This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 80e67e076 RANGER-4382: Improve exportCSV download time
80e67e076 is described below
commit 80e67e07638ccbe13841c0f8daeff4afbd7f7621
Author: Pradeep Agrawal <[email protected]>
AuthorDate: Fri Sep 8 14:47:35 2023 +0530
RANGER-4382: Improve exportCSV download time
Change-Id: Iafd2754259a5c158b0faed54a410f659cd9c1f8d
---
.../java/org/apache/ranger/biz/ServiceDBStore.java | 1028 ++++++++++----------
.../java/org/apache/ranger/rest/ServiceREST.java | 49 +-
2 files changed, 519 insertions(+), 558 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 036dbfec6..84b096e9b 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -4080,8 +4080,7 @@ public class ServiceDBStore extends AbstractServiceStore {
return false;
}
- private void writeExcel(List<RangerPolicy> policies, String
excelFileName,
- HttpServletResponse response) throws IOException {
+ private void writeExcel(List<RangerPolicy> policies, String
excelFileName, HttpServletResponse response) throws IOException {
Workbook workbook = null;
OutputStream outStream = null;
try {
@@ -4090,86 +4089,71 @@ public class ServiceDBStore extends
AbstractServiceStore {
createHeaderRow(sheet);
int rowCount = 0;
if (!CollectionUtils.isEmpty(policies)) {
+ Map<String, String> svcNameToSvcType = new
HashMap<>();
for (RangerPolicy policy : policies) {
- List<RangerPolicyItem> policyItems =
policy
- .getPolicyItems();
- List<RangerRowFilterPolicyItem>
rowFilterPolicyItems = policy
-
.getRowFilterPolicyItems();
- List<RangerDataMaskPolicyItem>
dataMaskPolicyItems = policy
-
.getDataMaskPolicyItems();
- List<RangerPolicyItem> allowExceptions
= policy
- .getAllowExceptions();
- List<RangerPolicyItem> denyExceptions
= policy
- .getDenyExceptions();
- List<RangerPolicyItem> denyPolicyItems
= policy
- .getDenyPolicyItems();
- XXService xxservice =
daoMgr.getXXService().findByName(
- policy.getService());
- String serviceType = "";
- if (xxservice != null) {
- Long ServiceId =
xxservice.getType();
- XXServiceDef xxservDef =
daoMgr.getXXServiceDef()
-
.getById(ServiceId);
- if (xxservDef != null) {
- serviceType =
xxservDef.getName();
- }
- }
+ List<RangerPolicyItem> policyItems =
policy.getPolicyItems();
+ List<RangerRowFilterPolicyItem>
rowFilterPolicyItems = policy.getRowFilterPolicyItems();
+ List<RangerDataMaskPolicyItem>
dataMaskPolicyItems = policy.getDataMaskPolicyItems();
+ List<RangerPolicyItem> allowExceptions
= policy.getAllowExceptions();
+ List<RangerPolicyItem> denyExceptions =
policy.getDenyExceptions();
+ List<RangerPolicyItem> denyPolicyItems
= policy.getDenyPolicyItems();
+
+ String serviceType =
policy.getServiceType();
+ if (StringUtils.isBlank(serviceType)) {
+ serviceType =
svcNameToSvcType.get(policy.getService());
+ if
(StringUtils.isBlank(serviceType)) {
+ serviceType =
daoMgr.getXXServiceDef().findServiceDefTypeByServiceName(policy.getService());
+ if
(StringUtils.isNotBlank(serviceType)) {
+
svcNameToSvcType.put(policy.getService(), serviceType);
+ }
+ }
+ }
+
if
(CollectionUtils.isNotEmpty(policyItems)) {
for (RangerPolicyItem
policyItem : policyItems) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, policyItem, null,
- null,
row, POLICY_ALLOW_INCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_ALLOW_INCLUDE);
}
} else if
(CollectionUtils.isNotEmpty(dataMaskPolicyItems)) {
for (RangerDataMaskPolicyItem
dataMaskPolicyItem : dataMaskPolicyItems) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, null,
-
dataMaskPolicyItem, null, row,
- null);
+
writeBookForPolicyItems(svcNameToSvcType, policy, null, dataMaskPolicyItem,
null, row, null);
}
} else if
(CollectionUtils.isNotEmpty(rowFilterPolicyItems)) {
for (RangerRowFilterPolicyItem
rowFilterPolicyItem : rowFilterPolicyItems) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, null, null,
-
rowFilterPolicyItem, row,
- null);
+
writeBookForPolicyItems(svcNameToSvcType, policy, null, null,
rowFilterPolicyItem, row, null);
}
- } else if (serviceType
-
.equalsIgnoreCase(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
+ } else if
(serviceType.equalsIgnoreCase(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME))
{
if
(CollectionUtils.isEmpty(policyItems)) {
Row row =
sheet.createRow(++rowCount);
RangerPolicyItem
policyItem = new RangerPolicyItem();
-
writeBookForPolicyItems(policy, policyItem, null,
- null,
row, POLICY_ALLOW_INCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_ALLOW_INCLUDE);
}
} else if
(CollectionUtils.isEmpty(policyItems)) {
Row row =
sheet.createRow(++rowCount);
RangerPolicyItem policyItem =
new RangerPolicyItem();
-
writeBookForPolicyItems(policy, policyItem, null, null,
- row,
POLICY_ALLOW_INCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_ALLOW_INCLUDE);
}
if
(CollectionUtils.isNotEmpty(allowExceptions)) {
for (RangerPolicyItem
policyItem : allowExceptions) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, policyItem, null,
- null,
row, POLICY_ALLOW_EXCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_ALLOW_EXCLUDE);
}
}
if
(CollectionUtils.isNotEmpty(denyExceptions)) {
for (RangerPolicyItem
policyItem : denyExceptions) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, policyItem, null,
- null,
row, POLICY_DENY_EXCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_DENY_EXCLUDE);
}
}
if
(CollectionUtils.isNotEmpty(denyPolicyItems)) {
for (RangerPolicyItem
policyItem : denyPolicyItems) {
Row row =
sheet.createRow(++rowCount);
-
writeBookForPolicyItems(policy, policyItem, null,
- null,
row, POLICY_DENY_INCLUDE);
+
writeBookForPolicyItems(svcNameToSvcType, policy, policyItem, null, null, row,
POLICY_DENY_INCLUDE);
}
- }
+ }
}
}
ByteArrayOutputStream outByteStream = new
ByteArrayOutputStream();
@@ -4178,8 +4162,7 @@ public class ServiceDBStore extends AbstractServiceStore {
response.setContentType("application/ms-excel");
response.setContentLength(outArray.length);
response.setHeader("Expires:", "0");
- response.setHeader("Content-Disposition", "attachment;
filename="
- + excelFileName);
+ response.setHeader("Content-Disposition", "attachment;
filename=" + excelFileName);
response.setStatus(HttpServletResponse.SC_OK);
outStream = response.getOutputStream();
outStream.write(outArray);
@@ -4198,355 +4181,321 @@ public class ServiceDBStore extends
AbstractServiceStore {
}
}
- private StringBuilder writeCSV(List<RangerPolicy> policies,
- String cSVFileName, HttpServletResponse response) {
+ private StringBuilder writeCSV(List<RangerPolicy> policies, String
cSVFileName, HttpServletResponse response) {
response.setContentType("text/csv");
final String LINE_SEPARATOR = "\n";
- final String FILE_HEADER =
"ID|Name|Resources|Roles|Groups|Users|Accesses|Service Type|Status|Policy
Type|Delegate Admin|isRecursive|"
