This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 120ea59 RANGER-2527 : UI Improvement for Roles create update and
delete log on Audit -> Admin Tab.
120ea59 is described below
commit 120ea59cd9db1dc835c06a9834b63862c8e03522
Author: Nitin Galave <[email protected]>
AuthorDate: Tue Aug 6 16:46:01 2019 +0530
RANGER-2527 : UI Improvement for Roles create update and delete log on
Audit -> Admin Tab.
Signed-off-by: Pradeep <[email protected]>
---
.../apache/ranger/service/RangerRoleService.java | 27 ++++
.../webapp/scripts/views/reports/AuditLayout.js | 3 +-
.../scripts/views/reports/OperationDiffDetail.js | 79 ++++++++++--
security-admin/src/main/webapp/styles/xa.css | 4 +
.../templates/reports/RoleOperationDiff_tmpl.html | 52 +++++++-
.../reports/RoleUpdateOperationDiff_tmpl.html | 137 +++++++++++++++------
6 files changed, 251 insertions(+), 51 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/service/RangerRoleService.java
b/security-admin/src/main/java/org/apache/ranger/service/RangerRoleService.java
index 29d20a1..ca4407b 100644
---
a/security-admin/src/main/java/org/apache/ranger/service/RangerRoleService.java
+++
b/security-admin/src/main/java/org/apache/ranger/service/RangerRoleService.java
@@ -32,6 +32,7 @@ import org.apache.commons.logging.LogFactory;
import org.apache.ranger.authorization.utils.JsonUtils;
import org.apache.ranger.biz.ServiceDBStore;
import org.apache.ranger.common.AppConstants;
+import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.entity.XXRole;
import org.apache.ranger.entity.XXTrxLog;
@@ -126,6 +127,8 @@ public class RangerRoleService extends
RangerRoleServiceBase<XXRole, RangerRole>
}
List<XXTrxLog> trxLogList = new ArrayList<>();
Field[] fields = current.getClass().getDeclaredFields();
+ String users = RangerConstants.MODULE_USER_GROUPS.split("/")[0];
+ String groups = RangerConstants.MODULE_USER_GROUPS.split("/")[1];
try {
Field nameField = current.getClass().getDeclaredField("name");
@@ -155,6 +158,18 @@ public class RangerRoleService extends
RangerRoleServiceBase<XXRole, RangerRole>
value = xaEnumUtil.getLabel(enumName, enumValue);
} else {
value = "" + field.get(current);
+ if (fieldName.equalsIgnoreCase(users)
|| fieldName.equalsIgnoreCase(groups)
+ ||
fieldName.equalsIgnoreCase("Roles")) {
+ if
(fieldName.equalsIgnoreCase(users)) {
+ value =
!stringUtil.isEmpty(current.getUsers()) ?
JsonUtils.listToJson(current.getUsers()) : null;
+ }
+ if
(fieldName.equalsIgnoreCase(groups)) {
+ value =
!stringUtil.isEmpty(current.getGroups()) ?
JsonUtils.listToJson(current.getGroups()) : null;
+ }
+ if
(fieldName.equalsIgnoreCase("Roles")) {
+ value =
!stringUtil.isEmpty(current.getRoles()) ?
JsonUtils.listToJson(current.getRoles()) : null;
+ }
+ }
if ((value == null || "null".equalsIgnoreCase(value))
&& !"update".equalsIgnoreCase(action)) {
continue;
@@ -183,6 +198,18 @@ public class RangerRoleService extends
RangerRoleServiceBase<XXRole, RangerRole>
}
else {
formerValue = mField.get(former) + "";
+ if
(fieldName.equalsIgnoreCase(users) || fieldName.equalsIgnoreCase(groups)
+
|| fieldName.equalsIgnoreCase("Roles")) {
+ if
(fieldName.equalsIgnoreCase(users)) {
+
formerValue = !stringUtil.isEmpty(former.getUsers()) ?
JsonUtils.listToJson(former.getUsers()) : null;
+ }
+ if
(fieldName.equalsIgnoreCase(groups)) {
+
formerValue = !stringUtil.isEmpty(former.getGroups()) ?
JsonUtils.listToJson(former.getGroups()) : null;
+ }
+ if
(fieldName.equalsIgnoreCase("Roles")) {
+
formerValue = !stringUtil.isEmpty(former.getRoles()) ?
