RANGER-203: moved pluggable-service-model implementation from plugin-common to exiting project ranger-plugin-common
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/217e1892 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/217e1892 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/217e1892 Branch: refs/heads/master Commit: 217e18924017500a0871b2a7cb47d2095960b8cf Parents: 46633a9 Author: Madhan Neethiraj <[email protected]> Authored: Sat Jan 31 12:38:28 2015 -0800 Committer: Madhan Neethiraj <[email protected]> Committed: Sat Jan 31 12:38:28 2015 -0800 ---------------------------------------------------------------------- .../.settings/org.eclipse.core.resources.prefs | 3 + agents-common/pom.xml | 4 + .../ranger/plugin/audit/RangerAuditHandler.java | 31 + .../plugin/audit/RangerDefaultAuditHandler.java | 231 +++ .../plugin/model/RangerBaseModelObject.java | 179 ++ .../ranger/plugin/model/RangerPolicy.java | 686 ++++++++ .../ranger/plugin/model/RangerService.java | 216 +++ .../ranger/plugin/model/RangerServiceDef.java | 1320 +++++++++++++++ .../policyengine/RangerAccessRequest.java | 48 + .../policyengine/RangerAccessRequestImpl.java | 208 +++ .../plugin/policyengine/RangerAccessResult.java | 157 ++ .../policyengine/RangerMutableResource.java | 27 + .../plugin/policyengine/RangerPolicyEngine.java | 54 + .../policyengine/RangerPolicyEngineImpl.java | 254 +++ .../plugin/policyengine/RangerResource.java | 33 + .../plugin/policyengine/RangerResourceImpl.java | 107 ++ .../RangerAbstractPolicyEvaluator.java | 79 + .../RangerDefaultPolicyEvaluator.java | 446 +++++ .../policyevaluator/RangerPolicyEvaluator.java | 35 + .../RangerAbstractResourceMatcher.java | 226 +++ .../RangerDefaultResourceMatcher.java | 101 ++ .../RangerPathResourceMatcher.java | 151 ++ .../resourcematcher/RangerResourceMatcher.java | 35 + .../ranger/plugin/service/RangerBasePlugin.java | 178 ++ .../plugin/service/RangerBaseService.java | 55 + .../plugin/service/ResourceLookupContext.java | 72 + .../ranger/plugin/store/ServiceStore.java | 74 + .../plugin/store/ServiceStoreFactory.java | 113 ++ .../ranger/plugin/store/file/BaseFileStore.java | 390 +++++ .../plugin/store/file/ServiceFileStore.java | 1589 ++++++++++++++++++ .../plugin/store/rest/ServiceRESTStore.java | 609 +++++++ .../ranger/plugin/util/PolicyRefresher.java | 154 ++ .../ranger/plugin/util/RangerRESTClient.java | 376 +++++ .../apache/ranger/plugin/util/SearchFilter.java | 116 ++ .../ranger/plugin/util/ServicePolicies.java | 125 ++ .../service-defs/ranger-servicedef-hbase.json | 50 + .../service-defs/ranger-servicedef-hdfs.json | 60 + .../service-defs/ranger-servicedef-hive.json | 43 + .../service-defs/ranger-servicedef-knox.json | 34 + .../service-defs/ranger-servicedef-storm.json | 46 + .../plugin/policyengine/TestPolicyEngine.java | 145 ++ .../ranger/plugin/store/TestServiceStore.java | 248 +++ .../ranger/plugin/util/TestPolicyRefresher.java | 183 ++ .../policyengine/test_policyengine_hbase.json | 159 ++ .../policyengine/test_policyengine_hdfs.json | 156 ++ .../policyengine/test_policyengine_hive.json | 261 +++ agents-impl/.gitignore | 1 + hbase-agent/pom.xml | 5 - hdfs-agent/pom.xml | 5 - hive-agent/pom.xml | 5 - jisql/.gitignore | 4 + lookup-client/.gitignore | 1 + .../ranger/plugin/audit/RangerAuditHandler.java | 31 - .../plugin/audit/RangerDefaultAuditHandler.java | 231 --- .../plugin/model/RangerBaseModelObject.java | 179 -- .../ranger/plugin/model/RangerPolicy.java | 686 -------- .../ranger/plugin/model/RangerService.java | 216 --- .../ranger/plugin/model/RangerServiceDef.java | 1320 --------------- .../policyengine/RangerAccessRequest.java | 48 - .../policyengine/RangerAccessRequestImpl.java | 208 --- .../plugin/policyengine/RangerAccessResult.java | 157 -- .../policyengine/RangerMutableResource.java | 27 - .../plugin/policyengine/RangerPolicyEngine.java | 54 - .../policyengine/RangerPolicyEngineImpl.java | 254 --- .../plugin/policyengine/RangerResource.java | 33 - .../plugin/policyengine/RangerResourceImpl.java | 107 -- .../RangerAbstractPolicyEvaluator.java | 79 - .../RangerDefaultPolicyEvaluator.java | 446 ----- .../policyevaluator/RangerPolicyEvaluator.java | 35 - .../RangerAbstractResourceMatcher.java | 226 --- .../RangerDefaultResourceMatcher.java | 101 -- .../RangerPathResourceMatcher.java | 151 -- .../resourcematcher/RangerResourceMatcher.java | 35 - .../ranger/plugin/service/RangerBasePlugin.java | 178 -- .../plugin/service/RangerBaseService.java | 55 - .../plugin/service/ResourceLookupContext.java | 72 - .../ranger/plugin/store/ServiceStore.java | 74 - .../plugin/store/ServiceStoreFactory.java | 113 -- .../ranger/plugin/store/file/BaseFileStore.java | 390 ----- .../plugin/store/file/ServiceFileStore.java | 1589 ------------------ .../plugin/store/rest/ServiceRESTStore.java | 609 ------- .../ranger/plugin/util/PolicyRefresher.java | 154 -- .../ranger/plugin/util/RangerRESTClient.java | 376 ----- .../apache/ranger/plugin/util/SearchFilter.java | 116 -- .../ranger/plugin/util/ServicePolicies.java | 125 -- .../service-defs/ranger-servicedef-hbase.json | 50 - .../service-defs/ranger-servicedef-hdfs.json | 60 - .../service-defs/ranger-servicedef-hive.json | 43 - .../service-defs/ranger-servicedef-knox.json | 34 - .../service-defs/ranger-servicedef-storm.json | 46 - .../plugin/policyengine/TestPolicyEngine.java | 145 -- .../ranger/plugin/store/TestServiceStore.java | 248 --- .../ranger/plugin/util/TestPolicyRefresher.java | 183 -- .../policyengine/test_policyengine_hbase.json | 159 -- .../policyengine/test_policyengine_hdfs.json | 156 -- .../policyengine/test_policyengine_hive.json | 261 --- pom.xml | 1 - security-admin/.gitignore | 1 + .../.settings/org.eclipse.wst.common.component | 5 +- security-admin/pom.xml | 17 +- storm-agent/.gitignore | 1 + unixauthclient/.gitignore | 1 + 102 files changed, 9882 insertions(+), 9892 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/.settings/org.eclipse.core.resources.prefs ---------------------------------------------------------------------- diff --git a/agents-common/.settings/org.eclipse.core.resources.prefs b/agents-common/.settings/org.eclipse.core.resources.prefs index e9441bb..29abf99 100644 --- a/agents-common/.settings/org.eclipse.core.resources.prefs +++ b/agents-common/.settings/org.eclipse.core.resources.prefs @@ -1,3 +1,6 @@ eclipse.preferences.version=1 encoding//src/main/java=UTF-8 +encoding//src/main/resources=UTF-8 +encoding//src/test/java=UTF-8 +encoding//src/test/resources=UTF-8 encoding/<project>=UTF-8 http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/pom.xml ---------------------------------------------------------------------- diff --git a/agents-common/pom.xml b/agents-common/pom.xml index a26f45d..e2e904a 100644 --- a/agents-common/pom.xml +++ b/agents-common/pom.xml @@ -52,6 +52,10 @@ <artifactId>log4j</artifactId> <version>${log4j.version}</version> </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </dependency> <dependency> <groupId>security_plugins.ranger-plugins-audit</groupId> <artifactId>ranger-plugins-audit</artifactId> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java new file mode 100644 index 0000000..45a63c2 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerAuditHandler.java @@ -0,0 +1,31 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.audit; + +import java.util.Collection; + +import org.apache.ranger.plugin.policyengine.RangerAccessResult; + + +public interface RangerAuditHandler { + void logAudit(RangerAccessResult result); + + void logAudit(Collection<RangerAccessResult> results); +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java new file mode 100644 index 0000000..feb6e98 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java @@ -0,0 +1,231 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.audit; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.ranger.audit.model.AuthzAuditEvent; +import