This is an automated email from the ASF dual-hosted git repository.
dhavalrajpara pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 301c8ff41 RANGER-4681 : Audit logs for Mask & Row policy does not show
policy condition under policy item
301c8ff41 is described below
commit 301c8ff4155bb06b16037a2eb2bed237be4701c4
Author: Brijesh Bhalala <[email protected]>
AuthorDate: Mon May 13 15:14:04 2024 +0530
RANGER-4681 : Audit logs for Mask & Row policy does not show policy
condition under policy item
Signed-off-by: Dhaval.Rajpara <[email protected]>
---
.../main/webapp/react-webapp/src/styles/style.css | 12 +-
.../src/views/AuditEvent/AdminLogs/PolicyLogs.jsx | 293 +++++++++++++++------
.../AuditEvent/AdminLogs/PolicyViewDetails.jsx | 30 +--
3 files changed, 234 insertions(+), 101 deletions(-)
diff --git a/security-admin/src/main/webapp/react-webapp/src/styles/style.css
b/security-admin/src/main/webapp/react-webapp/src/styles/style.css
index e6b767f5e..40f28e75f 100644
--- a/security-admin/src/main/webapp/react-webapp/src/styles/style.css
+++ b/security-admin/src/main/webapp/react-webapp/src/styles/style.css
@@ -874,7 +874,7 @@ header {
}
/* Users / Groups / Roles CSS */
-.row-inactive td{
+.row-inactive td {
background-color: #f6f7f8 !important;
}
@@ -1031,6 +1031,7 @@ header {
.updateInfo {
margin-top: 10px;
+ padding-top: 10px;
border-top: 1px solid #ccc;
}
@@ -3014,12 +3015,13 @@ table a {
}
.resource-drop-down {
display: flex;
- justify-content:flex-end;
+ justify-content: flex-end;
gap: 1px;
}
-.form-check-input[type=checkbox], .form-check-input[type=radio] {
+.form-check-input[type="checkbox"],
+.form-check-input[type="radio"] {
border-color: #6c757d;
}
-.switch[class*="btn-outline"] .switch-handle{
- background-color:#6c757d !important;
+.switch[class*="btn-outline"] .switch-handle {
+ background-color: #6c757d !important;
}
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
index acd4f5825..6b2143adb 100644
---
a/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyLogs.jsx
@@ -30,7 +30,9 @@ import {
differenceWith,
forEach,
filter,
- map
+ map,
+ includes,
+ split
} from "lodash";
export const PolicyLogs = ({ data, reportdata }) => {
@@ -185,10 +187,13 @@ export const PolicyLogs = ({ data, reportdata }) => {
maskType = dataMaskLabel;
}
} else {
- if (dataMaskInfo.dataMaskType == "CUSTOM") {
- maskType = dataMaskInfo.dataMaskType + " : " + dataMaskInfo?.valueExpr;
+ if (includes(dataMaskInfo.dataMaskType, "CUSTOM")) {
+ maskType =
+ split(dataMaskInfo.dataMaskType, ":").pop() +
+ " : " +
+ dataMaskInfo?.valueExpr;
} else {
- maskType = dataMaskInfo.dataMaskType;
+ maskType = split(dataMaskInfo.dataMaskType, ":").pop();
}
}
@@ -1058,38 +1063,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
};
const getMaskingLabel = (DataMasklabel, dataMaskInfo, index) => {
- if (DataMasklabel) {
- if (
- !isEqual(
- newPolicyItemsDiff[index] &&
- newPolicyItemsDiff[index].DataMasklabel,
- oldPolicyItemsDiff[index] &&
oldPolicyItemsDiff[index].DataMasklabel
- )
- ) {
- return (
- <h6 className="d-inline">
- <Badge className="d-inline-flex me-1" bg="success">
- {getDataMaskType(DataMasklabel, dataMaskInfo)}
- </Badge>
- </h6>
- );
- } else {
- return getDataMaskType(DataMasklabel, dataMaskInfo);
- }
- }
if (dataMaskInfo) {
if (
!isEqual(
- newPolicyItemsDiff[index] &&
- newPolicyItemsDiff[index].dataMaskInfo.dataMaskType,
- oldPolicyItemsDiff[index] &&
- oldPolicyItemsDiff[index].dataMaskInfo.dataMaskType
+ newPolicyItemsDiff[index] &&
newPolicyItemsDiff[index].dataMaskInfo,
+ oldPolicyItemsDiff[index] && oldPolicyItemsDiff[index].dataMaskInfo
)
) {
return (
<h6 className="d-inline">
<Badge className="d-inline-flex me-1" bg="success">
- {dataMaskInfo.dataMaskType}
+ {getDataMaskType(DataMasklabel, dataMaskInfo)}
</Badge>
</h6>
);
@@ -1120,9 +1104,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
oldPolicyItemsDiff[index] &&
