This is an automated email from the ASF dual-hosted git repository.
abhay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new df07b0d RANGER-3562: Redesign post commit tasks for updating
ref-tables when policy/role is updated
df07b0d is described below
commit df07b0da94dced97e6022b1d0d243c8b2e358803
Author: Abhay Kulkarni <[email protected]>
AuthorDate: Mon Jan 3 18:38:55 2022 -0800
RANGER-3562: Redesign post commit tasks for updating ref-tables when
policy/role is updated
---
.../main/java/org/apache/ranger/biz/AssetMgr.java | 18 +-
.../org/apache/ranger/biz/PolicyRefUpdater.java | 474 ++++++++++-----------
.../java/org/apache/ranger/biz/RoleRefUpdater.java | 395 +++++++++--------
.../ranger/service/RangerPluginActivityLogger.java | 15 +-
.../service/TestRangerPluginActivityLogger.java | 3 +-
5 files changed, 436 insertions(+), 469 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java
b/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java
index 36f137e..08255b3 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/AssetMgr.java
@@ -48,6 +48,7 @@ import org.apache.ranger.common.RangerCommonEnums;
import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.StringUtil;
+import org.apache.ranger.common.db.RangerTransactionSynchronizationAdapter;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.elasticsearch.ElasticSearchAccessAuditsService;
import org.apache.ranger.entity.XXPermMap;
@@ -121,7 +122,7 @@ public class AssetMgr extends AssetMgrBase {
XPolicyService xPolicyService;
@Autowired
- RangerPluginActivityLogger activityLogger;
+ RangerTransactionSynchronizationAdapter
transactionSynchronizationAdapter;
@Autowired
RangerPluginInfoService pluginInfoService;
@@ -663,7 +664,7 @@ public class AssetMgr extends AssetMgrBase {
}
};
-
activityLogger.commitAfterTransactionComplete(commitWork);
+
transactionSynchronizationAdapter.executeOnTransactionCompletion(commitWork);
}
} else {
ret =
rangerDaoManager.getXXPolicyExportAudit().create(xXPolicyExportAudit);
@@ -733,6 +734,7 @@ public class AssetMgr extends AssetMgrBase {
}
final boolean isTagVersionResetNeeded;
+ final Runnable commitWork;
if (httpCode == HttpServletResponse.SC_NOT_MODIFIED) {
// Create or update PluginInfo record after transaction
is completed. If it is created in-line here
@@ -757,15 +759,13 @@ public class AssetMgr extends AssetMgrBase {
break;
}
- Runnable commitWork = new Runnable() {
+ commitWork = new Runnable() {
@Override
public void run() {
doCreateOrUpdateXXPluginInfo(pluginInfo, entityType, isTagVersionResetNeeded,
clusterName);
}
};
-
activityLogger.commitAfterTransactionComplete(commitWork);
} else if (httpCode == HttpServletResponse.SC_NOT_FOUND) {
- Runnable commitWork;
if ((isPolicyDownloadRequest(entityType) &&
(pluginInfo.getPolicyActiveVersion() == null ||
pluginInfo.getPolicyActiveVersion() == -1))
|| (isTagDownloadRequest(entityType) &&
(pluginInfo.getTagActiveVersion() == null || pluginInfo.getTagActiveVersion()
== -1))
|| (isRoleDownloadRequest(entityType)
&& (pluginInfo.getRoleActiveVersion() == null ||
pluginInfo.getRoleActiveVersion() == -1))
@@ -784,12 +784,16 @@ public class AssetMgr extends AssetMgrBase {
}
};
}
-
activityLogger.commitAfterTransactionComplete(commitWork);
-
} else {
isTagVersionResetNeeded = false;
+ commitWork = null;
doCreateOrUpdateXXPluginInfo(pluginInfo, entityType,
isTagVersionResetNeeded, clusterName);
}
+
+ if (commitWork != null) {
+
transactionSynchronizationAdapter.executeOnTransactionCompletion(commitWork);
+ }
+
if (logger.isDebugEnabled()) {
logger.debug("<== createOrUpdatePluginInfo(pluginInfo =
" + pluginInfo + ", isPolicyDownloadRequest = " +
isPolicyDownloadRequest(entityType) + ", httpCode = " + httpCode + ")");
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
index 4452676..f8f0ee9 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java
@@ -23,8 +23,6 @@ import java.util.HashSet;
import java.util.List;
import java.util.Set;
-import javax.servlet.http.HttpServletResponse;
-
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
@@ -58,21 +56,23 @@ import
org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemCondition;
import
org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo;
import org.apache.ranger.plugin.model.RangerRole;
import org.apache.ranger.service.RangerAuditFields;
-import org.apache.ranger.service.RangerTransactionService;
import org.apache.ranger.service.XGroupService;
-import org.apache.ranger.service.XUserService;
import org.apache.ranger.view.VXGroup;
import org.apache.ranger.view.VXResponse;
import org.apache.ranger.view.VXUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import javax.servlet.http.HttpServletResponse;
+
@Component
public class PolicyRefUpdater {
private static final Log LOG =
LogFactory.getLog(PolicyRefUpdater.class);
+ public enum PRINCIPAL_TYPE { USER, GROUP, ROLE }
+
@Autowired
RangerDaoManager daoMgr;
@@ -82,12 +82,8 @@ public class PolicyRefUpdater {
@Autowired
XUserMgr xUserMgr;
-
@Autowired
- XUserService xUserService;
-
- @Autowired
- RoleDBStore roleStore;
+ RoleDBStore roleStore;
@Autowired
RangerBizUtil rangerBizUtil;
