This is an automated email from the ASF dual-hosted git repository. ni3galave pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit d4e647590b882a20f7c7d8d2e5188def17382c4c Author: Nitin Galave <[email protected]> AuthorDate: Mon Apr 5 16:19:34 2021 +0530 RANGER-3228 : Improvement in audit filter feature. --- .../webapp/scripts/modules/globalize/message/en.js | 6 +- .../scripts/views/service/AuditFilterConfig.js | 97 +++++++++++++++++--- .../views/service/RangerServiceViewDetail.js | 28 ++++-- .../webapp/scripts/views/service/ServiceForm.js | 14 +++ .../templates/service/AuditFilterList_tmpl.html | 2 +- .../service/RangerServiceViewDetail_tmpl.html | 101 +++++++++++++++++++++ 6 files changed, 228 insertions(+), 20 deletions(-) diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js index 3bc933f..cc18902 100644 --- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js +++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js @@ -397,8 +397,10 @@ define(function(require) { nifiResource :'NiFi Resource Identifier.', securityZone :'Security Zone', zoneCreate :'Create Zone', - zoneEdit :'Zone Edit' - }, + zoneEdit :'Zone Edit', + bucket :'Name of the S3 bucket.', + auditFilter :'Audit Filter' + }, msg : { deletePolicyValidationMsg : 'Policy does not have any settings for the specific resource. Policy will be deleted. Press [Ok] to continue. Press [Cancel] to edit the policy.', areYouSureWantToDelete : 'Are you sure want to delete ?', diff --git a/security-admin/src/main/webapp/scripts/views/service/AuditFilterConfig.js b/security-admin/src/main/webapp/scripts/views/service/AuditFilterConfig.js index f5e01f2..a190275 100644 --- a/security-admin/src/main/webapp/scripts/views/service/AuditFilterConfig.js +++ b/security-admin/src/main/webapp/scripts/views/service/AuditFilterConfig.js @@ -84,7 +84,11 @@ define(function(require) { }); this.setupFormForEditMode(); this.evIsAudited(); - this.renderPermissions(); + if(XAUtil.isTagBasedDef(this.rangerServiceDefModel)){ + this.renderPermsForTagBasedService(); + } else { + this.renderPermissions(); + } this.ui.selectUsers.select2(XAUtil.getUsersGroupsList("users", this, '250px', "auditFilter")); this.ui.selectGroups.select2(XAUtil.getUsersGroupsList("groups", this, '250px', "auditFilter")); this.ui.selectRoles.select2(XAUtil.getUsersGroupsList("roles", this, '250px', "auditFilter")); @@ -228,20 +232,86 @@ define(function(require) { }); }, + renderPermsForTagBasedService :function() { + var that = this; + this.permsIds = []; + if (this.model && this.model.get('accessTypes')) { + this.permsIds = this.model.get('accessTypes'); + } + this.ui.addPerms.attr('data-type','tagchecklist') + this.ui.addPerms.attr('title','Components Permissions') + this.perms = _.map(this.accessTypes,function(m){return {text : m.label, value : m.name}}); + var select2optn = { width :'600px' }; + //create x-editable for permissions + this.ui.addPerms.editable({ + emptytext : 'Add Permissions', + source: this.perms, + value : this.permsIds, + select2option : select2optn, + placement : 'top', + showbuttons : 'bottom', + display: function(values,srcData) { + if(_.contains(values,"on")) values = _.without(values,"on"); + if(_.isNull(values) || _.isEmpty(values)){ + $(this).empty(); + that.model.unset('accessTypes'); + that.ui.addPermissionsSpan.find('i').attr('class', 'fa-fw fa fa-plus'); + that.ui.addPermissionsSpan.attr('title','add'); + return; + } + //To remove selectall options + values = _.uniq(values); + if(values.indexOf("selectall") >= 0){ + values.splice(values.indexOf("selectall"), 1) + } + var permTypeArr = []; + var valArr = _.map(values, function(id){ + if(!_.isUndefined(id)){ + var obj = _.findWhere(srcData,{'value' : id}); + permTypeArr.push({permType : obj.value}); + return "<span class='badge badge-info'>" + id.substr(0,id.indexOf(":")).toUpperCase() + "</span>"; + } + }); + // Save form data to model + that.model.set('accessTypes', values); + $(this).html(_.uniq(valArr).join(" ")); + that.ui.addPermissionsSpan.find('i').attr('class', 'fa-fw fa fa-pencil'); + that.ui.addPermissionsSpan.attr('title','edit'); + }, + }).on('hidden',function(e){ + // $(e.currentTarget).parent().find('.tag-condition-popover').remove() + $('.popover').parent().remove() + }).on('click', function(e) { + e.stopPropagation(); + if($('.popover')){ + $('.tag-condition-popover').remove() + } + //Sticky popup + var pop = $('.popover') + pop.wrap('<div class="tag-fixed-popover-wrapper"></div>'); + pop.addClass('tag-fixed-popover'); + pop.find('.arrow').removeClass('arrow') + }); + that.ui.addPermissionsSpan.click(function(e) { + e.stopPropagation(); + if($('.popover')){ + $('.tag-condition-popover').remove() + } + that.