Repository: incubator-ranger Updated Branches: refs/heads/stack c3a336ea2 -> 9784f5343
RANGER-203: added hasRole(admin) to createService and updateService REST methods. added search by status of serviceDef/service/policy. added sortBy createTime and updateTime Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/9784f534 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/9784f534 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/9784f534 Branch: refs/heads/stack Commit: 9784f5343fa710c3b9199b58e7e221b5739a20a4 Parents: c3a336e Author: Madhan Neethiraj <[email protected]> Authored: Fri Jan 30 16:22:56 2015 -0800 Committer: Madhan Neethiraj <[email protected]> Committed: Fri Jan 30 16:22:56 2015 -0800 ---------------------------------------------------------------------- .../plugin/model/RangerBaseModelObject.java | 18 +- .../ranger/plugin/model/RangerPolicy.java | 29 +- .../ranger/plugin/model/RangerService.java | 26 +- .../ranger/plugin/model/RangerServiceDef.java | 16 + .../plugin/store/ServiceStoreFactory.java | 1 - .../plugin/store/file/ServiceFileStore.java | 333 +++++++++---------- .../apache/ranger/plugin/util/SearchFilter.java | 24 +- .../ranger/plugin/store/TestServiceStore.java | 4 +- .../ranger/plugin/util/TestPolicyRefresher.java | 6 +- .../org/apache/ranger/rest/ServiceREST.java | 4 +- 10 files changed, 227 insertions(+), 234 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java index fefde85..b90d387 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java @@ -19,7 +19,6 @@ package org.apache.ranger.plugin.model; -import java.util.Comparator; import java.util.Date; import javax.xml.bind.annotation.XmlAccessType; @@ -41,6 +40,7 @@ public class RangerBaseModelObject implements java.io.Serializable { private Long id = null; private String guid = null; + private Boolean isEnabled = null; private String createdBy = null; private String updatedBy = null; private Date createTime = null; @@ -51,10 +51,11 @@ public class RangerBaseModelObject implements java.io.Serializable { * */ public RangerBaseModelObject() { + setIsEnabled(null); } public void updateFrom(RangerBaseModelObject other) { - // Nothing to copy + setIsEnabled(other.getIsEnabled()); } /** @@ -82,6 +83,18 @@ public class RangerBaseModelObject implements java.io.Serializable { this.guid = guid; } /** + * @return the isEnabled + */ + public Boolean getIsEnabled() { + return isEnabled; + } + /** + * @param isEnabled the isEnabled to set + */ + public void setIsEnabled(Boolean isEnabled) { + this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled; + } + /** * @return the createdBy */ public String getCreatedBy() { @@ -154,6 +167,7 @@ public class RangerBaseModelObject implements java.io.Serializable { public StringBuilder toString(StringBuilder sb) { sb.append("id={").append(id).append("} "); sb.append("guid={").append(guid).append("} "); + sb.append("isEnabled={").append(isEnabled).append("} "); sb.append("createdBy={").append(createdBy).append("} "); sb.append("updatedBy={").append(updatedBy).append("} "); sb.append("createTime={").append(createTime).append("} "); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java index b874751..78ba6e2 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java @@ -45,7 +45,6 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria private String service = null; private String name = null; private String description = null; - private Boolean isEnabled = null; private Boolean isAuditEnabled = null; private Map<String, RangerPolicyResource> resources = null; private List<RangerPolicyItem> policyItems = null; @@ -55,35 +54,36 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria * @param type */ public RangerPolicy() { - this(null, null, null, null, null, null); + this(null, null, null, null, null); } /** * @param type * @param name * @param description - * @param isEnabled - * @param configs + * @param resources + * @param policyItems */ - public RangerPolicy(String service, String name, String description, Boolean isEnabled, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) { + public RangerPolicy(String service, String name, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) { super(); setService(service); setName(name); setDescription(description); - setIsEnabled(isEnabled); setIsAuditEnabled(null); setResources(resources); setPolicyItems(policyItems); } + /** + * @param other + */ public void updateFrom(RangerPolicy