@@ -99,9 +95,6 @@ public class PolicyRefUpdater {
RangerTransactionSynchronizationAdapter
rangerTransactionSynchronizationAdapter;
@Autowired
- RangerTransactionService transactionService;
-
- @Autowired
RESTErrorUtil restErrorUtil;
public void createNewPolMappingForRefTable(RangerPolicy policy,
XXPolicy xPolicy, XXServiceDef xServiceDef) throws Exception {
@@ -175,28 +168,28 @@ public class PolicyRefUpdater {
}
daoMgr.getXXPolicyRefResource().batchCreate(xPolResources);
+ final boolean isAdmin = rangerBizUtil.checkAdminAccess();
+
List<XXPolicyRefRole> xPolRoles = new ArrayList<>();
for (String role : roleNames) {
if (StringUtils.isBlank(role)) {
continue;
}
-
- XXRole xRole = daoMgr.getXXRole().findByRoleName(role);
- Long roleId = null;
- if (xRole != null) {
- roleId = xRole.getId();
- }
- else {
- RangerBizUtil.setBulkMode(false);
- roleId = createRoleForPolicy(role);
+ PolicyPrincipalAssociator associator = new
PolicyPrincipalAssociator(PRINCIPAL_TYPE.ROLE, role, xPolicy);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Role name: " + role + "
specified in policy does not exist in ranger admin.");
+ }
+ } else {
+ if (isAdmin) {
+
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
+ } else {
+ VXResponse gjResponse = new
VXResponse();
+
gjResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
+ gjResponse.setMsgDesc("Operation
denied. Role name: " + role + " specified in policy does not exist in ranger
admin.");
+ throw
restErrorUtil.generateRESTException(gjResponse);
+ }
}
- XXPolicyRefRole xPolRole =
rangerAuditFields.populateAuditFields(new XXPolicyRefRole(), xPolicy);
-
- xPolRole.setPolicyId(policy.getId());
- xPolRole.setRoleId(roleId);
- xPolRole.setRoleName(role);
-
- xPolRoles.add(xPolRole);
}
RangerBizUtil.setBulkMode(oldBulkMode);
daoMgr.getXXPolicyRefRole().batchCreate(xPolRoles);
@@ -206,19 +199,18 @@ public class PolicyRefUpdater {
continue;
}
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(group);
- Long groupId = null;
- if (xGroup != null) {
- groupId = xGroup.getId();
- groupPolicyAssociation(xPolicy,groupId,group );
- }
- else {
- if(rangerBizUtil.checkAdminAccess()) {
- createGroupForPolicy(group, xPolicy);
- }else {
+ PolicyPrincipalAssociator associator = new
PolicyPrincipalAssociator(PRINCIPAL_TYPE.GROUP, group, xPolicy);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Group name: " + group + "
specified in policy does not exist in ranger admin.");
+ }
+ } else {
+ if (isAdmin) {
+
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
+ } else {
VXResponse gjResponse = new
VXResponse();
gjResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
- gjResponse.setMsgDesc("Operation
denied. Group name: "+group + " specified in policy does not exist in ranger
admin.");
+ gjResponse.setMsgDesc("Operation
denied. Group name: " + group + " specified in policy does not exist in ranger
admin.");
throw
restErrorUtil.generateRESTException(gjResponse);
}
}
@@ -228,24 +220,21 @@ public class PolicyRefUpdater {
if (StringUtils.isBlank(user)) {
continue;
}
-
- XXUser xUser = daoMgr.getXXUser().findByUserName(user);
- Long userId = null;
- if(xUser != null){
- userId = xUser.getId();
- userPolicyAssociation(xPolicy,userId, user );
- }
- else {
- if(rangerBizUtil.checkAdminAccess()) {
- createUserForPolicy(user,xPolicy);
- }else {
+ PolicyPrincipalAssociator associator = new
PolicyPrincipalAssociator(PRINCIPAL_TYPE.USER, user, xPolicy);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("User name: " + user + "
specified in policy does not exist in ranger admin.");
+ }
+ } else {
+ if (isAdmin) {
+
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
+ } else {
VXResponse gjResponse = new
VXResponse();
gjResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
- gjResponse.setMsgDesc("Operation
denied. User name: "+user + " specified in policy does not exist in ranger
admin.");
+ gjResponse.setMsgDesc("Operation
denied. User name: " + user + " specified in policy does not exist in ranger
admin.");
throw
restErrorUtil.generateRESTException(gjResponse);
}
}
-
}
List<XXPolicyRefAccessType> xPolAccesses = new ArrayList<>();
@@ -303,51 +292,204 @@ public class PolicyRefUpdater {
daoMgr.getXXPolicyRefDataMaskType().batchCreate(xxDataMaskInfos);
}
- private void createUserForPolicy(String user, XXPolicy xPolicy) {
- LOG.warn("User specified in policy does not exist in ranger
admin, creating new user, User = " + user);
- final PolicyUserCreateContext policyUserCreateContext = new
PolicyUserCreateContext(user, xPolicy);
- Runnable createAndAssociateUser = new Runnable () {
- @Override
- public void run() {
-
doCreateAndAssociatePolicyUser(policyUserCreateContext);
+ private class PolicyPrincipalAssociator implements Runnable {
+ final PRINCIPAL_TYPE type;
+ final String name;
+ final XXPolicy xPolicy;
+
+ public PolicyPrincipalAssociator(PRINCIPAL_TYPE type, String
name, XXPolicy xPolicy) {
+ this.type = type;
+ this.name = name;
+ this.xPolicy = xPolicy;
+ }
+
+ @Override
+ public void run() {
+ if (doAssociate(true)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Associated " + type.name() +
":" + name + " with policy id:[" + xPolicy.getId() + "]");