org.apache.ranger.audit.provider.AuditProviderFactory; +import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; +import org.apache.ranger.plugin.policyengine.RangerAccessRequest; +import org.apache.ranger.plugin.policyengine.RangerAccessResult; +import org.apache.ranger.plugin.policyengine.RangerResource; + + +public class RangerDefaultAuditHandler implements RangerAuditHandler { + private static final Log LOG = LogFactory.getLog(RangerDefaultAuditHandler.class); + + private static final String RESOURCE_SEP = "/"; + + + public RangerDefaultAuditHandler() { + } + + @Override + public void logAudit(RangerAccessResult result) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.logAudit(" + result + ")"); + } + + AuthzAuditEvent event = getAuthzEvents(result); + + logAuthzAudit(event); + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.logAudit(" + result + ")"); + } + } + + @Override + public void logAudit(Collection<RangerAccessResult> results) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.logAudit(" + results + ")"); + } + + Collection<AuthzAuditEvent> events = getAuthzEvents(results); + + logAuthzAudits(events); + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.logAudit(" + results + ")"); + } + } + + + public AuthzAuditEvent getAuthzEvents(RangerAccessResult result) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.getAuthzEvents(" + result + ")"); + } + + AuthzAuditEvent ret = null; + + RangerAccessRequest request = result != null ? result.getAccessRequest() : null; + + if(request != null && result != null && result.getIsAudited()) { + RangerServiceDef serviceDef = result.getServiceDef(); + String resourceType = getResourceName(request.getResource(), serviceDef); + String resourcePath = getResourceValueAsString(request.getResource(), serviceDef); + + ret = createAuthzAuditEvent(); + + ret.setRepositoryName(result.getServiceName()); + ret.setRepositoryType(result.getServiceType()); + ret.setResourceType(resourceType); + ret.setResourcePath(resourcePath); + ret.setRequestData(request.getRequestData()); + ret.setEventTime(request.getAccessTime()); + ret.setUser(request.getUser()); + ret.setAccessType(request.getAction()); + ret.setAccessResult((short)(result.getIsAllowed() ? 1 : 0)); + ret.setPolicyId(result.getPolicyId()); + ret.setAclEnforcer("ranger-acl"); // TODO: review + ret.setAction(request.getAccessType()); + ret.setClientIP(request.getClientIPAddress()); + ret.setClientType(request.getClientType()); + ret.setAgentHostname(null); + ret.setAgentId(null); + ret.setEventId(null); + } + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.getAuthzEvents(" + result + "): " + ret); + } + + return ret; + } + + public Collection<AuthzAuditEvent> getAuthzEvents(Collection<RangerAccessResult> results) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.getAuthzEvents(" + results + ")"); + } + + List<AuthzAuditEvent> ret = null; + + if(results != null) { + // TODO: optimize the number of audit logs created + for(RangerAccessResult result : results) { + AuthzAuditEvent event = getAuthzEvents(result); + + if(event == null) { + continue; + } + + if(ret == null) { + ret = new ArrayList<AuthzAuditEvent>(); + } + + ret.add(event); + } + } + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.getAuthzEvents(" + results + "): " + ret); + } + + return ret; + } + + public void logAuthzAudit(AuthzAuditEvent auditEvent) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")"); + } + + if(auditEvent != null) { + AuditProviderFactory.getAuditProvider().log(auditEvent); + } + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudit(" + auditEvent + ")"); + } + } + + public void logAuthzAudits(Collection<AuthzAuditEvent> auditEvents) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")"); + } + + if(auditEvents != null) { + for(AuthzAuditEvent auditEvent : auditEvents) { + logAuthzAudit(auditEvent); + } + } + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerDefaultAuditHandler.logAuthzAudits(" + auditEvents + ")"); + } + } + + public AuthzAuditEvent createAuthzAuditEvent() { + return new AuthzAuditEvent(); + } + + public String getResourceName(RangerResource resource, RangerServiceDef serviceDef) { + String ret = null; + + if(resource != null && serviceDef != null && serviceDef.getResources() != null) { + List<RangerResourceDef> resourceDefs = serviceDef.getResources(); + + for(int idx = resourceDefs.size() - 1; idx >= 0; idx--) { + RangerResourceDef resourceDef = resourceDefs.get(idx); + + if(resourceDef == null || !resource.exists(resourceDef.getName())) { + continue; + } + + ret = resourceDef.getName(); + + break; + } + } + + return ret; + } + + public String getResourceValueAsString(RangerResource resource, RangerServiceDef serviceDef) { + String ret = null; + + if(resource != null && serviceDef != null && serviceDef.getResources() != null) { + StringBuilder sb = new StringBuilder(); + + for(RangerResourceDef resourceDef : serviceDef.getResources()) { + if(resourceDef == null || !resource.exists(resourceDef.getName())) { + continue; + } + + if(sb.length() > 0) { + sb.append(RESOURCE_SEP); + } + + sb.append(resource.getValue(resourceDef.getName())); + } + + if(sb.length() > 0) { + ret = sb.toString(); + } + } + + return ret; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java new file mode 100644 index 0000000..b90d387 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerBaseModelObject.java @@ -0,0 +1,179 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.model; + +import java.util.Date; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +import org.codehaus.jackson.annotate.JsonAutoDetect; +import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility; +import org.codehaus.jackson.annotate.JsonIgnoreProperties; +import org.codehaus.jackson.map.annotate.JsonSerialize; + +@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY) +@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL ) +@JsonIgnoreProperties(ignoreUnknown=true) +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class RangerBaseModelObject implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private Long id = null; + private String guid = null; + private Boolean isEnabled = null; + private String createdBy = null; + private String updatedBy = null; + private Date createTime = null; + private Date updateTime = null; + private Long version = null; + + /** + * + */ + public RangerBaseModelObject() { + setIsEnabled(null); + } + + public void updateFrom(RangerBaseModelObject other) { + setIsEnabled(other.getIsEnabled()); + } + + /** + * @return the id + */ + public Long getId() { + return id; + } + /** + * @param id the id to set + */ + public void setId(Long id) { + this.id = id; + } + /** + * @return the guid + */ + public String getGuid() { + return guid; + } + /** + * @param guid the guid to set + */ + public void setGuid(String guid) { + this.guid = guid; + } + /** + * @return the isEnabled + */ + public Boolean getIsEnabled() { + return isEnabled; + } + /** + * @param isEnabled the isEnabled to set + */ + public void setIsEnabled(Boolean isEnabled) { + this.isEnabled = isEnabled == null ? Boolean.TRUE : isEnabled; + } + /** + * @return the createdBy + */ + public String getCreatedBy() { + return createdBy; + } + /** + * @param createdBy the createdBy to set + */ + public void setCreatedBy(String createdBy) { + this.createdBy = createdBy; + } + /** + * @return the updatedBy + */ + public String getUpdatedBy() { + return updatedBy; + } + /** + * @param updatedBy the updatedBy to set + */ + public void setUpdatedBy(String updatedBy) { + this.updatedBy = updatedBy; + } + /** + * @return the createTime + */ + public Date getCreateTime() { + return createTime; + } + /** + * @param createTime the createTime to set + */ + public void setCreateTime(Date