Java Code Examples for org.apache.ranger.plugin.model.RangerPolicy#setIsEnabled()
The following examples show how to use
org.apache.ranger.plugin.model.RangerPolicy#setIsEnabled() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.java From ranger with Apache License 2.0 | 6 votes |
|
private RangerPolicy getRangerPolicyObject(String serviceName, String policyName) {
RangerPolicy rangerPolicy = new RangerPolicy();
RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(rangerPolicy);
rangerPolicy.setName(policyName);
rangerPolicy.setDescription("Policy for " + policyName);
rangerPolicy.setService(serviceName);
rangerPolicy.setPolicyPriority(RangerPolicy.POLICY_PRIORITY_NORMAL);
rangerPolicy.setIsAuditEnabled(Boolean.TRUE);
rangerPolicy.setIsEnabled(Boolean.TRUE);
rangerPolicy.setPolicyType(RangerPolicy.POLICY_TYPE_ACCESS);
rangerPolicy.setGuid(guidUtil.genGUID());
rangerPolicy.setResourceSignature(resourceSignature.getSignature());
rangerPolicy.setZoneName("");
rangerPolicy.setUpdatedBy(LOGIN_ID_ADMIN);
return rangerPolicy;
}
Example 2
| Source File: TestRangerBasePluginWithPolicies.java From nifi with Apache License 2.0 | 5 votes |
|
@Test
public void testDisabledPolicy() {
final String resourceIdentifier1 = "/resource-1";
RangerPolicyResource resource1 = new RangerPolicyResource(resourceIdentifier1);
final Map<String, RangerPolicyResource> policy1Resources = new HashMap<>();
policy1Resources.put(resourceIdentifier1, resource1);
final RangerPolicyItem policy1Item = new RangerPolicyItem();
policy1Item.setAccesses(Stream.of(new RangerPolicyItemAccess("READ")).collect(Collectors.toList()));
final RangerPolicy policy1 = new RangerPolicy();
policy1.setIsEnabled(false);
policy1.setResources(policy1Resources);
policy1.setPolicyItems(Stream.of(policy1Item).collect(Collectors.toList()));
final List<RangerPolicy> policies = new ArrayList<>();
policies.add(policy1);
final RangerServiceDef serviceDef = new RangerServiceDef();
serviceDef.setName("nifi");
final ServicePolicies servicePolicies = new ServicePolicies();
servicePolicies.setPolicies(policies);
servicePolicies.setServiceDef(serviceDef);
// set all the policies in the plugin
final RangerBasePluginWithPolicies pluginWithPolicies = new RangerBasePluginWithPolicies("nifi", "nifi");
pluginWithPolicies.setPolicies(servicePolicies);
// ensure the policy was skipped
assertFalse(pluginWithPolicies.doesPolicyExist(resourceIdentifier1, RequestAction.READ));
assertTrue(pluginWithPolicies.getAccessPolicies().isEmpty());
assertNull(pluginWithPolicies.getAccessPolicy(resourceIdentifier1, RequestAction.READ));
}
Example 3
| Source File: TestXUserMgr.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<String> policyLabels = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
RangerPolicy policy = new RangerPolicy();
policy.setId(userId);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setPolicyLabels(policyLabels);
return policy;
}
Example 4
| Source File: TestAssetREST.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy(Long id) {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
policyResource.put("resource", rangerPolicyResource);
RangerPolicy policy = new RangerPolicy();
policy.setId(id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setService("HDFS_1");
return policy;
}
Example 5
| Source File: TestServiceREST.java From ranger with Apache License 2.0 | 5 votes |
|
RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
policyResource.put("resource", rangerPolicyResource);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
return policy;
}
Example 6
| Source File: TestPublicAPIsv2.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy1() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("2");
rangerPolicyResource.setValues(users);
policyResource.put("resource", rangerPolicyResource);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id2);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062454");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062454");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setService("HDFS_2");
