http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/AssetMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/biz/AssetMgr.java b/security-admin/src/main/java/com/xasecure/biz/AssetMgr.java deleted file mode 100644 index 521cea7..0000000 --- a/security-admin/src/main/java/com/xasecure/biz/AssetMgr.java +++ /dev/null @@ -1,3219 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.biz; - -import java.io.File; -import java.io.IOException; -import java.net.UnknownHostException; -import java.security.cert.X509Certificate; -import java.sql.Timestamp; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Random; -import java.util.Set; -import java.util.concurrent.Callable; -import java.util.concurrent.TimeUnit; - -import javax.naming.InvalidNameException; -import javax.naming.ldap.LdapName; -import javax.naming.ldap.Rdn; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringUtils; -import org.apache.hadoop.hive.serde2.lazybinary.LazyBinaryUtils.VLong; -import org.apache.hive.com.esotericsoftware.minlog.Log; -import org.apache.log4j.Logger; -import org.codehaus.jackson.JsonGenerationException; -import org.codehaus.jackson.map.JsonMappingException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.stereotype.Component; -import org.springframework.transaction.PlatformTransactionManager; -import org.springframework.transaction.TransactionDefinition; -import org.springframework.transaction.TransactionStatus; -import org.springframework.transaction.support.TransactionCallback; -import org.springframework.transaction.support.TransactionTemplate; - -import com.xasecure.common.AppConstants; -import com.xasecure.common.ContextUtil; -import com.xasecure.common.DateUtil; -import com.xasecure.common.JSONUtil; -import com.xasecure.common.MessageEnums; -import com.xasecure.common.PropertiesUtil; -import com.xasecure.common.SearchCriteria; -import com.xasecure.common.StringUtil; -import com.xasecure.common.TimedEventUtil; -import com.xasecure.common.UserSessionBase; -import com.xasecure.common.XACommonEnums; -import com.xasecure.common.XAConstants; -import com.xasecure.db.XADaoManager; -import com.xasecure.entity.XXAsset; -import com.xasecure.entity.XXAuditMap; -import com.xasecure.entity.XXGroup; -import com.xasecure.entity.XXPermMap; -import com.xasecure.entity.XXPolicyExportAudit; -import com.xasecure.entity.XXPortalUser; -import com.xasecure.entity.XXPortalUserRole; -import com.xasecure.entity.XXResource; -import com.xasecure.entity.XXTrxLog; -import com.xasecure.entity.XXUser; -import com.xasecure.hadoop.client.HadoopFS; -import com.xasecure.hadoop.client.exceptions.HadoopException; -import com.xasecure.hbase.client.HBaseClient; -import com.xasecure.hive.client.HiveClient; -import com.xasecure.knox.client.KnoxClient; -import com.xasecure.service.XAccessAuditService; -import com.xasecure.service.XAuditMapService; -import com.xasecure.service.XGroupService; -import com.xasecure.service.XPermMapService; -import com.xasecure.service.XPolicyService; -import com.xasecure.service.XTrxLogService; -import com.xasecure.service.XUserService; -import com.xasecure.storm.client.StormClient; -import com.xasecure.util.RestUtil; -import com.xasecure.view.VXAccessAuditList; -import com.xasecure.view.VXAsset; -import com.xasecure.view.VXAuditMap; -import com.xasecure.view.VXAuditMapList; -import com.xasecure.view.VXLong; -import com.xasecure.view.VXMessage; -import com.xasecure.view.VXPermMap; -import com.xasecure.view.VXPermMapList; -import com.xasecure.view.VXPolicy; -import com.xasecure.view.VXPolicyExportAuditList; -import com.xasecure.view.VXResource; -import com.xasecure.view.VXResourceList; -import com.xasecure.view.VXResponse; -import com.xasecure.view.VXStringList; -import com.xasecure.view.VXTrxLog; -import com.xasecure.view.VXTrxLogList; -import com.xasecure.view.VXUser; - -@Component -public class AssetMgr extends AssetMgrBase { - - - @Autowired - XPermMapService xPermMapService; - - @Autowired - XAuditMapService xAuditMapService; - - @Autowired - JSONUtil jsonUtil; - - @Autowired - AssetConnectionMgr assetConnectionMgr; - - @Autowired - XABizUtil msBizUtil; - - @Autowired - StringUtil stringUtil; - - @Autowired - XADaoManager xADaoManager; - - @Autowired - XUserService xUserService; - - @Autowired - XABizUtil xaBizUtil; - - @Autowired - XTrxLogService xTrxLogService; - - @Autowired - XAccessAuditService xAccessAuditService; - - @Autowired - XGroupService xGroupService; - - @Autowired - XUserMgr xUserMgr; - - @Autowired - @Qualifier(value = "transactionManager") - PlatformTransactionManager txManager; - - @Autowired - XPolicyService xPolicyService; - - static Logger logger = Logger.getLogger(AssetMgr.class); - - @Override - public VXResource createXResource(VXResource vXResource) { - UserSessionBase session = ContextUtil.getCurrentUserSession(); - if (session == null) { - logger.error("Trying to create/update policy without log-in."); - throw restErrorUtil.create403RESTException("Resource " - + "creation/updation not allowed"); - } - - Long assetId = vXResource.getAssetId(); - XXAsset xAsset = xADaoManager.getXXAsset().getById(assetId); - if (xAsset == null) { - logger.error("Repository not found for assetId : " + assetId); - throw restErrorUtil.create403RESTException("Repository for which" - + " the policy is created, doesn't exist."); - } - - if(xAsset.getActiveStatus()==XACommonEnums.ACT_STATUS_DISABLED){ - if(!session.isUserAdmin()){ - logger.error("Trying to create/update policy in disabled repository"); - throw restErrorUtil.createRESTException("Resource " - + "creation/updation not allowed in disabled repository",MessageEnums.OPER_NO_PERMISSION); - } - } - // Create resource path for HIVE/Hbase policy. - if (xAsset.getAssetType() == AppConstants.ASSET_HIVE) { - createResourcePathForHive(vXResource); - } else if (xAsset.getAssetType() == AppConstants.ASSET_HBASE) { - createResourcePathForHbase(vXResource); - }else if (xAsset.getAssetType() == AppConstants.ASSET_KNOX) { - createResourcePathForKnox(vXResource); - }else if (xAsset.getAssetType() == AppConstants.ASSET_STORM) { - createResourcePathForStorm(vXResource); - } - - String resourceName = vXResource.getName(); - String[] orgResNameList = stringUtil.split(resourceName, ","); - List<String> newResNameList = new ArrayList<String>(); - for(String resName : orgResNameList) { - if(resName.length() > 1 && (resName.substring(resName.length()-1).equalsIgnoreCase("/"))) { - resName = resName.substring(0, resName.length()-1); - newResNameList.add(resName); - logger.info("Resource Name is not valid : " +resName + " Ignoring last /"); - } else { - newResNameList.add(resName); - } - } - String updResName = StringUtils.join(newResNameList, ","); - vXResource.setName(updResName); - - SearchCriteria searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("assetId", vXResource.getAssetId()); - searchCriteria.getParamList().put("fullname", vXResource.getName()); - - if (xAsset.getAssetType() == AppConstants.ASSET_HIVE) { - if(stringUtil.isEmpty(vXResource.getUdfs())) { - searchCriteria.addParam("tableType", vXResource.getTableType()); - searchCriteria.addParam("columnType", vXResource.getColumnType()); - } else { - searchCriteria.addParam("udfs", vXResource.getUdfs()); - } - } else if (xAsset.getAssetType() == AppConstants.ASSET_HDFS) { - searchCriteria.addParam("isRecursive", vXResource.getIsRecursive()); - } - - VXResourceList vXResourceList=xResourceService.searchXResources(searchCriteria); - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - logger.error("policy already exist with resource "+vXResource.getName()); - throw restErrorUtil.createRESTException("policy already exist with resource " - +vXResource.getName(),MessageEnums.ERROR_DUPLICATE_OBJECT); - } - - VXResponse vXResponse = xaBizUtil.hasPermission(vXResource, - AppConstants.XA_PERM_TYPE_ADMIN); - if (vXResponse.getStatusCode() == VXResponse.STATUS_ERROR) { - throw restErrorUtil.createRESTException(vXResponse); - } - - if (vXResource.getCheckParentPermission() != XAConstants.BOOL_FALSE) { - // check parent access for user and group - xResourceService.checkAccess(vXResource); - } - vXResourceList=null; - if(vXResource.getPolicyName()!=null && !vXResource.getPolicyName().trim().isEmpty()){ - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("fullPolicyName", vXResource.getPolicyName()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - //if policyname already exist then set null to generate from system - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - logger.error("policy already exist with name "+vXResource.getPolicyName()); - //logger.info("A system generated policy name shall be assigned to "+vXResource.getPolicyName()); - //vXResource.setPolicyName(null); - throw restErrorUtil.createRESTException("policy already exist with name " - +vXResource.getPolicyName(),MessageEnums.ERROR_DUPLICATE_OBJECT); - } - } - - int tempPoliciesCount=0; - String tempPolicyName=null; - vXResourceList=null; - if(vXResource.getPolicyName()==null ||vXResource.getPolicyName().trim().isEmpty()){ - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("assetId", vXResource.getAssetId()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - tempPoliciesCount=vXResourceList.getListSize(); - } - vXResourceList=null; - while(true){ - tempPoliciesCount++; - tempPolicyName=xAsset.getName()+"-"+tempPoliciesCount+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("policyName", vXResource.getPolicyName()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - //if policy name not exist then list will be empty and generated policyname will valid - if(vXResourceList==null|| vXResourceList.getListSize()==0){ - break; - } - } - } - - - vXResource = xResourceService.createResource(vXResource); - - List<VXPermMap> permMapList = vXResource.getPermMapList(); - List<VXAuditMap> auditMapList = vXResource.getAuditList(); - - List<XXTrxLog> trxLogList = xResourceService.getTransactionLog( - vXResource, "create"); - for (VXPermMap vXPermMap : permMapList) { - trxLogList.addAll(xPermMapService.getTransactionLog(vXPermMap, - "create")); - } - for (VXAuditMap vXAuditMap : auditMapList) { - trxLogList.addAll(xAuditMapService.getTransactionLog(vXAuditMap, - "create")); - } - - xaBizUtil.createTrxLog(trxLogList); - - return vXResource; - } - - @Override - public VXResource updateXResource(VXResource vXResource) { - - UserSessionBase currentUserSession = ContextUtil - .getCurrentUserSession(); - if (currentUserSession == null) { - throw restErrorUtil.createRESTException("Resource updation not " - + "allowed",MessageEnums.OPER_NO_PERMISSION); - } - - Long assetId = vXResource.getAssetId(); - XXAsset xAsset = xADaoManager.getXXAsset().getById(assetId); - if (xAsset == null) { - throw restErrorUtil.createRESTException("The repository for which " - + "you're updating policy, doesn't exist.", - MessageEnums.INVALID_INPUT_DATA); - } - - if(xAsset.getActiveStatus()==XACommonEnums.STATUS_DISABLED){ - if(!currentUserSession.isUserAdmin()){ - logger.error("Trying to update policy in disabled repository"); - throw restErrorUtil.createRESTException("Resource " - + "updation not allowed in disabled repository",MessageEnums.OPER_NO_PERMISSION); - } - } - - if (xAsset.getAssetType() == AppConstants.ASSET_HIVE) { - createResourcePathForHive(vXResource); - } else if (xAsset.getAssetType() == AppConstants.ASSET_HBASE) { - createResourcePathForHbase(vXResource); - }else if (xAsset.getAssetType() == AppConstants.ASSET_KNOX) { - createResourcePathForKnox(vXResource); - }else if (xAsset.getAssetType() == AppConstants.ASSET_STORM) { - createResourcePathForStorm(vXResource); - } - - SearchCriteria searchCriteria = new SearchCriteria(); - searchCriteria.getParamList().put("assetId", vXResource.getAssetId()); - searchCriteria.getParamList().put("fullname", vXResource.getName()); - - if (xAsset.getAssetType() == AppConstants.ASSET_HIVE) { - if(stringUtil.isEmpty(vXResource.getUdfs())) { - searchCriteria.addParam("tableType", vXResource.getTableType()); - searchCriteria.addParam("columnType", vXResource.getColumnType()); - } else { - searchCriteria.addParam("udfs", vXResource.getUdfs()); - } - } else if (xAsset.getAssetType() == AppConstants.ASSET_HDFS) { - searchCriteria.addParam("isRecursive", vXResource.getIsRecursive()); - } - - VXResourceList vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - if(vXResource!=null && vXResource.getId()!=null){ - for(VXResource vXResourceTemp :vXResourceList.getList()){ - if(vXResourceTemp!=null && !(vXResource.getId().equals(vXResourceTemp.getId()))){ - logger.error("policy already exists with name "+vXResource.getName()); - throw restErrorUtil.createRESTException("policy already exists with name " - +vXResource.getName(),MessageEnums.ERROR_DUPLICATE_OBJECT); - } - } - } - } - - VXResponse vXResponse = xaBizUtil.hasPermission(vXResource, - AppConstants.XA_PERM_TYPE_ADMIN); - if (vXResponse.getStatusCode() == VXResponse.STATUS_ERROR) { - throw restErrorUtil.createRESTException(vXResponse); - } - - if (vXResource.getCheckParentPermission() != XAConstants.BOOL_FALSE) { - // check parent access for user and group - xResourceService.checkAccess(vXResource); - } - - //policyName creation and validation logic start here - if(vXResource.getPolicyName()!=null && !vXResource.getPolicyName().trim().isEmpty()){ - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("fullPolicyName", vXResource.getPolicyName()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - if(vXResource!=null && vXResource.getId()!=null){ - for (VXResource newVXResource : vXResourceList.getList()) { - if(newVXResource!=null && newVXResource.getId()!=null){ - if(!vXResource.getId().equals(newVXResource.getId()) && vXResource.getPolicyName().trim().equalsIgnoreCase((newVXResource.getPolicyName()!=null?newVXResource.getPolicyName().trim():newVXResource.getPolicyName()))){ - logger.error("policy already exists with name "+vXResource.getPolicyName()); -// logger.info("A system generated policy name shall be assigned to "+vXResource.getPolicyName()); -// vXResource.setPolicyName(null); -// break; - throw restErrorUtil.createRESTException("policy already exists with name " - +vXResource.getPolicyName(),MessageEnums.ERROR_DUPLICATE_OBJECT); - } - } - } - } - } - } - - int tempPoliciesCount=0; - int totalPoliciesCount=1; - String tempPolicyName=null; - vXResourceList=null; - if(vXResource!=null && (vXResource.getPolicyName()==null ||vXResource.getPolicyName().trim().isEmpty())){ - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("assetId", vXResource.getAssetId()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - if(vXResourceList!=null && vXResourceList.getListSize()>0){ - totalPoliciesCount=vXResourceList.getListSize(); - tempPoliciesCount++; - for(VXResource newVXResource : vXResourceList.getList()) { - if(newVXResource!=null && newVXResource.getId()!=null){ - if(vXResource.getId().equals(newVXResource.getId())){ - break; - } - } - tempPoliciesCount++; - } - tempPolicyName=xAsset.getName()+"-"+tempPoliciesCount+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - vXResourceList=null; - }else{ - tempPoliciesCount++; - tempPolicyName=xAsset.getName()+"-"+tempPoliciesCount+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - } - while(true){ - searchCriteria=new SearchCriteria(); - searchCriteria.getParamList().put("policyName", vXResource.getPolicyName()); - vXResourceList=xResourceService.searchXResourcesWithoutLogin(searchCriteria); - if(vXResourceList==null || vXResourceList.getListSize()==0){ - break; - }else{ - tempPolicyName=xAsset.getName()+"-"+totalPoliciesCount+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - } - } - - } - - //policyName creation and validation logic end here - - XXResource xResouce = xADaoManager.getXXResource().getById( - vXResource.getId()); - - List<XXTrxLog> trxLogList = xResourceService.getTransactionLog( - vXResource, xResouce, "update"); - - VXResource resource = super.updateXResource(vXResource); - - List<VXPermMap> newPermMapList = vXResource.getPermMapList(); - searchCriteria = new SearchCriteria(); - searchCriteria.addParam("resourceId", vXResource.getId()); - VXPermMapList prevPermMaps = xPermMapService - .searchXPermMaps(searchCriteria); - List<VXPermMap> prevPermMapList = new ArrayList<VXPermMap>(); - if (prevPermMaps != null) { - prevPermMapList = prevPermMaps.getVXPermMaps(); - } - - List<VXPermMap> permMaps = new ArrayList<VXPermMap>(); - List<VXAuditMap> auditMaps = new ArrayList<VXAuditMap>(); - - List<VXPermMap> permMapsToDelete = new ArrayList<VXPermMap>(); - List<VXAuditMap> auditMapsToDelete = new ArrayList<VXAuditMap>(); - - // Create and update permissions - if (newPermMapList != null) { - for (VXPermMap newObj : newPermMapList) { - if (newObj.getUserId() == null && newObj.getGroupId() == null - && !stringUtil.isEmpty(newObj.getUserName())) { - XXUser xxUser = xADaoManager.getXXUser().findByUserName( - newObj.getUserName()); - if (xxUser != null) { - newObj.setUserId(xxUser.getId()); - } else { - VXUser vxUser = new VXUser(); - vxUser.setName(newObj.getUserName()); - vxUser.setDescription(newObj.getUserName()); - vxUser = xUserService.createResource(vxUser); - newObj.setUserId(vxUser.getId()); - } - } - newObj.setResourceId(resource.getId()); - if (newObj.getId() != null) { - /** - * Considering the new objects won't have id however the - * existing ones will have id. - */ - for (VXPermMap oldObj : prevPermMapList) { - if (oldObj.getId().equals(newObj.getId())) { - if (oldObj.getPermType() != newObj.getPermType()) { - // This should never be the case because we're - // not supporting perm map update. - // doNothing... - logger.error( - "Invalid use case: shouldn't be happening, need to debug.", - new IllegalStateException()); - break; - } else { - xPermMapService.updateResource(newObj); - trxLogList.addAll(xPermMapService - .getTransactionLog(newObj, oldObj, - "update")); - } - } - } - // newObj = xPermMapService.updateResource(newObj); - } else { - newObj = xPermMapService.createResource(newObj); - trxLogList.addAll(xPermMapService.getTransactionLog(newObj, - "create")); - } - permMaps.add(newObj); - } - } - - // Delete old removed permissions - if (prevPermMapList != null) { - for (VXPermMap oldObj : prevPermMapList) { - boolean found = false; - if (newPermMapList != null) { - for (VXPermMap newObj : newPermMapList) { - if (newObj.getId() != null - && newObj.getId().equals(oldObj.getId())) { - found = true; - break; - } - } - } - if (!found) { - trxLogList.addAll(xPermMapService.getTransactionLog(oldObj, - "delete")); - permMapsToDelete.add(oldObj); - // xPermMapService.deleteResource(oldObj.getId()); - } - } - } - - List<VXAuditMap> newAuditMapList = vXResource.getAuditList(); - VXAuditMapList vXAuditMaps = xAuditMapService - .searchXAuditMaps(searchCriteria); - List<VXAuditMap> prevAuditMapList = new ArrayList<VXAuditMap>(); - if (vXAuditMaps != null && vXAuditMaps.getResultSize() != 0) { - prevAuditMapList = vXAuditMaps.getList(); - } - - // Create and update permissions - if (newAuditMapList != null) { - for (VXAuditMap newObj : newAuditMapList) { - if (newObj.getId() != null) { - /** - * Considering the new objects won't have id however the - * existing ones will have id. - */ - for (VXAuditMap oldObj : prevAuditMapList) { - if (oldObj.getId().equals(newObj.getId()) - && oldObj.getAuditType() != newObj - .getAuditType()) { - // This should never be the case because we're not - // supporting perm map update. - // doNothing... - logger.error( - "Invalid use case: shouldn't be happening, need to debug.", - new IllegalStateException()); - break; - // } else { - // trxLogList.addAll(xAuditMapService.getTransactionLog(newObj, - // oldObj, "update")); - } - } - // newObj = xAuditMapService.updateResource(newObj); - } else { - newObj = xAuditMapService.createResource(newObj); - trxLogList.addAll(xAuditMapService.getTransactionLog( - newObj, "create")); - } - auditMaps.add(newObj); - } - } - - // Delete