Java Code Examples for org.apache.ranger.plugin.model.RangerServiceDef#RangerAccessTypeDef
The following examples show how to use
org.apache.ranger.plugin.model.RangerServiceDef#RangerAccessTypeDef .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PatchForAtlasServiceDefUpdate_J10013.java From ranger with Apache License 2.0 | 6 votes |
|
private boolean updateTagAccessTypeDefs(List<RangerServiceDef.RangerAccessTypeDef> svcDefAccessTypes,
List<RangerServiceDef.RangerAccessTypeDef> tagDefAccessTypes, long itemIdOffset, String prefix,String newPrefix) {
List<RangerServiceDef.RangerAccessTypeDef> toUpdate = new ArrayList<>();
for (RangerServiceDef.RangerAccessTypeDef tagAccessType : tagDefAccessTypes) {
if (tagAccessType.getName().startsWith(prefix)) {
long svcAccessTypeItemId = tagAccessType.getItemId() - itemIdOffset;
RangerServiceDef.RangerAccessTypeDef svcAccessType = findAccessTypeDef(svcAccessTypeItemId,svcDefAccessTypes);
if (svcAccessType != null) {
if (updateTagAccessTypeDef(tagAccessType, svcAccessType, newPrefix)) {
toUpdate.add(tagAccessType);
}
}
}
}
boolean updateNeeded = false;
if (CollectionUtils.isNotEmpty(toUpdate)) {
updateNeeded = true;
}
return updateNeeded;
}
Example 2
| Source File: RangerOptimizedPolicyEvaluator.java From ranger with Apache License 2.0 | 6 votes |
|
private boolean checkIfHasAllPerms() {
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerOptimizedPolicyEvaluator.checkIfHasAllPerms()");
}
boolean result = true;
if (getPolicy().getIsDenyAllElse()) {
hasAllPerms = true;
} else {
List<RangerServiceDef.RangerAccessTypeDef> serviceAccessTypes = getServiceDef().getAccessTypes();
for (RangerServiceDef.RangerAccessTypeDef serviceAccessType : serviceAccessTypes) {
if (!accessPerms.contains(serviceAccessType.getName())) {
result = false;
break;
}
}
}
if(LOG.isDebugEnabled()) {
LOG.debug("==> RangerOptimizedPolicyEvaluator.checkIfHasAllPerms(), " + result);
}
return result;
}
Example 3
| Source File: AbstractServiceStore.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerServiceDef.RangerAccessTypeDef findAccessTypeDef(long itemId, List<RangerServiceDef.RangerAccessTypeDef> accessTypeDefs) {
RangerServiceDef.RangerAccessTypeDef ret = null;
for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : accessTypeDefs) {
if (itemId == accessTypeDef.getItemId()) {
ret = accessTypeDef;
break;
}
}
return ret;
}
Example 4
| Source File: PatchForAtlasResourceAndAccessTypeUpdate_J10016.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean checkAccessPresent(List<RangerAccessTypeDef> embeddedAtlasAccessTypes) {
boolean ret = false;
for (RangerServiceDef.RangerAccessTypeDef accessDef : embeddedAtlasAccessTypes) {
if (ATLAS_ACCESS_TYPES.contains(accessDef.getName())) {
ret = true;
break;
}
}
return ret;
}
Example 5
| Source File: TestServiceREST.java From ranger with Apache License 2.0 | 5 votes |
|
@Test
public void test17updatePolicyFalse() throws Exception {
RangerPolicy rangerPolicy = rangerPolicy();
String userName = "admin";
Set<String> userGroupsList = new HashSet<String>();
userGroupsList.add("group1");
userGroupsList.add("group2");
List<RangerAccessTypeDef> rangerAccessTypeDefList = new ArrayList<RangerServiceDef.RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
rangerAccessTypeDefObj.setRbKeyLabel(null);
rangerAccessTypeDefList.add(rangerAccessTypeDefObj);
XXServiceDef xServiceDef = serviceDef();
XXService xService = xService();
XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
Mockito.when(validatorFactory.getPolicyValidator(svcStore)).thenReturn(
policyValidator);
Mockito.when(bizUtil.isAdmin()).thenReturn(true);
Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
Mockito.when(xServiceDao.findByName(Mockito.anyString())).thenReturn(xService);
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(xServiceDef);
RangerPolicy dbRangerPolicy = serviceREST.updatePolicy(rangerPolicy);
Assert.assertNull(dbRangerPolicy);
Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
}
Example 6
