AMBARI-19935. Details of multi-condition Ranger Access policy are not visible in Hive View - Table Authorizations column. (dipayanb)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2ce10423 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2ce10423 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2ce10423 Branch: refs/heads/branch-feature-AMBARI-12556 Commit: 2ce10423190f999b794140a270601a62dc6b7f95 Parents: bc80665 Author: Dipayan Bhowmick <[email protected]> Authored: Fri Feb 10 14:59:33 2017 +0530 Committer: Dipayan Bhowmick <[email protected]> Committed: Fri Feb 10 15:00:03 2017 +0530 ---------------------------------------------------------------------- .../resources/system/ranger/RangerService.java | 32 ++++++++++----- .../databases/database/tables/table/auth.hbs | 41 ++++++++++++-------- 2 files changed, 47 insertions(+), 26 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce10423/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/system/ranger/RangerService.java ---------------------------------------------------------------------- diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/system/ranger/RangerService.java b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/system/ranger/RangerService.java index 9debe42..d300d9a 100644 --- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/system/ranger/RangerService.java +++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/system/ranger/RangerService.java @@ -137,8 +137,9 @@ public class RangerService { JSONArray policyItems = (JSONArray) policyJson.get("policyItems"); Policy policy = new Policy(name); - if (policyItems.size() > 0) { - JSONObject policyItem = (JSONObject) policyItems.get(0); + for(Object item: policyItems) { + PolicyCondition condition = new PolicyCondition(); + JSONObject policyItem = (JSONObject) item; JSONArray usersJson = (JSONArray) policyItem.get("users"); JSONArray groupsJson = (JSONArray) policyItem.get("groups"); JSONArray accesses = (JSONArray) policyItem.get("accesses"); @@ -148,19 +149,20 @@ public class RangerService { JSONObject access = (JSONObject) accessJson; Boolean isAllowed = (Boolean) access.get("isAllowed"); if (isAllowed) { - policy.addAccess((String) access.get("type")); + condition.addAccess((String) access.get("type")); } } for (Object user : usersJson) { - policy.addUser((String) user); + condition.addUser((String) user); } for (Object group : groupsJson) { - policy.addGroup((String) group); + condition.addGroup((String) group); } - } + policy.addCondition(condition); + } return policy; } @@ -266,9 +268,7 @@ public class RangerService { */ public static class Policy { private String name; - private List<String> users = new ArrayList<>(); - private List<String> groups = new ArrayList<>(); - private List<String> accesses = new ArrayList<>(); + private List<PolicyCondition> conditions = new ArrayList<>(); public Policy(String name) { this.name = name; @@ -282,6 +282,20 @@ public class RangerService { this.name = name; } + public List<PolicyCondition> getConditions() { + return conditions; + } + + public void addCondition(PolicyCondition condition) { + this.conditions.add(condition); + } + } + + public static class PolicyCondition { + private List<String> users = new ArrayList<>(); + private List<String> groups = new ArrayList<>(); + private List<String> accesses = new ArrayList<>(); + public List<String> getUsers() { return users; } http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce10423/contrib/views/hive20/src/main/resources/ui/app/templates/databases/database/tables/table/auth.hbs ---------------------------------------------------------------------- diff --git a/contrib/views/hive20/src/main/resources/ui/app/templates/databases/database/tables/table/auth.hbs b/contrib/views/hive20/src/main/resources/ui/app/templates/databases/database/tables/table/auth.hbs index 416f12f..e00eeb8 100644 --- a/contrib/views/hive20/src/main/resources/ui/app/templates/databases/database/tables/table/auth.hbs +++ b/contrib/views/hive20/src/main/resources/ui/app/templates/databases/database/tables/table/auth.hbs @@ -25,7 +25,7 @@ <table class="table table-bordered table-hover"> <thead> <tr> - <th width="20%">POLICY NAME</th> + <th width="20%"></th> <th width="25%">USERS</th> <th width="25%">GROUPS</th> <th width="30%">ACCESS</th> @@ -34,23 +34,30 @@ <tbody> {{#each model.policies as |policy|}} <tr> - <td>{{policy.name}}</td> - <td> - {{#each policy.users as |user|}} - <span class="label label-success">{{user}}</span> - {{/each}} - </td> - <td> - {{#each policy.groups as |group|}} - <span class="label label-success">{{group}}</span> - {{/each}} - </td> - <td> - {{#each policy.accesses as |access|}} - <span class="label label-success">{{access}}</span> - {{/each}} - </td> + <td colspan="4">Policy Name: <span class="text-primary"><strong>{{policy.name}}</strong></span></td> </tr> + {{#each policy.conditions as |condition index|}} + <tr> + <td>{{#if (eq index 0)}}<strong>Conditions:</strong>{{/if}}</td> + <td> + {{#each condition.users as |user|}} + <span class="label label-success">{{user}}</span> + {{/each}} + </td> + <td> + {{#each condition.groups as |group|}} + <span class="label label-success">{{group}}</span> + {{/each}} + </td> + <td> + {{#each condition.accesses as |access|}} + <span class="label label-success">{{access}}</span> + {{/each}} + </td> + </tr> + {{/each}} + + {{/each}} </tbody> </table>