other) { super.updateFrom(other); setService(other.getService()); setName(other.getName()); setDescription(other.getDescription()); - setIsEnabled(other.getIsEnabled()); setIsAuditEnabled(other.getIsAuditEnabled()); setResources(other.getResources()); setPolicyItems(other.getPolicyItems()); @@ -132,20 +132,6 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria } /** - * @return the isEnabled - */ - public Boolean getIsEnabled() { - return isEnabled; - } - - /** - * @param isEnabled the isEnabled to set - */ - public void setIsEnabled(Boolean isEnabled) { - this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled; - } - - /** * @return the isAuditEnabled */ public Boolean getIsAuditEnabled() { @@ -232,7 +218,6 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria sb.append("service={").append(service).append("} "); sb.append("name={").append(name).append("} "); sb.append("description={").append(description).append("} "); - sb.append("isEnabled={").append(isEnabled).append("} "); sb.append("isAuditEnabled={").append(isAuditEnabled).append("} "); sb.append("resources={"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java index a810a1a..f5e4d3e 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java @@ -44,7 +44,6 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri private String type = null; private String name = null; private String description = null; - private Boolean isEnabled = null; private Map<String, String> configs = null; private Long policyVersion = null; private Date policyUpdateTime = null; @@ -54,33 +53,33 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri * @param type */ public RangerService() { - this(null, null, null, null, null); + this(null, null, null, null); } /** * @param type * @param name * @param description - * @param isEnabled * @param configs */ - public RangerService(String type, String name, String description, Boolean isEnabled, Map<String, String> configs) { + public RangerService(String type, String name, String description, Map<String, String> configs) { super(); setType(type); setName(name); setDescription(description); - setIsEnabled(isEnabled); setConfigs(configs); } + /** + * @param other + */ public void updateFrom(RangerService other) { super.updateFrom(other); setType(other.getType()); setName(other.getName()); setDescription(other.getDescription()); - setIsEnabled(other.getIsEnabled()); setConfigs(other.getConfigs()); } @@ -127,20 +126,6 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri } /** - * @return the isEnabled - */ - public Boolean getIsEnabled() { - return isEnabled; - } - - /** - * @param isEnabled the isEnabled to set - */ - public void setIsEnabled(Boolean isEnabled) { - this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled; - } - - /** * @return the configs */ public Map<String, String> getConfigs() { @@ -212,7 +197,6 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri sb.append("name={").append(name).append("} "); sb.append("type={").append(type).append("} "); sb.append("description={").append(description).append("} "); - sb.append("isEnabled={").append(isEnabled).append("} "); sb.append("configs={"); if(configs != null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java index cf3fdb1..2841a23 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java @@ -58,6 +58,17 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S this(null, null, null, null, null, null, null, null, null); } + /** + * @param name + * @param implClass + * @param label + * @param description + * @param configs + * @param resources + * @param accessTypes + * @param policyConditions + * @param enums + */ public RangerServiceDef(String name, String implClass, String label, String description, List<RangerServiceConfigDef> configs, List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes, List<RangerPolicyConditionDef> policyConditions, List<RangerEnumDef> enums) { super(); @@ -72,7 +83,12 @@ public class RangerServiceDef extends RangerBaseModelObject implements java.io.S setEnums(enums); } + /** + * @param other + */ public void updateFrom(RangerServiceDef other) { + super.updateFrom(other); + setName(other.getName()); setImplClass(other.getImplClass()); setLabel(other.getLabel()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStoreFactory.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStoreFactory.java b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStoreFactory.java index 3d45f89..f9a2404 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStoreFactory.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/store/ServiceStoreFactory.java @@ -22,7 +22,6 @@ package org.apache.ranger.plugin.store; import java.util.HashMap; import java.util.Map; -import org.apache.commons.collections.MapUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ranger.authorization.hadoop.config.RangerConfiguration; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java b/plugin-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java index 9fda5bd..b51c160 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java @@ -20,7 +20,6 @@ package org.apache.ranger.plugin.store.file; import java.util.ArrayList; -import java.util.Collection; import java.util.Collections; import java.util.Comparator; import java.util.Date; @@ -37,6 +36,7 @@ import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.fs.Path; +import org.apache.ranger.plugin.model.RangerBaseModelObject; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; @@ -270,10 +270,10 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { List<RangerServiceDef> ret = getAllServiceDefs(); - if(ret != null && filter != null) { + if(ret != null && filter != null && !filter.isEmpty()) { CollectionUtils.filter(ret, getPredicate(filter)); - Comparator<RangerServiceDef> comparator = getServiceDefComparator(filter); + Comparator<RangerBaseModelObject> comparator = getSorter(filter); if(comparator != null) { Collections.sort(ret, comparator); @@ -455,10 +455,10 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { List<RangerService> ret = getAllServices(); - if(ret != null && filter != null) { + if(ret != null && filter != null && !filter.isEmpty()) { CollectionUtils.filter(ret, getPredicate(filter)); - Comparator<RangerService> comparator = getServiceComparator(filter); + Comparator<RangerBaseModelObject> comparator = getSorter(filter); if(comparator != null) { Collections.sort(ret, comparator); @@ -636,10 +636,10 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { List<RangerPolicy> ret = getAllPolicies(); - if(ret != null) { + if(ret != null && filter != null && !filter.isEmpty()) { CollectionUtils.filter(ret, getPredicate(filter)); - Comparator<RangerPolicy> comparator = getPolicyComparator(filter); + Comparator<RangerBaseModelObject> comparator = getSorter(filter); if(comparator != null) { Collections.sort(ret, comparator); @@ -740,7 +740,7 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { } if(ret != null && ret.getPolicies() != null) { - Collections.sort(ret.getPolicies(), policyIdComparator); + Collections.sort(ret.getPolicies(), idComparator); } return ret; @@ -907,7 +907,7 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { } if(ret != null) { - Collections.sort(ret, serviceDefIdComparator); + Collections.sort(ret, idComparator); for(RangerServiceDef sd : ret) { Collections.sort(sd.getResources(), resourceLevelComparator); @@ -937,7 +937,7 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { } if(ret != null) { - Collections.sort(ret, serviceIdComparator); + Collections.sort(ret, idComparator); } return ret; @@ -959,7 +959,7 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { } if(ret != null) { - Collections.sort(ret, policyIdComparator); + Collections.sort(ret, idComparator); } if(LOG.isDebugEnabled()) { @@ -993,121 +993,110 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { return service != null ? service.getId() : null; } - private final static Comparator<RangerServiceDef> serviceDefNameComparator = new Comparator<RangerServiceDef>() { + private final static Comparator<RangerBaseModelObject> idComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerServiceDef o1, RangerServiceDef o2) { - String name1 = (o1 == null) ? null : o1.getName(); - String name2 = (o2 == null) ? null : o2.getName(); - - if(name1 == null) { - return -1; - } else if(name2 == null) { - return 1; - } else { - return name1.compareTo(name2); - } + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Long val1 = (o1 != null) ? o1.getId() : null; + Long val2 = (o2 != null) ? o2.getId() : null; + + return ObjectUtils.compare(val1, val2); } }; - private final static Comparator<RangerServiceDef> serviceDefIdComparator = new Comparator<RangerServiceDef>() { + private final static Comparator<RangerBaseModelObject> createTimeComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerServiceDef o1, RangerServiceDef o2) { - long id1 = (o1 == null || o1.getId() == null) ? 