return policy;
}
Example 7
| Source File: TestPublicAPIsv2.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
policyResource.put("resource", rangerPolicyResource);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setService("HDFS_1");
return policy;
}
Example 8
| Source File: TestPublicAPIs.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
policyResource.put("resource", rangerPolicyResource);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setService("HDFS_1");
return policy;
}
Example 9
| Source File: TestRangerPolicyService.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setPolicyType(0);
return policy;
}
Example 10
| Source File: TestRangerPolicyServiceBase.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy rangerPolicy() {
List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>();
List<String> users = new ArrayList<String>();
List<String> groups = new ArrayList<String>();
List<RangerPolicyItemCondition> conditions = new ArrayList<RangerPolicyItemCondition>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
RangerPolicyItem rangerPolicyItem = new RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicyResource> policyResource = new HashMap<String, RangerPolicyResource>();
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(true);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("1");
rangerPolicyResource.setValues(users);
RangerPolicy policy = new RangerPolicy();
policy.setId(Id);
policy.setCreateTime(new Date());
policy.setDescription("policy");
policy.setGuid("policyguid");
policy.setIsEnabled(true);
policy.setName("HDFS_1-1-20150316062453");
policy.setUpdatedBy("Admin");
policy.setUpdateTime(new Date());
policy.setService("HDFS_1-1-20150316062453");
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setZoneName("");
return policy;
}
Example 11
| Source File: RangerBaseService.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy getDefaultPolicy(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerBaseService.getDefaultPolicy()");
}
RangerPolicy policy = new RangerPolicy();
String policyName=buildPolicyName(resourceHierarchy);
policy.setIsEnabled(true);
policy.setVersion(1L);
policy.setName(policyName);
policy.setService(service.getName());
policy.setDescription("Policy for " + policyName);
policy.setIsAuditEnabled(true);
policy.setResources(createDefaultPolicyResource(resourceHierarchy));
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
//Create Default policy item for the service user
RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(policy.getResources());
policyItems.add(policyItem);
policy.setPolicyItems(policyItems);
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerBaseService.getDefaultPolicy()" + policy);
}
return policy;
}
Example 12
| Source File: PatchForNifiResourceUpdateExclude_J10011.java From ranger with Apache License 2.0 | 5 votes |
|
private void updateNifiServiceDef(){
RangerServiceDef ret = null;
RangerServiceDef dbNifiServiceDef = null;
try {
dbNifiServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME);
if (dbNifiServiceDef != null) {
List<RangerResourceDef> rRDefList = null;
rRDefList = dbNifiServiceDef.getResources();
if (CollectionUtils.isNotEmpty(rRDefList)) {
for (RangerResourceDef rRDef : rRDefList) {
if (rRDef.getExcludesSupported()) {
rRDef.setExcludesSupported(false);
}
XXResourceDef sdf=daoMgr.getXXResourceDef().findByNameAndServiceDefId(rRDef.getName(), dbNifiServiceDef.getId());
long ResourceDefId=sdf.getId();
List<XXPolicyResource> RangerPolicyResourceList=daoMgr.getXXPolicyResource().findByResDefId(ResourceDefId);
if (CollectionUtils.isNotEmpty(RangerPolicyResourceList)){
for(XXPolicyResource RangerPolicyResource : RangerPolicyResourceList){
if(RangerPolicyResource.getIsexcludes()){
RangerPolicy rPolicy=svcDBStore.getPolicy(RangerPolicyResource.getPolicyid());
rPolicy.setIsEnabled(false);
svcStore.updatePolicy(rPolicy);
}
}
}