oldPolicyItemsDiff[index]?.conditions?.map((obj) => obj.values),
newPolicyItemsDiff[index] &&
- newPolicyItemsDiff[index]?.conditions?.map((obj) => {
- obj.values;
- })
+ newPolicyItemsDiff[index]?.conditions?.map((obj) => obj.values)
);
return !added ? (
<h6 className="d-inline">
@@ -1131,7 +1113,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
</Badge>
</h6>
) : (
- `${conditions.type}: ${conditions.values.join(", ")}`
+ `${conditions.type}: ${conditions.values.join(", ")} `
);
};
tableRow.push(
@@ -1399,32 +1381,11 @@ export const PolicyLogs = ({ data, reportdata }) => {
};
const getMaskingLabel = (DataMasklabel, dataMaskInfo, index) => {
- if (DataMasklabel) {
- if (
- !isEqual(
- oldPolicyItemsDiff[index] &&
- oldPolicyItemsDiff[index].DataMasklabel,
- newPolicyItemsDiff[index] &&
newPolicyItemsDiff[index].DataMasklabel
- )
- ) {
- return (
- <h6 className="d-inline">
- <Badge className="d-inline-flex me-1" bg="danger">
- {getDataMaskType(DataMasklabel, dataMaskInfo)}
- </Badge>
- </h6>
- );
- } else {
- return getDataMaskType(DataMasklabel, dataMaskInfo);
- }
- }
if (dataMaskInfo) {
if (
!isEqual(
- oldPolicyItemsDiff[index] &&
- oldPolicyItemsDiff[index].dataMaskInfo.dataMaskType,
- newPolicyItemsDiff[index] &&
- newPolicyItemsDiff[index].dataMaskInfo.dataMaskType
+ oldPolicyItemsDiff[index] &&
oldPolicyItemsDiff[index].dataMaskInfo,
+ newPolicyItemsDiff[index] && newPolicyItemsDiff[index].dataMaskInfo
)
) {
return (
@@ -1459,9 +1420,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
const getCondition = (conditions, index) => {
var removed = isEqual(
newPolicyItemsDiff[index] &&
- newPolicyItemsDiff[index]?.conditions?.map((obj) => {
- obj.values;
- }),
+ newPolicyItemsDiff[index]?.conditions?.map((obj) => obj.values),
oldPolicyItemsDiff[index] &&
oldPolicyItemsDiff[index]?.conditions?.map((obj) => obj.values)
);
@@ -1472,7 +1431,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
</Badge>
</h6>
) : (
- `${conditions.type}: ${conditions.values.join(", ")}`
+ `${conditions.type}: ${conditions.values.join(", ")} `
);
};
tableRow.push(
@@ -1858,7 +1817,14 @@ export const PolicyLogs = ({ data, reportdata }) => {
const importdelmaskpolicyold = importdelmaskPolicyItem.map(
(obj) => obj.previousValue
);
-
+ const importDeleteRowPolicyItem = reportdata.filter(
+ (obj) =>
+ obj.attributeName == "Row level filter Policy Items" &&
+ obj.action == "Import Delete"
+ );
+ const importDeleteRowPolicyOld = importDeleteRowPolicyItem.map(
+ (obj) => obj.previousValue
+ );
/*IMPORT DELETE END*/
/* IMPORT END LOGS*/
@@ -2118,7 +2084,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
{createRowMaskNew.map((policyitem) => {
return (
!isEmpty(policyitem) &&
- JSON.parse(policyitem).map((policy) => (
+ JSON.parse(policyitem).map((policy, index) => (
<tbody>
<tr>
<td className="table-warning text-nowrap
policyitem-field">
@@ -2160,7 +2126,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
-
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning text-nowrap
policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
<tr>
<td className="table-warning text-nowrap
policyitem-field">
<i>{`Row Level Filter`}</i>
@@ -2169,6 +2145,13 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
+ {JSON.parse(policyitem).length - 1 != index && (
+ <tr>
+ <td>
+ <br />
+ </td>
+ </tr>
+ )}
</tbody>
))
);
@@ -2510,7 +2493,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
-
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
<tr>
{policy.delegateAdmin == true && (
<td className="table-warning text-nowrap
policyitem-field">
@@ -2536,7 +2529,9 @@ export const PolicyLogs = ({ data, reportdata }) => {
</tr>
{JSON.parse(policyitem).length - 1 != index && (
<tr>
- <br />
+ <td>
+ <br />
+ </td>
</tr>
)}
</tbody>
@@ -2691,7 +2686,6 @@ export const PolicyLogs = ({ data, reportdata }) => {
</Table>
</Col>
</Row>
-
<br />