0 : o1.getId().longValue(); - long id2 = (o2 == null || o2.getId() == null) ? 0 : o2.getId().longValue(); - - if(id1 < id2) { - return -1; - } else if(id1 > id2) { - return 1; - } else { - return 0; - } + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Date val1 = (o1 != null) ? o1.getCreateTime() : null; + Date val2 = (o2 != null) ? o2.getCreateTime() : null; + + return ObjectUtils.compare(val1, val2); } }; - private final static Comparator<RangerService> serviceNameComparator = new Comparator<RangerService>() { + private final static Comparator<RangerBaseModelObject> updateTimeComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerService o1, RangerService o2) { - String name1 = (o1 == null) ? null : o1.getName(); - String name2 = (o2 == null) ? null : o2.getName(); - - if(name1 == null) { - return -1; - } else if(name2 == null) { - return 1; - } else { - return name1.compareTo(name2); - } + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Date val1 = (o1 != null) ? o1.getUpdateTime() : null; + Date val2 = (o2 != null) ? o2.getUpdateTime() : null; + + return ObjectUtils.compare(val1, val2); } }; - private final static Comparator<RangerService> serviceIdComparator = new Comparator<RangerService>() { + private final static Comparator<RangerBaseModelObject> serviceDefNameComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerService o1, RangerService o2) { - long id1 = (o1 == null || o1.getId() == null) ? 0 : o1.getId().longValue(); - long id2 = (o2 == null || o2.getId() == null) ? 0 : o2.getId().longValue(); - - if(id1 < id2) { - return -1; - } else if(id1 > id2) { - return 1; - } else { - return 0; + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = null; + String val2 = null; + + if(o1 != null) { + if(o1 instanceof RangerServiceDef) { + val1 = ((RangerServiceDef)o1).getName(); + } else if(o1 instanceof RangerService) { + val1 = ((RangerService)o1).getType(); + } + } + + if(o2 != null) { + if(o2 instanceof RangerServiceDef) { + val2 = ((RangerServiceDef)o2).getName(); + } else if(o2 instanceof RangerService) { + val2 = ((RangerService)o2).getType(); + } } + + return ObjectUtils.compare(val1, val2); } }; - private final static Comparator<RangerPolicy> policyNameComparator = new Comparator<RangerPolicy>() { + private final static Comparator<RangerBaseModelObject> serviceNameComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerPolicy o1, RangerPolicy o2) { - String name1 = (o1 == null) ? null : o1.getName(); - String name2 = (o2 == null) ? null : o2.getName(); - - if(name1 == null) { - return -1; - } else if(name2 == null) { - return 1; - } else { - return name1.compareTo(name2); + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = null; + String val2 = null; + + if(o1 != null) { + if(o1 instanceof RangerPolicy) { + val1 = ((RangerPolicy)o1).getService(); + } else if(o1 instanceof RangerService) { + val1 = ((RangerService)o1).getType(); + } + } + + if(o2 != null) { + if(o2 instanceof RangerPolicy) { + val2 = ((RangerPolicy)o2).getService(); + } else if(o2 instanceof RangerService) { + val2 = ((RangerService)o2).getType(); + } } + + return ObjectUtils.compare(val1, val2); } }; - private final static Comparator<RangerPolicy> policyIdComparator = new Comparator<RangerPolicy>() { + private final static Comparator<RangerBaseModelObject> policyNameComparator = new Comparator<RangerBaseModelObject>() { @Override - public int compare(RangerPolicy o1, RangerPolicy o2) { - long id1 = (o1 == null || o1.getId() == null) ? 0 : o1.getId().longValue(); - long id2 = (o2 == null || o2.getId() == null) ? 0 : o2.getId().longValue(); - - if(id1 < id2) { - return -1; - } else if(id1 > id2) { - return 1; - } else { - return 0; - } + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = (o1 != null && o1 instanceof RangerPolicy) ? ((RangerPolicy)o1).getName() : null; + String val2 = (o2 != null && o2 instanceof RangerPolicy) ? ((RangerPolicy)o2).getName() : null; + + return ObjectUtils.compare(val1, val2); } }; private final static Comparator<RangerResourceDef> resourceLevelComparator = new Comparator<RangerResourceDef>() { @Override public int compare(RangerResourceDef o1, RangerResourceDef o2) { - long level1 = (o1 == null || o1.getLevel() == null) ? 0l : o1.getLevel().longValue(); - long level2 = (o2 == null || o2.getLevel() == null) ? 