+ }
+ } else {
+ throw new RuntimeException("Failed to associate
" + type.name() + ":" + name + " with policy id:[" + xPolicy.getId() + "]");
}
- };
-
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(createAndAssociateUser);
- }
+ }
- private void createGroupForPolicy(String group, XXPolicy xPolicy) {
- LOG.warn("Group specified in policy does not exist in ranger
admin, creating new group, Group = " + group);
- VXGroup vxGroup = new VXGroup();
- vxGroup.setName(group);
- vxGroup.setDescription(group);
- vxGroup.setGroupSource(RangerCommonEnums.GROUP_EXTERNAL);
- final PolicyGroupCreateContext policyGroupCreateContext = new
PolicyGroupCreateContext(vxGroup, xPolicy);
- Runnable createAndAssociatePolicyGroup = new Runnable() {
- @Override
- public void run() {
-
doCreateAndAssociatePolicyGroup(policyGroupCreateContext);
+ boolean doAssociate(boolean isAdmin) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
PolicyPrincipalAssociator.doAssociate(" + isAdmin + ")");
}
- };
-
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(createAndAssociatePolicyGroup);
+ final boolean ret;
- }
+ Long id = createOrGetPrincipal(isAdmin);
+ if (id != null) {
+ // associate with policy
+ createPolicyAssociation(id, name);
+ ret = true;
+ } else {
+ ret = false;
+ }
- private Long createRoleForPolicy(String role) throws Exception {
- LOG.warn("Role specified in policy does not exist in ranger
admin, creating new role = " + role);
-
- if (rangerBizUtil.checkAdminAccess()) {
- RangerRole rRole = new RangerRole(role, null, null,
null, null);
- RangerRole createdRole = roleStore.createRole(rRole,
false);
- return createdRole.getId();
- } else {
- VXResponse gjResponse = new VXResponse();
-
gjResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
- gjResponse.setMsgDesc(
- "Operation denied. Role name: " + role
+ " specified in policy does not exist in ranger admin.");
- throw restErrorUtil.generateRESTException(gjResponse);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
PolicyPrincipalAssociator.doAssociate(" + isAdmin + ") : " + ret);
+ }
+ return ret;
+ }
+
+ private Long createOrGetPrincipal(final boolean createIfAbsent)
{
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
PolicyPrincipalAssociator.createOrGetPrincipal(" + createIfAbsent + ")");
+ }
+
+ Long ret = null;
+
+ switch (type) {
+ case USER: {
+ XXUser xUser =
daoMgr.getXXUser().findByUserName(name);
+ if (xUser != null) {
+ ret = xUser.getId();
+ } else {
+ if (createIfAbsent) {
+ ret =
createPrincipal(name);
+ }
+ }
+ }
+ break;
+ case GROUP: {
+ XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(name);
+
+ if (xGroup != null) {
+ ret = xGroup.getId();
+ } else {
+ if (createIfAbsent) {
+ ret =
createPrincipal(name);
+ }
+ }
+ }
+ break;
+ case ROLE: {
+ XXRole xRole =
daoMgr.getXXRole().findByRoleName(name);
+ if (xRole != null) {
+ ret = xRole.getId();
+ } else {
+ if (createIfAbsent) {
+
RangerBizUtil.setBulkMode(false);
+ ret =
createPrincipal(name);
+ }
+ }
+ }
+ break;
+ default:
+ break;
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
PolicyPrincipalAssociator.createOrGetPrincipal(" + createIfAbsent + ") : " +
ret);
+ }
+ return ret;
}
- }
+ private Long createPrincipal(String user) {
+ LOG.warn("User specified in policy does not exist in
ranger admin, creating new user, Type: " + type.name() + ", name = " + user);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
PolicyPrincipalAssociator.createPrincipal(type=" + type.name() +", name=" +
name + ")");
+ }
+
+ Long ret = null;
+
+ switch (type) {
+ case USER: {
+ // Create External user
+ VXUser vXUser =
xUserMgr.createServiceConfigUser(name);
+ if (vXUser != null) {
+ XXUser xUser =
daoMgr.getXXUser().findByUserName(name);
+
+ if (xUser == null) {
+ LOG.error("No User
created!! Irrecoverable error! [" + name + "]");
+ } else {
+ ret = xUser.getId();
+ }
+ } else {
+ LOG.error("serviceConfigUser:["
+ name + "] creation failed");
+ }
+ }
+ break;
+ case GROUP: {
+ // Create group
+ VXGroup vxGroup = new VXGroup();
+ vxGroup.setName(name);
+ vxGroup.setDescription(name);
+
vxGroup.setGroupSource(RangerCommonEnums.GROUP_EXTERNAL);
+ VXGroup vXGroup =
xGroupService.createXGroupWithOutLogin(vxGroup);
+ if (vXGroup != null) {
+ List<XXTrxLog> trxLogList =
xGroupService.getTransactionLog(vXGroup, "create");
+ for (XXTrxLog xTrxLog :
trxLogList) {
+
xTrxLog.setAddedByUserId(xPolicy.getAddedByUserId());
+
xTrxLog.setUpdatedByUserId(xPolicy.getAddedByUserId());
+ }
+
rangerBizUtil.createTrxLog(trxLogList);
+ ret = vXGroup.getId();
+ }
+ }
+ break;
+ case ROLE: {
+ try {
+ RangerRole rRole = new
RangerRole(name, null, null, null, null);
+ RangerRole createdRole =
roleStore.createRole(rRole, false);
+ ret = createdRole.getId();
+ } catch (Exception e) {
+ // Ignore
+ }
+ }
+ break;
+ default:
+ break;
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
PolicyPrincipalAssociator.createPrincipal(type=" + type.name() + ", name=" +
name + ") : " + ret);
+ }
+ return ret;
+ }
+
+ private void createPolicyAssociation(Long id, String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("===>