- + "isExcludes|Service
Name|Description|isAuditEnabled|Policy Conditions|Policy Condition Type|Masking
Options|Row Filter Expr|Policy Label Name";
+ final String FILE_HEADER =
"ID|Name|Resources|Roles|Groups|Users|Accesses|Service Type|Status|Policy
Type|Delegate Admin|isRecursive|"
+ + "isExcludes|Service
Name|Description|isAuditEnabled|Policy Conditions|Policy Condition Type|Masking
Options|Row Filter Expr|Policy Label Name";
StringBuilder csvBuffer = new StringBuilder();
csvBuffer.append(FILE_HEADER);
csvBuffer.append(LINE_SEPARATOR);
- if (!CollectionUtils.isEmpty(policies)) {
- for (RangerPolicy policy : policies) {
- List<RangerPolicyItem> policyItems =
policy.getPolicyItems();
- List<RangerRowFilterPolicyItem>
rowFilterPolicyItems = policy
- .getRowFilterPolicyItems();
- List<RangerDataMaskPolicyItem>
dataMaskPolicyItems = policy
- .getDataMaskPolicyItems();
- List<RangerPolicyItem> allowExceptions = policy
- .getAllowExceptions();
- List<RangerPolicyItem> denyExceptions = policy
- .getDenyExceptions();
- List<RangerPolicyItem> denyPolicyItems = policy
- .getDenyPolicyItems();
- XXService xxservice =
daoMgr.getXXService().findByName(
- policy.getService());
- String serviceType = "";
- if (xxservice != null) {
- Long ServiceId = xxservice.getType();
- XXServiceDef xxservDef =
daoMgr.getXXServiceDef().getById(
- ServiceId);
- if (xxservDef != null) {
- serviceType =
xxservDef.getName();
+ if (!CollectionUtils.isEmpty(policies)) {
+ Map<String, String> svcNameToSvcType = new HashMap<>();
+ for (RangerPolicy policy : policies) {
+ List<RangerPolicyItem> policyItems =
policy.getPolicyItems();
+ List<RangerRowFilterPolicyItem>
rowFilterPolicyItems = policy.getRowFilterPolicyItems();
+ List<RangerDataMaskPolicyItem>
dataMaskPolicyItems = policy.getDataMaskPolicyItems();
+ List<RangerPolicyItem> allowExceptions =
policy.getAllowExceptions();
+ List<RangerPolicyItem> denyExceptions =
policy.getDenyExceptions();
+ List<RangerPolicyItem> denyPolicyItems =
policy.getDenyPolicyItems();
+
+ String serviceType = policy.getServiceType();
+ if (StringUtils.isBlank(serviceType)) {
+ serviceType =
svcNameToSvcType.get(policy.getService());
+ if (StringUtils.isBlank(serviceType)) {
+ serviceType =
daoMgr.getXXServiceDef().findServiceDefTypeByServiceName(policy.getService());
+ if
(StringUtils.isNotBlank(serviceType)) {
+
svcNameToSvcType.put(policy.getService(), serviceType);
+ }
}
}
- if (CollectionUtils.isNotEmpty(policyItems)) {
+
+ if (CollectionUtils.isNotEmpty(policyItems)) {
for (RangerPolicyItem policyItem :
policyItems) {
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_ALLOW_INCLUDE);
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_ALLOW_INCLUDE);
}
- } else if
(CollectionUtils.isNotEmpty(dataMaskPolicyItems)) {
- for (RangerDataMaskPolicyItem
dataMaskPolicyItem : dataMaskPolicyItems) {
- writeCSVForPolicyItems(policy,
null,
-
dataMaskPolicyItem, null, csvBuffer,
- null);
- }
- } else if
(CollectionUtils.isNotEmpty(rowFilterPolicyItems)) {
- for (RangerRowFilterPolicyItem
rowFilterPolicyItem : rowFilterPolicyItems) {
- writeCSVForPolicyItems(policy,
null, null,
-
rowFilterPolicyItem, csvBuffer,
- null);
- }
- } else if (serviceType
-
.equalsIgnoreCase(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) {
- if
(CollectionUtils.isEmpty(policyItems)) {
- RangerPolicyItem policyItem =
new RangerPolicyItem();
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_ALLOW_INCLUDE);
- }
- } else if
(CollectionUtils.isEmpty(policyItems)) {
- RangerPolicyItem policyItem = new
RangerPolicyItem();
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_ALLOW_INCLUDE);
- }
- if
(CollectionUtils.isNotEmpty(allowExceptions)) {
- for (RangerPolicyItem policyItem :
allowExceptions) {
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_ALLOW_EXCLUDE);
+ } else if
(CollectionUtils.isNotEmpty(dataMaskPolicyItems)) {
+ for (RangerDataMaskPolicyItem
dataMaskPolicyItem : dataMaskPolicyItems) {
+
writeCSVForPolicyItems(svcNameToSvcType, policy, null, dataMaskPolicyItem,
null, csvBuffer, null);
+ }
+ } else if
(CollectionUtils.isNotEmpty(rowFilterPolicyItems)) {
+ for (RangerRowFilterPolicyItem
rowFilterPolicyItem : rowFilterPolicyItems) {
+
writeCSVForPolicyItems(svcNameToSvcType, policy, null, null,
rowFilterPolicyItem, csvBuffer, null);
+ }
+ } else if
(serviceType.equalsIgnoreCase(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME))
{
+ if
(CollectionUtils.isEmpty(policyItems)) {
+ RangerPolicyItem policyItem =
new RangerPolicyItem();
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_ALLOW_INCLUDE);
}
+ } else if
(CollectionUtils.isEmpty(policyItems)) {
+ RangerPolicyItem policyItem = new
RangerPolicyItem();
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_ALLOW_INCLUDE);
}
- if
(CollectionUtils.isNotEmpty(denyExceptions)) {
- for (RangerPolicyItem policyItem :
denyExceptions) {
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_DENY_EXCLUDE);
+ if
(CollectionUtils.isNotEmpty(allowExceptions)) {
+ for (RangerPolicyItem policyItem :
allowExceptions) {
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_ALLOW_EXCLUDE);
}
- }
- if
(CollectionUtils.isNotEmpty(denyPolicyItems)) {
- for (RangerPolicyItem policyItem :
denyPolicyItems) {
- writeCSVForPolicyItems(policy,
policyItem, null, null,
- csvBuffer,
POLICY_DENY_INCLUDE);
- }
- }
- }
- }
- response.setHeader("Content-Disposition", "attachment;
filename="
- + cSVFileName);
+ }
+ if (CollectionUtils.isNotEmpty(denyExceptions))
{
+ for (RangerPolicyItem policyItem :
denyExceptions) {
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_DENY_EXCLUDE);
+ }
+ }
+ if
(CollectionUtils.isNotEmpty(denyPolicyItems)) {
+ for (RangerPolicyItem policyItem :
denyPolicyItems) {
+
writeCSVForPolicyItems(svcNameToSvcType, policy, policyItem, null, null,
csvBuffer, POLICY_DENY_INCLUDE);
+ }
+ }
+ }
+ }
+ response.setHeader("Content-Disposition", "attachment;
filename=" + cSVFileName);
response.setStatus(HttpServletResponse.SC_OK);
return csvBuffer;
}
- private void writeCSVForPolicyItems(RangerPolicy policy,
- RangerPolicyItem policyItem,
- RangerDataMaskPolicyItem dataMaskPolicyItem,
- RangerRowFilterPolicyItem rowFilterPolicyItem,
- StringBuilder csvBuffer, String policyConditionType) {
- if (LOG.isDebugEnabled()) {
- // To avoid PMD violation
- LOG.debug("policyConditionType:[" +
policyConditionType + "]");
- }
- final String COMMA_DELIMITER = "|";
- final String LINE_SEPARATOR = "\n";
- List<String> roles = new ArrayList<String>();
- List<String> groups = new ArrayList<String>();
- List<String> users = new ArrayList<String>();
- String roleNames = "";
- String groupNames = "";
- String userNames = "";
- String policyLabelName = "";
- String accessType = "";