| Source File: PatchForHiveServiceDefUpdate_J10017.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean updateServiceDef(RangerServiceDef serviceDef, RangerServiceDef embeddedHiveServiceDef ) throws Exception {
boolean ret = false;
List<RangerServiceDef.RangerResourceDef> embeddedHiveResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedHiveAccessTypes = null;
embeddedHiveResourceDefs = embeddedHiveServiceDef.getResources();
embeddedHiveAccessTypes = embeddedHiveServiceDef.getAccessTypes();
if (checkHiveGlobalresourcePresent(embeddedHiveResourceDefs)) {
// This is to check if HIVESERVICE def is added to the resource definition, if so update the resource def and accessType def
if (embeddedHiveResourceDefs != null) {
serviceDef.setResources(embeddedHiveResourceDefs);
}
if (embeddedHiveAccessTypes != null) {
if(!embeddedHiveAccessTypes.toString().equalsIgnoreCase(serviceDef.getAccessTypes().toString())) {
serviceDef.setAccessTypes(embeddedHiveAccessTypes);
}
}
ret = true;
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(serviceDef, Action.UPDATE);
svcStore.updateServiceDef(serviceDef);
return ret;
}
Example 7
| Source File: AbstractServiceStore.java From ranger with Apache License 2.0 | 5 votes |
|
private void updateTagServiceDefForDeletingDataMaskDef(RangerServiceDef tagServiceDef, String serviceDefName) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> AbstractServiceStore.updateTagServiceDefForDeletingDataMaskDef(" + serviceDefName + ")");
}
RangerServiceDef.RangerDataMaskDef tagDataMaskDef = tagServiceDef.getDataMaskDef();
if (tagDataMaskDef == null) {
return;
}
String prefix = serviceDefName + COMPONENT_ACCESSTYPE_SEPARATOR;
List<RangerServiceDef.RangerAccessTypeDef> accessTypes = new ArrayList<>();
for (RangerServiceDef.RangerAccessTypeDef accessType : tagDataMaskDef.getAccessTypes()) {
if (accessType.getName().startsWith(prefix)) {
accessTypes.add(accessType);
}
}
List<RangerServiceDef.RangerDataMaskTypeDef> maskTypes = new ArrayList<>();
for (RangerServiceDef.RangerDataMaskTypeDef maskType : tagDataMaskDef.getMaskTypes()) {
if (maskType.getName().startsWith(prefix)) {
maskTypes.add(maskType);
}
}
tagDataMaskDef.getAccessTypes().removeAll(accessTypes);
tagDataMaskDef.getMaskTypes().removeAll(maskTypes);
if (LOG.isDebugEnabled()) {
LOG.debug("<== AbstractServiceStore.updateTagServiceDefForDeletingDataMaskDef(" + serviceDefName + ")");
}
}
Example 8
| Source File: PatchForHiveServiceDefUpdate_J10010.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean updateServiceDef(RangerServiceDef serviceDef, RangerServiceDef embeddedHiveServiceDef ) throws Exception {
boolean ret = false;
List<RangerServiceDef.RangerResourceDef> embeddedHiveResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedHiveAccessTypes = null;
embeddedHiveResourceDefs = embeddedHiveServiceDef.getResources();
embeddedHiveAccessTypes = embeddedHiveServiceDef.getAccessTypes();
if (checkHiveServiceresourcePresent(embeddedHiveResourceDefs)) {
// This is to check if HIVESERVICE def is added to the resource definition, if so update the resource def and accessType def
if (embeddedHiveResourceDefs != null) {
serviceDef.setResources(embeddedHiveResourceDefs);
}
if (embeddedHiveAccessTypes != null) {
if(!embeddedHiveAccessTypes.toString().equalsIgnoreCase(serviceDef.getAccessTypes().toString())) {
serviceDef.setAccessTypes(embeddedHiveAccessTypes);
}
}
ret = true;
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(serviceDef, Action.UPDATE);
svcStore.updateServiceDef(serviceDef);
return ret;
}
Example 9
| Source File: PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.java From ranger with Apache License 2.0 | 5 votes |
|
private void addResourceEntityLabelAndEntityBusinessMetadataInServiceDef() throws Exception {
RangerServiceDef ret = null;
RangerServiceDef embeddedAtlasServiceDef = null;
XXServiceDef xXServiceDefObj = null;
RangerServiceDef dbAtlasServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedAtlasResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedAtlasAccessTypes = null;
embeddedAtlasServiceDef = EmbeddedServiceDefsUtil.instance()
.getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