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbNifiServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbNifiServiceDef);
}
if (ret == null) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME+ "service-def");
}
} catch (Exception e) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_NIFI_NAME + "service-def", e);
}
}
Example 13
| Source File: TestRangerBasePluginWithPolicies.java From nifi-registry with Apache License 2.0 | 5 votes |
|
@Test
public void testDisabledPolicy() {
final String resourceIdentifier1 = "/resource-1";
RangerPolicy.RangerPolicyResource resource1 = new RangerPolicy.RangerPolicyResource(resourceIdentifier1);
final Map<String, RangerPolicy.RangerPolicyResource> policy1Resources = new HashMap<>();
policy1Resources.put(resourceIdentifier1, resource1);
final RangerPolicy.RangerPolicyItem policy1Item = new RangerPolicy.RangerPolicyItem();
policy1Item.setAccesses(Stream.of(new RangerPolicy.RangerPolicyItemAccess("READ")).collect(Collectors.toList()));
final RangerPolicy policy1 = new RangerPolicy();
policy1.setIsEnabled(false);
policy1.setResources(policy1Resources);
policy1.setPolicyItems(Stream.of(policy1Item).collect(Collectors.toList()));
final List<RangerPolicy> policies = new ArrayList<>();
policies.add(policy1);
final RangerServiceDef serviceDef = new RangerServiceDef();
serviceDef.setName("nifi-registry");
final ServicePolicies servicePolicies = new ServicePolicies();
servicePolicies.setPolicies(policies);
servicePolicies.setServiceDef(serviceDef);
// set all the policies in the plugin
final RangerBasePluginWithPolicies pluginWithPolicies = new RangerBasePluginWithPolicies("nifi-registry", "nifi-registry");
pluginWithPolicies.setPolicies(servicePolicies);
// ensure the policy was skipped
assertFalse(pluginWithPolicies.doesPolicyExist(resourceIdentifier1, RequestAction.READ));
assertTrue(pluginWithPolicies.getAccessPolicies().isEmpty());
assertNull(pluginWithPolicies.getAccessPolicy(resourceIdentifier1, RequestAction.READ));
}
Example 14
| Source File: PatchMigration_J10002.java From ranger with Apache License 2.0 | 4 votes |
|
private RangerPolicy mapXResourceToPolicy(RangerPolicy policy, XXResource xRes, RangerService service) {
String serviceName = service.getName();
String serviceType = service.getType();
String name = xRes.getPolicyName();
String description = xRes.getDescription();
Boolean isAuditEnabled = true;
Boolean isEnabled = true;
Map<String, RangerPolicyResource> resources = new HashMap<String, RangerPolicyResource>();
List<RangerPolicyItem> policyItems = new ArrayList<RangerPolicyItem>();
XXServiceDef svcDef = daoMgr.getXXServiceDef().findByName(serviceType);
if(svcDef == null) {
logger.error(serviceType + ": service-def not found. Skipping policy '" + name + "'");
return null;
}
List<XXAuditMap> auditMapList = daoMgr.getXXAuditMap().findByResourceId(xRes.getId());
if (stringUtil.isEmpty(auditMapList)) {
isAuditEnabled = false;
}
if (xRes.getResourceStatus() == AppConstants.STATUS_DISABLED) {
isEnabled = false;
}
Boolean isPathRecursive = xRes.getIsRecursive() == RangerCommonEnums.BOOL_TRUE;
Boolean isTableExcludes = xRes.getTableType() == RangerCommonEnums.POLICY_EXCLUSION;
Boolean isColumnExcludes = xRes.getColumnType() == RangerCommonEnums.POLICY_EXCLUSION;
if (StringUtils.equalsIgnoreCase(serviceType, "hdfs")) {
toRangerResourceList(xRes.getName(), "path", Boolean.FALSE, isPathRecursive, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "hbase")) {
toRangerResourceList(xRes.getTables(), "table", isTableExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumnFamilies(), "column-family", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumns(), "column", isColumnExcludes, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "hive")) {
toRangerResourceList(xRes.getDatabases(), "database", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getTables(), "table", isTableExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getColumns(), "column", isColumnExcludes, Boolean.FALSE, resources);
