http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/discovery/EntityLineageService.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/discovery/EntityLineageService.java b/repository/src/main/java/org/apache/atlas/discovery/EntityLineageService.java index 9e18dfb..ec4125d 100644 --- a/repository/src/main/java/org/apache/atlas/discovery/EntityLineageService.java +++ b/repository/src/main/java/org/apache/atlas/discovery/EntityLineageService.java @@ -22,15 +22,17 @@ package org.apache.atlas.discovery; import org.apache.atlas.AtlasClient; import org.apache.atlas.AtlasErrorCode; import org.apache.atlas.annotation.GraphTransaction; +import org.apache.atlas.authorize.AtlasAuthorizationUtils; +import org.apache.atlas.authorize.AtlasEntityAccessRequest; +import org.apache.atlas.authorize.AtlasPrivilege; import org.apache.atlas.exception.AtlasBaseException; import org.apache.atlas.model.instance.AtlasEntity; +import org.apache.atlas.model.instance.AtlasEntity.AtlasEntityWithExtInfo; import org.apache.atlas.model.instance.AtlasEntityHeader; import org.apache.atlas.model.instance.AtlasObjectId; import org.apache.atlas.model.lineage.AtlasLineageInfo; import org.apache.atlas.model.lineage.AtlasLineageInfo.LineageDirection; import org.apache.atlas.model.lineage.AtlasLineageInfo.LineageRelation; -import org.apache.atlas.repository.Constants; -import org.apache.atlas.repository.graph.GraphHelper; import org.apache.atlas.repository.graphdb.AtlasGraph; import org.apache.atlas.repository.graphdb.AtlasVertex; import org.apache.atlas.repository.store.graph.v1.AtlasGraphUtilsV1; @@ -80,8 +82,14 @@ public class EntityLineageService implements AtlasLineageService { public AtlasLineageInfo getAtlasLineageInfo(String guid, LineageDirection direction, int depth) throws AtlasBaseException { AtlasLineageInfo lineageInfo; - if (!entityExists(guid)) { - throw new AtlasBaseException(AtlasErrorCode.INSTANCE_GUID_NOT_FOUND, guid); + AtlasEntityHeader entity = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(atlasTypeRegistry, AtlasPrivilege.ENTITY_READ, entity), "read entity lineage: guid=", guid); + + AtlasEntityType entityType = atlasTypeRegistry.getEntityTypeByName(entity.getTypeName()); + + if (entityType == null || !entityType.getTypeAndAllSuperTypes().contains(AtlasClient.DATA_SET_SUPER_TYPE)) { + throw new AtlasBaseException(AtlasErrorCode.INSTANCE_GUID_NOT_DATASET, guid); } if (direction != null) { @@ -129,10 +137,14 @@ public class EntityLineageService implements AtlasLineageService { ret.setDataType(AtlasTypeUtil.toClassTypeDefinition(hive_column)); - AtlasEntity.AtlasEntityWithExtInfo entityWithExtInfo = entityRetriever.toAtlasEntityWithExtInfo(guid); - AtlasEntity entity = entityWithExtInfo.getEntity(); - Map<String, AtlasEntity> referredEntities = entityWithExtInfo.getReferredEntities(); - List<String> columnIds = getColumnIds(entity); + AtlasEntityWithExtInfo entityWithExtInfo = entityRetriever.toAtlasEntityWithExtInfo(guid); + AtlasEntity entity = entityWithExtInfo.getEntity(); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(atlasTypeRegistry, AtlasPrivilege.ENTITY_READ, new AtlasEntityHeader(entity)), + "read entity schema: guid=", guid); + + Map<String, AtlasEntity> referredEntities = entityWithExtInfo.getReferredEntities(); + List<String> columnIds = getColumnIds(entity); if (MapUtils.isNotEmpty(referredEntities)) { List<Map<String, Object>> rows = referredEntities.entrySet() @@ -244,21 +256,4 @@ public class EntityLineageService implements AtlasLineageService { } return lineageQuery; } - - private boolean entityExists(String guid) { - boolean ret = false; - Iterator<AtlasVertex> results = graph.query() - .has(Constants.GUID_PROPERTY_KEY, guid) - .vertices().iterator(); - - while (results.hasNext()) { - AtlasVertex entityVertex = results.next(); - List<String> superTypes = GraphHelper.getSuperTypeNames(entityVertex); - - ret = (CollectionUtils.isNotEmpty(superTypes)) && superTypes.contains(AtlasClient.DATA_SET_SUPER_TYPE); - } - - return ret; - } - } \ No newline at end of file
http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java index 8214cea..be48372 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasClassificationDefStoreV1.java @@ -19,6 +19,9 @@ package org.apache.atlas.repository.store.graph.v1; import org.apache.atlas.AtlasErrorCode; +import org.apache.atlas.authorize.AtlasPrivilege; +import org.apache.atlas.authorize.AtlasAuthorizationUtils; +import org.apache.atlas.authorize.AtlasTypeAccessRequest; import org.apache.atlas.exception.AtlasBaseException; import org.apache.atlas.model.typedef.AtlasClassificationDef; import org.apache.atlas.repository.Constants; @@ -83,12 +86,13 @@ class AtlasClassificationDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasClassif } @Override - public AtlasClassificationDef create(AtlasClassificationDef classificationDef, AtlasVertex preCreateResult) - throws AtlasBaseException { + public AtlasClassificationDef create(AtlasClassificationDef classificationDef, AtlasVertex preCreateResult) throws AtlasBaseException { if (LOG.isDebugEnabled()) { LOG.debug("==> AtlasClassificationDefStoreV1.create({}, {})", classificationDef, preCreateResult); } + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, classificationDef), "create classification-def ", classificationDef.getName()); + AtlasVertex vertex = (preCreateResult == null) ? preCreate(classificationDef) : preCreateResult; updateVertexAddReferences(classificationDef, vertex); @@ -190,6 +194,10 @@ class AtlasClassificationDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasClassif LOG.debug("==> AtlasClassificationDefStoreV1.updateByName({}, {})", name, classificationDef); } + AtlasClassificationDef existingDef = typeRegistry.getClassificationDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update classification-def ", name); + validateType(classificationDef); AtlasType type = typeRegistry.getType(classificationDef.getName()); @@ -222,6 +230,10 @@ class AtlasClassificationDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasClassif LOG.debug("==> AtlasClassificationDefStoreV1.updateByGuid({})", guid); } + AtlasClassificationDef existingDef = typeRegistry.getClassificationDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update classification-def ", (existingDef != null ? existingDef.getName() : guid)); + validateType(classificationDef); AtlasType type = typeRegistry.getTypeByGuid(guid); @@ -254,6 +266,10 @@ class AtlasClassificationDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasClassif LOG.debug("==> AtlasClassificationDefStoreV1.preDeleteByName({})", name); } + AtlasClassificationDef existingDef = typeRegistry.getClassificationDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete classification-def ", name); + AtlasVertex ret = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.TRAIT); if (AtlasGraphUtilsV1.typeHasInstanceVertex(name)) { @@ -279,6 +295,10 @@ class AtlasClassificationDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasClassif LOG.debug("==> AtlasClassificationDefStoreV1.preDeleteByGuid({})", guid); } + AtlasClassificationDef existingDef = typeRegistry.getClassificationDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete classification-def ", (existingDef != null ? existingDef.getName() : guid)); + AtlasVertex ret = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.TRAIT); String typeName = AtlasGraphUtilsV1.getProperty(ret, Constants.TYPENAME_PROPERTY_KEY, String.class); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java index 1d784ef..ebdba3b 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityDefStoreV1.java @@ -18,6 +18,9 @@ package org.apache.atlas.repository.store.graph.v1; import org.apache.atlas.AtlasErrorCode; +import org.apache.atlas.authorize.AtlasPrivilege; +import org.apache.atlas.authorize.AtlasTypeAccessRequest; +import org.apache.atlas.authorize.AtlasAuthorizationUtils; import org.apache.atlas.exception.AtlasBaseException; import org.apache.atlas.model.typedef.AtlasEntityDef; import org.apache.atlas.repository.Constants; @@ -60,6 +63,8 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe throw new AtlasBaseException(AtlasErrorCode.TYPE_MATCH_FAILED, entityDef.getName(), TypeCategory.CLASS.name()); } + + AtlasVertex ret = typeDefStore.findTypeVertexByName(entityDef.getName()); if (ret != null) { @@ -83,6 +88,8 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe LOG.debug("==> AtlasEntityDefStoreV1.create({}, {})", entityDef, preCreateResult); } + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, entityDef), "create entity-def ", entityDef.getName()); + AtlasVertex vertex = (preCreateResult == null) ? preCreate(entityDef) : preCreateResult; updateVertexAddReferences(entityDef, vertex); @@ -184,6 +191,10 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe LOG.debug("==> AtlasEntityDefStoreV1.updateByName({}, {})", name, entityDef); } + AtlasEntityDef existingDef = typeRegistry.getEntityDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update entity-def ", name); + validateType(entityDef); AtlasType type = typeRegistry.getType(entityDef.getName()); @@ -216,6 +227,10 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe LOG.debug("==> AtlasEntityDefStoreV1.updateByGuid({})", guid); } + AtlasEntityDef existingDef = typeRegistry.getEntityDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update entity-def ", (existingDef != null ? existingDef.getName() : guid)); + validateType(entityDef); AtlasType type = typeRegistry.getTypeByGuid(guid); @@ -248,6 +263,10 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe LOG.debug("==> AtlasEntityDefStoreV1.preDeleteByName({})", name); } + AtlasEntityDef existingDef = typeRegistry.getEntityDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete entity-def ", name); + AtlasVertex ret = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.CLASS); if (AtlasGraphUtilsV1.typeHasInstanceVertex(name)) { @@ -278,6 +297,10 @@ public class AtlasEntityDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEntityDe LOG.debug("==> AtlasEntityDefStoreV1.preDeleteByGuid({})", guid); } + AtlasEntityDef existingDef = typeRegistry.getEntityDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete entity-def ", (existingDef != null ? existingDef.getName() : guid)); + AtlasVertex ret = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.CLASS); String typeName = AtlasGraphUtilsV1.getProperty(ret, Constants.TYPENAME_PROPERTY_KEY, String.class); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java index bf417dd..b5461d4 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1.java @@ -22,13 +22,13 @@ import org.apache.atlas.AtlasErrorCode; import org.apache.atlas.GraphTransactionInterceptor; import org.apache.atlas.RequestContextV1; import org.apache.atlas.annotation.GraphTransaction; +import org.apache.atlas.authorize.AtlasEntityAccessRequest; +import org.apache.atlas.authorize.AtlasPrivilege; +import org.apache.atlas.authorize.AtlasAuthorizationUtils; import org.apache.atlas.exception.AtlasBaseException; -import org.apache.atlas.model.instance.AtlasClassification; -import org.apache.atlas.model.instance.AtlasEntity; +import org.apache.atlas.model.instance.*; import org.apache.atlas.model.instance.AtlasEntity.AtlasEntitiesWithExtInfo; import org.apache.atlas.model.instance.AtlasEntity.AtlasEntityWithExtInfo; -import org.apache.atlas.model.instance.AtlasObjectId; -import org.apache.atlas.model.instance.EntityMutationResponse; import org.apache.atlas.repository.graphdb.AtlasVertex; import org.apache.atlas.repository.store.graph.AtlasEntityStore; import org.apache.atlas.repository.store.graph.EntityGraphDiscovery; @@ -65,6 +65,7 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { private final AtlasTypeRegistry typeRegistry; private final AtlasEntityChangeNotifier entityChangeNotifier; private final EntityGraphMapper entityGraphMapper; + private final EntityGraphRetriever entityRetriever; @Inject public AtlasEntityStoreV1(DeleteHandlerV1 deleteHandler, AtlasTypeRegistry typeRegistry, @@ -73,6 +74,7 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { this.typeRegistry = typeRegistry; this.entityChangeNotifier = entityChangeNotifier; this.entityGraphMapper = entityGraphMapper; + this.entityRetriever = new EntityGraphRetriever(typeRegistry); } @Override @@ -102,13 +104,9 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("==> getById({})", guid); } - EntityGraphRetriever entityRetriever = new EntityGraphRetriever(typeRegistry); - AtlasEntityWithExtInfo ret = entityRetriever.toAtlasEntityWithExtInfo(guid); - if (ret == null) { - throw new AtlasBaseException(AtlasErrorCode.INSTANCE_GUID_NOT_FOUND, guid); - } + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_READ, new AtlasEntityHeader(ret.getEntity())), "read entity: guid=", guid); if (LOG.isDebugEnabled()) { LOG.debug("<== getById({}): {}", guid, ret); @@ -124,10 +122,17 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("==> getByIds({})", guids); } - EntityGraphRetriever entityRetriever = new EntityGraphRetriever(typeRegistry); - AtlasEntitiesWithExtInfo ret = entityRetriever.toAtlasEntitiesWithExtInfo(guids); + // verify authorization to read the entities + if(ret != null){ + for(String guid : guids){ + AtlasEntity entity = ret.getEntity(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_READ, new AtlasEntityHeader(entity)), "read entity: guid=", guid); + } + } + if (LOG.isDebugEnabled()) { LOG.debug("<== getByIds({}): {}", guids, ret); } @@ -137,22 +142,15 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { @Override @GraphTransaction - public AtlasEntityWithExtInfo getByUniqueAttributes(AtlasEntityType entityType, Map<String, Object> uniqAttributes) - throws AtlasBaseException { + public AtlasEntityWithExtInfo getByUniqueAttributes(AtlasEntityType entityType, Map<String, Object> uniqAttributes) throws AtlasBaseException { if (LOG.isDebugEnabled()) { LOG.debug("==> getByUniqueAttribute({}, {})", entityType.getTypeName(), uniqAttributes); } - AtlasVertex entityVertex = AtlasGraphUtilsV1.getVertexByUniqueAttributes(entityType, uniqAttributes); - - EntityGraphRetriever entityRetriever = new EntityGraphRetriever(typeRegistry); - - AtlasEntityWithExtInfo ret = entityRetriever.toAtlasEntityWithExtInfo(entityVertex); + AtlasVertex entityVertex = AtlasGraphUtilsV1.getVertexByUniqueAttributes(entityType, uniqAttributes); + AtlasEntityWithExtInfo ret = entityRetriever.toAtlasEntityWithExtInfo(entityVertex); - if (ret == null) { - throw new AtlasBaseException(AtlasErrorCode.INSTANCE_BY_UNIQUE_ATTRIBUTE_NOT_FOUND, entityType.getTypeName(), - uniqAttributes.toString()); - } + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_READ, new AtlasEntityHeader(ret.getEntity())), "read entity: typeName=", entityType.getTypeName(), ", uniqueAttributes=", uniqAttributes); if (LOG.isDebugEnabled()) { LOG.debug("<== getByUniqueAttribute({}, {}): {}", entityType.getTypeName(), uniqAttributes, ret); @@ -161,70 +159,6 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { return ret; } - private EntityMutationResponse createOrUpdate(EntityStream entityStream, boolean isPartialUpdate, boolean replaceClassifications) throws