String successMsg = "ConnectionTest Successful";
- BaseClient.generateResponseDataMap(connectivityStatus, successMsg,
- successMsg, null, null, responseData);
+ BaseClient.generateResponseDataMap(connectivityStatus, successMsg, successMsg, null, null, responseData);
} else {
- String failureMsg = "Unable to retrieve any Atlas Terms using given parameters.";
- BaseClient.generateResponseDataMap(connectivityStatus, failureMsg,
- failureMsg + errMsg, null, null, responseData);
+ String failureMsg = "Unable to retrieve any Atlas Resource using given parameters.";
+ BaseClient.generateResponseDataMap(connectivityStatus, failureMsg, failureMsg + errMsg, null, null,
+ responseData);
}
-
return responseData;
}
- public static AtlasClient getAtlasClient(String serviceName,
- Map<String, String> configs) {
+ public static AtlasClient getAtlasClient(String serviceName, Map<String, String> configs) {
AtlasClient AtlasClient = null;
if (LOG.isDebugEnabled()) {
LOG.debug("Getting AtlasClient for datasource: " + serviceName);
@@ -250,56 +645,50 @@ public class AtlasClient extends BaseClient {
String msgDesc = "Could not connect as Connection ConfigMap is empty.";
LOG.error(msgDesc);
HadoopException hdpException = new HadoopException(msgDesc);
- hdpException.generateResponseDataMap(false, msgDesc, msgDesc
- + errMsg, null, null);
+ hdpException.generateResponseDataMap(false, msgDesc, msgDesc + errMsg, null, null);
throw hdpException;
} else {
- AtlasClient = new AtlasClient (serviceName, configs);
+ AtlasClient = new AtlasClient(serviceName, configs);
}
return AtlasClient;
}
- public static List<String> getAtlasTermResource (final AtlasClient atlasClient,
- String atlasTermName, List<String> existingAtlasTermName) {
+ public static List<String> getAtlasResource(final AtlasClient atlasClient, String atlasResourceName,
+ String atlasResourceParameter, List<String> existingAtlasResourceName) {
List<String> resultList = new ArrayList<String>();
String errMsg = errMessage;
try {
if (atlasClient == null) {
- String msgDesc = "Unable to get Atlas Terms : AtlasClient is null.";
+ String msgDesc = "Unable to get Atlas Resource : AtlasClient is null.";
LOG.error(msgDesc);
HadoopException hdpException = new HadoopException(msgDesc);
- hdpException.generateResponseDataMap(false, msgDesc, msgDesc
- + errMsg, null, null);
+ hdpException.generateResponseDataMap(false, msgDesc, msgDesc + errMsg, null, null);
throw hdpException;
}
- if (atlasTermName != null) {
- String finalAtlasTermName = atlasTermName.trim();
- resultList = atlasClient
- .getTermList(finalAtlasTermName,existingAtlasTermName);
+ if (atlasResourceName != null) {
+ String finalAtlasResourceName = atlasResourceName.trim();
+ resultList = atlasClient.getResourceList(finalAtlasResourceName, atlasResourceParameter,
+ existingAtlasResourceName);
if (resultList != null) {
if (LOG.isDebugEnabled()) {
- LOG.debug("Returning list of " + resultList.size() + " Atlas Terms");
+ LOG.debug("Returning list of " + resultList.size() + " Atlas Resources");
}
}
}
- }catch (Throwable t) {
- String msgDesc = "getAtlasResource: Unable to get Atlas resources.";
+ } catch (Throwable t) {
+ String msgDesc = "getAtlasResource: Unable to get Atlas Resources.";
LOG.error(msgDesc, t);
HadoopException hdpException = new HadoopException(msgDesc);
-
- hdpException.generateResponseDataMap(false,
- BaseClient.getMessage(t), msgDesc + errMsg, null, null);
+ hdpException.generateResponseDataMap(false, BaseClient.getMessage(t), msgDesc + errMsg, null, null);
throw hdpException;
}
-
return resultList;
}
- public static <T> T timedTask(Callable<T> callableObj, long timeout,
- TimeUnit timeUnit) throws Exception {
+ public static <T> T timedTask(Callable<T> callableObj, long timeout, TimeUnit timeUnit) throws Exception {
return callableObj.call();
}
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasConnectionMgr.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasConnectionMgr.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasConnectionMgr.java
index 84e24c5..140f91e 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasConnectionMgr.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasConnectionMgr.java
@@ -24,7 +24,7 @@ import java.util.Map;
public class AtlasConnectionMgr {
public static AtlasClient getAtlasClient(String serviceName, Map<String, String> configs) {
- return new AtlasClient(serviceName, configs);
- }
+ return new AtlasClient(serviceName, configs);
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
index 93b2662..cb2ac9a 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
@@ -26,10 +26,8 @@ import java.util.Map;
import org.apache.log4j.Logger;
import org.apache.ranger.plugin.service.ResourceLookupContext;
-
public class AtlasResourceMgr {
private static final Logger LOG = Logger.getLogger(AtlasResourceMgr.class);
- private static final String ATLASTERM = "terms";
public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
@@ -52,37 +50,42 @@ public class AtlasResourceMgr {
return ret;
}
- public static List<String> getAtlasTermResources(String serviceName, Map<String, String> configs,ResourceLookupContext context) {
- String userInput = context.getUserInput();
- Map<String, List<String>> resourceMap = context.getResources();
- List<String> resultList = null;
- List<String> atlasTermList = null;
- String atlasTermName = null;
-
- if ( resourceMap != null && !resourceMap.isEmpty() &&
- resourceMap.get(ATLASTERM) != null ) {
- atlasTermName = userInput;
- atlasTermList = resourceMap.get(ATLASTERM);
+ public static List<String> getAtlasResources(String serviceName, Map<String, String> configs,
+ ResourceLookupContext context) {
+ String userInput = context.getUserInput();
+ Map<String, List<String>> resourceMap = context.getResources();
+ List<String> resultList = null;
+ List<String> atlasResourceList = null;
+ String atlasResourceName = null;
+ String atlasResourceParameter = null;
+ if (null != context) {
+ atlasResourceName = context.getResourceName();
+ }
+ if (resourceMap != null && !resourceMap.isEmpty()) {
+ atlasResourceParameter = userInput;
+ atlasResourceList = resourceMap.get(atlasResourceName);
} else {
- atlasTermName = userInput;
+ atlasResourceParameter = userInput;
}
- if (configs == null || configs.isEmpty()) {
- LOG.error("Connection Config is empty");
- } else {
- resultList = getAtlasTermResource(serviceName, configs, atlasTermName,atlasTermList);
- }
- return resultList;
- }
+ if (configs == null || configs.isEmpty()) {
+ LOG.error("Connection Config is empty");
+ } else {
+ resultList = getAtlasResource(serviceName, configs, atlasResourceName, atlasResourceParameter,
+ atlasResourceList);
+ }
+ return resultList;
+ }
- public static List<String> getAtlasTermResource(String serviceName, Map<String, String> configs, String atlasTermName, List<String> atlasTermList) {
- final AtlasClient atlasClient = AtlasConnectionMgr.getAtlasClient(serviceName, configs);
- List<String> termList = null;
- if (atlasClient != null) {
- synchronized(atlasClient) {
- termList = atlasClient.getTermList(atlasTermName, atlasTermList);
- }
- }
- return termList;
- }
+ public static List<String> getAtlasResource(String serviceName, Map<String, String> configs,
+ String atlasResourceName, String atlasResourceParameter, List<String> atlasResourceList) {
+ final AtlasClient atlasClient = AtlasConnectionMgr.getAtlasClient(serviceName, configs);
+ List<String> resourceList = null;
+ if (atlasClient != null) {
+ synchronized (atlasClient) {
+ resourceList = atlasClient.getResourceList(atlasResourceName, atlasResourceParameter, atlasResourceList);
+ }
+ }
+ return resourceList;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceEntityResponse.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceEntityResponse.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceEntityResponse.java
new file mode 100644
index 0000000..a9ebc66
--- /dev/null
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceEntityResponse.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.atlas.json.model;
+
+public class ResourceEntityResponse {
+
+ private String href;
+ private String name;
+ private String id;
+ private String type;
+
+ public String getHref() {
+ return href;
+ }
+
+ public void setHref(String href) {
+ this.href = href;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getId() {
+ return id;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public String getType() {
+ return type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceOperationResponse.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceOperationResponse.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceOperationResponse.java
new file mode 100644
index 0000000..d017e47
--- /dev/null
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceOperationResponse.java
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.atlas.json.model;
+
+import java.util.List;
+
+public class ResourceOperationResponse {
+ private String requestId;
+ private String query;
+ private String queryType;
+ private List<Results> results;
+
+ public String getRequestId() {
+ return requestId;
+ }
+
+ public void setRequestId(String requestId) {
+ this.requestId = requestId;
+ }
+
+ public String getQuery() {
+ return query;
+ }
+
+ public void setQuery(String query) {
+ this.query = query;
+ }
+
+ public String getQueryType() {
+ return queryType;
+ }
+
+ public void setQueryType(String queryType) {
+ this.queryType = queryType;
+ }
+
+ public List<Results> getResults() {
+ return results;
+ }
+
+ public void setResults(List<Results> results) {
+ this.results = results;
+ }
+
+ public class Results {
+
+ private String result;
+ private String count;
+
+ public String getResult() {
+ return result;
+ }
+
+ public void setResult(String result) {
+ this.result = result;
+ }
+
+ public String getCount() {
+ return count;
+ }
+
+ public void setCount(String count) {
+ this.count = count;
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTaxonomyResponse.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTaxonomyResponse.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTaxonomyResponse.java
new file mode 100644
index 0000000..8d4d183
--- /dev/null
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTaxonomyResponse.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.atlas.json.model;
+
+public class ResourceTaxonomyResponse {
+ private String href;
+ private String name;
+ private String description;
+
+ public String getHref() {
+ return href;
+ }
+
+ public void setHref(String href) {
+ this.href = href;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTermResponse.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTermResponse.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTermResponse.java
new file mode 100644
index 0000000..75259ec
--- /dev/null
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTermResponse.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.atlas.json.model;
+
+public class ResourceTermResponse {
+
+ private String href;
+ private String name;
+ private String description;
+
+ public String getHref() {
+ return href;
+ }
+
+ public void setHref(String href) {
+ this.href = href;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ranger/blob/74e86ca1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTypeResponse.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTypeResponse.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTypeResponse.java
new file mode 100644
index 0000000..6df9782
--- /dev/null
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/json/model/ResourceTypeResponse.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.services.atlas.json.model;
+
+import java.util.List;
+
+public class ResourceTypeResponse {
+
+ private List<String> results;
+ private String count;
+ private String requestId;
+
+ public String getCount() {
+ return count;
+ }
+
+ public void setCount(String count) {
+ this.count = count;
+ }
+
+ public String getRequestId() {
+ return requestId;
+ }
+
+ public void setRequestId(String requestId) {
+ this.requestId = requestId;
+ }
+
+ public List<String> getResults() {
+ return results;
+ }
+
+ public void setResults(List<String> results) {
+ this.results = results;
+ }
+
+}
[2/3] ranger git commit: RANGER-1426 - Change return type of
RangerBaseService.validateConfig
Posted by ab...@apache.org.
