You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/04/09 16:56:10 UTC
incubator-ranger git commit: RANGER-383 : Add new column to track
resource signature in policy table
Repository: incubator-ranger
Updated Branches:
refs/heads/master 405b3e6a8 -> d673e5940
RANGER-383 : Add new column to track resource signature in policy table
Signed-off-by: Madhan Neethiraj <ma...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/d673e594
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/d673e594
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/d673e594
Branch: refs/heads/master
Commit: d673e5940680a69e600b87f017d3d76ac39cd4e0
Parents: 405b3e6
Author: Gautam Borad <gb...@gmail.com>
Authored: Thu Apr 9 14:23:22 2015 +0530
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Thu Apr 9 07:50:47 2015 -0700
----------------------------------------------------------------------
.../ranger/plugin/model/RangerPolicy.java | 37 +++++++++++++++-----
.../ranger/plugin/store/TestServiceStore.java | 2 +-
.../db/mysql/patches/009-updated_schema.sql | 2 +-
.../db/oracle/patches/009-updated_schema.sql | 2 +-
.../db/postgres/xa_core_db_postgres.sql | 2 +-
.../db/sqlserver/xa_core_db_sqlserver.sql | 7 ++--
.../java/org/apache/ranger/db/XXPolicyDao.java | 12 +++++++
.../org/apache/ranger/entity/XXPolicyBase.java | 36 +++++++++++++++++--
.../ranger/service/RangerPolicyServiceBase.java | 2 ++
.../resources/META-INF/jpa_named_queries.xml | 4 +++
10 files changed, 85 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
index 9130863..4001e7e 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java
@@ -43,20 +43,21 @@ import org.codehaus.jackson.map.annotate.JsonSerialize;
public class RangerPolicy extends RangerBaseModelObject implements java.io.Serializable {
private static final long serialVersionUID = 1L;
- private String service = null;
- private String name = null;
- private Integer policyType = null;
- private String description = null;
- private Boolean isAuditEnabled = null;
- private Map<String, RangerPolicyResource> resources = null;
- private List<RangerPolicyItem> policyItems = null;
+ private String service = null;
+ private String name = null;
+ private Integer policyType = null;
+ private String description = null;
+ private String resourceSignature = null;
+ private Boolean isAuditEnabled = null;
+ private Map<String, RangerPolicyResource> resources = null;
+ private List<RangerPolicyItem> policyItems = null;
/**
* @param type
*/
public RangerPolicy() {
- this(null, null, null, null, null, null);
+ this(null, null, null, null, null, null, null);
}
/**
@@ -66,14 +67,16 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
* @param description
* @param resources
* @param policyItems
+ * @param resourceSignature TODO
*/
- public RangerPolicy(String service, String name, Integer policyType, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) {
+ public RangerPolicy(String service, String name, Integer policyType, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems, String resourceSignature) {
super();
setService(service);
setName(name);
setPolicyType(policyType);
setDescription(description);
+ setResourceSignature(resourceSignature);
setIsAuditEnabled(null);
setResources(resources);
setPolicyItems(policyItems);
@@ -89,6 +92,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
setName(other.getName());
setPolicyType(other.getPolicyType());
setDescription(other.getDescription());
+ setResourceSignature(other.getResourceSignature());
setIsAuditEnabled(other.getIsAuditEnabled());
setResources(other.getResources());
setPolicyItems(other.getPolicyItems());
@@ -149,6 +153,20 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
public void setDescription(String description) {
this.description = description;
}
+
+ /**
+ * @return the resourceSignature
+ */
+ public String getResourceSignature() {
+ return resourceSignature;
+ }
+
+ /**
+ * @param resourceSignature the resourceSignature to set
+ */
+ public void setResourceSignature(String resourceSignature) {
+ this.resourceSignature = resourceSignature;
+ }
/**
* @return the isAuditEnabled
@@ -238,6 +256,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria
sb.append("name={").append(name).append("} ");
sb.append("policyType={").append(policyType).append("} ");
sb.append("description={").append(description).append("} ");