createTime) { + this.createTime = createTime; + } + /** + * @return the updateTime + */ + public Date getUpdateTime() { + return updateTime; + } + /** + * @param updateTime the updateTime to set + */ + public void setUpdateTime(Date updateTime) { + this.updateTime = updateTime; + } + /** + * @return the version + */ + public Long getVersion() { + return version; + } + /** + * @param version the version to set + */ + public void setVersion(Long version) { + this.version = version; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("id={").append(id).append("} "); + sb.append("guid={").append(guid).append("} "); + sb.append("isEnabled={").append(isEnabled).append("} "); + sb.append("createdBy={").append(createdBy).append("} "); + sb.append("updatedBy={").append(updatedBy).append("} "); + sb.append("createTime={").append(createTime).append("} "); + sb.append("updateTime={").append(updateTime).append("} "); + sb.append("version={").append(version).append("} "); + + return sb; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java new file mode 100644 index 0000000..78ba6e2 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java @@ -0,0 +1,686 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.model; + +import java.util.ArrayList; +import java.util.List; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +import org.codehaus.jackson.annotate.JsonAutoDetect; +import org.codehaus.jackson.annotate.JsonIgnoreProperties; +import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility; +import org.codehaus.jackson.map.annotate.JsonSerialize; + + +@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY) +@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL ) +@JsonIgnoreProperties(ignoreUnknown=true) +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class RangerPolicy extends RangerBaseModelObject implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String service = null; + private String name = null; + private String description = null; + private Boolean isAuditEnabled = null; + private Map<String, RangerPolicyResource> resources = null; + private List<RangerPolicyItem> policyItems = null; + + + /** + * @param type + */ + public RangerPolicy() { + this(null, null, null, null, null); + } + + /** + * @param type + * @param name + * @param description + * @param resources + * @param policyItems + */ + public RangerPolicy(String service, String name, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) { + super(); + + setService(service); + setName(name); + setDescription(description); + setIsAuditEnabled(null); + setResources(resources); + setPolicyItems(policyItems); + } + + /** + * @param other + */ + public void updateFrom(RangerPolicy other) { + super.updateFrom(other); + + setService(other.getService()); + setName(other.getName()); + setDescription(other.getDescription()); + setIsAuditEnabled(other.getIsAuditEnabled()); + setResources(other.getResources()); + setPolicyItems(other.getPolicyItems()); + } + + /** + * @return the type + */ + public String getService() { + return service; + } + + /** + * @param type the type to set + */ + public void setService(String service) { + this.service = service; + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the isAuditEnabled + */ + public Boolean getIsAuditEnabled() { + return isAuditEnabled; + } + + /** + * @param isEnabled the isEnabled to set + */ + public void setIsAuditEnabled(Boolean isAuditEnabled) { + this.isAuditEnabled = isAuditEnabled == null ? Boolean.TRUE : isAuditEnabled; + } + + /** + * @return the resources + */ + public Map<String, RangerPolicyResource> getResources() { + return resources; + } + + /** + * @param configs the resources to set + */ + public void setResources(Map<String, RangerPolicyResource> resources) { + if(this.resources == null) { + this.resources = new HashMap<String, RangerPolicyResource>(); + } + + if(this.resources == resources) { + return; + } + + this.resources.clear(); + + if(resources != null) { + for(Map.Entry<String, RangerPolicyResource> e : resources.entrySet()) { + this.resources.put(e.getKey(), e.getValue()); + } + } + } + + /** + * @return the policyItems + */ + public List<RangerPolicyItem> getPolicyItems() { + return policyItems; + } + + /** + * @param policyItems the policyItems to set + */ + public void setPolicyItems(List<RangerPolicyItem> policyItems) { + if(this.policyItems == null) { + this.policyItems = new ArrayList<RangerPolicyItem>(); + } + + if(this.policyItems == policyItems) { + return; + } + + this.policyItems.clear(); + + if(policyItems != null) { + for(RangerPolicyItem policyItem : policyItems) { + this.policyItems.add(policyItem); + } + } + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicy={"); + + super.toString(sb); + + sb.append("service={").append(service).append("} "); + sb.append("name={").append(name).append("} "); + sb.append("description={").append(description).append("} "); + sb.append("isAuditEnabled={").append(isAuditEnabled).append("} "); + + sb.append("resources={"); + if(resources != null) { + for(Map.Entry<String, RangerPolicyResource> e : resources.entrySet()) { + sb.append(e.getKey()).append("={"); + e.getValue().toString(sb); + sb.append("} "); + } + } + sb.append("} "); + + sb.append("policyItems={"); + if(policyItems != null) { + for(RangerPolicyItem policyItem : policyItems) { + if(policyItem != null) { + policyItem.toString(sb); + } + } + } + sb.append("} "); + + sb.append("}"); + + return sb; + } + + + public static class RangerPolicyResource implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private List<String> values = null; + private Boolean isExcludes = null; + private Boolean isRecursive = null; + + + public RangerPolicyResource() { + this((List<String>)null, null, null); + } + + public RangerPolicyResource(String value, Boolean isExcludes, Boolean isRecursive) { + setValue(value); + setIsExcludes(isExcludes); + setIsRecursive(isRecursive); + } + + public RangerPolicyResource(List<String> values, Boolean isExcludes, Boolean isRecursive) { + setValues(values); + setIsExcludes(isExcludes); + setIsRecursive(isRecursive); + } + + /** + * @return the values + */ + public List<String> getValues() { + return values; + } + + /** + * @param values the values to set + */ + public void setValues(List<String> values) { + if(this.values == null) { + this.values = new ArrayList<String>(); + } + + if(this.values == values) { + return; + } + + this.values.clear(); + + if(values != null) { + for(String value : values) { + this.values.add(value); + } + } + } + + /** + * @param value the value to set + */ + public void setValue(String value) { + if(this.values == null) { + this.values = new ArrayList<String>(); + } + + this.values.clear(); + + this.values.add(value); + } + + /** + * @return the isExcludes + */ + public Boolean getIsExcludes() { + return isExcludes; + } + + /** + * @param isExcludes the isExcludes to set + */ + public void setIsExcludes(Boolean isExcludes) { + this.isExcludes = isExcludes == null ? Boolean.FALSE : isExcludes; + } + + /** + * @return the isRecursive + */ + public Boolean getIsRecursive() { + return isRecursive; + } + + /** + * @param isRecursive the isRecursive to set + */ + public void setIsRecursive(Boolean isRecursive) { + this.isRecursive = isRecursive == null ? Boolean.FALSE : isRecursive; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicyResource={"); + sb.append("values={"); + if(values != null) { + for(String value : values) { + sb.append(value).append(" "); + } + } + sb.append("} "); + sb.append("isExcludes={").append(isExcludes).append("} "); + sb.append("isRecursive={").append(isRecursive).append("} "); + sb.append("}"); + + return sb; + } + } + + public static class RangerPolicyItem implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private List<RangerPolicyItemAccess> accesses = null; + private