http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java new file mode 100644 index 0000000..ac47ef0 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/AppConstants.java @@ -0,0 +1,955 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import java.util.*; + +import org.apache.ranger.common.*; + +public class AppConstants extends XACommonEnums { + + /*************************************************************** + * Enum values for AssetType + **************************************************************/ + /** + * ASSET_UNKNOWN is an element of enum AssetType. Its value is "ASSET_UNKNOWN". + */ + public static final int ASSET_UNKNOWN = 0; + /** + * ASSET_HDFS is an element of enum AssetType. Its value is "ASSET_HDFS". + */ + public static final int ASSET_HDFS = 1; + /** + * ASSET_HBASE is an element of enum AssetType. Its value is "ASSET_HBASE". + */ + public static final int ASSET_HBASE = 2; + /** + * ASSET_HIVE is an element of enum AssetType. Its value is "ASSET_HIVE". + */ + public static final int ASSET_HIVE = 3; + + /** + * enum XAAGENT is reserved for internal use + */ + public static final int XAAGENT = 4 ; + /** + * ASSET_KNOX is an element of enum AssetType. Its value is "ASSET_KNOX". + */ + public static final int ASSET_KNOX = 5; + /** + * ASSET_STORM is an element of enum AssetType. Its value is "ASSET_STORM". + */ + public static final int ASSET_STORM = 6; + + /** + * Max value for enum AssetType_MAX + */ + public static final int AssetType_MAX = 6; + + /*************************************************************** + * Enum values for PolicyType + **************************************************************/ + /** + * POLICY_INCLUSION is an element of enum PolicyType. Its value is "POLICY_INCLUSION". + */ + public static final int POLICY_INCLUSION = 0; + /** + * POLICY_EXCLUSION is an element of enum PolicyType. Its value is "POLICY_EXCLUSION". + */ + public static final int POLICY_EXCLUSION = 1; + + /*************************************************************** + * Enum values for XAAuditType + **************************************************************/ + /** + * XA_AUDIT_TYPE_UNKNOWN is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_UNKNOWN". + */ + public static final int XA_AUDIT_TYPE_UNKNOWN = 0; + /** + * XA_AUDIT_TYPE_ALL is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_ALL". + */ + public static final int XA_AUDIT_TYPE_ALL = 1; + /** + * XA_AUDIT_TYPE_READ is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_READ". + */ + public static final int XA_AUDIT_TYPE_READ = 2; + /** + * XA_AUDIT_TYPE_WRITE is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_WRITE". + */ + public static final int XA_AUDIT_TYPE_WRITE = 3; + /** + * XA_AUDIT_TYPE_CREATE is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_CREATE". + */ + public static final int XA_AUDIT_TYPE_CREATE = 4; + /** + * XA_AUDIT_TYPE_DELETE is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_DELETE". + */ + public static final int XA_AUDIT_TYPE_DELETE = 5; + /** + * XA_AUDIT_TYPE_LOGIN is an element of enum XAAuditType. Its value is "XA_AUDIT_TYPE_LOGIN". + */ + public static final int XA_AUDIT_TYPE_LOGIN = 6; + + /** + * Max value for enum XAAuditType_MAX + */ + public static final int XAAuditType_MAX = 6; + + + /*************************************************************** + * Enum values for ResourceType + **************************************************************/ + /** + * RESOURCE_UNKNOWN is an element of enum ResourceType. Its value is "RESOURCE_UNKNOWN". + */ + public static final int RESOURCE_UNKNOWN = 0; + /** + * RESOURCE_PATH is an element of enum ResourceType. Its value is "RESOURCE_PATH". + */ + public static final int RESOURCE_PATH = 1; + /** + * RESOURCE_DB is an element of enum ResourceType. Its value is "RESOURCE_DB". + */ + public static final int RESOURCE_DB = 2; + /** + * RESOURCE_TABLE is an element of enum ResourceType. Its value is "RESOURCE_TABLE". + */ + public static final int RESOURCE_TABLE = 3; + /** + * RESOURCE_COL_FAM is an element of enum ResourceType. Its value is "RESOURCE_COL_FAM". + */ + public static final int RESOURCE_COL_FAM = 4; + /** + * RESOURCE_COLUMN is an element of enum ResourceType. Its value is "RESOURCE_COLUMN". + */ + public static final int RESOURCE_COLUMN = 5; + /** + * RESOURCE_VIEW is an element of enum ResourceType. Its value is "RESOURCE_VIEW". + */ + public static final int RESOURCE_VIEW = 6; + /** + * RESOURCE_UDF is an element of enum ResourceType. Its value is "RESOURCE_UDF". + */ + public static final int RESOURCE_UDF = 7; + /** + * RESOURCE_VIEW_COL is an element of enum ResourceType. Its value is "RESOURCE_VIEW_COL". + */ + public static final int RESOURCE_VIEW_COL = 8; + /** + * RESOURCE_TOPOLOGY is an element of enum ResourceType. Its value is "RESOURCE_TOPOLOGY". + */ + public static final int RESOURCE_TOPOLOGY = 9; + /** + * RESOURCE_SERVICE_NAME is an element of enum ResourceType. Its value is "RESOURCE_SERVICE_NAME". + */ + public static final int RESOURCE_SERVICE_NAME = 10; + + /** + * Max value for enum ResourceType_MAX + */ + public static final int ResourceType_MAX = 10; + + + /*************************************************************** + * Enum values for XAGroupType + **************************************************************/ + /** + * XA_GROUP_UNKNOWN is an element of enum XAGroupType. Its value is "XA_GROUP_UNKNOWN". + */ + public static final int XA_GROUP_UNKNOWN = 0; + /** + * XA_GROUP_USER is an element of enum XAGroupType. Its value is "XA_GROUP_USER". + */ + public static final int XA_GROUP_USER = 1; + /** + * XA_GROUP_GROUP is an element of enum XAGroupType. Its value is "XA_GROUP_GROUP". + */ + public static final int XA_GROUP_GROUP = 2; + /** + * XA_GROUP_ROLE is an element of enum XAGroupType. Its value is "XA_GROUP_ROLE". + */ + public static final int XA_GROUP_ROLE = 3; + + /** + * Max value for enum XAGroupType_MAX + */ + public static final int XAGroupType_MAX = 3; + + + /*************************************************************** + * Enum values for XAPermForType + **************************************************************/ + /** + * XA_PERM_FOR_UNKNOWN is an element of enum XAPermForType. Its value is "XA_PERM_FOR_UNKNOWN". + */ + public static final int XA_PERM_FOR_UNKNOWN = 0; + /** + * XA_PERM_FOR_USER is an element of enum XAPermForType. Its value is "XA_PERM_FOR_USER". + */ + public static final int XA_PERM_FOR_USER = 1; + /** + * XA_PERM_FOR_GROUP is an element of enum XAPermForType. Its value is "XA_PERM_FOR_GROUP". + */ + public static final int XA_PERM_FOR_GROUP = 2; + + /** + * Max value for enum XAPermForType_MAX + */ + public static final int XAPermForType_MAX = 2; + + + /*************************************************************** + * Enum values for XAPermType + **************************************************************/ + /** + * XA_PERM_TYPE_UNKNOWN is an element of enum XAPermType. Its value is "XA_PERM_TYPE_UNKNOWN". + */ + public static final int XA_PERM_TYPE_UNKNOWN = 0; + /** + * XA_PERM_TYPE_RESET is an element of enum XAPermType. Its value is "XA_PERM_TYPE_RESET". + */ + public static final int XA_PERM_TYPE_RESET = 1; + /** + * XA_PERM_TYPE_READ is an element of enum XAPermType. Its value is "XA_PERM_TYPE_READ". + */ + public static final int XA_PERM_TYPE_READ = 2; + /** + * XA_PERM_TYPE_WRITE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_WRITE". + */ + public static final int XA_PERM_TYPE_WRITE = 3; + /** + * XA_PERM_TYPE_CREATE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_CREATE". + */ + public static final int XA_PERM_TYPE_CREATE = 4; + /** + * XA_PERM_TYPE_DELETE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_DELETE". + */ + public static final int XA_PERM_TYPE_DELETE = 5; + /** + * XA_PERM_TYPE_ADMIN is an element of enum XAPermType. Its value is "XA_PERM_TYPE_ADMIN". + */ + public static final int XA_PERM_TYPE_ADMIN = 6; + /** + * XA_PERM_TYPE_OBFUSCATE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_OBFUSCATE". + */ + public static final int XA_PERM_TYPE_OBFUSCATE = 7; + /** + * XA_PERM_TYPE_MASK is an element of enum XAPermType. Its value is "XA_PERM_TYPE_MASK". + */ + public static final int XA_PERM_TYPE_MASK = 8; + /** + * XA_PERM_TYPE_EXECUTE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_EXECUTE". + */ + public static final int XA_PERM_TYPE_EXECUTE = 9; + /** + * XA_PERM_TYPE_SELECT is an element of enum XAPermType. Its value is "XA_PERM_TYPE_SELECT". + */ + public