RANGER-1426 - Change return type of RangerBaseService.validateConfig
Signed-off-by: Colm O hEigeartaigh <co...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/959ba7f0
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/959ba7f0
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/959ba7f0
Branch: refs/heads/ranger-0.7
Commit: 959ba7f068efdf6000e33e4e082a7b8c07f36473
Parents: 74e86ca
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Mar 7 11:53:36 2017 +0000
Committer: Abhay Kulkarni <ak...@hortonworks.com>
Committed: Tue Mar 14 17:07:51 2017 -0700
----------------------------------------------------------------------
.../java/org/apache/ranger/plugin/client/BaseClient.java | 3 +--
.../org/apache/ranger/plugin/service/RangerBaseService.java | 3 +--
.../org/apache/ranger/services/tag/RangerServiceTag.java | 2 +-
.../org/apache/ranger/services/hbase/RangerServiceHBase.java | 4 ++--
.../org/apache/ranger/services/hbase/client/HBaseClient.java | 4 ++--
.../ranger/services/hbase/client/HBaseResourceMgr.java | 5 ++---
.../org/apache/ranger/services/hdfs/RangerServiceHdfs.java | 4 ++--
.../org/apache/ranger/services/hdfs/client/HdfsClient.java | 4 ++--
.../apache/ranger/services/hdfs/client/HdfsResourceMgr.java | 5 ++---
.../org/apache/ranger/services/hive/RangerServiceHive.java | 4 ++--
.../org/apache/ranger/services/hive/client/HiveClient.java | 4 ++--
.../apache/ranger/services/hive/client/HiveResourceMgr.java | 5 ++---
.../org/apache/ranger/services/knox/RangerServiceKnox.java | 4 ++--
.../org/apache/ranger/services/knox/client/KnoxClient.java | 4 ++--
.../apache/ranger/services/knox/client/KnoxResourceMgr.java | 5 ++---
.../org/apache/ranger/services/atlas/RangerServiceAtlas.java | 4 ++--
.../ranger/services/atlas/client/AtlasResourceMgr.java | 5 ++---
.../org/apache/ranger/services/kafka/RangerServiceKafka.java | 6 ++++--
.../ranger/services/kafka/client/ServiceKafkaClient.java | 4 ++--
.../services/kafka/client/ServiceKafkaConnectionMgr.java | 3 +--
.../org/apache/ranger/services/kms/RangerServiceKMS.java | 4 ++--
.../org/apache/ranger/services/kms/client/KMSClient.java | 4 ++--
.../apache/ranger/services/kms/client/KMSResourceMgr.java | 5 ++---
.../org/apache/ranger/services/solr/RangerServiceSolr.java | 6 ++++--
.../ranger/services/solr/client/ServiceSolrClient.java | 4 ++--
.../services/solr/client/ServiceSolrConnectionMgr.java | 3 +--
.../org/apache/ranger/services/yarn/RangerServiceYarn.java | 4 ++--
.../org/apache/ranger/services/yarn/client/YarnClient.java | 4 ++--
.../apache/ranger/services/yarn/client/YarnResourceMgr.java | 5 ++---
.../src/main/java/org/apache/ranger/biz/ServiceMgr.java | 8 ++++----
.../org/apache/ranger/services/storm/RangerServiceStorm.java | 4 ++--
.../org/apache/ranger/services/storm/client/StormClient.java | 4 ++--
.../ranger/services/storm/client/StormResourceMgr.java | 5 ++---
33 files changed, 67 insertions(+), 75 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java b/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java
index aa90a92..70682a6 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java
@@ -21,7 +21,6 @@
import java.io.IOException;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -163,7 +162,7 @@ public abstract class BaseClient {
public static void generateResponseDataMap(boolean connectivityStatus,
String message, String description, Long objectId,
- String fieldName, HashMap<String, Object> responseData) {
+ String fieldName, Map<String, Object> responseData) {
responseData.put("connectivityStatus", connectivityStatus);
responseData.put("message", message);
responseData.put("description", description);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
index 73027a0..debaa83 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
@@ -19,7 +19,6 @@
package org.apache.ranger.plugin.service;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -82,7 +81,7 @@ public abstract class RangerBaseService {
this.serviceType = serviceType;
}
- public abstract HashMap<String, Object> validateConfig() throws Exception;
+ public abstract Map<String, Object> validateConfig() throws Exception;
public abstract List<String> lookupResource(ResourceLookupContext context) throws Exception;
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
index 3940154..d3085d4 100644
--- a/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
+++ b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
@@ -56,7 +56,7 @@ public class RangerServiceTag extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
+ public Map<String,Object> validateConfig() throws Exception {
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceTag.validateConfig(" + serviceName + " )");
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hbase-agent/src/main/java/org/apache/ranger/services/hbase/RangerServiceHBase.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/RangerServiceHBase.java b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/RangerServiceHBase.java
index 7d5bf9b..01b97ea 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/RangerServiceHBase.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/RangerServiceHBase.java
@@ -46,8 +46,8 @@ public class RangerServiceHBase extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
index f0f086c..d9870e3 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
@@ -85,10 +85,10 @@ public class HBaseClient extends BaseClient {
return connectionProp;
}
- public static HashMap<String, Object> connectionTest (String dataSource,
+ public static Map<String, Object> connectionTest (String dataSource,
Map<String, String> configs) throws Exception {
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
final String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
+ "resource names. Check ranger_admin.log for more info.";
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseResourceMgr.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseResourceMgr.java b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseResourceMgr.java
index c033b00..5db6277 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseResourceMgr.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseResourceMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.hbase.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
@@ -38,8 +37,8 @@ public class HBaseResourceMgr {
private static final String TABLE = "table";
private static final String COLUMNFAMILY = "column-family";
- public static HashMap<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("<== HBaseResourceMgr.connectionTest() ServiceName: "+ serviceName + "Configs" + configs );
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
index e1648dc..bc12da9 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
@@ -46,8 +46,8 @@ public class RangerServiceHdfs extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("<== RangerServiceHdfs.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
index d712b08..4db0ec1 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
@@ -198,11 +198,11 @@ public class HdfsClient extends BaseClient {
}
}
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) throws Exception {
LOG.info("===> HdfsClient.testConnection()" );
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
boolean connectivityStatus = false;
String validateConfigsMsg = null;
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsResourceMgr.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsResourceMgr.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsResourceMgr.java
index bb6aa496..ffbab2a 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsResourceMgr.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsResourceMgr.java
@@ -20,7 +20,6 @@
package org.apache.ranger.services.hdfs.client;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
@@ -36,8 +35,8 @@ public class HdfsResourceMgr {
private static final Logger LOG = Logger.getLogger(HdfsResourceMgr.class);
public static final String PATH = "path";
- public static HashMap<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("<== HdfsResourceMgr.connectionTest ServiceName: "+ serviceName + "Configs" + configs );
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java b/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
index 9ce0347..a2bd5f7 100644
--- a/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
+++ b/hive-agent/src/main/java/org/apache/ranger/services/hive/RangerServiceHive.java
@@ -46,8 +46,8 @@ public class RangerServiceHive extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceHive.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveClient.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveClient.java b/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveClient.java
index ec61458..734c8e7 100644
--- a/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveClient.java
+++ b/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveClient.java
@@ -620,10 +620,10 @@ public class HiveClient extends BaseClient implements Closeable {
}
}
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> connectionProperties) throws Exception {
HiveClient connectionObj = null;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
boolean connectivityStatus = false;
String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveResourceMgr.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveResourceMgr.java b/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveResourceMgr.java
index 0a15f70..f1da958 100644
--- a/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveResourceMgr.java
+++ b/hive-agent/src/main/java/org/apache/ranger/services/hive/client/HiveResourceMgr.java
@@ -18,7 +18,6 @@
*/
package org.apache.ranger.services.hive.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
@@ -38,8 +37,8 @@ public class HiveResourceMgr {
private static final String COLUMN = "column";
- public static HashMap<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> connectionTest(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("==> HiveResourceMgr.connectionTest ServiceName: "+ serviceName + "Configs" + configs );
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/knox-agent/src/main/java/org/apache/ranger/services/knox/RangerServiceKnox.java
----------------------------------------------------------------------
diff --git a/knox-agent/src/main/java/org/apache/ranger/services/knox/RangerServiceKnox.java b/knox-agent/src/main/java/org/apache/ranger/services/knox/RangerServiceKnox.java
index 813b690..b72e776 100644
--- a/knox-agent/src/main/java/org/apache/ranger/services/knox/RangerServiceKnox.java
+++ b/knox-agent/src/main/java/org/apache/ranger/services/knox/RangerServiceKnox.java
@@ -45,8 +45,8 @@ public class RangerServiceKnox extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceKnox.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
----------------------------------------------------------------------
diff --git a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
index 4c389e3..ec08ae8 100644
--- a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
+++ b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
@@ -302,14 +302,14 @@ public class KnoxClient {
}
}
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) {
String errMsg = " You can still save the repository and start creating "
+ "policies, but you would not be able to use autocomplete for "
+ "resource names. Check ranger_admin.log for more info.";
boolean connectivityStatus = false;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
KnoxClient knoxClient = getKnoxClient(serviceName, configs);
List<String> strList = getKnoxResources(knoxClient, "", null,null,null);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxResourceMgr.java
----------------------------------------------------------------------
diff --git a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxResourceMgr.java b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxResourceMgr.java
index 1d086fb..e887b11 100644
--- a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxResourceMgr.java
+++ b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxResourceMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.knox.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -34,8 +33,8 @@ public class KnoxResourceMgr {
private static final String TOPOLOGY = "topology";
private static final String SERVICE = "service";
- public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if (LOG.isDebugEnabled()) {
LOG.debug("==> KnoxResourceMgr.testConnection ServiceName: "+ serviceName + "Configs" + configs );
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
index 7e7dfe3..d2b60bd 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
@@ -44,8 +44,8 @@ public class RangerServiceAtlas extends RangerBaseService {
}
@Override
- public HashMap<String, Object> validateConfig() throws Exception {