if (embeddedAtlasServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef()
.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
if (xXServiceDefObj == null) {
logger.info(xXServiceDefObj + ": service-def not found. No patching is needed");
return;
}
dbAtlasServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
embeddedAtlasResourceDefs = embeddedAtlasServiceDef.getResources();
embeddedAtlasAccessTypes = embeddedAtlasServiceDef.getAccessTypes();
if (checkResourcePresent(embeddedAtlasResourceDefs)) {
dbAtlasServiceDef.setResources(embeddedAtlasResourceDefs);
if (checkAccessPresent(embeddedAtlasAccessTypes)) {
dbAtlasServiceDef.setAccessTypes(embeddedAtlasAccessTypes);
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbAtlasServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbAtlasServiceDef);
if (ret == null) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME
+ " service-def");
throw new RuntimeException("Error while updating "
+ EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME + " service-def");
}
}
}
Example 10
| Source File: PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean checkAccessPresent(List<RangerAccessTypeDef> embeddedAtlasAccessTypes) {
boolean ret = false;
for (RangerServiceDef.RangerAccessTypeDef accessDef : embeddedAtlasAccessTypes) {
if (ATLAS_ACCESS_TYPES.contains(accessDef.getName())) {
ret = true;
break;
}
}
return ret;
}
Example 11
| Source File: AbstractServiceStore.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean updateTagServiceDefForUpdatingRowFilterDef(RangerServiceDef tagServiceDef, RangerServiceDef serviceDef, long itemIdOffset, String prefix) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> AbstractServiceStore.updateTagServiceDefForUpdatingRowFilterDef(" + serviceDef.getName() + ")");
}
boolean ret = false;
boolean autopropagateRowfilterdefToTag = config.getBoolean(AUTOPROPAGATE_ROWFILTERDEF_TO_TAG_PROP, AUTOPROPAGATE_ROWFILTERDEF_TO_TAG_PROP_DEFAULT);
if (autopropagateRowfilterdefToTag) {
RangerServiceDef.RangerRowFilterDef svcRowFilterDef = serviceDef.getRowFilterDef();
RangerServiceDef.RangerRowFilterDef tagRowFilterDef = tagServiceDef.getRowFilterDef();
List<RangerServiceDef.RangerAccessTypeDef> svcDefAccessTypes = svcRowFilterDef.getAccessTypes();
List<RangerServiceDef.RangerAccessTypeDef> tagDefAccessTypes = tagRowFilterDef.getAccessTypes();
boolean tagRowFilterAccessTypesUpdated = updateTagAccessTypeDefs(svcDefAccessTypes, tagDefAccessTypes, itemIdOffset, prefix);
if (tagRowFilterAccessTypesUpdated) {
tagRowFilterDef.setAccessTypes(tagDefAccessTypes);
ret = true;
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== AbstractServiceStore.updateTagServiceDefForUpdatingRowFilterDef(" + serviceDef.getName() + ") : " + ret);
}
return ret;
}
Example 12
| Source File: PatchForAtlasServiceDefUpdate_J10013.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerServiceDef.RangerAccessTypeDef findAccessTypeDef(long itemId, List<RangerServiceDef.RangerAccessTypeDef> accessTypeDefs) {
RangerServiceDef.RangerAccessTypeDef ret = null;
for (RangerServiceDef.RangerAccessTypeDef accessTypeDef : accessTypeDefs) {
if (itemId == accessTypeDef.getItemId()) {
ret = accessTypeDef;
break;
}
}
return ret;
}
Example 13
| Source File: PatchForPrestoToSupportPresto333_J10038.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean checkAccessPresent(List<String> accesses, List<RangerServiceDef.RangerAccessTypeDef> embeddedAtlasAccessTypes) {
boolean ret = false;
for (RangerServiceDef.RangerAccessTypeDef accessDef : embeddedAtlasAccessTypes) {
if (accesses.contains(accessDef.getName())) {
ret = true;
break;
}
}
return ret;
}
Example 14
| Source File: PatchForHiveServiceDefUpdate_J10009.java From ranger with Apache License 2.0 | 5 votes |
|
private boolean checkHiveAccessType(List<RangerServiceDef.RangerAccessTypeDef> embeddedHiveAccessTypes) {
boolean ret = false;
for (RangerServiceDef.RangerAccessTypeDef embeddedHiveAccessType : embeddedHiveAccessTypes) {
if ( embeddedHiveAccessType.getName().equals("repladmin") ) {
ret = true;
break;
}
}
return ret;
}
Example 15