+ sb.append("resourceSignature={").append(resourceSignature).append("} ");
sb.append("isAuditEnabled={").append(isAuditEnabled).append("} ");
sb.append("resources={");
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java
----------------------------------------------------------------------
diff --git a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java
index 7ceb00e..852040e 100644
--- a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java
+++ b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java
@@ -153,7 +153,7 @@ public class TestServiceStore {
int initPolicyCount = policies == null ? 0 : policies.size();
- RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, 0, "test policy description", null, null);
+ RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, 0, "test policy description", null, null, null);
policy.getResources().put("path", new RangerPolicyResource("/demo/test/finance", Boolean.FALSE, Boolean.TRUE));
RangerPolicyItem item1 = new RangerPolicyItem();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/mysql/patches/009-updated_schema.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/mysql/patches/009-updated_schema.sql b/security-admin/db/mysql/patches/009-updated_schema.sql
index a0d27e2..40e71ca 100644
--- a/security-admin/db/mysql/patches/009-updated_schema.sql
+++ b/security-admin/db/mysql/patches/009-updated_schema.sql
@@ -82,10 +82,10 @@ CREATE TABLE `x_policy` (
`name` varchar(512) DEFAULT NULL,
`policy_type` int(11) DEFAULT 0,
`description` varchar(1024) DEFAULT NULL,
+`resource_signature` varchar(128) DEFAULT NULL,
`is_enabled` tinyint(1) NOT NULL DEFAULT '0',
`is_audit_enabled` tinyint(1) NOT NULL DEFAULT '0',
primary key (`id`),
-UNIQUE KEY `x_policy_name` (`name`),
KEY `x_policy_added_by_id` (`added_by_id`),
KEY `x_policy_upd_by_id` (`upd_by_id`),
KEY `x_policy_cr_time` (`create_time`),
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/oracle/patches/009-updated_schema.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/oracle/patches/009-updated_schema.sql b/security-admin/db/oracle/patches/009-updated_schema.sql
index c7c8493..cdbdeb8 100644
--- a/security-admin/db/oracle/patches/009-updated_schema.sql
+++ b/security-admin/db/oracle/patches/009-updated_schema.sql
@@ -87,10 +87,10 @@ service NUMBER(20) DEFAULT NULL NULL,
name VARCHAR(512) DEFAULT NULL NULL,
policy_type NUMBER(11) DEFAULT '0' NULL,
description VARCHAR(1024) DEFAULT NULL NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
is_enabled NUMBER(1) DEFAULT '0' NOT NULL,
is_audit_enabled NUMBER(1) DEFAULT '0' NOT NULL,
primary key (id),
-CONSTRAINT x_policy_name UNIQUE (name),
CONSTRAINT x_policy_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id),
CONSTRAINT x_policy_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id),
CONSTRAINT x_policy_FK_service FOREIGN KEY (service) REFERENCES x_service (id)
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/postgres/xa_core_db_postgres.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/postgres/xa_core_db_postgres.sql b/security-admin/db/postgres/xa_core_db_postgres.sql
index 0e1f731..fa65052 100644
--- a/security-admin/db/postgres/xa_core_db_postgres.sql
+++ b/security-admin/db/postgres/xa_core_db_postgres.sql
@@ -518,10 +518,10 @@ service BIGINT DEFAULT NULL NULL,
name VARCHAR(512) DEFAULT NULL NULL,
policy_type int(11) DEFAULT 0 NULL,
description VARCHAR(1024) DEFAULT NULL NULL,
+resource_signature VARCHAR(128) DEFAULT NULL NULL,
is_enabled BOOLEAN DEFAULT '0' NOT NULL,
is_audit_enabled BOOLEAN DEFAULT '0' NOT NULL,
primary key(id),
-CONSTRAINT x_policy_name UNIQUE(name),
CONSTRAINT x_policy_FK_added_by_id FOREIGN KEY(added_by_id) REFERENCES x_portal_user(id),
CONSTRAINT x_policy_FK_upd_by_id FOREIGN KEY(upd_by_id) REFERENCES x_portal_user(id),
CONSTRAINT x_policy_FK_service FOREIGN KEY(service) REFERENCES x_service(id)
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
index 9bfe39f..665e022 100644
--- a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql
@@ -1811,16 +1811,13 @@ CREATE TABLE [dbo].[x_policy] (
[name] [varchar](512) DEFAULT NULL NULL,
[policy_type] [int] DEFAULT 0 NULL,
[description] [varchar](1024) DEFAULT NULL NULL,
+ [resource_signature] [varchar](128) DEFAULT NULL NULL,
[is_enabled] [tinyint] DEFAULT 0 NOT NULL,
[is_audit_enabled] [tinyint] DEFAULT 0 NOT NULL,
PRIMARY KEY CLUSTERED