- String policyStatus = "";
- String policyType = "";
- Boolean delegateAdmin = false;
- String isRecursive = "";
- String isExcludes = "";
- String serviceName = "";
- String description = "";
- Boolean isAuditEnabled = true;
- String isExcludesValue = "";
- String maskingInfo = "";
- List<RangerPolicyItemAccess> accesses = new
ArrayList<RangerPolicyItemAccess>();
- List<RangerPolicyItemCondition> conditionsList = new
ArrayList<RangerPolicyItemCondition>();
- String conditionKeyValue = "";
- String resValue = "";
- String resourceKeyVal = "";
- String isRecursiveValue = "";
- String resKey = "";
- String ServiceType = "";
- String filterExpr = "";
- String policyName = "";
- List<String> policyLabels = new ArrayList<String>();
- String policyConditionTypeValue = "";
- serviceName = policy.getService();
- description = policy.getDescription();
- isAuditEnabled = policy.getIsAuditEnabled();
- policyLabels = policy.getPolicyLabels();
- StringBuffer sb = new StringBuffer();
- StringBuffer sbIsRecursive = new StringBuffer();
- StringBuffer sbIsExcludes = new StringBuffer();
- Map<String, RangerPolicyResource> resources =
policy.getResources();
- RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = new
RangerPolicy.RangerPolicyItemDataMaskInfo();
- RangerPolicy.RangerPolicyItemRowFilterInfo filterInfo = new
RangerPolicy.RangerPolicyItemRowFilterInfo();
- policyName = policy.getName();
- policyName = policyName.replace("|", "");
- if (resources != null) {
- for (Entry<String, RangerPolicyResource> resource :
resources
- .entrySet()) {
- resKey = resource.getKey();
- RangerPolicyResource policyResource =
resource.getValue();
- List<String> resvalueList =
policyResource.getValues();
- isExcludes =
policyResource.getIsExcludes().toString();
- isRecursive =
policyResource.getIsRecursive().toString();
- resValue = resvalueList.toString();
- sb = sb.append(resourceKeyVal).append("
").append(resKey)
- .append("=").append(resValue);
- sbIsExcludes =
sbIsExcludes.append(resourceKeyVal).append(" ")
-
.append(resKey).append("=[").append(isExcludes)
- .append("]");
- sbIsRecursive =
sbIsRecursive.append(resourceKeyVal)
- .append("
").append(resKey).append("=[")
-
.append(isRecursive).append("]");
- }
- isExcludesValue = sbIsExcludes.toString();
- isExcludesValue = isExcludesValue.substring(1);
- isRecursiveValue = sbIsRecursive.toString();
- isRecursiveValue = isRecursiveValue.substring(1);
- resourceKeyVal = sb.toString();
- resourceKeyVal = resourceKeyVal.substring(1);
- if (policyItem != null && dataMaskPolicyItem == null
- && rowFilterPolicyItem == null) {
- roles = policyItem.getRoles();
- groups = policyItem.getGroups();
- users = policyItem.getUsers();
- accesses = policyItem.getAccesses();
- delegateAdmin = policyItem.getDelegateAdmin();
- conditionsList = policyItem.getConditions();
- } else if (dataMaskPolicyItem != null && policyItem ==
null
- && rowFilterPolicyItem == null) {
- roles = dataMaskPolicyItem.getRoles();
- groups = dataMaskPolicyItem.getGroups();
- users = dataMaskPolicyItem.getUsers();
- accesses = dataMaskPolicyItem.getAccesses();
- delegateAdmin =
dataMaskPolicyItem.getDelegateAdmin();
- conditionsList =
dataMaskPolicyItem.getConditions();
- dataMaskInfo =
dataMaskPolicyItem.getDataMaskInfo();
- String dataMaskType =
dataMaskInfo.getDataMaskType();
- String conditionExpr =
dataMaskInfo.getConditionExpr();
- String valueExpr = dataMaskInfo.getValueExpr();
- maskingInfo = "dataMasktype=[" + dataMaskType
+ "]";
- if (conditionExpr != null &&
!conditionExpr.isEmpty()
- && valueExpr != null &&
!valueExpr.isEmpty()) {
- maskingInfo = maskingInfo + ";
conditionExpr=["
- + conditionExpr + "]";
- }
- } else if (rowFilterPolicyItem != null && policyItem
== null
- && dataMaskPolicyItem == null) {
- roles = rowFilterPolicyItem.getRoles();
- groups = rowFilterPolicyItem.getGroups();
- users = rowFilterPolicyItem.getUsers();
- accesses = rowFilterPolicyItem.getAccesses();
- delegateAdmin =
rowFilterPolicyItem.getDelegateAdmin();
- conditionsList =
rowFilterPolicyItem.getConditions();
- filterInfo =
rowFilterPolicyItem.getRowFilterInfo();
- filterExpr = filterInfo.getFilterExpr();
- }
- if
(CollectionUtils.isNotEmpty(accesses)) {
- for
(RangerPolicyItemAccess access : accesses) {
- if (access !=
null) {
-
accessType = accessType + access.getType().replace("#", "").replace("|", "") +
"#";
- }
- }
- if (accessType.length()
> 0) {
- accessType =
accessType.substring(0, accessType.lastIndexOf("#"));
- }
- }
- if
(CollectionUtils.isNotEmpty(roles)) {
- for (String role :
roles) {
- if
(StringUtils.isNotBlank(role)) {
- role =
role.replace("|", "");
- role =
role.replace("#", "");
-
roleNames = roleNames + role + "#";
- }
- }
- if (roleNames.length()
> 0) {
- roleNames =
roleNames.substring(0, roleNames.lastIndexOf("#"));
- }
- }
- if
(CollectionUtils.isNotEmpty(groups)) {
- for (String group :
groups) {
- if
(StringUtils.isNotBlank(group)) {
- group =
group.replace("|", "");
- group =
group.replace("#", "");
-
groupNames = groupNames + group + "#";
- }
- }
- if (groupNames.length()
> 0) {
- groupNames =
groupNames.substring(0, groupNames.lastIndexOf("#"));
- }
- }
- if
(CollectionUtils.isNotEmpty(users)) {
- for (String user :
users) {
- if
(StringUtils.isNotBlank(user)) {
- user =
user.replace("|", "");
- user =
user.replace("#", "");
-
userNames = userNames + user + "#";
- }
- }
- if (userNames.length()
> 0) {
- userNames =
userNames.substring(0, userNames.lastIndexOf("#"));
- }
- }
- String conditionValue = "";
- for (RangerPolicyItemCondition conditions :
conditionsList) {
- String conditionType = conditions.getType();
- List<String> conditionList =
conditions.getValues();
- conditionValue = conditionList.toString();
- conditionKeyValue = conditionType + "=" +
conditionValue;
- }
- XXService xxservice = daoMgr.getXXService().findByName(
- policy.getService());
- if (xxservice != null) {
- Long ServiceId = xxservice.getType();
- XXServiceDef xxservDef =
daoMgr.getXXServiceDef().getById(
- ServiceId);
- if (xxservDef != null) {
- ServiceType = xxservDef.getName();
- }
- }
- }
- if (policyConditionType != null) {
- policyConditionTypeValue = policyConditionType;
- }
- if (policyConditionType == null &&
ServiceType.equalsIgnoreCase("tag")) {
- policyConditionTypeValue = POLICY_ALLOW_INCLUDE;
- } else if (policyConditionType == null) {
- policyConditionTypeValue = "";
- }
- if (policy.getIsEnabled()) {
- policyStatus = "Enabled";
- } else {
- policyStatus = "Disabled";
- }
- int policyTypeInt = policy.getPolicyType();
- switch (policyTypeInt) {
- case RangerPolicy.POLICY_TYPE_ACCESS:
- policyType = POLICY_TYPE_ACCESS;
- break;
- case RangerPolicy.POLICY_TYPE_DATAMASK:
- policyType = POLICY_TYPE_DATAMASK;
- break;