0l : o2.getLevel().longValue(); - - if(level1 < level2) { - return -1; - } else if(level1 > level2) { - return 1; - } else { - return 0; - } + Integer val1 = (o1 != null) ? o1.getLevel() : null; + Integer val2 = (o2 != null) ? o2.getLevel() : null; + + return ObjectUtils.compare(val1, val2); } }; - private Predicate getPredicate(SearchFilter filter) { - if(filter == null) { + if(filter == null || filter.isEmpty()) { return null; } @@ -1120,6 +1109,7 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { addPredicateForServiceId(filter.getParam(SearchFilter.SERVICE_ID), predicates); addPredicateForPolicyName(filter.getParam(SearchFilter.POLICY_NAME), predicates); addPredicateForPolicyId(filter.getParam(SearchFilter.POLICY_ID), predicates); + addPredicateForStatus(filter.getParam(SearchFilter.STATUS), predicates); addPredicateForUserName(filter.getParam(SearchFilter.USER), predicates); addPredicateForGroupName(filter.getParam(SearchFilter.GROUP), predicates); addPredicateForResources(filter.getParamsWithPrefix(SearchFilter.RESOURCE_PREFIX, true), predicates); @@ -1129,56 +1119,27 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { return ret; } - private Comparator<RangerServiceDef> getServiceDefComparator(SearchFilter filter) { - String sortBy = filter == null ? null : filter.getParam(SearchFilter.SORT_BY); - - if(StringUtils.isEmpty(sortBy)) { - return null; - } - - Comparator<RangerServiceDef> ret = null; - - if(StringUtils.equals(sortBy, SearchFilter.SERVICE_TYPE)) { - ret = serviceDefNameComparator; - } else if(StringUtils.equals(sortBy, SearchFilter.SERVICE_TYPE_ID)) { - ret = serviceDefIdComparator; - } - - return ret; - } - - private Comparator<RangerService> getServiceComparator(SearchFilter filter) { - String sortBy = filter == null ? null : filter.getParam(SearchFilter.SORT_BY); + private static Map<String, Comparator<RangerBaseModelObject>> sorterMap = new HashMap<String, Comparator<RangerBaseModelObject>>(); - if(StringUtils.isEmpty(sortBy)) { - return null; - } - - Comparator<RangerService> ret = null; - - if(StringUtils.equals(sortBy, SearchFilter.SERVICE_NAME)) { - ret = serviceNameComparator; - } else if(StringUtils.equals(sortBy, SearchFilter.SERVICE_TYPE_ID)) { - ret = serviceIdComparator; - } - - return ret; + static { + sorterMap.put(SearchFilter.SERVICE_TYPE, serviceDefNameComparator); + sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); + sorterMap.put(SearchFilter.SERVICE_NAME, serviceNameComparator); + sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); + sorterMap.put(SearchFilter.POLICY_NAME, policyNameComparator); + sorterMap.put(SearchFilter.POLICY_ID, idComparator); + sorterMap.put(SearchFilter.CREATE_TIME, createTimeComparator); + sorterMap.put(SearchFilter.UPDATE_TIME, updateTimeComparator); } - private Comparator<RangerPolicy> getPolicyComparator(SearchFilter filter) { + private Comparator<RangerBaseModelObject> getSorter(SearchFilter filter) { String sortBy = filter == null ? null : filter.getParam(SearchFilter.SORT_BY); if(StringUtils.isEmpty(sortBy)) { return null; } - Comparator<RangerPolicy> ret = null; - - if(StringUtils.equals(sortBy, SearchFilter.POLICY_NAME)) { - ret = policyNameComparator; - } else if(StringUtils.equals(sortBy, SearchFilter.POLICY_ID)) { - ret = policyIdComparator; - } + Comparator<RangerBaseModelObject> ret = sorterMap.get(sortBy); return ret; } @@ -1211,10 +1172,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { break; } } - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1281,17 +1240,15 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { boolean ret = false; - if(object instanceof RangerPolicy) { - ret = true; // nothing to do here - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { + if(object instanceof RangerServiceDef) { RangerServiceDef serviceDef = (RangerServiceDef)object; Long svcDefId = serviceDef.getId(); if(svcDefId != null) { ret = StringUtils.equals(serviceTypeId, svcDefId.toString()); } + } else { + ret = true; } return ret; @@ -1327,8 +1284,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { RangerService service = (RangerService)object; ret = StringUtils.equals(serviceName, service.getName()); - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1369,8 +1326,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { if(service.getId() != null) { ret = StringUtils.equals(serviceId, service.getId().toString()); } - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1402,10 +1359,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { RangerPolicy policy = (RangerPolicy)object; ret = StringUtils.equals(policyName, policy.getName()); - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1439,10 +1394,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { if(policy.getId() != null) { ret = StringUtils.equals(policyId, policy.getId().toString()); } - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1480,10 +1433,8 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { break; } } - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; @@ -1521,10 +1472,45 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { break; } } - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForStatus(final String status, List<Predicate> predicates) { + if(StringUtils.isEmpty(status)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerBaseModelObject) { + RangerBaseModelObject obj = (RangerBaseModelObject)object; + + if(StringUtils.equals(status, "enabled")) { + ret = obj.getIsEnabled(); + } else if(StringUtils.equals(status, "disabled")) { + ret = !obj.getIsEnabled(); + } + } else { + ret = true; } return ret; @@ -1562,11 +1548,18 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { RangerPolicyResource policyResource = policy.getResources().get(name); - if(policyResource != null && CollectionUtils.isEmpty(policyResource.getValues())) { - if(policyResource.getValues().contains(name)) { + if(policyResource != null && !CollectionUtils.isEmpty(policyResource.getValues())) { + String val = resources.get(name); + + if(policyResource.getValues().contains(val)) { isMatch = true; } else { - // TODO: wildcard match + for(String policyResourceValue : policyResource.getValues()) { + if(policyResourceValue.contains(val)) { // TODO: consider match for wildcard in policyResourceValue? + isMatch = true; + break; + } + } } } @@ -1577,12 +1570,10 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { } } - ret = numFound == policy.getResources().size(); + ret = numFound == resources.size(); } - } else if(object instanceof RangerService) { - ret = true; // nothing to do here - } else if(object instanceof RangerServiceDef) { - ret = true; // nothing to do here + } else { + ret = true; } return ret; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/plugin-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java index 282246f..ab8384c 100644 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java +++ b/plugin-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java @@ -27,17 +27,19 @@ import org.apache.commons.lang.StringUtils; public class SearchFilter { - public static final String LOGIN_USER = "loginUser"; - public static final String SERVICE_TYPE = "serviceType"; - public static final String SERVICE_TYPE_ID = "serviceTypeId"; - public static final String SERVICE_NAME = "serviceName"; - public static final String SERVICE_ID = "serviceId"; - public static final String POLICY_NAME = "policyName"; - public static final String POLICY_ID = "policyId"; - public static final String RESOURCE_PREFIX = "resource:"; - public static final String STATUS = "status"; - public static final String USER = "user"; - public static final String GROUP = "group"; + public static final String LOGIN_USER = "loginUser"; // search + public static final String SERVICE_TYPE = "serviceType"; // search, sort + public static final String SERVICE_TYPE_ID = "serviceTypeId"; // search, sort + public static final String SERVICE_NAME = "serviceName"; // search, sort + public static final String SERVICE_ID = "serviceId"; // search, sort + public static final String POLICY_NAME = "policyName"; // search, sort + public static final String POLICY_ID = "policyId"; // search, sort + public static final String STATUS = "status"; // search + public static final String USER = "user"; // search + public static final String GROUP = "group"; // search + public static final String RESOURCE_PREFIX = "resource:"; // search + public static final String CREATE_TIME = "createTime"; // sort + public static final String UPDATE_TIME = "updateTime"; // sort public static final String START_INDEX = "startIndex"; public static final String PAGE_SIZE = "pageSize"; public static final String SORT_BY = "sortBy"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java b/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java index a365240..4771085 100644 --- a/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java +++ b/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java @@ -104,7 +104,7 @@ public class TestServiceStore { int initServiceCount = services == null ? 