Repository: incubator-ranger Updated Branches: refs/heads/stack 46633a9ed -> 217e18924
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java b/plugin-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java deleted file mode 100644 index f1c8adf..0000000 --- a/plugin-common/src/main/java/org/apache/ranger/plugin/util/ServicePolicies.java +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.plugin.util; - - -import java.util.Date; -import java.util.List; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlRootElement; - -import org.apache.ranger.plugin.model.RangerPolicy; -import org.apache.ranger.plugin.model.RangerServiceDef; -import org.codehaus.jackson.annotate.JsonAutoDetect; -import org.codehaus.jackson.annotate.JsonIgnoreProperties; -import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility; -import org.codehaus.jackson.map.annotate.JsonSerialize; - -@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY) -@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL ) -@JsonIgnoreProperties(ignoreUnknown=true) -@XmlRootElement -@XmlAccessorType(XmlAccessType.FIELD) -public class ServicePolicies implements java.io.Serializable { - private static final long serialVersionUID = 1L; - - private String serviceName; - private Long serviceId; - private RangerServiceDef serviceDef; - private Long policyVersion; - private Date policyUpdateTime; - private List<RangerPolicy> policies; - - - /** - * @return the serviceName - */ - public String getServiceName() { - return serviceName; - } - /** - * @param serviceName the serviceName to set - */ - public void setServiceName(String serviceName) { - this.serviceName = serviceName; - } - /** - * @return the serviceId - */ - public Long getServiceId() { - return serviceId; - } - /** - * @param serviceId the serviceId to set - */ - public void setServiceId(Long serviceId) { - this.serviceId = serviceId; - } - /** - * @return the serviceDef - */ - public RangerServiceDef getServiceDef() { - return serviceDef; - } - /** - * @param serviceDef the serviceDef to set - */ - public void setServiceDef(RangerServiceDef serviceDef) { - this.serviceDef = serviceDef; - } - /** - * @return the policyVersion - */ - public Long getPolicyVersion() { - return policyVersion; - } - /** - * @param policyVersion the policyVersion to set - */ - public void setPolicyVersion(Long policyVersion) { - this.policyVersion = policyVersion; - } - /** - * @return the policyUpdateTime - */ - public Date getPolicyUpdateTime() { - return policyUpdateTime; - } - /** - * @param policyUpdateTime the policyUpdateTime to set - */ - public void setPolicyUpdateTime(Date policyUpdateTime) { - this.policyUpdateTime = policyUpdateTime; - } - /** - * @return the policies - */ - public List<RangerPolicy> getPolicies() { - return policies; - } - /** - * @param policies the policies to set - */ - public void setPolicies(List<RangerPolicy> policies) { - this.policies = policies; - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json deleted file mode 100644 index e04ee15..0000000 --- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hbase.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "id":2, - "name":"hbase", - "implClass":"org.apache.ranger.services.hbase.RangerServiceHBase", - "label":"HBase", - "description":"HBase", - "guid":"d6cea1f0-2509-4791-8fc1-7b092399ba3b", - "createTime":"20141208-22:50:22.426--0800", - "updateTime":"20141208-22:50:22.426--0800", - "version":1, - "enums": - [ - { - "name":"authnType", - "elements": - [ - {"name":"simple", "label":"Simple"}, - {"name":"kerberos","label":"Kerberos"} - ], - "defaultIndex":0 - } - ], - "configs": - [ - {"name":"username", "type":"string", "subType":"", "mandatory":true, "label":"Username"}, - {"name":"password", "type":"password","subType":"", "mandatory":true, "label":"Password"}, - {"name":"hadoop.security.authentication", "type":"enum", "subType":"authnType","mandatory":true, "defaultValue":"simple"}, - {"name":"hbase.master.kerberos.principal", "type":"string", "subType":"", "mandatory":false,"defaultValue":""}, - {"name":"hbase.security.authentication", "type":"enum", "subType":"authnType","mandatory":true, "defaultValue":"simple"}, - {"name":"hbase.zookeeper.property.clientPort","type":"int", "subType":"", "mandatory":true, "defaultValue":"2181"}, - {"name":"hbase.zookeeper.quorum", "type":"string", "subType":"", "mandatory":true, "defaultValue":""}, - {"name":"zookeeper.znode.parent", "type":"string", "subType":"", "mandatory":true, "defaultValue":"/hbase"} - ], - "resources": - [ - {"name":"table", "type":"string","level":1,"parent":"", "mandatory":true,"lookupSupported":true, "recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Table","description":"HBase Table"}, - {"name":"column-family","type":"string","level":2,"parent":"table", "mandatory":true,"lookupSupported":true, "recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column-family","description":"HBase Column-family"}, - {"name":"column", "type":"string","level":3,"parent":"column-family","mandatory":true,"lookupSupported":false,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column","description":"HBase Column"} - ], - "accessTypes": - [ - {"name":"read", "label":"Read"}, - {"name":"write", "label":"Write"}, - {"name":"create","label":"Create"}, - {"name":"admin", "label":"Admin","impliedGrants":["read","write","create"]} - ], - "policyConditions": - [ - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json deleted file mode 100644 index cf8f008..0000000 --- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hdfs.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "id":1, - "name":"hdfs", - "implClass":"org.apache.ranger.services.hdfs.RangerServiceHdfs", - "label":"HDFS Repository", - "description":"HDFS Repository", - "guid":"0d047247-bafe-4cf8-8e9b-d5d377284b2d", - "createTime":"20141208-22:04:25.233--0800", - "updateTime":"20141208-22:04:25.233--0800", - "version":1, - "enums": - [ - { - "name":"authnType", - "elements": - [ - {"name":"simple", "label":"Simple"}, - {"name":"kerberos","label":"Kerberos"} - ], - "defaultIndex":0 - }, - { - "name":"rpcProtection", - "elements": - [ - {"name":"authentication","label":"Authentication"}, - {"name":"integrity", "label":"Integrity"}, - {"name":"privacy", "label":"Privacy"} - ], - "defaultIndex":0 - }, - ], - "configs": - [ - {"name":"username", "type":"string", "subType":"", "mandatory":true, "label":"Username"}, - {"name":"password", "type":"password","subType":"", "mandatory":true, "label":"Password"}, - {"name":"fs.default.name", "type":"string", "subType":"", "mandatory":true, "label":"Namenode URL"}, - {"name":"hadoop.security.authorization", "type":"bool", "subType":"TrueFalse", "mandatory":true, "defaultValue":"false"}, - {"name":"hadoop.security.authentication", "type":"enum", "subType":"authnType", "mandatory":true, "defaultValue":"simple"}, - {"name":"hadoop.security.auth_to_local", "type":"string", "subType":"", "mandatory":false}, - {"name":"dfs.datanode.kerberos.principal", "type":"string", "subType":"", "mandatory":false}, - {"name":"dfs.namenode.kerberos.principal", "type":"string", "subType":"", "mandatory":false}, - {"name":"dfs.secondary.namenode.kerberos.principal","type":"string", "subType":"", "mandatory":false}, - {"name":"hadoop.rpc.protection", "type":"enum", "subType":"rpcProtection","mandatory":false,"defaultValue":"authentication"}, - {"name":"certificate.cn", "type":"string", "subType":"", "mandatory":false,"label":"Common Name for Certificate"} - ], - "resources": - [ - {"name":"path","type":"path","level":1,"parent":"","mandatory":true,"lookupSupported":true,"recursiveSupported":true,"excludesSupported":false,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Resource Path","description":"HDFS file or directory path"} - ], - "accessTypes": - [ - {"name":"read","label":"Read"}, - {"name":"write","label":"Write"}, - {"name":"execute","label":"Execute"} - ], - "policyConditions": - [ - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json deleted file mode 100644 index 6414fe3..0000000 --- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-hive.