- case RangerPolicy.POLICY_TYPE_ROWFILTER:
- policyType = POLICY_TYPE_ROWFILTER;
- break;
- }
- if (CollectionUtils.isNotEmpty(policyLabels)) {
- for (String policyLabel : policyLabels)
{
- if
(StringUtils.isNotBlank(policyLabel)) {
- policyLabel =
policyLabel.replace("|", "");
- policyLabel =
policyLabel.replace("#", "");
- policyLabelName =
policyLabelName + policyLabel + "#";
- }
+ private void writeCSVForPolicyItems(Map<String, String>
svcNameToSvcType, RangerPolicy policy, RangerPolicyItem policyItem,
RangerDataMaskPolicyItem dataMaskPolicyItem, RangerRowFilterPolicyItem
rowFilterPolicyItem, StringBuilder csvBuffer, String policyConditionType) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("policyConditionType:[" + policyConditionType
+ "]");
+ }
+ final String COMMA_DELIMITER = "|";
+ final String LINE_SEPARATOR = "\n";
+ List<String> roles = new ArrayList<String>();
+ List<String> groups = new ArrayList<String>();
+ List<String> users = new ArrayList<String>();
+ String roleNames = "";
+ String groupNames = "";
+ String userNames = "";
+ String policyLabelName = "";
+ String accessType = "";
+ String policyStatus = "";
+ String policyType = "";
+ Boolean delegateAdmin = false;
+ String isRecursive = "";
+ String isExcludes = "";
+ String serviceName = "";
+ String description = "";
+ Boolean isAuditEnabled = true;
+ String isExcludesValue = "";
+ String maskingInfo = "";
+ List<RangerPolicyItemAccess> accesses = new
ArrayList<RangerPolicyItemAccess>();
+ List<RangerPolicyItemCondition> conditionsList = new
ArrayList<RangerPolicyItemCondition>();
+ String conditionKeyValue = "";
+ String resValue = "";
+ String resourceKeyVal = "";
+ String isRecursiveValue = "";
+ String resKey = "";
+ String ServiceType = "";
+ String filterExpr = "";
+ String policyName = "";
+ List<String> policyLabels = new ArrayList<String>();
+ String policyConditionTypeValue = "";
+ serviceName = policy.getService();
+ description = policy.getDescription();
+ isAuditEnabled = policy.getIsAuditEnabled();
+ policyLabels = policy.getPolicyLabels();
+ StringBuffer sb = new StringBuffer();
+ StringBuffer sbIsRecursive = new StringBuffer();
+ StringBuffer sbIsExcludes = new StringBuffer();
+ Map<String, RangerPolicyResource> resources =
policy.getResources();
+ RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = new
RangerPolicy.RangerPolicyItemDataMaskInfo();
+ RangerPolicy.RangerPolicyItemRowFilterInfo filterInfo = new
RangerPolicy.RangerPolicyItemRowFilterInfo();
+ policyName = policy.getName();
+ policyName = policyName.replace("|", "");
+ if (resources != null) {
+ for (Entry<String, RangerPolicyResource> resource :
resources.entrySet()) {
+ resKey = resource.getKey();
+ RangerPolicyResource policyResource =
resource.getValue();
+ List<String> resvalueList =
policyResource.getValues();
+ isExcludes =
policyResource.getIsExcludes().toString();
+ isRecursive =
policyResource.getIsRecursive().toString();
+ resValue = resvalueList.toString();
+ sb = sb.append(resourceKeyVal).append("
").append(resKey).append("=").append(resValue);
+ sbIsExcludes =
sbIsExcludes.append(resourceKeyVal).append("
").append(resKey).append("=[").append(isExcludes).append("]");
+ sbIsRecursive =
sbIsRecursive.append(resourceKeyVal).append("
").append(resKey).append("=[").append(isRecursive).append("]");
+ }
+ isExcludesValue = sbIsExcludes.toString();
+ isExcludesValue = isExcludesValue.substring(1);
+ isRecursiveValue = sbIsRecursive.toString();
+ isRecursiveValue = isRecursiveValue.substring(1);
+ resourceKeyVal = sb.toString();
+ resourceKeyVal = resourceKeyVal.substring(1);
+ if (policyItem != null && dataMaskPolicyItem == null &&
rowFilterPolicyItem == null) {
+ roles = policyItem.getRoles();
+ groups = policyItem.getGroups();
+ users = policyItem.getUsers();
+ accesses = policyItem.getAccesses();
+ delegateAdmin = policyItem.getDelegateAdmin();
+ conditionsList = policyItem.getConditions();
+ } else if (dataMaskPolicyItem != null && policyItem ==
null && rowFilterPolicyItem == null) {
+ roles = dataMaskPolicyItem.getRoles();
+ groups = dataMaskPolicyItem.getGroups();
+ users = dataMaskPolicyItem.getUsers();
+ accesses = dataMaskPolicyItem.getAccesses();
+ delegateAdmin =
dataMaskPolicyItem.getDelegateAdmin();
+ conditionsList =
dataMaskPolicyItem.getConditions();
+ dataMaskInfo =
dataMaskPolicyItem.getDataMaskInfo();
+ String dataMaskType =
dataMaskInfo.getDataMaskType();
+ String conditionExpr =
dataMaskInfo.getConditionExpr();
+ String valueExpr = dataMaskInfo.getValueExpr();
+ maskingInfo = "dataMasktype=[" + dataMaskType +
"]";
+ if (conditionExpr != null &&
!conditionExpr.isEmpty() && valueExpr != null && !valueExpr.isEmpty()) {
+ maskingInfo = maskingInfo + ";
conditionExpr=[" + conditionExpr + "]";
+ }
+ } else if (rowFilterPolicyItem != null && policyItem ==
null && dataMaskPolicyItem == null) {
+ roles = rowFilterPolicyItem.getRoles();
+ groups = rowFilterPolicyItem.getGroups();
+ users = rowFilterPolicyItem.getUsers();
+ accesses = rowFilterPolicyItem.getAccesses();
+ delegateAdmin =
rowFilterPolicyItem.getDelegateAdmin();
+ conditionsList =
rowFilterPolicyItem.getConditions();
+ filterInfo =
rowFilterPolicyItem.getRowFilterInfo();
+ filterExpr = filterInfo.getFilterExpr();
+ }
+ if (CollectionUtils.isNotEmpty(accesses)) {
+ for (RangerPolicyItemAccess access : accesses) {
+ if (access != null) {
+ accessType = accessType +
access.getType().replace("#", "").replace("|", "") + "#";
}
- if (policyLabelName.length() > 0) {
- policyLabelName =
policyLabelName.substring(0, policyLabelName.lastIndexOf("#"));
+ }
+ if (accessType.length() > 0) {
+ accessType = accessType.substring(0,
accessType.lastIndexOf("#"));
+ }
+ }
+ if (CollectionUtils.isNotEmpty(roles)) {
+ for (String role : roles) {
+ if (StringUtils.isNotBlank(role)) {
+ role = role.replace("|", "");
+ role = role.replace("#", "");
+ roleNames = roleNames + role +
"#";
}
}
+ if (roleNames.length() > 0) {
+ roleNames = roleNames.substring(0,
roleNames.lastIndexOf("#"));
+ }
+ }
+ if (CollectionUtils.isNotEmpty(groups)) {
+ for (String group : groups) {
+ if (StringUtils.isNotBlank(group)) {
+ group = group.replace("|", "");
+ group = group.replace("#", "");
+ groupNames = groupNames + group
+ "#";
+ }
+ }
+ if (groupNames.length() > 0) {
+ groupNames = groupNames.substring(0,
groupNames.lastIndexOf("#"));
+ }
+ }
+ if (CollectionUtils.isNotEmpty(users)) {
+ for (String user : users) {
+ if (StringUtils.isNotBlank(user)) {
+ user = user.replace("|", "");
+ user = user.replace("#", "");
+ userNames = userNames + user +
"#";
+ }
+ }
+ if (userNames.length() > 0) {
+ userNames = userNames.substring(0,
userNames.lastIndexOf("#"));
+ }
+ }
+ String conditionValue = "";