| Source File: TestServiceREST.java From ranger with Apache License 2.0 | 5 votes |
|
@Test
public void test18deletePolicyFalse() throws Exception {
RangerPolicy rangerPolicy = rangerPolicy();
Mockito.when(validatorFactory.getPolicyValidator(svcStore)).thenReturn(
policyValidator);
String userName = "admin";
Set<String> userGroupsList = new HashSet<String>();
userGroupsList.add("group1");
userGroupsList.add("group2");
List<RangerAccessTypeDef> rangerAccessTypeDefList = new ArrayList<RangerServiceDef.RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
rangerAccessTypeDefObj.setRbKeyLabel(null);
rangerAccessTypeDefList.add(rangerAccessTypeDefObj);
XXServiceDef xServiceDef = serviceDef();
XXService xService = xService();
XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
Mockito.when(validatorFactory.getPolicyValidator(svcStore)).thenReturn(
policyValidator);
Mockito.when(bizUtil.isAdmin()).thenReturn(true);
Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
Mockito.when(svcStore.getPolicy(Id)).thenReturn(rangerPolicy);
Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
Mockito.when(xServiceDao.findByName(Mockito.anyString())).thenReturn(xService);
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(xServiceDef);
serviceREST.deletePolicy(rangerPolicy.getId());
Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
}
Example 16
| Source File: PatchForPrestoToSupportPresto333_J10038.java From ranger with Apache License 2.0 | 4 votes |
|
private void addPresto333Support() throws Exception {
RangerServiceDef ret = null;
RangerServiceDef embeddedPrestoServiceDef = null;
XXServiceDef xXServiceDefObj = null;
RangerServiceDef dbPrestoServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedPrestoResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedPrestoAccessTypes = null;
embeddedPrestoServiceDef = EmbeddedServiceDefsUtil.instance()
.getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
if (embeddedPrestoServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef()
.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
if (xXServiceDefObj == null) {
logger.info(xXServiceDefObj + ": service-def not found. No patching is needed");
return;
}
dbPrestoServiceDef = svcDBStore.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_PRESTO_NAME);
embeddedPrestoResourceDefs = embeddedPrestoServiceDef.getResources();
embeddedPrestoAccessTypes = embeddedPrestoServiceDef.getAccessTypes();
if (checkResourcePresent(PRESTO_RESOURCES, embeddedPrestoResourceDefs)) {
dbPrestoServiceDef.setResources(embeddedPrestoResourceDefs);
if (checkAccessPresent(PRESTO_ACCESS_TYPES, embeddedPrestoAccessTypes)) {
dbPrestoServiceDef.setAccessTypes(embeddedPrestoAccessTypes);
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbPrestoServiceDef, RangerValidator.Action.UPDATE);
ret = svcStore.updateServiceDef(dbPrestoServiceDef);
if (ret == null) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME
+ " service-def");
throw new RuntimeException("Error while updating "
+ EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME + " service-def");
}
}
}
Example 17
| Source File: TestServiceREST.java From ranger with Apache License 2.0 | 4 votes |
|
@Test
public void test16createPolicyFalse() throws Exception {
RangerPolicy rangerPolicy = rangerPolicy();
RangerServiceDef rangerServiceDef = rangerServiceDef();
List<RangerPolicy> policies = new ArrayList<RangerPolicy>();
RangerPolicy rangPolicy = new RangerPolicy();
policies.add(rangPolicy);
String userName = "admin";
Set<String> userGroupsList = new HashSet<String>();
userGroupsList.add("group1");
userGroupsList.add("group2");
ServicePolicies servicePolicies = new ServicePolicies();
servicePolicies.setServiceId(Id);
servicePolicies.setServiceName("Hdfs_1");
servicePolicies.setPolicyVersion(1L);
servicePolicies.setPolicyUpdateTime(new Date());
servicePolicies.setServiceDef(rangerServiceDef);
servicePolicies.setPolicies(policies);
List<RangerAccessTypeDef> rangerAccessTypeDefList = new ArrayList<RangerServiceDef.RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
rangerAccessTypeDefObj.setRbKeyLabel(null);
rangerAccessTypeDefList.add(rangerAccessTypeDefObj);