List<String> users = null; + private List<String> groups = null; + private List<RangerPolicyItemCondition> conditions = null; + private Boolean delegateAdmin = null; + + public RangerPolicyItem() { + this(null, null, null, null, null); + } + + public RangerPolicyItem(List<RangerPolicyItemAccess> accessTypes, List<String> users, List<String> groups, List<RangerPolicyItemCondition> conditions, Boolean delegateAdmin) { + setAccesses(accessTypes); + setUsers(users); + setGroups(groups); + setConditions(conditions); + setDelegateAdmin(delegateAdmin); + } + + /** + * @return the accesses + */ + public List<RangerPolicyItemAccess> getAccesses() { + return accesses; + } + /** + * @param accesses the accesses to set + */ + public void setAccesses(List<RangerPolicyItemAccess> accesses) { + if(this.accesses == null) { + this.accesses = new ArrayList<RangerPolicyItemAccess>(); + } + + if(this.accesses == accesses) { + return; + } + + if(accesses != null) { + for(RangerPolicyItemAccess access : accesses) { + this.accesses.add(access); + } + } + } + /** + * @return the users + */ + public List<String> getUsers() { + return users; + } + /** + * @param users the users to set + */ + public void setUsers(List<String> users) { + if(this.users == null) { + this.users = new ArrayList<String>(); + } + + if(this.users == users) { + return; + } + + if(users != null) { + for(String user : users) { + this.users.add(user); + } + } + } + /** + * @return the groups + */ + public List<String> getGroups() { + return groups; + } + /** + * @param groups the groups to set + */ + public void setGroups(List<String> groups) { + if(this.groups == null) { + this.groups = new ArrayList<String>(); + } + + if(this.groups == groups) { + return; + } + + if(groups != null) { + for(String group : groups) { + this.groups.add(group); + } + } + } + /** + * @return the conditions + */ + public List<RangerPolicyItemCondition> getConditions() { + return conditions; + } + /** + * @param conditions the conditions to set + */ + public void setConditions(List<RangerPolicyItemCondition> conditions) { + if(this.conditions == null) { + this.conditions = new ArrayList<RangerPolicyItemCondition>(); + } + + if(this.conditions == conditions) { + return; + } + + if(conditions != null) { + for(RangerPolicyItemCondition condition : conditions) { + this.conditions.add(condition); + } + } + } + + /** + * @return the delegateAdmin + */ + public Boolean getDelegateAdmin() { + return delegateAdmin; + } + + /** + * @param delegateAdmin the delegateAdmin to set + */ + public void setDelegateAdmin(Boolean delegateAdmin) { + this.delegateAdmin = delegateAdmin == null ? Boolean.FALSE : delegateAdmin; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicyItem={"); + + sb.append("accessTypes={"); + if(accesses != null) { + for(RangerPolicyItemAccess access : accesses) { + if(access != null) { + access.toString(sb); + } + } + } + sb.append("} "); + + sb.append("users={"); + if(users != null) { + for(String user : users) { + if(user != null) { + sb.append(user).append(" "); + } + } + } + sb.append("} "); + + sb.append("groups={"); + if(groups != null) { + for(String group : groups) { + if(group != null) { + sb.append(group).append(" "); + } + } + } + sb.append("} "); + + sb.append("conditions={"); + if(conditions != null) { + for(RangerPolicyItemCondition condition : conditions) { + if(condition != null) { + condition.toString(sb); + } + } + } + sb.append("} "); + + sb.append("delegateAdmin={").append(delegateAdmin).append("} "); + sb.append("}"); + + return sb; + } + } + + public static class RangerPolicyItemAccess implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String type = null; + private Boolean isAllowed = null; + + public RangerPolicyItemAccess() { + this(null, null); + } + + public RangerPolicyItemAccess(String type) { + this(type, null); + } + + public RangerPolicyItemAccess(String type, Boolean isAllowed) { + setType(type); + setIsAllowed(isAllowed); + } + + /** + * @return the type + */ + public String getType() { + return type; + } + + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + + /** + * @return the isAllowed + */ + public Boolean getIsAllowed() { + return isAllowed; + } + + /** + * @param isAllowed the isAllowed to set + */ + public void setIsAllowed(Boolean isAllowed) { + this.isAllowed = isAllowed == null ? Boolean.TRUE : isAllowed; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicyItemAccess={"); + sb.append("type={").append(type).append("} "); + sb.append("isAllowed={").append(isAllowed).append("} "); + sb.append("}"); + + return sb; + } + } + + public static class RangerPolicyItemCondition implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String type = null; + private String value = null; + + public RangerPolicyItemCondition() { + this(null, null); + } + + public RangerPolicyItemCondition(String type, String value) { + setType(type); + setValue(value); + } + + /** + * @return the type + */ + public String getType() { + return type; + } + + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + + /** + * @return the value + */ + public String getValue() { + return value; + } + + /** + * @param value the value to set + */ + public void setValue(String value) { + this.value = value; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicyItemCondition={"); + sb.append("type={").append(type).append("} "); + sb.append("value={").append(value).append("} "); + sb.append("}"); + + return sb; + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java new file mode 100644 index 0000000..f5e4d3e --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java @@ -0,0 +1,216 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.model; + +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +import org.codehaus.jackson.annotate.JsonAutoDetect; +import org.codehaus.jackson.annotate.JsonIgnoreProperties; +import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility; +import org.codehaus.jackson.map.annotate.JsonSerialize; + + +@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY) +@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL ) +@JsonIgnoreProperties(ignoreUnknown=true) +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class RangerService extends RangerBaseModelObject implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String type = null; + private String name = null; + private String description = null; + private Map<String, String> configs = null; + private Long policyVersion = null; + private Date policyUpdateTime = null; + + + /** + * @param type + */ + public RangerService() { + this(null, null, null, null); + } + + /** + * @param type + * @param name + * @param description + * @param configs + */ + public RangerService(String type, String name, String description, Map<String, String> configs) { + super(); + + setType(type); + setName(name); + setDescription(description); + setConfigs(configs); + } + + /** + * @param other + */ + public void updateFrom(RangerService other) { + super.updateFrom(other); + + setType(other.getType()); + setName(other.getName()); + setDescription(other.getDescription()); + setConfigs(other.getConfigs()); + } + + /** + * @return the type + */ + public String getType() { + return type; + } + + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the configs + */ + public Map<String, String> getConfigs() { + return configs; + } + + /** + * @param configs the configs to set + */ + public void setConfigs(Map<String, String> configs) { + if(this.configs == null) { + this.configs = new HashMap<String, String>(); + } + + if(this.configs == configs) { + return; + } + + this.configs.clear(); + + if(configs != null) { + for(Map.Entry<String, String> e : configs.entrySet()) { + this.configs.put(e.getKey(), e.getValue()); + } + } + } + + /** + * @return the policyVersion + */ + public Long getPolicyVersion() { + return