+ for (RangerPolicyItemCondition conditions :
conditionsList) {
+ String conditionType = conditions.getType();
+ List<String> conditionList =
conditions.getValues();
+ conditionValue = conditionList.toString();
+ conditionKeyValue = conditionType + "=" +
conditionValue;
+ }
- csvBuffer.append(policy.getId());
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(policyName);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(resourceKeyVal);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(roleNames);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(groupNames);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(userNames);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(accessType.trim());
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(ServiceType);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(policyStatus);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(policyType);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(delegateAdmin.toString().toUpperCase());
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(isRecursiveValue);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(isExcludesValue);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(serviceName);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(description);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(isAuditEnabled.toString().toUpperCase());
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(conditionKeyValue.trim());
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(policyConditionTypeValue);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(maskingInfo);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(filterExpr);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(policyLabelName);
- csvBuffer.append(COMMA_DELIMITER);
- csvBuffer.append(LINE_SEPARATOR);
- }
+ ServiceType = policy.getServiceType();
+ if (StringUtils.isBlank(ServiceType)) {
+ ServiceType =
svcNameToSvcType.get(policy.getService());
+ if (ServiceType == null) {
+ ServiceType = "";
+ }
+ }
+ }
+ if (policyConditionType != null) {
+ policyConditionTypeValue = policyConditionType;
+ }
+ if (policyConditionType == null &&
ServiceType.equalsIgnoreCase("tag")) {
+ policyConditionTypeValue = POLICY_ALLOW_INCLUDE;
+ } else if (policyConditionType == null) {
+ policyConditionTypeValue = "";
+ }
+ if (policy.getIsEnabled()) {
+ policyStatus = "Enabled";
+ } else {
+ policyStatus = "Disabled";
+ }
+ int policyTypeInt = policy.getPolicyType();
+ switch (policyTypeInt) {
+ case RangerPolicy.POLICY_TYPE_ACCESS:
+ policyType = POLICY_TYPE_ACCESS;
+ break;
+ case RangerPolicy.POLICY_TYPE_DATAMASK:
+ policyType = POLICY_TYPE_DATAMASK;
+ break;
+ case RangerPolicy.POLICY_TYPE_ROWFILTER:
+ policyType = POLICY_TYPE_ROWFILTER;
+ break;
+ }
+ if (CollectionUtils.isNotEmpty(policyLabels)) {
+ for (String policyLabel : policyLabels) {
+ if (StringUtils.isNotBlank(policyLabel)) {
+ policyLabel = policyLabel.replace("|",
"");
+ policyLabel = policyLabel.replace("#",
"");
+ policyLabelName = policyLabelName +
policyLabel + "#";
+ }
+ }
+ if (policyLabelName.length() > 0) {
+ policyLabelName = policyLabelName.substring(0,
policyLabelName.lastIndexOf("#"));
+ }
+ }
+
+ csvBuffer.append(policy.getId());
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(policyName);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(resourceKeyVal);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(roleNames);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(groupNames);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(userNames);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(accessType.trim());
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(ServiceType);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(policyStatus);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(policyType);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(delegateAdmin.toString().toUpperCase());
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(isRecursiveValue);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(isExcludesValue);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(serviceName);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(description);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(isAuditEnabled.toString().toUpperCase());
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(conditionKeyValue.trim());
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(policyConditionTypeValue);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(maskingInfo);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(filterExpr);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(policyLabelName);
+ csvBuffer.append(COMMA_DELIMITER);
+ csvBuffer.append(LINE_SEPARATOR);
+ }
public Map<String, Object> getMetaDataInfo() {
Map<String, Object> metaDataInfo = new LinkedHashMap<String,
Object>();
@@ -4668,67 +4617,65 @@ public class ServiceDBStore extends
AbstractServiceStore {
return policiesMap;
}
- private void writeBookForPolicyItems(RangerPolicy policy,
RangerPolicyItem policyItem,
- RangerDataMaskPolicyItem dataMaskPolicyItem,
RangerRowFilterPolicyItem rowFilterPolicyItem, Row row, String
policyConditionType) {
+ private void writeBookForPolicyItems(Map<String, String>
svcNameToSvcType, RangerPolicy policy, RangerPolicyItem policyItem,
RangerDataMaskPolicyItem dataMaskPolicyItem, RangerRowFilterPolicyItem
rowFilterPolicyItem, Row row, String policyConditionType) {
if (LOG.isDebugEnabled()) {
- // To avoid PMD violation
- LOG.debug("policyConditionType:[" +
policyConditionType + "]");
+ LOG.debug("policyConditionType:[" + policyConditionType
+ "]");
}
List<String> groups = new ArrayList<String>();
List<String> users = new ArrayList<String>();
List<String> roles = new ArrayList<String>();
String roleNames = "";
String groupNames = "";
- String policyConditionTypeValue = "";
+ String policyConditionTypeValue = "";
String userNames = "";
- String policyLabelNames = "";
+ String policyLabelNames = "";
String accessType = "";
String policyStatus = "";
- String policyType = "";
- Boolean delegateAdmin = false;
- String isRecursive = "";
- String isExcludes = "";
- String serviceName = "";
-
- String description = "";
- Boolean isAuditEnabled = true;
- isAuditEnabled = policy.getIsAuditEnabled();
- String isExcludesValue = "";
+ String policyType = "";
+ Boolean delegateAdmin = false;
+ String isRecursive = "";
+ String isExcludes = "";
+ String serviceName = "";
+
+ String description = "";
+ Boolean isAuditEnabled = true;
+ isAuditEnabled = policy.getIsAuditEnabled();
+ String isExcludesValue = "";
Cell cell = row.createCell(0);
cell.setCellValue(policy.getId());
List<RangerPolicyItemAccess> accesses = new
ArrayList<RangerPolicyItemAccess>();