AtlasBaseException { - if (LOG.isDebugEnabled()) { - LOG.debug("==> createOrUpdate()"); - } - - if (entityStream == null || !entityStream.hasNext()) { - throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "no entities to create/update."); - } - - AtlasPerfTracer perf = null; - - if (AtlasPerfTracer.isPerfTraceEnabled(PERF_LOG)) { - perf = AtlasPerfTracer.getPerfTracer(PERF_LOG, "createOrUpdate()"); - } - - try { - // Create/Update entities - EntityMutationContext context = preCreateOrUpdate(entityStream, entityGraphMapper, isPartialUpdate); - - // for existing entities, skip update if incoming entity doesn't have any change - if (CollectionUtils.isNotEmpty(context.getUpdatedEntities())) { - EntityGraphRetriever entityRetriever = new EntityGraphRetriever(typeRegistry); - - List<AtlasEntity> entitiesToSkipUpdate = null; - for (AtlasEntity entity : context.getUpdatedEntities()) { - String guid = entity.getGuid(); - AtlasVertex vertex = context.getVertex(guid); - AtlasEntity entityInStore = entityRetriever.toAtlasEntity(vertex); - AtlasEntityType entityType = typeRegistry.getEntityTypeByName(entity.getTypeName()); - - if (!AtlasEntityUtil.hasAnyAttributeUpdate(entityType, entity, entityInStore)) { - // if classifications are to be replaced as well, then skip updates only when no change in classifications as well - if (!replaceClassifications || Objects.equals(entity.getClassifications(), entityInStore.getClassifications())) { - if (entitiesToSkipUpdate == null) { - entitiesToSkipUpdate = new ArrayList<>(); - } - - entitiesToSkipUpdate.add(entity); - } - } - } - - if (entitiesToSkipUpdate != null) { - context.getUpdatedEntities().removeAll(entitiesToSkipUpdate); - } - } - - EntityMutationResponse ret = entityGraphMapper.mapAttributesAndClassifications(context, isPartialUpdate, replaceClassifications); - - ret.setGuidAssignments(context.getGuidAssignments()); - - // Notify the change listeners - entityChangeNotifier.onEntitiesMutated(ret, entityStream instanceof EntityImportStream); - - if (LOG.isDebugEnabled()) { - LOG.debug("<== createOrUpdate()"); - } - - return ret; - } finally { - AtlasPerfTracer.log(perf); - } - } - @Override @GraphTransaction public EntityMutationResponse createOrUpdate(EntityStream entityStream, boolean isPartialUpdate) throws AtlasBaseException { @@ -273,7 +207,6 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { @GraphTransaction public EntityMutationResponse updateByUniqueAttributes(AtlasEntityType entityType, Map<String, Object> uniqAttributes, AtlasEntityWithExtInfo updatedEntityInfo) throws AtlasBaseException { - if (LOG.isDebugEnabled()) { LOG.debug("==> updateByUniqueAttributes({}, {})", entityType.getTypeName(), uniqAttributes); } @@ -282,8 +215,7 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "no entity to update."); } - String guid = AtlasGraphUtilsV1.getGuidByUniqueAttributes(entityType, uniqAttributes); - + String guid = AtlasGraphUtilsV1.getGuidByUniqueAttributes(entityType, uniqAttributes); AtlasEntity entity = updatedEntityInfo.getEntity(); entity.setGuid(guid); @@ -299,15 +231,9 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("==> updateEntityAttributeByGuid({}, {}, {})", guid, attrName, attrValue); } - AtlasEntityWithExtInfo entityInfo = getById(guid); - - if (entityInfo == null || entityInfo.getEntity() == null) { - throw new AtlasBaseException(AtlasErrorCode.INSTANCE_GUID_NOT_FOUND, guid); - } - - AtlasEntity entity = entityInfo.getEntity(); - AtlasEntityType entityType = (AtlasEntityType) typeRegistry.getType(entity.getTypeName()); - AtlasAttribute attr = entityType.getAttribute(attrName); + AtlasEntityHeader entity = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + AtlasEntityType entityType = (AtlasEntityType) typeRegistry.getType(entity.getTypeName()); + AtlasAttribute attr = entityType.getAttribute(attrName); if (attr == null) { throw new AtlasBaseException(AtlasErrorCode.UNKNOWN_ATTRIBUTE, attrName, entity.getTypeName()); @@ -345,17 +271,18 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { @Override @GraphTransaction public EntityMutationResponse deleteById(final String guid) throws AtlasBaseException { - if (StringUtils.isEmpty(guid)) { throw new AtlasBaseException(AtlasErrorCode.INSTANCE_GUID_NOT_FOUND, guid); } - // Retrieve vertices for requested guids. - AtlasVertex vertex = AtlasGraphUtilsV1.findByGuid(guid); - Collection<AtlasVertex> deletionCandidates = new ArrayList<>(); + AtlasVertex vertex = AtlasGraphUtilsV1.findByGuid(guid); if (vertex != null) { + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(vertex); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_DELETE, entityHeader), "delete entity: guid=", guid); + deletionCandidates.add(vertex); } else { if (LOG.isDebugEnabled()) { @@ -383,18 +310,23 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { Collection<AtlasVertex> deletionCandidates = new ArrayList<>(); for (String guid : guids) { - // Retrieve vertices for requested guids. AtlasVertex vertex = AtlasGraphUtilsV1.findByGuid(guid); - if (vertex != null) { - deletionCandidates.add(vertex); - } else { + if (vertex == null) { if (LOG.isDebugEnabled()) { // Entity does not exist - treat as non-error, since the caller // wanted to delete the entity and it's already gone. LOG.debug("Deletion request ignored for non-existent entity with guid " + guid); } + + continue; } + + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(vertex); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_DELETE, entityHeader), "delete entity: guid=", guid); + + deletionCandidates.add(vertex); } if (deletionCandidates.isEmpty()) { @@ -411,17 +343,19 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { @Override @GraphTransaction - public EntityMutationResponse deleteByUniqueAttributes(AtlasEntityType entityType, Map<String, Object> uniqAttributes) - throws AtlasBaseException { - + public EntityMutationResponse deleteByUniqueAttributes(AtlasEntityType entityType, Map<String, Object> uniqAttributes) throws AtlasBaseException { if (MapUtils.isEmpty(uniqAttributes)) { throw new AtlasBaseException(AtlasErrorCode.INSTANCE_BY_UNIQUE_ATTRIBUTE_NOT_FOUND, uniqAttributes.toString()); } - final AtlasVertex vertex = AtlasGraphUtilsV1.findByUniqueAttributes(entityType, uniqAttributes); Collection<AtlasVertex> deletionCandidates = new ArrayList<>(); + AtlasVertex vertex = AtlasGraphUtilsV1.findByUniqueAttributes(entityType, uniqAttributes); if (vertex != null) { + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(vertex); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_DELETE, entityHeader), "delete entity: typeName=", entityType.getTypeName(), ", uniqueAttributes=", uniqAttributes); + deletionCandidates.add(vertex); } else { if (LOG.isDebugEnabled()) { @@ -445,6 +379,7 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { if (StringUtils.isEmpty(guid)) { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "Guid(s) not specified"); } + if (CollectionUtils.isEmpty(classifications)) { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "classifications(s) not specified"); } @@ -453,6 +388,13 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("Adding classifications={} to entity={}", classifications, guid); } + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + for (AtlasClassification classification : classifications) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_ADD_CLASSIFICATION, entityHeader, classification), + "add classification: guid=", guid, ", classification=", classification.getTypeName()); + } + GraphTransactionInterceptor.lockObjectAndReleasePostCommit(guid); for (AtlasClassification classification : classifications) { validateAndNormalize(classification); @@ -479,6 +421,12 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "classifications(s) not specified"); } + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + for (AtlasClassification classification : classifications) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_UPDATE_CLASSIFICATION, entityHeader, classification), "update classification: guid=", guid, ", classification=", classification.getTypeName()); + } + GraphTransactionInterceptor.lockObjectAndReleasePostCommit(guid); entityGraphMapper.updateClassifications(new EntityMutationContext(), guid, classifications); @@ -494,6 +442,13 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "classification not specified"); } + for (String guid : guids) { + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_ADD_CLASSIFICATION, entityHeader, classification), + "add classification: guid=", guid, ", classification=", classification.getTypeName()); + } + if (LOG.isDebugEnabled()) { LOG.debug("Adding classification={} to entities={}", classification, guids); } @@ -521,6 +476,12 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "classifications(s) not specified"); } + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + for (String classification : classificationNames) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_UPDATE_CLASSIFICATION, entityHeader, new AtlasClassification(classification)), "remove classification: guid=", guid, ", classification=", classification); + } + if (LOG.isDebugEnabled()) { LOG.debug("Deleting classifications={} from entity={}", classificationNames, guid); } @@ -537,8 +498,11 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("Getting classifications for entity={}", guid); } - EntityGraphRetriever graphRetriever = new EntityGraphRetriever(typeRegistry); - return graphRetriever.getClassifications(guid); + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_READ_CLASSIFICATION, entityHeader), "get classifications: guid=", guid); + + return entityHeader.getClassifications(); } @Override @@ -548,8 +512,110 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { LOG.debug("Getting classifications for entities={}", guid); } - EntityGraphRetriever graphRetriever = new EntityGraphRetriever(typeRegistry); - return graphRetriever.getClassification(guid, classificationName); + AtlasClassification ret = null; + AtlasEntityHeader entityHeader = entityRetriever.toAtlasEntityHeaderWithClassifications(guid); + + if (CollectionUtils.isNotEmpty(entityHeader.getClassifications())) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_READ_CLASSIFICATION, entityHeader), "get classification: guid=", guid, ", classification=", classificationName); + + for (AtlasClassification classification : entityHeader.getClassifications()) { + if (!StringUtils.equalsIgnoreCase(classification.getTypeName(), classificationName)) { + continue; + } + + if (StringUtils.isEmpty(classification.getEntityGuid()) || StringUtils.equalsIgnoreCase(classification.getEntityGuid(), guid)) { + ret = classification; + break; + } else if (ret == null) { + ret = classification; + } + } + } + + if (ret == null) { + throw new AtlasBaseException(AtlasErrorCode.CLASSIFICATION_NOT_FOUND, classificationName); + } + + return ret; + } + + private EntityMutationResponse createOrUpdate(EntityStream entityStream, boolean isPartialUpdate, boolean replaceClassifications) throws AtlasBaseException { + if (LOG.isDebugEnabled()) { + LOG.debug("==> createOrUpdate()"); + } + + if (entityStream == null || !entityStream.hasNext()) { + throw new AtlasBaseException(AtlasErrorCode.INVALID_PARAMETERS, "no entities to create/update."); + } + + AtlasPerfTracer perf = null; + + if (AtlasPerfTracer.isPerfTraceEnabled(PERF_LOG)) { + perf = AtlasPerfTracer.getPerfTracer(PERF_LOG, "createOrUpdate()"); + } + + try { + final boolean isImport = entityStream instanceof EntityImportStream; + final EntityMutationContext context = preCreateOrUpdate(entityStream, entityGraphMapper, isPartialUpdate); + + // Check if authorized to create entities + if (!isImport && CollectionUtils.isNotEmpty(context.getCreatedEntities())) { + for (AtlasEntity entity : context.getCreatedEntities()) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_CREATE, new AtlasEntityHeader(entity)), + "create entity: type=", entity.getTypeName()); + } + } + + // for existing entities, skip update if incoming entity doesn't have any change + if (CollectionUtils.isNotEmpty(context.getUpdatedEntities())) { + List<AtlasEntity> entitiesToSkipUpdate = null; + + for (AtlasEntity entity : context.getUpdatedEntities()) { + String guid = entity.getGuid(); + AtlasVertex vertex = context.getVertex(guid); + AtlasEntity entityInStore = entityRetriever.toAtlasEntity(vertex); + AtlasEntityType entityType = typeRegistry.getEntityTypeByName(entity.getTypeName()); + + if (!AtlasEntityUtil.hasAnyAttributeUpdate(entityType, entity, entityInStore)) { + // if classifications are to be replaced as well, then skip updates only when no change in classifications as well + if (!replaceClassifications || Objects.equals(entity.getClassifications(), entityInStore.getClassifications())) { + if (entitiesToSkipUpdate == null) { + entitiesToSkipUpdate = new ArrayList<>(); + } + + entitiesToSkipUpdate.add(entity); + } + } + } + + if (entitiesToSkipUpdate != null) { + context.getUpdatedEntities().removeAll(entitiesToSkipUpdate); + } + + // Check if authorized to update entities + if (!isImport) { + for (AtlasEntity entity : context.getUpdatedEntities()) { + AtlasAuthorizationUtils.verifyAccess(new AtlasEntityAccessRequest(typeRegistry, AtlasPrivilege.ENTITY_UPDATE, new AtlasEntityHeader(entity)), + "update entity: type=", entity.getTypeName()); + } + } + } + + EntityMutationResponse ret = entityGraphMapper.mapAttributesAndClassifications(context, isPartialUpdate, replaceClassifications); + + ret.setGuidAssignments(context.getGuidAssignments()); + + // Notify the change listeners + entityChangeNotifier.onEntitiesMutated(ret, isImport); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== createOrUpdate()"); + } + + return ret; + } finally { + AtlasPerfTracer.log(perf); + } } private EntityMutationContext preCreateOrUpdate(EntityStream entityStream, EntityGraphMapper entityGraphMapper, boolean isPartialUpdate) throws AtlasBaseException { @@ -583,11 +649,12 @@ public class AtlasEntityStoreV1 implements AtlasEntityStore { AtlasEntityType entityType = typeRegistry.getEntityTypeByName(entity.getTypeName()); + //Create vertices which do not exist in the repository if ((entityStream instanceof EntityImportStream) && AtlasTypeUtil.isAssignedGuid(entity.getGuid())) { vertex = entityGraphMapper.createVertexWithGuid(entity, entity.getGuid()); } else { - vertex = entityGraphMapper.createVertex(entity); + vertex = entityGraphMapper.createVertex(entity); } discoveryContext.addResolvedGuid(guid, vertex); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java index 83a6d1d..44fb95f 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasStructDefStoreV1.java @@ -19,6 +19,9 @@ package org.apache.atlas.repository.store.graph.v1; import com.google.common.annotations.VisibleForTesting; import org.apache.atlas.AtlasErrorCode; +import org.apache.atlas.authorize.AtlasPrivilege; +import org.apache.atlas.authorize.AtlasTypeAccessRequest; +import org.apache.atlas.authorize.AtlasAuthorizationUtils; import org.apache.atlas.exception.AtlasBaseException; import org.apache.atlas.model.typedef.AtlasStructDef; import