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "id":3, - "name":"hive", - "implClass":"org.apache.ranger.services.hive.RangerServiceHive", - "label":"Hive Server2", - "description":"Hive Server2", - "guid":"3e1afb5a-184a-4e82-9d9c-87a5cacc243c", - "createTime":"20141208-22:51:20.732--0800", - "updateTime":"20141208-22:51:20.732--0800", - "version":1, - "enums": - [ - ], - "configs": - [ - {"name":"username", "type":"string", "mandatory":true, "label":"Username"}, - {"name":"password", "type":"password","mandatory":true, "label":"Password"}, - {"name":"jdbc.driverClassName","type":"string", "mandatory":true, "defaultValue":"org.apache.hive.jdbc.HiveDriver"}, - {"name":"jdbc.url", "type":"string", "mandatory":true, "defaultValue":""}, - {"name":"certificate.cn", "type":"string", "mandatory":false,"label":"Common Name for Certificate"} - ], - "resources": - [ - {"name":"database","type":"string","level":1,"parent":"", "mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Database","description":"Hive Database"}, - {"name":"table", "type":"string","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Table","description":"Hive Table"}, - {"name":"udf", "type":"string","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive UDF","description":"Hive UDF"}, - {"name":"column", "type":"string","level":3,"parent":"table", "mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Column","description":"Hive Column"} - ], - "accessTypes": - [ - {"name":"select","label":"select"}, - {"name":"update","label":"update"}, - {"name":"create","label":"Create"}, - {"name":"drop", "label":"Drop"}, - {"name":"alter", "label":"Alter"}, - {"name":"index", "label":"Index"}, - {"name":"lock", "label":"Lock"}, - {"name":"all", "label":"All"} - ], - "policyConditions": - [ - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json deleted file mode 100644 index f6a7157..0000000 --- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-knox.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "id":5, - "name":"knox", - "implClass":"org.apache.ranger.services.knox.RangerServiceKnox", - "label":"Knox Gateway", - "description":"Knox Gateway", - "guid":"84b481b5-f23b-4f71-b8b6-ab33977149ca", - "createTime":"20141208-22:48:42.238--0800", - "updateTime":"20141208-22:48:42.238--0800", - "version":1, - "enums": - [ - ], - "configs": - [ - {"name":"username", "type":"string", "mandatory":true, "label":"Username"}, - {"name":"password", "type":"password","mandatory":true, "label":"Password"}, - {"name":"knox.url", "type":"string", "mandatory":true, "defaultValue":""}, - {"name":"certificate.cn","type":"string", "mandatory":false,"label":"Common Name for Certificate"} - ], - "resources": - [ - {"name":"topology","type":"string","level":1,"parent":"", "mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Topology","description":"Knox Topology"}, - {"name":"service", "type":"string","level":2,"parent":"topology","mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Knox Service","description":"Knox Service"} - ], - "accessTypes": - [ - {"name":"allow","label":"Allow"} - ], - "policyConditions": - [ - {"name":"ip-range","evaluator":"org.apache.ranger.knox.IpRangeCondition","evaluatorOptions":"","label":"IP Address Range","description":"IP Address Range"} - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json b/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json deleted file mode 100644 index fce10c0..0000000 --- a/plugin-common/src/main/resources/service-defs/ranger-servicedef-storm.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "id":6, - "name":"storm", - "implClass":"org.apache.ranger.services.storm.RangerServiceStorm", - "label":"Storm", - "description":"Storm", - "guid":"2a60f427-edcf-4e20-834c-a9a267b5b963", - "createTime":"20141208-22:55:47.095--0800", - "updateTime":"20141208-22:55:47.095--0800", - "version":1, - "enums": - [ - ], - "configs": - [ - {"name":"username", "type":"string", "mandatory":true, "label":"Username"}, - {"name":"password", "type":"password","mandatory":true, "label":"Password"}, - {"name":"nimbus.url", "type":"string", "mandatory":true, "label":"Nimbus URL","defaultValue":""}, - {"name":"certificate.cn","type":"string", "mandatory":false,"label":"Common Name for Certificate"} - ], - "resources": - [ - {"name":"topology","type":"string","level":1,"mandatory":true,"lookupSupported":true,"recursiveSupported":false,"excludesSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Storm Topology","description":"Storm Topology"} - ], - "accessTypes": - [ - {"name":"topology-submit", "label":"Submit Topology"}, - {"name":"file-upload", "label":"File Upload"}, - {"name":"nimbus-conf-get", "label":"Get Nimbus Conf"}, - {"name":"cluster-conf-get", "label":"Get Cluster Conf"}, - {"name":"cluster-info-get", "label":"Get Cluster Info"}, - {"name":"file-download", "label":"File Download"}, - {"name":"topology-kill", "label":"Kill Topology"}, - {"name":"rebalance", "label":"Rebalance"}, - {"name":"activate", "label":"Activate"}, - {"name":"deactivate", "label":"Deactivate"}, - {"name":"topology-conf-get", "label":"Get Topology Conf"}, - {"name":"topology-get", "label":"Get Topology"}, - {"name":"topology-user-get", "label":"Get User Topology"}, - {"name":"topology-info-get", "label":"Get Topology Info"}, - {"name":"new-credential-upload","label":"Upload New Credential"} - ], - "policyConditions": - [ - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java b/plugin-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java deleted file mode 100644 index f940c30..0000000 --- a/plugin-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.plugin.policyengine; - -import static org.junit.Assert.