XXServiceDef xServiceDef = serviceDef();
XXService xService = xService();
XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class);
XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
Mockito.when(validatorFactory.getPolicyValidator(svcStore)).thenReturn(
policyValidator);
Mockito.when(bizUtil.isAdmin()).thenReturn(true);
Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
Mockito.when(xServiceDao.findByName(Mockito.anyString())).thenReturn(
xService);
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(
xServiceDef);
Mockito.when(svcStore.createPolicy((RangerPolicy) Mockito.any()))
.thenReturn(rangPolicy);
RangerPolicy dbRangerPolicy = serviceREST.createPolicy(rangerPolicy,null);
Assert.assertNotNull(dbRangerPolicy);
Mockito.verify(bizUtil, Mockito.times(2)).isAdmin();
Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
Mockito.verify(daoManager).getXXService();
Mockito.verify(daoManager).getXXServiceDef();
}
Example 18
| Source File: PatchForKafkaServiceDefUpdate_J10025.java From ranger with Apache License 2.0 | 4 votes |
|
private void updateKafkaServiceDef(){
RangerServiceDef ret = null;
RangerServiceDef embeddedKafkaServiceDef = null;
RangerServiceDef dbKafkaServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedKafkaResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedKafkaAccessTypes = null;
XXServiceDef xXServiceDefObj = null;
try{
embeddedKafkaServiceDef=EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(embeddedKafkaServiceDef!=null){
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
Map<String, String> serviceDefOptionsPreUpdate=null;
String jsonStrPreUpdate=null;
if(xXServiceDefObj!=null) {
jsonStrPreUpdate=xXServiceDefObj.getDefOptions();
serviceDefOptionsPreUpdate=jsonStringToMap(jsonStrPreUpdate);
xXServiceDefObj=null;
}
dbKafkaServiceDef=svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(dbKafkaServiceDef!=null){
embeddedKafkaResourceDefs = embeddedKafkaServiceDef.getResources();
embeddedKafkaAccessTypes = embeddedKafkaServiceDef.getAccessTypes();
if (checkNewKafkaresourcePresent(embeddedKafkaResourceDefs)) {
// This is to check if CLUSTER resource is added to the resource definition, if so update the resource def and accessType def
if (embeddedKafkaResourceDefs != null) {
dbKafkaServiceDef.setResources(embeddedKafkaResourceDefs);
}
if (embeddedKafkaAccessTypes != null) {
if(!embeddedKafkaAccessTypes.toString().equalsIgnoreCase(dbKafkaServiceDef.getAccessTypes().toString())) {
dbKafkaServiceDef.setAccessTypes(embeddedKafkaAccessTypes);
}
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbKafkaServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbKafkaServiceDef);
if(ret==null){
logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def");
throw new RuntimeException("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def");
}
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(xXServiceDefObj!=null) {
String jsonStrPostUpdate=xXServiceDefObj.getDefOptions();
Map<String, String> serviceDefOptionsPostUpdate=jsonStringToMap(jsonStrPostUpdate);
if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
if(serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
if (preUpdateValue == null) {
serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
} else {
serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
}
xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
daoMgr.getXXServiceDef().update(xXServiceDefObj);
}
}
createDefaultPolicyForNewResources();
}
}
}
}catch(Exception e)
{
logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def", e);
}
}
Example 19
| Source File: PatchForKafkaServiceDefUpdate_J10015.java From ranger with Apache License 2.0 | 4 votes |
|
private void updateHiveServiceDef(){
RangerServiceDef ret = null;
RangerServiceDef embeddedKafkaServiceDef = null;
RangerServiceDef dbKafkaServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedKafkaResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedKafkaAccessTypes = null;
XXServiceDef xXServiceDefObj = null;
try{
embeddedKafkaServiceDef=EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(embeddedKafkaServiceDef!=null){