toRangerResourceList(xRes.getUdfs(), "udf", Boolean.FALSE, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "knox")) {
toRangerResourceList(xRes.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, resources);
toRangerResourceList(xRes.getServices(), "service", Boolean.FALSE, Boolean.FALSE, resources);
} else if (StringUtils.equalsIgnoreCase(serviceType, "storm")) {
toRangerResourceList(xRes.getTopologies(), "topology", Boolean.FALSE, Boolean.FALSE, resources);
}
policyItems = getPolicyItemListForRes(xRes, svcDef);
policy.setService(serviceName);
policy.setName(name);
policy.setDescription(description);
policy.setIsAuditEnabled(isAuditEnabled);
policy.setIsEnabled(isEnabled);
policy.setResources(resources);
policy.setPolicyItems(policyItems);
policy.setCreateTime(xRes.getCreateTime());
policy.setUpdateTime(xRes.getUpdateTime());
XXPortalUser createdByUser = daoMgr.getXXPortalUser().getById(xRes.getAddedByUserId());
XXPortalUser updByUser = daoMgr.getXXPortalUser().getById(xRes.getUpdatedByUserId());
if (createdByUser != null) {
policy.setCreatedBy(createdByUser.getLoginId());
}
if (updByUser != null) {
policy.setUpdatedBy(updByUser.getLoginId());
}
policy.setId(xRes.getId());
return policy;
}
Example 15
| Source File: PatchForKafkaServiceDefUpdate_J10033.java From ranger with Apache License 2.0 | 4 votes |
|
private RangerPolicy getRangerPolicy(String newResource, XXPortalUser xxPortalUser, XXService xxService) {
RangerPolicy policy = new RangerPolicy();
List<RangerPolicy.RangerPolicyItemAccess> accesses = getPolicyItemAccesses();
List<String> users = new ArrayList<>(DEFAULT_POLICY_USERS);
List<String> groups = new ArrayList<>(DEFAULT_POLICY_GROUP);
List<RangerPolicy.RangerPolicyItemCondition> conditions = new ArrayList<>();
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicy.RangerPolicyResource> policyResource = new HashMap<>();
RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(false);
rangerPolicyResource.setValue("*");
String policyResourceName = CONSUMERGROUP_RESOURCE_NAME;
policyResource.put(policyResourceName, rangerPolicyResource);
policy.setCreateTime(new Date());
policy.setDescription(newResource);
policy.setIsEnabled(true);
policy.setName(newResource);
policy.setCreatedBy(xxPortalUser.getLoginId());
policy.setUpdatedBy(xxPortalUser.getLoginId());
policy.setUpdateTime(new Date());
policy.setService(xxService.getName());
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setPolicyType(0);
policy.setId(0L);
policy.setGuid("");
policy.setPolicyLabels(new ArrayList<>());
policy.setVersion(1L);
RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(policy);
policy.setResourceSignature(resourceSignature.getSignature());
return policy;
}
Example 16
| Source File: RangerBaseService.java From ranger with Apache License 2.0 | 4 votes |
|
private void addCustomRangerDefaultPolicies(List<RangerPolicy> ret, Map<String, RangerPolicy.RangerPolicyResource> policyResourceMap, String policyPropertyPrefix) throws Exception {
String policyName = configs.get(policyPropertyPrefix + PROP_DEFAULT_POLICY_NAME_SUFFIX);
String description = configs.get(policyPropertyPrefix + "description");
if (StringUtils.isEmpty(description)) {
description = "Policy for " + policyName;
}
RangerPolicy policy = new RangerPolicy();
policy.setName(policyName);
policy.setIsEnabled(true);
policy.setVersion(1L);
policy.setIsAuditEnabled(true);
policy.setService(serviceName);
policy.setDescription(description);
policy.setName(policyName);
policy.setResources(policyResourceMap);
for (int i = 1; ; i++) {
String policyItemPropertyPrefix = policyPropertyPrefix + "policyItem." + i + ".";
String policyItemUsers = configs.get(policyItemPropertyPrefix + "users");
String policyItemGroups = configs.get(policyItemPropertyPrefix + "groups");
String policyItemRoles = configs.get(policyItemPropertyPrefix + "roles");
String policyItemAccessTypes = configs.get(policyItemPropertyPrefix + "accessTypes");
String isDelegateAdmin = configs.get(policyItemPropertyPrefix + "isDelegateAdmin");