PolicyPrincipalAssociator.createPolicyAssociation(policyId=" + xPolicy.getId()
+ ", type=" + type.name() + ", name=" + name + ", id=" + id + ")");
+ }
+ switch (type) {
+ case USER: {
+ XXPolicyRefUser xPolUser =
rangerAuditFields.populateAuditFields(new XXPolicyRefUser(), xPolicy);
+
+ xPolUser.setPolicyId(xPolicy.getId());
+ xPolUser.setUserId(id);
+ xPolUser.setUserName(name);
+
daoMgr.getXXPolicyRefUser().create(xPolUser);
+ }
+ break;
+ case GROUP: {
+ XXPolicyRefGroup xPolGroup =
rangerAuditFields.populateAuditFields(new XXPolicyRefGroup(), xPolicy);
+
+ xPolGroup.setPolicyId(xPolicy.getId());
+ xPolGroup.setGroupId(id);
+ xPolGroup.setGroupName(name);
+
daoMgr.getXXPolicyRefGroup().create(xPolGroup);
+ }
+ break;
+ case ROLE: {
+ XXPolicyRefRole xPolRole =
rangerAuditFields.populateAuditFields(new XXPolicyRefRole(), xPolicy);
+
+ xPolRole.setPolicyId(xPolicy.getId());
+ xPolRole.setRoleId(id);
+ xPolRole.setRoleName(name);
+
daoMgr.getXXPolicyRefRole().create(xPolRole);
+ }
+ break;
+ default:
+ break;
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<===
PolicyPrincipalAssociator.createPolicyAssociation(policyId=" + xPolicy.getId()
+ ", type=" + type.name() + ", name=" + name + ", id=" + id + ")");
+ }
+ }
+ }
public Boolean cleanupRefTables(RangerPolicy policy) {
final Long policyId = policy == null ? null : policy.getId();
@@ -397,156 +539,4 @@ public class PolicyRefUpdater {
return ret;
}
- public void groupPolicyAssociation(XXPolicy xPolicy, Long groupId,
String groupName) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.groupPolicyAssociation()");
- }
-
- XXPolicyRefGroup xPolGroup =
rangerAuditFields.populateAuditFields(new XXPolicyRefGroup(), xPolicy);
-
- xPolGroup.setPolicyId(xPolicy.getId());
- xPolGroup.setGroupId(groupId);
- xPolGroup.setGroupName(groupName);
- daoMgr.getXXPolicyRefGroup().create(xPolGroup);
- }
-
- private static final class PolicyGroupCreateContext {
- final VXGroup group;
- final XXPolicy xPolicy;
-
- PolicyGroupCreateContext(VXGroup group, XXPolicy xPolicy) {
- this.group = group;
- this.xPolicy = xPolicy;
- }
-
- @Override
- public String toString() {
- return "{group=" + group + ", xPolicy=" + xPolicy + "}";
- }
- }
-
- void doAssociatePolicyGroup(final PolicyGroupCreateContext context) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.doAssociatePolicyGroup()");
- }
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(context.group.getName());
-
- if (xGroup == null) {
- LOG.error("No Group created!! Irrecoverable error!
PolicyGroupContext:[" + context + "]");
- } else {
- try {
- groupPolicyAssociation(context.xPolicy,
xGroup.getId(), context.group.getName());
- } catch (Exception exception) {
- LOG.error("Failed to associate group and
policy, PolicyGroupContext:[" + context + "]", exception);
- }
- }
- }
-
- void doCreateAndAssociatePolicyGroup(final PolicyGroupCreateContext
context) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.doCreateAndAssociatePolicyGroup()");
- }
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(context.group.getName());
-
- if (xGroup != null) {
- groupPolicyAssociation(context.xPolicy, xGroup.getId(),
context.group.getName());
- } else {
- // Create group
- VXGroup vXGroup =
xGroupService.createXGroupWithOutLogin(context.group);
- if (vXGroup != null) {
- try {
- List<XXTrxLog> trxLogList =
xGroupService.getTransactionLog(vXGroup, "create");
- for (XXTrxLog xTrxLog : trxLogList) {
-
xTrxLog.setAddedByUserId(context.xPolicy.getAddedByUserId());
-
xTrxLog.setUpdatedByUserId(context.xPolicy.getAddedByUserId());
- }
- rangerBizUtil.createTrxLog(trxLogList);
- } catch (Throwable t) {
- // Ignore
- }
- doAssociatePolicyGroup(context);
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Group:[" + context.group +
"] creation failed!");
- throw new RuntimeException("Group:[" +
context.group + "] creation failed!");
- }
- }
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("<===
PolicyRefUpdater.doCreateAndAssociatePolicyGroup()");
- }
- }
-
- private static final class PolicyUserCreateContext {
- final String userName;
- final XXPolicy xPolicy;
-
- PolicyUserCreateContext(String userName, XXPolicy xPolicy) {
- this.userName = userName;
- this.xPolicy = xPolicy;
- }
-
- @Override
- public String toString() {
- return "{userName=" + userName + ", xPolicy=" + xPolicy
+ "}";
- }
- }
-
- public void userPolicyAssociation(XXPolicy xPolicy, Long userId, String
userName) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.userPolicyAssociation()");
- }
-
- XXPolicyRefUser xPolUser =
rangerAuditFields.populateAuditFields(new XXPolicyRefUser(), xPolicy);
-
- xPolUser.setPolicyId(xPolicy.getId());
- xPolUser.setUserId(userId);
- xPolUser.setUserName(userName);
- daoMgr.getXXPolicyRefUser().create(xPolUser);
- if(LOG.isDebugEnabled()) {
- LOG.debug("<===
PolicyRefUpdater.userPolicyAssociation()");
- }
- }
-
- void doAssociatePolicyUser(final PolicyUserCreateContext context) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.doAssociatePolicyUser()");
- }
- XXUser xUser =
daoMgr.getXXUser().findByUserName(context.userName);
-
- if (xUser == null) {
- LOG.error("No User created!! Irrecoverable error!