*; - -import java.io.InputStream; -import java.io.InputStreamReader; -import java.lang.reflect.Type; -import java.util.List; - -import org.apache.ranger.plugin.model.RangerPolicy; -import org.apache.ranger.plugin.model.RangerServiceDef; -import org.apache.ranger.plugin.policyengine.TestPolicyEngine.PolicyEngineTestCase.TestData; -import org.junit.AfterClass; -import org.junit.BeforeClass; -import org.junit.Test; - -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; -import com.google.gson.JsonDeserializationContext; -import com.google.gson.JsonDeserializer; -import com.google.gson.JsonElement; -import com.google.gson.JsonParseException; - - -public class TestPolicyEngine { - static RangerPolicyEngineImpl policyEngine = null; - static Gson gsonBuilder = null; - - - @BeforeClass - public static void setUpBeforeClass() throws Exception { - policyEngine = new RangerPolicyEngineImpl(); - gsonBuilder = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z") - .setPrettyPrinting() - .registerTypeAdapter(RangerAccessRequest.class, new RangerAccessRequestDeserializer()) - .registerTypeAdapter(RangerResource.class, new RangerResourceDeserializer()) - .create(); - } - - @AfterClass - public static void tearDownAfterClass() throws Exception { - } - - @Test - public void testPolicyEngine_hdfs() { - String[] hdfsTestResourceFiles = { "/policyengine/test_policyengine_hdfs.json" }; - - runTestsFromResourceFiles(hdfsTestResourceFiles); - } - - @Test - public void testPolicyEngine_hive() { - String[] hiveTestResourceFiles = { "/policyengine/test_policyengine_hive.json" }; - - runTestsFromResourceFiles(hiveTestResourceFiles); - } - - @Test - public void testPolicyEngine_hbase() { - String[] hbaseTestResourceFiles = { "/policyengine/test_policyengine_hbase.json" }; - - runTestsFromResourceFiles(hbaseTestResourceFiles); - } - - private void runTestsFromResourceFiles(String[] resourceNames) { - for(String resourceName : resourceNames) { - InputStream inStream = this.getClass().getResourceAsStream(resourceName); - InputStreamReader reader = new InputStreamReader(inStream); - - runTests(reader, resourceName); - } - } - - private void runTests(InputStreamReader reader, String testName) { - try { - PolicyEngineTestCase testCase = gsonBuilder.fromJson(reader, PolicyEngineTestCase.class); - - assertTrue("invalid input: " + testName, testCase != null && testCase.serviceDef != null && testCase.policies != null && testCase.tests != null); - - policyEngine.setPolicies(testCase.serviceName, testCase.serviceDef, testCase.policies); - - for(TestData test : testCase.tests) { - RangerAccessResult expected = test.result; - RangerAccessResult result = policyEngine.isAccessAllowed(test.request, null); - - assertNotNull(test.name, result); - assertEquals(test.name, expected.getIsAllowed(), result.getIsAllowed()); - assertEquals(test.name, expected.getIsAudited(), result.getIsAudited()); - assertEquals(test.name, expected.getPolicyId(), result.getPolicyId()); - } - } catch(Throwable excp) { - excp.printStackTrace(); - } - - } - - static class PolicyEngineTestCase { - public String serviceName; - public RangerServiceDef serviceDef; - public List<RangerPolicy> policies; - public List<TestData> tests; - - class TestData { - public String name; - public RangerAccessRequest request; - public RangerAccessResult result; - } - } - - static class RangerAccessRequestDeserializer implements JsonDeserializer<RangerAccessRequest> { - @Override - public RangerAccessRequest deserialize(JsonElement jsonObj, Type type, - JsonDeserializationContext context) throws JsonParseException { - return gsonBuilder.fromJson(jsonObj, RangerAccessRequestImpl.class); - } - } - - static class RangerResourceDeserializer implements JsonDeserializer<RangerResource> { - @Override - public RangerResource deserialize(JsonElement jsonObj, Type type, - JsonDeserializationContext context) throws JsonParseException { - return gsonBuilder.fromJson(jsonObj, RangerResourceImpl.class); - } - } -} - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java b/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java deleted file mode 100644 index 4771085..0000000 --- a/plugin-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.plugin.store; - -import static org.junit.Assert.*; - -import java.util.List; - -import org.apache.ranger.plugin.model.RangerPolicy; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess; -import org.apache.ranger.plugin.model.RangerService; -import org.apache.ranger.plugin.model.RangerServiceDef; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; -import org.apache.ranger.plugin.store.ServiceStore; -import org.apache.ranger.plugin.store.ServiceStoreFactory; -import org.apache.ranger.plugin.util.SearchFilter; -import org.apache.ranger.plugin.util.ServicePolicies; -import org.junit.BeforeClass; -import org.junit.Test; - -public class TestServiceStore { - static ServiceStore svcStore = null; - static SearchFilter filter = null; - - static final String sdName = "svcDef-unit-test-TestServiceStore"; - static final String serviceName = "svc-unit-test-TestServiceStore"; - static final String policyName = "testPolicy-1"; - - @BeforeClass - public static void setupTest() throws Exception { - svcStore = ServiceStoreFactory.instance().getServiceStore(); - - // cleanup if the test service and service-def if they already exist - List<RangerService> services = svcStore.getServices(filter); - for(RangerService service : services) { - if(service.getName().startsWith(serviceName)) { - svcStore.deleteService(service.getId()); - } - } - - List<RangerServiceDef> serviceDefs = svcStore.getServiceDefs(filter); - for(RangerServiceDef serviceDef : serviceDefs) { - if(serviceDef.getName().startsWith(sdName)) { - svcStore.deleteServiceDef(serviceDef.getId()); - } - } - } - - @Test - public void testServiceStore() throws Exception { - String updatedName, updatedDescription; - - List<RangerServiceDef> sds = svcStore.getServiceDefs(filter); - - int initSdCount = sds == null ? 0 : sds.size(); - - RangerServiceDef sd = new RangerServiceDef(sdName, "org.apache.ranger.services.TestService", "TestService", "test servicedef description", null, null, null, null, null); - - RangerServiceDef createdSd = svcStore.createServiceDef(sd); - assertNotNull("createServiceDef() failed", createdSd != null); - - sds = svcStore.getServiceDefs(filter); - assertEquals("createServiceDef() failed", initSdCount + 1, sds == null ? 0 : sds.size()); - - updatedDescription = sd.getDescription() + ": updated"; - createdSd.setDescription(updatedDescription); - RangerServiceDef updatedSd = svcStore.updateServiceDef(createdSd); - assertNotNull("updateServiceDef(updatedDescription) failed", updatedSd); - assertEquals("updateServiceDef(updatedDescription) failed", updatedDescription, updatedSd.getDescription()); - - sds = svcStore.getServiceDefs(filter); - assertEquals("updateServiceDef(updatedDescription) failed", initSdCount + 1, sds == null ? 0 : sds.size()); - - /* - updatedName = sd.getName() + "-Renamed"; - updatedSd.setName(updatedName); - updatedSd = sdMgr.update(updatedSd); - assertNotNull("updateServiceDef(updatedName) failed", updatedSd); - assertEquals("updateServiceDef(updatedName) failed", updatedName, updatedSd.getName()); - - sds = getAllServiceDef(); - assertEquals("updateServiceDef(updatedName) failed", initSdCount + 1, sds == null ? 0 : sds.size()); - */ - - List<RangerService> services = svcStore.getServices(filter); - - int initServiceCount = services == null ? 0 : services.size(); - - RangerService svc = new RangerService(sdName, serviceName, "test service description", null); - - RangerService createdSvc = svcStore.createService(svc); - assertNotNull("createService() failed", createdSvc); - - services = svcStore.getServices(filter); - assertEquals("createServiceDef() failed", initServiceCount + 1, services == null ? 