policyVersion; + } + + /** + * @param policyVersion the policyVersion to set + */ + public void setPolicyVersion(Long policyVersion) { + this.policyVersion = policyVersion; + } + + /** + * @return the policyUpdateTime + */ + public Date getPolicyUpdateTime() { + return policyUpdateTime; + } + + /** + * @param policyUpdateTime the policyUpdateTime to set + */ + public void setPolicyUpdateTime(Date policyUpdateTime) { + this.policyUpdateTime = policyUpdateTime; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerService={"); + + super.toString(sb); + sb.append("name={").append(name).append("} "); + sb.append("type={").append(type).append("} "); + sb.append("description={").append(description).append("} "); + + sb.append("configs={"); + if(configs != null) { + for(Map.Entry<String, String> e : configs.entrySet()) { + sb.append(e.getKey()).append("={").append(e.getValue()).append("} "); + } + } + sb.append("} "); + + sb.append("policyVersion={").append(policyVersion).append("} "); + sb.append("policyUpdateTime={").append(policyUpdateTime).append("} "); + + sb.append("}"); + + return sb; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java new file mode 100644 index 0000000..2841a23 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceDef.java @@ -0,0 +1,1320 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.model; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +import org.codehaus.jackson.annotate.JsonAutoDetect; +import org.codehaus.jackson.annotate.JsonIgnoreProperties; +import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility; +import org.codehaus.jackson.map.annotate.JsonSerialize; + + +@JsonAutoDetect(getterVisibility=Visibility.NONE, setterVisibility=Visibility.NONE, fieldVisibility=Visibility.ANY) +@JsonSerialize(include=JsonSerialize.Inclusion.NON_NULL ) +@JsonIgnoreProperties(ignoreUnknown=true) +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class RangerServiceDef extends RangerBaseModelObject implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String implClass = null; + private String label = null; + private String description = null; + private String rbKeyLabel = null; + private String rbKeyDescription = null; + private List<RangerServiceConfigDef> configs = null; + private List<RangerResourceDef> resources = null; + private List<RangerAccessTypeDef> accessTypes = null; + private List<RangerPolicyConditionDef> policyConditions = null; + private List<RangerEnumDef> enums = null; + + + public RangerServiceDef() { + this(null, null, null, null, null, null, null, null, null); + } + + /** + * @param name + * @param implClass + * @param label + * @param description + * @param configs + * @param resources + * @param accessTypes + * @param policyConditions + * @param enums + */ + public RangerServiceDef(String name, String implClass, String label, String description, List<RangerServiceConfigDef> configs, List<RangerResourceDef> resources, List<RangerAccessTypeDef> accessTypes, List<RangerPolicyConditionDef> policyConditions, List<RangerEnumDef> enums) { + super(); + + setName(name); + setImplClass(implClass); + setLabel(label); + setDescription(description); + setConfigs(configs); + setResources(resources); + setAccessTypes(accessTypes); + setPolicyConditions(policyConditions); + setEnums(enums); + } + + /** + * @param other + */ + public void updateFrom(RangerServiceDef other) { + super.updateFrom(other); + + setName(other.getName()); + setImplClass(other.getImplClass()); + setLabel(other.getLabel()); + setDescription(other.getDescription()); + setConfigs(other.getConfigs()); + setResources(other.getResources()); + setAccessTypes(other.getAccessTypes()); + setPolicyConditions(other.getPolicyConditions()); + setEnums(other.getEnums()); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the implClass + */ + public String getImplClass() { + return implClass; + } + + /** + * @param implClass the implClass to set + */ + public void setImplClass(String implClass) { + this.implClass = implClass; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + /** + * @return the rbKeyDescription + */ + public String getRbKeyDescription() { + return rbKeyDescription; + } + + /** + * @param rbKeyDescription the rbKeyDescription to set + */ + public void setRbKeyDescription(String rbKeyDescription) { + this.rbKeyDescription = rbKeyDescription; + } + + /** + * @return the configs + */ + public List<RangerServiceConfigDef> getConfigs() { + return configs; + } + + /** + * @param configs the configs to set + */ + public void setConfigs(List<RangerServiceConfigDef> configs) { + if(this.configs == null) { + this.configs = new ArrayList<RangerServiceConfigDef>(); + } else + + if(this.configs == configs) { + return; + } + + this.configs.clear(); + + if(configs != null) { + for(RangerServiceConfigDef config : configs) { + this.configs.add(config); + } + } + } + + /** + * @return the resources + */ + public List<RangerResourceDef> getResources() { + return resources; + } + + /** + * @param resources the resources to set + */ + public void setResources(List<RangerResourceDef> resources) { + if(this.resources == null) { + this.resources = new ArrayList<RangerResourceDef>(); + } + + if(this.resources == resources) { + return; + } + + this.resources.clear(); + + if(resources != null) { + for(RangerResourceDef resource : resources) { + this.resources.add(resource); + } + } + } + + /** + * @return the accessTypes + */ + public List<RangerAccessTypeDef> getAccessTypes() { + return accessTypes; + } + + /** + * @param accessTypes the accessTypes to set + */ + public void setAccessTypes(List<RangerAccessTypeDef> accessTypes) { + if(this.accessTypes == null) { + this.accessTypes = new ArrayList<RangerAccessTypeDef>(); + } + + if(this.accessTypes == accessTypes) { + return; + } + + this.accessTypes.clear(); + + if(accessTypes != null) { + for(RangerAccessTypeDef accessType : accessTypes) { + this.accessTypes.add(accessType); + } + } + } + + /** + * @return the policyConditions + */ + public List<RangerPolicyConditionDef> getPolicyConditions() { + return policyConditions; + } + + /** + * @param policyConditions the policyConditions to set + */ + public void setPolicyConditions(List<RangerPolicyConditionDef> policyConditions) { + if(this.policyConditions == null) { + this.policyConditions = new ArrayList<RangerPolicyConditionDef>(); + } + + if(this.policyConditions == policyConditions) { + return; + } + + this.policyConditions.clear(); + + if(policyConditions != null) { + for(RangerPolicyConditionDef policyCondition : policyConditions) { + this.policyConditions.add(policyCondition); + } + } + } + + /** + * @return the enums + */ + public List<RangerEnumDef> getEnums() { + return enums; + } + + /** + * @param enums the enums to set + */ + public void setEnums(List<RangerEnumDef> enums) { + if(this.enums == null) { + this.enums = new ArrayList<RangerEnumDef>(); + } + + if(this.enums == enums) { + return; + } + + this.enums.clear(); + + if(enums != null) { + for(RangerEnumDef enum1 : enums) { + this.enums.add(enum1); + } + } + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerServiceDef={"); + + super.toString(sb); + + sb.append("name={").append(name).append("} "); + sb.append("implClass={").append(implClass).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("description={").append(description).