PolicyUserContext:[" + context + "]");
- } else {
- try {
- userPolicyAssociation(context.xPolicy,
xUser.getId(), context.userName);
- } catch (Exception exception) {
- LOG.error("Failed to associate user and policy,
PolicyUserContext:[" + context + "]", exception);
- }
- }
- }
-
- void doCreateAndAssociatePolicyUser(final PolicyUserCreateContext
context) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("===>
PolicyRefUpdater.doCreateAndAssociatePolicyUser()");
- }
- XXUser xUser =
daoMgr.getXXUser().findByUserName(context.userName);
-
- if (xUser != null) {
- userPolicyAssociation(context.xPolicy, xUser.getId(),
context.userName);
- } else {
- // Create External user
- VXUser vXUser =
xUserMgr.createServiceConfigUser(context.userName);
- if (vXUser != null) {
- doAssociatePolicyUser(context);
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("serviceConfigUser:[" +
context.userName + "] creation failed");
- throw new
RuntimeException("serviceConfigUser:[" + context.userName + "] creation
failed");
- }
- }
- }
- if (LOG.isDebugEnabled()) {
- LOG.debug("<===
PolicyRefUpdater.doCreateAndAssociatePolicyUser()");
- }
- }
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java
b/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java
index 4c50d81..0e5ccd3 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java
@@ -44,15 +44,12 @@ import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.entity.XXUser;
import org.apache.ranger.plugin.model.RangerRole;
import org.apache.ranger.service.RangerAuditFields;
-import org.apache.ranger.service.RangerTransactionService;
import org.apache.ranger.service.XGroupService;
-import org.apache.ranger.service.XUserService;
import org.apache.ranger.view.VXGroup;
import org.apache.ranger.view.VXUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-
@Component
public class RoleRefUpdater {
private static final Log LOG = LogFactory.getLog(RoleRefUpdater.class);
@@ -70,21 +67,15 @@ public class RoleRefUpdater {
XUserMgr xUserMgr;
@Autowired
- XUserService xUserService;
-
- @Autowired
XGroupService xGroupService;
@Autowired
RangerTransactionSynchronizationAdapter
rangerTransactionSynchronizationAdapter;
@Autowired
- RangerTransactionService transactionService;
-
- @Autowired
RangerBizUtil xaBizUtil;
- public void createNewRoleMappingForRefTable(RangerRole rangerRole,
Boolean createNonExistUserGroup) throws Exception {
+ public void createNewRoleMappingForRefTable(RangerRole rangerRole,
Boolean createNonExistUserGroup) {
if (rangerRole == null) {
return;
}
@@ -106,39 +97,26 @@ public class RoleRefUpdater {
roleRoles.add(role.getName());
}
+ final boolean isCreateNonExistentUGs = createNonExistUserGroup
&& xaBizUtil.checkAdminAccess();
+
if (CollectionUtils.isNotEmpty(roleUsers)) {
for (String roleUser : roleUsers) {
if (StringUtils.isBlank(roleUser)) {
continue;
}
- Long userId = null;
- XXUser xUser =
daoMgr.getXXUser().findByUserName(roleUser);
-
- if (xUser == null) {
- if (createNonExistUserGroup &&
xaBizUtil.checkAdminAccess()) {
- LOG.warn("User specified in
role does not exist in ranger admin, creating new user, User = "
- + roleUser);
-
- final RoleUserCreateContext
roleUserCreateContext = new RoleUserCreateContext(roleUser, roleId);
- Runnable createAndAssociateUser
= new Runnable() {
- @Override
- public void run() {
-
doCreateAndAssociateRoleUser(roleUserCreateContext);
- }
- };
-
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(createAndAssociateUser);
+ RolePrincipalAssociator associator = new
RolePrincipalAssociator(PolicyRefUpdater.PRINCIPAL_TYPE.USER, roleUser, roleId);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("User name: " +
roleUser + " specified in role does not exist in ranger admin.");
+ }
+ } else {
+ if (isCreateNonExistentUGs) {
+
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
} else {
- throw
restErrorUtil.createRESTException("user with name: " + roleUser + " does not
exist ",
-
MessageEnums.INVALID_INPUT_DATA);
+ throw
restErrorUtil.createRESTException("user with name: " + roleUser + " does not
exist ", MessageEnums.INVALID_INPUT_DATA);
}
- }else {
- userId = xUser.getId();
- }
-
- if(null != userId) {
-
userRoleAssociation(roleId,userId,roleUser);
}
}
}
@@ -149,38 +127,18 @@ public class RoleRefUpdater {
if (StringUtils.isBlank(roleGroup)) {
continue;
}
- Long groupId = null;
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(roleGroup);
-
- if (xGroup == null) {
- if (createNonExistUserGroup &&
xaBizUtil.checkAdminAccess()) {
- LOG.warn("Group specified in
role does not exist in ranger admin, creating new group, Group = "
- + roleGroup);
- VXGroup vxGroupNew = new
VXGroup();
- vxGroupNew.setName(roleGroup);
-
vxGroupNew.setDescription(roleGroup);
-
vxGroupNew.setGroupSource(RangerCommonEnums.GROUP_EXTERNAL);
-
- final RoleGroupCreateContext