- List<RangerPolicyItemCondition> conditionsList = new
ArrayList<RangerPolicyItemCondition>();
- String conditionKeyValue = "";
- List<String> policyLabels = new ArrayList<String>();
+ List<RangerPolicyItemCondition> conditionsList = new
ArrayList<RangerPolicyItemCondition>();
+ String conditionKeyValue = "";
+ List<String> policyLabels = new ArrayList<String>();
String resValue = "";
String resourceKeyVal = "";
- String isRecursiveValue = "";
+ String isRecursiveValue = "";
String resKey = "";
StringBuffer sb = new StringBuffer();
- StringBuffer sbIsRecursive = new StringBuffer();
- StringBuffer sbIsExcludes = new StringBuffer();
+ StringBuffer sbIsRecursive = new StringBuffer();
+ StringBuffer sbIsExcludes = new StringBuffer();
Map<String, RangerPolicyResource> resources =
policy.getResources();
- RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = new
RangerPolicy.RangerPolicyItemDataMaskInfo();
- RangerPolicy.RangerPolicyItemRowFilterInfo filterInfo = new
RangerPolicy.RangerPolicyItemRowFilterInfo();
- cell = row.createCell(1);
- cell.setCellValue(policy.getName());
- cell = row.createCell(2);
+ RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = new
RangerPolicy.RangerPolicyItemDataMaskInfo();
+ RangerPolicy.RangerPolicyItemRowFilterInfo filterInfo = new
RangerPolicy.RangerPolicyItemRowFilterInfo();
+ cell = row.createCell(1);
+ cell.setCellValue(policy.getName());
+ cell = row.createCell(2);
if (resources != null) {
for (Entry<String, RangerPolicyResource> resource :
resources.entrySet()) {
resKey = resource.getKey();
RangerPolicyResource policyResource =
resource.getValue();
List<String> resvalueList =
policyResource.getValues();
- isExcludes =
policyResource.getIsExcludes().toString();
- isRecursive =
policyResource.getIsRecursive().toString();
+ isExcludes =
policyResource.getIsExcludes().toString();
+ isRecursive =
policyResource.getIsRecursive().toString();
resValue = resvalueList.toString();
- sb = sb.append(resourceKeyVal).append(";
").append(resKey).append("=").append(resValue);
- sbIsExcludes =
sbIsExcludes.append(resourceKeyVal).append(";
").append(resKey).append("=[").append(isExcludes).append("]");
- sbIsRecursive =
sbIsRecursive.append(resourceKeyVal).append(";
").append(resKey).append("=[").append(isRecursive).append("]");
- }
- isExcludesValue = sbIsExcludes.toString();
- isExcludesValue = isExcludesValue.substring(1);
- isRecursiveValue = sbIsRecursive.toString();
- isRecursiveValue = isRecursiveValue.substring(1);
+ sb = sb.append(resourceKeyVal).append(";
").append(resKey).append("=").append(resValue);
+ sbIsExcludes =
sbIsExcludes.append(resourceKeyVal).append(";
").append(resKey).append("=[").append(isExcludes).append("]");
+ sbIsRecursive =
sbIsRecursive.append(resourceKeyVal).append(";
").append(resKey).append("=[").append(isRecursive).append("]");
+ }
+ isExcludesValue = sbIsExcludes.toString();
+ isExcludesValue = isExcludesValue.substring(1);
+ isRecursiveValue = sbIsRecursive.toString();
+ isRecursiveValue = isRecursiveValue.substring(1);
resourceKeyVal = sb.toString();
resourceKeyVal = resourceKeyVal.substring(1);
cell.setCellValue(resourceKeyVal);
@@ -4737,36 +4684,36 @@ public class ServiceDBStore extends
AbstractServiceStore {
groups = policyItem.getGroups();
users = policyItem.getUsers();
accesses = policyItem.getAccesses();
- delegateAdmin = policyItem.getDelegateAdmin();
- conditionsList = policyItem.getConditions();
+ delegateAdmin = policyItem.getDelegateAdmin();
+ conditionsList = policyItem.getConditions();
} else if (dataMaskPolicyItem != null && policyItem ==
null && rowFilterPolicyItem == null) {
roles = dataMaskPolicyItem.getRoles();
groups = dataMaskPolicyItem.getGroups();
users = dataMaskPolicyItem.getUsers();
accesses = dataMaskPolicyItem.getAccesses();
- delegateAdmin =
dataMaskPolicyItem.getDelegateAdmin();
- conditionsList =
dataMaskPolicyItem.getConditions();
- dataMaskInfo =
dataMaskPolicyItem.getDataMaskInfo();
- String dataMaskType =
dataMaskInfo.getDataMaskType();
- String conditionExpr =
dataMaskInfo.getConditionExpr();
- String valueExpr = dataMaskInfo.getValueExpr();
- String maskingInfo = "dataMasktype=[" +
dataMaskType + "]";
- if (conditionExpr != null &&
!conditionExpr.isEmpty() && valueExpr != null && !valueExpr.isEmpty()) {
- maskingInfo = maskingInfo + ";
conditionExpr=[" + conditionExpr + "]";
- }
- cell = row.createCell(18);
- cell.setCellValue(maskingInfo);
+ delegateAdmin =
dataMaskPolicyItem.getDelegateAdmin();
+ conditionsList =
dataMaskPolicyItem.getConditions();
+ dataMaskInfo =
dataMaskPolicyItem.getDataMaskInfo();
+ String dataMaskType =
dataMaskInfo.getDataMaskType();
+ String conditionExpr =
dataMaskInfo.getConditionExpr();
+ String valueExpr = dataMaskInfo.getValueExpr();
+ String maskingInfo = "dataMasktype=[" +
dataMaskType + "]";
+ if (conditionExpr != null &&
!conditionExpr.isEmpty() && valueExpr != null && !valueExpr.isEmpty()) {
+ maskingInfo = maskingInfo + ";
conditionExpr=[" + conditionExpr + "]";
+ }
+ cell = row.createCell(18);
+ cell.setCellValue(maskingInfo);
} else if (rowFilterPolicyItem != null && policyItem ==
null && dataMaskPolicyItem == null) {
roles = rowFilterPolicyItem.getRoles();
groups = rowFilterPolicyItem.getGroups();
users = rowFilterPolicyItem.getUsers();
accesses = rowFilterPolicyItem.getAccesses();
- delegateAdmin =
rowFilterPolicyItem.getDelegateAdmin();
- conditionsList =
rowFilterPolicyItem.getConditions();
- filterInfo =
rowFilterPolicyItem.getRowFilterInfo();
- String filterExpr = filterInfo.getFilterExpr();
- cell = row.createCell(19);
- cell.setCellValue(filterExpr);
+ delegateAdmin =
rowFilterPolicyItem.getDelegateAdmin();
+ conditionsList =
rowFilterPolicyItem.getConditions();
+ filterInfo =
rowFilterPolicyItem.getRowFilterInfo();
+ String filterExpr = filterInfo.getFilterExpr();
+ cell = row.createCell(19);
+ cell.setCellValue(filterExpr);
}
if (CollectionUtils.isNotEmpty(accesses)) {
for (RangerPolicyItemAccess access : accesses) {
@@ -4778,31 +4725,31 @@ public class ServiceDBStore extends
AbstractServiceStore {
if (CollectionUtils.isNotEmpty(roles)) {
roleNames = roleNames + roles.toString();
StringTokenizer roleToken = new
StringTokenizer(roleNames, "[]");
- while(roleToken.hasMoreTokens()) {
+ while (roleToken.hasMoreTokens()) {
roleNames =
roleToken.nextToken().toString();
}
}
if (CollectionUtils.isNotEmpty(groups)) {
groupNames = groupNames + groups.toString();
StringTokenizer groupToken = new
StringTokenizer(groupNames, "[]");
- while(groupToken.hasMoreTokens()) {
+ while (groupToken.hasMoreTokens()) {
groupNames =
groupToken.nextToken().toString();
}
}
if (CollectionUtils.isNotEmpty(users)) {
userNames = userNames + users.toString();
StringTokenizer userToken = new