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
Map<String, String> serviceDefOptionsPreUpdate=null;
String jsonStrPreUpdate=null;
if(xXServiceDefObj!=null) {
jsonStrPreUpdate=xXServiceDefObj.getDefOptions();
serviceDefOptionsPreUpdate=jsonStringToMap(jsonStrPreUpdate);
xXServiceDefObj=null;
}
dbKafkaServiceDef=svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(dbKafkaServiceDef!=null){
embeddedKafkaResourceDefs = embeddedKafkaServiceDef.getResources();
embeddedKafkaAccessTypes = embeddedKafkaServiceDef.getAccessTypes();
if (checkNewKafkaresourcePresent(embeddedKafkaResourceDefs)) {
// This is to check if URL def is added to the resource definition, if so update the resource def and accessType def
if (embeddedKafkaResourceDefs != null) {
dbKafkaServiceDef.setResources(embeddedKafkaResourceDefs);
}
if (embeddedKafkaAccessTypes != null) {
if(!embeddedKafkaAccessTypes.toString().equalsIgnoreCase(dbKafkaServiceDef.getAccessTypes().toString())) {
dbKafkaServiceDef.setAccessTypes(embeddedKafkaAccessTypes);
}
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbKafkaServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbKafkaServiceDef);
if(ret==null){
logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def");
throw new RuntimeException("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def");
}
xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME);
if(xXServiceDefObj!=null) {
String jsonStrPostUpdate=xXServiceDefObj.getDefOptions();
Map<String, String> serviceDefOptionsPostUpdate=jsonStringToMap(jsonStrPostUpdate);
if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
if(serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES)) {
String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
if (preUpdateValue == null) {
serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
} else {
serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES, preUpdateValue);
}
xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
daoMgr.getXXServiceDef().update(xXServiceDefObj);
}
}
}
}
}
}catch(Exception e)
{
logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_KAFKA_NAME+"service-def", e);
}
}
Example 20
| Source File: PatchForAtlasResourceAndAccessTypeUpdate_J10016.java From ranger with Apache License 2.0 | 4 votes |
|
private void updateAtlasResourceAndAccessType() {
RangerServiceDef ret = null;
RangerServiceDef embeddedAtlasServiceDef = null;
XXServiceDef xXServiceDefObj = null;
RangerServiceDef dbAtlasServiceDef = null;
List<RangerServiceDef.RangerResourceDef> embeddedAtlasResourceDefs = null;
List<RangerServiceDef.RangerAccessTypeDef> embeddedAtlasAccessTypes = null;
try {
embeddedAtlasServiceDef = EmbeddedServiceDefsUtil.instance()
.getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
if (embeddedAtlasServiceDef != null) {
xXServiceDefObj = daoMgr.getXXServiceDef()
.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
if (xXServiceDefObj == null) {
logger.info(xXServiceDefObj + ": service-def not found. No patching is needed");
return;
}
dbAtlasServiceDef = svcDBStore
.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
embeddedAtlasResourceDefs = embeddedAtlasServiceDef.getResources();
embeddedAtlasAccessTypes = embeddedAtlasServiceDef.getAccessTypes();
if (checkResourcePresent(embeddedAtlasResourceDefs)) {
dbAtlasServiceDef.setResources(embeddedAtlasResourceDefs);
if (checkAccessPresent(embeddedAtlasAccessTypes)) {
dbAtlasServiceDef.setAccessTypes(embeddedAtlasAccessTypes);
}
}
RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
validator.validate(dbAtlasServiceDef, Action.UPDATE);
ret = svcStore.updateServiceDef(dbAtlasServiceDef);
if (ret == null) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME
+ " service-def");
throw new RuntimeException("Error while updating "
+ EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME + " service-def");
} else {
createDefaultPolicyToExistingService();
updatePolicyForRelationshipType();
}
}
} catch (Exception e) {
logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME + " service-def",e);
}
}
