[ranger] branch RANGER-3923 updated: RANGER-4459: updated GET sharedResources API to support filter by resource value

Mon, 09 Oct 2023 02:13:57 -0700 

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/RANGER-3923 by this push:
     new 66bcc8635 RANGER-4459: updated GET sharedResources API to support 
filter by resource value
66bcc8635 is described below

commit 66bcc8635f8201135915204146b1899aa36bba10
Author: Subhrat Chaudhary <[email protected]>
AuthorDate: Mon Oct 9 02:04:18 2023 -0700

    RANGER-4459: updated GET sharedResources API to support filter by resource 
value
    
    Signed-off-by: Madhan Neethiraj <[email protected]>
---
 .../apache/ranger/plugin/util/SearchFilter.java    |  1 +
 .../java/org/apache/ranger/biz/GdsDBStore.java     | 35 ++++++++++++++++++++--
 .../org/apache/ranger/common/RangerSearchUtil.java |  1 +
 .../service/RangerGdsSharedResourceService.java    |  7 +++--
 4 files changed, 39 insertions(+), 5 deletions(-)

diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
index f969cffc0..ed855446f 100755
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
@@ -109,6 +109,7 @@ public class SearchFilter {
        public static final String DATA_SHARE_NAME_PARTIAL  = 
"dataShareNamePartial"; // search, sort
        public static final String DATA_SHARE_ID            = "dataShareId";    
      // search, sort
        public static final String SHARED_RESOURCE_NAME     = 
"sharedResourceName";   // search, sort
+       public static final String RESOURCE_CONTAINS        = 
"resourceContains";     // search
        public static final String SHARED_RESOURCE_ID       = 
"sharedResourceId";     // search, sort
        public static final String PROFILE_NAME             = "profileName";    
      // search
        public static final String OWNER_NAME               = "ownerName";      
      // search
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
index 58b2d3ca0..9901ed79b 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
@@ -44,7 +44,6 @@ import 
org.apache.ranger.plugin.model.RangerGds.DataShareSummary;
 import org.apache.ranger.plugin.model.RangerGds.DataShareInDatasetSummary;
 import org.apache.ranger.plugin.model.RangerPolicy;
 import org.apache.ranger.plugin.model.RangerGds.GdsPermission;
-import org.apache.ranger.plugin.model.RangerGds.GdsShareStatus;
 import org.apache.ranger.plugin.model.RangerGds.RangerDataShare;
 import org.apache.ranger.plugin.model.RangerGds.RangerDataShareInDataset;
 import org.apache.ranger.plugin.model.RangerGds.RangerDataset;
@@ -967,13 +966,39 @@ public class GdsDBStore extends AbstractGdsStore {
         filter.setStartIndex(0);
         filter.setMaxRows(0);
 
+        final String resourceContains = 
filter.getParam(SearchFilter.RESOURCE_CONTAINS);
+
+        filter.removeParam(SearchFilter.RESOURCE_CONTAINS);
+
         RangerSharedResourceList   result          = 
sharedResourceService.searchSharedResources(filter);
         List<RangerSharedResource> sharedResources = new ArrayList<>();
 
-        for (RangerSharedResource dataShare : result.getList()) {
+        for (RangerSharedResource sharedResource : result.getList()) {
             // TODO: enforce RangerSharedResource.acl
+            boolean includeResource = true;
+
+            if (StringUtils.isNotEmpty(resourceContains)) {
+                includeResource = false;
 
-            sharedResources.add(dataShare);
+                if (sharedResource.getResource() != null) {
+                    final Collection<RangerPolicyResource> resources = 
sharedResource.getResource().values();
+
+                    if (CollectionUtils.isNotEmpty(resources)) {
+                        includeResource = 
resources.stream().filter(Objects::nonNull)
+                                                            
.map(RangerPolicyResource::getValues).filter(Objects::nonNull)
+                                                            .anyMatch(res -> 
hasResource(res, resourceContains));
+
+                        if (!includeResource && 
CollectionUtils.isNotEmpty(sharedResource.getSubResourceNames())) {
+                            includeResource = 
sharedResource.getSubResourceNames().stream().filter(Objects::nonNull)
+                                                                               
            .anyMatch(value -> value.contains(resourceContains));
+                        }
+                    }
+                }
+            }
+
+            if (includeResource) {
+                sharedResources.add(sharedResource);;
+            }
         }
 