- HashMap<String, Object> responseMap = new HashMap<String, Object>();
+ public Map<String, Object> validateConfig() throws Exception {
+ Map<String, Object> responseMap = new HashMap<String, Object>();
String serviceName = getServiceName();
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceAtlas.validateConfig Service: ("+ serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
index cb2ac9a..f81e304 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/client/AtlasResourceMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.atlas.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -29,9 +28,9 @@ import org.apache.ranger.plugin.service.ResourceLookupContext;
public class AtlasResourceMgr {
private static final Logger LOG = Logger.getLogger(AtlasResourceMgr.class);
- public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
+ public static Map<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("==> AtlasResourceMgr.validateConfig ServiceName: "+ serviceName + "Configs" + configs );
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
index 2f031fa..86e97bc 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
@@ -21,6 +21,8 @@ package org.apache.ranger.services.kafka;
import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -43,8 +45,8 @@ public class RangerServiceKafka extends RangerBaseService {
}
@Override
- public HashMap<String, Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String, Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceKafka.validateConfig(" + serviceName + ")");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaClient.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaClient.java b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaClient.java
index c908550..6929257 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaClient.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaClient.java
@@ -59,9 +59,9 @@ public class ServiceKafkaClient {
this.zookeeperConnect = zookeeperConnect;
}
- public HashMap<String, Object> connectionTest() throws Exception {
+ public Map<String, Object> connectionTest() throws Exception {
String errMsg = errMessage;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
try {
getTopicList(null);
// If it doesn't throw exception, then assume the instance is
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaConnectionMgr.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaConnectionMgr.java b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaConnectionMgr.java
index 0056c84..9e0d6b4 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaConnectionMgr.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/client/ServiceKafkaConnectionMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.kafka.client;
-import java.util.HashMap;
import java.util.Map;
public class ServiceKafkaConnectionMgr {
@@ -41,7 +40,7 @@ public class ServiceKafkaConnectionMgr {
* @param configs
* @return
*/
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) throws Exception {
ServiceKafkaClient serviceKafkaClient = getKafkaClient(serviceName,
configs);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
index 8b41ae3..7657099 100644
--- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
+++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
@@ -44,8 +44,8 @@ public class RangerServiceKMS extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceKMS.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java
index 016065d..af0ac71 100755
--- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java
+++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java
@@ -305,13 +305,13 @@ public class KMSClient {
return lret;
}
- public static HashMap<String, Object> testConnection(String serviceName,
+ public static Map<String, Object> testConnection(String serviceName,
Map<String, String> configs) {
List<String> strList = new ArrayList<String>();
String errMsg = errMessage;
boolean connectivityStatus = false;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
KMSClient kmsClient = getKmsClient(serviceName, configs);
strList = getKmsKey(kmsClient, "", null);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
index 09f2a6f..fe54723 100755
--- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
+++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.kms.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -30,8 +29,8 @@ public class KMSResourceMgr {
private static final Logger LOG = Logger.getLogger(KMSResourceMgr.class);
private static final String KMSKEY = "keyname";
- public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("==> KMSResourceMgr.validateConfig ServiceName: "+ serviceName + "Configs" + configs );
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java b/plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java
index 8fa51ea..6477af7 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java
@@ -21,6 +21,8 @@ package org.apache.ranger.services.solr;
import java.util.HashMap;
import java.util.List;
+import java.util.Map;
+
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -44,8 +46,8 @@ public class RangerServiceSolr extends RangerBaseService {
}
@Override
- public HashMap<String, Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String, Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceSolr.validateConfig Service: ("
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java
index 74da115..bc5fdd0 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java
@@ -71,9 +71,9 @@ public class ServiceSolrClient {
}
- public HashMap<String, Object> connectionTest() throws Exception {
+ public Map<String, Object> connectionTest() throws Exception {
String errMsg = errMessage;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
try {
getCollectionList(null);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java
index 81b664c..d8470a0 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.solr.client;
-import java.util.HashMap;
import java.util.Map;
import org.apache.solr.client.solrj.SolrClient;
@@ -49,7 +48,7 @@ public class ServiceSolrConnectionMgr {
* @param configs
* @return
*/
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) throws Exception {
ServiceSolrClient serviceSolrClient = getSolrClient(serviceName,
configs);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
----------------------------------------------------------------------
diff --git a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
index 7b11ded..69f2bc3 100644
--- a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
+++ b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
@@ -44,8 +44,8 @@ public class RangerServiceYarn extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceYarn.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java
----------------------------------------------------------------------
diff --git a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java
index e8ad7b9..9188bd7 100644
--- a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java
+++ b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnClient.java
@@ -249,12 +249,12 @@ public class YarnClient extends BaseClient {
return ret;
}
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) {
String errMsg = errMessage;
boolean connectivityStatus = false;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
YarnClient yarnClient = getYarnClient(serviceName,
configs);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java
----------------------------------------------------------------------
diff --git a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java
index 35b138f..991db07 100644
--- a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java
+++ b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/client/YarnResourceMgr.java
@@ -19,7 +19,6 @@
package org.apache.ranger.services.yarn.client;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -30,8 +29,8 @@ public class YarnResourceMgr {
private static final Logger LOG = Logger.getLogger(YarnResourceMgr.class);
private static final String YARNQUEUE = "queue";
- public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("==> YarnResourceMgr.validateConfig ServiceName: "+ serviceName + "Configs" + configs );
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
index f512049..f2b8f99 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
@@ -174,7 +174,7 @@ public class ServiceMgr {
// Timeout value use during validate config is 10 times that used during lookup
long time = getTimeoutValueForValidateConfigInMilliSeconds(svc);
ValidateCallable callable = new ValidateCallable(svc);
- HashMap<String, Object> responseData = timedExecutor.timedTask(callable, time, TimeUnit.MILLISECONDS);
+ Map<String, Object> responseData = timedExecutor.timedTask(callable, time, TimeUnit.MILLISECONDS);
ret = generateResponseForTestConn(responseData, "");
} catch (Exception e) {
@@ -373,7 +373,7 @@ public class ServiceMgr {
}
private VXResponse generateResponseForTestConn(
- HashMap<String, Object> responseData, String msg) {
+ Map<String, Object> responseData, String msg) {
VXResponse vXResponse = new VXResponse();
Long objId = null;
@@ -544,7 +544,7 @@ public class ServiceMgr {
}
}
- static class ValidateCallable extends TimedCallable<HashMap<String, Object>> {
+ static class ValidateCallable extends TimedCallable<Map<String, Object>> {
public ValidateCallable(RangerBaseService svc) {
super(svc);
@@ -556,7 +556,7 @@ public class ServiceMgr {
}
@Override
- public HashMap<String, Object> actualCall() throws Exception {
+ public Map<String, Object> actualCall() throws Exception {
return svc.validateConfig();
}
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/storm-agent/src/main/java/org/apache/ranger/services/storm/RangerServiceStorm.java
----------------------------------------------------------------------
diff --git a/storm-agent/src/main/java/org/apache/ranger/services/storm/RangerServiceStorm.java b/storm-agent/src/main/java/org/apache/ranger/services/storm/RangerServiceStorm.java
index dccd311..d4dbd7b 100644
--- a/storm-agent/src/main/java/org/apache/ranger/services/storm/RangerServiceStorm.java
+++ b/storm-agent/src/main/java/org/apache/ranger/services/storm/RangerServiceStorm.java
@@ -45,8 +45,8 @@ public class RangerServiceStorm extends RangerBaseService {
}
@Override
- public HashMap<String,Object> validateConfig() throws Exception {
- HashMap<String, Object> ret = new HashMap<String, Object>();
+ public Map<String,Object> validateConfig() throws Exception {
+ Map<String, Object> ret = new HashMap<String, Object>();
String serviceName = getServiceName();
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceStorm.validateConfig Service: (" + serviceName + " )");
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java
----------------------------------------------------------------------
diff --git a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java
index cb56609..b72a9a2 100644
--- a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java
+++ b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java
@@ -348,12 +348,12 @@ public class StormClient {
return ret;
}
- public static HashMap<String, Object> connectionTest(String serviceName,
+ public static Map<String, Object> connectionTest(String serviceName,
Map<String, String> configs) {
String errMsg = errMessage;
boolean connectivityStatus = false;
- HashMap<String, Object> responseData = new HashMap<String, Object>();
+ Map<String, Object> responseData = new HashMap<String, Object>();
StormClient stormClient = getStormClient(serviceName,
configs);
http://git-wip-us.apache.org/repos/asf/ranger/blob/959ba7f0/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormResourceMgr.java
----------------------------------------------------------------------
diff --git a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormResourceMgr.java b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormResourceMgr.java
index 43960b3..0dd5507 100644
--- a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormResourceMgr.java
+++ b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormResourceMgr.java
@@ -20,7 +20,6 @@
package org.apache.ranger.services.storm.client;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -31,8 +30,8 @@ public class StormResourceMgr {
private static final Logger LOG = Logger.getLogger(StormResourceMgr.class);
private static final String TOPOLOGY = "topology";
- public static HashMap<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
- HashMap<String, Object> ret = null;
+ public static Map<String, Object> validateConfig(String serviceName, Map<String, String> configs) throws Exception {
+ Map<String, Object> ret = null;
if(LOG.isDebugEnabled()) {
LOG.debug("==> StormResourceMgr.validateConfig ServiceName: "+ serviceName + "Configs" + configs );
[3/3] ranger git commit: RANGER-1321:Provide a mechanism to create
service-specific default policies
Posted by ab...@apache.org.