org.apache.atlas.model.typedef.AtlasStructDef.AtlasAttributeDef; @@ -93,12 +96,14 @@ public class AtlasStructDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasStructDe LOG.debug("==> AtlasStructDefStoreV1.create({}, {})", structDef, preCreateResult); } - AtlasVertex vertex = (preCreateResult == null) ? preCreate(structDef) : preCreateResult; + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, structDef), "create struct-def ", structDef.getName()); if (CollectionUtils.isEmpty(structDef.getAttributeDefs())) { throw new AtlasBaseException(AtlasErrorCode.BAD_REQUEST, "Missing attributes for structdef"); } + AtlasVertex vertex = (preCreateResult == null) ? preCreate(structDef) : preCreateResult; + AtlasStructDefStoreV1.updateVertexAddReferences(structDef, vertex, typeDefStore); AtlasStructDef ret = toStructDef(vertex); @@ -197,6 +202,10 @@ public class AtlasStructDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasStructDe LOG.debug("==> AtlasStructDefStoreV1.updateByName({}, {})", name, structDef); } + AtlasStructDef existingDef = typeRegistry.getStructDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update struct-def ", name); + validateType(structDef); AtlasType type = typeRegistry.getType(structDef.getName()); @@ -229,6 +238,10 @@ public class AtlasStructDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasStructDe LOG.debug("==> AtlasStructDefStoreV1.updateByGuid({})", guid); } + AtlasStructDef existingDef = typeRegistry.getStructDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update struct-def ", (existingDef != null ? existingDef.getName() : guid)); + validateType(structDef); AtlasType type = typeRegistry.getTypeByGuid(guid); @@ -261,6 +274,10 @@ public class AtlasStructDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasStructDe LOG.debug("==> AtlasStructDefStoreV1.preDeleteByName({})", name); } + AtlasStructDef existingDef = typeRegistry.getStructDefByName(name); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete struct-def ", name); + AtlasVertex ret = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.STRUCT); if (AtlasGraphUtilsV1.typeHasInstanceVertex(name)) { @@ -286,6 +303,10 @@ public class AtlasStructDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasStructDe LOG.debug("==> AtlasStructDefStoreV1.preDeleteByGuid({})", guid); } + AtlasStructDef existingDef = typeRegistry.getStructDefByGuid(guid); + + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete struct-def ", (existingDef != null ? existingDef.getName() : guid)); + AtlasVertex ret = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.STRUCT); String typeName = AtlasGraphUtilsV1.getProperty(ret, Constants.TYPENAME_PROPERTY_KEY, String.class); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java index 1833b72..73ed6b4 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/EntityGraphRetriever.java @@ -170,6 +170,22 @@ public final class EntityGraphRetriever { return atlasVertex != null ? mapVertexToAtlasEntityHeader(atlasVertex, attributes) : null; } + public AtlasEntityHeader toAtlasEntityHeaderWithClassifications(String guid) throws AtlasBaseException { + return toAtlasEntityHeaderWithClassifications(getEntityVertex(guid), Collections.emptySet()); + } + + public AtlasEntityHeader toAtlasEntityHeaderWithClassifications(AtlasVertex entityVertex) throws AtlasBaseException { + return toAtlasEntityHeaderWithClassifications(entityVertex, Collections.emptySet()); + } + + public AtlasEntityHeader toAtlasEntityHeaderWithClassifications(AtlasVertex entityVertex, Set<String> attributes) throws AtlasBaseException { + AtlasEntityHeader ret = toAtlasEntityHeader(entityVertex, attributes); + + ret.setClassifications(getClassifications(entityVertex)); + + return ret; + } + public AtlasEntityHeader toAtlasEntityHeader(AtlasEntity entity) { AtlasEntityHeader ret = null; String typeName = entity.getTypeName(); @@ -187,6 +203,19 @@ public final class EntityGraphRetriever { } ret = new AtlasEntityHeader(entity.getTypeName(), entity.getGuid(), uniqueAttributes); + + if (CollectionUtils.isNotEmpty(entity.getClassifications())) { + List<AtlasClassification> classifications = new ArrayList<>(entity.getClassifications().size()); + List<String> classificationNames = new ArrayList<>(entity.getClassifications().size()); + + for (AtlasClassification classification : entity.getClassifications()) { + classifications.add(classification); + classificationNames.add(classification.getTypeName()); + } + + ret.setClassifications(classifications); + ret.setClassificationNames(classificationNames); + } } return ret; @@ -218,7 +247,7 @@ public final class EntityGraphRetriever { AtlasClassification ret = new AtlasClassification(getTypeName(classificationVertex)); ret.setEntityGuid(AtlasGraphUtilsV1.getProperty(classificationVertex, CLASSIFICATION_ENTITY_GUID, String.class)); - ret.setPropagate(AtlasGraphUtilsV1.getProperty(classificationVertex, CLASSIFICATION_PROPAGATE_KEY, Boolean.class)); + ret.setPropagate(isPropagationEnabled(classificationVertex)); String strValidityPeriods = AtlasGraphUtilsV1.getProperty(classificationVertex, CLASSIFICATION_VALIDITY_PERIODS_KEY, String.class); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java b/repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java index 85f0d06..7b96ceb 100644 --- a/repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java +++ b/repository/src/main/java/org/apache/atlas/util/AtlasRepositoryConfiguration.java @@ -173,30 +173,32 @@ public class AtlasRepositoryConfiguration { * @throws AtlasException */ public static List<String> getAuditExcludedOperations(Configuration config) throws AtlasException { - if (config == null) { - try { - config = ApplicationProperties.get(); - } catch (AtlasException e) { - LOG.error(" Error reading operations for auditing ", e); - throw e; - } - } if (skippedOperations == null) { - skippedOperations = new ArrayList<String>(); - String[] skipAuditForOperations = config - .getStringArray(AUDIT_EXCLUDED_OPERATIONS); - if (skipAuditForOperations != null - && skipAuditForOperations.length > 0) { - for (String skippedOperation : skipAuditForOperations) { - String[] excludedOperations = skippedOperation.trim().toLowerCase().split(SEPARATOR); - if (excludedOperations!= null && excludedOperations.length == 2) { - skippedOperations.add(skippedOperation.toLowerCase()); - } else { - LOG.error("Invalid format for skipped operation {}. Valid format is HttpMethod:URL eg: GET:Version", skippedOperation); - } + if (config == null) { + try { + config = ApplicationProperties.get(); + } catch (AtlasException e) { + LOG.error(" Error reading operations for auditing ", e); + throw e; + } + } + + skippedOperations = new ArrayList<>(); + + String[] skipAuditForOperations = config.getStringArray(AUDIT_EXCLUDED_OPERATIONS); + + if (skipAuditForOperations != null && skipAuditForOperations.length > 0) { + for (String skippedOperation : skipAuditForOperations) { + String[] excludedOperations = skippedOperation.trim().toLowerCase().split(SEPARATOR); + if (excludedOperations!