</>
)}
@@ -2774,7 +2768,6 @@ export const PolicyLogs = ({ data, reportdata }) => {
</Table>
</Col>
</Row>
-
<br />
</>
)}
@@ -2815,7 +2808,6 @@ export const PolicyLogs = ({ data, reportdata }) => {
</Table>
</Col>
</Row>
-
<br />
</>
)}
@@ -3032,7 +3024,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
<h5 className="bold wrap-header m-t-sm">
Row Level Filter Policy Items:
</h5>
- <Table className="table table-bordered table-responsive
w-auto">
+ <Table className="table table-bordered w-auto">
<thead className="thead-light">
<tr>
<th>Old Value</th>
@@ -3042,7 +3034,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
{deleteRowMaskOld.map((policyitem) => {
return (
!isEmpty(policyitem) &&
- JSON.parse(policyitem).map((policy) => (
+ JSON.parse(policyitem).map((policy, index) => (
<tbody>
<tr>
<td className="table-warning policyitem-field">
@@ -3084,7 +3076,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
-
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning text-nowrap
policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
<tr>
<td className="table-warning policyitem-field">
<i>{`Row Level Filter`}</i>
@@ -3093,12 +3095,19 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
+ {JSON.parse(policyitem).length - 1 != index && (
+ <tr>
+ <td>
+ <br />
+ </td>
+ </tr>
+ )}
</tbody>
))
);
})}
- <br />
</Table>
+ <br />
</>
)}
{action == "delete" &&
@@ -3161,7 +3170,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
-
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
<tr>
{policy.delegateAdmin == true && (
<td className="table-warning policyitem-field">
@@ -3187,7 +3206,9 @@ export const PolicyLogs = ({ data, reportdata }) => {
</tr>
{JSON.parse(policyitem).length - 1 != index && (
<tr>
- <br />
+ <td>
+ <br />
+ </td>
</tr>
)}
</tbody>
@@ -3783,7 +3804,17 @@ export const PolicyLogs = ({ data, reportdata }) => {
: "<empty>"}
</td>
</tr>
-
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
<tr>
{policy.delegateAdmin == true && (
<td className="table-warning policyitem-field">
@@ -3809,7 +3840,118 @@ export const PolicyLogs = ({ data, reportdata }) => {
</tr>
{JSON.parse(policyitem).length - 1 != index && (
<tr>
- <br />
+ <td>
+ <br />
+ </td>
+ </tr>
+ )}
+ </tbody>
+ ))
+ );
+ })}
+ </Table>
+ <br />
+ </>
+ )}
+
+ {action == "Import Delete" &&
+ !isEmpty(importDeleteRowPolicyOld) &&
+ !isUndefined(importDeleteRowPolicyOld) &&
+ importDeleteRowPolicyOld != 0 && (
+ <>
+ <h5 className="bold wrap-header m-t-sm">
+ Row Level Filter Policy Items:
+ </h5>
+
+ <Table className="table table-striped table-bordered
w-auto">
+ <thead className="thead-light">
+ <tr>
+ <th>Old Value</th>
+ </tr>
+ </thead>
+
+ {importDeleteRowPolicyOld.map((policyitem) => {
+ return (
+ !isEmpty(policyitem) &&
+ JSON.parse(policyitem).map((policy, index) => (
+ <tbody>
+ <tr>
+ <td className="table-warning policyitem-field">
+ <i>{`Roles`}</i>
+ {`: ${
+ !isEmpty(policy.roles)
+ ? policy.roles.join(", ")
+ : "<empty>"
+ } `}
+ </td>
+ </tr>
+ <tr>
+ <td className="table-warning policyitem-field">
+ <i>{`Groups`}</i>
+ {`: ${
+ !isEmpty(policy.groups)
+ ? policy.groups.join(", ")
+ : "<empty>"
+ } `}
+ </td>
+ </tr>
+ <tr>
+ <td className="table-warning policyitem-field">
+ <i>{`Users`}</i>
+ {`: ${
+ !isEmpty(policy.users)
+ ? policy.users.join(", ")
+ : "<empty>"
+ } `}
+ </td>
+ </tr>
+ <tr>
+ <td className="table-warning policyitem-field">
+ <i>{`Accesses`}</i>
+ {!isEmpty(policy.accesses)
+ ? `: ${policy.accesses
+ .map((obj) => obj.type)
+ .join(", ")} `
+ : "<empty>"}
+ </td>
+ </tr>
+ <tr>
+ {!isEmpty(policy.conditions) && (
+ <td className="table-warning policyitem-field">
+ <i>{`Conditions`}</i>
+ {`: ${policy.conditions.map(
+ (type) =>
+ `${type.type} : ${type.values.join(",
")}`
+ )} `}
+ </td>
+ )}
+ </tr>
+ <tr>
+ {policy.delegateAdmin == true && (
+ <td className="table-warning policyitem-field">