RANGER-1321:Provide a mechanism to create service-specific default policies
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/c9e94357
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/c9e94357
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/c9e94357
Branch: refs/heads/ranger-0.7
Commit: c9e94357028234db1b1ff9be57ecf13ae29f5d87
Parents: 959ba7f
Author: Abhay Kulkarni <ak...@hortonworks.com>
Authored: Mon Mar 13 19:44:29 2017 -0700
Committer: Abhay Kulkarni <ak...@hortonworks.com>
Committed: Tue Mar 14 17:10:44 2017 -0700
----------------------------------------------------------------------
.../plugin/service/RangerBaseService.java | 203 +++++++++-
.../ranger/services/tag/RangerServiceTag.java | 82 +++-
.../hadoop/RangerHdfsAuthorizer.java | 8 +-
.../ranger/services/hdfs/RangerServiceHdfs.java | 47 +++
.../services/atlas/RangerServiceAtlas.java | 31 ++
.../services/kafka/RangerServiceKafka.java | 39 +-
.../ranger/services/kms/RangerServiceKMS.java | 103 ++++-
.../yarn/authorizer/RangerYarnAuthorizer.java | 8 +-
.../ranger/services/yarn/RangerServiceYarn.java | 46 +++
.../org/apache/ranger/biz/ServiceDBStore.java | 399 +++----------------
.../apache/ranger/biz/TestServiceDBStore.java | 171 +-------
11 files changed, 606 insertions(+), 531 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
index debaa83..9955051 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBaseService.java
@@ -19,21 +19,44 @@
package org.apache.ranger.plugin.service;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.commons.collections.CollectionUtils;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.security.SecureClientLogin;
+import org.apache.hadoop.security.authentication.util.KerberosName;
+import org.apache.ranger.authorization.hadoop.config.RangerConfiguration;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.validation.RangerServiceDefHelper;
+import org.apache.ranger.plugin.resourcematcher.RangerAbstractResourceMatcher;
public abstract class RangerBaseService {
- private RangerServiceDef serviceDef;
- private RangerService service;
-
+ private static final Log LOG = LogFactory.getLog(RangerBaseService.class);
+
+ protected static final String ADMIN_USER_PRINCIPAL = "ranger.admin.kerberos.principal";
+ protected static final String ADMIN_USER_KEYTAB = "ranger.admin.kerberos.keytab";
+ protected static final String LOOKUP_PRINCIPAL = "ranger.lookup.kerberos.principal";
+ protected static final String LOOKUP_KEYTAB = "ranger.lookup.kerberos.keytab";
+ protected static final String RANGER_AUTH_TYPE = "hadoop.security.authentication";
+
+ protected static final String KERBEROS_TYPE = "kerberos";
+
+ protected RangerServiceDef serviceDef;
+ protected RangerService service;
+
protected Map<String, String> configs;
protected String serviceName;
protected String serviceType;
-
public void init(RangerServiceDef serviceDef, RangerService service) {
this.serviceDef = serviceDef;
@@ -84,8 +107,172 @@ public abstract class RangerBaseService {
public abstract Map<String, Object> validateConfig() throws Exception;
public abstract List<String> lookupResource(ResourceLookupContext context) throws Exception;
-
-
-
-
+
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerBaseService.getDefaultRangerPolicies() ");
+ }
+ List<RangerPolicy> ret = new ArrayList<RangerPolicy>();
+
+ try {
+ // we need to create one policy for each resource hierarchy
+ RangerServiceDefHelper serviceDefHelper = new RangerServiceDefHelper(serviceDef);
+ for (List<RangerServiceDef.RangerResourceDef> aHierarchy : serviceDefHelper.getResourceHierarchies(RangerPolicy.POLICY_TYPE_ACCESS)) {
+ RangerPolicy policy = getDefaultPolicy(aHierarchy);
+ if (policy != null) {
+ ret.add(policy);
+ }
+ }
+ } catch (Exception e) {
+ LOG.error("Error getting default polcies for Service: " + service.getName(), e);
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerBaseService.getDefaultRangerPolicies(): " + ret);
+ }
+ return ret;
+ }
+
+ public List<RangerPolicy.RangerPolicyItemAccess> getAndAllowAllAccesses() {
+ List<RangerPolicy.RangerPolicyItemAccess> ret = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();
+
+ for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : serviceDef.getAccessTypes()) {
+ RangerPolicy.RangerPolicyItemAccess access = new RangerPolicy.RangerPolicyItemAccess();
+ access.setType(accessTypeDef.getName());
+ access.setIsAllowed(true);
+ ret.add(access);
+ }
+ return ret;
+ }
+
+ private RangerPolicy getDefaultPolicy(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerBaseService.getDefaultPolicy()");
+ }
+
+ RangerPolicy policy = new RangerPolicy();
+
+ String policyName=buildPolicyName(resourceHierarchy);
+
+ policy.setIsEnabled(true);
+ policy.setVersion(1L);
+ policy.setName(policyName);
+ policy.setService(service.getName());
+ policy.setDescription("Policy for " + policyName);
+ policy.setIsAuditEnabled(true);
+ policy.setResources(createDefaultPolicyResource(resourceHierarchy));
+
+ List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
+ //Create Default policy item for the service user
+ RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem();
+ policyItems.add(policyItem);
+ policy.setPolicyItems(policyItems);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerBaseService.getDefaultPolicy()" + policy);
+ }
+
+ return policy;
+ }
+
+ private RangerPolicy.RangerPolicyItem createDefaultPolicyItem() throws Exception {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerBaseService.createDefaultPolicyItem()");
+ }
+
+ RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
+
+ policyItem.setUsers(getUserList());
+ policyItem.setAccesses(getAndAllowAllAccesses());
+ policyItem.setDelegateAdmin(true);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerBaseService.createDefaultPolicyItem(): " + policyItem );
+ }
+ return policyItem;
+ }
+
+ private Map<String, RangerPolicy.RangerPolicyResource> createDefaultPolicyResource(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerBaseService.createDefaultPolicyResource()");
+ }
+ Map<String, RangerPolicy.RangerPolicyResource> resourceMap = new HashMap<>();
+
+ for (RangerServiceDef.RangerResourceDef resourceDef : resourceHierarchy) {
+ RangerPolicy.RangerPolicyResource polRes = new RangerPolicy.RangerPolicyResource();
+
+ polRes.setIsExcludes(false);
+ polRes.setIsRecursive(resourceDef.getRecursiveSupported());
+ polRes.setValue(RangerAbstractResourceMatcher.WILDCARD_ASTERISK);
+
+ resourceMap.put(resourceDef.getName(), polRes);
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerBaseService.createDefaultPolicyResource():" + resourceMap);
+ }
+ return resourceMap;
+ }
+
+ private String buildPolicyName(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) {
+ String ret = "all";
+ if (CollectionUtils.isNotEmpty(resourceHierarchy)) {
+ int resourceDefCount = 0;
+ for (RangerServiceDef.RangerResourceDef resourceDef : resourceHierarchy) {
+ if (resourceDefCount > 0) {
+ ret += ", ";
+ } else {
+ ret += " - ";
+ }
+ ret += resourceDef.getName();
+ resourceDefCount++;
+ }
+ ret = ret.trim();
+ }
+ return ret;
+ }
+
+ private List<String> getUserList() {
+ List<String> ret = new ArrayList<>();
+ Map<String, String> serviceConfig = service.getConfigs();
+ if (serviceConfig != null ) {
+ ret.add(serviceConfig.get("username"));
+ String defaultUsers = serviceConfig.get("default.policy.users");
+ if (!StringUtils.isEmpty(defaultUsers)) {
+ List<String> defaultUserList = new ArrayList<>(Arrays.asList(StringUtils.split(defaultUsers,",")));
+ if (!defaultUserList.isEmpty()) {
+ ret.addAll(defaultUserList);
+ }
+ }
+ }
+ String authType = RangerConfiguration.getInstance().get(RANGER_AUTH_TYPE,"simple");
+ String lookupPrincipal = RangerConfiguration.getInstance().get(LOOKUP_PRINCIPAL);
+ String lookupKeytab = RangerConfiguration.getInstance().get(LOOKUP_KEYTAB);
+
+ String lookUpUser = getLookupUser(authType, lookupPrincipal, lookupKeytab);
+
+ if (StringUtils.isNotBlank(lookUpUser)) {
+ ret.add(lookUpUser);
+ }
+
+ return ret;
+ }
+
+ protected String getLookupUser(String authType, String lookupPrincipal, String lookupKeytab) {
+ String lookupUser = null;
+ if(!StringUtils.isEmpty(authType) && authType.equalsIgnoreCase(KERBEROS_TYPE)){
+ if(SecureClientLogin.isKerberosCredentialExists(lookupPrincipal, lookupKeytab)){
+ KerberosName krbName = new KerberosName(lookupPrincipal);
+ try {
+ lookupUser = krbName.getShortName();
+ } catch (IOException e) {
+ LOG.error("Unknown lookup user", e);
+ }
+ }
+ }
+ return lookupUser;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
index d3085d4..05d3a9b 100644
--- a/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
+++ b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java
@@ -19,12 +19,11 @@
package org.apache.ranger.services.tag;
-import java.util.*;
-
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -33,11 +32,20 @@ import org.apache.ranger.plugin.store.TagStore;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.List;
+
+import static org.apache.ranger.plugin.policyengine.RangerPolicyEngine.GROUP_PUBLIC;
+
public class RangerServiceTag extends RangerBaseService {
private static final Log LOG = LogFactory.getLog(RangerServiceTag.class);
public static final String TAG_RESOURCE_NAME = "tag";
+ public static final String RANGER_TAG_NAME_EXPIRES_ON = "EXPIRES_ON";
+ public static final String RANGER_TAG_EXPIRY_CONDITION_NAME = "accessed-after-expiry";
private TagStore tagStore = null;
@@ -118,4 +126,74 @@ public class RangerServiceTag extends RangerBaseService {
return ret;
}
+
+ @Override
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceTag.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = new ArrayList<RangerPolicy>();
+
+ boolean isConditionDefFound = false;
+
+ List<RangerServiceDef.RangerPolicyConditionDef> policyConditionDefs = serviceDef.getPolicyConditions();
+
+ if (CollectionUtils.isNotEmpty(policyConditionDefs)) {
+ for (RangerServiceDef.RangerPolicyConditionDef conditionDef : policyConditionDefs) {
+ if (conditionDef.getName().equals(RANGER_TAG_EXPIRY_CONDITION_NAME)) {
+ isConditionDefFound = true;
+ break;
+ }
+ }
+ }
+
+ if (isConditionDefFound) {
+
+ ret = super.getDefaultRangerPolicies();
+
+ String tagResourceName = serviceDef.getResources().get(0).getName();
+
+ for (RangerPolicy defaultPolicy : ret) {
+
+ RangerPolicy.RangerPolicyResource tagPolicyResource = defaultPolicy.getResources().get(tagResourceName);
+
+ if (tagPolicyResource != null) {
+
+ String value = RANGER_TAG_NAME_EXPIRES_ON;
+
+ tagPolicyResource.setValue(value);
+ defaultPolicy.setDescription("Policy for data with " + value + " tag");
+
+ List<RangerPolicy.RangerPolicyItem> defaultPolicyItems = defaultPolicy.getPolicyItems();
+
+ for (RangerPolicy.RangerPolicyItem defaultPolicyItem : defaultPolicyItems) {
+
+ List<String> groups = new ArrayList<String>();
+ groups.add(GROUP_PUBLIC);
+ defaultPolicyItem.setGroups(groups);
+
+ List<RangerPolicy.RangerPolicyItemCondition> policyItemConditions = new ArrayList<RangerPolicy.RangerPolicyItemCondition>();
+ List<String> values = new ArrayList<String>();
+ values.add("yes");
+ RangerPolicy.RangerPolicyItemCondition policyItemCondition = new RangerPolicy.RangerPolicyItemCondition(RANGER_TAG_EXPIRY_CONDITION_NAME, values);
+ policyItemConditions.add(policyItemCondition);
+
+ defaultPolicyItem.setConditions(policyItemConditions);
+ defaultPolicyItem.setDelegateAdmin(Boolean.FALSE);
+ }
+
+ defaultPolicy.setDenyPolicyItems(defaultPolicyItems);
+ defaultPolicy.setPolicyItems(null);
+ }
+ }
+ } else {
+ LOG.error("RangerServiceTag.getDefaultRangerPolicies() - Cannot create default TAG policy: Cannot get tagPolicyConditionDef with name=" + RANGER_TAG_EXPIRY_CONDITION_NAME);
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceTag.getDefaultRangerPolicies() : " + ret);
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
index 324551d..460c692 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
@@ -64,7 +64,9 @@ public class RangerHdfsAuthorizer extends INodeAttributeProvider {
public static final String KEY_BASE_FILENAME = "BASE_FILENAME";
public static final String DEFAULT_FILENAME_EXTENSION_SEPARATOR = ".";
- public static final String RANGER_FILENAME_EXTENSION_SEPARATOR_PROP = "ranger.plugin.hdfs.filename.extension.separator";
+ public static final String KEY_RESOURCE_PATH = "path";