0 : services.size()); - - updatedDescription = createdSvc.getDescription() + ": updated"; - createdSvc.setDescription(updatedDescription); - RangerService updatedSvc = svcStore.updateService(createdSvc); - assertNotNull("updateService(updatedDescription) failed", updatedSvc); - assertEquals("updateService(updatedDescription) failed", updatedDescription, updatedSvc.getDescription()); - - services = svcStore.getServices(filter); - assertEquals("updateService(updatedDescription) failed", initServiceCount + 1, services == null ? 0 : services.size()); - - updatedName = serviceName + "-Renamed"; - updatedSvc.setName(updatedName); - updatedSvc = svcStore.updateService(updatedSvc); - assertNotNull("updateService(updatedName) failed", updatedSvc); - assertEquals("updateService(updatedName) failed", updatedName, updatedSvc.getName()); - - services = svcStore.getServices(filter); - assertEquals("updateService(updatedName) failed", initServiceCount + 1, services == null ? 0 : services.size()); - - List<RangerPolicy> policies = svcStore.getPolicies(filter); - - int initPolicyCount = policies == null ? 0 : policies.size(); - - RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, "test policy description", null, null); - policy.getResources().put("path", new RangerPolicyResource("/demo/test/finance", Boolean.FALSE, Boolean.TRUE)); - - RangerPolicyItem item1 = new RangerPolicyItem(); - item1.getAccesses().add(new RangerPolicyItemAccess("read")); - item1.getAccesses().add(new RangerPolicyItemAccess("write")); - item1.getAccesses().add(new RangerPolicyItemAccess("execute")); - item1.getUsers().add("admin"); - item1.getGroups().add("finance"); - - RangerPolicyItem item2 = new RangerPolicyItem(); - item2.getAccesses().add(new RangerPolicyItemAccess("read")); - item2.getGroups().add("public"); - - policy.getPolicyItems().add(item1); - policy.getPolicyItems().add(item2); - - RangerPolicy createdPolicy = svcStore.createPolicy(policy); - assertNotNull(createdPolicy); - assertNotNull(createdPolicy.getPolicyItems()); - assertEquals(createdPolicy.getPolicyItems().size(), 2); - - RangerPolicyItem createItem1 = createdPolicy.getPolicyItems().get(0); - RangerPolicyItem createItem2 = createdPolicy.getPolicyItems().get(1); - - assertNotNull(createItem1.getAccesses()); - assertEquals(createItem1.getAccesses().size(), 3); - assertNotNull(createItem1.getUsers()); - assertEquals(createItem1.getUsers().size(), 1); - assertNotNull(createItem1.getGroups()); - assertEquals(createItem1.getGroups().size(), 1); - - assertNotNull(createItem2.getAccesses()); - assertEquals(createItem2.getAccesses().size(), 1); - assertNotNull(createItem2.getUsers()); - assertEquals(createItem2.getUsers().size(), 0); - assertNotNull(createItem2.getGroups()); - assertEquals(createItem2.getGroups().size(), 1); - - policies = svcStore.getPolicies(filter); - assertEquals("createPolicy() failed", initPolicyCount + 1, policies == null ? 0 : policies.size()); - - updatedDescription = policy.getDescription() + ":updated"; - createdPolicy.setDescription(updatedDescription); - RangerPolicy updatedPolicy = svcStore.updatePolicy(createdPolicy); - assertNotNull("updatePolicy(updatedDescription) failed", updatedPolicy != null); - - policies = svcStore.getPolicies(filter); - assertEquals("updatePolicy(updatedDescription) failed", initPolicyCount + 1, policies == null ? 0 : policies.size()); - - updatedName = policyName + "-Renamed"; - updatedPolicy.setName(updatedName); - updatedPolicy = svcStore.updatePolicy(updatedPolicy); - assertNotNull("updatePolicy(updatedName) failed", updatedPolicy); - - policies = svcStore.getPolicies(filter); - assertEquals("updatePolicy(updatedName) failed", initPolicyCount + 1, policies == null ? 0 : policies.size()); - - // rename the service; all the policies for this service should reflect the new service name - updatedName = serviceName + "-Renamed2"; - updatedSvc.setName(updatedName); - updatedSvc = svcStore.updateService(updatedSvc); - assertNotNull("updateService(updatedName2) failed", updatedSvc); - assertEquals("updateService(updatedName2) failed", updatedName, updatedSvc.getName()); - - services = svcStore.getServices(filter); - assertEquals("updateService(updatedName2) failed", initServiceCount + 1, services == null ? 0 : services.size()); - - updatedPolicy = svcStore.getPolicy(createdPolicy.getId()); - assertNotNull("updateService(updatedName2) failed", updatedPolicy); - assertEquals("updateService(updatedName2) failed", updatedPolicy.getService(), updatedSvc.getName()); - - ServicePolicies svcPolicies = svcStore.getServicePoliciesIfUpdated(updatedSvc.getName(), 0l); - assertNotNull("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies); - assertNotNull("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getPolicies()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getServiceName(), updatedSvc.getName()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getServiceId(), updatedSvc.getId()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getPolicyVersion(), updatedSvc.getPolicyVersion()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getPolicyUpdateTime(), updatedSvc.getPolicyUpdateTime()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getServiceDef().getId(), updatedSd.getId()); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getPolicies().size(), 1); - assertEquals("getServicePolicies(" + updatedSvc.getName() + ") failed", svcPolicies.getPolicies().get(0).getName(), updatedPolicy.getName()); - - ServicePolicies updatedPolicies = svcStore.getServicePoliciesIfUpdated(updatedSvc.getName(), svcPolicies.getPolicyVersion()); - assertNotNull(updatedPolicies); - assertEquals(0, updatedPolicies.getPolicies().size()); - - filter = new SearchFilter(); - filter.setParam(SearchFilter.POLICY_NAME, policyName); - policies = svcStore.getPolicies(filter); - assertEquals("getPolicies(filter=origPolicyName) failed", 0, policies == null ? 0 : policies.size()); - filter = null; - - filter = new SearchFilter(); - filter.setParam(SearchFilter.POLICY_NAME, updatedPolicy.getName()); - policies = svcStore.getPolicies(filter); - assertEquals("getPolicies(filter=origPolicyName) failed", 1, policies == null ? 0 : policies.size()); - filter = null; - - svcStore.deletePolicy(policy.getId()); - policies = svcStore.getPolicies(filter); - assertEquals("deletePolicy() failed", initPolicyCount, policies == null ? 0 : policies.size()); - - svcStore.deleteService(svc.getId()); - services = svcStore.getServices(filter); - assertEquals("deleteService() failed", initServiceCount, services == null ? 0 : services.size()); - - svcStore.deleteServiceDef(sd.getId()); - sds = svcStore.getServiceDefs(filter); - assertEquals("deleteServiceDef() failed", initSdCount, sds == null ? 0 : sds.size()); - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java b/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java deleted file mode 100644 index 4cf7e3c..0000000 --- a/plugin-common/src/test/java/org/apache/ranger/plugin/util/TestPolicyRefresher.java +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.plugin.util; - -import static org.junit.Assert.