old removed permissions - if (prevAuditMapList != null) { - for (VXAuditMap oldObj : prevAuditMapList) { - boolean found = false; - if (newAuditMapList != null) { - for (VXAuditMap newObj : newAuditMapList) { - if (newObj.getId() != null - && newObj.getId().equals(oldObj.getId())) { - found = true; - break; - } - } - } - - if (!found) { - trxLogList.addAll(xAuditMapService.getTransactionLog( - oldObj, "delete")); - auditMapsToDelete.add(oldObj); - // xAuditMapService.deleteResource(oldObj.getId()); - } - } - } - - xaBizUtil.createTrxLog(trxLogList); - - for (VXPermMap permMap : permMapsToDelete) { - xPermMapService.deleteResource(permMap.getId()); - } - - for (VXAuditMap auditMap : auditMapsToDelete) { - xAuditMapService.deleteResource(auditMap.getId()); - } - resource.setPermMapList(permMaps); - resource.setAuditList(auditMaps); - return resource; - } - - @Override - public void deleteXResource(Long id, boolean force) { - - VXResource vResource = xResourceService.readResource(id); - UserSessionBase currentUserSession = ContextUtil - .getCurrentUserSession(); - if (currentUserSession == null) { - throw restErrorUtil.createRESTException("Resource deletion not " - + "allowed",MessageEnums.OPER_NO_PERMISSION); - } - - Long assetId = vResource.getAssetId(); - XXAsset xAsset = xADaoManager.getXXAsset().getById(assetId); - if (xAsset == null) { - throw restErrorUtil.createRESTException("The repository for which " - + "you're deleting policy, doesn't exist.", - MessageEnums.INVALID_INPUT_DATA); - } - - if(xAsset.getActiveStatus()==XACommonEnums.STATUS_DISABLED){ - if(!currentUserSession.isUserAdmin()){ - logger.error("Trying to delete policy in disabled repository"); - throw restErrorUtil.createRESTException("Resource " - + "deletion not allowed in disabled repository",MessageEnums.OPER_NO_PERMISSION); - } - } - - SearchCriteria searchCriteria = new SearchCriteria(); - searchCriteria.addParam("resourceId", id); - - VXPermMapList permMaps = xPermMapService - .searchXPermMaps(searchCriteria); - VXAuditMapList vXAuditMapsList = xAuditMapService - .searchXAuditMaps(searchCriteria); - - List<XXTrxLog> trxLogList = xResourceService.getTransactionLog( - vResource, "delete"); - - for (VXPermMap vxPermMap : permMaps.getVXPermMaps()) { - trxLogList.addAll(xPermMapService.getTransactionLog(vxPermMap, - "delete")); - } - - for (VXAuditMap vXAuditMaps : vXAuditMapsList.getVXAuditMaps()) { - trxLogList.addAll(xAuditMapService.getTransactionLog(vXAuditMaps, - "delete")); - } - - xaBizUtil.createTrxLog(trxLogList); - - for (VXPermMap vxPermMap : permMaps.getVXPermMaps()) { - xPermMapService.deleteResource(vxPermMap.getId()); - } - - for (VXAuditMap vXAuditMaps : vXAuditMapsList.getVXAuditMaps()) { - xAuditMapService.deleteResource(vXAuditMaps.getId()); - } - - xResourceService.deleteResource(id); - } - - public File getXResourceFile(Long id, String fileType) { - VXResource xResource = xResourceService.readResource(id); - if (xResource == null) { - throw this.restErrorUtil.createRESTException( - "serverMsg.datasourceIdEmpty" + "id " + id, - MessageEnums.DATA_NOT_FOUND, id, "dataSourceId", - "DataSource not found with " + "id " + id); - } - File file = null; - try { - if (fileType != null) { - if (fileType.equalsIgnoreCase("json")) { - file = jsonUtil.writeJsonToFile(xResource, - xResource.getName()); - } else { - throw restErrorUtil.createRESTException( - "Please send the supported filetype.", - MessageEnums.INVALID_INPUT_DATA); - } - } else { - throw restErrorUtil - .createRESTException( - "Please send the file format in which you want to export.", - MessageEnums.DATA_NOT_FOUND); - } - } catch (JsonGenerationException e) { - throw this.restErrorUtil.createRESTException( - "serverMsg.jsonGeneration" + " : " + e.getMessage(), - MessageEnums.ERROR_SYSTEM); - } catch (JsonMappingException e) { - throw this.restErrorUtil.createRESTException( - "serverMsg.jsonMapping" + " : " + e.getMessage(), - MessageEnums.ERROR_SYSTEM); - } catch (IOException e) { - throw this.restErrorUtil.createRESTException( - "serverMsg.ioException" + " : " + e.getMessage(), - MessageEnums.ERROR_SYSTEM); - } - - return file; - } - - public VXStringList getHdfsResources(final String dataSourceName, - String baseDir) { - if (dataSourceName != null && baseDir != null) { - List<String> strList = new ArrayList<String>(); - try { - String wildCardToMatch; - final HadoopFS hdfsClient = assetConnectionMgr - .getHadoopConnection(dataSourceName); - - if (hdfsClient != null) { - Integer lastIndex = baseDir.lastIndexOf("/"); - if (lastIndex < 0) { - wildCardToMatch = baseDir + "*"; - baseDir = "/"; - } else if (lastIndex == 0 && baseDir.length() == 1) { - wildCardToMatch = null; - baseDir = "/"; - } else if ((lastIndex + 1) == baseDir.length()) { - wildCardToMatch = null; - baseDir = baseDir.substring(0, lastIndex + 1); - } else { - wildCardToMatch = baseDir.substring(lastIndex + 1) - + "*"; - baseDir = baseDir.substring(0, lastIndex + 1); - } - - final String finalBaseDir = baseDir; - final String finalWildCardToMatch = wildCardToMatch; - final Callable<List<String>> callableObj = new Callable<List<String>>() { - - @Override - public List<String> call() throws Exception { - return hdfsClient.listFiles(finalBaseDir, - finalWildCardToMatch); - } - - }; - - strList = TimedEventUtil.timedTask(callableObj, 5, - TimeUnit.SECONDS); // If - // strList = hdfsClient.listFiles(finalBaseDir, - // finalWildCardToMatch); - logger.debug("Resource dir : " + baseDir - + " wild card to match : " + wildCardToMatch - + "\n Matching resources : " + strList); - } - } catch (Exception e) { - logger.error("Unable to get hdfs resources.", e); - } - - return msBizUtil.mapStringListToVStringList(strList); - } else { - return new VXStringList(); - } - } - - public String getLatestRepoPolicy(String repository, - X509Certificate[] certchain, boolean httpEnabled, String epoch, - String ipAddress, boolean isSecure, String count, String agentId) { - - XXAsset xAsset = xADaoManager.getXXAsset().findByAssetName(repository); - if(xAsset==null){ - logger.error("Requested repository not found"); - throw restErrorUtil.createRESTException("No Data Found.", - MessageEnums.DATA_NOT_FOUND); - } - if(xAsset.getActiveStatus()==XACommonEnums.ACT_STATUS_DISABLED){ - logger.error("Requested repository is disabled"); - throw restErrorUtil.createRESTException("Unauthorized access.", - MessageEnums.OPER_NO_EXPORT); - } - - XXPolicyExportAudit policyExportAudit = new XXPolicyExportAudit(); - policyExportAudit.setRepositoryName(repository); - - if (agentId != null && !agentId.isEmpty()) { - policyExportAudit.setAgentId(agentId); - } - - policyExportAudit.setClientIP(ipAddress); - - if (epoch != null && !epoch.trim().isEmpty() && !epoch.equalsIgnoreCase("null")) { - policyExportAudit.setRequestedEpoch(Long.parseLong(epoch)); - } else { - policyExportAudit.setRequestedEpoch(0l); - } - - if (!httpEnabled) { - if (!isSecure) { - policyExportAudit - .setHttpRetCode(HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - throw restErrorUtil.createRESTException("Unauthorized access -" - + " only https allowed", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - - if (certchain == null || certchain.length == 0) { - - policyExportAudit - .setHttpRetCode(HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - throw restErrorUtil.createRESTException("Unauthorized access -" - + " unable to get client certificate", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - Long policyCount = restErrorUtil.parseLong(count, "Invalid value for " - + "policyCount", MessageEnums.INVALID_INPUT_DATA, null, - "policyCount"); - - String commonName = null; - - if (certchain != null) { - X509Certificate clientCert = certchain[0]; - String dn = clientCert.getSubjectX500Principal().getName(); - - try { - LdapName ln = new LdapName(dn); - for (Rdn rdn : ln.getRdns()) { - if (rdn.getType().equalsIgnoreCase("CN")) { - commonName = rdn.getValue() + ""; - break; - } - } - if (commonName == null) { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - throw restErrorUtil.createRESTException( - "Unauthorized access - Unable to find Common Name from [" - + dn + "]", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } catch (InvalidNameException e) { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - logger.error("Invalid Common Name.", e); - throw restErrorUtil.createRESTException( - "Unauthorized access - Invalid Common Name", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - if (repository == null || repository.isEmpty()) { - - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - logger.error("Repository name not provided"); - throw restErrorUtil.createRESTException("Unauthorized access.", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - - - - if (xAsset == null) { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - logger.error("Requested repository doesn't exist"); - throw restErrorUtil.createRESTException("Unauthorized access.", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - - if (policyCount == null) { - policyCount = 0l; - } - - if (commonName != null) { - String config = xAsset.getConfig(); - Map<String, String> configMap = jsonUtil.jsonToMap(config); - String cnFromConfig = configMap.get("commonNameForCertificate"); - - if (cnFromConfig == null - || !commonName.equalsIgnoreCase(cnFromConfig)) { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - - throw restErrorUtil.createRESTException( - "Unauthorized access. expected [" + cnFromConfig - + "], found [" + commonName + "]", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - // ////////////////////////////////////// - // Get latest updated time of repository - // ////////////////////////////////////// - Timestamp luTime = xADaoManager.getXXResource() - .getMaxUpdateTimeForAssetName(repository); - - HashMap<String, Object> updatedRepo = new HashMap<String, Object>(); - updatedRepo.put("repository_name", repository); - - Long updatedTime = 0l; - List<HashMap<String, Object>> resourceList = new ArrayList<HashMap<String, Object>>(); - - if (luTime != null) { - updatedTime = luTime.getTime(); - } - - { - List<XXResource> xResourceList = new ArrayList<XXResource>(); - - long epochTime = epoch != null ? Long.parseLong(epoch) : 0; - - if(epochTime == updatedTime) { - //TODO: instead of getting entire list, get just count(*) for the given repository - xResourceList = xADaoManager.getXXResource().findUpdatedResourcesByAssetName(repository, new Date(0L)); - - int resourceListSz = (xResourceList == null) ? 