= null && excludedOperations.length == 2) { + skippedOperations.add(skippedOperation.toLowerCase()); + } else { + LOG.error("Invalid format for skipped operation {}. Valid format is HttpMethod:URL eg: GET:Version", skippedOperation); } } + } } + return skippedOperations; } http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java b/repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java index 07524d0..6fb6b45 100644 --- a/repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java +++ b/repository/src/test/java/org/apache/atlas/repository/impexp/ExportServiceTest.java @@ -85,7 +85,7 @@ public class ExportServiceTest { @BeforeTest public void setupTest() { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @BeforeClass http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java b/repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java index 136fe8a..080a96a 100644 --- a/repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java +++ b/repository/src/test/java/org/apache/atlas/repository/impexp/ImportServiceTest.java @@ -70,7 +70,7 @@ public class ImportServiceTest { @BeforeTest public void setupTest() { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @AfterClass http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java b/repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java index 5ab8c01..d8e916d 100644 --- a/repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java +++ b/repository/src/test/java/org/apache/atlas/repository/impexp/ZipFileResourceTestUtils.java @@ -208,7 +208,7 @@ public class ZipFileResourceTestUtils { List<String> creationOrder = zipSource.getCreationOrder(); RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); AtlasImportRequest request = getDefaultImportRequest(); AtlasImportResult result = runImportWithParameters(importService, request, zipSource); http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java b/repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java index 2fc8015..26f3165 100644 --- a/repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java +++ b/repository/src/test/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStoreTest.java @@ -57,7 +57,7 @@ public class AtlasTypeDefGraphStoreTest { @BeforeTest public void setupTest() { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @AfterClass http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java index f4b7053..8257faa 100644 --- a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java +++ b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasEntityStoreV1Test.java @@ -111,7 +111,7 @@ public class AtlasEntityStoreV1Test { @BeforeClass public void setUp() throws Exception { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); new GraphBackedSearchIndexer(typeRegistry); @@ -156,7 +156,7 @@ public class AtlasEntityStoreV1Test { public void init() throws Exception { entityStore = new AtlasEntityStoreV1(deleteHandler, typeRegistry, mockChangeNotifier, graphMapper); RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @Test http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java index 8de978c..ac35860 100644 --- a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java +++ b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipStoreV1Test.java @@ -118,7 +118,7 @@ public abstract class AtlasRelationshipStoreV1Test { relationshipStore = new AtlasRelationshipStoreV1(typeRegistry, deleteHandler); RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @AfterClass http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java ---------------------------------------------------------------------- diff --git a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java index 6e4689d..c1aa845 100644 --- a/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java +++ b/repository/src/test/java/org/apache/atlas/repository/store/graph/v1/InverseReferenceUpdateV1Test.java @@ -75,7 +75,7 @@ public abstract class InverseReferenceUpdateV1Test { @BeforeClass public void setUp() throws Exception { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); AtlasTypesDef[] testTypesDefs = new AtlasTypesDef[] { TestUtilsV2.defineDeptEmployeeTypes(), TestUtilsV2.defineInverseReferenceTestTypes() @@ -109,7 +109,7 @@ public abstract class InverseReferenceUpdateV1Test { @BeforeMethod public void init() throws Exception { RequestContextV1.clear(); - RequestContextV1.get().setUser(TestUtilsV2.TEST_USER); + RequestContextV1.get().setUser(TestUtilsV2.TEST_USER, null); } @Test http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/RequestContextV1.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/RequestContextV1.java b/server-api/src/main/java/org/apache/atlas/RequestContextV1.java index 9177cb8..4f96287 100644 --- a/server-api/src/main/java/org/apache/atlas/RequestContextV1.java +++ b/server-api/src/main/java/org/apache/atlas/RequestContextV1.java @@ -18,7 +18,6 @@ package org.apache.atlas; -import org.apache.atlas.metrics.Metrics; import org.apache.atlas.model.instance.AtlasEntity.AtlasEntityWithExtInfo; import org.apache.atlas.model.instance.AtlasObjectId; import org.slf4j.Logger; @@ -34,10 +33,10 @@ public class RequestContextV1 { private final Map<String, AtlasObjectId> updatedEntities = new HashMap<>(); private final Map<String, AtlasObjectId> deletedEntities = new HashMap<>(); private final Map<String, AtlasEntityWithExtInfo> entityCacheV2 = new HashMap<>(); - private final Metrics metrics = new Metrics(); private final long requestTime = System.currentTimeMillis(); - private String user; + private String user; + private Set<String> userGroups; private RequestContextV1() { } @@ -71,8 +70,13 @@ public class RequestContextV1 { return user; } - public void setUser(String user) { - this.user = user; + public Set<String> getUserGroups() { + return userGroups; + } + + public void setUser(String user, Set<String> userGroups) { + this.user = user; + this.userGroups = userGroups; } public void recordEntityUpdate(AtlasObjectId entity) { @@ -127,8 +131,4 @@ public class RequestContextV1 { public boolean isDeletedEntity(String guid) { return deletedEntities.containsKey(guid); } - - public static Metrics getMetrics() { - return get().metrics; - } } http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/aspect/Loggable.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/aspect/Loggable.java b/server-api/src/main/java/org/apache/atlas/aspect/Loggable.java deleted file mode 100644 index 64f2169..0000000 --- a/server-api/src/main/java/org/apache/atlas/aspect/Loggable.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * <p> - * http://www.apache.org/licenses/LICENSE-2.0 - * <p> - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.atlas.aspect; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Retention(RetentionPolicy.RUNTIME) -@Target(ElementType.METHOD) -public @interface Loggable { -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/aspect/Monitored.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/aspect/Monitored.java b/server-api/src/main/java/org/apache/atlas/aspect/Monitored.java deleted file mode 100644 index 909fab6..0000000 --- a/server-api/src/main/java/org/apache/atlas/aspect/Monitored.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * <p> - * http://www.apache.org/licenses/LICENSE-2.0 - * <p> - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.atlas.aspect; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Retention(RetentionPolicy.RUNTIME) -@Target(ElementType.METHOD) -public @interface Monitored { -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/discovery/DiscoveryException.