JsonUtils.listToJson(former.getRoles()) : null;
+ }
+ }
}
break;
}
diff --git
a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
index 5c5d54e..6a1c7c2 100644
--- a/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
+++ b/security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js
@@ -1676,7 +1676,8 @@ define(function(require) {
formatter: _.extend({},
Backgrid.CellFormatter.prototype, {
fromRaw: function (rawValue,
model) {
if(_.isUndefined(model.get('info').policyActivationTime)
- ||
_.isNull(model.get('info').policyActivationTime)){
+ ||
_.isNull(model.get('info').policyActivationTime)
+ ||
model.get('info').policyActivationTime == 0){
return
'<center>--</center>';
}
var activeDate = new
Date(parseInt(model.get('info')['policyActivationTime']));
diff --git
a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
index 93458c9..36f9a2d 100644
---
a/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
+++
b/security-admin/src/main/webapp/scripts/views/reports/OperationDiffDetail.js
@@ -42,7 +42,7 @@ define(function(require){
templateHelpers :function(){
var obj = {
- collection : this.collection.models,
+ collection : _.sortBy(this.collection.models,
'id'),
action : this.action,
objectName : this.objectName,
objectId : this.objectId,
@@ -86,7 +86,15 @@ define(function(require){
isServiceResourcesDiffEmpty :
(_.isEmpty(this.oldServiceResourceArr) &&
_.isEmpty(this.oldServiceResourceArr)) ? false : true
});
}
-
+
+ if(this.templateType ==
XAEnums.ClassTypes.CLASS_TYPE_RANGER_ROLE.value){
+ obj = $.extend(obj, {
+ oldRolesUsersGroupsRolesDetails :
this.oldRolesUsersGroupsRolesDetails,
+ newRolesUsersGroupsRolesDetails :
this.newRolesUsersGroupsRolesDetails,
+ updateRolesUsersGroupsRolesDetails :
this.updateRolesUsersGroupsRolesDetails
+ });
+ }
+
return obj;
},
/** ui selector cache */
@@ -182,14 +190,15 @@ define(function(require){
else
this.template = ZoneOperationDiff_tmpl;
}
- if(this.classType ==
XAEnums.ClassTypes.CLASS_TYPE_RANGER_ROLE.value){
- if(this.action == 'update'){
- this.template =
RoleUpdateOperationDiff_tmpl;
- } else{
- this.template = RoleOperationDiff_tmpl;
- }
- this.templateType =
XAEnums.ClassTypes.CLASS_TYPE_RANGER_ROLE.value;
- }
+ if(this.classType ==
XAEnums.ClassTypes.CLASS_TYPE_RANGER_ROLE.value){
+ this.rolesDiffOperation();
+ if(this.action == 'update'){
+ this.template = RoleUpdateOperationDiff_tmpl;
+ } else{
+ this.template = RoleOperationDiff_tmpl;
+ }
+ this.templateType =
XAEnums.ClassTypes.CLASS_TYPE_RANGER_ROLE.value;
+ }
},
assetDiffOperation : function(){
var that = this, configModel;
@@ -310,6 +319,56 @@ define(function(require){
});
},
+
+ rolesDiffOperation : function() {
+ var that = this;
+ this.newRolesUsersGroupsRolesDetails = {};
+ this.oldRolesUsersGroupsRolesDetails = {};
+ this.updateRolesUsersGroupsRolesDetails = {};
+ var roleDetails = ['Users', 'Groups', 'Roles'];
+ if(this.action !== 'update') {
+ _.each(roleDetails, function(m) {
+ var rolesObj =
that.collection.findWhere({attributeName : m});
+ if(rolesObj &&
rolesObj.has('newValue') &&!_.isEmpty(rolesObj.get('newValue'))) {
+ var newValJson =
$.parseJSON(rolesObj.get('newValue'));
+
that.newRolesUsersGroupsRolesDetails[m] = (newValJson);
+ }
+ })
+ _.each(roleDetails, function(m) {
+ var rolesObj =
that.collection.findWhere({attributeName : m});
+ if(rolesObj &&
