This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 6b5628fbd RANGER-4114: updated plugin to use consistent
property-prefix across all references
6b5628fbd is described below
commit 6b5628fbd76d4c2c407a54d4e98b937eec21df1c
Author: Madhan Neethiraj <[email protected]>
AuthorDate: Fri Feb 10 22:42:18 2023 -0800
RANGER-4114: updated plugin to use consistent property-prefix across all
references
---
.../RangerAbstractContextEnricher.java | 6 ++++++
.../plugin/contextenricher/RangerTagEnricher.java | 4 ++--
.../contextenricher/RangerUserStoreEnricher.java | 4 ++--
.../ranger/plugin/util/RangerRolesProvider.java | 5 +++--
.../ranger/plugin/policyengine/TestPolicyEngine.java | 19 ++++++++++---------
.../policyengine/TestPolicyEngineForDeltas.java | 19 ++++++++++---------
6 files changed, 33 insertions(+), 24 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAbstractContextEnricher.java
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAbstractContextEnricher.java
index f65a0cf88..8714a9625 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAbstractContextEnricher.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerAbstractContextEnricher.java
@@ -204,6 +204,12 @@ public abstract class RangerAbstractContextEnricher
implements RangerContextEnri
}
}
+ public String getPropertyPrefix() {
+ RangerPluginConfig pluginConfig = getPluginConfig();
+
+ return pluginConfig != null ? pluginConfig.getPropertyPrefix()
: "ranger.plugin." + serviceDef.getName();
+ }
+
public String getConfig(String configName, String defaultValue) {
RangerPluginContext pluginContext = this.pluginContext;
String ret = defaultValue;
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
index 8f2ecaa1d..efb885a74 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerTagEnricher.java
@@ -104,7 +104,7 @@ public class RangerTagEnricher extends
RangerAbstractContextEnricher {
super.init();
- String propertyPrefix = "ranger.plugin." +
serviceDef.getName();
+ String propertyPrefix = getPropertyPrefix();
String tagRetrieverClassName =
getOption(TAG_RETRIEVER_CLASSNAME_OPTION);
long pollingIntervalMs =
getLongOption(TAG_REFRESHER_POLLINGINTERVAL_OPTION, 60 * 1000);
@@ -405,7 +405,7 @@ public class RangerTagEnricher extends
RangerAbstractContextEnricher {
}
protected RangerReadWriteLock createLock() {
- String propertyPrefix = "ranger.plugin." +
serviceDef.getName();
+ String propertyPrefix = getPropertyPrefix();
RangerPluginConfig config = getPluginConfig();
boolean deltasEnabled = config != null &&
config.getBoolean(propertyPrefix +
RangerCommonConstants.PLUGIN_CONFIG_SUFFIX_TAG_DELTA,
RangerCommonConstants.PLUGIN_CONFIG_SUFFIX_TAG_DELTA_DEFAULT);
boolean inPlaceUpdatesEnabled = config != null &&
config.getBoolean(propertyPrefix +
RangerCommonConstants.PLUGIN_CONFIG_SUFFIX_IN_PLACE_TAG_UPDATES,
RangerCommonConstants.PLUGIN_CONFIG_SUFFIX_IN_PLACE_TAG_UPDATES_DEFAULT);
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
index a895e956a..16f8afb2c 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/contextenricher/RangerUserStoreEnricher.java
@@ -57,10 +57,11 @@ public class RangerUserStoreEnricher extends
RangerAbstractContextEnricher {
super.init();
+ String propertyPrefix = getPropertyPrefix();
String userStoreRetrieverClassName =
getOption(USERSTORE_RETRIEVER_CLASSNAME_OPTION);
long pollingIntervalMs =
getLongOption(USERSTORE_REFRESHER_POLLINGINTERVAL_OPTION, 3600 * 1000);
- dedupStrings = getBooleanConfig("ranger.plugin." +
serviceDef.getName() + ".dedup.strings", true);
+ dedupStrings = getBooleanConfig(propertyPrefix + ".dedup.strings",
true);
if (StringUtils.isNotBlank(userStoreRetrieverClassName)) {
@@ -81,7 +82,6 @@ public class RangerUserStoreEnricher extends
RangerAbstractContextEnricher {
}
if (userStoreRetriever != null) {
- String propertyPrefix = "ranger.plugin." +
serviceDef.getName();
disableCacheIfServiceNotFound =
getBooleanConfig(propertyPrefix + ".disable.cache.if.servicenotfound", true);
String cacheDir = getConfig(propertyPrefix +
".policy.cache.dir", null);
String cacheFilename = String.format("%s_%s_userstore.json",
appId, serviceName);
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesProvider.java
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesProvider.java
index ef50b540e..7f6b4acb9 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesProvider.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesProvider.java
@@ -24,6 +24,7 @@ import com.google.gson.GsonBuilder;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.ranger.admin.client.RangerAdminClient;
+import org.apache.ranger.authorization.hadoop.config.RangerPluginConfig;
import org.apache.ranger.plugin.service.RangerBasePlugin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -57,7 +58,7 @@ public class RangerRolesProvider {
private boolean rangerUserGroupRolesSetInPlugin;
private boolean serviceDefSetInPlugin;
- public RangerRolesProvider(String serviceType, String appId, String
serviceName, RangerAdminClient rangerAdmin, String cacheDir, Configuration
config) {
+ public RangerRolesProvider(String serviceType, String appId, String
serviceName, RangerAdminClient rangerAdmin, String cacheDir, RangerPluginConfig
config) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerRolesProvider(serviceName=" +
serviceName + ").RangerRolesProvider()");