0 : xResourceList.size() ; - - if (policyCount == resourceListSz) { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_NOT_MODIFIED); - createPolicyAudit(policyExportAudit); - - throw restErrorUtil.createRESTException( - HttpServletResponse.SC_NOT_MODIFIED, - "No change since last update", false); - } - - } else { - xResourceList = xADaoManager.getXXResource().findUpdatedResourcesByAssetName(repository, new Date(0L)); - } - - - // HDFS Repository - if (xAsset.getAssetType() == AppConstants.ASSET_HDFS) { - for (XXResource xResource : xResourceList) { - HashMap<String, Object> resourceMap = new HashMap<String, Object>(); - resourceMap.put("id", xResource.getId()); - resourceMap.put("resource", xResource.getName()); - resourceMap.put("isRecursive", - getBooleanValue(xResource.getIsRecursive())); - resourceMap.put("policyStatus", XACommonEnums - .getLabelFor_ActiveStatus(xResource - .getResourceStatus())); - // resourceMap.put("isEncrypt", - // AKAConstants.getLabelFor_BooleanValue(xResource.getIsEncrypt())); - populatePermMap(xResource, resourceMap, AppConstants.ASSET_HDFS); - List<XXAuditMap> xAuditMaps = xADaoManager.getXXAuditMap() - .findByResourceId(xResource.getId()); - if (xAuditMaps.size() != 0) { - resourceMap.put("audit", 1); - } else { - resourceMap.put("audit", 0); - } - - resourceList.add(resourceMap); - } - } else if (xAsset.getAssetType() == AppConstants.ASSET_HIVE) { - for (XXResource xResource : xResourceList) { - HashMap<String, Object> resourceMap = new HashMap<String, Object>(); - resourceMap.put("id", xResource.getId()); - resourceMap.put("database_name", xResource.getDatabases()); - resourceMap.put("policyStatus", XACommonEnums - .getLabelFor_ActiveStatus(xResource - .getResourceStatus())); - resourceMap.put("tablePolicyType", AppConstants - .getLabelFor_PolicyType(xResource.getTableType())); - resourceMap.put("columnPolicyType", AppConstants - .getLabelFor_PolicyType(xResource.getColumnType())); - int resourceType = xResource.getResourceType(); - if (resourceType == AppConstants.RESOURCE_UDF) { - resourceMap.put("udf_name", xResource.getUdfs()); - } else if (resourceType == AppConstants.RESOURCE_COLUMN) { - resourceMap.put("table_name", xResource.getTables()); - resourceMap.put("column_name", xResource.getColumns()); - } else if (resourceType == AppConstants.RESOURCE_TABLE) { - resourceMap.put("table_name", xResource.getTables()); - } - - populatePermMap(xResource, resourceMap, AppConstants.ASSET_HIVE); - List<XXAuditMap> xAuditMaps = xADaoManager.getXXAuditMap() - .findByResourceId(xResource.getId()); - if (xAuditMaps.size() != 0) { - resourceMap.put("audit", 1); - } else { - resourceMap.put("audit", 0); - } - resourceList.add(resourceMap); - } - } - - else if (xAsset.getAssetType() == AppConstants.ASSET_HBASE) { - for (XXResource xResource : xResourceList) { - HashMap<String, Object> resourceMap = new HashMap<String, Object>(); - - resourceMap.put("id", xResource.getId()); - resourceMap.put("table_name", xResource.getTables()); - resourceMap.put("column_name", xResource.getColumns()); - resourceMap.put("column_families", - xResource.getColumnFamilies()); - resourceMap.put("policyStatus", XACommonEnums - .getLabelFor_ActiveStatus(xResource - .getResourceStatus())); - if (xResource.getIsEncrypt() == 1) { - resourceMap.put("encrypt", 1); - } else { - resourceMap.put("encrypt", 0); - } - // resourceMap.put("isEncrypt", - // AKAConstants.getLabelFor_BooleanValue(xResource.getIsEncrypt())); - populatePermMap(xResource, resourceMap, AppConstants.ASSET_HBASE); - List<XXAuditMap> xAuditMaps = xADaoManager.getXXAuditMap() - .findByResourceId(xResource.getId()); - if (xAuditMaps.size() != 0) { - resourceMap.put("audit", 1); - } else { - resourceMap.put("audit", 0); - } - resourceList.add(resourceMap); - } - } - else if (xAsset.getAssetType() == AppConstants.ASSET_KNOX) { - for (XXResource xResource : xResourceList) { - HashMap<String, Object> resourceMap = new HashMap<String, Object>(); - - resourceMap.put("id", xResource.getId()); - resourceMap.put("topology_name", xResource.getTopologies()) ; - resourceMap.put("service_name", xResource.getServices()) ; - resourceMap.put("policyStatus", XACommonEnums - .getLabelFor_ActiveStatus(xResource - .getResourceStatus())); - if (xResource.getIsEncrypt() == 1) { - resourceMap.put("encrypt", 1); - } else { - resourceMap.put("encrypt", 0); - } - // resourceMap.put("isEncrypt", - // AKAConstants.getLabelFor_BooleanValue(xResource.getIsEncrypt())); - populatePermMap(xResource, resourceMap, AppConstants.ASSET_KNOX); - List<XXAuditMap> xAuditMaps = xADaoManager.getXXAuditMap() - .findByResourceId(xResource.getId()); - if (xAuditMaps.size() != 0) { - resourceMap.put("audit", 1); - } else { - resourceMap.put("audit", 0); - } - resourceList.add(resourceMap); - } - - } - else if (xAsset.getAssetType() == AppConstants.ASSET_STORM) { - for (XXResource xResource : xResourceList) { - HashMap<String, Object> resourceMap = new HashMap<String, Object>(); - - resourceMap.put("id", xResource.getId()); - resourceMap.put("topology_name", xResource.getTopologies()) ; - resourceMap.put("policyStatus", XACommonEnums - .getLabelFor_ActiveStatus(xResource - .getResourceStatus())); - if (xResource.getIsEncrypt() == 1) { - resourceMap.put("encrypt", 1); - } else { - resourceMap.put("encrypt", 0); - } - populatePermMap(xResource, resourceMap, AppConstants.ASSET_STORM); - List<XXAuditMap> xAuditMaps = xADaoManager.getXXAuditMap() - .findByResourceId(xResource.getId()); - if (xAuditMaps.size() != 0) { - resourceMap.put("audit", 1); - } else { - resourceMap.put("audit", 0); - } - resourceList.add(resourceMap); - } - } else { - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST); - createPolicyAudit(policyExportAudit); - throw restErrorUtil.createRESTException( - "The operation isn't yet supported for the repository", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - policyCount = Long.valueOf(resourceList.size()); - updatedRepo.put("last_updated", updatedTime); - updatedRepo.put("policyCount", policyCount); - updatedRepo.put("acl", resourceList); - - String updatedPolicyStr = jsonUtil.readMapToString(updatedRepo); - -// File file = null; -// try { -// file = jsonUtil.writeMapToFile(updatedRepo, repository); -// } catch (JsonGenerationException e) { -// logger.error("Error exporting policies for repository : " -// + repository, e); -// } catch (JsonMappingException e) { -// logger.error("Error exporting policies for repository : " -// + repository, e); -// } catch (IOException e) { -// logger.error("Error exporting policies for repository : " -// + repository, e); -// } - - policyExportAudit - .setHttpRetCode(javax.servlet.http.HttpServletResponse.SC_OK); - createPolicyAudit(policyExportAudit); - - return updatedPolicyStr; - } - - public VXStringList getHiveResources(final String dataSourceName, - String databaseName, String tableName, String columnName) { - - List<String> resultList = new ArrayList<String>(); - if (dataSourceName != null) { - final HiveClient hiveClient = assetConnectionMgr - .getHiveConnection(dataSourceName); - - try { - final Callable<List<String>> callableObj; - final String finalDbName; - final String finalColName; - final String finalTableName; - - if (hiveClient != null && databaseName != null - && !databaseName.isEmpty()) { - if (tableName != null && !tableName.isEmpty()) { - if (columnName != null && !columnName.isEmpty()) { - columnName += "*"; - finalColName = columnName; - finalDbName = databaseName; - finalTableName = tableName; - - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return hiveClient.getColumnList( - finalDbName, finalTableName, - finalColName); - } - }; - } else { - tableName += "*"; - finalTableName = tableName; - finalDbName = databaseName; - callableObj = new Callable<List<String>>() { - - @Override - public List<String> call() { - return hiveClient.getTableList(finalDbName, - finalTableName); - } - - }; - } - } else { - databaseName += "*"; - finalDbName = databaseName; - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return hiveClient.getDatabaseList(finalDbName); - } - }; - - } - - synchronized (hiveClient) { - resultList = TimedEventUtil.timedTask(callableObj, 5, - TimeUnit.SECONDS); - } - - } - } catch (Exception e) { - logger.error("Unable to get hive resources.", e); - } - } - - return msBizUtil.mapStringListToVStringList(resultList); - } - - @Override - public VXAsset createXAsset(VXAsset vXAsset) { - UserSessionBase usb = ContextUtil.getCurrentUserSession(); - if (usb != null && usb.isUserAdmin()) { - - String defaultConfig = vXAsset.getConfig(); - defaultConfig=xAssetService.getConfigWithEncryptedPassword(defaultConfig,false); - vXAsset.setConfig(defaultConfig); - VXAsset createdVXAsset = (VXAsset) xAssetService - .createResource(vXAsset); - String udpatedConfig = vXAsset.getConfig(); - createdVXAsset.setConfig(defaultConfig); - - createDefaultPolicy(createdVXAsset, vXAsset.getConfig()); - createDefaultUDFPolicy(createdVXAsset, vXAsset.getConfig()); - createdVXAsset.setConfig(udpatedConfig); - - List<XXTrxLog> trxLogList = xAssetService.getTransactionLog( - createdVXAsset, "create"); - xaBizUtil.createTrxLog(trxLogList); - return createdVXAsset; - } else { - logger.debug("User id : " + usb.getUserId() + " doesn't have " - + "admin access to