(
[id] ASC
-)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY],
-CONSTRAINT [x_policy$x_policy_name] UNIQUE NONCLUSTERED
-(
- [name] ASC
-)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
+)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY]
GO
SET ANSI_NULLS ON
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
index cb57b04..e2f5a41 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
@@ -71,5 +71,17 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
return null;
}
}
+
+ public List<XXPolicy> findByResourceSignature(String resSignature) {
+ if (resSignature == null) {
+ return new ArrayList<XXPolicy>();
+ }
+ try {
+ return getEntityManager().createNamedQuery("XXPolicy.findByResourceSignature", tClass)
+ .setParameter("resSignature", resSignature).getResultList();
+ } catch (NoResultException e) {
+ return new ArrayList<XXPolicy>();
+ }
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
index 70f2321..7e59530 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
@@ -80,6 +80,15 @@ public abstract class XXPolicyBase extends XXDBBase {
*/
@Column(name = "description")
protected String description;
+
+ /**
+ * resource_signature of the XXPolicy
+ * <ul>
+ * </ul>
+ *
+ */
+ @Column(name = "resource_signature")
+ protected String resourceSignature;
/**
* isEnabled of the XXPolicy
@@ -193,6 +202,20 @@ public abstract class XXPolicyBase extends XXDBBase {
public String getDescription() {
return this.description;
}
+
+ /**
+ * @return the resourceSignature
+ */
+ public String getResourceSignature() {
+ return resourceSignature;
+ }
+
+ /**
+ * @param resourceSignature the resourceSignature to set
+ */
+ public void setResourceSignature(String resourceSignature) {
+ this.resourceSignature = resourceSignature;
+ }
/**
* This method sets the value to the member attribute <b> isEnabled</b> .
@@ -276,6 +299,13 @@ public abstract class XXPolicyBase extends XXDBBase {
} else if (!description.equals(other.description)) {
return false;
}
+ if (resourceSignature == null) {
+ if (other.resourceSignature != null) {
+ return false;
+ }
+ } else if (!resourceSignature.equals(other.resourceSignature)) {
+ return false;
+ }
if (isAuditEnabled != other.isAuditEnabled) {
return false;
}
@@ -320,9 +350,9 @@ public abstract class XXPolicyBase extends XXDBBase {
*/
@Override
public String toString() {
- return "XXPolicyBase [" + super.toString() + " guid=" + guid + ", version=" + version + ", service=" + service
- + ", name=" + name + ", policyType=" + policyType + ", description=" + description + ", isEnabled="
- + isEnabled + ", isAuditEnabled=" + isAuditEnabled + "]";
+ return "XXPolicyBase [guid=" + guid + ", version=" + version + ", service=" + service + ", name=" + name
+ + ", policyType=" + policyType + ", description=" + description + ", resourceSignature="
+ + resourceSignature + ", isEnabled=" + isEnabled + ", isAuditEnabled=" + isAuditEnabled + "]";
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
index 8814c27..34bc77a 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
@@ -102,6 +102,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends
xObj.setName(vObj.getName());
xObj.setPolicyType(vObj.getPolicyType());
xObj.setDescription(vObj.getDescription());
+ xObj.setResourceSignature(vObj.getResourceSignature());
xObj.setIsAuditEnabled(vObj.getIsAuditEnabled());
xObj.setIsEnabled(vObj.getIsEnabled());
@@ -118,6 +119,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends
vObj.setName(xObj.getName());
vObj.setPolicyType(xObj.getPolicyType());
vObj.setDescription(xObj.getDescription());
+ vObj.setResourceSignature(xObj.getResourceSignature());
vObj.setIsEnabled(xObj.getIsEnabled());
vObj.setIsAuditEnabled(xObj.getIsAuditEnabled());
return vObj;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
----------------------------------------------------------------------
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 6a3d795..e5d74f0 100644
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -211,6 +211,10 @@
<named-query name="XXPolicy.getMaxIdOfXXPolicy">
<query>select MAX(obj.id) from XXPolicy obj</query>
</named-query>
+
+ <named-query name="XXPolicy.findByResourceSignature">
+ <query>select obj from XXPolicy obj where obj.resourceSignature = :resSignature</query>
+ </named-query>
<!-- XXServiceDef -->
<named-query name="XXServiceDef.findByName">