This is an automated email from the ASF dual-hosted git repository. ni3galave pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 4952d138070d02370af8314103972fccda7fab64 Author: Nitin Galave <[email protected]> AuthorDate: Mon Sep 14 17:49:01 2020 +0530 RANGER-2988 : Role Name Search filter is not available on policy listing page Change-Id: I3252349576cb5e66f4f807d19f096fe0876a1dcf --- .../ranger/plugin/store/AbstractPredicateUtil.java | 59 ++++++++++++++++++++++ .../org/apache/ranger/common/RangerSearchUtil.java | 1 + .../webapp/scripts/modules/globalize/message/en.js | 1 + .../views/policies/NRangerPolicyTableLayout.js | 9 +++- .../views/policies/RangerPolicyTableLayout.js | 3 +- 5 files changed, 70 insertions(+), 3 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java index 85fa213..38d6b03 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java @@ -92,6 +92,7 @@ public class AbstractPredicateUtil { // addPredicateForTagServiceId(filter.getParam(SearchFilter.TAG_SERVICE_ID), predicates); // not supported addPredicateForUserName(filter.getParam(SearchFilter.USER), predicates); addPredicateForGroupName(filter.getParam(SearchFilter.GROUP), predicates); + addPredicateForRoleName(filter.getParam(SearchFilter.ROLE), predicates); addPredicateForResources(filter.getParamsWithPrefix(SearchFilter.RESOURCE_PREFIX, true), predicates); addPredicateForPolicyResource(filter.getParam(SearchFilter.POL_RESOURCE), predicates); addPredicateForPartialPolicyName(filter.getParam(SearchFilter.POLICY_NAME_PARTIAL), predicates); @@ -564,6 +565,64 @@ public class AbstractPredicateUtil { return ret; } + private Predicate addPredicateForRoleName(final String roleName, List<Predicate> predicates) { + if(StringUtils.isEmpty(roleName)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + List<?>[] policyItemsList = new List<?>[] { policy.getPolicyItems(), + policy.getDenyPolicyItems(), + policy.getAllowExceptions(), + policy.getDenyExceptions(), + policy.getDataMaskPolicyItems(), + policy.getRowFilterPolicyItems() + }; + for(List<?> policyItemsObj : policyItemsList) { + @SuppressWarnings("unchecked") + List<RangerPolicyItem> policyItems = (List<RangerPolicyItem>)policyItemsObj; + + for(RangerPolicyItem policyItem : policyItems) { + if(! policyItem.getRoles().isEmpty()) { + for(String role : policyItem.getRoles()) { + if(StringUtils.containsIgnoreCase(role, roleName)) { + ret = true; + break; + } + } + } + } + if (ret) { + break; + } + } + }else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + + } + private Predicate addPredicateForIsEnabled(final String status, List<Predicate> predicates) { if(StringUtils.isEmpty(status)) { return null; diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java index 98a8596..7006214 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java @@ -65,6 +65,7 @@ public class RangerSearchUtil extends SearchUtil { ret.setParam(SearchFilter.IS_RECURSIVE, request.getParameter(SearchFilter.IS_RECURSIVE)); ret.setParam(SearchFilter.USER, request.getParameter(SearchFilter.USER)); ret.setParam(SearchFilter.GROUP, request.getParameter(SearchFilter.GROUP)); + ret.setParam(SearchFilter.ROLE, request.getParameter(SearchFilter.ROLE)); ret.setParam(SearchFilter.POL_RESOURCE, request.getParameter(SearchFilter.POL_RESOURCE)); ret.setParam(SearchFilter.RESOURCE_SIGNATURE, request.getParameter(SearchFilter.RESOURCE_SIGNATURE)); ret.setParam(SearchFilter.POLICY_TYPE, request.getParameter(SearchFilter.POLICY_TYPE)); diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js index f92e985..0989976 100644 --- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js +++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js @@ -360,6 +360,7 @@ define(function(require) { serviceTypeMsg :'Select type of service.', startDate :'Set start date.', userMsg :'Name of User.', + roleMsg :'Name of Role.', application :'Application.', tagsMsg :'Tag Name.', endDate :'Set end date.', diff --git a/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js index 79632cf..53e9865 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js @@ -522,7 +522,7 @@ define(function(require) { }; }); - var searchOpt = ['Policy Name', 'Group Name', 'User Name', 'Status', 'Policy Label']; //,'Start Date','End Date','Today']; + var searchOpt = ['Policy Name', 'Group Name', 'User Name', 'Status', 'Policy Label', 'Role Name']; //,'Start Date','End Date','Today']; searchOpt = _.union(searchOpt, _.map(resourceSearchOpt, function(opt) { return opt.label })) @@ -553,7 +553,12 @@ define(function(require) { label: "policyLabelsPartial", info: localization.tt('h.policyLabelsinfo'), urlLabel: 'policyLabel' - }, ]; + }, { + text : "Role Name", + label :"role" , + info :localization.tt('h.roleMsg'), + urlLabel : 'roleName' + }]; // {text : 'Start Date',label :'startDate'},{text : 'End Date',label :'endDate'}, // {text : 'Today',label :'today'}]; var info = { diff --git a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js index 9656fb5..9ab925b 100644 --- a/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js +++ b/security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js @@ -468,12 +468,13 @@ define(function(require){ }); var PolicyStatusValue = _.map(XAEnums.ActiveStatus, function(status) { return { 'label': status.label, 'value': Boolean(status.value)}; }); - var searchOpt = ['Policy Name','Group Name','User Name','Status', 'Policy Label'];//,'Start Date','End Date','Today']; + var searchOpt = ['Policy Name','Group Name','User Name','Status', 'Policy Label', 'Role Name'];//,'Start Date','End Date','Today']; searchOpt = _.union(searchOpt, _.map(resourceSearchOpt, function(opt){ return opt.label })) var serverAttrName = [{text : "Group Name", label :"group", info:localization.tt('h.groupNameMsg'), urlLabel : 'groupName'}, {text : "Policy Name", label :"policyNamePartial", info :localization.tt('msg.policyNameMsg'), urlLabel : 'policyName'}, {text : "Status", info : localization.tt('msg.statusMsg') , label :"isEnabled",'multiple' : true, 'optionsArr' : PolicyStatusValue, urlLabel : 'status'}, {text : "User Name", label :"user" , info :localization.tt('h.userMsg'), urlLabel : 'userName'}, + {text : "Role Name", label :"role" , info :localization.tt('h.roleMsg'), urlLabel : 'roleName'}, {text : "Policy Label", label :"policyLabelsPartial" , info :localization.tt('h.policyLabelsinfo'), urlLabel : 'policyLabel'}, ]; // {text : 'Start Date',label :'startDate'},{text : 'End Date',label :'endDate'},