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + sb.append("rbKeyDescription={").append(rbKeyDescription).append("} "); + + sb.append("configs={"); + if(configs != null) { + for(RangerServiceConfigDef config : configs) { + if(config != null) { + config.toString(sb); + } + } + } + sb.append("} "); + + sb.append("resources={"); + if(resources != null) { + for(RangerResourceDef resource : resources) { + if(resource != null) { + resource.toString(sb); + } + } + } + sb.append("} "); + + sb.append("accessTypes={"); + if(accessTypes != null) { + for(RangerAccessTypeDef accessType : accessTypes) { + if(accessType != null) { + accessType.toString(sb); + } + } + } + sb.append("} "); + + sb.append("policyConditions={"); + if(policyConditions != null) { + for(RangerPolicyConditionDef policyCondition : policyConditions) { + if(policyCondition != null) { + policyCondition.toString(sb); + } + } + } + sb.append("} "); + + sb.append("enums={"); + if(enums != null) { + for(RangerEnumDef e : enums) { + if(e != null) { + e.toString(sb); + } + } + } + sb.append("} "); + + sb.append("}"); + + return sb; + } + + + public static class RangerEnumDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private List<RangerEnumElementDef> elements = null; + private Integer defaultIndex = null; + + + public RangerEnumDef() { + this(null, null, null); + } + + public RangerEnumDef(String name, List<RangerEnumElementDef> elements, Integer defaultIndex) { + setName(name); + setElements(elements); + setDefaultIndex(defaultIndex); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the elements + */ + public List<RangerEnumElementDef> getElements() { + return elements; + } + + /** + * @param elements the elements to set + */ + public void setElements(List<RangerEnumElementDef> elements) { + if(this.elements == null) { + this.elements = new ArrayList<RangerEnumElementDef>(); + } + + if(this.elements == elements) { + return; + } + + this.elements.clear(); + + if(elements != null) { + for(RangerEnumElementDef element : elements) { + this.elements.add(element); + } + } + } + + /** + * @return the defaultIndex + */ + public Integer getDefaultIndex() { + return defaultIndex; + } + + /** + * @param defaultIndex the defaultIndex to set + */ + public void setDefaultIndex(Integer defaultIndex) { + this.defaultIndex = (defaultIndex != null && this.elements.size() > defaultIndex) ? defaultIndex : 0; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerEnumDef={"); + sb.append("name={").append(name).append("} "); + sb.append("elements={"); + if(elements != null) { + for(RangerEnumElementDef element : elements) { + if(element != null) { + element.toString(sb); + } + } + } + sb.append("} "); + sb.append("defaultIndex={").append(defaultIndex).append("} "); + sb.append("}"); + + return sb; + } + } + + + public static class RangerEnumElementDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String label = null; + private String rbKeyLabel = null; + + + public RangerEnumElementDef() { + this(null, null, null); + } + + public RangerEnumElementDef(String name, String label, String rbKeyLabel) { + setName(name); + setLabel(label); + setRbKeyLabel(rbKeyLabel); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerEnumElementDef={"); + sb.append("name={").append(name).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + sb.append("}"); + + return sb; + } + } + + + public static class RangerServiceConfigDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String type = null; + private String subType = null; + private Boolean mandatory = null; + private String defaultValue = null; + private String label = null; + private String description = null; + private String rbKeyLabel = null; + private String rbKeyDescription = null; + + + public RangerServiceConfigDef() { + this(null, null, null, null, null, null, null, null, null); + } + + public RangerServiceConfigDef(String name, String type, String subType, Boolean mandatory, String defaultValue, String label, String description, String rbKeyLabel, String rbKeyDescription) { + setName(name); + setType(type); + setSubType(subType); + setMandatory(mandatory); + setDefaultValue(defaultValue); + setLabel(label); + setDescription(description); + setRbKeyLabel(rbKeyLabel); + setRbKeyDescription(rbKeyDescription); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the type + */ + public String getType() { + return type; + } + + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + + /** + * @return the type + */ + public String getSubType() { + return subType; + } + + /** + * @param type the type to set + */ + public void setSubType(String subType) { + this.subType = subType; + } + + /** + * @return the mandatory + */ + public Boolean getMandatory() { + return mandatory; + } + + /** + * @param mandatory the mandatory to set + */ + public void setMandatory(Boolean mandatory) { + this.mandatory = mandatory == null ? Boolean.FALSE : mandatory; + } + + /** + * @return the defaultValue + */ + public String getDefaultValue() { + return defaultValue; + } + + /** + * @param defaultValue the defaultValue to set + */ + public void setDefaultValue(String defaultValue) { + this.defaultValue = defaultValue; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + /** + * @return the rbKeyDescription + */ + public String getRbKeyDescription() { + return rbKeyDescription; + } + + /** + * @param rbKeyDescription the rbKeyDescription to set + */ + public void setRbKeyDescription(String rbKeyDescription) { + this.rbKeyDescription = rbKeyDescription; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerServiceConfigDef={"); + sb.append("name={").append(name).append("} "); + sb.append("type={").append(type).append("} "); + sb.append("subType={").append(subType).append("} "); + sb.append("mandatory={").append(mandatory).append("} "); + sb.append("defaultValue={").append(defaultValue).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("description={").append(description).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + sb.append("rbKeyDescription={").append(rbKeyDescription).append("} "); + sb.append("}"); + + return sb; + } + } + + + public static class RangerResourceDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String type = null; + private Integer level = null; + private String parent = null; + private Boolean mandatory = null; + private Boolean lookupSupported = null; + private Boolean recursiveSupported = null; + private Boolean excludesSupported = null; + private String matcher = null; + private String matcherOptions = null; + private String label = null; + private String description = null; + private String rbKeyLabel = null; + private String rbKeyDescription = null; + + + public RangerResourceDef() { + this(null, null, null, null, null, null, null, null, null, null, null, null, null, null); + } + + public RangerResourceDef(String name, String type, Integer level, String parent, Boolean mandatory, Boolean lookupSupported, Boolean recursiveSupported, Boolean excludesSupported, String matcher, String matcherOptions, String label, String description, String rbKeyLabel, String rbKeyDescription) { + setName(name); + setType(type); + setLevel(level); + setParent(parent); + setMandatory(mandatory); + setLookupSupported(lookupSupported); + setRecursiveSupported(recursiveSupported); + setExcludesSupported(excludesSupported); + setMatcher(matcher); + setMatcher(matcherOptions); + setLabel(label); + setDescription(description); + setRbKeyLabel(rbKeyLabel); + setRbKeyDescription(rbKeyDescription); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the type + */ + public String getType() { + return type; + } + + /** + * @param type the type to set + */ + public void setType(String type) { + this.type = type; + } + + /** + * @return the level + */ + public Integer getLevel() { + return level; + } + + /** + * @param level the level to set + */ + public void setLevel(Integer level) { + this.level = level == null ? 