if (StringUtils.isEmpty(policyItemAccessTypes) ||
(StringUtils.isEmpty(policyItemUsers) && StringUtils.isEmpty(policyItemGroups) && StringUtils.isEmpty(policyItemRoles))) {
break;
}
RangerPolicyItem policyItem = new RangerPolicyItem();
policyItem.setDelegateAdmin(Boolean.parseBoolean(isDelegateAdmin));
if (StringUtils.isNotBlank(policyItemUsers)) {
policyItem.setUsers(Arrays.asList(policyItemUsers.split(",")));
}
if (StringUtils.isNotBlank(policyItemGroups)) {
policyItem.setGroups(Arrays.asList(policyItemGroups.split(",")));
}
if (StringUtils.isNotBlank(policyItemRoles)) {
policyItem.setRoles(Arrays.asList(policyItemRoles.split(",")));
}
if (StringUtils.isNotBlank(policyItemAccessTypes)) {
for (String accessType : Arrays.asList(policyItemAccessTypes.split(","))) {
RangerPolicyItemAccess polAccess = new RangerPolicyItemAccess(accessType, true);
policyItem.getAccesses().add(polAccess);
}
}
policy.getPolicyItems().add(policyItem);
}
LOG.info(getServiceName() + ": adding default policy: name=" + policy.getName());
ret.add(policy);
}
Example 17
| Source File: TestServiceUtil.java From ranger with Apache License 2.0 | 4 votes |
|
@Test
public void testToVXResourceForPath(){
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setName("resource");
expectedVXResource.setGuid(guidString);
expectedVXResource.setPolicyName("hdfs Policy");
expectedVXResource.setDescription("hdfs policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("hdfs");
expectedVXResource.setAssetType(1);
expectedVXResource.setAuditList(auditList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesList = new ArrayList<String>();
valuesList.add("resource");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("hdfs Policy");
policy.setService("hdfs");
policy.setDescription("hdfs policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("hdfs");
rangerService.setType("hdfs");
RangerPolicyResource rangerPolicyResource = new RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(true);
rangerPolicyResource.setValue("/localhost/files");
rangerPolicyResource.setValues(valuesList);
rangerPolicyResourceMap.put("path", rangerPolicyResource);
policy.setResources(rangerPolicyResourceMap);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
}
Example 18
| Source File: TestServiceUtil.java From ranger with Apache License 2.0 | 4 votes |
|
@Test
public void testToVXResourceForTablesColumnFamiliesAndColumn(){
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setName("/myTable/myColumnFamilies/myColumn");
expectedVXResource.setTables("myTable");
expectedVXResource.setColumnFamilies("myColumnFamilies");
expectedVXResource.setColumns("myColumn");
expectedVXResource.setGuid(guidString);
expectedVXResource.setPolicyName("hbase Policy");
expectedVXResource.setDescription("hbase policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("hbase");
expectedVXResource.setAssetType(2);
expectedVXResource.setResourceStatus(1);
expectedVXResource.setTableType(1);
expectedVXResource.setColumnType(1);
expectedVXResource.setAuditList(auditList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesListForTable = new ArrayList<String>();
valuesListForTable.add("myTable");
List<String> valuesListForColumn = new ArrayList<String>();
valuesListForColumn.add("myColumn");
List<String> valuesListForColumnFamilies = new ArrayList<String>();
valuesListForColumnFamilies.add("myColumnFamilies");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("hbase Policy");
policy.setService("hbase");
policy.setDescription("hbase policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("hbase");
rangerService.setType("hbase");
RangerPolicyResource rangerPolicyResourceForTable = new RangerPolicyResource();
rangerPolicyResourceForTable.setIsExcludes(true);
rangerPolicyResourceForTable.setIsRecursive(true);
rangerPolicyResourceForTable.setValue("table");
rangerPolicyResourceForTable.setValues(valuesListForTable);
rangerPolicyResourceMap.put("table", rangerPolicyResourceForTable);
RangerPolicyResource rangerPolicyResourceForColumn = new RangerPolicyResource();