roleGroupCreateContext = new RoleGroupCreateContext(vxGroupNew, roleId);
-
- Runnable
createAndAssociateRoleGroup = new Runnable() {
- @Override
- public void run() {
-
doCreateAndAssociateRoleGroup(roleGroupCreateContext);
- }
- };
-
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(createAndAssociateRoleGroup);
+ RolePrincipalAssociator associator = new
RolePrincipalAssociator(PolicyRefUpdater.PRINCIPAL_TYPE.GROUP, roleGroup,
roleId);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Group name: " +
roleGroup + " specified in role does not exist in ranger admin.");
+ }
+ } else {
+ if (isCreateNonExistentUGs) {
+
rangerTransactionSynchronizationAdapter.executeOnTransactionCommit(associator);
} else {
- throw
restErrorUtil.createRESTException("group with name: " + roleGroup + " does not
exist ",
-
MessageEnums.INVALID_INPUT_DATA);
+ throw
restErrorUtil.createRESTException("Group with name: " + roleGroup + " does not
exist ", MessageEnums.INVALID_INPUT_DATA);
}
- }else {
- groupId = xGroup.getId();
- }
-
- if(null != groupId) {
- groupRoleAssociation(roleId, groupId,
roleGroup);
}
}
}
@@ -192,20 +150,15 @@ public class RoleRefUpdater {
continue;
}
- XXRole xRole =
daoMgr.getXXRole().findByRoleName(roleRole);
+ RolePrincipalAssociator associator = new
RolePrincipalAssociator(PolicyRefUpdater.PRINCIPAL_TYPE.ROLE, roleRole, roleId);
- if (xRole == null) {
- throw
restErrorUtil.createRESTException("Role with name: " + roleRole + " does not
exist ",
-
MessageEnums.INVALID_INPUT_DATA);
+ if (associator.doAssociate(false)) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Group name: " +
roleRole + " specified in role does not exist in ranger admin.");
+ }
+ } else {
+ throw
restErrorUtil.createRESTException("Role with name: " + roleRole + " does not
exist ", MessageEnums.INVALID_INPUT_DATA);
}
-
- XXRoleRefRole xRoleRefRole =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefRole());
-
- xRoleRefRole.setRoleId(roleId);
- xRoleRefRole.setSubRoleId(xRole.getId());
- xRoleRefRole.setSubRoleName(roleRole);
- xRoleRefRole.setSubRoleType(0);
- daoMgr.getXXRoleRefRole().create(xRoleRefRole);
}
}
@@ -236,157 +189,191 @@ public class RoleRefUpdater {
return true;
}
- public void groupRoleAssociation(Long roleId, Long groupId, String
groupName) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===> groupRoleAssociation()");
- }
-
- XXRoleRefGroup xRoleRefGroup =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefGroup());
- xRoleRefGroup.setRoleId(roleId);
- xRoleRefGroup.setGroupId(groupId);
- xRoleRefGroup.setGroupName(groupName);
- xRoleRefGroup.setGroupType(0);
- daoMgr.getXXRoleRefGroup().create(xRoleRefGroup);
- }
-
- private static final class RoleGroupCreateContext {
- final VXGroup group;
- final Long roleId;
+ private class RolePrincipalAssociator implements Runnable {
+ final PolicyRefUpdater.PRINCIPAL_TYPE type;
+ final String name;
+ final Long roleId;
- RoleGroupCreateContext(VXGroup group, Long roleId) {
- this.group = group;
- this.roleId = roleId;
+ public RolePrincipalAssociator(PolicyRefUpdater.PRINCIPAL_TYPE
type, String name, Long roleId) {
+ this.type = type;
+ this.name = name;
+ this.roleId = roleId;
}
@Override
- public String toString() {
- return "{group=" + group + ", roleId=" + roleId + "}";
- }
- }
-
- void doCreateAndAssociateRoleGroup(final RoleGroupCreateContext
context) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("===> doCreateAndAssociateRoleGroup()");
- }
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(context.group.getName());
-
- if (xGroup != null) {
- groupRoleAssociation(context.roleId, xGroup.getId(),
context.group.getName());
- } else {
- // Create group
- VXGroup vXGroup =
xGroupService.createXGroupWithOutLogin(context.group);
- if (null != vXGroup) {
- try {
- List<XXTrxLog> trxLogList =
xGroupService.getTransactionLog(vXGroup, "create");
- xaBizUtil.createTrxLog(trxLogList);
- } catch (Throwable t) {
- // Ignore
- }
- doAssociateRoleGroup(context);
- } else {
+ public void run() {
+ if (doAssociate(true)) {
if (LOG.isDebugEnabled()) {
- LOG.debug("Group:[" + context.group +
"] creation failed!");
- throw new RuntimeException("Group:[" +
context.group + "] creation failed!");
+ LOG.debug("Associated " + type.name() +
":" + name + " with role id:[" + roleId + "]");
}
+ } else {
+ throw new RuntimeException("Failed to associate
" + type.name() + ":" + name + " with role id:[" + roleId + "]");
}
}
- if (LOG.isDebugEnabled()) {
- LOG.debug("<=== doCreateAndAssociateRoleGroup()");
- }
- }
- void doAssociateRoleGroup(final RoleGroupCreateContext context) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===> doAssociateRoleGroup()");
- }
- XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(context.group.getName());
-
- if (xGroup == null) {
- LOG.error("No Group created!! Irrecoverable error!