$('a[data-js="permissions"]').editable('toggle'); + var pop = $('.popover') + pop.wrap('<div class="tag-fixed-popover-wrapper"></div>'); + pop.addClass('tag-fixed-popover'); + pop.find('.arrow').removeClass('arrow') + }); + }, + eGetResources :function () { var model = null; if (!_.isUndefined(this.model.get('resources'))) { - this.model.set('policyType', 0); - this.model.set('id', 'resource' + this.model.collection.length); model = $.extend(true, {}, this.model); - // model = _.clone(resourceModel) - // _.each(model.get('resources'), function(val, key, obj) { - // obj[key] = { - // 'values': val - // }; - // }); + model.set('policyType', 0); + model.set('id', 'resource' + this.model.collection.length); } - // this.rangerServiceDefModel.get('resources')[0].lookupSupported = false if (_.isEmpty(this.serviceName)) { this.rangerServiceDefModel.get('resources').map( function(m){ m.lookupSupported = false; @@ -329,6 +399,7 @@ define(function(require) { if(this.model && !_.isUndefined(this.model.get('resources'))) { this.model.unset('resources'); } + this.ui.addResources.find('i').attr('class', 'fa-fw fa fa-plus'); }, evSelectUserGroupRole : function (e) { @@ -337,6 +408,10 @@ define(function(require) { evDelete : function(){ var that = this; this.collection.remove(this.model); + if (this.collection.length == 0) { + var $data = '<tr><td class="emptySet text-muted" colspan="9">No Audit Filter Data Found !!</td></tr>' + $(".auditFilterData").html($data) + } }, selectOparations : function() { var that = this; @@ -344,7 +419,7 @@ define(function(require) { this.ui.oparations.select2({ multiple: true, closeOnSelect : true, - placeholder : 'Select Action', + placeholder : 'Type Action Name', allowClear: true, width : '200px', tokenSeparators: [","], diff --git a/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js b/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js index 0c637ab..c8a47a4 100644 --- a/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js +++ b/security-admin/src/main/webapp/scripts/views/service/RangerServiceViewDetail.js @@ -35,12 +35,25 @@ define(function(require) { template: RangerServiceViewDetailTmpl, templateHelpers: function() { - var that = this, tagDetails = []; + var that = this, tagDetails = []; this.isExcludes = "", this.isRecursive = ""; if(this.rangerService.get('tagService') && !_.isEmpty(this.rangerService.get('tagService'))) { tagDetails = this.rangerSeviceList.find(function(m) { return m.get('name') == that.rangerService.get('tagService') }) } + _.filter(this.auditFilters, function(model, modVal) { + model.isAudited = model.isAudited ? 'Yes' : 'No' + _.filter(model.resources, function(key){ + var $toggleBtn ='' + if(!_.isUndefined(key.isExcludes)) { + key.isExcludes = key.isExcludes ? XAEnums.ExcludeStatus.STATUS_EXCLUDE.label : XAEnums.ExcludeStatus.STATUS_INCLUDE.label; + } + if (!_.isUndefined(key.isRecursive)) { + key.isRecursive = key.isRecursive ? XAEnums.RecursiveStatus.STATUS_RECURSIVE.label : XAEnums.RecursiveStatus.STATUS_NONRECURSIVE.label; + } + key.values = key.values.join(', ') + }) + }) return { configsList : this.conf, customConfigs : this.customConfigs, @@ -49,7 +62,8 @@ define(function(require) { isEnabled : this.rangerService.get('isEnabled'), tagService : (!