create repository."); - throw restErrorUtil - .createRESTException( - "Sorry, you don't have permission to perform the operation", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - private void createDefaultPolicy(VXAsset vXAsset, String config) { - int assetType = vXAsset.getAssetType(); - - Map<String, String> configMap = jsonUtil.jsonToMap(config); - String userName = stringUtil.getValidUserName(configMap.get("username")); - - VXResource vXResource = new VXResource(); - vXResource.setAssetId(vXAsset.getId()); - vXResource.setAssetName(vXAsset.getName()); - vXResource.setResourceStatus(AppConstants.STATUS_ENABLED); - String tempPolicyName=vXAsset.getName()+"-"+1+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - if (assetType == AppConstants.ASSET_HDFS) { - vXResource.setName("/"); - vXResource.setIsRecursive(AppConstants.BOOL_TRUE); - vXResource.setResourceType(AppConstants.RESOURCE_PATH); - } else if (assetType == AppConstants.ASSET_HIVE) { - vXResource.setDatabases("*"); - vXResource.setTables("*"); - vXResource.setColumns("*"); - vXResource.setName("/*/*/*"); - vXResource.setResourceType(AppConstants.RESOURCE_COLUMN); - } else if (assetType == AppConstants.ASSET_HBASE) { - vXResource.setTables("*"); - vXResource.setColumnFamilies("*"); - vXResource.setColumns("*"); - vXResource.setName("/*/*/*"); - vXResource.setResourceType(AppConstants.RESOURCE_COLUMN); - } else if (assetType == AppConstants.ASSET_KNOX) { - vXResource.setTopologies("*"); - vXResource.setServices("*"); - vXResource.setName("/*/*"); - vXResource.setResourceType(AppConstants.RESOURCE_SERVICE_NAME); - } else if (assetType == AppConstants.ASSET_STORM) { - vXResource.setTopologies("*"); - vXResource.setName("/*"); - vXResource.setResourceType(AppConstants.RESOURCE_TOPOLOGY); - } - - vXResource = xResourceService.createResource(vXResource); - - if (userName != null && !userName.isEmpty()) { - XXUser xxUser = xADaoManager.getXXUser().findByUserName(userName); - VXUser vXUser; - if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); - } else { - vXUser = new VXUser(); - vXUser.setName(userName); - vXUser.setUserSource(XACommonEnums.USER_EXTERNAL); - vXUser=xUserMgr.createXUser(vXUser); - //vXUser = xUserService.createResource(vXUser); - } - - Random rand = new Random(); - String permGrp = new Date() + " : " + rand.nextInt(9999); - - VXPermMap vXPermMap = new VXPermMap(); - vXPermMap.setUserId(vXUser.getId()); - vXPermMap.setResourceId(vXResource.getId()); - vXPermMap.setPermGroup(permGrp); - xPermMapService.createResource(vXPermMap); - - if (assetType == AppConstants.ASSET_KNOX) { - String permGroup = new Date() + " : " + rand.nextInt(9999); - - VXPermMap permAdmin = new VXPermMap(); - permAdmin.setPermFor(AppConstants.XA_PERM_FOR_USER); - permAdmin.setPermType(AppConstants.XA_PERM_TYPE_ADMIN); - permAdmin.setUserId(vXUser.getId()); - permAdmin.setPermGroup(permGroup); - permAdmin.setResourceId(vXResource.getId()); - xPermMapService.createResource(permAdmin); - - VXPermMap permAllow = new VXPermMap(); - permAllow.setPermFor(AppConstants.XA_PERM_FOR_USER); - permAllow.setPermType(AppConstants.XA_PERM_TYPE_ALLOW); - permAllow.setUserId(vXUser.getId()); - permAllow.setPermGroup(permGroup); - permAllow.setResourceId(vXResource.getId()); - xPermMapService.createResource(permAllow); - } - } - - VXAuditMap vXAuditMap = new VXAuditMap(); - vXAuditMap.setAuditType(AppConstants.XA_AUDIT_TYPE_ALL); - vXAuditMap.setResourceId(vXResource.getId()); - vXAuditMap = xAuditMapService.createResource(vXAuditMap); - vXResource=xResourceService.readResource(vXResource.getId()); - List<VXPermMap> permMapList = vXResource.getPermMapList(); - List<VXAuditMap> auditMapList = vXResource.getAuditList(); - - List<XXTrxLog> trxLogList = xResourceService.getTransactionLog( - vXResource, "create"); - for (VXPermMap vXPermMap : permMapList) { - trxLogList.addAll(xPermMapService.getTransactionLog(vXPermMap, - "create")); - } - for (VXAuditMap vXAuditMapObj : auditMapList) { - trxLogList.addAll(xAuditMapService.getTransactionLog(vXAuditMapObj, - "create")); - } - - xaBizUtil.createTrxLog(trxLogList); - - - } - - @Override - public VXAsset updateXAsset(VXAsset vXAsset) { - UserSessionBase usb = ContextUtil.getCurrentUserSession(); - if (usb != null && usb.isUserAdmin()) { - String newConfig=vXAsset.getConfig(); - HashMap<String, String> configMap = (HashMap<String, String>) jsonUtil - .jsonToMap(newConfig); - String password = configMap.get("password"); - String hiddenPasswordString = PropertiesUtil.getProperty( - "xa.password.hidden", "*****"); - if (password != null && !password.equals(hiddenPasswordString)) { - String defaultConfig = vXAsset.getConfig(); - defaultConfig=xAssetService.getConfigWithEncryptedPassword(defaultConfig,true); - vXAsset.setConfig(defaultConfig); - } - XXAsset xAsset = xADaoManager.getXXAsset() - .getById(vXAsset.getId()); - - if (xAsset.getActiveStatus() == XACommonEnums.STATUS_DELETED) { - logger.error("Trying to update Asset which is soft deleted"); - throw restErrorUtil.createRESTException( - "Repository that you want to update does not exist.", - MessageEnums.DATA_NOT_FOUND, xAsset.getId(), null, - "Repository not exist for this Id : " + xAsset.getId()); - } - - List<XXTrxLog> trxLogList = xAssetService.getTransactionLog( - vXAsset, xAsset, "update"); - vXAsset = (VXAsset) xAssetService.updateResource(vXAsset); - // update default policy permission and user - updateDefaultPolicy(vXAsset, vXAsset.getConfig()); - // TODO this should reset the connection - assetConnectionMgr.destroyConnection(vXAsset); - // TODO : Log in transaction log table - xaBizUtil.createTrxLog(trxLogList); - return vXAsset; - } else { - throw restErrorUtil.createRESTException( - "serverMsg.modelMgrBaseUpdateModel", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - @Override - public void deleteXAsset(Long id, boolean force) { - UserSessionBase usb = ContextUtil.getCurrentUserSession(); - if (usb != null && usb.isUserAdmin() && force) { - VXAsset vxAsset = xAssetService.readResource(id); - - if (vxAsset.getActiveStatus() == XACommonEnums.STATUS_DELETED) { - logger.error("Trying to delete Asset which is already soft deleted"); - throw restErrorUtil.createRESTException( - "Repository not found or its already deleted, for Id : " - + id, MessageEnums.DATA_NOT_FOUND, id, null, - "Repository not exist for this Id : " + id); - } - - SearchCriteria searchCriteria = new SearchCriteria(); - searchCriteria.addParam("assetId", id); - VXResourceList resources = searchXResources(searchCriteria); - if (resources != null && resources.getResultSize() != 0) { - for (VXResource resource : resources.getList()) { - deleteXResource(resource.getId(), true); - } - } - vxAsset.setActiveStatus(XACommonEnums.STATUS_DELETED); - xAssetService.updateResource(vxAsset); - List<XXTrxLog> trxLogList = xAssetService.getTransactionLog( - vxAsset, "delete"); - xaBizUtil.createTrxLog(trxLogList); - } else { - throw restErrorUtil.createRESTException( - "serverMsg.modelMgrBaseDeleteModel", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); - } - } - - public VXStringList getHBaseResources(final String dataSourceName, - String tableName, String columnFamilies) { - - List<String> resultList = new ArrayList<String>(); - if (dataSourceName != null) { - final HBaseClient hBaseClient = assetConnectionMgr - .getHBaseConnection(dataSourceName); - - try { - final Callable<List<String>> callableObj; - if (hBaseClient != null && tableName != null - && !tableName.isEmpty()) { - final String finalColFamilies; - final String finalTableName; - - if (columnFamilies != null && !columnFamilies.isEmpty()) { - if (!columnFamilies.endsWith("*")) { - columnFamilies += "*"; - } - - columnFamilies = columnFamilies.replaceAll("\\*", - ".\\*"); - finalColFamilies = columnFamilies; - finalTableName = tableName; - - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return hBaseClient.getColumnFamilyList( - finalTableName, finalColFamilies); - } - }; - - } else { - if (!tableName.endsWith("*")) { - tableName += "*"; - } - - tableName = tableName.replaceAll("\\*", ".\\*"); - finalTableName = tableName; - - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return hBaseClient.getTableList(finalTableName); - } - }; - - } - resultList = TimedEventUtil.timedTask(callableObj, 5, - TimeUnit.SECONDS); - } - - } catch (Exception e) { - logger.error("Unable to get hbase resources.", e); - } - } - - return msBizUtil.mapStringListToVStringList(resultList); - } - - public VXStringList getKnoxResources( - String knoxUrl,String knoxAdminUser, String knoxAdminPassword, - String topologyName, String serviceName) { - List<String> resultList = new ArrayList<String>(); - if (knoxUrl == null || knoxUrl.isEmpty()) { - logger.error("Unable to get knox resources: knoxUrl is empty"); - return msBizUtil.mapStringListToVStringList(resultList); - } else if (knoxAdminUser == null || knoxAdminUser.isEmpty()) { - logger.error("Unable to get knox resources: knoxAdminUser is empty"); - return msBizUtil.mapStringListToVStringList(resultList); - } else if (knoxAdminPassword == null || knoxAdminPassword.isEmpty()) { - logger.error("Unable to get knox resources: knoxAdminPassword is empty"); - return msBizUtil.mapStringListToVStringList(resultList); - } - - final KnoxClient knoxClient = assetConnectionMgr - .getKnoxClient(knoxUrl, knoxAdminUser, knoxAdminPassword); - VXStringList knoxResources = getKnoxResources(knoxClient, topologyName, serviceName); - return knoxResources; - } - - public VXStringList getKnoxResources(final String dataSourceName, - String topologyName, String serviceName) { - List<String> resultList = new ArrayList<String>(); - if (dataSourceName == null || dataSourceName.isEmpty()) { - logger.error("Unable to get knox resources: dataSourceName is null"); - return msBizUtil.mapStringListToVStringList(resultList); - } - - final KnoxClient knoxClient = assetConnectionMgr - .getKnoxClient(dataSourceName); - VXStringList