Repository: incubator-ranger Updated Branches: refs/heads/master f5317ec95 -> 10f5fd607
RANGER-371: policy search fix to use resource value specified in the filter Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/10f5fd60 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/10f5fd60 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/10f5fd60 Branch: refs/heads/master Commit: 10f5fd6072c46222022816f302f06e51ea078597 Parents: f5317ec Author: Madhan Neethiraj <[email protected]> Authored: Sat Apr 4 15:09:33 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Sat Apr 4 15:09:33 2015 -0700 ---------------------------------------------------------------------- .../plugin/store/AbstractServiceStore.java | 686 +++++++++++++++++++ .../ranger/plugin/store/file/BaseFileStore.java | 3 +- .../plugin/store/file/ServiceFileStore.java | 631 +---------------- .../ranger/plugin/util/PolicyRefresher.java | 1 - .../apache/ranger/plugin/util/SearchFilter.java | 16 +- .../org/apache/ranger/biz/ServiceDBStore.java | 26 +- .../apache/ranger/common/RangerSearchUtil.java | 37 +- .../java/org/apache/ranger/rest/PublicAPIs.java | 11 +- .../org/apache/ranger/rest/ServiceREST.java | 23 +- .../ranger/service/RangerPolicyService.java | 2 +- .../ranger/service/RangerServiceDefService.java | 2 +- .../ranger/service/RangerServiceService.java | 2 +- 12 files changed, 786 insertions(+), 654 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java new file mode 100644 index 0000000..ee480fa --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java @@ -0,0 +1,686 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.store; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Comparator; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.collections.MapUtils; +import org.apache.commons.collections.Predicate; +import org.apache.commons.collections.PredicateUtils; +import org.apache.commons.io.FilenameUtils; +import org.apache.commons.lang.ObjectUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.ranger.plugin.model.RangerBaseModelObject; +import org.apache.ranger.plugin.model.RangerPolicy; +import org.apache.ranger.plugin.model.RangerService; +import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; +import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; +import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; +import org.apache.ranger.plugin.util.SearchFilter; + +public abstract class AbstractServiceStore implements ServiceStore { + private static Map<String, Comparator<RangerBaseModelObject>> sorterMap = new HashMap<String, Comparator<RangerBaseModelObject>>(); + + public void applyFilter(List<? extends RangerBaseModelObject> objList, SearchFilter filter) { + if(CollectionUtils.isEmpty(objList)) { + return; + } + + Predicate pred = getPredicate(filter); + + if(pred != null) { + CollectionUtils.filter(objList, pred); + } + + Comparator<RangerBaseModelObject> sorter = getSorter(filter); + + if(sorter != null) { + Collections.sort(objList, sorter); + } + } + + public Predicate getPredicate(SearchFilter filter) { + if(filter == null || filter.isEmpty()) { + return null; + } + + List<Predicate> predicates = new ArrayList<Predicate>(); + + addPredicateForServiceType(filter.getParam(SearchFilter.SERVICE_TYPE), predicates); + addPredicateForServiceTypeId(filter.getParam(SearchFilter.SERVICE_TYPE_ID), predicates); + addPredicateForServiceName(filter.getParam(SearchFilter.SERVICE_NAME), predicates); + addPredicateForServiceId(filter.getParam(SearchFilter.SERVICE_ID), predicates); + addPredicateForPolicyName(filter.getParam(SearchFilter.POLICY_NAME), predicates); + addPredicateForPolicyId(filter.getParam(SearchFilter.POLICY_ID), predicates); + addPredicateForIsEnabled(filter.getParam(SearchFilter.IS_ENABLED), predicates); + addPredicateForIsRecursive(filter.getParam(SearchFilter.IS_RECURSIVE), predicates); + addPredicateForUserName(filter.getParam(SearchFilter.USER), predicates); + addPredicateForGroupName(filter.getParam(SearchFilter.GROUP), predicates); + addPredicateForResources(filter.getParamsWithPrefix(SearchFilter.RESOURCE_PREFIX, true), predicates); + + Predicate ret = CollectionUtils.isEmpty(predicates) ? null : PredicateUtils.allPredicate(predicates); + + return ret; + } + + public Comparator<RangerBaseModelObject> getSorter(SearchFilter filter) { + String sortBy = filter == null ? null : filter.getParam(SearchFilter.SORT_BY); + + if(StringUtils.isEmpty(sortBy)) { + return null; + } + + Comparator<RangerBaseModelObject> ret = sorterMap.get(sortBy); + + return ret; + } + + protected final static Comparator<RangerBaseModelObject> idComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Long val1 = (o1 != null) ? o1.getId() : null; + Long val2 = (o2 != null) ? o2.getId() : null; + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerBaseModelObject> createTimeComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Date val1 = (o1 != null) ? o1.getCreateTime() : null; + Date val2 = (o2 != null) ? o2.getCreateTime() : null; + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerBaseModelObject> updateTimeComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + Date val1 = (o1 != null) ? o1.getUpdateTime() : null; + Date val2 = (o2 != null) ? o2.getUpdateTime() : null; + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerBaseModelObject> serviceDefNameComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = null; + String val2 = null; + + if(o1 != null) { + if(o1 instanceof RangerServiceDef) { + val1 = ((RangerServiceDef)o1).getName(); + } else if(o1 instanceof RangerService) { + val1 = ((RangerService)o1).getType(); + } + } + + if(o2 != null) { + if(o2 instanceof RangerServiceDef) { + val2 = ((RangerServiceDef)o2).getName(); + } else if(o2 instanceof RangerService) { + val2 = ((RangerService)o2).getType(); + } + } + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerBaseModelObject> serviceNameComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = null; + String val2 = null; + + if(o1 != null) { + if(o1 instanceof RangerPolicy) { + val1 = ((RangerPolicy)o1).getService(); + } else if(o1 instanceof RangerService) { + val1 = ((RangerService)o1).getType(); + } + } + + if(o2 != null) { + if(o2 instanceof RangerPolicy) { + val2 = ((RangerPolicy)o2).getService(); + } else if(o2 instanceof RangerService) { + val2 = ((RangerService)o2).getType(); + } + } + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerBaseModelObject> policyNameComparator = new Comparator<RangerBaseModelObject>() { + @Override + public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { + String val1 = (o1 != null && o1 instanceof RangerPolicy) ? ((RangerPolicy)o1).getName() : null; + String val2 = (o2 != null && o2 instanceof RangerPolicy) ? ((RangerPolicy)o2).getName() : null; + + return ObjectUtils.compare(val1, val2); + } + }; + + protected final static Comparator<RangerResourceDef> resourceLevelComparator = new Comparator<RangerResourceDef>() { + @Override + public int compare(RangerResourceDef o1, RangerResourceDef o2) { + Integer val1 = (o1 != null) ? o1.getLevel() : null; + Integer val2 = (o2 != null) ? o2.getLevel() : null; + + return ObjectUtils.compare(val1, val2); + } + }; + + static { + sorterMap.put(SearchFilter.SERVICE_TYPE, serviceDefNameComparator); + sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); + sorterMap.put(SearchFilter.SERVICE_NAME, serviceNameComparator); + sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); + sorterMap.put(SearchFilter.POLICY_NAME, policyNameComparator); + sorterMap.put(SearchFilter.POLICY_ID, idComparator); + sorterMap.put(SearchFilter.CREATE_TIME, createTimeComparator); + sorterMap.put(SearchFilter.UPDATE_TIME, updateTimeComparator); + } + + private String getServiceType(String serviceName) { + RangerService service = null; + + try { + service = getServiceByName(serviceName); + } catch(Exception excp) { + // ignore + } + + return service != null ? service.getType() : null; + } + + private Long getServiceId(String serviceName) { + RangerService service = null; + + try { + service = getServiceByName(serviceName); + } catch(Exception excp) { + // ignore + } + + return service != null ? service.getId() : null; + } + + private Predicate addPredicateForServiceType(final String serviceType, List<Predicate> predicates) { + if(StringUtils.isEmpty(serviceType)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + ret = StringUtils.equals(serviceType, getServiceType(policy.getService())); + } else if(object instanceof RangerService) { + RangerService service = (RangerService)object; + + ret = StringUtils.equals(serviceType, service.getType()); + } else if(object instanceof RangerServiceDef) { + RangerServiceDef serviceDef = (RangerServiceDef)object; + + ret = StringUtils.equals(serviceType, serviceDef.getName()); + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForServiceTypeId(final String serviceTypeId, List<Predicate> predicates) { + if(StringUtils.isEmpty(serviceTypeId)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerServiceDef) { + RangerServiceDef serviceDef = (RangerServiceDef)object; + Long svcDefId = serviceDef.getId(); + + if(svcDefId != null) { + ret = StringUtils.equals(serviceTypeId, svcDefId.toString()); + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForServiceName(final String serviceName, List<Predicate> predicates) { + if(StringUtils.isEmpty(serviceName)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + ret = StringUtils.equals(serviceName, policy.getService()); + } else if(object instanceof RangerService) { + RangerService service = (RangerService)object; + + ret = StringUtils.equals(serviceName, service.getName()); + } else { + ret = true; + } + + return ret; + } + }; + + if(ret != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForServiceId(final String serviceId, List<Predicate> predicates) { + if(StringUtils.isEmpty(serviceId)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + Long svcId = getServiceId(policy.getService()); + + if(svcId != null) { + ret = StringUtils.equals(serviceId, svcId.toString()); + } + } else if(object instanceof RangerService) { + RangerService service = (RangerService)object; + + if(service.getId() != null) { + ret = StringUtils.equals(serviceId, service.getId().toString()); + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForPolicyName(final String policyName, List<Predicate> predicates) { + if(StringUtils.isEmpty(policyName)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + ret = StringUtils.equals(policyName, policy.getName()); + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForPolicyId(final String policyId, List<Predicate> predicates) { + if(StringUtils.isEmpty(policyId)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + if(policy.getId() != null) { + ret = StringUtils.equals(policyId, policy.getId().toString()); + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForUserName(final String userName, List<Predicate> predicates) { + if(StringUtils.isEmpty(userName)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + for(RangerPolicyItem policyItem : policy.getPolicyItems()) { + if(policyItem.getUsers().contains(userName)) { + ret = true; + + break; + } + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForGroupName(final String groupName, List<Predicate> predicates) { + if(StringUtils.isEmpty(groupName)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + for(RangerPolicyItem policyItem : policy.getPolicyItems()) { + if(policyItem.getGroups().contains(groupName)) { + ret = true; + + break; + } + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForIsEnabled(final String status, List<Predicate> predicates) { + if(StringUtils.isEmpty(status)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerBaseModelObject) { + RangerBaseModelObject obj = (RangerBaseModelObject)object; + + if(Boolean.parseBoolean(status)) { + ret = obj.getIsEnabled(); + } else { + ret = !obj.getIsEnabled(); + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForResources(final Map<String, String> resources, List<Predicate> predicates) { + if(MapUtils.isEmpty(resources)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = false; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + if(! MapUtils.isEmpty(policy.getResources())) { + int numFound = 0; + for(String name : resources.keySet()) { + boolean isMatch = false; + + RangerPolicyResource policyResource = policy.getResources().get(name); + + if(policyResource != null && !CollectionUtils.isEmpty(policyResource.getValues())) { + String val = resources.get(name); + + if(policyResource.getValues().contains(val)) { + isMatch = true; + } else { + for(String policyResourceValue : policyResource.getValues()) { + if(FilenameUtils.wildcardMatch(val, policyResourceValue)) { + isMatch = true; + break; + } + } + } + } + + if(isMatch) { + numFound++; + } else { + break; + } + } + + ret = numFound == resources.size(); + } + } else { + ret = true; + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } + + private Predicate addPredicateForIsRecursive(final String isRecursiveStr, List<Predicate> predicates) { + if(StringUtils.isEmpty(isRecursiveStr)) { + return null; + } + + final boolean isRecursive = Boolean.parseBoolean(isRecursiveStr); + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if(object == null) { + return false; + } + + boolean ret = true; + + if(object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy)object; + + if(! MapUtils.isEmpty(policy.getResources())) { + for(Map.Entry<String, RangerPolicyResource> e : policy.getResources().entrySet()) { + RangerPolicyResource resValue = e.getValue(); + + if(resValue.getIsRecursive() == null) { + ret = !isRecursive; + } else { + ret = resValue.getIsRecursive().booleanValue() == isRecursive; + } + + if(ret) { + break; + } + } + } + } + + return ret; + } + }; + + if(predicates != null) { + predicates.add(ret); + } + + return ret; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/agents-common/src/main/java/org/apache/ranger/plugin/store/file/BaseFileStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/BaseFileStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/BaseFileStore.java index 001feb5..9785e77 