*; - -import java.util.List; - -import org.apache.ranger.plugin.model.RangerPolicy; -import org.apache.ranger.plugin.model.RangerService; -import org.apache.ranger.plugin.model.RangerServiceDef; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; -import org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl; -import org.apache.ranger.plugin.store.ServiceStore; -import org.apache.ranger.plugin.store.ServiceStoreFactory; -import org.junit.AfterClass; -import org.junit.BeforeClass; -import org.junit.Test; - - -public class TestPolicyRefresher { - static RangerPolicyEngineImpl policyEngine = null; - static ServiceStore svcStore = null; - static PolicyRefresher refresher = null; - - static final long pollingIntervalInMs = 5 * 1000; - static final long sleepTimeInMs = pollingIntervalInMs + (5 * 1000); - static final String sdName = "hbase"; - static final String svcName = "svc-unit-test-TestPolicyRefresher"; - - static RangerService svc = null; - static RangerPolicy policy1 = null; - static RangerPolicy policy2 = null; - - static boolean isPolicyRefreshed = false; - static long policyCount = 0; - - - /** - * @throws java.lang.Exception - */ - @BeforeClass - public static void setUpBeforeClass() throws Exception { - svcStore = ServiceStoreFactory.instance().getServiceStore(); - - // cleanup if the test service already exists - svc = svcStore.getServiceByName(svcName); - if(svc != null) { - svcStore.deleteService(svc.getId()); - } - - policyEngine = new RangerPolicyEngineImpl() { - @Override - public void setPolicies(String serviceName, RangerServiceDef serviceDef, List<RangerPolicy> policies) { - isPolicyRefreshed = true; - policyCount = policies != null ? policies.size() : 0; - - super.setPolicies(serviceName, serviceDef, policies); - } - }; - - refresher = new PolicyRefresher(policyEngine, sdName, svcName, svcStore, pollingIntervalInMs, null); - refresher.start(); - - // create a service - svc = new RangerService(sdName, svcName, "test service description", null); - - svc = svcStore.createService(svc); - assertNotNull("createService(" + svcName + ") failed", svc); - } - - /** - * @throws java.lang.Exception - */ - @AfterClass - public static void tearDownAfterClass() throws Exception { - if(refresher != null) { - refresher.stopRefresher(); - } - - if(svcStore != null) { - if(policy1 != null) { - svcStore.deletePolicy(policy1.getId()); - } - - if(policy2 != null) { - svcStore.deletePolicy(policy2.getId()); - } - - if(svc != null) { - svcStore.deleteService(svc.getId()); - } - } - } - - @Test - public void testRefresher() throws Exception { - assertEquals("policy count - initial", 0, policyCount); - - RangerPolicy policy = new RangerPolicy(svc.getName(), "policy1", "test policy description", null, null); - policy.getResources().put("table", new RangerPolicyResource("employee", Boolean.FALSE, Boolean.TRUE)); - policy.getResources().put("column-family", new RangerPolicyResource("personal", Boolean.FALSE, Boolean.TRUE)); - policy.getResources().put("column", new RangerPolicyResource("ssn", Boolean.FALSE, Boolean.TRUE)); - - RangerPolicyItem item1 = new RangerPolicyItem(); - item1.getAccesses().add(new RangerPolicyItemAccess("admin")); - item1.getUsers().add("admin"); - item1.getGroups().add("hr"); - - RangerPolicyItem item2 = new RangerPolicyItem(); - item2.getAccesses().add(new RangerPolicyItemAccess("read")); - item2.getGroups().add("public"); - - policy.getPolicyItems().add(item1); - policy.getPolicyItems().add(item2); - - policy1 = svcStore.createPolicy(policy); - - policy = new RangerPolicy(svc.getName(), "policy2", "test policy description", null, null); - policy.getResources().put("table", new RangerPolicyResource("employee", Boolean.FALSE, Boolean.TRUE)); - policy.getResources().put("column-family", new RangerPolicyResource("finance", Boolean.FALSE, Boolean.TRUE)); - policy.getResources().put("column", new RangerPolicyResource("balance", Boolean.FALSE, Boolean.TRUE)); - - item1 = new RangerPolicyItem(); - item1.getAccesses().add(new RangerPolicyItemAccess("admin")); - item1.getUsers().add("admin"); - item1.getGroups().add("finance"); - - policy.getPolicyItems().add(item1); - - policy2 = svcStore.createPolicy(policy); - - Thread.sleep(sleepTimeInMs); - assertTrue("policy refresh - after two new policies", isPolicyRefreshed); - assertEquals("policy count - after two new policies", 2, policyCount); - isPolicyRefreshed = false; - - Thread.sleep(sleepTimeInMs); - assertFalse("policy refresh - after no new policies", isPolicyRefreshed); - assertEquals("policy count - after no new policies", 2, policyCount); - isPolicyRefreshed = false; - - item2 = new RangerPolicyItem(); - item2.getAccesses().add(new RangerPolicyItemAccess("read")); - item2.getGroups().add("public"); - policy2.getPolicyItems().add(item2); - - policy2 = svcStore.updatePolicy(policy2); - - Thread.sleep(sleepTimeInMs); - assertTrue("policy refresh - after update policy", isPolicyRefreshed); - assertEquals("policy count - after update policy", 2, policyCount); - isPolicyRefreshed = false; - - svcStore.deletePolicy(policy2.getId()); - - Thread.sleep(sleepTimeInMs); - assertTrue("policy refresh - after delete policy", isPolicyRefreshed); - assertEquals("policy count - after delete policy", 1, policyCount); - isPolicyRefreshed = false; - policy2 = null; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/resources/policyengine/test_policyengine_hbase.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/resources/policyengine/test_policyengine_hbase.json b/plugin-common/src/test/resources/policyengine/test_policyengine_hbase.json deleted file mode 100644 index 35768cb..0000000 --- a/plugin-common/src/test/resources/policyengine/test_policyengine_hbase.json +++ /dev/null @@ -1,159 +0,0 @@ -{ - "serviceName":"hbasedev", - - "serviceDef":{ - "name":"hbase", - "id":2, - "resources":[ - {"name":"table","level":1,"parent":"","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Table","description":"HBase Table"}, - {"name":"column-family","level":2,"table":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column-Family","description":"HBase Column-Family"}, - {"name":"column","level":3,"parent":"column-family","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"HBase Column","description":"HBase Column"} - ], - "accessTypes":[ - {"name":"read","label":"Read"}, - {"name":"write","label":"Write"}, - {"name":"create","label":"Create"}, - {"name":"admin","label":"Admin","impliedGrants":["read","write","create"]} - ] - }, - - "policies":[ - {"id":1,"name":"table=finance; column-family=restricted*: audit-all-access","isEnabled":true,"isAuditEnabled":true, - "resources":{"table":{"values":["finance"]},"column-family":{"values":["restricted*"]}}, - "policyItems":[ - {"accesses":[],"users":[],"groups":["public"],"delegateAdmin":false} - ] - } - , - {"id":2,"name":"table=finance; column-family=restricted*","isEnabled":true,"isAuditEnabled":true, - "resources":{"table":{"values":["finance"]},"column-family":{"values":["restricted*"]}}, - "policyItems":[ - {"accesses":[{"type":"read","isAllowed":true},{"type":"write","isAllowed":true}],"users":[],"groups":["finance"],"delegateAdmin":false} - , - {"accesses":[{"type":"admin","isAllowed":true}],"users":[],"groups":["finance-admin"],"delegateAdmin":true} - ] - } - , - {"id":3,"name":"table=*; column-family=<excluding>restricted*","isEnabled":true,"isAuditEnabled":false, - "resources":{"table":{"values":["*"]},"column-family":{"values":["restricted*"],"isExcludes":true}}, - "policyItems":[ - {"accesses":[{"type":"read","isAllowed":true}],"users":[],"groups":["public"],"delegateAdmin":false} - ] - } - ], - - "tests":[ - {"name":"ALLOW 'scan finance restricted-cf;' for