static final int XA_PERM_TYPE_SELECT = 10; + /** + * XA_PERM_TYPE_UPDATE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_UPDATE". + */ + public static final int XA_PERM_TYPE_UPDATE = 11; + /** + * XA_PERM_TYPE_DROP is an element of enum XAPermType. Its value is "XA_PERM_TYPE_DROP". + */ + public static final int XA_PERM_TYPE_DROP = 12; + /** + * XA_PERM_TYPE_ALTER is an element of enum XAPermType. Its value is "XA_PERM_TYPE_ALTER". + */ + public static final int XA_PERM_TYPE_ALTER = 13; + /** + * XA_PERM_TYPE_INDEX is an element of enum XAPermType. Its value is "XA_PERM_TYPE_INDEX". + */ + public static final int XA_PERM_TYPE_INDEX = 14; + /** + * XA_PERM_TYPE_LOCK is an element of enum XAPermType. Its value is "XA_PERM_TYPE_LOCK". + */ + public static final int XA_PERM_TYPE_LOCK = 15; + /** + * XA_PERM_TYPE_ALL is an element of enum XAPermType. Its value is "XA_PERM_TYPE_ALL". + */ + public static final int XA_PERM_TYPE_ALL = 16; + /** + * XA_PERM_TYPE_ALLOW is an element of enum XAPermType. Its value is "XA_PERM_TYPE_ALLOW". + */ + public static final int XA_PERM_TYPE_ALLOW = 17; + /** + * XA_PERM_TYPE_SUBMIT_TOPOLOGY is an element of enum XAPermType. Its value is "XA_PERM_TYPE_SUBMIT_TOPOLOGY". + */ + public static final int XA_PERM_TYPE_SUBMIT_TOPOLOGY = 18; + /** + * XA_PERM_TYPE_FILE_UPLOAD is an element of enum XAPermType. Its value is "XA_PERM_TYPE_FILE_UPLOAD". + */ + public static final int XA_PERM_TYPE_FILE_UPLOAD = 19; + /** + * XA_PERM_TYPE_GET_NIMBUS is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_NIMBUS". + */ + public static final int XA_PERM_TYPE_GET_NIMBUS = 20; + /** + * XA_PERM_TYPE_GET_CLUSTER_INFO is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_CLUSTER_INFO". + */ + public static final int XA_PERM_TYPE_GET_CLUSTER_INFO = 21; + /** + * XA_PERM_TYPE_FILE_DOWNLOAD is an element of enum XAPermType. Its value is "XA_PERM_TYPE_FILE_DOWNLOAD". + */ + public static final int XA_PERM_TYPE_FILE_DOWNLOAD = 22; + /** + * XA_PERM_TYPE_KILL_TOPOLOGY is an element of enum XAPermType. Its value is "XA_PERM_TYPE_KILL_TOPOLOGY". + */ + public static final int XA_PERM_TYPE_KILL_TOPOLOGY = 23; + /** + * XA_PERM_TYPE_REBALANCE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_REBALANCE". + */ + public static final int XA_PERM_TYPE_REBALANCE = 24; + /** + * XA_PERM_TYPE_ACTIVATE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_ACTIVATE". + */ + public static final int XA_PERM_TYPE_ACTIVATE = 25; + /** + * XA_PERM_TYPE_DEACTIVATE is an element of enum XAPermType. Its value is "XA_PERM_TYPE_DEACTIVATE". + */ + public static final int XA_PERM_TYPE_DEACTIVATE = 26; + /** + * XA_PERM_TYPE_GET_TOPOLOGY_CONF is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_TOPOLOGY_CONF". + */ + public static final int XA_PERM_TYPE_GET_TOPOLOGY_CONF = 27; + /** + * XA_PERM_TYPE_GET_TOPOLOGY is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_TOPOLOGY". + */ + public static final int XA_PERM_TYPE_GET_TOPOLOGY = 28; + /** + * XA_PERM_TYPE_GET_USER_TOPOLOGY is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_USER_TOPOLOGY". + */ + public static final int XA_PERM_TYPE_GET_USER_TOPOLOGY = 29; + /** + * XA_PERM_TYPE_GET_TOPOLOGY_INFO is an element of enum XAPermType. Its value is "XA_PERM_TYPE_GET_TOPOLOGY_INFO". + */ + public static final int XA_PERM_TYPE_GET_TOPOLOGY_INFO = 30; + /** + * XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL is an element of enum XAPermType. Its value is "XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL". + */ + public static final int XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL = 31; + + /** + * Max value for enum XAPermType_MAX + */ + public static final int XAPermType_MAX = 31; + + /*************************************************************** + * Enum values for DatabaseFavor + **************************************************************/ + /** + * DB Favor Unknown + */ + public static final int DB_FLAVOR_UNKNOWN = 0; + /** + * DB Favor MySql + */ + public static final int DB_FLAVOR_MYSQL = 1; + /** + * DB Favor Oracle + */ + public static final int DB_FLAVOR_ORACLE = 2; + + + /*************************************************************** + * Enum values for ClassTypes + **************************************************************/ + /** + * CLASS_TYPE_XA_ASSET is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_ASSET". + */ + public static final int CLASS_TYPE_XA_ASSET = 1000; + /** + * CLASS_TYPE_XA_RESOURCE is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_RESOURCE". + */ + public static final int CLASS_TYPE_XA_RESOURCE = 1001; + /** + * CLASS_TYPE_XA_GROUP is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_GROUP". + */ + public static final int CLASS_TYPE_XA_GROUP = 1002; + /** + * CLASS_TYPE_XA_USER is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_USER". + */ + public static final int CLASS_TYPE_XA_USER = 1003; + /** + * CLASS_TYPE_XA_GROUP_USER is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_GROUP_USER". + */ + public static final int CLASS_TYPE_XA_GROUP_USER = 1004; + /** + * CLASS_TYPE_XA_GROUP_GROUP is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_GROUP_GROUP". + */ + public static final int CLASS_TYPE_XA_GROUP_GROUP = 1005; + /** + * CLASS_TYPE_XA_PERM_MAP is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_PERM_MAP". + */ + public static final int CLASS_TYPE_XA_PERM_MAP = 1006; + /** + * CLASS_TYPE_XA_AUDIT_MAP is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_AUDIT_MAP". + */ + public static final int CLASS_TYPE_XA_AUDIT_MAP = 1007; + /** + * CLASS_TYPE_XA_CRED_STORE is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_CRED_STORE". + */ + public static final int CLASS_TYPE_XA_CRED_STORE = 1008; + /** + * CLASS_TYPE_XA_COMN_REF is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_COMN_REF". + */ + public static final int CLASS_TYPE_XA_COMN_REF = 1009; + /** + * CLASS_TYPE_XA_LICENSE is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_LICENSE". + */ + public static final int CLASS_TYPE_XA_LICENSE = 1010; + /** + * CLASS_TYPE_XA_POLICY_EXPORT_AUDIT is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_POLICY_EXPORT_AUDIT". + */ + public static final int CLASS_TYPE_XA_POLICY_EXPORT_AUDIT = 1011; + /** + * CLASS_TYPE_TRX_LOG is an element of enum ClassTypes. Its value is "CLASS_TYPE_TRX_LOG". + */ + public static final int CLASS_TYPE_TRX_LOG = 1012; + /** + * CLASS_TYPE_XA_ACCESS_AUDIT is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_ACCESS_AUDIT". + */ + public static final int CLASS_TYPE_XA_ACCESS_AUDIT = 1013; + /** + * CLASS_TYPE_XA_TRANSACTION_LOG_ATTRIBUTE is an element of enum ClassTypes. Its value is "CLASS_TYPE_XA_TRANSACTION_LOG_ATTRIBUTE". + */ + public static final int CLASS_TYPE_XA_TRANSACTION_LOG_ATTRIBUTE = 1014; + + /** + * Max value for enum ClassTypes_MAX + */ + public static final int ClassTypes_MAX = 1014; + + + + static public String getLabelFor_AssetType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //ASSET_UNKNOWN + } + if( elementValue == 1 ) { + return "HDFS"; //ASSET_HDFS + } + if( elementValue == 2 ) { + return "HBase"; //ASSET_HBASE + } + if( elementValue == 3 ) { + return "Hive"; //ASSET_HIVE + } + if( elementValue == 4 ) { + return "XAAGENT"; // XAAGENT + } + if( elementValue == 5 ) { + return "Knox"; //ASSET_KNOX + } + if( elementValue == 6 ) { + return "Storm"; //ASSET_STORM + } + return null; + } + + static public String getLabelFor_PolicyType( int elementValue ) { + if( elementValue == 0 ) { + return "Inclusion"; //POLICY_INCLUSION + } + if( elementValue == 1 ) { + return "Exclusion"; //POLICY_EXCLUSION + } + return null; + } + + static public String getLabelFor_XAAuditType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //XA_AUDIT_TYPE_UNKNOWN + } + if( elementValue == 1 ) { + return "All"; //XA_AUDIT_TYPE_ALL + } + if( elementValue == 2 ) { + return "Read"; //XA_AUDIT_TYPE_READ + } + if( elementValue == 3 ) { + return "Write"; //XA_AUDIT_TYPE_WRITE + } + if( elementValue == 4 ) { + return "Create"; //XA_AUDIT_TYPE_CREATE + } + if( elementValue == 5 ) { + return "Delete"; //XA_AUDIT_TYPE_DELETE + } + if( elementValue == 6 ) { + return "Login"; //XA_AUDIT_TYPE_LOGIN + } + return null; + } + + static public String getLabelFor_ResourceType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //RESOURCE_UNKNOWN + } + if( elementValue == 1 ) { + return "Path"; //RESOURCE_PATH + } + if( elementValue == 2 ) { + return "Database"; //RESOURCE_DB + } + if( elementValue == 3 ) { + return "Table"; //RESOURCE_TABLE + } + if( elementValue == 4 ) { + return "Column Family"; //RESOURCE_COL_FAM + } + if( elementValue == 5 ) { + return "Column"; //RESOURCE_COLUMN + } + if( elementValue == 6 ) { + return "VIEW"; //RESOURCE_VIEW + } + if( elementValue == 7 ) { + return "UDF"; //RESOURCE_UDF + } + if( elementValue == 8 ) { + return "View Column"; //RESOURCE_VIEW_COL + } + if( elementValue == 9 ) { + return "Topology"; //RESOURCE_TOPOLOGY + } + if( elementValue == 10 ) { + return "Service"; //RESOURCE_SERVICE + } + return null; + } + + static public String getLabelFor_XAGroupType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //XA_GROUP_UNKNOWN + } + if( elementValue == 1 ) { + return "User"; //XA_GROUP_USER + } + if( elementValue == 2 ) { + return "Group"; //XA_GROUP_GROUP + } + if( elementValue == 3 ) { + return "Role"; //XA_GROUP_ROLE + } + return null; + } + + static public String getLabelFor_XAPermForType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //XA_PERM_FOR_UNKNOWN + } + if( elementValue == 1 ) { + return "Permission for Users"; //XA_PERM_FOR_USER + } + if( elementValue == 2 ) { + return "Permission for Groups"; //XA_PERM_FOR_GROUP + } + return null; + } + + static public String getLabelFor_XAPermType( int elementValue ) { + if( elementValue == 0 ) { + return "Unknown"; //XA_PERM_TYPE_UNKNOWN + } + if( elementValue == 1 ) { + return "Reset"; //XA_PERM_TYPE_RESET + } + if( elementValue == 2 ) { + return "Read"; //XA_PERM_TYPE_READ + } + if( elementValue == 3 ) { + return "Write"; //XA_PERM_TYPE_WRITE + } + if( elementValue == 4 ) { + return "Create"; //XA_PERM_TYPE_CREATE + } + if( elementValue == 5 ) { + return "Delete"; //XA_PERM_TYPE_DELETE + } + if( elementValue == 6 ) { + return "Admin"; //XA_PERM_TYPE_ADMIN + } + if( elementValue == 7 ) { + return "Obfuscate"; //XA_PERM_TYPE_OBFUSCATE + } + if( elementValue == 8 ) { + return "Mask"; //XA_PERM_TYPE_MASK + } + if( elementValue == 9 ) { + return "Execute"; //XA_PERM_TYPE_EXECUTE + } + if( elementValue == 10 ) { + return "Select"; //XA_PERM_TYPE_SELECT + } + if( elementValue == 11 ) { + return "Update"; //XA_PERM_TYPE_UPDATE + } + if( elementValue == 12 ) { + return "Drop"; //XA_PERM_TYPE_DROP + } + if( elementValue == 13 ) { + return "Alter"; //XA_PERM_TYPE_ALTER + } + if( elementValue == 14 ) { + return "Index"; //XA_PERM_TYPE_INDEX + } + if( elementValue == 15 ) { + return "Lock"; //XA_PERM_TYPE_LOCK + } + if( elementValue == 16 ) { + return "All"; //XA_PERM_TYPE_ALL + } + if( elementValue == 17 ) { + return "Allow"; //XA_PERM_TYPE_ALLOW + } + if( elementValue == 18 ) { + // return "Submit Topology"; //XA_PERM_TYPE_SUBMIT_TOPOLOGY + return "submitTopology" ; + } + if( elementValue == 19 ) { + // return "File Upload"; //XA_PERM_TYPE_FILE_UPLOAD + return "fileUpload" ; + } + if( elementValue == 20 ) { + // return "Get Nimbus Conf"; //XA_PERM_TYPE_GET_NIMBUS + return "getNimbusConf" ; + } + if( elementValue == 21 ) { + // return "Get Cluster Info"; //XA_PERM_TYPE_GET_CLUSTER_INFO + return "getClusterInfo" ; + } + if( elementValue == 22 ) { + // return "File Download"; //XA_PERM_TYPE_FILE_DOWNLOAD + return "fileDownload" ; + } + if( elementValue == 23 ) { + // return "Kill Topology"; //XA_PERM_TYPE_KILL_TOPOLOGY + return "killTopology" ; + } + if( elementValue == 24 ) { + // return "Rebalance"; //XA_PERM_TYPE_REBALANCE + return "rebalance" ; + } + if( elementValue == 25 ) { + // return "Activate"; //XA_PERM_TYPE_ACTIVATE + return "activate" ; + } + if( elementValue == 26 ) { + // return "Deactivate"; //XA_PERM_TYPE_DEACTIVATE + return "deactivate" ; + } + if( elementValue == 27 ) { + // return "Get Topology Conf"; //XA_PERM_TYPE_GET_TOPOLOGY_CONF + return "getTopologyConf" ; + } + if( elementValue == 28 ) { + // return "Get Topology"; //XA_PERM_TYPE_GET_TOPOLOGY + return "getTopology" ; + } + if( elementValue == 29 ) { + // return "Get User Topology"; //XA_PERM_TYPE_GET_USER_TOPOLOGY + return "getUserTopology" ; + } + if( elementValue == 30 ) { + // return "Get Topology Info"; //XA_PERM_TYPE_GET_TOPOLOGY_INFO + return "getTopologyInfo" ; + } + if( elementValue == 31 ) { + // return "Upload New Credential"; //XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL + return "uploadNewCredentials" ; + } + return null; + } + + static public String getLabelFor_ClassTypes( int elementValue ) { + if( elementValue == 1000 ) { + return "Asset"; //CLASS_TYPE_XA_ASSET + } + if( elementValue == 1001 ) { + return "Resource"; //CLASS_TYPE_XA_RESOURCE + } + if( elementValue == 1002 ) { + return "XA Group"; //CLASS_TYPE_XA_GROUP + } + if( elementValue == 1003 ) { + return "XA User"; //CLASS_TYPE_XA_USER + } + if( elementValue == 1004 ) { + return "XA Group of Users"; //CLASS_TYPE_XA_GROUP_USER + } + if( elementValue == 1005 ) { + return "XA Group of groups"; //CLASS_TYPE_XA_GROUP_GROUP + } + if( elementValue == 1006 ) { + return "XA permissions for resource"; //CLASS_TYPE_XA_PERM_MAP + } + if( elementValue == 1007 ) { + return "XA audits for resource"; //CLASS_TYPE_XA_AUDIT_MAP + } + if( elementValue == 1008 ) { + return "XA credential store"; //CLASS_TYPE_XA_CRED_STORE + } + if( elementValue == 1009 ) { + return "XA Common Reference"; //CLASS_TYPE_XA_COMN_REF + } + if( elementValue == 1010 ) { + return "XA License"; //CLASS_TYPE_XA_LICENSE + } + if( elementValue == 1011 ) { + return "XA Policy Export Audit"; //CLASS_TYPE_XA_POLICY_EXPORT_AUDIT + } + if( elementValue == 1012 ) { + return "Transaction log"; //CLASS_TYPE_TRX_LOG + } + if( elementValue == 1013 ) { + return "Access Audit"; //CLASS_TYPE_XA_ACCESS_AUDIT + } + return null; + } + + static public int getEnumFor_AssetType(String label) { + if (label == null) { + return 0; + } + if (label.equalsIgnoreCase("Unknown")) { + return AppConstants.ASSET_UNKNOWN; // ASSET_UNKNOWN + } + if (label.equalsIgnoreCase("HDFS")) { + return AppConstants.ASSET_HDFS; // ASSET_HDFS + } + if (label.equalsIgnoreCase("HBase")) { + return AppConstants.ASSET_HBASE; // ASSET_HBASE + } + if (label.equalsIgnoreCase("Hive")) { + return AppConstants.ASSET_HIVE; // ASSET_HIVE + } + if (label.equalsIgnoreCase("Knox")) { + return AppConstants.ASSET_KNOX; // ASSET_KNOX + } + if (label.equalsIgnoreCase("Storm")) { + return AppConstants.ASSET_STORM; // ASSET_STORM + } + return 0; + } + + static public int getEnumFor_BooleanValue(boolean label) { + if (label) { + return AppConstants.BOOL_TRUE; + } else { + return AppConstants.BOOL_FALSE; + } + } + + static public boolean getBooleanFor_BooleanValue(int elementValue) { + if (elementValue == 1) { + return true; + } + if (elementValue == 2) { + return false; + } + return false; + } + + static public int getEnumFor_ResourceType(String label) { + if (label == null) { + return 0; + } + if (label.equalsIgnoreCase("Unknown")) { + return AppConstants.RESOURCE_UNKNOWN; // RESOURCE_UNKNOWN + } + if (label.equalsIgnoreCase("Path")) { + return AppConstants.RESOURCE_PATH; // RESOURCE_PATH + } + if (label.equalsIgnoreCase("Database")) { + return AppConstants.RESOURCE_DB; // RESOURCE_DB + } + if (label.equalsIgnoreCase("Table")) { + return AppConstants.RESOURCE_TABLE; // RESOURCE_TABLE + } + if (label.equalsIgnoreCase("Column Family")) { + return AppConstants.RESOURCE_COL_FAM; // RESOURCE_COL_FAM + } + if (label.equalsIgnoreCase("Column")) { + return AppConstants.RESOURCE_COLUMN; // RESOURCE_COLUMN + } + if (label.equalsIgnoreCase("VIEW")) { + return AppConstants.RESOURCE_VIEW; // RESOURCE_VIEW + } + if (label.equalsIgnoreCase("UDF")) { + return AppConstants.RESOURCE_UDF; // RESOURCE_UDF + } + if (label.equalsIgnoreCase("View Column")) { + return AppConstants.RESOURCE_VIEW_COL; // RESOURCE_VIEW_COL + } + if (label.equalsIgnoreCase("Topology")) { + return AppConstants.RESOURCE_TOPOLOGY; // RESOURCE_TOPOLOGY + } + if (label.equalsIgnoreCase("Service")) { + return AppConstants.RESOURCE_SERVICE_NAME; // RESOURCE_SERVICE_NAME + } + return 0; + } + + static public int getEnumFor_XAPermType(String label) { + if (label == null) { + return 0; + } + if (label.equalsIgnoreCase("Unknown")) { + return AppConstants.XA_PERM_TYPE_UNKNOWN; // XA_PERM_TYPE_UNKNOWN + } + if (label.equalsIgnoreCase("Reset")) { + return AppConstants.XA_PERM_TYPE_RESET; // XA_PERM_TYPE_RESET + } + if (label.equalsIgnoreCase("Read")) { + return AppConstants.XA_PERM_TYPE_READ; // XA_PERM_TYPE_READ + } + if (label.equalsIgnoreCase("Write")) { + return AppConstants.XA_PERM_TYPE_WRITE; // XA_PERM_TYPE_WRITE + } + if (label.equalsIgnoreCase("Create")) { + return AppConstants.XA_PERM_TYPE_CREATE; // XA_PERM_TYPE_CREATE + } + if (label.equalsIgnoreCase("Delete")) { + return AppConstants.XA_PERM_TYPE_DELETE; // XA_PERM_TYPE_DELETE + } + if (label.equalsIgnoreCase("Admin")) { + return AppConstants.XA_PERM_TYPE_ADMIN; // XA_PERM_TYPE_ADMIN + } + if (label.equalsIgnoreCase("Obfuscate")) { + return AppConstants.XA_PERM_TYPE_OBFUSCATE; // XA_PERM_TYPE_OBFUSCATE + } + if (label.equalsIgnoreCase("Mask")) { + return AppConstants.XA_PERM_TYPE_MASK; // XA_PERM_TYPE_MASK + } + if (label.equalsIgnoreCase("Execute")) { + return AppConstants.XA_PERM_TYPE_EXECUTE; // XA_PERM_TYPE_EXECUTE + } + if (label.equalsIgnoreCase("Select")) { + return AppConstants.XA_PERM_TYPE_SELECT; // XA_PERM_TYPE_SELECT + } + if (label.equalsIgnoreCase("Update")) { + return AppConstants.XA_PERM_TYPE_UPDATE; // XA_PERM_TYPE_UPDATE + } + if (label.equalsIgnoreCase("Drop")) { + return AppConstants.XA_PERM_TYPE_DROP; // XA_PERM_TYPE_DROP + } + if (label.equalsIgnoreCase("Alter")) { + return AppConstants.XA_PERM_TYPE_ALTER; // XA_PERM_TYPE_ALTER + } + if (label.equalsIgnoreCase("Index")) { + return AppConstants.XA_PERM_TYPE_INDEX; // XA_PERM_TYPE_INDEX + } + if (label.equalsIgnoreCase("Lock")) { + return AppConstants.XA_PERM_TYPE_LOCK; // XA_PERM_TYPE_LOCK + } + if (label.equalsIgnoreCase("All")) { + return AppConstants.XA_PERM_TYPE_ALL; // XA_PERM_TYPE_ALL + } + if(label.equalsIgnoreCase("Allow")) { + return AppConstants.XA_PERM_TYPE_ALLOW; //XA_PERM_TYPE_ALLOW + } + if(label.equalsIgnoreCase("submitTopology")) { + return AppConstants.XA_PERM_TYPE_SUBMIT_TOPOLOGY; //XA_PERM_TYPE_SUBMIT_TOPOLOGY + } + if(label.equalsIgnoreCase("fileUpload")) { + return AppConstants.XA_PERM_TYPE_FILE_UPLOAD; //XA_PERM_TYPE_FILE_UPLOAD + } + if(label.equalsIgnoreCase("getNimbusConf")) { + return AppConstants.XA_PERM_TYPE_GET_NIMBUS; //XA_PERM_TYPE_GET_NIMBUS + } + if(label.equalsIgnoreCase("getClusterInfo")) { + return AppConstants.XA_PERM_TYPE_GET_CLUSTER_INFO; //XA_PERM_TYPE_GET_CLUSTER_INFO + } + if(label.equalsIgnoreCase("fileDownload")) { + return AppConstants.XA_PERM_TYPE_FILE_DOWNLOAD; //XA_PERM_TYPE_FILE_DOWNLOAD + } + if(label.equalsIgnoreCase("killTopology")) { + return AppConstants.XA_PERM_TYPE_KILL_TOPOLOGY; //XA_PERM_TYPE_KILL_TOPOLOGY + } + if(label.equalsIgnoreCase("rebalance")) { + return AppConstants.XA_PERM_TYPE_REBALANCE; //XA_PERM_TYPE_REBALANCE + } + if(label.equalsIgnoreCase("activate")) { + return AppConstants.XA_PERM_TYPE_ACTIVATE; //XA_PERM_TYPE_ACTIVATE + } + if(label.equalsIgnoreCase("deactivate")) { + return AppConstants.XA_PERM_TYPE_DEACTIVATE; //XA_PERM_TYPE_DEACTIVATE + } + if(label.equalsIgnoreCase("getTopologyConf")) { + return AppConstants.XA_PERM_TYPE_GET_TOPOLOGY_CONF; //XA_PERM_TYPE_GET_TOPOLOGY_CONF + } + if(label.equalsIgnoreCase("getTopology")) { + return AppConstants.XA_PERM_TYPE_GET_TOPOLOGY; //XA_PERM_TYPE_GET_TOPOLOGY + } + if(label.equalsIgnoreCase("getUserTopology")) { + return AppConstants.XA_PERM_TYPE_GET_USER_TOPOLOGY; //XA_PERM_TYPE_GET_USER_TOPOLOGY + } + if(label.equalsIgnoreCase("getTopologyInfo")) { + return AppConstants.XA_PERM_TYPE_GET_TOPOLOGY_INFO; //XA_PERM_TYPE_GET_TOPOLOGY_INFO + } + if(label.equalsIgnoreCase("uploadNewCredentials")) { + return AppConstants.XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL; //XA_PERM_TYPE_UPLOAD_NEW_CREDENTIAL + } + return 0; + } + + static public int getEnumFor_PolicyType(String label) { + if (label == null) { + return 0; + } + if (label.equalsIgnoreCase("Inclusion")) { + return AppConstants.POLICY_INCLUSION; // POLICY_INCLUSION + } + if (label.equalsIgnoreCase("Exclusion")) { + return AppConstants.POLICY_EXCLUSION; // POLICY_EXCLUSION + } + return 0; + } + + static public int getEnumFor_DatabaseFlavor(String label) { + if (label == null) { + return DB_FLAVOR_UNKNOWN; // DB_FLAVOR_UNKNOWN + } + if ("MYSQL".equalsIgnoreCase(label)) { + return DB_FLAVOR_MYSQL; // DB_FLAVOR_MYSQL + } + if ("ORACLE".equalsIgnoreCase(label)) { + return DB_FLAVOR_ORACLE; // DB_FLAVOR_ORACLE + } + return DB_FLAVOR_UNKNOWN; + } + + static public String getLabelFor_DatabaseFlavor(int elementValue) { + if (elementValue == DB_FLAVOR_UNKNOWN) { + return "UNKNOWN"; // Unknown + } + if (elementValue == DB_FLAVOR_MYSQL) { + return "MYSQL"; // MYSQL + } + if (elementValue == DB_FLAVOR_ORACLE) { + return "ORACLE"; // ORACLE + } + return null; + } + +} +
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java new file mode 100644 index 0000000..026e253 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/ContextUtil.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import org.apache.ranger.security.context.XAContextHolder; +import org.apache.ranger.security.context.XASecurityContext; + +public class ContextUtil { + + /** + * Singleton class + */ + private ContextUtil() { + } + + public static Long getCurrentUserId() { + XASecurityContext context = XAContextHolder.getSecurityContext(); + if (context != null) { + UserSessionBase userSession = context.getUserSession(); + if (userSession != null) { + return userSession.getUserId(); + } + } + return null; + } + + public static String getCurrentUserPublicName() { + XASecurityContext context = XAContextHolder.getSecurityContext(); + if (context != null) { + UserSessionBase userSession = context.getUserSession(); + if (userSession != null) { + return userSession.getXXPortalUser().getPublicScreenName(); + // return userSession.getGjUser().getPublicScreenName(); + } + } + return null; + } + + public static UserSessionBase getCurrentUserSession() { + UserSessionBase userSession = null; + XASecurityContext context = XAContextHolder.getSecurityContext(); + if (context != null) { + userSession = context.getUserSession(); + } + return userSession; + } + + public static RequestContext getCurrentRequestContext() { + XASecurityContext context = XAContextHolder.getSecurityContext(); + if (context != null) { + return context.getRequestContext(); + } + return null; + } + + public static String getCurrentUserLoginId() { + XASecurityContext context = XAContextHolder.getSecurityContext(); + if (context != null) { + UserSessionBase userSession = context.getUserSession(); + if (userSession != null) { + return userSession.getLoginId(); + } + } + return null; + } + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java b/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java new file mode 100644 index 0000000..a553978 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/DateUtil.java @@ -0,0 +1,108 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; +import java.text.SimpleDateFormat; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; +import java.util.TimeZone; +import org.springframework.stereotype.Component; + + +@Component +public class DateUtil { + + private static final TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); + + public Date getDateFromNow(int days) { + return getDateFromNow(days, 0, 0); + } + + public Date getDateFromNow(int days, int hours, int minutes) { + Calendar cal = Calendar.getInstance(); + cal.add(Calendar.DATE, days); + cal.add(Calendar.HOUR, hours); + cal.add(Calendar.MINUTE, minutes); + return cal.getTime(); + } + + public static String dateToString(Date date, String dateFromat) { + SimpleDateFormat formatter = new SimpleDateFormat(dateFromat); + return formatter.format(date).toString(); + } + + public Date getDateFromGivenDate(Date date, int days, int hours,int minutes, int second) { + Calendar cal = Calendar.getInstance(); + cal.setTime(date); + cal.add(Calendar.DATE, days); + cal.add(Calendar.HOUR, hours); + cal.add(Calendar.MINUTE, minutes); + cal.add(Calendar.SECOND, second); + return cal.getTime(); + } + /** + * useful for converting client time zone Date to UTC Date + * @param date + * @param mins + * @return + */ + public Date addTimeOffset(Date date, int mins) { + if (date == null) { + return date; + } + long t = date.getTime(); + Date newDate = new Date(t + (mins * 60000)); + return newDate; + } + + + public static Date getUTCDate(){ + try{ + Calendar local=Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(local.getTimeInMillis()); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(local.getTimeInMillis()); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + }catch(Exception ex){ + return null; + } + } + + public static Date getUTCDate(long epoh) { + if(epoh==0){ + return null; + } + try{ + Calendar local=Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(epoh); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(epoh); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + }catch(Exception ex){ + return null; + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/ErrorMessageUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/ErrorMessageUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ErrorMessageUtil.java new file mode 100644 index 0000000..582580c --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/ErrorMessageUtil.java @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; +import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer; + +public class ErrorMessageUtil extends PropertyPlaceholderConfigurer { + private static Map<String, String> messageMap; + + private ErrorMessageUtil() { + + } + + @Override + protected void processProperties( + ConfigurableListableBeanFactory beanFactory, Properties props) + throws BeansException { + super.processProperties(beanFactory, props); + + messageMap = new HashMap<String, String>(); + Set<Object> keySet = props.keySet(); + + for (Object key : keySet) { + String keyStr = key.toString(); + messageMap.put(keyStr, props.getProperty(keyStr)); + } + } + + + public static String getMessage(String key) { + return messageMap.get(key); + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/GUIDUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/GUIDUtil.java b/security-admin/src/main/java/org/apache/ranger/common/GUIDUtil.java new file mode 100644 index 0000000..c4e0403 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/GUIDUtil.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import java.io.Serializable; +import java.security.SecureRandom; + +public class GUIDUtil implements Serializable { + + private static final long serialVersionUID = -7284237762948427019L; + + static SecureRandom secureRandom = new SecureRandom(); + static int counter = 0; + + static public String genGUI() { + return System.currentTimeMillis() + "_" + secureRandom.nextInt(1000) + + "_" + counter++; + } + + public static long genLong() { + return secureRandom.nextLong(); + } + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java b/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java new file mode 100644 index 0000000..29b1395 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/HTTPUtil.java @@ -0,0 +1,65 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.springframework.stereotype.Component; + +@Component +public class HTTPUtil { + + public static final String USER_AGENT = "User-Agent"; + + public static final String IPHONE = "iPhone"; + public static final String IPAD = "iPad"; + public static final String IPOD = "iPod"; + public static final String ANDROID = "Android"; + + public int getDeviceType(HttpServletRequest httpRequest) { + return getDeviceType(httpRequest.getHeader(USER_AGENT)); + + } + + public int getDeviceType(String userAgent) { + if (userAgent == null) { + return XACommonEnums.DEVICE_UNKNOWN; + } + + if (userAgent.contains(IPHONE)) { + return XACommonEnums.DEVICE_IPHONE; + } else if (userAgent.contains(IPAD)) { + return XACommonEnums.DEVICE_IPAD; + } else if (userAgent.contains(IPOD)) { + return XACommonEnums.DEVICE_IPOD; + } else if (userAgent.contains(ANDROID)) { + return XACommonEnums.DEVICE_ANDROID; + } else { + return XACommonEnums.DEVICE_BROWSER; + } + } + + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java b/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java new file mode 100644 index 0000000..cb5f26e --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/JSONUtil.java @@ -0,0 +1,133 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + +import java.io.File; +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import org.apache.log4j.Logger; +import org.apache.ranger.common.view.ViewBaseBean; +import org.codehaus.jackson.JsonGenerationException; +import org.codehaus.jackson.JsonParseException; +import org.codehaus.jackson.map.JsonMappingException; +import org.codehaus.jackson.map.ObjectMapper; +import org.codehaus.jackson.type.TypeReference; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +@Component +public class JSONUtil { + + @Autowired + RESTErrorUtil restErrorUtil; + + static final Logger logger = Logger.getLogger(JSONUtil.class); + + public File writeJsonToFile(ViewBaseBean viewBean, String fileName) + throws JsonGenerationException, JsonMappingException, IOException { + ObjectMapper objectMapper = new ObjectMapper(); + + if (fileName.length() < 3) { + fileName = "file_" + fileName; + } + + File file = File.createTempFile(fileName, ".json"); + objectMapper.defaultPrettyPrintingWriter().writeValue(file, viewBean); + + return file; + } + + public Map<String, String> jsonToMap(String jsonStr) { + if (jsonStr == null || jsonStr.isEmpty()) { + return new HashMap<String, String>(); + } + + ObjectMapper mapper = new ObjectMapper(); + try { + Map<String, String> tempObject = mapper.readValue(jsonStr, + new TypeReference<Map<String, String>>() { + }); + return tempObject; + + } catch (JsonParseException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (JsonMappingException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (IOException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } + + } + + public String readMapToString(Map<?, ?> map) { + ObjectMapper mapper = new ObjectMapper(); + String jsonString = null; + try { + jsonString = mapper.writeValueAsString(map); + } catch (JsonParseException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (JsonMappingException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (IOException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } + return jsonString; + } + + public String writeObjectAsString(ViewBaseBean vObj) { + ObjectMapper mapper = new ObjectMapper(); + + String jsonStr; + try { + jsonStr = mapper.writeValueAsString(vObj); + return jsonStr; + } catch (JsonParseException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (JsonMappingException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } catch (IOException e) { + throw restErrorUtil.createRESTException( + "Invalid input data: " + e.getMessage(), + MessageEnums.INVALID_INPUT_DATA); + } + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/MessageEnums.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/MessageEnums.java b/security-admin/src/main/java/org/apache/ranger/common/MessageEnums.java new file mode 100644 index 0000000..b0090ee --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/MessageEnums.java @@ -0,0 +1,71 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import org.apache.ranger.view.VXMessage; + + +public enum MessageEnums { + + // Note: Please do not format this file. It messes up the indentations + + // Common Errors + DATA_NOT_FOUND("xa.error.data_not_found", "Data not found"), + OPER_NOT_ALLOWED_FOR_STATE( "xa.error.oper_not_allowed_for_state", "Operation not allowed in current state"), + OPER_NOT_ALLOWED_FOR_ENTITY( "xa.error.oper_not_allowed_for_state", "Operation not allowed for entity"), + OPER_NO_PERMISSION("xa.error.oper_no_permission", "User doesn't have permission to perform this operation"), + DATA_NOT_UPDATABLE( "xa.error.data_not_updatable", "Data not updatable"), + ERROR_CREATING_OBJECT("xa.error.create_object", "Error creating object"), + ERROR_DUPLICATE_OBJECT("xa.error.duplicate_object", "Error creating duplicate object"), + ERROR_SYSTEM("xa.error.system", "System Error. Please try later."), + OPER_NO_EXPORT("xa.error.oper_no_export", "repository is disabled"), + + // Common Validations + INVALID_PASSWORD( "xa.validation.invalid_password", "Invalid password"), + INVALID_INPUT_DATA("xa.validation.invalid_input_data", "Invalid input data"), + NO_INPUT_DATA("xa.validation.no_input_data", "Input data is not provided"), + INPUT_DATA_OUT_OF_BOUND("xa.validation.data_out_of_bound", "Input data if out of bound"); + + String rbKey; + String messageDesc; + + MessageEnums(String rbKey, String messageDesc) { + this.rbKey = rbKey; + this.messageDesc = messageDesc; + } + + public VXMessage getMessage() { + VXMessage msg = new VXMessage(); + msg.setName(this.toString()); + msg.setRbKey(rbKey); + msg.setMessage(messageDesc); + return msg; + } + + public VXMessage getMessage(Long objectId, String fieldName) { + VXMessage msg = new VXMessage(); + msg.setName(this.toString()); + msg.setRbKey(rbKey); + msg.setMessage(messageDesc); + msg.setObjectId(objectId); + msg.setFieldName(fieldName); + return msg; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/MyCallBack.