Java Code Examples for org.apache.ranger.plugin.model.RangerPolicy#setVersion()

The following examples show how to use org.apache.ranger.plugin.model.RangerPolicy#setVersion() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RangerServiceHdfs.java    From ranger with Apache License 2.0 5 votes vote down vote up
private RangerPolicy getPolicyForKMSAudit(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {

		if (LOG.isDebugEnabled()) {
			LOG.debug("==> RangerServiceHdfs.getPolicyForKMSAudit()");
		}

		RangerPolicy policy = new RangerPolicy();

		policy.setIsEnabled(true);
		policy.setVersion(1L);
		policy.setName(AUDITTOHDFS_POLICY_NAME);
		policy.setService(service.getName());
		policy.setDescription("Policy for " + AUDITTOHDFS_POLICY_NAME);
		policy.setIsAuditEnabled(true);
		policy.setResources(createKMSAuditResource(resourceHierarchy));

		List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
		//Create policy item for keyadmin
		RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
		List<String> userKeyAdmin = new ArrayList<String>();
		userKeyAdmin.add("keyadmin");
		policyItem.setUsers(userKeyAdmin);
		policyItem.setAccesses(getAllowedAccesses(policy.getResources()));
		policyItem.setDelegateAdmin(false);

		policyItems.add(policyItem);
		policy.setPolicyItems(policyItems);

		if (LOG.isDebugEnabled()) {
			LOG.debug("<== RangerServiceHdfs.getPolicyForKMSAudit()" + policy);
		}

		return policy;
	}
 
Example 2
Source File: PublicAPIs.java    From ranger with Apache License 2.0 5 votes vote down vote up
@PUT
@Path("/api/policy/{id}")
@Produces({ "application/json", "application/xml" })
public VXPolicy updatePolicy(VXPolicy vXPolicy, @PathParam("id") Long id) {
	
	if(logger.isDebugEnabled()) {
		logger.debug("==> PublicAPIs.updatePolicy(): "  + vXPolicy );
	}
	
	XXPolicy existing = daoMgr.getXXPolicy().getById(id);
	if(existing == null) {
		throw restErrorUtil.createRESTException("Policy not found for Id: " + id, MessageEnums.DATA_NOT_FOUND);
	}

	vXPolicy.setId(id);
	
	RangerService service = serviceREST.getServiceByName(vXPolicy.getRepositoryName());
	RangerPolicy  policy  = serviceUtil.toRangerPolicy(vXPolicy,service);

	VXPolicy ret = null;
	if(policy != null) {
		policy.setVersion(existing.getVersion());

		RangerPolicy  updatedPolicy = serviceREST.updatePolicy(policy);

		ret = serviceUtil.toVXPolicy(updatedPolicy, service);
	}

	if(logger.isDebugEnabled()) {
		logger.debug("<== PublicAPIs.updatePolicy(" + policy + "): " + ret);
	}

	return ret;
}
 
Example 3
Source File: RangerPolicyRetriever.java    From ranger with Apache License 2.0 5 votes vote down vote up
RangerPolicy getNextPolicy() {
	RangerPolicy ret = null;

	if (service != null && iterPolicy != null && iterPolicy.hasNext()) {
		XXPolicy xPolicy = iterPolicy.next();

		if (xPolicy != null) {
			String policyText = xPolicy.getPolicyText();

			ret = JsonUtils.jsonToObject(policyText, RangerPolicy.class);

			if (ret != null) {
				ret.setId(xPolicy.getId());
				ret.setGuid(xPolicy.getGuid());
				ret.setCreatedBy(lookupCache.getUserScreenName(xPolicy.getAddedByUserId()));
				ret.setUpdatedBy(lookupCache.getUserScreenName(xPolicy.getUpdatedByUserId()));
				ret.setCreateTime(xPolicy.getCreateTime());
				ret.setUpdateTime(xPolicy.getUpdateTime());
				ret.setVersion(xPolicy.getVersion());
				ret.setPolicyType(xPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xPolicy.getPolicyType());
				ret.setService(service.getName());
				ret.setServiceType(serviceDef.getName());
				ret.setZoneName(lookupCache.getSecurityZoneName(xPolicy.getZoneId()));
				updatePolicyReferenceFields(ret);
				getPolicyLabels(ret);
			}
		}
	}

	return ret;
}
 
Example 4
Source File: RangerBaseService.java    From ranger with Apache License 2.0 5 votes vote down vote up
private RangerPolicy getDefaultPolicy(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {

		if (LOG.isDebugEnabled()) {
			LOG.debug("==> RangerBaseService.getDefaultPolicy()");
		}