finance", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"read","user":"user1","userGroups":["users","finance"],"requestData":"scan finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'put finance restricted-cf;' for finance", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"write","user":"user1","userGroups":["users","finance"],"requestData":"put finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'create finance restricted-cf;' for finance", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"create","user":"user1","userGroups":["users","finance"],"requestData":"create finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'grant finance restricted-cf;' for finance", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"admin","user":"user1","userGroups":["users","finance"],"requestData":"grant finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'scan finance restricted-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"read","user":"user1","userGroups":["users"],"requestData":"scan finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'put finance restricted-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"write","user":"user1","userGroups":["users"],"requestData":"put finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'create finance restricted-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"create","user":"user1","userGroups":["users"],"requestData":"create finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'grant finance restricted-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"admin","user":"user1","userGroups":["users"],"requestData":"grant finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'scan finance restricted-cf;' for finance-admin", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"read","user":"user1","userGroups":["users","finance-admin"],"requestData":"scan finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'put finance restricted-cf;' for finance-admin", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"write","user":"user1","userGroups":["users","finance-admin"],"requestData":"put finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'create finance restricted-cf;' for finance-admin", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"create","user":"user1","userGroups":["users","finance-admin"],"requestData":"create finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'grant finance restricted-cf;' for finance-admin", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"restricted-cf"}}, - "accessType":"admin","user":"user1","userGroups":["users","finance-admin"],"requestData":"grant finance restricted-cf" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'scan finance regular-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"regular-cf"}}, - "accessType":"read","user":"user1","userGroups":["users"],"requestData":"scan finance regular-cf" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":3} - } - , - {"name":"DENY 'put finance regular-cf;' for user1", - "request":{ - "resource":{"elements":{"table":"finance","column-family":"regular-cf"}}, - "accessType":"write","user":"user1","userGroups":["users"],"requestData":"put finance regular-cf" - }, - "result":{"isAudited":false,"isAllowed":false,"policyId":-1} - } - ] -} - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/resources/policyengine/test_policyengine_hdfs.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/resources/policyengine/test_policyengine_hdfs.json b/plugin-common/src/test/resources/policyengine/test_policyengine_hdfs.json deleted file mode 100644 index 943fe80..0000000 --- a/plugin-common/src/test/resources/policyengine/test_policyengine_hdfs.json +++ /dev/null @@ -1,156 +0,0 @@ -{ - "serviceName":"hdfsdev", - - "serviceDef":{ - "name":"hdfs", - "id":1, - "resources":[ - {"name":"path","type":"path","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerPathResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Resource Path","description":"HDFS file or directory path"} - ], - "accessTypes":[ - {"name":"read","label":"Read"}, - {"name":"write","label":"Write"}, - {"name":"execute","label":"Execute"} - ] - }, - - "policies":[ - {"id":1,"name":"audit-all-access under /finance/restricted/","isEnabled":true,"isAuditEnabled":true, - "resources":{"path":{"values":["/finance/restricted/"],"isRecursive":true}}, - "policyItems":[ - {"accesses":[],"users":[],"groups":["public"],"delegateAdmin":false} - ] - } - , - {"id":2,"name":"allow-read-to-all under /public/","isEnabled":true,"isAuditEnabled":false, - "resources":{"path":{"values":["/public/"],"isRecursive":true}}, - "policyItems":[ - {"accesses":[{"type":"read","isAllowed":true},{"type":"execute","isAllowed":true}],"users":[],"groups":["public"],"delegateAdmin":false} - ] - } - , - {"id":3,"name":"allow-read-to-finance under /finance/restricted","isEnabled":true,"isAuditEnabled":true, - "resources":{"path":{"values":["/finance/restricted"],"isRecursive":true}}, - "policyItems":[ - {"accesses":[{"type":"read","isAllowed":true}],"users":[],"groups":["finance"],"delegateAdmin":false} - ] - } - ], - - "tests":[ - {"name":"ALLOW 'read /finance/restricted/sales.db' for g=finance", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/sales.db"}}, - "accessType":"read","user":"user1","userGroups":["finance"],"requestData":"read /finance/restricted/sales.db" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":3} - } - , - {"name":"ALLOW 'read /finance/restricted/hr/payroll.db' for g=finance", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/hr/payroll.db"}}, - "accessType":"read","user":"user1","userGroups":["finance"],"requestData":"read /finance/restricted/hr/payroll.db" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":3} - } - , - {"name":"DENY 'read /operations/visitors.db' for g=finance", - "request":{ - "resource":{"elements":{"path":"/operations/visitors.db"}}, - "accessType":"read","user":"user1","userGroups":["finance"],"requestData":"read /operations/visitors.db" - }, - "result":{"isAudited":false,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'read /public/technology/blogs.db' for g=finance", - "request":{ - "resource":{"elements":{"path":"/public/technology/blogs.db"}}, - "accessType":"read","user":"user1","userGroups":["finance"],"requestData":"read /public/technology/blogs.db" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":2} - } - , - - {"name":"DENY 'read /finance/restricted/sales.db' for g=hr", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/sales.db"}}, - "accessType":"read","user":"user1","userGroups":["hr"],"requestData":"read /finance/restricted/sales.db" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"FALSE 'read /finance/restricted/hr/payroll.db' for g=hr", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/hr/payroll.db"}}, - "accessType":"read","user":"user1","userGroups":["hr"],"requestData":"read /finance/restricted/hr/payroll.db" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'read /operations/visitors.db' for g=hr", - "request":{ - "resource":{"elements":{"path":"/operations/visitors.db"}}, - "accessType":"read","user":"user1","userGroups":["hr"],"requestData":"read /operations/visitors.db" - }, - "result":{"isAudited":false,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'read /public/technology/blogs.db' for g=hr", - "request":{ - "resource":{"elements":{"path":"/public/technology/blogs.db"}}, - "accessType":"read","user":"user1","userGroups":["hr"],"requestData":"read /public/technology/blogs.db" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":2} - } - , - - {"name":"DENY 'read /finance/restricted/sales.db' for u=user1", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/sales.db"}}, - "accessType":"read","user":"user1","userGroups":[],"requestData":"read /finance/restricted/sales.db" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'read /finance/restricted/hr/payroll.db' for u=user1", - "request":{ - "resource":{"elements":{"path":"/finance/restricted/hr/payroll.db"}}, - "accessType":"read","user":"user1","userGroups":[],"requestData":"read /finance/restricted/hr/payroll.db" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'read /operations/visitors.db' for u=user1", - "request":{ - "resource":{"elements":{"path":"/operations/visitors.db"}}, - "accessType":"read","user":"user1","userGroups":[],"requestData":"read /operations/visitors.db" - }, - "result":{"isAudited":false,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'read /public/technology/blogs.db' for u=user1", - "request":{ - "resource":{"elements":{"path":"/public/technology/blogs.db"}}, - "accessType":"read","user":"user1","userGroups":[],"requestData":"read /public/technology/blogs.db" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'read /public/technology' for u=user1", - "request":{ - "resource":{"elements":{"path":"/public/technology/blogs.db"}}, - "accessType":"read","user":"user1","userGroups":[],"requestData":"read /public/technology/blogs.db" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'read /public/technology' for u=user1", - "request":{ - "resource":{"elements":{"path":"/public/technology/blogs.db"}}, - "accessType":"execute","user":"user1","userGroups":[],"requestData":"read /public/technology/blogs.db" - }, - "result":{"isAudited":false,"isAllowed":true,"policyId":2} - } - ] -} - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/plugin-common/src/test/resources/policyengine/test_policyengine_hive.json ---------------------------------------------------------------------- diff --git a/plugin-common/src/test/resources/policyengine/test_policyengine_hive.json b/plugin-common/src/test/resources/policyengine/test_policyengine_hive.json deleted file mode 100644 index 2ac90ae..0000000 --- a/plugin-common/src/test/resources/policyengine/test_policyengine_hive.json +++ /dev/null @@ -1,261 +0,0 @@ -{ - "serviceName":"hivedev", - - "serviceDef":{ - "name":"hive", - "id":3, - "resources":[ - {"name":"database","level":1,"mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Database","description":"Hive Database"}, - {"name":"table","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Table","description":"Hive Table"}, - {"name":"udf","level":2,"parent":"database","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive UDF","description":"Hive UDF"}, - {"name":"column","level":3,"parent":"table","mandatory":true,"lookupSupported":true,"matcher":"org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher","matcherOptions":"wildCard=true;ignoreCase=true","label":"Hive Column","description":"Hive Column"} - ], - "accessTypes":[ - {"name":"select","label":"Select"}, - {"name":"update","label":"Update"}, - {"name":"create","label":"Create"}, - {"name":"drop","label":"Drop"}, - {"name":"alter","label":"Alter"}, - {"name":"index","label":"Index"}, - {"name":"lock","label":"Lock"}, - {"name":"all","label":"All"} - ] - }, - - "policies":[ - {"id":1,"name":"db=default: audit-all-access","isEnabled":true,"isAuditEnabled":true, - "resources":{"database":{"values":["default"]},"table":{"values":["*"]},"column":{"values":["*"]}}, - "policyItems":[ - {"accesses":[],"users":[],"groups":["public"],"delegateAdmin":false} - ] - } - , - {"id":2,"name":"db=default; table=test*; column=*","isEnabled":true,"isAuditEnabled":true, - "resources":{"database":{"values":["default"]},"table":{"values":["test*"]},"column":{"values":["*"]}}, - "policyItems":[ - {"accesses":[{"type":"select","isAllowed":true}],"users":["user1","user2"],"groups":["group1","group2"],"delegateAdmin":false} - , - {"accesses":[{"type":"create","isAllowed":true},{"type":"drop","isAllowed":true}],"users":["admin"],"groups":["admin"],"delegateAdmin":true} - ] - } - ], - - "tests":[ - {"name":"ALLOW 'use default;' for user1", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user1","userGroups":["users"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'use default;' for user2", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user2","userGroups":["users"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'use default;' to user3", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user3","userGroups":["users"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'use default;' to group1", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user3","userGroups":["users", "group1"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'use default;' to group2", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user3","userGroups":["users", "group2"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'use default;' to user3/group3", - "request":{ - "resource":{"elements":{"database":"default"}}, - "accessType":"","user":"user3","userGroups":["users", "group3"],"requestData":"use default" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'use finance;' to user3/group3", - "request":{ - "resource":{"elements":{"database":"finance"}}, - "accessType":"","user":"user1","userGroups":["users"],"requestData":"use finance" - }, - "result":{"isAudited":false,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'select col1 from default.testtable;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user1","userGroups":["users"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'select col1 from default.testtable;' to user2", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user2","userGroups":["users"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'select col1 from default.testtable;' to user3", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user3","userGroups":["users"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'select col1 from default.testtable;' to group1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user3","userGroups":["users","group1"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'select col1 from default.testtable;' to group2", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user3","userGroups":["users","group2"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'select col1 from default.testtable;' to user3/group3", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable","column":"col1"}}, - "accessType":"select","user":"user3","userGroups":["users","group3"],"requestData":"select col1 from default.testtable" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'select col1 from default.table1;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"table1","column":"col1"}}, - "accessType":"select","user":"user1","userGroups":["users"],"requestData":"select col1 from default.table1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'create table