         PList<RangerSharedResource> ret = getPList(sharedResources, 
startIndex, maxRows, result.getSortBy(), result.getSortType());
@@ -1661,4 +1686,8 @@ public class GdsDBStore extends AbstractGdsStore {
 
         return ret;
     }
+
+    private boolean hasResource(List<String> resources, String resourceValue) {
+        return resources.stream().filter(Objects::nonNull).anyMatch(resource 
-> resource.contains(resourceValue));
+    }
 }
diff --git 
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java 
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index 89174b2e4..90e9a6c02 100755
--- 
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -119,6 +119,7 @@ public class RangerSearchUtil extends SearchUtil {
                ret.setParam(SearchFilter.CREATE_TIME_END, 
request.getParameter(SearchFilter.CREATE_TIME_END));
                ret.setParam(SearchFilter.UPDATE_TIME_START, 
request.getParameter(SearchFilter.UPDATE_TIME_START));
                ret.setParam(SearchFilter.UPDATE_TIME_END, 
request.getParameter(SearchFilter.UPDATE_TIME_END));
+               ret.setParam(SearchFilter.RESOURCE_CONTAINS, 
request.getParameter(SearchFilter.RESOURCE_CONTAINS));
 
                extractCommonCriteriasForFilter(request, ret, sortFields);
 
diff --git 
a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java
 
b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java
index a96f6e8b3..d9eac708c 100755
--- 
a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java
+++ 
b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java
@@ -65,8 +65,11 @@ public class RangerGdsSharedResourceService extends 
RangerGdsBaseModelService<XX
         searchFields.add(new SearchField(SearchFilter.PROJECT_NAME,         
"p.name",          SearchField.DATA_TYPE.STRING,  SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh, XXGdsDataShareInDataset dshid, XXGdsDatasetInProject dip, 
XXGdsProject p", "obj.dataShareId = dsh.id and dsh.id = dshid.dataShareId and 
dshid.datasetId = dip.datasetId and dip.projectId = p.id"));
         searchFields.add(new SearchField(SearchFilter.PROJECT_ID,           
"dip.projectId",   SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh, XXGdsDataShareInDataset dshid, XXGdsDatasetInProject dip", 
"obj.dataShareId = dsh.id and dsh.id = dshid.dataShareId and dshid.datasetId = 
dip.datasetId"));
         searchFields.add(new SearchField(SearchFilter.ZONE_ID,              
"dsh.zoneId",      SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh", "obj.dataShareId = dsh.id"));
-        searchFields.add(new SearchField(SearchFilter.ZONE_NAME,            
"z.name",          SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh, XXSecurityZone z", "obj.dataShareId = dsh.id and 
dsh.zoneId = z.id"));
-        searchFields.add(new SearchField(SearchFilter.ZONE_NAME_PARTIAL,    
"z.name",          SearchField.DATA_TYPE.STRING, 
SearchField.SEARCH_TYPE.PARTIAL, "XXGdsDataShare dsh, XXSecurityZone z", 
"obj.dataShareId = dsh.id and dsh.zoneId = z.id"));
+        searchFields.add(new SearchField(SearchFilter.ZONE_NAME,            
"z.name",          SearchField.DATA_TYPE.STRING,  SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh, XXSecurityZone z", "obj.dataShareId = dsh.id and 
dsh.zoneId = z.id"));
+        searchFields.add(new SearchField(SearchFilter.ZONE_NAME_PARTIAL,    
"z.name",          SearchField.DATA_TYPE.STRING,  
SearchField.SEARCH_TYPE.PARTIAL, "XXGdsDataShare dsh, XXSecurityZone z", 
"obj.dataShareId = dsh.id and dsh.zoneId = z.id"));
+        searchFields.add(new SearchField(SearchFilter.SERVICE_ID,           
"dsh.serviceId",   SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh", "obj.dataShareId = dsh.id"));
+        searchFields.add(new SearchField(SearchFilter.SERVICE_NAME,         
"s.name",          SearchField.DATA_TYPE.STRING,  SearchField.SEARCH_TYPE.FULL, 
"XXGdsDataShare dsh, XXService s", "obj.dataShareId = dsh.id and dsh.serviceId 
= s.id"));
+        searchFields.add(new SearchField(SearchFilter.SERVICE_NAME_PARTIAL, 
"s.name",          SearchField.DATA_TYPE.STRING,  
SearchField.SEARCH_TYPE.PARTIAL, "XXGdsDataShare dsh, XXService s", 
"obj.dataShareId = dsh.id and dsh.serviceId = s.id"));
 
         sortFields.add(new SortField(SearchFilter.CREATE_TIME,  
"obj.createTime"));
         sortFields.add(new SortField(SearchFilter.UPDATE_TIME,  
"obj.updateTime"));

Reply via email to