knoxResources = getKnoxResources(knoxClient, topologyName, serviceName); - return knoxResources; - } - - - public VXStringList getKnoxResources(final KnoxClient knoxClient, - String topologyName, String serviceName) { - - List<String> resultList = new ArrayList<String>(); - - try { - if (knoxClient == null) { - logger.error("Unable to get knox resources: knoxClient is null"); - return msBizUtil.mapStringListToVStringList(resultList); - } - - final Callable<List<String>> callableObj; - if (serviceName != null) { - final String finalServiceNameMatching = serviceName.trim(); - final String finalTopologyName = topologyName; - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return knoxClient.getServiceList(finalTopologyName, - finalServiceNameMatching); - } - }; - - } else { - final String finalTopologyNameMatching = (topologyName == null) ? - "" : topologyName.trim(); - callableObj = new Callable<List<String>>() { - @Override - public List<String> call() { - return knoxClient.getTopologyList(finalTopologyNameMatching); - } - }; - } - resultList = TimedEventUtil.timedTask(callableObj, 5, - TimeUnit.SECONDS); - - } catch (Exception e) { - logger.error("Unable to get knox resources.", e); - } - - return msBizUtil.mapStringListToVStringList(resultList); - } - - public VXResponse testConfig(VXAsset vXAsset) { - - if (vXAsset.getActiveStatus() == XACommonEnums.STATUS_DELETED) { - logger.error("Trying to test Asset which is soft deleted"); - throw restErrorUtil.createRESTException( - "Repository not found, Repository Name : " + vXAsset.getName(), - MessageEnums.DATA_NOT_FOUND, vXAsset.getId(), null, - "Repository not exist for this Id : " + vXAsset.getId()); - } - - int assetType = vXAsset.getAssetType(); - - VXResponse testResponse = new VXResponse(); - HashMap<String, Object> responseData = new HashMap<String, Object>(); - - HashMap<String, String> configMap = (HashMap<String, String>) jsonUtil - .jsonToMap(vXAsset.getConfig()); - String password = configMap.get("password"); - String hiddenPasswordString = PropertiesUtil.getProperty( - "xa.password.hidden", "*****"); - - if (password != null && password.equals(hiddenPasswordString)) { - String assetName = vXAsset.getName(); - if (assetName != null) { - XXAsset existingVXAsset = xADaoManager.getXXAsset() - .findByAssetName(assetName); - if (existingVXAsset != null - && existingVXAsset.getConfig() != null) { - String existingConfig = existingVXAsset.getConfig(); - existingConfig=xAssetService.getConfigWithDecryptedPassword(existingConfig); - HashMap<String, String> existingConfigMap = (HashMap<String, String>) jsonUtil - .jsonToMap(existingConfig); - String existingPassword = existingConfigMap.get("password"); - if (existingPassword != null) { - configMap.put("password", existingPassword); - } - } - } - } - - try { - String dataSource = vXAsset.getName(); - if (assetType == AppConstants.ASSET_HDFS) { - // HadoopFS connectionObj = new HadoopFS(vXAsset.getName(), - // configMap); - // if (connectionObj != null) { - // List<String> testResult = connectionObj - // .listFiles("/", null); - // if (testResult != null && testResult.size() != 0) { - // connectivityStatus = true; - // } - // } - responseData = HadoopFS.testConnection(dataSource, configMap); - } else if (assetType == AppConstants.ASSET_HIVE) { - // HiveClient connectionObj = new HiveClient(vXAsset.getName(), - // configMap); - // if (connectionObj != null) { - // List<String> testResult = connectionObj - // .getDatabaseList("*"); - // if (testResult != null && testResult.size() != 0) { - // connectivityStatus = true; - // } - // } - // connectionObj.close(); - responseData = HiveClient.testConnection(dataSource, configMap); - } else if (assetType == AppConstants.ASSET_HBASE) { - // HBaseClient connectionObj = new - // HBaseClient(vXAsset.getName(), - // configMap); - // if (connectionObj != null) { - // connectivityStatus = connectionObj.getHBaseStatus(); - // } else { - // Log.error("testConfig: Not able to create HBaseClient"); - // } - responseData = HBaseClient - .testConnection(dataSource, configMap); - } else if (assetType == AppConstants.ASSET_KNOX) { - // KnoxClient knoxClient = assetConnectionMgr.getKnoxClient( - // vXAsset.getName(), configMap); - // VXStringList vxStringList = getKnoxResources(knoxClient, "", - // null); - // if (vxStringList != null && (vxStringList.getListSize() != - // 0)) { - // connectivityStatus = true; - // } - responseData = KnoxClient.testConnection(dataSource, configMap); - } else if (assetType == AppConstants.ASSET_STORM) { - responseData = StormClient.testConnection(dataSource, configMap); - } else { - throw restErrorUtil.createRESTException( - "Invalid repository type.", - MessageEnums.INVALID_INPUT_DATA); - } - testResponse = generateResponseForTestConn(responseData, ""); - - } catch (Exception e) { - - String msg = "Unable to connect repository with given config for " - + vXAsset.getName(); - HashMap<String, Object> respData = new HashMap<String, Object>(); - String message = ""; - if (e instanceof HadoopException) { - respData = ((HadoopException) e).responseData; - message = (respData != null && respData.get("message") != null) ? respData.get( - "message").toString() : msg; - } - if(respData == null) { - respData = new HashMap<String, Object>(); - } - testResponse = generateResponseForTestConn(respData, message); - logger.error(msg, e); - } - return testResponse; - } - - private VXResponse generateResponseForTestConn( - HashMap<String, Object> responseData, String msg) { - VXResponse vXResponse = new VXResponse(); - - Long objId = (responseData.get("objectId") != null) ? Long - .parseLong(responseData.get("objectId").toString()) : null; - boolean connectivityStatus = (responseData.get("connectivityStatus") != null) ? Boolean - .parseBoolean(responseData.get("connectivityStatus").toString()) - : false; - int statusCode = (connectivityStatus) ? VXResponse.STATUS_SUCCESS - : VXResponse.STATUS_ERROR; - String message = (responseData.get("message") != null) ? responseData - .get("message").toString() : msg; - String description = (responseData.get("description") != null) ? responseData - .get("description").toString() : msg; - String fieldName = (responseData.get("fieldName") != null) ? responseData - .get("fieldName").toString() : null; - - VXMessage vXMsg = new VXMessage(); - List<VXMessage> vXMsgList = new ArrayList<VXMessage>(); - vXMsg.setFieldName(fieldName); - vXMsg.setMessage(message); - vXMsg.setObjectId(objId); - vXMsgList.add(vXMsg); - - vXResponse.setMessageList(vXMsgList); - vXResponse.setMsgDesc(description); - vXResponse.setStatusCode(statusCode); - return vXResponse; - } - - private void createResourcePathForHive(VXResource vXResource) { - - String[] databases = (vXResource.getDatabases() == null || vXResource - .getDatabases().equalsIgnoreCase("")) ? null : stringUtil - .split(vXResource.getDatabases(), ","); - String[] tables = (vXResource.getTables() == null || vXResource - .getTables().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getTables(), ","); - String[] udfs = (vXResource.getUdfs() == null || vXResource.getUdfs() - .equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getUdfs(), ","); - String[] columns = (vXResource.getColumns() == null || vXResource - .getColumns().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getColumns(), ","); - - StringBuilder stringBuilder = new StringBuilder(); - -// int resourceType = vXResource.getResourceType(); - int resourceType = xPolicyService.getResourceType(vXResource); - - if (databases == null) { - logger.error("Invalid resources for hive policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resources.", MessageEnums.INVALID_INPUT_DATA); - } - - switch (resourceType) { - - case AppConstants.RESOURCE_COLUMN: - for (String column : columns) { - for (String table : tables) { - for (String database : databases) { - stringBuilder.append("/" + database + "/" + table + "/" - + column + ","); - } - } - } - break; - - case AppConstants.RESOURCE_TABLE: - for (String table : tables) { - for (String database : databases) { - stringBuilder.append("/" + database + "/" + table + ","); - } - } - break; - - case AppConstants.RESOURCE_UDF: - for (String udf : udfs) { - for (String database : databases) { - stringBuilder.append("/" + database + "/" + udf + ","); - } - } - break; - - case AppConstants.RESOURCE_DB: - for (String database : databases) { - stringBuilder.append("/" + database + ","); - } - break; - - default: - logger.error("Invalid resource type : " + resourceType - + " for hive policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resource type.", MessageEnums.INVALID_INPUT_DATA); - } - - int lastIndexOfSeperator = stringBuilder.lastIndexOf(","); - if (lastIndexOfSeperator > 0) { - String name = stringBuilder.substring(0, - stringBuilder.lastIndexOf(",")); - vXResource.setName(name); - } else { - vXResource.setName(stringBuilder.toString()); - } - } - - private void createResourcePathForHbase(VXResource vXResource) { - - String[] tables = (vXResource.getTables() == null || vXResource - .getTables().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getTables(), ","); - String[] columnFamilies = (vXResource.getColumnFamilies() == null || vXResource - .getColumnFamilies().equalsIgnoreCase("")) ? null : stringUtil - .split(vXResource.getColumnFamilies(), ","); - String[] columns = (vXResource.getColumns() == null || vXResource - .getColumns().