+ <i>{`Delegate Admin`}</i>
+ {`: ${
+ policy.delegateAdmin == true
+ ? "enabled"
+ : "disabled"
+ } `}
+ </td>
+ )}
+ </tr>
+ <tr>
+ {policy.DataMasklabel &&
+ policy.DataMasklabel.length > 0 && (
+ <td className="table-warning
policyitem-field">
+ <i>{`Data Mask Types`}</i>
+ {`: ${policy.DataMasklabel} `}
+ </td>
+ )}
+ </tr>
+ {JSON.parse(policyitem).length - 1 != index && (
+ <tr>
+ <td>
+ <br />
+ </td>
</tr>
)}
</tbody>
@@ -3853,6 +3995,7 @@ export const PolicyLogs = ({ data, reportdata }) => {
<br />
</>
)}
+
{action == "Import Delete" &&
!isEmpty(importDeleteItemsOld) &&
!isUndefined(importDeleteItemsOld) &&
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx
index 7dd2de84f..ac951e70b 100644
---
a/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx
@@ -29,12 +29,12 @@ import { ModalLoader } from
"../../../components/CommonComponents";
import { getServiceDef } from "../../../utils/appState";
export function PolicyViewDetails(props) {
+ const isMultiResources = true;
const [access, setAccess] = useState([]);
const [loader, SetLoader] = useState(true);
const [serviceDef, setServiceDef] = useState({});
const { updateServices } = props;
let { allServiceDefs, gdsServiceDef } = cloneDeep(getServiceDef());
- const isMultiResources = true;
useEffect(() => {
if (props.paramsData.isRevert) {
@@ -51,6 +51,7 @@ export function PolicyViewDetails(props) {
? props.paramsData.isRevert
: props.paramsData.version || props.paramsData.policyVersion
]);
+
const fetchInitialData = async () => {
await fetchByEventTime();
};
@@ -547,13 +548,10 @@ export function PolicyViewDetails(props) {
};
const getPolicyConditions = (conditions, serviceDef) => {
- let filterServiceDef = serviceDef;
const getConditionLabel = (label) => {
- let filterLabel = "";
- filterServiceDef.policyConditions.map((obj) =>
- obj.name == label ? (filterLabel = obj.label) : ""
- );
- return filterLabel;
+ let filterLabel = find(serviceDef.policyConditions, { name: label });
+
+ return filterLabel && filterLabel?.label ? filterLabel.label : "";
};
return (
!isEmpty(conditions) && (
@@ -647,7 +645,6 @@ export function PolicyViewDetails(props) {
</p>
</div>
</div>
-
<p className="form-header">Policy Details :</p>
<div className="overflow-auto">
<Table bordered size="sm" className="table-audit-filter-ready-only">
@@ -683,14 +680,8 @@ export function PolicyViewDetails(props) {
RangerPolicyType.RANGER_ROW_FILTER_POLICY_TYPE.value) &&
!isEmpty(validitySchedules) &&
getValidityPeriod(validitySchedules)}
- {policyType == RangerPolicyType.RANGER_ACCESS_POLICY_TYPE.value && (
- <>{getPolicyConditions(conditions, serviceDef)}</>
- )}
- {policyType == RangerPolicyType.RANGER_MASKING_POLICY_TYPE.value &&
- serviceType == "tag" && (
- <>{getPolicyConditions(conditions, serviceDef)}</>
- )}
-
+ {/* Get Policy Condition */}
+ {getPolicyConditions(conditions, serviceDef)}
{policyType == RangerPolicyType.RANGER_ACCESS_POLICY_TYPE.value && (
<>
<p className="form-header">Allow Conditions :</p>
@@ -708,7 +699,6 @@ export function PolicyViewDetails(props) {
<br />
</>
)}
-
{policyType == RangerPolicyType.RANGER_ACCESS_POLICY_TYPE.value &&
serviceDef?.options?.enableDenyAndExceptionsInPolicies == "true" && (
<>
@@ -793,7 +783,6 @@ export function PolicyViewDetails(props) {
</div>
</>
)}
-
{policyType == RangerPolicyType.RANGER_ROW_FILTER_POLICY_TYPE.value && (
<>
<p className="form-header">Row Level Conditions :</p>
@@ -809,7 +798,6 @@ export function PolicyViewDetails(props) {
</div>
</>
)}
-
{policyType == RangerPolicyType.RANGER_MASKING_POLICY_TYPE.value && (
<>
<p className="form-header">Masking Conditions :</p>
@@ -825,8 +813,8 @@ export function PolicyViewDetails(props) {
</div>
</>
)}
- <div className="updateInfo">
- <div className="pull-left">
+ <div className="updateInfo clearfix">
+ <div className="float-start">
<p>
<strong>Updated By : </strong> {updatedBy}
</p>