		RangerPolicy policy = new RangerPolicy();

		String policyName=buildPolicyName(resourceHierarchy);

		policy.setIsEnabled(true);
		policy.setVersion(1L);
		policy.setName(policyName);
		policy.setService(service.getName());
		policy.setDescription("Policy for " + policyName);
		policy.setIsAuditEnabled(true);
		policy.setResources(createDefaultPolicyResource(resourceHierarchy));

		List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
		//Create Default policy item for the service user
		RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(policy.getResources());
		policyItems.add(policyItem);
		policy.setPolicyItems(policyItems);

		if (LOG.isDebugEnabled()) {
			LOG.debug("<== RangerBaseService.getDefaultPolicy()" + policy);
		}

		return policy;
	}
 
Example 5
Source File: PatchForKafkaServiceDefUpdate_J10033.java    From ranger with Apache License 2.0 4 votes vote down vote up
private RangerPolicy getRangerPolicy(String newResource, XXPortalUser xxPortalUser, XXService xxService) {
	RangerPolicy policy = new RangerPolicy();

	List<RangerPolicy.RangerPolicyItemAccess> accesses = getPolicyItemAccesses();
	List<String> users = new ArrayList<>(DEFAULT_POLICY_USERS);
	List<String> groups = new ArrayList<>(DEFAULT_POLICY_GROUP);
	List<RangerPolicy.RangerPolicyItemCondition> conditions = new ArrayList<>();
	List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
	RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
	rangerPolicyItem.setAccesses(accesses);
	rangerPolicyItem.setConditions(conditions);
	rangerPolicyItem.setGroups(groups);
	rangerPolicyItem.setUsers(users);
	rangerPolicyItem.setDelegateAdmin(false);

	policyItems.add(rangerPolicyItem);

	Map<String, RangerPolicy.RangerPolicyResource> policyResource = new HashMap<>();
	RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
	rangerPolicyResource.setIsExcludes(false);
	rangerPolicyResource.setIsRecursive(false);
	rangerPolicyResource.setValue("*");
	String policyResourceName = CONSUMERGROUP_RESOURCE_NAME;
	policyResource.put(policyResourceName, rangerPolicyResource);
	policy.setCreateTime(new Date());
	policy.setDescription(newResource);
	policy.setIsEnabled(true);
	policy.setName(newResource);
	policy.setCreatedBy(xxPortalUser.getLoginId());
	policy.setUpdatedBy(xxPortalUser.getLoginId());
	policy.setUpdateTime(new Date());
	policy.setService(xxService.getName());
	policy.setIsAuditEnabled(true);
	policy.setPolicyItems(policyItems);
	policy.setResources(policyResource);
	policy.setPolicyType(0);
	policy.setId(0L);
	policy.setGuid("");
	policy.setPolicyLabels(new ArrayList<>());
	policy.setVersion(1L);
	RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(policy);
	policy.setResourceSignature(resourceSignature.getSignature());
	return policy;
}
 
Example 6
Source File: PatchForKafkaServiceDefUpdate_J10025.java    From ranger with Apache License 2.0 4 votes vote down vote up
private RangerPolicy getRangerPolicy(String newResource, XXPortalUser xxPortalUser, XXService xxService) {
	RangerPolicy policy = new RangerPolicy();

	List<RangerPolicy.RangerPolicyItemAccess> accesses = getPolicyItemAccesses();
	List<String> users = new ArrayList<>(DEFAULT_POLICY_USERS);
	List<String> groups = new ArrayList<>();
	List<RangerPolicy.RangerPolicyItemCondition> conditions = new ArrayList<>();
	List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
	RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
	rangerPolicyItem.setAccesses(accesses);
	rangerPolicyItem.setConditions(conditions);
	rangerPolicyItem.setGroups(groups);
	rangerPolicyItem.setUsers(users);
	rangerPolicyItem.setDelegateAdmin(false);

	policyItems.add(rangerPolicyItem);