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/MyCallBack.java b/security-admin/src/main/java/org/apache/ranger/common/MyCallBack.java new file mode 100644 index 0000000..f10c40c --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/MyCallBack.java @@ -0,0 +1,34 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + + +public interface MyCallBack { + /** + * Make sure to add @Transactional annotation to the implementation method. + * + * @Override + * @Transactional(readOnly = false, propagation = Propagation.REQUIRES_NEW) + */ + public Object process(Object data); +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/PasswordUtils.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/PasswordUtils.java b/security-admin/src/main/java/org/apache/ranger/common/PasswordUtils.java new file mode 100644 index 0000000..f735883 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/PasswordUtils.java @@ -0,0 +1,159 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.ranger.common; +import java.io.IOException; +import java.util.Map; + +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.PBEParameterSpec; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.sun.jersey.core.util.Base64; +public class PasswordUtils { + + private static final Logger LOG = LoggerFactory.getLogger(PasswordUtils.class) ; + + private static final char[] ENCRYPT_KEY = "tzL1AKl5uc4NKYaoQ4P3WLGIBFPXWPWdu1fRm9004jtQiV".toCharArray() ; + + private static final byte[] SALT = "f77aLYLo".getBytes() ; + + private static final int ITERATION_COUNT = 17 ; + + private static final String CRYPT_ALGO = "PBEWithMD5AndDES" ; + + private static final String PBE_KEY_ALGO = "PBEWithMD5AndDES" ; + + private static final String LEN_SEPARATOR_STR = ":" ; + + public static String encryptPassword(String aPassword) throws IOException { + Map<String, String> env = System.getenv(); + String encryptKeyStr = env.get("ENCRYPT_KEY") ; + char[] encryptKey; + if (encryptKeyStr == null) { + encryptKey=ENCRYPT_KEY; + }else{ + encryptKey=encryptKeyStr.toCharArray(); + } + String saltStr = env.get("ENCRYPT_SALT") ; + byte[] salt; + if (saltStr == null) { + salt = SALT ; + }else{ + salt=saltStr.getBytes(); + } + String ret = null ; + String strToEncrypt = null ; + if (aPassword == null) { + strToEncrypt = "" ; + } + else { + strToEncrypt = aPassword.length() + LEN_SEPARATOR_STR + aPassword ; + } + try { + Cipher engine = Cipher.getInstance(CRYPT_ALGO) ; + PBEKeySpec keySpec = new PBEKeySpec(encryptKey) ; + SecretKeyFactory skf = SecretKeyFactory.getInstance(PBE_KEY_ALGO) ; + SecretKey key = skf.generateSecret(keySpec) ; + engine.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(salt, ITERATION_COUNT)); + byte[] encryptedStr = engine.doFinal(strToEncrypt.getBytes()) ; + ret = new String(Base64.encode(encryptedStr)) ; + } + catch(Throwable t) { + LOG.error("Unable to encrypt password due to error", t); + throw new IOException("Unable to encrypt password due to error", t) ; + } + return ret ; + } + + public static String decryptPassword(String aPassword) throws IOException { + String ret = null ; + Map<String, String> env = System.getenv(); + String encryptKeyStr = env.get("ENCRYPT_KEY") ; + char[] encryptKey; + if (encryptKeyStr == null) { + encryptKey=ENCRYPT_KEY; + }else{ + encryptKey=encryptKeyStr.toCharArray(); + } + String saltStr = env.get("ENCRYPT_SALT") ; + byte[] salt; + if (saltStr == null) { + salt = SALT ; + }else{ + salt=saltStr.getBytes(); + } + try { + byte[] decodedPassword = Base64.decode(aPassword) ; + Cipher engine = Cipher.getInstance(CRYPT_ALGO) ; + PBEKeySpec keySpec = new PBEKeySpec(encryptKey) ; + SecretKeyFactory skf = SecretKeyFactory.getInstance(PBE_KEY_ALGO) ; + SecretKey key = skf.generateSecret(keySpec) ; + engine.init(Cipher.DECRYPT_MODE, key,new PBEParameterSpec(salt, ITERATION_COUNT)); + String decrypted = new String(engine.doFinal(decodedPassword)) ; + int foundAt = decrypted.indexOf(LEN_SEPARATOR_STR) ; + if (foundAt > -1) { + if (decrypted.length() > foundAt) { + ret = decrypted.substring(foundAt+1) ; + } + else { + ret = "" ; + } + } + else { + ret = null; + } + } + catch(Throwable t) { + LOG.error("Unable to decrypt password due to error", t); + throw new IOException("Unable to decrypt password due to error", t) ; + } + return ret ; + } + + public static void main(String[] args) { + String[] testPasswords = { "a", "a123", "dsfdsgdg", "*7263^5#", "", null } ; + for(String password : testPasswords) { + try { + String ePassword = PasswordUtils.encryptPassword(password) ; + String dPassword = PasswordUtils.decryptPassword(ePassword) ; + if (password == null ) { + if (dPassword != null) { + throw new RuntimeException("The password expected [" + password + "]. Found [" + dPassword + "]") ; + } + else { + System.out.println("Password: [" + password + "] matched after decrypt. Encrypted: [" + ePassword + "]") ; + } + } + else if (! password.equals(dPassword)) { + throw new RuntimeException("The password expected [" + password + "]. Found [" + dPassword + "]") ; + } + else { + System.out.println("Password: [" + password + "] matched after decrypt. Encrypted: [" + ePassword + "]") ; + } + } + catch(IOException ioe) { + ioe.printStackTrace(); + System.out.println("Password verification failed for password [" + password + "]:" + ioe) ; + } + } + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java new file mode 100644 index 0000000..eeacd11 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java @@ -0,0 +1,164 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import org.apache.log4j.Logger; +import org.apache.ranger.credentialapi.CredentialReader; +import org.springframework.beans.BeansException; +import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; +import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer; + + + +public class PropertiesUtil extends PropertyPlaceholderConfigurer { + private static Map<String, String> propertiesMap = new HashMap<String, String>(); + private static Logger logger = Logger.getLogger(PropertiesUtil.class); + private PropertiesUtil() { + + } + + @Override + protected void processProperties( + ConfigurableListableBeanFactory beanFactory, Properties props) + throws BeansException { + + // First let's add the system properties + Set<Object> keySet = System.getProperties().keySet(); + for (Object key : keySet) { + String keyStr = key.toString(); + propertiesMap.put(keyStr, System.getProperties() + .getProperty(keyStr).trim()); + } + + // Let's add our properties now + keySet = props.keySet(); + for (Object key : keySet) { + String keyStr = key.toString(); + propertiesMap.put(keyStr, props.getProperty(keyStr).trim()); + } + + //update credential from keystore + if(propertiesMap!=null && propertiesMap.containsKey("xaDB.jdbc.credential.provider.path") && propertiesMap.containsKey("xaDB.jdbc.credential.alias")){ + String path=propertiesMap.get("xaDB.jdbc.credential.provider.path"); + String alias=propertiesMap.get("xaDB.jdbc.credential.alias"); + if(path!=null && alias!=null){ + String xaDBPassword=CredentialReader.getDecryptedString(path.trim(),alias.trim()); + if(xaDBPassword!=null&& !xaDBPassword.trim().isEmpty() && + !xaDBPassword.trim().equalsIgnoreCase("none")){ + propertiesMap.put("jdbc.password", xaDBPassword); + props.put("jdbc.password", xaDBPassword); + }else{ + logger.info("Credential keystore password not applied for XA DB; clear text password shall be applicable"); + } + } + } + if(propertiesMap!=null && propertiesMap.containsKey("auditDB.jdbc.credential.provider.path") && propertiesMap.containsKey("auditDB.jdbc.credential.alias")){ + String path=propertiesMap.get("auditDB.jdbc.credential.provider.path"); + String alias=propertiesMap.get("auditDB.jdbc.credential.alias"); + if(path!=null && alias!=null){ + String auditDBPassword=CredentialReader.getDecryptedString(path.trim(), alias.trim()); + if(auditDBPassword!