Repository: ranger Updated Branches: refs/heads/ranger-1.1 88094a576 -> 117b25629
RANGER-2160 : 'Email Address' search is not working properly along with other filter in user listing page,userRoles filters also needs to be improved. Signed-off-by: Mehul Parikh <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/117b2562 Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/117b2562 Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/117b2562 Branch: refs/heads/ranger-1.1 Commit: 117b256296a3341a410a1dfaf5d77cca277c25f8 Parents: 88094a5 Author: Nikhil P <[email protected]> Authored: Fri Jul 27 12:54:24 2018 +0530 Committer: Mehul Parikh <[email protected]> Committed: Mon Jul 30 14:13:02 2018 +0530 ---------------------------------------------------------------------- .../src/main/java/org/apache/ranger/biz/XUserMgr.java | 4 ++-- .../java/org/apache/ranger/common/RangerConstants.java | 8 ++++++++ .../main/java/org/apache/ranger/common/SearchUtil.java | 12 ++++++++++++ .../ranger/patch/cliutil/RoleBasedUserSearchUtil.java | 8 +------- .../src/main/java/org/apache/ranger/rest/XUserREST.java | 2 +- .../test/java/org/apache/ranger/rest/TestXUserREST.java | 4 ++-- 6 files changed, 26 insertions(+), 12 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index ea60e99..b1ea280 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -1596,8 +1596,8 @@ public class XUserMgr extends XUserMgrBase { } break; case "emailaddress": - String email = vXUserExactMatch.getEmailAddress(); - if(email != null && !email.equals(entry.getValue())){ + String email = (String)entry.getValue(); + if(email != null && !email.equals(vXUserExactMatch.getEmailAddress())){ vXUserExactMatchwithSearchCriteria = -1; } break; http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java index 35b9d0a..88509a6 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerConstants.java @@ -23,6 +23,10 @@ package org.apache.ranger.common; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + public class RangerConstants extends RangerCommonEnums { // Default Roles @@ -169,6 +173,10 @@ public class RangerConstants extends RangerCommonEnums { public static final int EMAIL_TYPE_USER_ROLE_UPDATED = 9; public static final int EMAIL_TYPE_USER_GRP_ADD = 10; + public static final List<String> VALID_USER_ROLE_LIST = new ArrayList<String>(Arrays.asList(RangerConstants.ROLE_USER, + RangerConstants.ROLE_SYS_ADMIN, RangerConstants.ROLE_KEY_ADMIN, RangerConstants.ROLE_ADMIN_AUDITOR, + RangerConstants.ROLE_KEY_ADMIN_AUDITOR)); + public static enum RBAC_PERM { ALLOW_NONE, ALLOW_READ, http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java index 6f28e7b..6a3c032 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/SearchUtil.java @@ -208,6 +208,18 @@ public class SearchUtil { return value; } + public String extractRoleString(HttpServletRequest request, + SearchCriteria searchCriteria, String paramName, + String userFriendlyParamName, String regEx) { + String value = extractString(request, searchCriteria, paramName, userFriendlyParamName, regEx); + if(!RangerConstants.VALID_USER_ROLE_LIST.contains(value)) { + restErrorUtil.validateString(value, regEx, "Invalid value for " + + userFriendlyParamName, + MessageEnums.INVALID_INPUT_DATA, null, paramName); + } + return value; + } + public List<Integer> extractEnum(HttpServletRequest request, SearchCriteria searchCriteria, String paramName, String userFriendlyParamName, String listName, int maxValue) { http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java index 7df0640..9bb55a9 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/RoleBasedUserSearchUtil.java @@ -72,15 +72,9 @@ public class RoleBasedUserSearchUtil extends BaseLoader { currentPassword = args[1]; if (args.length == 3) { userRole = args[2]; - List<String> roles = new ArrayList<String>(); - roles.add(RangerConstants.ROLE_USER); - roles.add(RangerConstants.ROLE_SYS_ADMIN); - roles.add(RangerConstants.ROLE_KEY_ADMIN); - roles.add(RangerConstants.ROLE_ADMIN_AUDITOR); - roles.add(RangerConstants.ROLE_KEY_ADMIN_AUDITOR); if (!StringUtils.isBlank(userRole)) { userRole = userRole.toUpperCase(); - if (!roles.contains(userRole)) { + if (!RangerConstants.VALID_USER_ROLE_LIST.contains(userRole)) { System.out.println("Invalid UserRole. Exiting!!!"); logger.info("Invalid UserRole. Exiting!!!"); System.exit(1); http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java index 79f347d..da33968 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java @@ -342,7 +342,7 @@ public class XUserREST { searchUtil.extractInt(request, searchCriteria, "status", "User Status"); List<String> userRolesList = searchUtil.extractStringList(request, searchCriteria, "userRoleList", "User Role List", "userRoleList", null, null); - searchUtil.extractString(request, searchCriteria, "userRole", "UserRole", null); + searchUtil.extractRoleString(request, searchCriteria, "userRole", "Role", null); if (CollectionUtils.isNotEmpty(userRolesList) && CollectionUtils.size(userRolesList) == 1 && userRolesList.get(0).equalsIgnoreCase(UserRoleParamName)) { if (!(searchCriteria.getParamList().containsKey("name"))) { searchCriteria.addParam("name", userName); http://git-wip-us.apache.org/repos/asf/ranger/blob/117b2562/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java index e564e28..de21213 100644 --- a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java +++ b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java @@ -506,7 +506,7 @@ public class TestXUserREST { Mockito.when(searchUtil.extractInt(request, testSearchCriteria, "isVisible", "User Visibility")).thenReturn(1); Mockito.when(searchUtil.extractInt(request, testSearchCriteria, "status", "User Status")).thenReturn(1); Mockito.when(searchUtil.extractStringList(request, testSearchCriteria, "userRoleList", "User Role List", "userRoleList", null,null)).thenReturn(new ArrayList<String>()); - Mockito.when(searchUtil.extractString(request, testSearchCriteria, "userRole", "UserRole", null)).thenReturn(""); + Mockito.when(searchUtil.extractRoleString(request, testSearchCriteria, "userRole", "Role", null)).thenReturn(""); List<VXUser> vXUsersList= new ArrayList<VXUser>(); vXUsersList.add(vxUser); @@ -525,7 +525,7 @@ public class TestXUserREST { Mockito.verify(searchUtil).extractInt(request, testSearchCriteria, "isVisible", "User Visibility"); Mockito.verify(searchUtil).extractInt(request, testSearchCriteria, "status", "User Status"); Mockito.verify(searchUtil).extractStringList(request, testSearchCriteria, "userRoleList", "User Role List", "userRoleList", null,null); - Mockito.verify(searchUtil).extractString(request, testSearchCriteria, "userRole", "UserRole", null); + Mockito.verify(searchUtil).extractRoleString(request, testSearchCriteria, "userRole", "Role", null); assertNotNull(gotVXUserList); assertEquals(testVXUserList.getTotalCount(),gotVXUserList.getTotalCount()); assertEquals(testVXUserList.getClass(),gotVXUserList.getClass());