0 : services.size(); - RangerService svc = new RangerService(sdName, serviceName, "test service description", Boolean.TRUE, null); + RangerService svc = new RangerService(sdName, serviceName, "test service description", null); RangerService createdSvc = svcStore.createService(svc); assertNotNull("createService() failed", createdSvc); @@ -134,7 +134,7 @@ public class TestServiceStore { int initPolicyCount = policies == null ? 0 : policies.size(); - RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, "test policy description", Boolean.TRUE, null, null); + RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, "test policy description", null, null); policy.getResources().put("path", new RangerPolicyResource("/demo/test/finance", Boolean.FALSE, Boolean.TRUE)); RangerPolicyItem item1 = new RangerPolicyItem(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java b/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java index 3dedbec..4cf7e3c 100644 --- a/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java +++ b/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java @@ -82,7 +82,7 @@ public class TestPolicyRefresher { refresher.start(); // create a service - svc = new RangerService(sdName, svcName, "test service description", Boolean.TRUE, null); + svc = new RangerService(sdName, svcName, "test service description", null); svc = svcStore.createService(svc); assertNotNull("createService(" + svcName + ") failed", svc); @@ -116,7 +116,7 @@ public class TestPolicyRefresher { public void testRefresher() throws Exception { assertEquals("policy count - initial", 0, policyCount); - RangerPolicy policy = new RangerPolicy(svc.getName(), "policy1", "test policy description", Boolean.TRUE, null, null); + RangerPolicy policy = new RangerPolicy(svc.getName(), "policy1", "test policy description", null, null); policy.getResources().put("table", new RangerPolicyResource("employee", Boolean.FALSE, Boolean.TRUE)); policy.getResources().put("column-family", new RangerPolicyResource("personal", Boolean.FALSE, Boolean.TRUE)); policy.getResources().put("column", new RangerPolicyResource("ssn", Boolean.FALSE, Boolean.TRUE)); @@ -135,7 +135,7 @@ public class TestPolicyRefresher { policy1 = svcStore.createPolicy(policy); - policy = new RangerPolicy(svc.getName(), "policy2", "test policy description", Boolean.TRUE, null, null); + policy = new RangerPolicy(svc.getName(), "policy2", "test policy description", null, null); policy.getResources().put("table", new RangerPolicyResource("employee", Boolean.FALSE, Boolean.TRUE)); policy.getResources().put("column-family", new RangerPolicyResource("finance", Boolean.FALSE, Boolean.TRUE)); policy.getResources().put("column", new RangerPolicyResource("balance", Boolean.FALSE, Boolean.TRUE)); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9784f534/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index b834d22..645f8d1 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -220,6 +220,7 @@ public class ServiceREST { @POST @Path("/services") @Produces({ "application/json", "application/xml" }) + @PreAuthorize("hasRole('ROLE_SYS_ADMIN')") public RangerService createService(RangerService service) { if(LOG.isDebugEnabled()) { LOG.debug("==> ServiceREST.createService(" + service + ")"); @@ -243,6 +244,7 @@ public class ServiceREST { @PUT @Path("/services/{id}") @Produces({ "application/json", "application/xml" }) + @PreAuthorize("hasRole('ROLE_SYS_ADMIN')") public RangerService updateService(RangerService service) { if(LOG.isDebugEnabled()) { LOG.debug("==> ServiceREST.updateService(): " + service); @@ -461,7 +463,6 @@ public class ServiceREST { @DELETE @Path("/policies/{id}") @Produces({ "application/json", "application/xml" }) - @PreAuthorize("hasRole('ROLE_SYS_ADMIN')") public void deletePolicy(@PathParam("id") Long id) { if(LOG.isDebugEnabled()) { LOG.debug("==> ServiceREST.deletePolicy(" + id + ")"); @@ -655,6 +656,7 @@ public class ServiceREST { ret.setParam(SearchFilter.SERVICE_ID, request.getParameter(SearchFilter.SERVICE_ID)); ret.setParam(SearchFilter.POLICY_NAME, request.getParameter(SearchFilter.POLICY_NAME)); ret.setParam(SearchFilter.POLICY_ID, request.getParameter(SearchFilter.POLICY_ID)); + ret.setParam(SearchFilter.STATUS, request.getParameter(SearchFilter.STATUS)); ret.setParam(SearchFilter.USER, request.getParameter(SearchFilter.USER)); ret.setParam(SearchFilter.GROUP, request.getParameter(SearchFilter.GROUP)); ret.setParam(SearchFilter.SORT_BY, request.getParameter(SearchFilter.SORT_BY));