+
+ public static final String RANGER_FILENAME_EXTENSION_SEPARATOR_PROP = "ranger.plugin.hdfs.filename.extension.separator";
private static final Log LOG = LogFactory.getLog(RangerHdfsAuthorizer.class);
@@ -500,11 +502,9 @@ class RangerHdfsPlugin extends RangerBasePlugin {
}
class RangerHdfsResource extends RangerAccessResourceImpl {
- private static final String KEY_PATH = "path";
-
public RangerHdfsResource(String path, String owner) {
- super.setValue(KEY_PATH, path);
+ super.setValue(RangerHdfsAuthorizer.KEY_RESOURCE_PATH, path);
super.setOwnerUser(owner);
}
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
index bc12da9..c269648 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/RangerServiceHdfs.java
@@ -23,9 +23,14 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer;
import org.apache.ranger.plugin.client.HadoopException;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.resourcematcher.RangerAbstractResourceMatcher;
+import org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher;
import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.services.hdfs.client.HdfsResourceMgr;
@@ -95,6 +100,48 @@ public class RangerServiceHdfs extends RangerBaseService {
return ret;
}
+
+ @Override
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceHdfs.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = super.getDefaultRangerPolicies();
+
+ String pathResourceName = RangerHdfsAuthorizer.KEY_RESOURCE_PATH;
+
+ for (RangerPolicy defaultPolicy : ret) {
+ RangerPolicy.RangerPolicyResource pathPolicyResource = defaultPolicy.getResources().get(pathResourceName);
+ if (pathPolicyResource != null) {
+ List<RangerServiceDef.RangerResourceDef> resourceDefs = serviceDef.getResources();
+ RangerServiceDef.RangerResourceDef pathResourceDef = null;
+ for (RangerServiceDef.RangerResourceDef resourceDef : resourceDefs) {
+ if (resourceDef.getName().equals(pathResourceName)) {
+ pathResourceDef = resourceDef;
+ break;
+ }
+ }
+ if (pathResourceDef != null) {
+ String pathSeparator = pathResourceDef.getMatcherOptions().get(RangerPathResourceMatcher.OPTION_PATH_SEPARATOR);
+ if (StringUtils.isBlank(pathSeparator)) {
+ pathSeparator = Character.toString(RangerPathResourceMatcher.DEFAULT_PATH_SEPARATOR_CHAR);
+ }
+ String value = pathSeparator + RangerAbstractResourceMatcher.WILDCARD_ASTERISK;
+ pathPolicyResource.setValue(value);
+ } else {
+ LOG.warn("No resourceDef found in HDFS service-definition for '" + pathResourceName + "'");
+ }
+ } else {
+ LOG.warn("No '" + pathResourceName + "' found in default policy");
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceHdfs.getDefaultRangerPolicies() : " + ret);
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
----------------------------------------------------------------------
diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
index d2b60bd..fe97874 100644
--- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
+++ b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java
@@ -22,8 +22,11 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+
+import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -85,4 +88,32 @@ public class RangerServiceAtlas extends RangerBaseService {
}
return ret;
}
+
+ @Override
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceAtlas.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = super.getDefaultRangerPolicies();
+
+ for (RangerPolicy defaultPolicy : ret) {
+ for (RangerPolicy.RangerPolicyItem defaultPolicyItem : defaultPolicy.getPolicyItems()) {
+ List<String> users = defaultPolicyItem.getUsers();
+
+ String atlasAdminUser = service.getConfigs().get("atlas.admin.user");
+ if (StringUtils.isBlank(atlasAdminUser)) {
+ atlasAdminUser = "admin";
+ }
+
+ users.add(atlasAdminUser);
+ defaultPolicyItem.setUsers(users);
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceAtlas.getDefaultRangerPolicies() ");
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
index 86e97bc..b7bbe98 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/services/kafka/RangerServiceKafka.java
@@ -23,6 +23,9 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.authorization.hadoop.config.RangerConfiguration;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -32,6 +35,8 @@ import org.apache.ranger.services.kafka.client.ServiceKafkaConnectionMgr;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import static org.apache.ranger.plugin.policyengine.RangerPolicyEngine.GROUP_PUBLIC;
+
public class RangerServiceKafka extends RangerBaseService {
private static final Log LOG = LogFactory.getLog(RangerServiceKafka.class);
@@ -76,7 +81,7 @@ public class RangerServiceKafka extends RangerBaseService {
LOG.debug("==> RangerServiceKafka.lookupResource(" + serviceName + ")");
}
- if(configs != null) {
+ if (configs != null) {
ServiceKafkaClient serviceKafkaClient = ServiceKafkaConnectionMgr.getKafkaClient(serviceName, configs);
ret = serviceKafkaClient.getResources(context);
@@ -88,4 +93,36 @@ public class RangerServiceKafka extends RangerBaseService {
return ret;
}
+
+ @Override
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceKafka.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = super.getDefaultRangerPolicies();
+
+ String authType = RangerConfiguration.getInstance().get(RANGER_AUTH_TYPE,"simple");
+
+ if (StringUtils.equalsIgnoreCase(authType, KERBEROS_TYPE)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Auth type is " + KERBEROS_TYPE);
+ }
+ } else {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Auth type is " + authType);
+ }
+ for (RangerPolicy defaultPolicy : ret) {
+ for (RangerPolicy.RangerPolicyItem defaultPolicyItem : defaultPolicy.getPolicyItems()) {
+ defaultPolicyItem.getGroups().add(GROUP_PUBLIC);
+ }
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceKafka.getDefaultRangerPolicies() ");
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
index 7657099..cd368e4 100644
--- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
+++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/RangerServiceKMS.java
@@ -22,6 +22,8 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.ranger.authorization.hadoop.config.RangerConfiguration;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
import org.apache.ranger.plugin.service.RangerBaseService;
@@ -33,7 +35,11 @@ import org.apache.commons.logging.LogFactory;
public class RangerServiceKMS extends RangerBaseService {
private static final Log LOG = LogFactory.getLog(RangerServiceKMS.class);
-
+
+ public static final String ACCESS_TYPE_DECRYPT_EEK = "decrypteek";
+ public static final String ACCESS_TYPE_GENERATE_EEK = "generateeek";
+ public static final String ACCESS_TYPE_GET_METADATA = "getmetadata";
+
public RangerServiceKMS() {
super();
}
@@ -86,5 +92,100 @@ public class RangerServiceKMS extends RangerBaseService {
}
return ret;
}
+
+ @Override
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceKMS.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = super.getDefaultRangerPolicies();
+
+ String adminPrincipal = RangerConfiguration.getInstance().get(ADMIN_USER_PRINCIPAL);
+ String adminKeytab = RangerConfiguration.getInstance().get(ADMIN_USER_KEYTAB);
+ String authType = RangerConfiguration.getInstance().get(RANGER_AUTH_TYPE,"simple");
+
+ String adminUser = getLookupUser(authType, adminPrincipal, adminKeytab);
+
+ // Add default policies for HDFS & HIVE users.
+ List<RangerServiceDef.RangerAccessTypeDef> hdfsAccessTypeDefs = new ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+ List<RangerServiceDef.RangerAccessTypeDef> hiveAccessTypeDefs = new ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+
+ for(RangerServiceDef.RangerAccessTypeDef accessTypeDef : serviceDef.getAccessTypes()) {
+ if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_GET_METADATA)) {
+ hdfsAccessTypeDefs.add(accessTypeDef);
+ hiveAccessTypeDefs.add(accessTypeDef);
+ } else if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_GENERATE_EEK)) {
+ hdfsAccessTypeDefs.add(accessTypeDef);
+ } else if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_DECRYPT_EEK)) {
+ hiveAccessTypeDefs.add(accessTypeDef);
+ }
+ }
+
+ for (RangerPolicy defaultPolicy : ret) {
+
+ List<RangerPolicy.RangerPolicyItem> policyItems = defaultPolicy.getPolicyItems();
+ for (RangerPolicy.RangerPolicyItem item : policyItems) {
+ List<String> users = item.getUsers();
+ users.add(adminUser);
+ item.setUsers(users);
+ }
+
+ String hdfsUser = RangerConfiguration.getInstance().get("ranger.kms.service.user.hdfs", "hdfs");
+ if (hdfsUser != null && !hdfsUser.isEmpty()) {
+ LOG.info("Creating default KMS policy item for " + hdfsUser);
+ List<String> users = new ArrayList<String>();
+ users.add(hdfsUser);
+ RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(hdfsAccessTypeDefs, users);
+ policyItems.add(policyItem);
+ }
+
+
+ String hiveUser = RangerConfiguration.getInstance().get("ranger.kms.service.user.hive", "hive");
+
+ if (hiveUser != null && !hiveUser.isEmpty()) {
+ LOG.info("Creating default KMS policy item for " + hiveUser);
+ List<String> users = new ArrayList<String>();
+ users.add(hiveUser);
+ RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(hiveAccessTypeDefs, users);
+ policyItems.add(policyItem);
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceKMS.getDefaultRangerPolicies() : " + ret);
+ }
+
+ return ret;
+ }
+
+ private RangerPolicy.RangerPolicyItem createDefaultPolicyItem(List<RangerServiceDef.RangerAccessTypeDef> accessTypeDefs, List<String> users) throws Exception {
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceTag.createDefaultPolicyItem()");
+ }
+
+ RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
+
+ policyItem.setUsers(users);
+
+ List<RangerPolicy.RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();
+
+ for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : accessTypeDefs) {
+ RangerPolicy.RangerPolicyItemAccess access = new RangerPolicy.RangerPolicyItemAccess();
+ access.setType(accessTypeDef.getName());
+ access.setIsAllowed(true);
+ accesses.add(access);
+ }
+
+ policyItem.setAccesses(accesses);
+ policyItem.setDelegateAdmin(true);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceTag.createDefaultPolicyItem(): " + policyItem );
+ }
+ return policyItem;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
index 470c711..2338ba1 100644
--- a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
+++ b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
@@ -50,7 +50,9 @@ public class RangerYarnAuthorizer extends YarnAuthorizationProvider {
public static final String ACCESS_TYPE_SUBMIT_APP = "submit-app";
public static final String ACCESS_TYPE_ADMIN = "admin";
- private static boolean yarnAuthEnabled = RangerHadoopConstants.RANGER_ADD_YARN_PERMISSION_DEFAULT;
+ public static final String KEY_RESOURCE_QUEUE = "queue";
+
+ private static boolean yarnAuthEnabled = RangerHadoopConstants.RANGER_ADD_YARN_PERMISSION_DEFAULT;
private static final Log LOG = LogFactory.getLog(RangerYarnAuthorizer.class);
@@ -260,10 +262,8 @@ class RangerYarnPlugin extends RangerBasePlugin {
}
class RangerYarnResource extends RangerAccessResourceImpl {
- private static final String KEY_QUEUE = "queue";
-
public RangerYarnResource(PrivilegedEntity entity) {
- setValue(KEY_QUEUE, entity != null ? entity.getName() : null);
+ setValue(RangerYarnAuthorizer.KEY_RESOURCE_QUEUE, entity != null ? entity.getName() : null);
}
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
----------------------------------------------------------------------
diff --git a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
index 69f2bc3..5d429ae 100644
--- a/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
+++ b/plugin-yarn/src/main/java/org/apache/ranger/services/yarn/RangerServiceYarn.java
@@ -22,8 +22,13 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.commons.lang.StringUtils;
+import org.apache.ranger.authorization.yarn.authorizer.RangerYarnAuthorizer;
+import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.model.RangerService;
import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.resourcematcher.RangerAbstractResourceMatcher;
+import org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher;
import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.service.ResourceLookupContext;
import org.apache.ranger.services.yarn.client.YarnResourceMgr;