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getColumns(), ","); - - StringBuilder stringBuilder = new StringBuilder(); - -// int resourceType = vXResource.getResourceType(); - int resourceType = xPolicyService.getResourceType(vXResource); - - if (tables == null) { - logger.error("Invalid resources for hbase policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resources.", MessageEnums.INVALID_INPUT_DATA); - } - - switch (resourceType) { - - case AppConstants.RESOURCE_COLUMN: - for (String column : columns) { - for (String columnFamily : columnFamilies) { - for (String table : tables) { - stringBuilder.append("/" + table + "/" + columnFamily - + "/" + column + ","); - } - } - } - break; - - case AppConstants.RESOURCE_COL_FAM: - for (String columnFamily : columnFamilies) { - for (String table : tables) { - stringBuilder - .append("/" + table + "/" + columnFamily + ","); - } - } - break; - - case AppConstants.RESOURCE_TABLE: - for (String table : tables) { - stringBuilder.append("/" + table + ","); - } - break; - - default: - logger.error("Invalid resource type : " + resourceType - + " for hbase policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resource type.", MessageEnums.INVALID_INPUT_DATA); - } - - int lastIndexOfSeperator = stringBuilder.lastIndexOf(","); - if (lastIndexOfSeperator > 0) { - String name = stringBuilder.substring(0, - stringBuilder.lastIndexOf(",")); - vXResource.setName(name); - } else { - vXResource.setName(stringBuilder.toString()); - } - } - private void createResourcePathForKnox(VXResource vXResource) { - - String[] topologies = (vXResource.getTopologies() == null || vXResource - .getTopologies().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getTopologies(), ","); - String[] serviceNames = (vXResource.getServices() == null || vXResource - .getServices().equalsIgnoreCase("")) ? null : stringUtil - .split(vXResource.getServices(), ","); - - StringBuilder stringBuilder = new StringBuilder(); - -// int resourceType = vXResource.getResourceType(); - int resourceType = xPolicyService.getResourceType(vXResource); - - if (topologies == null) { - logger.error("Invalid resources for knox policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resources.", MessageEnums.INVALID_INPUT_DATA); - } - - switch (resourceType) { - - case AppConstants.RESOURCE_SERVICE_NAME: - for (String serviceName : serviceNames) { - for (String topology : topologies) { - stringBuilder - .append("/" + topology + "/" + serviceName + ","); - } - } - break; - - case AppConstants.RESOURCE_TOPOLOGY: - for (String topology : topologies) { - stringBuilder.append("/" + topology + ","); - } - break; - - default: - logger.error("Invalid resource type : " + resourceType - + " for hbase policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resource type.", MessageEnums.INVALID_INPUT_DATA); - } - - int lastIndexOfSeperator = stringBuilder.lastIndexOf(","); - if (lastIndexOfSeperator > 0) { - String name = stringBuilder.substring(0, - stringBuilder.lastIndexOf(",")); - vXResource.setName(name); - } else { - vXResource.setName(stringBuilder.toString()); - } - } - private void createResourcePathForStorm(VXResource vXResource) { - - String[] topologies = (vXResource.getTopologies() == null || vXResource - .getTopologies().equalsIgnoreCase("")) ? null : stringUtil.split( - vXResource.getTopologies(), ","); - - String[] serviceNames = (vXResource.getServices() == null || vXResource - .getServices().equalsIgnoreCase("")) ? null : stringUtil - .split(vXResource.getServices(), ","); - - StringBuilder stringBuilder = new StringBuilder(); - -// int resourceType = vXResource.getResourceType(); - int resourceType = xPolicyService.getResourceType(vXResource); - - if (topologies == null) { - logger.error("Invalid resources for Storm policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resources.", MessageEnums.INVALID_INPUT_DATA); - } - - switch (resourceType) { - - case AppConstants.RESOURCE_TOPOLOGY: - for (String topology : topologies) { - stringBuilder.append("/" + topology + ","); - } - break; - - case AppConstants.RESOURCE_SERVICE_NAME: - for (String serviceName : serviceNames) { - for (String topology : topologies) { - stringBuilder.append("/" + topology + "/" + serviceName + ","); - } - } - break; - - default: - logger.error("Invalid resource type : " + resourceType - + " for Storm policy."); - throw restErrorUtil.createRESTException("Please provide the" - + " valid resource type.", MessageEnums.INVALID_INPUT_DATA); - } - - int lastIndexOfSeperator = stringBuilder.lastIndexOf(","); - if (lastIndexOfSeperator > 0) { - String name = stringBuilder.substring(0, - stringBuilder.lastIndexOf(",")); - vXResource.setName(name); - } else { - vXResource.setName(stringBuilder.toString()); - } - } - @SuppressWarnings("unchecked") - private HashMap<String, Object> populatePermMap(XXResource xResource, - HashMap<String, Object> resourceMap, int assetType) { - List<XXPermMap> xPermMapList = xADaoManager.getXXPermMap() - .findByResourceId(xResource.getId()); - - Set<Long> groupList = new HashSet<Long>(); - for (XXPermMap xPermMap : xPermMapList) { - groupList.add(xPermMap.getId()); - } - - List<HashMap<String, Object>> sortedPermMapGroupList = new ArrayList<HashMap<String, Object>>(); - - // Loop for adding group perms - for (XXPermMap xPermMap : xPermMapList) { - String groupKey = xPermMap.getPermGroup(); - if (groupKey != null) { - boolean found = false; - for (HashMap<String, Object> sortedPermMap : sortedPermMapGroupList) { - if (sortedPermMap.containsValue(groupKey)) { - found = true; - - Long groupId = xPermMap.getGroupId(); - Long userId = xPermMap.getUserId(); - - if (groupId != null) { - Set<String> groups = (Set<String>) sortedPermMap - .get("groups"); - XXGroup xGroup = xADaoManager.getXXGroup() - .getById(groupId); - if(xGroup!=null && groups != null){ - groups.add(xGroup.getName()); - sortedPermMap.put("groups", groups); - } - } else if (userId != null) { - Set<String> users = (Set<String>) sortedPermMap - .get("users"); - XXUser xUser = xADaoManager.getXXUser().getById( - userId); - if (users != null && xUser != null) { - users.add(xUser.getName()); - sortedPermMap.put("users", users); - } - } - - Set<String> access = (Set<String>) sortedPermMap - .get("access"); - String perm = AppConstants - .getLabelFor_XAPermType(xPermMap.getPermType()); - access.add(perm); - sortedPermMap.put("access", access); - } - } - if (!found) { - HashMap<String, Object> sortedPermMap = new HashMap<String, Object>(); - sortedPermMap.put("groupKey", xPermMap.getPermGroup()); - - Set<String> permSet = new HashSet<String>(); - String perm = AppConstants.getLabelFor_XAPermType(xPermMap - .getPermType()); - permSet.add(perm); - - sortedPermMap.put("access", permSet); - - if(assetType == AppConstants.ASSET_KNOX){ - String[] ipAddrList = new String[0]; - if(xPermMap.getIpAddress() != null){ - ipAddrList = xPermMap.getIpAddress().split(","); - sortedPermMap.put("ipAddress", ipAddrList); - }else - sortedPermMap.put("ipAddress",ipAddrList); - } - - Long groupId = xPermMap.getGroupId(); - Long userId = xPermMap.getUserId(); - - if (groupId != null) { - Set<String> groupSet = new HashSet<String>(); - XXGroup xGroup = xADaoManager.getXXGroup().getById( - xPermMap.getGroupId()); - String group = xGroup.getName(); - groupSet.add(group); - sortedPermMap.put("groups", groupSet); - } else if (userId != null) { - Set<String> userSet = new HashSet<String>(); - XXUser xUser = xADaoManager.getXXUser() - .getById(userId); - String user = xUser.getName(); - userSet.add(user); - sortedPermMap.put("users", userSet); - } - - sortedPermMapGroupList.add(sortedPermMap); - } - } - } - - for (HashMap<String, Object> sortedPermMap : sortedPermMapGroupList) { - sortedPermMap.remove("groupKey"); - } - - for (HashMap<String, Object> sortedPermMap : sortedPermMapGroupList) { - sortedPermMap.remove("groupKey"); - } - - resourceMap.put("permission", sortedPermMapGroupList); - return resourceMap; - } - - private String getBooleanValue(int elementValue) { - if (elementValue == 1) { - return "1"; // BOOL_TRUE - } - return "0"; // BOOL_FALSE - } - - public void updateDefaultPolicy(VXAsset vXAsset, String config) { - int assetType = vXAsset.getAssetType(); - Map<String, String> configMap = jsonUtil.jsonToMap(config); - String userName = stringUtil.getValidUserName(configMap.get("username")); - VXResource vxResource = fetchDefaultPolicyForAsset(vXAsset.getId(), - assetType); - if (vxResource != null) { - UpdateDefaultPolicyUserAndPerm(vxResource, userName); - } - } - - public void UpdateDefaultPolicyUserAndPerm(VXResource vXResource, - String userName) { - if (userName != null && !userName.isEmpty()) { - XXUser xxUser = xADaoManager.getXXUser().findByUserName(userName); - VXUser vXUser; - if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); - } else { - vXUser = new VXUser(); - vXUser.setName(userName); - // FIXME hack : unnecessary. - vXUser.setDescription(userName); - vXUser = xUserService.createResource(vXUser); - } - // fetch old permission and consider only one permission for default - // policy - List<XXPermMap> xxPermMapList = xADaoManager.getXXPermMap() - .findByResourceId(vXResource.getId()); - VXPermMap vXPermMap = null; - if (xxPermMapList != null && xxPermMapList.size() != 0) { - vXPermMap = xPermMapService.populateViewBean(xxPermMapList - .get(0)); - } - - if (vXPermMap == null) { - // create new permission - vXPermMap = new VXPermMap(); - vXPermMap.setUserId(vXUser.getId()); - vXPermMap.setResourceId(vXResource.getId()); - } else { - // update old permission after updating userid - vXPermMap.setUserId(vXUser.getId()); - xPermMapService.updateResource(vXPermMap); - } - - } - - } - - public VXResource fetchDefaultPolicyForAsset(Long assetId, int assetType) { - String resourceName = ""; - List<XXResource> xxResourceList = new ArrayList<XXResource>(); - if (assetType == AppConstants.ASSET_HDFS) { - resourceName = "/*"; - xxResourceList = xADaoManager.getXXResource() - .findByResourceNameAndAssetIdAndRecursiveFlag(resourceName, - assetId, AppConstants.BOOL_TRUE); - } else if (assetType == AppConstants.ASSET_HIVE) { - resourceName = "/*/*/*"; - xxResourceList = xADaoManager.getXXResource() - .findByResourceNameAndAssetIdAndResourceType(resourceName, - assetId, AppConstants.RESOURCE_UNKNOWN); - } else if (assetType == AppConstants.ASSET_HBASE) { - resourceName = "/*/*/*"; - xxResourceList = xADaoManager.getXXResource() - .findByResourceNameAndAssetIdAndResourceType(resourceName, - assetId, AppConstants.RESOURCE_UNKNOWN); - } - XXResource xxResource = null; - for (XXResource resource : xxResourceList) { - if (resource.getName().equals(resourceName)) { - xxResource = resource; - break; - } - } - - if (xxResource != null) { - return xResourceService.populateViewBean(xxResource); - } - return null; - - } - - public XXPolicyExportAudit createPolicyAudit( - final XXPolicyExportAudit xXPolicyExportAudit) { - TransactionTemplate txTemplate = new TransactionTemplate(txManager); - txTemplate - .setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED); - XXPolicyExportAudit policyExportAudit = (XXPolicyExportAudit) txTemplate - .execute(new TransactionCallback<Object>() { - public Object doInTransaction(TransactionStatus status) { - if (xXPolicyExportAudit.getHttpRetCode() == HttpServletResponse.SC_NOT_MODIFIED) { - boolean logNotModified = PropertiesUtil - .getBooleanProperty( - "xa.log.SC_NOT_MODIFIED", false); - if (!logNotModified) { - logger.info("Not logging HttpServletResponse." - + "SC_NOT_MODIFIED, to enable, update " - + ": xa.log.SC_NOT_MODIFIED"); - return null; - } - } - return xADaoManager.getXXPolicyExportAudit().create( - xXPolicyExportAudit); - } - }); - return policyExportAudit; - } - - public VXTrxLogList getReportLogs(SearchCriteria searchCriteria) { - if (!xaBizUtil.isAdmin()) { - throw restErrorUtil.create403RESTException("Permission Denied !"); - } - - if (searchCriteria != null && searchCriteria.getParamList() != null - && searchCriteria.getParamList().size() > 0) { - int clientTimeOffsetInMinute = RestUtil.getClientTimeOffset(); - java.util.Date temp = null; - DateUtil dateUtil = new DateUtil(); - if (searchCriteria.getParamList().containsKey("startDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "startDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 0, 0, 0); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("startDate", temp); - } - if (searchCriteria.getParamList().containsKey("endDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "endDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 23, 59, 59); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("endDate", temp); - } - if (searchCriteria.getParamList().containsKey("owner")) { - XXPortalUser xXPortalUser= xADaoManager.getXXPortalUser().findByLoginId( - (searchCriteria.getParamList().get("owner").toString())); - if(xXPortalUser!=null){ - searchCriteria.getParamList().put("owner", xXPortalUser.getId()); - }else{ - searchCriteria.getParamList().put("owner", 0); - } - - } - - } - - VXTrxLogList vXTrxLogList = xTrxLogService - .searchXTrxLogs(searchCriteria); - Long count=xTrxLogService - .searchXTrxLogsCount(searchCriteria); - vXTrxLogList.setTotalCount(count); - return vXTrxLogList; - } - - public VXAccessAuditList getAccessLogs(SearchCriteria searchCriteria) { - - if (searchCriteria != null && searchCriteria.getParamList() != null - && searchCriteria.getParamList().size() > 0) { - int clientTimeOffsetInMinute = RestUtil.getClientTimeOffset(); - java.util.Date temp = null; - DateUtil dateUtil = new DateUtil(); - if (searchCriteria.getParamList().containsKey("startDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "startDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 0, 0, 0); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("startDate", temp); - } - if (searchCriteria.getParamList().containsKey("endDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "endDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 23, 59, 59); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("endDate", temp); - } - - } - if(searchCriteria.getSortType()==null){ - searchCriteria.setSortType("desc"); - }else if(!searchCriteria.getSortType().equalsIgnoreCase("asc")&& !searchCriteria.getSortType().equalsIgnoreCase("desc")){ - searchCriteria.setSortType("desc"); - } - return xAccessAuditService.searchXAccessAudits(searchCriteria); - } - - public VXTrxLogList getTransactionReport(String transactionId) { - List<XXTrxLog> xTrxLogList = xADaoManager.getXXTrxLog() - .findByTransactionId(transactionId); - VXTrxLogList vXTrxLogList = new VXTrxLogList(); - List<VXTrxLog> vXTrxLogs = vXTrxLogList.getVXTrxLogs(); - for (XXTrxLog xTrxLog : xTrxLogList) { - VXTrxLog vXTrxLog = xTrxLogService.populateViewBean(xTrxLog); - if(vXTrxLog.getPreviousValue()==null || vXTrxLog.getPreviousValue().equalsIgnoreCase("null")){ - vXTrxLog.setPreviousValue(""); - } - if(vXTrxLog.getAttributeName()!=null && vXTrxLog.getAttributeName().equalsIgnoreCase("Password")){ - vXTrxLog.setPreviousValue("*********"); - vXTrxLog.setNewValue("***********"); - } - if(vXTrxLog.getAttributeName()!=null && vXTrxLog.getAttributeName().equalsIgnoreCase("Connection Configurations")){ - if(vXTrxLog.getPreviousValue()!=null && vXTrxLog.getPreviousValue().contains("password")){ - String tempPreviousStr=vXTrxLog.getPreviousValue(); - String tempPreviousArr[]=vXTrxLog.getPreviousValue().split(","); - for(int i=0;i<tempPreviousArr.length;i++){ - if(tempPreviousArr[i].contains("{\"password")){ - vXTrxLog.setPreviousValue(tempPreviousStr.replace(tempPreviousArr[i], "{\"password\":\"*****\"}")); - break; - }else if(tempPreviousArr[i].contains("\"password") && tempPreviousArr[i].contains("}")){ - vXTrxLog.setPreviousValue(tempPreviousStr.replace(tempPreviousArr[i], "\"password\":\"******\"}")); - break; - }else if(tempPreviousArr[i].contains("\"password")){ - vXTrxLog.setPreviousValue(tempPreviousStr.replace(tempPreviousArr[i], "\"password\":\"******\"")); - break; - } - } - } - if(vXTrxLog.getNewValue()!=null && vXTrxLog.getNewValue().contains("password")){ - String tempNewStr=vXTrxLog.getNewValue(); - String tempNewArr[]=vXTrxLog.getNewValue().split(","); - for(int i=0;i<tempNewArr.length;i++){ - if(tempNewArr[i].contains("{\"password")){ - vXTrxLog.setNewValue(tempNewStr.replace(tempNewArr[i], "{\"password\":\"*****\"}")); - break; - }else if(tempNewArr[i].contains("\"password") && tempNewArr[i].contains("}")){ - vXTrxLog.setNewValue(tempNewStr.replace(tempNewArr[i], "\"password\":\"******\"}")); - break; - }else if(tempNewArr[i].contains("\"password")){ - vXTrxLog.setNewValue(tempNewStr.replace(tempNewArr[i], "\"password\":\"******\"")); - break; - } - } - } - } - vXTrxLogs.add(vXTrxLog); - } - vXTrxLogList.setVXTrxLogs(vXTrxLogs); - return vXTrxLogList; - } - - /* - * (non-Javadoc) - * - * @see - * com.xasecure.biz.AssetMgrBase#searchXPolicyExportAudits(com.xasecure. - * common.SearchCriteria) - */ - @Override - public VXPolicyExportAuditList searchXPolicyExportAudits( - SearchCriteria searchCriteria) { - if (searchCriteria != null && searchCriteria.getParamList() != null - && searchCriteria.getParamList().size() > 0) { - - int clientTimeOffsetInMinute = RestUtil.getClientTimeOffset(); - java.util.Date temp = null; - DateUtil dateUtil = new DateUtil(); - if (searchCriteria.getParamList().containsKey("startDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "startDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 0, 0, 0); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("startDate", temp); - } - if (searchCriteria.getParamList().containsKey("endDate")) { - temp = (java.util.Date) searchCriteria.getParamList().get( - "endDate"); - temp = dateUtil.getDateFromGivenDate(temp, 0, 23, 59, 59); - temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute); - searchCriteria.getParamList().put("endDate", temp); - } - } - - return xPolicyExportAuditService.searchXPolicyExportAudits(searchCriteria); - } - - public VXAsset getXAsset(Long id){ - UserSessionBase currentUserSession = ContextUtil - .getCurrentUserSession(); - VXAsset vXAsset=null; - if (currentUserSession.isUserAdmin()) { - vXAsset = xAssetService.readResource(id); - if (vXAsset.getActiveStatus() == XACommonEnums.STATUS_DELETED) { - logger.error("Trying to read Asset which is soft deleted"); - throw restErrorUtil.createRESTException( - "Repository not found for this Id : " + id, - MessageEnums.DATA_NOT_FOUND, id, null, - "Repository does not exist for this Id : " + id); - } - }else{ - XXAsset xXAsset=xADaoManager.getXXAsset().getById(id); - - if (xXAsset.getActiveStatus() == XACommonEnums.STATUS_DELETED) { - logger.error("Trying to read Asset which is soft deleted"); - throw restErrorUtil.createRESTException( - "Repository not found for this Id : " + id, - MessageEnums.DATA_NOT_FOUND, id, null, - "Repository does not exist for this Id : " + id); - } - - vXAsset=xAssetService.populateViewBean(xXAsset); - /*List<XXResource> xXResourceList=xADaoManager - .getXXResource().findByAssetId(id); - for (XXResource xXResource : xXResourceList) { - VXResponse vXResponse = xaBizUtil.hasPermission(xResourceService.populateViewBean(xXResource), - AppConstants.XA_PERM_TYPE_ADMIN); - if(vXResponse.getStatusCode() == VXResponse.STATUS_SUCCESS){ - XXAsset xXAsset=xADaoManager.getXXAsset().getById(id); - vXAsset=xAssetService.populateViewBean(xXAsset); - break; - } - }*/ - } - return vXAsset; - } - - private void createDefaultUDFPolicy(VXAsset vXAsset, String config) { - int assetType = vXAsset.getAssetType(); - if (assetType != AppConstants.ASSET_HIVE) { - return ; - } - Map<String, String> configMap = jsonUtil.jsonToMap(config); - String userName = stringUtil.getValidUserName(configMap.get("username")); - VXResource vXResource = new VXResource(); - vXResource.setAssetId(vXAsset.getId()); - vXResource.setAssetName(vXAsset.getName()); - vXResource.setResourceStatus(AppConstants.STATUS_ENABLED); - String tempPolicyName=vXAsset.getName()+"-"+2+"-"+DateUtil.dateToString(DateUtil.getUTCDate(),"yyyyMMddHHmmss"); - vXResource.setPolicyName(tempPolicyName); - if (assetType == AppConstants.ASSET_HIVE) { - vXResource.setDatabases("*"); - vXResource.setTables(""); - vXResource.setColumns(""); - vXResource.setUdfs("*"); - vXResource.setName("/*/*"); - vXResource.setResourceType(AppConstant
<TRUNCATED>