rangerPolicyResourceForColumn.setIsExcludes(true);
rangerPolicyResourceForColumn.setIsRecursive(true);
rangerPolicyResourceForColumn.setValue("table");
rangerPolicyResourceForColumn.setValues(valuesListForColumn);
rangerPolicyResourceMap.put("column", rangerPolicyResourceForColumn);
RangerPolicyResource rangerPolicyResourceForColumnFamilies = new RangerPolicyResource();
rangerPolicyResourceForColumnFamilies.setIsExcludes(true);
rangerPolicyResourceForColumnFamilies.setIsRecursive(true);
rangerPolicyResourceForColumnFamilies.setValue("table");
rangerPolicyResourceForColumnFamilies.setValues(valuesListForColumnFamilies);
rangerPolicyResourceMap.put("column-family", rangerPolicyResourceForColumnFamilies);
policy.setResources(rangerPolicyResourceMap);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getResourceStatus(), actualVXResource.getResourceStatus());
Assert.assertEquals(expectedVXResource.getTableType(), actualVXResource.getTableType());
Assert.assertEquals(expectedVXResource.getColumnType(), actualVXResource.getColumnType());
Assert.assertEquals(expectedVXResource.getTables(), actualVXResource.getTables());
Assert.assertEquals(expectedVXResource.getColumns(), actualVXResource.getColumns());
Assert.assertEquals(expectedVXResource.getColumnFamilies(), actualVXResource.getColumnFamilies());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
}
Example 19
| Source File: TestServiceUtil.java From ranger with Apache License 2.0 | 4 votes |
|
@Test
public void testToVXResourceForTablesColumnsAndDatabase(){
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setName("/myDatabase/myTable/myColumn");
expectedVXResource.setTables("myTable");
expectedVXResource.setDatabases("myDatabase");
expectedVXResource.setColumns("myColumn");
expectedVXResource.setGuid(guidString);
expectedVXResource.setPolicyName("hive Policy");
expectedVXResource.setDescription("hive policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("hive");
expectedVXResource.setAssetType(3);
expectedVXResource.setResourceStatus(1);
expectedVXResource.setTableType(1);
expectedVXResource.setColumnType(1);
expectedVXResource.setAuditList(auditList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesListForTable = new ArrayList<String>();
valuesListForTable.add("myTable");
List<String> valuesListForColumn = new ArrayList<String>();
valuesListForColumn.add("myColumn");
List<String> valuesListForDatabase = new ArrayList<String>();
valuesListForDatabase.add("myDatabase");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("hive Policy");
policy.setService("hive");
policy.setDescription("hive policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("hive");
rangerService.setType("hive");
RangerPolicyResource rangerPolicyResourceForTable = new RangerPolicyResource();
rangerPolicyResourceForTable.setIsExcludes(true);
rangerPolicyResourceForTable.setIsRecursive(true);
rangerPolicyResourceForTable.setValue("table");
rangerPolicyResourceForTable.setValues(valuesListForTable);
rangerPolicyResourceMap.put("table", rangerPolicyResourceForTable);
RangerPolicyResource rangerPolicyResourceForColumn = new RangerPolicyResource();
rangerPolicyResourceForColumn.setIsExcludes(true);
rangerPolicyResourceForColumn.setIsRecursive(true);
rangerPolicyResourceForColumn.setValue("column");
rangerPolicyResourceForColumn.setValues(valuesListForColumn);
rangerPolicyResourceMap.put("column", rangerPolicyResourceForColumn);
RangerPolicyResource rangerPolicyResourceForDatabase = new RangerPolicyResource();
rangerPolicyResourceForDatabase.setIsExcludes(true);
rangerPolicyResourceForDatabase.setIsRecursive(true);
rangerPolicyResourceForDatabase.setValue("database");
rangerPolicyResourceForDatabase.setValues(valuesListForDatabase);
rangerPolicyResourceMap.put("database", rangerPolicyResourceForDatabase);
policy.setResources(rangerPolicyResourceMap);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getResourceStatus(), actualVXResource.getResourceStatus());