StringTokenizer(userNames, "[]");
- while(userToken.hasMoreTokens()) {
+ while (userToken.hasMoreTokens()) {
userNames =
userToken.nextToken().toString();
}
}
- String conditionValue = "";
- for(RangerPolicyItemCondition conditions :
conditionsList ){
- String conditionType = conditions.getType();
- List<String> conditionList =
conditions.getValues();
- conditionValue = conditionList.toString();
- conditionKeyValue = conditionType + "=" +
conditionValue;
- }
+ String conditionValue = "";
+ for (RangerPolicyItemCondition conditions :
conditionsList) {
+ String conditionType = conditions.getType();
+ List<String> conditionList =
conditions.getValues();
+ conditionValue = conditionList.toString();
+ conditionKeyValue = conditionType + "=" +
conditionValue;
+ }
cell = row.createCell(3);
cell.setCellValue(roleNames);
cell = row.createCell(4);
@@ -4812,23 +4759,23 @@ public class ServiceDBStore extends
AbstractServiceStore {
cell = row.createCell(6);
cell.setCellValue(accessType.trim());
cell = row.createCell(7);
- XXService xxservice =
daoMgr.getXXService().findByName(policy.getService());
- String ServiceType = "";
- if (xxservice != null) {
- Long ServiceId = xxservice.getType();
- XXServiceDef xxservDef =
daoMgr.getXXServiceDef().getById(ServiceId);
- if (xxservDef != null) {
- ServiceType = xxservDef.getName();
+
+ String ServiceType = policy.getServiceType();
+ if (StringUtils.isBlank(ServiceType)) {
+ ServiceType =
svcNameToSvcType.get(policy.getService());
+ if (ServiceType == null) {
+ ServiceType = "";
}
}
- if(policyConditionType != null) {
- policyConditionTypeValue = policyConditionType;
- }
- if (policyConditionType == null &&
ServiceType.equalsIgnoreCase("tag")) {
- policyConditionTypeValue =
POLICY_ALLOW_INCLUDE;
- }else if (policyConditionType == null) {
- policyConditionTypeValue = "";
- }
+
+ if (policyConditionType != null) {
+ policyConditionTypeValue = policyConditionType;
+ }
+ if (policyConditionType == null &&
ServiceType.equalsIgnoreCase("tag")) {
+ policyConditionTypeValue = POLICY_ALLOW_INCLUDE;
+ } else if (policyConditionType == null) {
+ policyConditionTypeValue = "";
+ }
cell.setCellValue(ServiceType);
cell = row.createCell(8);
@@ -4839,53 +4786,54 @@ public class ServiceDBStore extends
AbstractServiceStore {
} else {
policyStatus = "Disabled";
}
- policyLabels = policy.getPolicyLabels();
- if (CollectionUtils.isNotEmpty(policyLabels)) {
- policyLabelNames = policyLabelNames +
policyLabels.toString();
- StringTokenizer policyLabelToken = new
StringTokenizer(policyLabelNames, "[]");
- while(policyLabelToken.hasMoreTokens()) {
- policyLabelNames =
policyLabelToken.nextToken().toString();
- }
- }
+ policyLabels = policy.getPolicyLabels();
+ if (CollectionUtils.isNotEmpty(policyLabels)) {
+ policyLabelNames = policyLabelNames +
policyLabels.toString();
+ StringTokenizer policyLabelToken = new
StringTokenizer(policyLabelNames, "[]");
+ while (policyLabelToken.hasMoreTokens()) {
+ policyLabelNames =
policyLabelToken.nextToken().toString();
+ }
+ }
cell.setCellValue(policyStatus);
- cell = row.createCell(9);
- int policyTypeInt = policy.getPolicyType();
- switch (policyTypeInt) {
- case RangerPolicy.POLICY_TYPE_ACCESS:
- policyType = POLICY_TYPE_ACCESS;
- break;
-
- case RangerPolicy.POLICY_TYPE_DATAMASK:
- policyType = POLICY_TYPE_DATAMASK;
- break;
-
- case RangerPolicy.POLICY_TYPE_ROWFILTER:
- policyType = POLICY_TYPE_ROWFILTER;
- break;
- }
- cell.setCellValue(policyType);
- cell = row.createCell(10);
- cell.setCellValue(delegateAdmin.toString().toUpperCase());
- cell = row.createCell(11);
- cell.setCellValue(isRecursiveValue);
- cell = row.createCell(12);
- cell.setCellValue(isExcludesValue);
- cell = row.createCell(13);
- serviceName = policy.getService();
- cell.setCellValue(serviceName);
- cell = row.createCell(14);
- description = policy.getDescription();
- cell.setCellValue(description);
- cell = row.createCell(15);
- cell.setCellValue(isAuditEnabled.toString().toUpperCase());
- cell = row.createCell(16);
- cell.setCellValue(conditionKeyValue.trim());
- cell = row.createCell(17);
- cell.setCellValue(policyConditionTypeValue);
- cell = row.createCell(20);
- cell.setCellValue(policyLabelNames);
+ cell = row.createCell(9);
+ int policyTypeInt = policy.getPolicyType();
+ switch (policyTypeInt) {
+ case RangerPolicy.POLICY_TYPE_ACCESS:
+ policyType = POLICY_TYPE_ACCESS;
+ break;
+
+ case RangerPolicy.POLICY_TYPE_DATAMASK:
+ policyType = POLICY_TYPE_DATAMASK;
+ break;
+
+ case RangerPolicy.POLICY_TYPE_ROWFILTER:
+ policyType = POLICY_TYPE_ROWFILTER;
+ break;
+ }
+ cell.setCellValue(policyType);
+ cell = row.createCell(10);
+ cell.setCellValue(delegateAdmin.toString().toUpperCase());
+ cell = row.createCell(11);
+ cell.setCellValue(isRecursiveValue);
+ cell = row.createCell(12);
+ cell.setCellValue(isExcludesValue);
+ cell = row.createCell(13);
+ serviceName = policy.getService();
+ cell.setCellValue(serviceName);
+ cell = row.createCell(14);
+ description = policy.getDescription();
+ cell.setCellValue(description);
+ cell = row.createCell(15);
+ cell.setCellValue(isAuditEnabled.toString().toUpperCase());
+ cell = row.createCell(16);
+ cell.setCellValue(conditionKeyValue.trim());
+ cell = row.createCell(17);
+ cell.setCellValue(policyConditionTypeValue);
+ cell = row.createCell(20);
+ cell.setCellValue(policyLabelNames);
+
+ }
- }
private void createHeaderRow(Sheet sheet) {
CellStyle cellStyle = sheet.getWorkbook().createCellStyle();
Font font = sheet.getWorkbook().createFont();
@@ -4931,54 +4879,54 @@ public class ServiceDBStore extends
AbstractServiceStore {
cellStatus.setCellStyle(cellStyle);
cellStatus.setCellValue("Status");
- Cell cellPolicyType = row.createCell(9);
- cellPolicyType.setCellStyle(cellStyle);
- cellPolicyType.setCellValue("Policy Type");
+ Cell cellPolicyType = row.createCell(9);
+ cellPolicyType.setCellStyle(cellStyle);
+ cellPolicyType.setCellValue("Policy Type");
- Cell cellDelegateAdmin = row.createCell(10);
- cellDelegateAdmin.setCellStyle(cellStyle);
- cellDelegateAdmin.setCellValue("Delegate Admin");
+ Cell cellDelegateAdmin = row.createCell(10);
+ cellDelegateAdmin.setCellStyle(cellStyle);
+ cellDelegateAdmin.setCellValue("Delegate Admin");
- Cell cellIsRecursive = row.createCell(11);
- cellIsRecursive.setCellStyle(cellStyle);
- cellIsRecursive.setCellValue("isRecursive");
+ Cell cellIsRecursive = row.createCell(11);
+ cellIsRecursive.setCellStyle(cellStyle);
+ cellIsRecursive.setCellValue("isRecursive");
- Cell cellIsExcludes = row.createCell(12);
- cellIsExcludes.setCellStyle(cellStyle);
- cellIsExcludes.setCellValue("isExcludes");
+ Cell cellIsExcludes = row.createCell(12);
+ cellIsExcludes.setCellStyle(cellStyle);
+ cellIsExcludes.setCellValue("isExcludes");