1 : level; + } + + /** + * @return the parent + */ + public String getParent() { + return parent; + } + + /** + * @param parent the parent to set + */ + public void setParent(String parent) { + this.parent = parent; + } + + /** + * @return the mandatory + */ + public Boolean getMandatory() { + return mandatory; + } + + /** + * @param mandatory the mandatory to set + */ + public void setMandatory(Boolean mandatory) { + this.mandatory = mandatory == null ? Boolean.FALSE : mandatory; + } + + /** + * @return the lookupSupported + */ + public Boolean getLookupSupported() { + return lookupSupported; + } + + /** + * @param lookupSupported the lookupSupported to set + */ + public void setLookupSupported(Boolean lookupSupported) { + this.lookupSupported = lookupSupported == null ? Boolean.FALSE : lookupSupported; + } + + /** + * @return the recursiveSupported + */ + public Boolean getRecursiveSupported() { + return recursiveSupported; + } + + /** + * @param recursiveSupported the recursiveSupported to set + */ + public void setRecursiveSupported(Boolean recursiveSupported) { + this.recursiveSupported = recursiveSupported == null ? Boolean.FALSE : recursiveSupported; + } + + /** + * @return the excludesSupported + */ + public Boolean getExcludesSupported() { + return excludesSupported; + } + + /** + * @param excludesSupported the excludesSupported to set + */ + public void setExcludesSupported(Boolean excludesSupported) { + this.excludesSupported = excludesSupported == null ? Boolean.FALSE : excludesSupported; + } + + /** + * @return the matcher + */ + public String getMatcher() { + return matcher; + } + + /** + * @param matcher the matcher to set + */ + public void setMatcher(String matcher) { + this.matcher = matcher; + } + + /** + * @return the matcher + */ + public String getMatcherOptions() { + return matcherOptions; + } + + /** + * @param matcher the matcher to set + */ + public void setMatcherOptions(String matcherOptions) { + this.matcherOptions = matcherOptions; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + /** + * @return the rbKeyDescription + */ + public String getRbKeyDescription() { + return rbKeyDescription; + } + + /** + * @param rbKeyDescription the rbKeyDescription to set + */ + public void setRbKeyDescription(String rbKeyDescription) { + this.rbKeyDescription = rbKeyDescription; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerResourceDef={"); + sb.append("name={").append(name).append("} "); + sb.append("type={").append(type).append("} "); + sb.append("level={").append(level).append("} "); + sb.append("parent={").append(parent).append("} "); + sb.append("mandatory={").append(mandatory).append("} "); + sb.append("lookupSupported={").append(lookupSupported).append("} "); + sb.append("recursiveSupported={").append(recursiveSupported).append("} "); + sb.append("excludesSupported={").append(excludesSupported).append("} "); + sb.append("matcher={").append(matcher).append("} "); + sb.append("matcherOptions={").append(matcherOptions).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("description={").append(description).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + sb.append("rbKeyDescription={").append(rbKeyDescription).append("} "); + sb.append("}"); + + return sb; + } + } + + + public static class RangerAccessTypeDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String label = null; + private String rbKeyLabel = null; + private Collection<String> impliedGrants = null; + + + public RangerAccessTypeDef() { + this(null, null, null, null); + } + + public RangerAccessTypeDef(String name, String label, String rbKeyLabel, Collection<String> impliedGrants) { + setName(name); + setLabel(label); + setRbKeyLabel(rbKeyLabel); + setImpliedGrants(impliedGrants); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + /** + * @return the impliedGrants + */ + public Collection<String> getImpliedGrants() { + return impliedGrants; + } + + /** + * @param impliedGrants the impliedGrants to set + */ + public void setImpliedGrants(Collection<String> impliedGrants) { + if(this.impliedGrants == null) { + this.impliedGrants = new ArrayList<String>(); + } + + if(this.impliedGrants == impliedGrants) { + return; + } + + this.impliedGrants.clear(); + + if(impliedGrants != null) { + for(String impliedGrant : impliedGrants) { + this.impliedGrants.add(impliedGrant); + } + } + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerAccessTypeDef={"); + sb.append("name={").append(name).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + + sb.append("impliedGrants={"); + if(impliedGrants != null) { + for(String impliedGrant : impliedGrants) { + if(impliedGrant != null) { + sb.append(impliedGrant).append(" "); + } + } + } + sb.append("} "); + + sb.append("}"); + + return sb; + } + } + + + public static class RangerPolicyConditionDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; + + private String name = null; + private String evaluator = null; + private String evaluatorOptions = null; + private String label = null; + private String description = null; + private String rbKeyLabel = null; + private String rbKeyDescription = null; + + + public RangerPolicyConditionDef() { + this(null, null, null, null, null, null, null); + } + + public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions) { + this(name, evaluator, evaluatorOptions, null, null, null, null); + } + + public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label) { + this(name, evaluator, evaluatorOptions, label, null, null, null); + } + + public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label, String description) { + this(name, evaluator, evaluatorOptions, label, description, null, null); + } + + public RangerPolicyConditionDef(String name, String evaluator, String evaluatorOptions, String label, String description, String rbKeyLabel, String rbKeyDescription) { + setName(name); + setEvaluator(evaluator); + setEvaluatorOptions(evaluatorOptions); + setLabel(label); + setDescription(description); + setRbKeyLabel(rbKeyLabel); + setRbKeyDescription(rbKeyDescription); + } + + /** + * @return the name + */ + public String getName() { + return name; + } + + /** + * @param name the name to set + */ + public void setName(String name) { + this.name = name; + } + + /** + * @return the evaluator + */ + public String getEvaluator() { + return evaluator; + } + + /** + * @param evaluator the evaluator to set + */ + public void setEvaluator(String evaluator) { + this.evaluator = evaluator; + } + + /** + * @return the evaluator + */ + public String getEvaluatorOptions() { + return evaluatorOptions; + } + + /** + * @param evaluator the evaluator to set + */ + public void setEvaluatorOptions(String evaluatorOptions) { + this.evaluatorOptions = evaluatorOptions; + } + + /** + * @return the label + */ + public String getLabel() { + return label; + } + + /** + * @param label the label to set + */ + public void setLabel(String label) { + this.label = label; + } + + /** + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * @param description the description to set + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * @return the rbKeyLabel + */ + public String getRbKeyLabel() { + return rbKeyLabel; + } + + /** + * @param rbKeyLabel the rbKeyLabel to set + */ + public void setRbKeyLabel(String rbKeyLabel) { + this.rbKeyLabel = rbKeyLabel; + } + + /** + * @return the rbKeyDescription + */ + public String getRbKeyDescription() { + return rbKeyDescription; + } + + /** + * @param rbKeyDescription the rbKeyDescription to set + */ + public void setRbKeyDescription(String rbKeyDescription) { + this.rbKeyDescription = rbKeyDescription; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerPolicyConditionDef={"); + sb.append("name={").append(name).append("} "); + sb.append("evaluator={").append(evaluator).append("} "); + sb.append("evaluatorOptions={").append(evaluatorOptions).append("} "); + sb.append("label={").append(label).append("} "); + sb.append("description={").append(description).append("} "); + sb.append("rbKeyLabel={").append(rbKeyLabel).append("} "); + sb.append("rbKeyDescription={").append(rbKeyDescription).append("} "); + sb.append("}"); + + return sb; + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java new file mode 100644 index 0000000..56a55ae --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequest.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.policyengine; + +import java.util.Date; +import java.util.Map; +import java.util.Set; + +public interface RangerAccessRequest { + RangerResource getResource(); + + String getAccessType(); + + String getUser(); + + Set<String> getUserGroups(); + + Date getAccessTime(); + + String getClientIPAddress(); + + String getClientType(); + + String getAction(); + + String getRequestData(); + + String getSessionId(); + + Map<String, Object> getContext(); +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java new file mode 100644 index 0000000..fff8d4c --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java @@ -0,0 +1,208 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.policyengine; + +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import org.apache.commons.lang.StringUtils; + + +public class RangerAccessRequestImpl implements RangerAccessRequest { + private RangerResource resource = null; + private String accessType = null; + private String user = null; + private Set<String> userGroups = null; + private Date accessTime = null; + private String clientIPAddress = null; + private String clientType = null; + private String action = null; + private String requestData = null; + private String sessionId = null; + private Map<String, Object> context = null; + + + public RangerAccessRequestImpl() { + this(null, null, null, null); + } + + public RangerAccessRequestImpl(RangerResource resource, String accessType, String user, Set<String> userGroups) { + setResource(resource); + setAccessType(accessType); + setUser(user); + setUserGroups(userGroups); + + // set remaining fields to default value + setAccessTime(null); + setClientIPAddress(null); + setClientType(null); + setAction(null); + setRequestData(null); + setSessionId(null); + setContext(null); + } + + @Override + public RangerResource getResource() { + return resource; + } + + @Override + public String getAccessType() { + return accessType; + } + + @Override + public String getUser() { + return user; + } + + @Override + public Set<String> getUserGroups() { + return userGroups; + } + + @Override + public Date getAccessTime() { + return accessTime; + } + + @Override + public String getClientIPAddress() { + return clientIPAddress; + } + + @Override + public String getClientType() { + return clientType; + } + + @Override + public String getAction() { + return action; + } + + @Override + public String getRequestData() { + return requestData; + } + + @Override + public String getSessionId() { + return sessionId; + } + + @Override + public Map<String, Object> getContext() { + return context; + } + + + public void setResource(RangerResource resource) { + this.resource = resource; + } + + public void setAccessType(String accessType) { + this.accessType = accessType; + } + + public void setUser(String user) { + this.user = user; + } + + public void setUserGroups(Set<String> userGroups) { + this.userGroups = (userGroups == null) ? new HashSet<String>() : userGroups; + } + + public void setAccessTime(Date accessTime) { + this.accessTime = (accessTime == null) ? new Date() : accessTime; + } + + public void setClientIPAddress(String clientIPAddress) { + this.clientIPAddress = clientIPAddress; + } + + public void setClientType(String clientType) { + this.clientType = clientType; + } + + public void setAction(String action) { + this.action = action; + } + + public void setRequestData(String requestData) { + this.requestData = requestData; + } + + public void setSessionId(String sessionId) { + this.sessionId = sessionId; + } + + public void setContext(Map<String, Object> context) { + this.context = (context == null) ? new HashMap<String, Object>() : context; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerAccessRequestImpl={"); + + sb.append("resource={").append(resource).append("} "); + sb.append("accessType={").append(accessType).append("} "); + sb.append("user={").append(user).append("} "); + + sb.append("userGroups={"); + if(userGroups != null) { + for(String userGroup : userGroups) { + sb.append(userGroup).append(" "); + } + } + + sb.append("accessTime={").append(accessTime).append("} "); + sb.append("clientIPAddress={").append(clientIPAddress).append("} "); + sb.append("clientType={").append(clientType).append("} "); + sb.append("action={").append(action).append("} "); + sb.append("requestData={").append(requestData).append("} "); + sb.append("sessionId={").append(sessionId).append("} "); + + + sb.append("context={"); + if(context != null) { + for(Map.Entry<String, Object> e : context.entrySet()) { + sb.append(e.getKey()).append("={").append(e.getValue()).append("} "); + } + } + sb.append("} "); + + sb.append("}"); + + return sb; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/217e1892/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java new file mode 100644 index 0000000..2eaec16 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessResult.java @@ -0,0 +1,157 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.policyengine; + +import org.apache.ranger.plugin.model.RangerServiceDef; + + +public class RangerAccessResult { + private String serviceName = null; + private RangerServiceDef serviceDef = null; + private RangerAccessRequest request = null; + + private boolean isAllowed = false; + private boolean isAudited = false; + private long policyId = -1; + private String reason = null; + + public RangerAccessResult(String serviceName, RangerServiceDef serviceDef, RangerAccessRequest request) { + this(serviceName, serviceDef, request, false, false, -1, null); + } + + public RangerAccessResult(String serviceName, RangerServiceDef serviceDef, RangerAccessRequest request, boolean isAllowed, boolean isAudited, long policyId, String reason) { + this.serviceName = serviceName; + this.serviceDef = serviceDef; + this.request = request; + this.isAllowed = isAllowed; + this.isAudited = isAudited; + this.policyId = policyId; + this.reason = reason; + } + + /** + * @return the serviceName + */ + public String getServiceName() { + return serviceName; + } + + /** + * @return the serviceDef + */ + public RangerServiceDef getServiceDef() { + return serviceDef; + } + + /** + * @return the request + */ + public RangerAccessRequest getAccessRequest() { + return request; + } + + /** + * @return the isAllowed + */ + public boolean getIsAllowed() { + return isAllowed; + } + + /** + * @param isAllowed the isAllowed to set + */ + public void setIsAllowed(boolean isAllowed) { + this.isAllowed = isAllowed; + } + + /** + * @param reason the reason to set + */ + public void setReason(String reason) { + this.reason = reason; + } + + /** + * @return the isAudited + */ + public boolean getIsAudited() { + return isAudited; + } + + /** + * @param isAudited the isAudited to set + */ + public void setIsAudited(boolean isAudited) { + this.isAudited = isAudited; + } + + /** + * @return the reason + */ + public String getReason() { + return reason; + } + + /** + * @return the policyId + */ + public long getPolicyId() { + return policyId; + } + + /** + * @return the policyId + */ + public void setPolicyId(long policyId) { + this.policyId = policyId; + } + + public int getServiceType() { + int ret = -1; + + if(serviceDef != null && serviceDef.getId() != null) { + ret = serviceDef.getId().intValue(); + } + + return ret; + } + + @Override + public String toString( ) { + StringBuilder sb = new StringBuilder(); + + toString(sb); + + return sb.toString(); + } + + public StringBuilder toString(StringBuilder sb) { + sb.append("RangerAccessResult={"); + + sb.append("isAllowed={").append(isAllowed).append("} "); + sb.append("isAudited={").append(isAudited).append("} "); + sb.append("policyId={").append(policyId).append("} "); + sb.append("reason={").append(reason).append("} "); + + sb.append("}"); + + return sb; + } +}