default.testtable1;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"create","user":"user1","userGroups":["users"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'create table default.testtable1;' to user1/group1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"create","user":"user1","userGroups":["users","group1"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'create table default.testtable1;' to admin", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"create","user":"admin","userGroups":["users"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'create table default.testtable1;' to user1/admin", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"create","user":"user1","userGroups":["users","admin"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'drop table default.testtable1;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"drop","user":"user1","userGroups":["users"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'drop table default.testtable1;' to user1/group1", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"drop","user":"user1","userGroups":["users","group1"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"ALLOW 'drop table default.testtable1;' to admin", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"drop","user":"admin","userGroups":["users"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"ALLOW 'drop table default.testtable1;' to user1/admin", - "request":{ - "resource":{"elements":{"database":"default","table":"testtable1"}}, - "accessType":"drop","user":"user1","userGroups":["users","admin"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":true,"policyId":2} - } - , - {"name":"DENY 'create table default.table1;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"table1"}}, - "accessType":"create","user":"user1","userGroups":["users"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'create table default.table1;' to user1/admin", - "request":{ - "resource":{"elements":{"database":"default","table":"table1"}}, - "accessType":"create","user":"user1","userGroups":["users","admin"],"requestData":"create table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'drop table default.table1;' to user1", - "request":{ - "resource":{"elements":{"database":"default","table":"table1"}}, - "accessType":"drop","user":"user1","userGroups":["users"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'drop table default.table1;' to user1/admin", - "request":{ - "resource":{"elements":{"database":"default","table":"table1"}}, - "accessType":"drop","user":"user1","userGroups":["users","admin"],"requestData":"drop table default.testtable1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - , - {"name":"DENY 'select col1 from default.table1;' to user3", - "request":{ - "resource":{"elements":{"database":"default","table":"table1","column":"col1"}}, - "accessType":"select","user":"user3","userGroups":["users"],"requestData":"select col1 from default.table1" - }, - "result":{"isAudited":true,"isAllowed":false,"policyId":-1} - } - ] -} - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index d65e5b7..3df871d 100644 --- a/pom.xml +++ b/pom.xml @@ -92,7 +92,6 @@ <module>ugsync</module> <module>unixauthclient</module> <module>unixauthservice</module> - <module>plugin-common</module> </modules> <properties> <javac.source.version>1.7</javac.source.version> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/security-admin/.gitignore ---------------------------------------------------------------------- diff --git a/security-admin/.gitignore b/security-admin/.gitignore index de3a426..798e8dd 100644 --- a/security-admin/.gitignore +++ b/security-admin/.gitignore @@ -1,3 +1,4 @@ /target/ /bin/ /bin/ +/target http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/security-admin/.settings/org.eclipse.wst.common.component ---------------------------------------------------------------------- diff --git a/security-admin/.settings/org.eclipse.wst.common.component b/security-admin/.settings/org.eclipse.wst.common.component index 1e1ed7d..ab287e8 100644 --- a/security-admin/.settings/org.eclipse.wst.common.component +++ b/security-admin/.settings/org.eclipse.wst.common.component @@ -10,7 +10,7 @@ <dependent-module archiveName="unixauthclient-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/unixauthclient/unixauthclient"> <dependency-type>uses</dependency-type> </dependent-module> - <dependent-module archiveName="plugin-common-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/plugin-common/plugin-common"> + <dependent-module archiveName="ranger-plugins-common-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ranger-plugins-common/ranger-plugins-common"> <dependency-type>uses</dependency-type> </dependent-module> <dependent-module archiveName="ranger-plugins-audit-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ranger-plugins-audit/ranger-plugins-audit"> @@ -19,9 +19,6 @@ <dependent-module archiveName="ranger-plugins-cred-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ranger-plugins-cred/ranger-plugins-cred"> <dependency-type>uses</dependency-type> </dependent-module> - <dependent-module archiveName="ranger-plugins-common-0.4.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/ranger-plugins-common/ranger-plugins-common"> - <dependency-type>uses</dependency-type> - </dependent-module> <property name="context-root" value="security-admin-web"/> <property name="java-output-path" value="/security-admin-web/target/classes"/> <property name="component.exclusion.patterns" value="WEB-INF/lib/spring-*.SEC03.jar,WEB-INF/lib/spring-*.RC3.jar,WEB-INF/lib/spring-2.*.jar"/> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/security-admin/pom.xml ---------------------------------------------------------------------- diff --git a/security-admin/pom.xml b/security-admin/pom.xml index 5badc65..2bf7a71 100644 --- a/security-admin/pom.xml +++ b/security-admin/pom.xml @@ -401,6 +401,11 @@ <artifactId>unixauthclient</artifactId> <version>${project.version}</version> </dependency> + <dependency> + <groupId>security_plugins.ranger-plugins-common</groupId> + <artifactId>ranger-plugins-common</artifactId> + <version>${project.version}</version> + </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-test</artifactId> @@ -412,18 +417,6 @@ <version>${hive.version}</version> <scope>runtime</scope> </dependency> - <!-- - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>plugin-common</artifactId> - <version>0.4.0</version> - </dependency> - --> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>plugin-common</artifactId> - <version>${project.version}</version> - </dependency> </dependencies> <build> <pluginManagement> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/storm-agent/.gitignore ---------------------------------------------------------------------- diff --git a/storm-agent/.gitignore b/storm-agent/.gitignore index de3a426..798e8dd 100644 --- a/storm-agent/.gitignore +++ b/storm-agent/.gitignore @@ -1,3 +1,4 @@ /target/ /bin/ /bin/ +/target http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/unixauthclient/.gitignore ---------------------------------------------------------------------- diff --git a/unixauthclient/.gitignore b/unixauthclient/.gitignore index 0f63015..20e1ada 100644 --- a/unixauthclient/.gitignore +++ b/unixauthclient/.gitignore @@ -1,2 +1,3 @@ /target/ /bin/ +/target