@@ -86,5 +91,46 @@ public class RangerServiceYarn extends RangerBaseService {
}
return ret;
}
+
+ public List<RangerPolicy> getDefaultRangerPolicies() throws Exception {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("==> RangerServiceYarn.getDefaultRangerPolicies() ");
+ }
+
+ List<RangerPolicy> ret = super.getDefaultRangerPolicies();
+
+ String queueResourceName = RangerYarnAuthorizer.KEY_RESOURCE_QUEUE;
+
+ for (RangerPolicy defaultPolicy : ret) {
+ RangerPolicy.RangerPolicyResource queuePolicyResource = defaultPolicy.getResources().get(queueResourceName);
+ if (queuePolicyResource != null) {
+ List<RangerServiceDef.RangerResourceDef> resourceDefs = serviceDef.getResources();
+ RangerServiceDef.RangerResourceDef queueResourceDef = null;
+ for (RangerServiceDef.RangerResourceDef resourceDef : resourceDefs) {
+ if (resourceDef.getName().equals(queueResourceName)) {
+ queueResourceDef = resourceDef;
+ break;
+ }
+ }
+ if (queueResourceDef != null) {
+ String pathSeparator = queueResourceDef.getMatcherOptions().get(RangerPathResourceMatcher.OPTION_PATH_SEPARATOR);
+ if (StringUtils.isBlank(pathSeparator)) {
+ pathSeparator = ".";
+ }
+ String value = pathSeparator + RangerAbstractResourceMatcher.WILDCARD_ASTERISK;
+ queuePolicyResource.setValue(value);
+ } else {
+ LOG.warn("No resourceDef found in YARN service-definition for '" + queueResourceName + "'");
+ }
+ } else {
+ LOG.warn("No '" + queueResourceName + "' found in default policy");
+ }
+ }
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<== RangerServiceYarn.getDefaultRangerPolicies() : " + ret);
+ }
+ return ret;
+ }
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index dcee0cd..f171bb4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -49,8 +49,6 @@ import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.hadoop.security.SecureClientLogin;
-import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.ranger.audit.provider.MiscUtil;
import org.apache.ranger.authorization.hadoop.config.RangerConfiguration;
import org.apache.ranger.common.AppConstants;
@@ -60,11 +58,11 @@ import org.apache.ranger.plugin.policyengine.RangerPolicyEngine;
import org.apache.ranger.plugin.policyresourcematcher.RangerDefaultPolicyResourceMatcher;
import org.apache.ranger.plugin.policyresourcematcher.RangerPolicyResourceMatcher;
import org.apache.ranger.plugin.resourcematcher.RangerAbstractResourceMatcher;
+import org.apache.ranger.plugin.service.RangerBaseService;
import org.apache.ranger.plugin.util.PasswordUtils;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RESTErrorUtil;
-import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.common.RangerFactory;
import org.apache.ranger.common.RangerServicePoliciesCache;
import org.apache.ranger.common.RangerVersionInfo;
@@ -188,18 +186,9 @@ import com.google.gson.Gson;
@Component
public class ServiceDBStore extends AbstractServiceStore {
private static final Log LOG = LogFactory.getLog(ServiceDBStore.class);
- public static final String RANGER_TAG_EXPIRY_CONDITION_NAME = "accessed-after-expiry";
- private static final String ADMIN_USER_PRINCIPAL = "ranger.admin.kerberos.principal";
- private static final String ADMIN_USER_KEYTAB = "ranger.admin.kerberos.keytab";
- private static final String LOOKUP_PRINCIPAL = "ranger.lookup.kerberos.principal";
- private static final String LOOKUP_KEYTAB = "ranger.lookup.kerberos.keytab";
- static final String RANGER_AUTH_TYPE = "hadoop.security.authentication";
- private static final String AMBARI_SERVICE_CHECK_USER = "ambari.service.check.user";
-
- private static final String KERBEROS_TYPE = "kerberos";
-
+
private static final String POLICY_ALLOW_EXCLUDE = "Policy Allow:Exclude";
- private static final String POLICY_ALLOW_INCLUDE = "Policy Allow:Include";
+ //private static final String POLICY_ALLOW_INCLUDE = "Policy Allow:Include";
private static final String POLICY_DENY_EXCLUDE = "Policy Deny:Exclude";
private static final String POLICY_DENY_INCLUDE = "Policy Deny:Include";
@@ -208,8 +197,10 @@ public class ServiceDBStore extends AbstractServiceStore {
private static final String USER_NAME = "Exported by";
private static final String RANGER_VERSION = "Ranger apache version";
private static final String TIMESTAMP = "Export time";
-
- static {
+
+ private static final String AMBARI_SERVICE_CHECK_USER = "ambari.service.check.user";
+
+ static {
try {
LOCAL_HOSTNAME = java.net.InetAddress.getLocalHost().getCanonicalHostName();
} catch (UnknownHostException e) {
@@ -269,6 +260,9 @@ public class ServiceDBStore extends AbstractServiceStore {
@Autowired
JSONUtil jsonUtil;
+ @Autowired
+ ServiceMgr serviceMgr;
+
private static volatile boolean legacyServiceDefsInitDone = false;
private Boolean populateExistingBaseFields = false;
@@ -1430,7 +1424,10 @@ public class ServiceDBStore extends AbstractServiceStore {
xConfMap.setServiceId(xCreatedService.getId());
xConfMap.setConfigkey(configKey);
xConfMap.setConfigvalue(configValue);
- xConfMap = xConfMapDao.create(xConfMap);
+ xConfMapDao.create(xConfMap);
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("vXUser:[" + vXUser + "]");
}
RangerService createdService = svcService.getPopulatedViewObject(xCreatedService);
@@ -1445,7 +1442,7 @@ public class ServiceDBStore extends AbstractServiceStore {
bizUtil.createTrxLog(trxLogList);
if (createDefaultPolicy) {
- createDefaultPolicies(xCreatedService, vXUser);
+ createDefaultPolicies(createdService);
}
return createdService;
@@ -1595,9 +1592,11 @@ public class ServiceDBStore extends AbstractServiceStore {
xConfMap.setServiceId(service.getId());
xConfMap.setConfigkey(configKey);
xConfMap.setConfigvalue(configValue);
- xConfMap = xConfMapDao.create(xConfMap);
+ xConfMapDao.create(xConfMap);
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("vXUser:[" + vXUser + "]");
}
-
RangerService updService = svcService.getPopulatedViewObject(xUpdService);
dataHistService.createObjectDataHistory(updService, RangerDataHistService.ACTION_UPDATE);
bizUtil.createTrxLog(trxLogList);
@@ -2447,341 +2446,47 @@ public class ServiceDBStore extends AbstractServiceStore {
return ret;
}
- void createDefaultPolicies(XXService createdService, VXUser vXUser) throws Exception {
- RangerServiceDef serviceDef = getServiceDef(createdService.getType());
-
- if (serviceDef.getName().equals(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
- createDefaultTagPolicy(createdService);
- } else {
- // we need to create one policy for each resource hierarchy
- RangerServiceDefHelper serviceDefHelper = new RangerServiceDefHelper(serviceDef);
- for (List<RangerResourceDef> aHierarchy : serviceDefHelper.getResourceHierarchies(RangerPolicy.POLICY_TYPE_ACCESS)) {
- RangerPolicy policy = new RangerPolicy();
- createDefaultPolicy(policy, createdService, vXUser, aHierarchy);
- policy = createPolicy(policy);
- }
- }
- }
-
- private void createDefaultTagPolicy(XXService createdService) throws Exception {
- if (LOG.isDebugEnabled()) {
- LOG.debug("==> ServiceDBStore.createDefaultTagPolicy() ");
- }
-
- String tagResourceDefName = null;
- boolean isConditionDefFound = false;
-
- RangerServiceDef tagServiceDef = getServiceDef(createdService.getType());
- List<RangerResourceDef> tagResourceDef = tagServiceDef.getResources();
- if (tagResourceDef != null && tagResourceDef.size() > 0) {
- // Assumption : First (and perhaps the only) resourceDef is the name of the tag resource
- RangerResourceDef theTagResourceDef = tagResourceDef.get(0);
- tagResourceDefName = theTagResourceDef.getName();
- } else {
- LOG.error("ServiceDBStore.createService() - Cannot create default TAG policy: Cannot get tagResourceDef Name.");
- }
-
- List<RangerPolicyConditionDef> policyConditionDefs = tagServiceDef.getPolicyConditions();
-
- if (CollectionUtils.isNotEmpty(policyConditionDefs)) {
- for (RangerPolicyConditionDef conditionDef : policyConditionDefs) {
- if (conditionDef.getName().equals(RANGER_TAG_EXPIRY_CONDITION_NAME)) {
- isConditionDefFound = true;
- break;
- }
- }
- }
- if (!isConditionDefFound) {
- LOG.error("ServiceDBStore.createService() - Cannot create default TAG policy: Cannot get tagPolicyConditionDef with name=" + RANGER_TAG_EXPIRY_CONDITION_NAME);
- }
-
- if (tagResourceDefName != null && isConditionDefFound) {
-
- String tagType = "EXPIRES_ON";
-
- String policyName = tagType;
-
- RangerPolicy policy = new RangerPolicy();
-
- policy.setIsEnabled(true);
- policy.setVersion(1L);
- policy.setName(StringUtils.trim(policyName));
- policy.setService(createdService.getName());
- policy.setDescription("Policy for data with " + tagType + " tag");
- policy.setIsAuditEnabled(true);
-
- Map<String, RangerPolicyResource> resourceMap = new HashMap<String, RangerPolicyResource>();
-
- RangerPolicyResource polRes = new RangerPolicyResource();
- polRes.setIsExcludes(false);
- polRes.setIsRecursive(false);
- polRes.setValue(tagType);
- resourceMap.put(tagResourceDefName, polRes);
-
- policy.setResources(resourceMap);
-
- List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
-
- RangerPolicyItem policyItem = new RangerPolicyItem();
-
- List<String> groups = new ArrayList<String>();
- groups.add(RangerConstants.GROUP_PUBLIC);
- policyItem.setGroups(groups);
+ void createDefaultPolicies(RangerService createdService) throws Exception {
- List<XXAccessTypeDef> accessTypeDefs = daoMgr.getXXAccessTypeDef().findByServiceDefId(createdService.getType());
- List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
- for (XXAccessTypeDef accessTypeDef : accessTypeDefs) {
- RangerPolicyItemAccess access = new RangerPolicyItemAccess();
- access.setType(accessTypeDef.getName());
- access.setIsAllowed(true);
- accesses.add(access);
- }
- policyItem.setAccesses(accesses);
-
- List<RangerPolicyItemCondition> policyItemConditions = new ArrayList<RangerPolicyItemCondition>();
- List<String> values = new ArrayList<String>();
- values.add("yes");
- RangerPolicyItemCondition policyItemCondition = new RangerPolicyItemCondition(RANGER_TAG_EXPIRY_CONDITION_NAME, values);
- policyItemConditions.add(policyItemCondition);
-
- policyItem.setConditions(policyItemConditions);
- policyItem.setDelegateAdmin(Boolean.FALSE);
-
- policyItems.add(policyItem);
-
- policy.setDenyPolicyItems(policyItems);
-
- policy = createPolicy(policy);
- } else {
- LOG.error("ServiceDBStore.createService() - Cannot create default TAG policy, tagResourceDefName=" + tagResourceDefName +
- ", tagPolicyConditionName=" + RANGER_TAG_EXPIRY_CONDITION_NAME);
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug("<== ServiceDBStore.createDefaultTagPolicy()");
- }
- }
-
- private String buildPolicyName(List<RangerResourceDef> resourceHierarchy) {
- String ret = "all";
- if (CollectionUtils.isNotEmpty(resourceHierarchy)) {
- int resourceDefCount = 0;
- for (RangerResourceDef resourceDef : resourceHierarchy) {
- if (resourceDefCount > 0) {
- ret += ", ";
- } else {
- ret += " - ";
- }
- ret += resourceDef.getName();
- resourceDefCount++;
- }
- }
- return ret;
- }
+ RangerBaseService svc = serviceMgr.getRangerServiceByService(createdService, this);
- void createDefaultPolicy(RangerPolicy policy, XXService createdService, VXUser vXUser, List<RangerResourceDef> resourceHierarchy) throws Exception {
+ List<String> serviceCheckUsers = getServiceCheckUsers(createdService);
- String policyName=buildPolicyName(resourceHierarchy);
+ List<RangerPolicy.RangerPolicyItemAccess> allAccesses = svc.getAndAllowAllAccesses();
- policy.setIsEnabled(true);
- policy.setVersion(1L);
- policy.setName(StringUtils.trim(policyName));
- policy.setService(createdService.getName());
- policy.setDescription("Policy for " + policyName);
- policy.setIsAuditEnabled(true);
+ for (RangerPolicy defaultPolicy : svc.getDefaultRangerPolicies()) {
- policy.setResources(createDefaultPolicyResource(resourceHierarchy));
+ if (CollectionUtils.isNotEmpty(serviceCheckUsers)
+ && StringUtils.equalsIgnoreCase(defaultPolicy.getService(), createdService.getName())) {
- if (vXUser != null) {
- List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
- List<XXAccessTypeDef> accessTypeDefs = daoMgr.getXXAccessTypeDef().findByServiceDefId(createdService.getType());
- //Create Default policy item for the service user
- RangerPolicyItem policyItem = createDefaultPolicyItem(createdService, vXUser, accessTypeDefs);
- policyItems.add(policyItem);
- // For KMS add default policies for HDFS & HIVE users.