RoleGroupContext:[" + context + "]");
- } else {
- try {
- groupRoleAssociation(context.roleId,
xGroup.getId(), context.group.getName());
- } catch (Exception exception) {
- LOG.error("Failed to associate group and role,
RoleGroupContext:[" + context + "]", exception);
+ boolean doAssociate(boolean isAdmin) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
RolePrincipalAssociator.doAssociate(" + isAdmin + ")");
}
- }
- if(LOG.isDebugEnabled()) {
- LOG.debug("<=== doAssociateRoleGroup()");
- }
- }
+ final boolean ret;
- private static final class RoleUserCreateContext {
- final String userName;
- final Long roleId;
+ Long id = createOrGetPrincipal(isAdmin);
+ if (id != null) {
+ // associate with role
+ createRoleAssociation(id, name);
+ ret = true;
+ } else {
+ ret = false;
+ }
- RoleUserCreateContext(String userName, Long roleId) {
- this.userName = userName;
- this.roleId = roleId;
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
RolePrincipalAssociator.doAssociate(" + isAdmin + ") : " + ret);
+ }
+ return ret;
}
- @Override
- public String toString() {
- return "{userName=" + userName + ", roleId=" + roleId +
"}";
- }
- }
+ private Long createOrGetPrincipal(final boolean createIfAbsent)
{
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
RolePrincipalAssociator.createOrGetPrincipal(" + createIfAbsent + ")");
+ }
- public void userRoleAssociation(Long roleId, Long userId, String
userName) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===> userRoleAssociation()");
- }
- XXRoleRefUser xRoleRefUser =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefUser());
- xRoleRefUser.setRoleId(roleId);
- xRoleRefUser.setUserId(userId);
- xRoleRefUser.setUserName(userName);
- xRoleRefUser.setUserType(0);
- daoMgr.getXXRoleRefUser().create(xRoleRefUser);
- if(LOG.isDebugEnabled()) {
- LOG.debug("<=== userRoleAssociation()");
- }
- }
+ Long ret = null;
- void doCreateAndAssociateRoleUser(final RoleUserCreateContext context) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("===> doCreateAndAssociateRoleUser()");
- }
- XXUser xUser =
daoMgr.getXXUser().findByUserName(context.userName);
-
- if (xUser != null) {
- userRoleAssociation(context.roleId, xUser.getId(),
context.userName);
- } else {
- // Create External user
- VXUser vXUser =
xUserMgr.createServiceConfigUser(context.userName);
- if (vXUser != null) {
- doAssociateRoleUser(context);
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("ServiceConfigUser:[" +
context.userName + "] creation failed!");
+ switch (type) {
+ case USER: {
+ XXUser xUser =
daoMgr.getXXUser().findByUserName(name);
+ if (xUser != null) {
+ ret = xUser.getId();
+ } else {
+ if (createIfAbsent) {
+ ret =
createPrincipal(name);
+ }
+ }
}
- throw new
RuntimeException("ServiceConfigUser:[" + context.userName + "] creation
failed!");
+ break;
+ case GROUP: {
+ XXGroup xGroup =
daoMgr.getXXGroup().findByGroupName(name);
+
+ if (xGroup != null) {
+ ret = xGroup.getId();
+ } else {
+ if (createIfAbsent) {
+ ret =
createPrincipal(name);
+ }
+ }
+ }
+ break;
+ case ROLE: {
+ XXRole xRole =
daoMgr.getXXRole().findByRoleName(name);
+ if (xRole != null) {
+ ret = xRole.getId();
+ } else {
+ if (createIfAbsent) {
+
RangerBizUtil.setBulkMode(false);
+ ret =
createPrincipal(name);
+ }
+ }
+ }
+ break;
+ default:
+ break;
}
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
RolePrincipalAssociator.createOrGetPrincipal(" + createIfAbsent + ") : " + ret);
+ }
+ return ret;
}
- if (LOG.isDebugEnabled()) {
- LOG.debug("<=== doCreateAndAssociateRoleUser()");
- }
- }
- void doAssociateRoleUser(final RoleUserCreateContext context) {
- if(LOG.isDebugEnabled()) {
- LOG.debug("===> doAssociateRoleUser()");
- }
- XXUser xUser =
daoMgr.getXXUser().findByUserName(context.userName);
-
- if (xUser == null) {
- LOG.error("No User created!! Irrecoverable error!