rolesObj.has('previousValue') &&!_.isEmpty(rolesObj.get('previousValue'))) {
+ var newValJson =
$.parseJSON(rolesObj.get('previousValue'));
+
that.oldRolesUsersGroupsRolesDetails[m] = (newValJson);
+ }
+ })
+ } else {
+ _.each(roleDetails, function(m) {
+ var rolesObj =
that.collection.findWhere({attributeName : m});
+ if(rolesObj) {
+
that.updateRolesUsersGroupsRolesDetails[m] = {};
+ var newValJson, oldValJson;
+ try {
+ newValJson =
JSON.parse(rolesObj.get('newValue'));
+ } catch(err) {
+ newValJson = "";
+ } finally {
+
that.updateRolesUsersGroupsRolesDetails[m]["newVal"] = (newValJson)
+ }
+ try {
+ oldValJson =
JSON.parse(rolesObj.get('previousValue'));
+ } catch(err) {
+ oldValJson = "";
+ } finally {
+
that.updateRolesUsersGroupsRolesDetails[m]["oldVal"] = (oldValJson)
+ }
+ }
+ })
+ }
+ _.each(roleDetails, function(key) {
+
that.collection.remove(that.collection.where({attributeName : key}));
+ })
+ },
+
removeUnwantedFromObject : function(obj){
_.each(obj, function(val, key){
if(_.isEmpty(val))
diff --git a/security-admin/src/main/webapp/styles/xa.css
b/security-admin/src/main/webapp/styles/xa.css
index ee637d2..2081afe 100644
--- a/security-admin/src/main/webapp/styles/xa.css
+++ b/security-admin/src/main/webapp/styles/xa.css
@@ -2813,3 +2813,7 @@ div#zoneServiceAccordion table thead {
margin-bottom: 15px;
padding: 9px 0;
}
+
+.row.clear-seconds .span6:nth-child(2n+3) {
+ clear: left;
+}
diff --git
a/security-admin/src/main/webapp/templates/reports/RoleOperationDiff_tmpl.html
b/security-admin/src/main/webapp/templates/reports/RoleOperationDiff_tmpl.html
index 6e3644d..6d04887 100644
---
a/security-admin/src/main/webapp/templates/reports/RoleOperationDiff_tmpl.html
+++
b/security-admin/src/main/webapp/templates/reports/RoleOperationDiff_tmpl.html
@@ -48,7 +48,32 @@
</div>
</div>
{{/if}}
- {{else}}
+ {{#each newRolesUsersGroupsRolesDetails}}
+ <h5>{{@key}} :</h5>
+ <div class="diff">
+ <div class="diff-left">
+ <h3>Name</h3>
+ <ol class="attr">
+ {{#each this}}
+ <li class="change-row">{{name}}</li>
+ {{/each}}
+ </ol>
+ </div>
+ <div class="diff-right">
+ <h3>Is Role Admin</h3>
+ <ol class="unstyled data">
+ {{#each this}}
+ {{#if isAdmin}}
+ <li class="change-row">{{isAdmin}}</li>
+ {{else}}
+ <li class="change-row">false</li>
+ {{/if}}
+ {{/each}}
+ </ol>
+ </div>
+ </div>
+ {{/each}}
+ {{else}}
<label class="no-margin label-size13-weightbold" > Deleted By
: {{userName}}</label>
{{#if collection.length}}
<h5>Role Details:</h5>
@@ -75,5 +100,30 @@
</div>
</div>
{{/if}}
+ {{#each oldRolesUsersGroupsRolesDetails}}
+ <h5>{{@key}} :</h5>
+ <div class="diff">
+ <div class="diff-left">
+ <h3>Name</h3>
+ <ol class="attr">
+ {{#each this}}
+ <li class="change-row">{{name}}</li>
+ {{/each}}
+ </ol>
+ </div>
+ <div class="diff-right">
+ <h3>Is Role Admin</h3>
+ <ol class="unstyled data">
+ {{#each this}}
+ {{#if isAdmin}}
+ <li class="change-row">{{isAdmin}}</li>
+ {{else}}
+ <li class="change-row">false</li>
+ {{/if}}
+ {{/each}}
+ </ol>
+ </div>
+ </div>
+ {{/each}}
{{/compare}}
</div>
diff --git
a/security-admin/src/main/webapp/templates/reports/RoleUpdateOperationDiff_tmpl.html
b/security-admin/src/main/webapp/templates/reports/RoleUpdateOperationDiff_tmpl.html
index f433ecf..f0eb085 100644
---
a/security-admin/src/main/webapp/templates/reports/RoleUpdateOperationDiff_tmpl.html
+++