_.isEmpty(tagDetails)) ? tagDetails.get('displayName') : false, displayName : this.rangerService.get('displayName'), - } + auditFilters : this.auditFilters, + } }, /** @@ -75,10 +89,12 @@ define(function(require) { customConfigs = _.omit(customConfigs , m.name); }) this.conf = configs; - if(_.isEmpty(customConfigs)){ - this.customConfigs = false - }else{ - this.customConfigs = customConfigs; + this.auditFilters = (_.isEmpty(customConfigs) && _.isUndefined(customConfigs['ranger.plugin.audit.filters'])) ? + false : customConfigs['ranger.plugin.audit.filters']; + this.customConfigs = _.isEmpty(_.omit(customConfigs, 'ranger.plugin.audit.filters')) ? + false : _.omit(customConfigs, 'ranger.plugin.audit.filters'); + if(this.auditFilters){ + this.auditFilters = JSON.parse((this.auditFilters).replace(/'/g, '"')); } }, /** on close */ diff --git a/security-admin/src/main/webapp/scripts/views/service/ServiceForm.js b/security-admin/src/main/webapp/scripts/views/service/ServiceForm.js index 668fa79..983f65b 100644 --- a/security-admin/src/main/webapp/scripts/views/service/ServiceForm.js +++ b/security-admin/src/main/webapp/scripts/views/service/ServiceForm.js @@ -129,6 +129,20 @@ define(function(require){ that.auditFilterColl.add(new Backbone.Model(model)); }) } + } else { + var configs = this.rangerServiceDefModel.get('configs'); + var auditFilterCollValueIndex = _.findIndex(configs,function(m){ + return m.name == 'ranger.plugin.audit.filters' + }) + if(auditFilterCollValueIndex != -1) { + var auditFilterCollValue = configs[auditFilterCollValueIndex]; + configs.splice(auditFilterCollValueIndex, 1); + auditFilterCollValue = JSON.parse((auditFilterCollValue.defaultValue).replace(/'/g, '"')); + console.log(auditFilterCollValue); + auditFilterCollValue.forEach(function(model) { + that.auditFilterColl.add(new Backbone.Model(model)); + }) + } } }, setupForm : function() { diff --git a/security-admin/src/main/webapp/templates/service/AuditFilterList_tmpl.html b/security-admin/src/main/webapp/templates/service/AuditFilterList_tmpl.html index 268917a..dc36490 100644 --- a/security-admin/src/main/webapp/templates/service/AuditFilterList_tmpl.html +++ b/security-admin/src/main/webapp/templates/service/AuditFilterList_tmpl.html @@ -32,7 +32,7 @@ <th></th> </tr> </thead> - <tbody class="js-formInput permissionItemSortable"> + <tbody class="js-formInput permissionItemSortable auditFilterData"> {{#if emptyAuditFilterCol}} <td class="emptySet text-muted" colspan="9">No Audit Filter Data Found !!</td> {{/if}} diff --git a/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html b/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html index af86930..8303180 100644 --- a/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html +++ b/security-admin/src/main/webapp/templates/service/RangerServiceViewDetail_tmpl.html @@ -125,4 +125,105 @@ {{/if}} </tbody> </table> +</div> +<div id="auditFilters"> + <p class="formHeader"> + {{tt 'h.auditFilter'}} : + </p> + <div class="table-responsive"> + <table class="table table-permission table-condensed table-read-only"> + <thead> + <tr> + <th>Is Audited</th> + <th>Access Result</th> + <th>Resources</th> + <th>Operations</th> + <th>Permissions</th> + <th>Users</th> + <th>Groups</th> + <th>Roles</th> + </tr> + </thead> + <tbody> + {{#each auditFilters}} + <tr> + <td> + {{#if this.isAudited}} + <span class="badge badge-info">{{this.isAudited}}</span> + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.accessResult}} + <span class="badge badge-info">{{this.accessResult}}</span> + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.resources}} + <div class="resource-list min-width-150"> + <div class="resourceGrp ui-sortable-handle"> + {{#each this.resources}} + <div class="resourcesFilter"><div><b>{{@key}}</b>:{{this.values}}</div> + {{#if this.isExcludes}}<span class="badge badge-dark pull-right">{{this.isExcludes}}</span> {{/if}}{{#if this.isRecursive}}<span class="badge badge-dark pull-right">{{this.isRecursive}}</span>{{/if}} + </div> + {{/each}} + </div> + </div> + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.actions}} + {{#each this.actions}} + <span class="badge badge-info">{{this}}</span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.accessTypes}} + {{#each this.accessTypes}} + <span class="badge badge-info">{{this}}</span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.users}} + {{#each this.users}} + <span class="badge badge-info">{{this}}</span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.groups}} + {{#each this.groups}} + <span class="badge badge-info">{{this}}</span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + <td> + {{#if this.roles}} + {{#each this.roles}} + <span class="badge badge-info">{{this}}</span> + {{/each}} + {{else}} + -- + {{/if}} + </td> + </tr> + {{/each}} + </tbody> + </table> + </div> </div> \ No newline at end of file