=null&& !auditDBPassword.trim().isEmpty() && + !auditDBPassword.trim().equalsIgnoreCase("none")){ + propertiesMap.put("auditDB.jdbc.password", auditDBPassword); + props.put("auditDB.jdbc.password", auditDBPassword); + }else{ + logger.info("Credential keystore password not applied for Audit DB; clear text password shall be applicable"); + } + } + } + super.processProperties(beanFactory, props); + } + + public static String getProperty(String key, String defaultValue) { + if (key == null) { + return null; + } + String rtrnVal = propertiesMap.get(key); + if (rtrnVal == null) { + rtrnVal = defaultValue; + } + return rtrnVal; + } + + public static String getProperty(String key) { + if (key == null) { + return null; + } + return propertiesMap.get(key); + } + + public static String[] getPropertyStringList(String key) { + if (key == null) { + return null; + } + String value = propertiesMap.get(key); + if (value != null) { + String[] splitValues = value.split(","); + String[] returnValues = new String[splitValues.length]; + for (int i = 0; i < splitValues.length; i++) { + returnValues[i] = splitValues[i].trim(); + } + return returnValues; + } else { + return new String[0]; + } + } + + public static Integer getIntProperty(String key, int defaultValue) { + if (key == null) { + return null; + } + String rtrnVal = propertiesMap.get(key); + if (rtrnVal == null) { + return defaultValue; + } + return Integer.valueOf(rtrnVal); + } + + public static Integer getIntProperty(String key) { + if (key == null) { + return null; + } + String rtrnVal = propertiesMap.get(key); + if (rtrnVal == null) { + return null; + } + return Integer.valueOf(rtrnVal); + } + + public static boolean getBooleanProperty(String key, boolean defaultValue) { + if (key == null) { + return defaultValue; + } + String value = getProperty(key); + if (value == null) { + return defaultValue; + } + return Boolean.parseBoolean(value); + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java new file mode 100644 index 0000000..9d05ca0 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/RESTErrorUtil.java @@ -0,0 +1,348 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import java.text.DateFormat; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Response; + +import org.apache.log4j.Logger; +import org.apache.ranger.view.VXMessage; +import org.apache.ranger.view.VXResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + + +@Component +public class RESTErrorUtil { + + static final Logger logger = Logger.getLogger(RESTErrorUtil.class); + + @Autowired + StringUtil stringUtil; + + public static final String TRUE = "true"; + + public WebApplicationException createRESTException(VXResponse gjResponse) { + Response errorResponse = Response + .status(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST) + .entity(gjResponse).build(); + + WebApplicationException restException = new WebApplicationException( + errorResponse); + restException.fillInStackTrace(); + UserSessionBase userSession = ContextUtil.getCurrentUserSession(); + Long sessionId = null; + String loginId = null; + if (userSession != null) { + loginId = userSession.getLoginId(); + sessionId = userSession.getSessionId(); + } + + logger.info("Request failed. SessionId=" + sessionId + ", loginId=" + + loginId + ", logMessage=" + gjResponse.getMsgDesc(), + restException); + + return restException; + } + + /** + * + * @param logMessage + * This is optional + * @return + */ + public WebApplicationException create403RESTException(String logMessage) { + Response errorResponse = Response.status( + javax.servlet.http.HttpServletResponse.SC_FORBIDDEN).build(); + + WebApplicationException restException = new WebApplicationException( + errorResponse); + restException.fillInStackTrace(); + // TODO:Future:Open: Need to log all these and add user to + // block list if this is deliberate + // Get user information + UserSessionBase userSession = ContextUtil.getCurrentUserSession(); + Long sessionId = null; + String loginId = null; + String sessionInfo = ""; + if (userSession != null) { + loginId = userSession.getLoginId(); + sessionInfo = userSession.toString(); + sessionId = userSession.getSessionId(); + } + + String requestInfo = ""; + try { + RequestContext reqContext = ContextUtil.getCurrentRequestContext(); + if (reqContext != null) { + requestInfo = reqContext.toString(); + requestInfo += ", timeTaken=" + + (System.currentTimeMillis() - reqContext + .getStartTime()); + } + } catch (Throwable contextEx) { + logger.error("Error getting request info", contextEx); + } + + logger.error("Access restricted. SessionId=" + sessionId + ", loginId=" + + loginId + ", logMessage=" + logMessage + ", requestInfo=" + + requestInfo + ", sessionInfo=" + sessionInfo, restException); + + return restException; + } + + + + + public Integer parseInt(String value, String errorMessage, + MessageEnums messageEnum, Long objectId, String fieldName) { + try { + if (stringUtil.isEmpty(value)) { + return null; + } else { + return new Integer(value.trim()); + } + } catch (Throwable t) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + } + + public Integer parseInt(String value, int defaultValue, + String errorMessage, MessageEnums messageEnum, Long objectId, + String fieldName) { + try { + if (stringUtil.isEmpty(value)) { + return new Integer(defaultValue); + } else { + return new Integer(value.trim()); + } + } catch (Throwable t) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + } + + public Long parseLong(String value, Long defaultValue) { + if (stringUtil.isEmpty(value)) { + return defaultValue; + } + return new Long(value.trim()); + } + + public Long parseLong(String value, String errorMessage, + MessageEnums messageEnum, Long objectId, String fieldName) { + try { + if (stringUtil.isEmpty(value)) { + return null; + } else { + return new Long(value.trim()); + } + } catch (Throwable t) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + } + + + + public String validateString(String value, String regExStr, + String errorMessage, MessageEnums messageEnum, Long objectId, + String fieldName) { + return validateString(value, regExStr, errorMessage, messageEnum, + objectId, fieldName, false); + + } + + public String validateString(String value, String regExStr, + String errorMessage, MessageEnums messageEnum, Long objectId, + String fieldName, boolean isMandatory) { + if (stringUtil.isEmpty(value)) { + if (isMandatory) { + throw createRESTException(errorMessage, + MessageEnums.NO_INPUT_DATA, objectId, fieldName, null); + } + return null; + } + value = value.trim(); + if (value.length() != 0) { + if (!stringUtil.validateString(regExStr, value)) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + return value; + } else { + return null; + } + + } + + public String validateStringForUpdate(String value, String originalValue, + String regExStr, String errorMessage, MessageEnums messageEnum, + Long objectId, String fieldName) { + return validateStringForUpdate(value, originalValue, regExStr, + errorMessage, messageEnum, objectId, fieldName, false); + } + + public String validateStringForUpdate(String value, String originalValue, + String regExStr, String errorMessage, MessageEnums messageEnum, + Long objectId, String fieldName, boolean isMandatory) { + if (stringUtil.isEmpty(value)) { + if (isMandatory) { + throw createRESTException(errorMessage, + MessageEnums.NO_INPUT_DATA, objectId, fieldName, null); + } + return null; + } + + if (!value.equalsIgnoreCase(originalValue)) { + return validateString(value, StringUtil.VALIDATION_NAME, + errorMessage, messageEnum, objectId, fieldName); + } else { + return value; + } + } + + public void validateStringList(String value, String[] validValues, + String errorMessage, Long objectId, String fieldName) { + for (int i = 0; i < validValues.length; i++) { + if (validValues[i].equals(value)) { + return; + } + } + throw createRESTException(errorMessage, + MessageEnums.INVALID_INPUT_DATA, objectId, fieldName, value); + } + + + + + + public void validateMinMax(int value, int minValue, int maxValue, + String errorMessage, Long objectId, String fieldName) { + if (value < minValue || value > maxValue) { + throw createRESTException(errorMessage, + MessageEnums.INPUT_DATA_OUT_OF_BOUND, objectId, fieldName, + "" + value); + } + } + + + public WebApplicationException createRESTException(String errorMessage, + MessageEnums messageEnum, Long objectId, String fieldName, + String logMessage) { + List<VXMessage> messageList = new ArrayList<VXMessage>(); + messageList.add(messageEnum.getMessage(objectId, fieldName)); + + VXResponse gjResponse = new VXResponse(); + gjResponse.setStatusCode(VXResponse.STATUS_ERROR); + gjResponse.setMsgDesc(errorMessage); + gjResponse.setMessageList(messageList); + WebApplicationException webAppEx = createRESTException(gjResponse); + logger.info("Validation error:logMessage=" + logMessage + ", response=" + + gjResponse, webAppEx); + return webAppEx; + } + + public WebApplicationException createRESTException(String errorMessage, + MessageEnums messageEnum) { + List<VXMessage> messageList = new ArrayList<VXMessage>(); + messageList.add(messageEnum.getMessage()); + + VXResponse gjResponse = new VXResponse(); + gjResponse.setStatusCode(VXResponse.STATUS_ERROR); + gjResponse.setMsgDesc(errorMessage); + gjResponse.setMessageList(messageList); + WebApplicationException