}
@@ -87,7 +88,7 @@ public class RangerRolesProvider {
}
this.gson = gson;
- String propertyPrefix = "ranger.plugin." + serviceType;
+ String propertyPrefix = config.getPropertyPrefix();
disableCacheIfServiceNotFound =
config.getBoolean(propertyPrefix + ".disable.cache.if.servicenotfound", true);
if (LOG.isDebugEnabled()) {
diff --git
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
index 5ebc4cfea..b2a5151e5 100644
---
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
+++
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
@@ -521,8 +521,9 @@ public class TestPolicyEngine {
servicePolicies.setTagPolicies(tagPolicies);
}
- boolean useForwardedIPAddress =
pluginContext.getConfig().getBoolean("ranger.plugin.hive.use.x-forwarded-for.ipaddress",
false);
- String trustedProxyAddressString =
pluginContext.getConfig().get("ranger.plugin.hive.trusted.proxy.ipaddresses");
+ RangerPluginConfig config = pluginContext.getConfig();
+ boolean useForwardedIPAddress =
config.getBoolean(config.getPropertyPrefix() +
".use.x-forwarded-for.ipaddress", false);
+ String trustedProxyAddressString =
config.get(config.getPropertyPrefix() + ".trusted.proxy.ipaddresses");
String[] trustedProxyAddresses =
StringUtils.split(trustedProxyAddressString, ';');
if (trustedProxyAddresses != null) {
for (int i = 0; i < trustedProxyAddresses.length; i++) {
@@ -579,18 +580,18 @@ public class TestPolicyEngine {
roles.setRangerRoles(rolesSet);
- RangerPolicyEngineOptions policyEngineOptions =
pluginContext.getConfig().getPolicyEngineOptions();
+ RangerPolicyEngineOptions policyEngineOptions =
config.getPolicyEngineOptions();
policyEngineOptions.disableAccessEvaluationWithPolicyACLSummary = true;
- setPluginConfig(pluginContext.getConfig(), ".super.users",
testCase.superUsers);
- setPluginConfig(pluginContext.getConfig(), ".super.groups",
testCase.superGroups);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.users",
testCase.auditExcludedUsers);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.groups",
testCase.auditExcludedGroups);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.roles",
testCase.auditExcludedRoles);
+ setPluginConfig(config, ".super.users", testCase.superUsers);
+ setPluginConfig(config, ".super.groups", testCase.superGroups);
+ setPluginConfig(config, ".audit.exclude.users",
testCase.auditExcludedUsers);
+ setPluginConfig(config, ".audit.exclude.groups",
testCase.auditExcludedGroups);
+ setPluginConfig(config, ".audit.exclude.roles",
testCase.auditExcludedRoles);
// so that setSuperUsersAndGroups(),
setAuditExcludedUsersGroupsRoles() will be called on the pluginConfig
- new RangerBasePlugin(pluginContext.getConfig());
+ new RangerBasePlugin(config);
RangerPolicyEngineImpl policyEngine = new
RangerPolicyEngineImpl(servicePolicies, pluginContext, roles);
diff --git
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
index 4e1844bc6..3e5086cdf 100644
---
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
+++
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
@@ -214,8 +214,9 @@ public class TestPolicyEngineForDeltas {
servicePolicies.setTagPolicies(tagPolicies);
}
- boolean useForwardedIPAddress =
pluginContext.getConfig().getBoolean("ranger.plugin.hive.use.x-forwarded-for.ipaddress",
false);
- String trustedProxyAddressString =
pluginContext.getConfig().get("ranger.plugin.hive.trusted.proxy.ipaddresses");
+ RangerPluginConfig config = pluginContext.getConfig();
+ boolean useForwardedIPAddress =
config.getBoolean(config.getPropertyPrefix() +
".use.x-forwarded-for.ipaddress", false);
+ String trustedProxyAddressString =
config.get(config.getPropertyPrefix() + ".trusted.proxy.ipaddresses");
String[] trustedProxyAddresses =
StringUtils.split(trustedProxyAddressString, ';');
if (trustedProxyAddresses != null) {
for (int i = 0; i < trustedProxyAddresses.length; i++) {
@@ -272,18 +273,18 @@ public class TestPolicyEngineForDeltas {
roles.setRangerRoles(rolesSet);
- RangerPolicyEngineOptions policyEngineOptions =
pluginContext.getConfig().getPolicyEngineOptions();
+ RangerPolicyEngineOptions policyEngineOptions =
config.getPolicyEngineOptions();
policyEngineOptions.disableAccessEvaluationWithPolicyACLSummary = true;
- setPluginConfig(pluginContext.getConfig(), ".super.users",
testCase.superUsers);
- setPluginConfig(pluginContext.getConfig(), ".super.groups",
testCase.superGroups);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.users",
testCase.auditExcludedUsers);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.groups",
testCase.auditExcludedGroups);
- setPluginConfig(pluginContext.getConfig(), ".audit.exclude.roles",
testCase.auditExcludedRoles);
+ setPluginConfig(config, ".super.users", testCase.superUsers);
+ setPluginConfig(config, ".super.groups", testCase.superGroups);
+ setPluginConfig(config, ".audit.exclude.users",
testCase.auditExcludedUsers);
+ setPluginConfig(config, ".audit.exclude.groups",
testCase.auditExcludedGroups);
+ setPluginConfig(config, ".audit.exclude.roles",
testCase.auditExcludedRoles);
// so that setSuperUsersAndGroups(),
setAuditExcludedUsersGroupsRoles() will be called on the pluginConfig
- new RangerBasePlugin(pluginContext.getConfig());
+ new RangerBasePlugin(config);
RangerPolicyEngineImpl policyEngine = new
RangerPolicyEngineImpl(servicePolicies, pluginContext, roles);