- Cell cellServiceName = row.createCell(13);
- cellServiceName.setCellStyle(cellStyle);
- cellServiceName.setCellValue("Service Name");
+ Cell cellServiceName = row.createCell(13);
+ cellServiceName.setCellStyle(cellStyle);
+ cellServiceName.setCellValue("Service Name");
- Cell cellDescription = row.createCell(14);
- cellDescription.setCellStyle(cellStyle);
- cellDescription.setCellValue("Description");
+ Cell cellDescription = row.createCell(14);
+ cellDescription.setCellStyle(cellStyle);
+ cellDescription.setCellValue("Description");
- Cell cellisAuditEnabled = row.createCell(15);
- cellisAuditEnabled.setCellStyle(cellStyle);
- cellisAuditEnabled.setCellValue("isAuditEnabled");
+ Cell cellisAuditEnabled = row.createCell(15);
+ cellisAuditEnabled.setCellStyle(cellStyle);
+ cellisAuditEnabled.setCellValue("isAuditEnabled");
- Cell cellPolicyConditions = row.createCell(16);
- cellPolicyConditions.setCellStyle(cellStyle);
- cellPolicyConditions.setCellValue("Policy Conditions");
+ Cell cellPolicyConditions = row.createCell(16);
+ cellPolicyConditions.setCellStyle(cellStyle);
+ cellPolicyConditions.setCellValue("Policy Conditions");
- Cell cellPolicyConditionType = row.createCell(17);
- cellPolicyConditionType.setCellStyle(cellStyle);
- cellPolicyConditionType.setCellValue("Policy Condition Type");
+ Cell cellPolicyConditionType = row.createCell(17);
+ cellPolicyConditionType.setCellStyle(cellStyle);
+ cellPolicyConditionType.setCellValue("Policy Condition Type");
- Cell cellMaskingOptions = row.createCell(18);
- cellMaskingOptions.setCellStyle(cellStyle);
- cellMaskingOptions.setCellValue("Masking Options");
+ Cell cellMaskingOptions = row.createCell(18);
+ cellMaskingOptions.setCellStyle(cellStyle);
+ cellMaskingOptions.setCellValue("Masking Options");
- Cell cellRowFilterExpr = row.createCell(19);
- cellRowFilterExpr.setCellStyle(cellStyle);
- cellRowFilterExpr.setCellValue("Row Filter Expr");
+ Cell cellRowFilterExpr = row.createCell(19);
+ cellRowFilterExpr.setCellStyle(cellStyle);
+ cellRowFilterExpr.setCellValue("Row Filter Expr");
- Cell cellPolicyLabelName = row.createCell(20);
- cellPolicyLabelName.setCellStyle(cellStyle);
- cellPolicyLabelName.setCellValue("Policy Labels Name");
- }
+ Cell cellPolicyLabelName = row.createCell(20);
+ cellPolicyLabelName.setCellStyle(cellStyle);
+ cellPolicyLabelName.setCellValue("Policy Labels Name");
+ }
private RangerPolicyList searchRangerPolicies(SearchFilter
searchFilter) {
List<RangerPolicy> policyList = new ArrayList<RangerPolicy>();
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 86959423c..5aee2a2c0 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -2101,11 +2101,12 @@ public class ServiceREST {
policyLists = getAllFilteredPolicyList(filter, request,
policyLists);
if (CollectionUtils.isNotEmpty(policyLists)){
- for (RangerPolicy rangerPolicy : policyLists) {
- if (rangerPolicy != null) {
-
ensureAdminAndAuditAccess(rangerPolicy);
- }
- }
+ Map<String, String> mapServiceTypeAndImplClass
= new HashMap<String, String>();
+ for (RangerPolicy rangerPolicy : policyLists) {
+ if (rangerPolicy != null) {
+
ensureAdminAndAuditAccess(rangerPolicy, mapServiceTypeAndImplClass);
+ }
+ }
svcStore.getPoliciesInExcel(policyLists,
response);
}else{
response.setStatus(HttpServletResponse.SC_NO_CONTENT);
@@ -2153,12 +2154,12 @@ public class ServiceREST {
policyLists = getAllFilteredPolicyList(filter, request,
policyLists);
if (CollectionUtils.isNotEmpty(policyLists)){
- for (RangerPolicy rangerPolicy : policyLists) {
- if (rangerPolicy != null) {
-
ensureAdminAndAuditAccess(rangerPolicy);
- }
- }
-
+ Map<String, String> mapServiceTypeAndImplClass
= new HashMap<String, String> ();
+ for (RangerPolicy rangerPolicy : policyLists) {
+ if (rangerPolicy != null) {
+
ensureAdminAndAuditAccess(rangerPolicy, mapServiceTypeAndImplClass);
+ }
+ }
svcStore.getPoliciesInCSV(policyLists,
response);
}else{
response.setStatus(HttpServletResponse.SC_NO_CONTENT);
@@ -2212,9 +2213,10 @@ public class ServiceREST {
policyLists = getAllFilteredPolicyList(filter, request,
policyLists);
if (CollectionUtils.isNotEmpty(policyLists)) {
+ Map<String, String> mapServiceTypeAndImplClass
= new HashMap<String, String> ();
for (RangerPolicy rangerPolicy : policyLists) {
if (rangerPolicy != null) {
-
ensureAdminAndAuditAccess(rangerPolicy);
+
ensureAdminAndAuditAccess(rangerPolicy, mapServiceTypeAndImplClass);
}
}
bizUtil.blockAuditorRoleUser();
@@ -4195,6 +4197,10 @@ public class ServiceREST {
}
void ensureAdminAndAuditAccess(RangerPolicy policy) {
+ ensureAdminAndAuditAccess (policy, new HashMap<String,
String>());
+ }
+
+ void ensureAdminAndAuditAccess(RangerPolicy policy, Map<String, String>
mapServiceTypeAndImplClass) {
boolean isAdmin = bizUtil.isAdmin();
boolean isKeyAdmin = bizUtil.isKeyAdmin();
String userName = bizUtil.getCurrentUserLoginId();
@@ -4221,18 +4227,25 @@ public class ServiceREST {
+ userName + "' does not have
delegated-admin privilege on given resources", true);
}
} else {
-
- XXService xService =
daoManager.getXXService().findByName(policy.getService());
- XXServiceDef xServiceDef =
daoManager.getXXServiceDef().getById(xService.getType());
-
+ if (StringUtils.isBlank(policy.getServiceType())) {
+ XXService xService =
daoManager.getXXService().findByName(policy.getService());
+ XXServiceDef xServiceDef =
daoManager.getXXServiceDef().getById(xService.getType());
+
mapServiceTypeAndImplClass.put(xServiceDef.getName(),
xServiceDef.getImplclassname());
+ policy.setServiceType(xServiceDef.getName());
+ } else if
(!mapServiceTypeAndImplClass.containsKey(policy.getServiceType())) {
+ XXService xService =
daoManager.getXXService().findByName(policy.getService());
+ XXServiceDef xServiceDef =
daoManager.getXXServiceDef().getById(xService.getType());
+
mapServiceTypeAndImplClass.put(xServiceDef.getName(),
xServiceDef.getImplclassname());
+ }
+ String serviceDefImplClass =
mapServiceTypeAndImplClass.get(policy.getServiceType());
if (isAdmin || isAuditAdmin) {
- if
(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(xServiceDef.getImplclassname()))
{
+ if
(EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(serviceDefImplClass)) {
throw restErrorUtil.createRESTException(
"KMS
Policies/Services/Service-Defs are not accessible for user '"
+
userName + "'.", MessageEnums.OPER_NO_PERMISSION);
}
} else if (isKeyAdmin || isAuditKeyAdmin) {
- if
(!EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(xServiceDef.getImplclassname()))
{
+ if
(!EmbeddedServiceDefsUtil.KMS_IMPL_CLASS_NAME.equals(serviceDefImplClass)) {
throw
restErrorUtil.createRESTException("Only KMS Policies/Services/Service-Defs are
accessible for user '"
+ userName + "'.",
MessageEnums.OPER_NO_PERMISSION);
}
