This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 6d5cce6b29fe38592986d6375810a9a727dc48f3 Author: Madhan Neethiraj <[email protected]> AuthorDate: Tue Aug 1 17:32:37 2023 -0700 RANGER-3923: removed RangerSharedResource.resourceSignature --- .../java/org/apache/ranger/biz/GdsDBStore.java | 6 ---- .../service/RangerGdsSharedResourceService.java | 2 -- .../ranger/validation/RangerGdsValidator.java | 35 +++++----------------- 3 files changed, 7 insertions(+), 36 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java index 817bc3d38..1991a3dca 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java @@ -37,7 +37,6 @@ import org.apache.ranger.plugin.model.RangerGds.RangerDataset; import org.apache.ranger.plugin.model.RangerGds.RangerDatasetInProject; import org.apache.ranger.plugin.model.RangerGds.RangerProject; import org.apache.ranger.plugin.model.RangerGds.RangerSharedResource; -import org.apache.ranger.plugin.model.RangerPolicyResourceSignature; import org.apache.ranger.plugin.store.AbstractGdsStore; import org.apache.ranger.plugin.store.PList; import org.apache.ranger.plugin.util.SearchFilter; @@ -508,9 +507,6 @@ public class GdsDBStore extends AbstractGdsStore { validator.validateCreate(resource); - // TODO: enforce RangerSharedResource.acl - resource.setResourceSignature(RangerPolicyResourceSignature.toSignatureString(resource.getResource())); - if (StringUtils.isBlank(resource.getGuid())) { resource.setGuid(guidUtil.genGUID()); } @@ -538,8 +534,6 @@ public class GdsDBStore extends AbstractGdsStore { validator.validateUpdate(resource, existing); - resource.setResourceSignature(RangerPolicyResourceSignature.toSignatureString(resource.getResource())); - RangerSharedResource ret = sharedResourceService.update(resource); sharedResourceService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java index 23cd355cc..d22274c76 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java @@ -193,7 +193,6 @@ public class RangerGdsSharedResourceService extends RangerGdsBaseModelService<XX xObj.setDataShareId(vObj.getDataShareId()); xObj.setResource(JsonUtils.mapToJson(vObj.getResource())); xObj.setSubResourceNames(JsonUtils.listToJson(vObj.getSubResourceNames())); - xObj.setResourceSignature(vObj.getResourceSignature()); xObj.setConditionExpr(vObj.getConditionExpr()); xObj.setAccessTypes(JsonUtils.objectToJson(vObj.getAccessTypes())); xObj.setRowFilter(JsonUtils.objectToJson(vObj.getRowFilter())); @@ -215,7 +214,6 @@ public class RangerGdsSharedResourceService extends RangerGdsBaseModelService<XX vObj.setDataShareId(xObj.getDataShareId()); vObj.setResource(JsonUtils.jsonToMapPolicyResource(xObj.getResource())); vObj.setSubResourceNames(JsonUtils.jsonToListString(xObj.getSubResourceNames())); - vObj.setResourceSignature(xObj.getResourceSignature()); vObj.setConditionExpr(xObj.getConditionExpr()); vObj.setAccessTypes(JsonUtils.jsonToSetString(xObj.getAccessTypes())); vObj.setRowFilter(JsonUtils.jsonToObject(xObj.getRowFilter(), RangerPolicy.RangerPolicyItemRowFilterInfo.class)); diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java index 55da4a238..88fc64c98 100644 --- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java +++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java @@ -32,7 +32,6 @@ import org.apache.ranger.plugin.model.RangerGds.RangerGdsObjectACL; import org.apache.ranger.plugin.model.RangerGds.RangerProject; import org.apache.ranger.plugin.model.RangerGds.RangerSharedResource; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemDataMaskInfo; -import org.apache.ranger.plugin.model.RangerPrincipal; import org.apache.ranger.plugin.model.validation.ValidationFailureDetails; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -396,9 +395,9 @@ public class RangerGdsValidator { case NONE: if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.REQUESTED) { requireDatasetAdmin = true; - } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED) { + } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED || dshInDataset.getStatus() == RangerGds.GdsShareStatus.DENIED) { requireDataShareAdmin = true; - } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) { + } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACTIVE) { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_INVALID_STATUS_CHANGE, "status", existing.getStatus(), dshInDataset.getStatus())); } break; @@ -406,20 +405,21 @@ public class RangerGdsValidator { case REQUESTED: if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.NONE) { requireDatasetAdmin = true; - } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED) { + } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.GRANTED || dshInDataset.getStatus() == RangerGds.GdsShareStatus.DENIED) { requireDataShareAdmin = true; - } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) { + } else if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACTIVE) { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_INVALID_STATUS_CHANGE, "status", existing.getStatus(), dshInDataset.getStatus())); } break; case GRANTED: - if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACCEPTED) { + if (dshInDataset.getStatus() == RangerGds.GdsShareStatus.ACTIVE) { requireDatasetAdmin = true; } break; - case ACCEPTED: + case ACTIVE: + case DENIED: default: break; } @@ -519,27 +519,6 @@ public class RangerGdsValidator { LOG.debug("<== validateDelete(dsInProjectId={}, existing={})", dsInProjectId, existing); } - - private void validatePrincipals(List<RangerPrincipal> principals, String fieldName, ValidationResult result) { - if (principals != null) { - for (RangerPrincipal principal : principals) { - switch (principal.getType()) { - case USER: - validateUser(principal.getName(), fieldName, result); - break; - - case GROUP: - validateGroup(principal.getName(), fieldName, result); - break; - - case ROLE: - validateRole(principal.getName(), fieldName, result); - break; - } - } - } - } - private void validateAcl(RangerGdsObjectACL acl, String fieldName, ValidationResult result) { if (acl != null) { if (MapUtils.isNotEmpty(acl.getUsers())) {