- XXServiceDef xServiceDef = daoMgr.getXXServiceDef().getById(createdService.getType());
- if (xServiceDef.getImplclassname().equals(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME)) {
- List<XXAccessTypeDef> hdfsAccessTypeDefs = new ArrayList<XXAccessTypeDef>();
- List<XXAccessTypeDef> hiveAccessTypeDefs = new ArrayList<XXAccessTypeDef>();
- for(XXAccessTypeDef accessTypeDef : accessTypeDefs) {
- if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_GET_METADATA)) {
- hdfsAccessTypeDefs.add(accessTypeDef);
- hiveAccessTypeDefs.add(accessTypeDef);
- } else if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_GENERATE_EEK)) {
- hdfsAccessTypeDefs.add(accessTypeDef);
- } else if (accessTypeDef.getName().equalsIgnoreCase(ACCESS_TYPE_DECRYPT_EEK)) {
- hiveAccessTypeDefs.add(accessTypeDef);
- }
- }
+ RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
- String hdfsUser = PropertiesUtil.getProperty("ranger.kms.service.user.hdfs", "hdfs");
- if (hdfsUser != null && !hdfsUser.isEmpty()) {
- XXUser xxUser = daoMgr.getXXUser().findByUserName(hdfsUser);
- if (xxUser != null) {
- vXUser = xUserService.populateViewBean(xxUser);
- } else {
- vXUser = xUserMgr.createServiceConfigUser(hdfsUser);
- }
- if (vXUser != null) {
- LOG.info("Creating default KMS policy item for " + hdfsUser);
- policyItem = createDefaultPolicyItem(createdService, vXUser, hdfsAccessTypeDefs);
- policyItems.add(policyItem);
- }
- }
+ policyItem.setUsers(serviceCheckUsers);
+ policyItem.setAccesses(allAccesses);
+ policyItem.setDelegateAdmin(true);
- String hiveUser = PropertiesUtil.getProperty("ranger.kms.service.user.hive", "hive");
- if (hiveUser != null && !hiveUser.isEmpty()) {
- XXUser xxUser = daoMgr.getXXUser().findByUserName(hiveUser);
- if (xxUser != null) {
- vXUser = xUserService.populateViewBean(xxUser);
- } else {
- vXUser = xUserMgr.createServiceConfigUser(hiveUser);
- }
- if (vXUser != null) {
- LOG.info("Creating default KMS policy item for " + hiveUser);
- policyItem = createDefaultPolicyItem(createdService, vXUser, hiveAccessTypeDefs);
- policyItems.add(policyItem);
- }
- }
+ defaultPolicy.getPolicyItems().add(policyItem);
}
- policy.setPolicyItems(policyItems);
+ createPolicy(defaultPolicy);
}
}
- private RangerPolicyItem createDefaultPolicyItem(XXService createdService, VXUser vXUser, List<XXAccessTypeDef> accessTypeDefs) throws Exception {
- String adminPrincipal = PropertiesUtil.getProperty(ADMIN_USER_PRINCIPAL);
- String adminKeytab = PropertiesUtil.getProperty(ADMIN_USER_KEYTAB);
- String authType = PropertiesUtil.getProperty(RANGER_AUTH_TYPE,"simple");
- String lookupPrincipal = PropertiesUtil.getProperty(LOOKUP_PRINCIPAL);
- String lookupKeytab = PropertiesUtil.getProperty(LOOKUP_KEYTAB);
-
- RangerPolicyItem policyItem = new RangerPolicyItem();
-
- List<String> users = new ArrayList<String>();
- users.add(vXUser.getName());
- VXUser vXLookupUser = getLookupUser(authType, lookupPrincipal, lookupKeytab);
-
- XXService xService = daoMgr.getXXService().findByName(createdService.getName());
- XXServiceDef xServiceDef = daoMgr.getXXServiceDef().getById(xService.getType());
- if (StringUtils.equals(xServiceDef.getImplclassname(), EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME)){
- VXUser vXAdminUser = getLookupUser(authType, adminPrincipal, adminKeytab);
- if(vXAdminUser != null){
- users.add(vXAdminUser.getName());
- }
- }else if(vXLookupUser != null){
- users.add(vXLookupUser.getName());
- }else{
- // do nothing
- }
-
- if (StringUtils.equals(xServiceDef.getImplclassname(), EmbeddedServiceDefsUtil.ATLAS_IMPL_CLASS_NAME)){
- VXUser vXUserAdmin = chkAdminUserExists("admin");
- if(vXUserAdmin != null){
- users.add(vXUserAdmin.getName());
- }
- }
-
- RangerService rangerService = getServiceByName(createdService.getName());
- if (rangerService != null){
- Map<String, String> map = rangerService.getConfigs();
- if (map != null && map.containsKey(AMBARI_SERVICE_CHECK_USER)){
- String userNames = map.get(AMBARI_SERVICE_CHECK_USER);
- String[] userList = userNames.split(",");
- if(userList != null){
- for (String userName : userList) {
- if(!StringUtils.isEmpty(userName)){
- XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
- if (xxUser != null) {
- vXUser = xUserService.populateViewBean(xxUser);
- } else {
- vXUser = xUserMgr.createServiceConfigUser(userName);
- LOG.info("Creating Ambari Service Check User : "+vXUser.getName());
- }
- if(vXUser != null){
- users.add(vXUser.getName());
- }
- }
- }
- }
- }
- }
- policyItem.setUsers(users);
-
- List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
- for(XXAccessTypeDef accessTypeDef : accessTypeDefs) {
- RangerPolicyItemAccess access = new RangerPolicyItemAccess();
- access.setType(accessTypeDef.getName());
- access.setIsAllowed(true);
- accesses.add(access);
- }
- policyItem.setAccesses(accesses);
-
- policyItem.setDelegateAdmin(true);
- return policyItem;
- }
+ List<String> getServiceCheckUsers(RangerService createdService) {
+ List<String> ret = new ArrayList<String>();
- private VXUser chkAdminUserExists(String adminUser) {
- VXUser vXUser = null;
- if(!StringUtils.isEmpty(adminUser)){
- XXUser xxUser = daoMgr.getXXUser().findByUserName(adminUser);
- if (xxUser != null) {
- vXUser = xUserService.populateViewBean(xxUser);
- }
- }
- return vXUser;
- }
+ Map<String, String> serviceConfig = createdService.getConfigs();
- private VXUser getLookupUser(String authType, String lookupPrincipal, String lookupKeytab) {
- VXUser vXUser = null;
- if(!StringUtils.isEmpty(authType) && authType.equalsIgnoreCase(KERBEROS_TYPE)){
- if(SecureClientLogin.isKerberosCredentialExists(lookupPrincipal, lookupKeytab)){
- KerberosName krbName = new KerberosName(lookupPrincipal);
- String lookupUser=null;
- try {
- lookupUser = krbName.getShortName();
- } catch (IOException e) {
- throw restErrorUtil.createRESTException("Please provide proper value of lookup user principal : "+ lookupPrincipal, MessageEnums.INVALID_INPUT_DATA);
- }
-
- if(LOG.isDebugEnabled()){
- LOG.debug("Checking for Lookup User : "+lookupUser);
- }
- if(!StringUtils.isEmpty(lookupUser)){
- XXUser xxUser = daoMgr.getXXUser().findByUserName(lookupUser);
- if (xxUser != null) {
- vXUser = xUserService.populateViewBean(xxUser);
- } else {
- vXUser = xUserMgr.createServiceConfigUser(lookupUser);
- LOG.info("Creating Lookup User : "+vXUser.getName());
- }
+ if (serviceConfig.containsKey(AMBARI_SERVICE_CHECK_USER)) {
+ String userNames = serviceConfig.get(AMBARI_SERVICE_CHECK_USER);
+ String[] userList = userNames.split(",");
+ for (String userName : userList) {
+ if (!StringUtils.isEmpty(userName)) {
+ ret.add(userName);
}
}
}
- return vXUser;
- }
-
- Map<String, RangerPolicyResource> createDefaultPolicyResource(List<RangerResourceDef> resourceHierarchy) throws Exception {
- Map<String, RangerPolicyResource> resourceMap = new HashMap<>();
-
- for (RangerResourceDef resourceDef : resourceHierarchy) {
- RangerPolicyResource polRes = new RangerPolicyResource();
- polRes.setIsExcludes(false);
- polRes.setIsRecursive(false);
-
- String value = "*";
- if("path".equalsIgnoreCase(resourceDef.getName())) {
- value = "/*";
- }
-
- if(resourceDef.getRecursiveSupported()) {
- polRes.setIsRecursive(Boolean.TRUE);
- }
-
- polRes.setValue(value);
- resourceMap.put(resourceDef.getName(), polRes);
- }
- return resourceMap;
+ return ret;
}
private Map<String, String> validateRequiredConfigParams(RangerService service, Map<String, String> configs) {
@@ -2932,10 +2637,12 @@ public class ServiceDBStore extends AbstractServiceStore {
List<String> users = policyItem.getUsers();
for(int i = 0; i < users.size(); i++) {
String user = users.get(i);
-
+ if (StringUtils.isBlank(user)) {
+ continue;
+ }
XXUser xUser = daoMgr.getXXUser().findByUserName(user);
if(xUser == null) {
- throw new Exception(user + ": user does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
+ throw new Exception(user + ": user does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "' user='" + user +"'");
}
XXPolicyItemUserPerm xUserPerm = new XXPolicyItemUserPerm();
xUserPerm = (XXPolicyItemUserPerm) rangerAuditFields.populateAuditFields(xUserPerm, xPolicyItem);
@@ -2948,10 +2655,12 @@ public class ServiceDBStore extends AbstractServiceStore {
List<String> groups = policyItem.getGroups();
for(int i = 0; i < groups.size(); i++) {
String group = groups.get(i);
-
+ if (StringUtils.isBlank(group)) {
+ continue;
+ }
XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
if(xGrp == null) {
- throw new Exception(group + ": group does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "'");
+ throw new Exception(group + ": group does not exist. policy='"+ policy.getName() + "' service='"+ policy.getService() + "' group='" + group + "'");
}
XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
xGrpPerm = (XXPolicyItemGroupPerm) rangerAuditFields.populateAuditFields(xGrpPerm, xPolicyItem);
@@ -2991,7 +2700,7 @@ public class ServiceDBStore extends AbstractServiceStore {
if(CollectionUtils.isNotEmpty(policyItems)) {
for (int itemOrder = 0; itemOrder < policyItems.size(); itemOrder++) {
RangerPolicyItem policyItem = policyItems.get(itemOrder);
- XXPolicyItem xPolicyItem = createNewPolicyItemForPolicy(policy, xPolicy, policyItem, xServiceDef, itemOrder, policyItemType);