webAppEx = createRESTException(gjResponse); + logger.info("Operation error. response=" + gjResponse, webAppEx); + return webAppEx; + } + + public WebApplicationException createRESTException(int responseCode, + String logMessage, boolean logError) { + Response errorResponse = Response + .status(responseCode).build(); + + WebApplicationException restException = new WebApplicationException( + errorResponse); + restException.fillInStackTrace(); + UserSessionBase userSession = ContextUtil.getCurrentUserSession(); + Long sessionId = null; + String loginId = null; + if (userSession != null) { + loginId = userSession.getLoginId(); + sessionId = userSession.getSessionId(); + } + + if (logError) { + logger.info("Request failed. SessionId=" + sessionId + ", loginId=" + + loginId + ", logMessage=" + logMessage, + restException); + } + + return restException; + } + + + public Date parseDate(String value, String errorMessage, + MessageEnums messageEnum, Long objectId, String fieldName, + String dateFormat) { + try { + if (stringUtil.isEmpty(value)) { + return null; + } else { + DateFormat formatter = new SimpleDateFormat(dateFormat); + return formatter.parse(value); + + } + } catch (Throwable t) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + } + + public boolean parseBoolean(String value, boolean defaultValue) { + if (stringUtil.isEmpty(value)) { + return defaultValue; + } + return TRUE.equalsIgnoreCase(value.trim()); + } + + public Boolean parseBoolean(String value, String errorMessage, + MessageEnums messageEnum, Long objectId, String fieldName) { + try { + if (stringUtil.isEmpty(value)) { + return null; + } else { + return new Boolean(value.trim()); + } + } catch (Throwable t) { + throw createRESTException(errorMessage, messageEnum, objectId, + fieldName, value); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/RequestContext.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RequestContext.java b/security-admin/src/main/java/org/apache/ranger/common/RequestContext.java new file mode 100644 index 0000000..778cc9a --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/RequestContext.java @@ -0,0 +1,161 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + package org.apache.ranger.common; + +import java.io.Serializable; + +public class RequestContext implements Serializable { + private static final long serialVersionUID = -7083383106845193385L; + private String ipAddress = null; + private String userAgent = null; + private String requestURL = null; + private int deviceType = XACommonEnums.DEVICE_UNKNOWN; + private String serverRequestId = null; + private boolean isSync = true; + private long startTime = System.currentTimeMillis(); + private int clientTimeOffsetInMinute = 0; + + /** + * @return the ipAddress + */ + public String getIpAddress() { + return ipAddress; + } + + /** + * @param ipAddress + * the ipAddress to set + */ + public void setIpAddress(String ipAddress) { + this.ipAddress = ipAddress; + } + + /** + * @return the userAgent + */ + public String getUserAgent() { + return userAgent; + } + + /** + * @param userAgent + * the userAgent to set + */ + public void setUserAgent(String userAgent) { + this.userAgent = userAgent; + } + + /** + * @return the deviceType + */ + public int getDeviceType() { + return deviceType; + } + + /** + * @param deviceType + * the deviceType to set + */ + public void setDeviceType(int deviceType) { + this.deviceType = deviceType; + } + + /** + * @return the serverRequestId + */ + public String getServerRequestId() { + return serverRequestId; + } + + /** + * @param serverRequestId + * the serverRequestId to set + */ + public void setServerRequestId(String serverRequestId) { + this.serverRequestId = serverRequestId; + } + + /** + * @return the isSync + */ + public boolean isSync() { + return isSync; + } + + /** + * @param isSync + * the isSync to set + */ + public void setSync(boolean isSync) { + this.isSync = isSync; + } + + /** + * @return the requestURL + */ + public String getRequestURL() { + return requestURL; + } + + /** + * @param requestURL + * the requestURL to set + */ + public void setRequestURL(String requestURL) { + this.requestURL = requestURL; + } + + /** + * @return the startTime + */ + public long getStartTime() { + return startTime; + } + + /** + * @param startTime + * the startTime to set + */ + public void setStartTime(long startTime) { + this.startTime = startTime; + } + + public int getClientTimeOffsetInMinute() { + return clientTimeOffsetInMinute; + } + + public void setClientTimeOffsetInMinute(int clientTimeOffset) { + this.clientTimeOffsetInMinute = clientTimeOffset; + } + + /* + * (non-Javadoc) + * + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return "RequestContext [ipAddress=" + ipAddress + ", userAgent=" + + userAgent + ", requestURL=" + requestURL + ", deviceType=" + + deviceType + ", serverRequestId=" + serverRequestId + + ", isSync=" + isSync + ", startTime=" + startTime + "]"; + } + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java b/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java new file mode 100644 index 0000000..6a93121 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/common/SearchCriteria.java @@ -0,0 +1,199 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + /** + * + */ +package org.apache.ranger.common; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.apache.log4j.Logger; +import org.apache.ranger.biz.XABizUtil; + + +public class SearchCriteria { + Logger logger = Logger.getLogger(SearchCriteria.class); + + int startIndex = 0; + int maxRows = Integer.MAX_VALUE; + String sortBy = null; + String sortType = null; + boolean getCount = true; + Number ownerId = null; + boolean familyOnly = false; + boolean getChildren = false; + boolean isDistinct = false; + HashMap<String, Object> paramList = new HashMap<String, Object>(); + Set<String> nullParamList = new HashSet<String>(); + Set<String> notNullParamList = new HashSet<String>(); + + List<SearchGroup> searchGroups = new ArrayList<SearchGroup>(); + + /** + * @return the startIndex + */ + public int getStartIndex() { + return startIndex; + } + + /** + * @param startIndex + * the startIndex to set + */ + public void setStartIndex(int startIndex) { + this.startIndex = startIndex; + } + + /** + * @return the maxRows + */ + public int getMaxRows() { + return maxRows; + } + + /** + * @param maxRows + * the maxRows to set + */ + public void setMaxRows(int maxRows) { + this.maxRows = maxRows; + } + + /** + * @return the sortBy + */ + public String getSortBy() { + return sortBy; + } + + /** + * @param sortBy + * the sortBy to set + */ + public void setSortBy(String sortBy) { + this.sortBy = sortBy; + } + + /** + * @return the sortType + */ + public String getSortType() { + return sortType; + } + + /** + * @param sortType + * the sortType to set + */ + public void setSortType(String sortType) { + this.sortType = sortType; + } + + public boolean isGetCount() { + return getCount; + } + + public void setGetCount(boolean getCount) { + this.getCount = getCount; + } + + public Number getOwnerId() { + return ownerId; + } + + public void setOwnerId(Number ownerId) { + this.ownerId = ownerId; + } + + public boolean isGetChildren() { + return getChildren; + } + + public void setGetChildren(boolean getChildren) { + this.getChildren = getChildren; + } + + /** + * @return the paramList + */ + public HashMap<String, Object> getParamList() { + return paramList; + } + + /** + * @param string + * @param caId + */ + public void addParam(String name, Object value) { + paramList.put(name, value); + } + + public Object getParamValue(String name) { + return paramList.get(name); + } + + /** + * @return the nullParamList + */ + public Set<String> getNullParamList() { + return nullParamList; + } + + /** + * @return the notNullParamList + */ + public Set<String> getNotNullParamList() { + return notNullParamList; + } + + /** + * @return the searchGroups + */ + public List<SearchGroup> getSearchGroups() { + return searchGroups; + } + + /** + * @return the isDistinct + */ + public boolean isDistinct() { + return isDistinct; + } + + /** + * @param isDistinct + * the isDistinct to set + */ + public void setDistinct(boolean isDistinct) { + + int dbFlavor = XABizUtil.getDBFlavor(); + if (isDistinct && dbFlavor == AppConstants.DB_FLAVOR_ORACLE) { + isDistinct = false; + logger.debug("Database flavor is `ORACLE` so ignoring DISTINCT " + + "clause from select statement."); + } + this.isDistinct = isDistinct; + } + +}