RoleUserContext:[" + context + "]");
- } else {
- try {
- userRoleAssociation(context.roleId,
xUser.getId(), context.userName);
- } catch (Exception exception) {
- LOG.error("Failed to associate user and role,
RoleUserContext:[" + context + "]", exception);
+ private Long createPrincipal(String user) {
+ LOG.warn("User specified in role does not exist in
ranger admin, creating new user, Type: " + type.name() + ", name = " + user);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("===>
RolePrincipalAssociator.createPrincipal(type=" + type.name() +", name=" + name
+ ")");
}
+
+ Long ret = null;
+
+ switch (type) {
+ case USER: {
+ // Create External user
+ VXUser vXUser =
xUserMgr.createServiceConfigUser(name);
+ if (vXUser != null) {
+ XXUser xUser =
daoMgr.getXXUser().findByUserName(name);
+
+ if (xUser == null) {
+ LOG.error("No User
created!! Irrecoverable error! [" + name + "]");
+ } else {
+ ret = xUser.getId();
+ }
+ } else {
+ LOG.error("serviceConfigUser:["
+ name + "] creation failed");
+ }
+ }
+ break;
+ case GROUP: {
+ // Create group
+ VXGroup vxGroup = new VXGroup();
+ vxGroup.setName(name);
+ vxGroup.setDescription(name);
+
vxGroup.setGroupSource(RangerCommonEnums.GROUP_EXTERNAL);
+ VXGroup vXGroup =
xGroupService.createXGroupWithOutLogin(vxGroup);
+ if (vXGroup != null) {
+ List<XXTrxLog> trxLogList =
xGroupService.getTransactionLog(vXGroup, "create");
+
xaBizUtil.createTrxLog(trxLogList);
+ ret = vXGroup.getId();
+ }
+ }
+ break;
+ default:
+ break;
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("<===
RolePrincipalAssociator.createPrincipal(type=" + type.name() + ", name=" + name
+ ") : " + ret);
+ }
+ return ret;
}
- if(LOG.isDebugEnabled()) {
- LOG.debug("<=== doAssociateRoleUser()");
+
+ private void createRoleAssociation(Long id, String name) {
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("===>
RolePrincipalAssociator.createRoleAssociation(roleId=" + roleId + ", type=" +
type.name() + ", name=" + name + ", id=" + id + ")");
+ }
+ switch (type) {
+ case USER: {
+ XXRoleRefUser xRoleRefUser =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefUser());
+
+ xRoleRefUser.setRoleId(roleId);
+ xRoleRefUser.setUserId(id);
+ xRoleRefUser.setUserName(name);
+ xRoleRefUser.setUserType(0);
+
daoMgr.getXXRoleRefUser().create(xRoleRefUser);
+ }
+ break;
+ case GROUP: {
+ XXRoleRefGroup xRoleRefGroup =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefGroup());
+
+ xRoleRefGroup.setRoleId(roleId);
+ xRoleRefGroup.setGroupId(id);
+ xRoleRefGroup.setGroupName(name);
+ xRoleRefGroup.setGroupType(0);
+
daoMgr.getXXRoleRefGroup().create(xRoleRefGroup);
+ }
+ break;
+ case ROLE: {
+ XXRoleRefRole xRoleRefRole =
rangerAuditFields.populateAuditFieldsForCreate(new XXRoleRefRole());
+
+ xRoleRefRole.setRoleId(roleId);
+ xRoleRefRole.setSubRoleId(id);
+ xRoleRefRole.setSubRoleName(name);
+ xRoleRefRole.setSubRoleType(0);
+
daoMgr.getXXRoleRefRole().create(xRoleRefRole);
+ }
+ break;
+ default:
+ break;
+ }
+ if(LOG.isDebugEnabled()) {
+ LOG.debug("<===
RolePrincipalAssociator.createRoleAssociation(roleId=" + roleId + ", type=" +
type.name() + ", name=" + name + ", id=" + id + ")");
+ }
}
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/service/RangerPluginActivityLogger.java
b/security-admin/src/main/java/org/apache/ranger/service/RangerPluginActivityLogger.java
index 702df4c..2cc9b91 100644
---
a/security-admin/src/main/java/org/apache/ranger/service/RangerPluginActivityLogger.java
+++
b/security-admin/src/main/java/org/apache/ranger/service/RangerPluginActivityLogger.java
@@ -30,8 +30,6 @@ import javax.annotation.PostConstruct;
@Component
public class RangerPluginActivityLogger {
- @Autowired
- RangerTransactionService transactionService;
@Autowired
RangerTransactionSynchronizationAdapter transactionSynchronizationAdapter;
@@ -52,18 +50,7 @@ public class RangerPluginActivityLogger {
}
public void commitAfterTransactionComplete(Runnable commitWork) {
- if (pluginActivityAuditCommitInline) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Using TransactionManager for committing work
[pluginActivityAuditCommitInline:" + pluginActivityAuditCommitInline + "]");
- }
-
transactionSynchronizationAdapter.executeOnTransactionCompletion(commitWork);
- } else {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Using separate thread for committing work
[pluginActivityAuditCommitInline:" + pluginActivityAuditCommitInline + "]");
- }
- final long delayInMillis = 1000L;
- transactionService.scheduleToExecuteInOwnTransaction(commitWork,
delayInMillis);
- }
+
transactionSynchronizationAdapter.executeOnTransactionCompletion(commitWork);
}
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/service/TestRangerPluginActivityLogger.java
b/security-admin/src/test/java/org/apache/ranger/service/TestRangerPluginActivityLogger.java
index e501cc3..26d6389 100644
---
a/security-admin/src/test/java/org/apache/ranger/service/TestRangerPluginActivityLogger.java
+++
b/security-admin/src/test/java/org/apache/ranger/service/TestRangerPluginActivityLogger.java
@@ -21,7 +21,6 @@ import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.MethodSorters;
-import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;
@@ -29,7 +28,7 @@ import org.mockito.junit.MockitoJUnitRunner;
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class TestRangerPluginActivityLogger {
- @InjectMocks
+ @Mock
RangerPluginActivityLogger rangerPluginActivityLogger;
@Mock