	Map<String, RangerPolicy.RangerPolicyResource> policyResource = new HashMap<>();
	RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
	rangerPolicyResource.setIsExcludes(false);
	rangerPolicyResource.setIsRecursive(false);
	rangerPolicyResource.setValue("*");
	String policyResourceName = KAFKA_RESOURCE_CLUSTER;
	if ("all - delegationtoken".equals(newResource)) {
		policyResourceName = KAFKA_RESOURCE_DELEGATIONTOKEN;
	}
	policyResource.put(policyResourceName, rangerPolicyResource);
	policy.setCreateTime(new Date());
	policy.setDescription(newResource);
	policy.setIsEnabled(true);
	policy.setName(newResource);
	policy.setCreatedBy(xxPortalUser.getLoginId());
	policy.setUpdatedBy(xxPortalUser.getLoginId());
	policy.setUpdateTime(new Date());
	policy.setService(xxService.getName());
	policy.setIsAuditEnabled(true);
	policy.setPolicyItems(policyItems);
	policy.setResources(policyResource);
	policy.setPolicyType(0);
	policy.setId(0L);
	policy.setGuid("");
	policy.setPolicyLabels(new ArrayList<>());
	policy.setVersion(1L);
	RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(policy);
	policy.setResourceSignature(resourceSignature.getSignature());
	return policy;
}
 
Example 7
Source File: RangerBaseService.java    From ranger with Apache License 2.0 4 votes vote down vote up
private void addCustomRangerDefaultPolicies(List<RangerPolicy> ret, Map<String, RangerPolicy.RangerPolicyResource> policyResourceMap, String policyPropertyPrefix) throws Exception {
	String policyName  = configs.get(policyPropertyPrefix + PROP_DEFAULT_POLICY_NAME_SUFFIX);
	String description = configs.get(policyPropertyPrefix + "description");

	if (StringUtils.isEmpty(description)) {
		description = "Policy for " + policyName;
	}

	RangerPolicy policy = new RangerPolicy();

	policy.setName(policyName);
	policy.setIsEnabled(true);
	policy.setVersion(1L);
	policy.setIsAuditEnabled(true);
	policy.setService(serviceName);
	policy.setDescription(description);
	policy.setName(policyName);
	policy.setResources(policyResourceMap);

	for (int i = 1; ; i++) {
		String policyItemPropertyPrefix = policyPropertyPrefix + "policyItem." + i + ".";
		String policyItemUsers          = configs.get(policyItemPropertyPrefix + "users");
		String policyItemGroups         = configs.get(policyItemPropertyPrefix + "groups");
		String policyItemRoles          = configs.get(policyItemPropertyPrefix + "roles");
		String policyItemAccessTypes    = configs.get(policyItemPropertyPrefix + "accessTypes");
		String isDelegateAdmin          = configs.get(policyItemPropertyPrefix + "isDelegateAdmin");

		if (StringUtils.isEmpty(policyItemAccessTypes) ||
			(StringUtils.isEmpty(policyItemUsers) && StringUtils.isEmpty(policyItemGroups) && StringUtils.isEmpty(policyItemRoles))) {

			break;
		}

		RangerPolicyItem policyItem = new RangerPolicyItem();

		policyItem.setDelegateAdmin(Boolean.parseBoolean(isDelegateAdmin));

		if (StringUtils.isNotBlank(policyItemUsers)) {
			policyItem.setUsers(Arrays.asList(policyItemUsers.split(",")));
		}

		if (StringUtils.isNotBlank(policyItemGroups)) {
			policyItem.setGroups(Arrays.asList(policyItemGroups.split(",")));
		}

		if (StringUtils.isNotBlank(policyItemRoles)) {
			policyItem.setRoles(Arrays.asList(policyItemRoles.split(",")));
		}

		if (StringUtils.isNotBlank(policyItemAccessTypes)) {
			for (String accessType : Arrays.asList(policyItemAccessTypes.split(","))) {
				RangerPolicyItemAccess polAccess = new RangerPolicyItemAccess(accessType, true);

				policyItem.getAccesses().add(polAccess);
			}
		}

		policy.getPolicyItems().add(policyItem);
	}

	LOG.info(getServiceName() + ": adding default policy: name=" +  policy.getName());

	ret.add(policy);
}