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/discovery/DiscoveryException.java b/server-api/src/main/java/org/apache/atlas/discovery/DiscoveryException.java deleted file mode 100644 index ba69af7..0000000 --- a/server-api/src/main/java/org/apache/atlas/discovery/DiscoveryException.java +++ /dev/null @@ -1,74 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.atlas.discovery; - -import org.apache.atlas.AtlasException; - -import java.security.PrivilegedActionException; - -public class DiscoveryException extends AtlasException { - - /** - * Constructs a new exception with the specified detail message. The - * cause is not initialized, and may subsequently be initialized by - * a call to {@link #initCause}. - * - * @param message the detail message. The detail message is saved for - * later retrieval by the {@link #getMessage()} method. - */ - public DiscoveryException(String message) { - super(message); - } - - /** - * Constructs a new exception with the specified detail message and - * cause. <p>Note that the detail message associated with - * {@code cause} is <i>not</i> automatically incorporated in - * this exception's detail message. - * - * @param message the detail message (which is saved for later retrieval - * by the {@link #getMessage()} method). - * @param cause the cause (which is saved for later retrieval by the - * {@link #getCause()} method). (A <tt>null</tt> value is - * permitted, and indicates that the cause is nonexistent or - * unknown.) - * @since 1.4 - */ - public DiscoveryException(String message, Throwable cause) { - super(message, cause); - } - - /** - * Constructs a new exception with the specified cause and a detail - * message of <tt>(cause==null ? null : cause.toString())</tt> (which - * typically contains the class and detail message of <tt>cause</tt>). - * This constructor is useful for exceptions that are little more than - * wrappers for other throwables (for example, {@link - * PrivilegedActionException}). - * - * @param cause the cause (which is saved for later retrieval by the - * {@link #getCause()} method). (A <tt>null</tt> value is - * permitted, and indicates that the cause is nonexistent or - * unknown.) - * @since 1.4 - */ - public DiscoveryException(Throwable cause) { - super(cause); - } -} http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/exception/SchemaNotFoundException.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/exception/SchemaNotFoundException.java b/server-api/src/main/java/org/apache/atlas/exception/SchemaNotFoundException.java deleted file mode 100644 index 981ef2a..0000000 --- a/server-api/src/main/java/org/apache/atlas/exception/SchemaNotFoundException.java +++ /dev/null @@ -1,40 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.atlas.exception; - -public class SchemaNotFoundException extends NotFoundException { - public SchemaNotFoundException() { - } - - public SchemaNotFoundException(String message) { - super(message); - } - - public SchemaNotFoundException(String message, Throwable cause) { - super(message, cause); - } - - public SchemaNotFoundException(Throwable cause) { - super(cause); - } - - public SchemaNotFoundException(String message, Throwable cause, boolean enableSuppression, - boolean writableStackTrace) { - super(message, cause, enableSuppression, writableStackTrace); - } -} http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/exception/TraitNotFoundException.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/exception/TraitNotFoundException.java b/server-api/src/main/java/org/apache/atlas/exception/TraitNotFoundException.java deleted file mode 100644 index ba46a2e..0000000 --- a/server-api/src/main/java/org/apache/atlas/exception/TraitNotFoundException.java +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.atlas.exception; - -/** - * A simple wrapper for 404. - * Thrown when a requested trait can not be found. - */ -public class TraitNotFoundException extends NotFoundException { - public TraitNotFoundException() { - } - - public TraitNotFoundException(String message) { - super(message); - } - - public TraitNotFoundException(String message, Throwable cause) { - super(message, cause); - } - - public TraitNotFoundException(Throwable cause) { - super(cause); - } - - public TraitNotFoundException(String message, Throwable cause, boolean enableSuppression, - boolean writableStackTrace) { - super(message, cause, enableSuppression, writableStackTrace); - } -} http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/server-api/src/main/java/org/apache/atlas/metrics/Metrics.java ---------------------------------------------------------------------- diff --git a/server-api/src/main/java/org/apache/atlas/metrics/Metrics.java b/server-api/src/main/java/org/apache/atlas/metrics/Metrics.java deleted file mode 100644 index e0f4e49..0000000 --- a/server-api/src/main/java/org/apache/atlas/metrics/Metrics.java +++ /dev/null @@ -1,68 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * <p> - * http://www.apache.org/licenses/LICENSE-2.0 - * <p> - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.atlas.metrics; - -import java.util.LinkedHashMap; -import java.util.Map; - -public class Metrics { - public static class Counters { - private short invocations = 0; - private long totalTimeMSecs = 0; - - @Override - public String toString() { - return "[count=" + invocations + ", totalTimeMSec=" + totalTimeMSecs + "]"; - } - - public short getInvocations() { - return invocations; - } - - public long getTotalTimeMSecs() { - return totalTimeMSecs; - } - } - - Map<String, Counters> countersMap = new LinkedHashMap<>(); - - public void record(String name, long timeMsecs) { - Counters counter = countersMap.get(name); - if (counter == null) { - counter = new Counters(); - countersMap.put(name, counter); - } - - counter.invocations++; - counter.totalTimeMSecs += timeMsecs; - } - - @Override - public String toString() { - return countersMap.toString(); - } - - public boolean isEmpty() { - return countersMap.isEmpty(); - } - - public Counters getCounters(String name) { - return countersMap.get(name); - } -} http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java b/webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java index ced9b7e..7a4596a 100644 --- a/webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java +++ b/webapp/src/main/java/org/apache/atlas/notification/NotificationHookConsumer.java @@ -21,7 +21,6 @@ import com.google.common.annotations.VisibleForTesting; import com.google.common.util.concurrent.ThreadFactoryBuilder; import kafka.utils.ShutdownableThread; import org.apache.atlas.ApplicationProperties; -import org.apache.atlas.AtlasBaseClient; import org.apache.atlas.AtlasClient; import org.apache.atlas.AtlasClientV2; import org.apache.atlas.AtlasException; @@ -53,8 +52,8 @@ import org.apache.atlas.type.AtlasEntityType; import org.apache.atlas.type.AtlasTypeRegistry; import org.apache.atlas.utils.AtlasPerfTracer; import org.apache.atlas.web.filters.AuditFilter; +import org.apache.atlas.web.filters.AuditFilter.AuditLog; import org.apache.atlas.web.service.ServiceState; -import org.apache.atlas.web.util.DateTimeHelper; import org.apache.commons.configuration.Configuration; import org.apache.kafka.common.TopicPartition; import org.slf4j.Logger; @@ -70,10 +69,6 @@ import java.util.concurrent.Executors; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicBoolean; -import static org.apache.atlas.AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE; -import static org.apache.atlas.AtlasClientV2.API_V2.UPDATE_ENTITY; -import static org.apache.atlas.AtlasClientV2.API_V2.UPDATE_ENTITY_BY_ATTRIBUTE; - /** * Consumer of notifications from hooks e.g., hive hook etc. */ @@ -85,7 +80,8 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl private static final Logger PERF_LOG = AtlasPerfTracer.getPerfLogger(NotificationHookConsumer.class); private static final Logger FAILED_LOG = LoggerFactory.getLogger("FAILED"); - private static final String LOCALHOST = "localhost"; + private static final int SC_OK = 200; + private static final int SC_BAD_REQUEST = 400; private static final String THREADNAME_PREFIX = NotificationHookConsumer.class.getSimpleName(); public static final String CONSUMER_THREADS_PROPERTY = "atlas.notification.hook.numthreads"; @@ -353,6 +349,9 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl AtlasPerfTracer perf = null; HookNotification message = kafkaMsg.getMessage(); String messageUser = message.getUser(); + long startTime = System.currentTimeMillis(); + boolean isFailedMsg = false; + AuditLog auditLog = null; if (AtlasPerfTracer.isPerfTraceEnabled(PERF_LOG)) { perf = AtlasPerfTracer.getPerfTracer(PERF_LOG, message.getType().name()); @@ -368,17 +367,17 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl try { RequestContextV1 requestContext = RequestContextV1.get(); - requestContext.setUser(messageUser); + requestContext.setUser(messageUser, null); switch (message.getType()) { case ENTITY_CREATE: { final EntityCreateRequest createRequest = (EntityCreateRequest) message; final AtlasEntitiesWithExtInfo entities = instanceConverter.toAtlasEntities(createRequest.getEntities()); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = AtlasClient.API_V1.CREATE_ENTITY; - - audit(messageUser, api.getMethod(), api.getNormalizedPath()); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClient.API_V1.CREATE_ENTITY.getMethod(), + AtlasClient.API_V1.CREATE_ENTITY.getNormalizedPath()); } atlasEntityStore.createOrUpdate(new AtlasEntityStream(entities), false); @@ -390,9 +389,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl final Referenceable referenceable = partialUpdateRequest.getEntity(); final AtlasEntitiesWithExtInfo entities = instanceConverter.toAtlasEntity(referenceable); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = UPDATE_ENTITY_BY_ATTRIBUTE; - audit(messageUser, api.getMethod(), String.format(api.getNormalizedPath(), partialUpdateRequest.getTypeName())); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.UPDATE_ENTITY_BY_ATTRIBUTE.getMethod(), + String.format(AtlasClientV2.API_V2.UPDATE_ENTITY_BY_ATTRIBUTE.getNormalizedPath(), partialUpdateRequest.getTypeName())); } AtlasEntityType entityType = typeRegistry.getEntityTypeByName(partialUpdateRequest.getTypeName()); @@ -408,9 +408,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl case ENTITY_DELETE: { final EntityDeleteRequest deleteRequest = (EntityDeleteRequest) message; - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = DELETE_ENTITY_BY_ATTRIBUTE; - audit(messageUser, api.getMethod(), String.format(api.getNormalizedPath(), deleteRequest.getTypeName())); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE.getMethod(), + String.format(AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE.getNormalizedPath(), deleteRequest.getTypeName())); } try { @@ -427,10 +428,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl final EntityUpdateRequest updateRequest = (EntityUpdateRequest) message; final AtlasEntitiesWithExtInfo entities = instanceConverter.toAtlasEntities(updateRequest.getEntities()); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = UPDATE_ENTITY; - - audit(messageUser, api.getMethod(), api.getNormalizedPath()); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.UPDATE_ENTITY.getMethod(), + AtlasClientV2.API_V2.UPDATE_ENTITY.getNormalizedPath()); } atlasEntityStore.createOrUpdate(new AtlasEntityStream(entities), false); @@ -441,9 +442,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl final EntityCreateRequestV2 createRequestV2 = (EntityCreateRequestV2) message; final AtlasEntitiesWithExtInfo entities = createRequestV2.getEntities(); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = AtlasClientV2.API_V2.CREATE_ENTITY; - audit(messageUser, api.getMethod(), api.getNormalizedPath()); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.CREATE_ENTITY.getMethod(), + AtlasClientV2.API_V2.CREATE_ENTITY.getNormalizedPath()); } atlasEntityStore.createOrUpdate(new AtlasEntityStream(entities), false); @@ -455,9 +457,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl final AtlasObjectId entityId = partialUpdateRequest.getEntityId(); final AtlasEntityWithExtInfo entity = partialUpdateRequest.getEntity(); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = AtlasClientV2.API_V2.UPDATE_ENTITY; - audit(messageUser, api.getMethod(), api.getNormalizedPath()); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.UPDATE_ENTITY.getMethod(), + AtlasClientV2.API_V2.UPDATE_ENTITY.getNormalizedPath()); } atlasEntityStore.updateEntity(entityId, entity, true); @@ -468,9 +471,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl final EntityUpdateRequestV2 updateRequest = (EntityUpdateRequestV2) message; final AtlasEntitiesWithExtInfo entities = updateRequest.getEntities(); - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = AtlasClientV2.API_V2.UPDATE_ENTITY; - audit(messageUser, api.getMethod(), api.getNormalizedPath()); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.UPDATE_ENTITY.getMethod(), + AtlasClientV2.API_V2.UPDATE_ENTITY.getNormalizedPath()); } atlasEntityStore.createOrUpdate(new AtlasEntityStream(entities), false); @@ -483,9 +487,10 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl try { for (AtlasObjectId entity : entities) { - if (numRetries == 0) { // audit only on the first attempt - AtlasBaseClient.API api = AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE; - audit(messageUser, api.getMethod(), String.format(api.getNormalizedPath(), entity.getTypeName())); + if (auditLog == null) { + auditLog = new AuditLog(messageUser, THREADNAME_PREFIX, + AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE.getMethod(), + String.format(AtlasClientV2.API_V2.DELETE_ENTITY_BY_ATTRIBUTE.getNormalizedPath(), entity.getTypeName())); } AtlasEntityType type = (AtlasEntityType) typeRegistry.getType(entity.getTypeName()); @@ -516,6 +521,8 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl if (numRetries == (maxRetries - 1)) { LOG.warn("Max retries exceeded for message {}", message, e); + isFailedMsg = true; + failedMessages.add(message); if (failedMessages.size() >= failedMsgCacheSize) { @@ -527,9 +534,17 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl RequestContextV1.clear(); } } + commit(kafkaMsg); } finally { AtlasPerfTracer.log(perf); + + if (auditLog != null) { + auditLog.setHttpStatus(isFailedMsg ? SC_BAD_REQUEST : SC_OK); + auditLog.setTimeTaken(System.currentTimeMillis() - startTime); + + AuditFilter.audit(auditLog); + } } } @@ -597,12 +612,4 @@ public class NotificationHookConsumer implements Service, ActiveStateChangeHandl LOG.info("<== HookConsumer shutdown()"); } } - - private void audit(String messageUser, String method, String path) { - if (LOG.isDebugEnabled()) { - LOG.debug("==> audit({},{}, {})", messageUser, method, path); - } - - AuditFilter.audit(messageUser, THREADNAME_PREFIX, method, LOCALHOST, path, LOCALHOST, DateTimeHelper.formatDateUTC(new Date())); - } } http://git-wip-us.apache.org/repos/asf/atlas/blob/afbc6975/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java index ddc2ff2..249b51b 100644 --- a/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java +++ b/webapp/src/main/java/org/apache/atlas/web/filters/AtlasAuthenticationFilter.java @@ -328,10 +328,7 @@ public class AtlasAuthenticationFilter extends AuthenticationFilter { try { String requestUser = httpRequest.getRemoteUser(); NDC.push(requestUser + ":" + httpRequest.getMethod() + httpRequest.getRequestURI()); - RequestContextV1 requestContext = RequestContextV1.get(); - if (requestContext != null) { - requestContext.setUser(requestUser); - } + LOG.info("Request from authenticated user: {}, URL={}", requestUser, Servlets.getRequestURI(httpRequest));