Assert.assertEquals(expectedVXResource.getTableType(), actualVXResource.getTableType());
Assert.assertEquals(expectedVXResource.getColumnType(), actualVXResource.getColumnType());
Assert.assertEquals(expectedVXResource.getTables(), actualVXResource.getTables());
Assert.assertEquals(expectedVXResource.getColumns(), actualVXResource.getColumns());
Assert.assertEquals(expectedVXResource.getDatabases(), actualVXResource.getDatabases());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
}
Example 20
| Source File: TestServiceUtil.java From ranger with Apache License 2.0 | 4 votes |
|
@Test
public void testToVXResourceForTopologyAndService(){
GUIDUtil guid = new GUIDUtil();
String guidString = guid.genGUID();
List<VXAuditMap> auditList = new ArrayList<VXAuditMap>();
VXAuditMap vxAuditMap = new VXAuditMap();
vxAuditMap.setResourceId(1L);
vxAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL);
auditList.add(vxAuditMap);
VXResource expectedVXResource = new VXResource();
expectedVXResource.setName("/myTopology/myService");
expectedVXResource.setTopologies("myTopology");
expectedVXResource.setServices("myService");
expectedVXResource.setGuid(guidString);
expectedVXResource.setPolicyName("knox Policy");
expectedVXResource.setDescription("knox policy description");
expectedVXResource.setResourceType(1);
expectedVXResource.setAssetName("knox");
expectedVXResource.setAssetType(5);
expectedVXResource.setResourceStatus(1);
expectedVXResource.setAuditList(auditList);
Map<String, RangerPolicyResource> rangerPolicyResourceMap = new HashMap<String, RangerPolicyResource>();
List<String> valuesListForTopology = new ArrayList<String>();
valuesListForTopology.add("myTopology");
List<String> valuesListForService = new ArrayList<String>();
valuesListForService.add("myService");
RangerPolicy policy = new RangerPolicy();
policy.setId(1L);
policy.setName("knox Policy");
policy.setService("knox");
policy.setDescription("knox policy description");
policy.setIsEnabled(true);
policy.setGuid(guidString);
policy.setIsAuditEnabled(true);
RangerService rangerService = new RangerService();
rangerService.setName("knox");
rangerService.setType("knox");
RangerPolicyResource rangerPolicyResourceForTopology = new RangerPolicyResource();
rangerPolicyResourceForTopology.setValue("topology");
rangerPolicyResourceForTopology.setValues(valuesListForTopology);
rangerPolicyResourceMap.put("topology", rangerPolicyResourceForTopology);
RangerPolicyResource rangerPolicyResourceForService = new RangerPolicyResource();
rangerPolicyResourceForService.setValue("service");
rangerPolicyResourceForService.setValues(valuesListForService);
rangerPolicyResourceMap.put("service", rangerPolicyResourceForService);
policy.setResources(rangerPolicyResourceMap);
VXResource actualVXResource = serviceUtil.toVXResource(policy, rangerService);
Assert.assertNotNull(actualVXResource);
Assert.assertEquals(expectedVXResource.getName(), actualVXResource.getName());
Assert.assertEquals(expectedVXResource.getGuid(), actualVXResource.getGuid());
Assert.assertEquals(expectedVXResource.getPolicyName(), actualVXResource.getPolicyName());
Assert.assertEquals(expectedVXResource.getResourceType(), actualVXResource.getResourceType());
Assert.assertEquals(expectedVXResource.getDescription(), actualVXResource.getDescription());
Assert.assertEquals(expectedVXResource.getAssetName(), actualVXResource.getAssetName());
Assert.assertEquals(expectedVXResource.getAssetType(), actualVXResource.getAssetType());
Assert.assertEquals(expectedVXResource.getResourceStatus(), actualVXResource.getResourceStatus());
Assert.assertEquals(expectedVXResource.getTopologies(), actualVXResource.getTopologies());
Assert.assertEquals(expectedVXResource.getServices(), actualVXResource.getServices());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getResourceId(), actualVXResource.getAuditList().get(0).getResourceId());
Assert.assertEquals(expectedVXResource.getAuditList().get(0).getAuditType(), actualVXResource.getAuditList().get(0).getAuditType());
}