b/security-admin/src/main/webapp/templates/reports/RoleUpdateOperationDiff_tmpl.html
@@ -27,48 +27,107 @@
<div class="delete-text legend"></div> Deleted
</div>
</div>
-
- <h5>Role Detail :</h5>
- <div class="diff">
- <div class="diff-left">
- <h3>Fields</h3>
- <ol class="attr">
- {{#each collection}}
- <li class="change-row">{{./this.attributes.attributeName}}</li>
- {{/each}}
- </ol>
- </div>
- <div class="diff-left">
- <h3>Old Value</h3>
- <ol class="unstyled data">
- {{#each collection}}
- {{#if ./this.attributes.previousValue}}
- {{#compare ./this.attributes.previousValue "eq" ''}}
+ {{#if collection.length}}
+ <h5>Role Detail :</h5>
+ <div class="diff">
+ <div class="diff-left">
+ <h3>Fields</h3>
+ <ol class="attr">
+ {{#each collection}}
+ <li
class="change-row">{{./this.attributes.attributeName}}</li>
+ {{/each}}
+ </ol>
+ </div>
+ <div class="diff-left">
+ <h3>Old Value</h3>
+ <ol class="unstyled data">
+ {{#each collection}}
+ {{#if ./this.attributes.previousValue}}
+ {{#compare ./this.attributes.previousValue "eq" ''}}
+ <li>--</li>
+ {{else}}
+ <li class="change-row">{{{highlightNewForAttr
./this.attributes.newValue ./this.attributes.previousValue 'old'}}}</li>
+ {{/compare}}
+ {{else}}
+ <li>--</li>
+ {{/if}}
+ {{/each}}
+ </ol>
+ </div>
+ <div class="diff-right">
+ <h3>New Value</h3>
+ <ol class="unstyled data">
+ {{#each collection}}
+ {{#if ./this.attributes.newValue}}
+ {{#compare ./this.attributes.newValue "eq" ''}}
<li>--</li>
+ {{else}}
+ <li class="change-row">{{{highlightNewForAttr
./this.attributes.newValue ./this.attributes.previousValue 'new'}}}</li>
+ {{/compare}}
{{else}}
- <li class="change-row">{{{highlightNewForAttr
./this.attributes.newValue ./this.attributes.previousValue 'old'}}}</li>
- {{/compare}}
- {{else}}
<li>--</li>
- {{/if}}
- {{/each}}
- </ol>
- </div>
- <div class="diff-right">
- <h3>New Value</h3>
- <ol class="unstyled data">
- {{#each collection}}
- {{#if ./this.attributes.newValue}}
- {{#compare ./this.attributes.newValue "eq" ''}}
- <li>--</li>
- {{else}}
- <li class="change-row">{{{highlightNewForAttr
./this.attributes.newValue ./this.attributes.previousValue 'new'}}}</li>
- {{/compare}}
- {{else}}
- <li>--</li>
- {{/if}}
- {{/each}}
- </ol>
+ {{/if}}
+ {{/each}}
+ </ol>
+ </div>
</div>
+ {{/if}}
+ <div class="row clear-seconds">
+ {{#each updateRolesUsersGroupsRolesDetails}}
+ <div class="span6">
+ <h5>Old {{@key}} Details :</h5>
+ <table class="table table-bordered table-operations-old">
+ <thead>
+ <tr>
+ <th>Name</th>
+ <th>Is Role Admin</th>
+ </tr>
+ </thead>
+ <tbody>
+ {{#compare this.oldVal "eq" ''}}
+ <tr><td colspan="2">Empty</td></tr>
+ {{else}}
+ {{#each this.oldVal}}
+ <tr>
+ <td>{{name}}</td>
+ {{#if isAdmin}}
+ <td>{{isAdmin}}</td>
+ {{else}}
+ <td>false</td>
+ {{/if}}
+ </tr>
+ {{/each}}
+ {{/compare}}
+ </tbody>
+ </table>
+ </div>
+ <div class="span6">
+ <h5>New {{@key}} Details :</h5>
+ <table class="table table-bordered table-operations-new">
+ <thead>
+ <tr>
+ <th>Name</th>
+ <th>Is Role Admin</th>
+ </tr>
+ </thead>
+ <tbody>
+ {{#compare this.newVal "eq" ''}}
+ <tr><td colspan="2">Empty</td></tr>
+ {{else}}
+ {{#each this.newVal}}
+ <tr>
+ <td>{{name}}</td>
+ {{#if isAdmin}}
+ <td>{{isAdmin}}</td>
+ {{else}}
+ <td>false</td>
+ {{/if}}
+ </tr>
+ {{/each}}
+ {{/compare}}
+ </tbody>
+ </table>
+ </div>
+ {{/each}}
</div>
</div>
\ No newline at end of file