+ createNewPolicyItemForPolicy(policy, xPolicy, policyItem, xServiceDef, itemOrder, policyItemType);
}
}
}
@@ -3019,7 +2728,7 @@ public class ServiceDBStore extends AbstractServiceStore {
xxDataMaskInfo.setConditionExpr(dataMaskInfo.getConditionExpr());
xxDataMaskInfo.setValueExpr(dataMaskInfo.getValueExpr());
- xxDataMaskInfo = daoMgr.getXXPolicyItemDataMaskInfo().create(xxDataMaskInfo);
+ daoMgr.getXXPolicyItemDataMaskInfo().create(xxDataMaskInfo);
}
}
}
@@ -3755,6 +3464,10 @@ public class ServiceDBStore extends AbstractServiceStore {
private void writeBookForPolicyItems(RangerPolicy policy, RangerPolicyItem policyItem,
RangerDataMaskPolicyItem dataMaskPolicyItem, RangerRowFilterPolicyItem rowFilterPolicyItem, Row row, String policyConditonType) {
+ if (LOG.isDebugEnabled()) {
+ // To avoid PMD violation
+ LOG.debug("policyConditonType:[" + policyConditonType + "]");
+ }
List<String> groups = new ArrayList<String>();
List<String> users = new ArrayList<String>();
String groupNames = "";
http://git-wip-us.apache.org/repos/asf/ranger/blob/c9e94357/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
index 2b773da..cf3485e 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java
@@ -45,7 +45,7 @@ import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumElementDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef;
import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef;
-import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
+//import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
import org.apache.ranger.plugin.store.PList;
import org.apache.ranger.plugin.store.ServicePredicateUtil;
import org.apache.ranger.plugin.util.SearchFilter;
@@ -137,22 +137,6 @@ public class TestServiceDBStore {
.getCurrentUserSession();
currentUserSession.setUserAdmin(true);
}
-
- private XXAccessTypeDef rangerKmsAccessTypes(String accessTypeName, int itemId) {
- XXAccessTypeDef accessTypeDefObj = new XXAccessTypeDef();
- accessTypeDefObj.setAddedByUserId(Id);
- accessTypeDefObj.setCreateTime(new Date());
- accessTypeDefObj.setDefid(Long.valueOf(itemId));
- accessTypeDefObj.setId(Long.valueOf(itemId));
- accessTypeDefObj.setItemId(Long.valueOf(itemId));
- accessTypeDefObj.setLabel(accessTypeName);
- accessTypeDefObj.setName(accessTypeName);
- accessTypeDefObj.setOrder(null);
- accessTypeDefObj.setRbkeylabel(null);
- accessTypeDefObj.setUpdatedByUserId(Id);
- accessTypeDefObj.setUpdateTime(new Date());
- return accessTypeDefObj;
- }
private RangerServiceDef rangerServiceDef() {
List<RangerServiceConfigDef> configs = new ArrayList<RangerServiceConfigDef>();
@@ -222,28 +206,6 @@ public class TestServiceDBStore {
return rangerService;
}
-
- private RangerService rangerKMSService() {
- Map<String, String> configs = new HashMap<String, String>();
- configs.put("username", "servicemgr");
- configs.put("password", "servicemgr");
- configs.put("provider", "kmsurl");
-
- RangerService rangerService = new RangerService();
- rangerService.setId(Id);
- rangerService.setConfigs(configs);
- rangerService.setCreateTime(new Date());
- rangerService.setDescription("service kms policy");
- rangerService.setGuid("1427365526516_835_1");
- rangerService.setIsEnabled(true);
- rangerService.setName("KMS_1");
- rangerService.setPolicyUpdateTime(new Date());
- rangerService.setType("7");
- rangerService.setUpdatedBy("Admin");
- rangerService.setUpdateTime(new Date());
-
- return rangerService;
- }
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
@@ -1234,10 +1196,10 @@ public class TestServiceDBStore {
ServiceDBStore spy = Mockito.spy(serviceDBStore);
- Mockito.doNothing().when(spy).createDefaultPolicies(xService, vXUser);
+ Mockito.doNothing().when(spy).createDefaultPolicies(rangerService);
spy.createService(rangerService);
-
+
Mockito.verify(daoManager, Mockito.atLeast(1)).getXXService();
Mockito.verify(daoManager).getXXServiceConfigMap();
}
@@ -2676,131 +2638,4 @@ public class TestServiceDBStore {
Assert.assertNotNull(policyList);
Mockito.verify(daoManager).getXXPolicy();
}
-
- @Test
- public void test41createKMSService() throws Exception {
- XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
- XXPolicy xPolicy = Mockito.mock(XXPolicy.class);
- XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class);
- XXAccessTypeDefDao xAccessTypeDefDao = Mockito
- .mock(XXAccessTypeDefDao.class);
- XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
- XXServiceConfigMapDao xServiceConfigMapDao = Mockito
- .mock(XXServiceConfigMapDao.class);
- XXUserDao xUserDao = Mockito.mock(XXUserDao.class);
- XXServiceConfigDefDao xServiceConfigDefDao = Mockito
- .mock(XXServiceConfigDefDao.class);
- XXService xService = Mockito.mock(XXService.class);
- XXUser xUser = Mockito.mock(XXUser.class);
- XXServiceDef xServiceDef = Mockito.mock(XXServiceDef.class);
- Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
- Mockito.when(xServiceDefDao.findByName("KMS_1")).thenReturn(
- xServiceDef);
- Mockito.when(xService.getName()).thenReturn(
- "KMS_1");
- Mockito.when(xServiceDao.findByName("KMS_1")).thenReturn(
- xService);
- Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true);
-
- RangerService rangerService = rangerKMSService();
- VXUser vXUser = null;
- String userName = "servicemgr";
- Mockito.when(xService.getType()).thenReturn(Long.valueOf(rangerService.getType()));
- Mockito.when(xServiceDefDao.getById(Long.valueOf(rangerService.getType()))).thenReturn(xServiceDef);
- Mockito.when(xServiceDef.getImplclassname()).thenReturn(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME);
- List<XXServiceConfigDef> svcConfDefList = new ArrayList<XXServiceConfigDef>();
- XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef();
- serviceConfigDefObj.setId(Id);
- serviceConfigDefObj.setType("7");
- svcConfDefList.add(serviceConfigDefObj);
- Mockito.when(daoManager.getXXServiceConfigDef()).thenReturn(
- xServiceConfigDefDao);
- Mockito.when(xServiceConfigDefDao.findByServiceDefName(userName))
- .thenReturn(svcConfDefList);
-
- Mockito.when(svcService.create(rangerService)).thenReturn(rangerService);
-
- Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
- Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn(
- xService);
- Mockito.when(daoManager.getXXServiceConfigMap()).thenReturn(
- xServiceConfigMapDao);
-
- Mockito.when(stringUtil.getValidUserName(userName))
- .thenReturn(userName);
- Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao);
- Mockito.when(xUserDao.findByUserName(userName)).thenReturn(xUser);
-
- Mockito.when(xUserService.populateViewBean(xUser)).thenReturn(vXUser);
- Mockito.when(xUserMgr.createServiceConfigUser(userName)).thenReturn(vXUser);
- VXUser vXUserHdfs = new VXUser();
- vXUserHdfs.setName("hdfs");
- vXUserHdfs.setPassword("hdfs");
- Mockito.when(xUserMgr.createServiceConfigUser("hdfs")).thenReturn(vXUserHdfs);
- VXUser vXUserHive = new VXUser();
- vXUserHive.setName("hive");
- vXUserHive.setPassword("hive");
- Mockito.when(xUserMgr.createServiceConfigUser("hive")).thenReturn(vXUserHive);
-
- XXServiceConfigMap xConfMap = new XXServiceConfigMap();
- Mockito.when(rangerAuditFields.populateAuditFields(xConfMap, xService))
- .thenReturn(xService);
-
- Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn(
- rangerService);
-
- Mockito.when(
- rangerAuditFields.populateAuditFields(
- Mockito.isA(XXServiceConfigMap.class),
- Mockito.isA(XXService.class))).thenReturn(xConfMap);
-
- Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao);
-
- Mockito.when(xPolicyDao.getById(Id)).thenReturn(xPolicy);
-
-
- List<XXAccessTypeDef> accessTypeDefList = new ArrayList<XXAccessTypeDef>();
- accessTypeDefList.add(rangerKmsAccessTypes("getmetadata", 7));
- accessTypeDefList.add(rangerKmsAccessTypes("generateeek", 8));
- accessTypeDefList.add(rangerKmsAccessTypes("decrypteek", 9));
-
- RangerServiceDef ran = new RangerServiceDef();
- ran.setName("KMS Test");
- Mockito.when(serviceDefService.read(1L)).thenReturn(ran);
- Long serviceDefId = ran.getId();
-
- ServiceDBStore spy = Mockito.spy(serviceDBStore);
-
- Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn(
- xAccessTypeDefDao);
- Mockito.when(xAccessTypeDefDao.findByServiceDefId(serviceDefId))
- .thenReturn(accessTypeDefList);
- Mockito.when(spy.getServiceByName("KMS_1")).thenReturn(
- rangerService);
- Mockito.doNothing().when(spy).createDefaultPolicies(xService, vXUser);
-
- RangerPolicy policy = new RangerPolicy();
- RangerResourceDef resourceDef = new RangerResourceDef();
- resourceDef.setItemId(Id);
- resourceDef.setName("keyname");
- resourceDef.setType("string");
- resourceDef.setType("string");
- resourceDef.setLabel("Key Name");
- resourceDef.setDescription("Key Name");
-
- List<RangerResourceDef> resourceHierarchy = new ArrayList<RangerResourceDef>();
- resourceHierarchy.addAll(resourceHierarchy);
-
- spy.createService(rangerService);
- vXUser = new VXUser();
- vXUser.setName(userName);
- vXUser.setPassword(userName);
-
- spy.createDefaultPolicy(policy, xService, vXUser, resourceHierarchy);
-
- Mockito.verify(daoManager, Mockito.atLeast(1)).getXXService();
- Mockito.verify(daoManager).getXXServiceConfigMap();
- //Assert.assertNull(policy);
- Assert.assertEquals(3, policy.getPolicyItems().size());
- }
}