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/BaseFileStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/BaseFileStore.java @@ -41,11 +41,12 @@ import org.apache.ranger.plugin.model.RangerBaseModelObject; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerService; import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.store.AbstractServiceStore; import com.google.gson.Gson; import com.google.gson.GsonBuilder; -public class BaseFileStore { +public abstract class BaseFileStore extends AbstractServiceStore { private static final Log LOG = LogFactory.getLog(BaseFileStore.class); private Gson gsonBuilder = null; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/agents-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java index 28e5c8c..b90de22 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/ServiceFileStore.java @@ -23,15 +23,9 @@ import java.util.ArrayList; import java.util.Collections; import java.util.Comparator; import java.util.Date; -import java.util.HashMap; import java.util.List; -import java.util.Map; import org.apache.commons.collections.CollectionUtils; -import org.apache.commons.collections.MapUtils; -import org.apache.commons.collections.Predicate; -import org.apache.commons.collections.PredicateUtils; -import org.apache.commons.io.FilenameUtils; import org.apache.commons.lang.ObjectUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; @@ -40,19 +34,14 @@ import org.apache.hadoop.fs.Path; import org.apache.ranger.authorization.hadoop.config.RangerConfiguration; import org.apache.ranger.plugin.model.RangerBaseModelObject; import org.apache.ranger.plugin.model.RangerPolicy; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; -import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; import org.apache.ranger.plugin.model.RangerService; import org.apache.ranger.plugin.model.RangerServiceDef; -import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; -import org.apache.ranger.plugin.resourcematcher.RangerAbstractResourceMatcher; import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil; -import org.apache.ranger.plugin.store.ServiceStore; import org.apache.ranger.plugin.util.SearchFilter; import org.apache.ranger.plugin.util.ServicePolicies; -public class ServiceFileStore extends BaseFileStore implements ServiceStore { +public class ServiceFileStore extends BaseFileStore { private static final Log LOG = LogFactory.getLog(ServiceFileStore.class); public static final String PROPERTY_SERVICE_FILE_STORE_DIR = "ranger.service.store.file.dir"; @@ -930,622 +919,4 @@ public class ServiceFileStore extends BaseFileStore implements ServiceStore { return ret; } - - private String getServiceType(String serviceName) { - RangerService service = null; - - try { - service = getServiceByName(serviceName); - } catch(Exception excp) { - // ignore - } - - return service != null ? service.getType() : null; - } - - private Long getServiceId(String serviceName) { - RangerService service = null; - - try { - service = getServiceByName(serviceName); - } catch(Exception excp) { - // ignore - } - - return service != null ? service.getId() : null; - } - - private final static Comparator<RangerBaseModelObject> idComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - Long val1 = (o1 != null) ? o1.getId() : null; - Long val2 = (o2 != null) ? o2.getId() : null; - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerBaseModelObject> createTimeComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - Date val1 = (o1 != null) ? o1.getCreateTime() : null; - Date val2 = (o2 != null) ? o2.getCreateTime() : null; - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerBaseModelObject> updateTimeComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - Date val1 = (o1 != null) ? o1.getUpdateTime() : null; - Date val2 = (o2 != null) ? o2.getUpdateTime() : null; - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerBaseModelObject> serviceDefNameComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - String val1 = null; - String val2 = null; - - if(o1 != null) { - if(o1 instanceof RangerServiceDef) { - val1 = ((RangerServiceDef)o1).getName(); - } else if(o1 instanceof RangerService) { - val1 = ((RangerService)o1).getType(); - } - } - - if(o2 != null) { - if(o2 instanceof RangerServiceDef) { - val2 = ((RangerServiceDef)o2).getName(); - } else if(o2 instanceof RangerService) { - val2 = ((RangerService)o2).getType(); - } - } - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerBaseModelObject> serviceNameComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - String val1 = null; - String val2 = null; - - if(o1 != null) { - if(o1 instanceof RangerPolicy) { - val1 = ((RangerPolicy)o1).getService(); - } else if(o1 instanceof RangerService) { - val1 = ((RangerService)o1).getType(); - } - } - - if(o2 != null) { - if(o2 instanceof RangerPolicy) { - val2 = ((RangerPolicy)o2).getService(); - } else if(o2 instanceof RangerService) { - val2 = ((RangerService)o2).getType(); - } - } - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerBaseModelObject> policyNameComparator = new Comparator<RangerBaseModelObject>() { - @Override - public int compare(RangerBaseModelObject o1, RangerBaseModelObject o2) { - String val1 = (o1 != null && o1 instanceof RangerPolicy) ? ((RangerPolicy)o1).getName() : null; - String val2 = (o2 != null && o2 instanceof RangerPolicy) ? ((RangerPolicy)o2).getName() : null; - - return ObjectUtils.compare(val1, val2); - } - }; - - private final static Comparator<RangerResourceDef> resourceLevelComparator = new Comparator<RangerResourceDef>() { - @Override - public int compare(RangerResourceDef o1, RangerResourceDef o2) { - Integer val1 = (o1 != null) ? o1.getLevel() : null; - Integer val2 = (o2 != null) ? o2.getLevel() : null; - - return ObjectUtils.compare(val1, val2); - } - }; - - private Predicate getPredicate(SearchFilter filter) { - if(filter == null || filter.isEmpty()) { - return null; - } - - List<Predicate> predicates = new ArrayList<Predicate>(); - - addPredicateForLoginUser(filter.getParam(SearchFilter.LOGIN_USER), predicates); - addPredicateForServiceType(filter.getParam(SearchFilter.SERVICE_TYPE), predicates); - addPredicateForServiceTypeId(filter.getParam(SearchFilter.SERVICE_TYPE_ID), predicates); - addPredicateForServiceName(filter.getParam(SearchFilter.SERVICE_NAME), predicates); - addPredicateForServiceId(filter.getParam(SearchFilter.SERVICE_ID), predicates); - addPredicateForPolicyName(filter.getParam(SearchFilter.POLICY_NAME), predicates); - addPredicateForPolicyId(filter.getParam(SearchFilter.POLICY_ID), predicates); - addPredicateForStatus(filter.getParam(SearchFilter.STATUS), predicates); - addPredicateForUserName(filter.getParam(SearchFilter.USER), predicates); - addPredicateForGroupName(filter.getParam(SearchFilter.GROUP), predicates); - addPredicateForResources(filter.getParamsWithPrefix(SearchFilter.RESOURCE_PREFIX, true), predicates); - - Predicate ret = CollectionUtils.isEmpty(predicates) ? null : PredicateUtils.allPredicate(predicates); - - return ret; - } - - private static Map<String, Comparator<RangerBaseModelObject>> sorterMap = new HashMap<String, Comparator<RangerBaseModelObject>>(); - - static { - sorterMap.put(SearchFilter.SERVICE_TYPE, serviceDefNameComparator); - sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); - sorterMap.put(SearchFilter.SERVICE_NAME, serviceNameComparator); - sorterMap.put(SearchFilter.SERVICE_TYPE_ID, idComparator); - sorterMap.put(SearchFilter.POLICY_NAME, policyNameComparator); - sorterMap.put(SearchFilter.POLICY_ID, idComparator); - sorterMap.put(SearchFilter.CREATE_TIME, createTimeComparator); - sorterMap.put(SearchFilter.UPDATE_TIME, updateTimeComparator); - } - - private Comparator<RangerBaseModelObject> getSorter(SearchFilter filter) { - String sortBy = filter == null ? null : filter.getParam(SearchFilter.SORT_BY); - - if(StringUtils.isEmpty(sortBy)) { - return null; - } - - Comparator<RangerBaseModelObject> ret = sorterMap.get(sortBy); - - return ret; - } - - private Predicate addPredicateForLoginUser(final String loginUser, List<Predicate> predicates) { - if(StringUtils.isEmpty(loginUser)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - for(RangerPolicyItem policyItem : policy.getPolicyItems()) { - if(!policyItem.getDelegateAdmin()) { - continue; - } - - if(policyItem.getUsers().contains(loginUser)) { // TODO: group membership check - ret = true; - - break; - } - } - } else { - ret = true; - } - - return ret; - } - }; - - if(ret != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForServiceType(final String serviceType, List<Predicate> predicates) { - if(StringUtils.isEmpty(serviceType)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - ret = StringUtils.equals(serviceType, getServiceType(policy.getService())); - } else if(object instanceof RangerService) { - RangerService service = (RangerService)object; - - ret = StringUtils.equals(serviceType, service.getType()); - } else if(object instanceof RangerServiceDef) { - RangerServiceDef serviceDef = (RangerServiceDef)object; - - ret = StringUtils.equals(serviceType, serviceDef.getName()); - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForServiceTypeId(final String serviceTypeId, List<Predicate> predicates) { - if(StringUtils.isEmpty(serviceTypeId)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerServiceDef) { - RangerServiceDef serviceDef = (RangerServiceDef)object; - Long svcDefId = serviceDef.getId(); - - if(svcDefId != null) { - ret = StringUtils.equals(serviceTypeId, svcDefId.toString()); - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForServiceName(final String serviceName, List<Predicate> predicates) { - if(StringUtils.isEmpty(serviceName)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - ret = StringUtils.equals(serviceName, policy.getService()); - } else if(object instanceof RangerService) { - RangerService service = (RangerService)object; - - ret = StringUtils.equals(serviceName, service.getName()); - } else { - ret = true; - } - - return ret; - } - }; - - if(ret != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForServiceId(final String serviceId, List<Predicate> predicates) { - if(StringUtils.isEmpty(serviceId)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - Long svcId = getServiceId(policy.getService()); - - if(svcId != null) { - ret = StringUtils.equals(serviceId, svcId.toString()); - } - } else if(object instanceof RangerService) { - RangerService service = (RangerService)object; - - if(service.getId() != null) { - ret = StringUtils.equals(serviceId, service.getId().toString()); - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForPolicyName(final String policyName, List<Predicate> predicates) { - if(StringUtils.isEmpty(policyName)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - ret = StringUtils.equals(policyName, policy.getName()); - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForPolicyId(final String policyId, List<Predicate> predicates) { - if(StringUtils.isEmpty(policyId)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - if(policy.getId() != null) { - ret = StringUtils.equals(policyId, policy.getId().toString()); - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForUserName(final String userName, List<Predicate> predicates) { - if(StringUtils.isEmpty(userName)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - for(RangerPolicyItem policyItem : policy.getPolicyItems()) { - if(policyItem.getUsers().contains(userName)) { // TODO: group membership check - ret = true; - - break; - } - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForGroupName(final String groupName, List<Predicate> predicates) { - if(StringUtils.isEmpty(groupName)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - for(RangerPolicyItem policyItem : policy.getPolicyItems()) { - if(policyItem.getGroups().contains(groupName)) { - ret = true; - - break; - } - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForStatus(final String status, List<Predicate> predicates) { - if(StringUtils.isEmpty(status)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerBaseModelObject) { - RangerBaseModelObject obj = (RangerBaseModelObject)object; - - if(StringUtils.equals(status, "enabled")) { - ret = obj.getIsEnabled(); - } else if(StringUtils.equals(status, "disabled")) { - ret = !obj.getIsEnabled(); - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForResources(final Map<String, String> resources, List<Predicate> predicates) { - if(MapUtils.isEmpty(resources)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - if(object == null) { - return false; - } - - boolean ret = false; - - if(object instanceof RangerPolicy) { - RangerPolicy policy = (RangerPolicy)object; - - if(! MapUtils.isEmpty(policy.getResources())) { - int numFound = 0; - for(String name : resources.keySet()) { - boolean isMatch = false; - - RangerPolicyResource policyResource = policy.getResources().get(name); - - if(policyResource != null && !CollectionUtils.isEmpty(policyResource.getValues())) { - String val = resources.get(name); - - if(policyResource.getValues().contains(val)) { - isMatch = true; - } else { - for(String policyResourceValue : policyResource.getValues()) { - if(FilenameUtils.wildcardMatch(val, policyResourceValue)) { - isMatch = true; - break; - } - } - } - } - - if(isMatch) { - numFound++; - } else { - break; - } - } - - ret = numFound == resources.size(); - } - } else { - ret = true; - } - - return ret; - } - }; - - if(predicates != null) { - predicates.add(ret); - } - - return ret; - } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java index 6947a8e..b6acc43 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/PolicyRefresher.java @@ -25,7 +25,6 @@ import java.io.FileWriter; import java.io.Reader; import java.io.Writer; -import org.apache.commons.io.FilenameUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java index 86e5f7d..dac8a8e 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java @@ -28,14 +28,14 @@ import org.apache.commons.lang.StringUtils; public class SearchFilter { - public static final String LOGIN_USER = "loginUser"; // search public static final String SERVICE_TYPE = "serviceType"; // search, sort public static final String SERVICE_TYPE_ID = "serviceTypeId"; // search, sort public static final String SERVICE_NAME = "serviceName"; // search, sort public static final String SERVICE_ID = "serviceId"; // search, sort public static final String POLICY_NAME = "policyName"; // search, sort public static final String POLICY_ID = "policyId"; // search, sort - public static final String STATUS = "status"; // search + public static final String IS_ENABLED = "isEnabled"; // search + public static final String IS_RECURSIVE = "isRecursive"; // search public static final String USER = "user"; // search public static final String GROUP = "group"; // search public static final String RESOURCE_PREFIX = "resource:"; // search @@ -47,12 +47,12 @@ public class SearchFilter { public static final String PAGE_SIZE = "pageSize"; public static final String SORT_BY = "sortBy"; - private Map<String, String> params = null; - int startIndex = 0; - int maxRows = Integer.MAX_VALUE; - boolean getCount = true; - String sortBy = null; - String sortType = null; + private Map<String, String> params = null; + private int startIndex = 0; + private int maxRows = Integer.MAX_VALUE; + private boolean getCount = true; + private String sortBy = null; + private String sortType = null; public SearchFilter() { this(null); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 119ee64..6333b09 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -96,7 +96,7 @@ import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef; import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil; -import org.apache.ranger.plugin.store.ServiceStore; +import org.apache.ranger.plugin.store.AbstractServiceStore; import org.apache.ranger.plugin.util.ServicePolicies; import org.apache.ranger.service.RangerAuditFields; import org.apache.ranger.service.RangerDataHistService; @@ -120,7 +120,7 @@ import org.apache.ranger.plugin.util.SearchFilter; @Component -public class ServiceDBStore implements ServiceStore { +public class ServiceDBStore extends AbstractServiceStore { private static final Log LOG = LogFactory.getLog(ServiceDBStore.class); @Autowired @@ -391,6 +391,9 @@ public class ServiceDBStore implements ServiceStore { } RangerServiceDefList svcDefList = serviceDefService.searchRangerServiceDefs(filter); + + applyFilter(svcDefList.getServiceDefs(), filter); + List<RangerServiceDef> ret = svcDefList.getServiceDefs(); if (LOG.isDebugEnabled()) { @@ -407,6 +410,8 @@ public class ServiceDBStore implements ServiceStore { RangerServiceDefList svcDefList = serviceDefService.searchRangerServiceDefs(filter); + applyFilter(svcDefList.getServiceDefs(), filter); + if (LOG.isDebugEnabled()) { LOG.debug("==> ServiceDBStore.getPaginatedServiceDefs(" + filter + ")"); } @@ -654,9 +659,17 @@ public class ServiceDBStore implements ServiceStore { if(LOG.isDebugEnabled()) { LOG.debug("==> ServiceDBStore.getServices()"); } + RangerServiceList serviceList = svcService.searchRangerServices(filter); + + applyFilter(serviceList.getServices(), filter); + List<RangerService> ret = serviceList.getServices(); + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceDBStore.getServices()"); + } + return ret; } @@ -664,11 +677,15 @@ public class ServiceDBStore implements ServiceStore { if (LOG.isDebugEnabled()) { LOG.debug("==> ServiceDBStore.getPaginatedServices()"); } + RangerServiceList serviceList = svcService.searchRangerServices(filter); + applyFilter(serviceList.getServices(), filter); + if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceDBStore.getPaginatedServices()"); } + return serviceList; } @@ -846,6 +863,9 @@ public class ServiceDBStore implements ServiceStore { } RangerPolicyList policyList = policyService.searchRangerPolicies(filter); + + applyFilter(policyList.getPolicies(), filter); + List<RangerPolicy> ret = policyList.getPolicies(); if(LOG.isDebugEnabled()) { @@ -862,6 +882,8 @@ public class ServiceDBStore implements ServiceStore { RangerPolicyList policyList = policyService.searchRangerPolicies(filter); + applyFilter(policyList.getPolicies(), filter); + if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceDBStore.getPaginatedPolicies()"); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java index 205f4f5..1a45d43 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java @@ -51,7 +51,6 @@ public class RangerSearchUtil extends SearchUtil { ret.setParams(new HashMap<String, String>()); } - ret.setParam(SearchFilter.LOGIN_USER, request.getParameter(SearchFilter.LOGIN_USER)); ret.setParam(SearchFilter.SERVICE_TYPE, request.getParameter(SearchFilter.SERVICE_TYPE)); ret.setParam(SearchFilter.SERVICE_TYPE_ID, request.getParameter(SearchFilter.SERVICE_TYPE_ID)); ret.setParam(SearchFilter.SERVICE_NAME, request.getParameter(SearchFilter.SERVICE_NAME)); @@ -59,7 +58,8 @@ public class RangerSearchUtil extends SearchUtil { ret.setParam(SearchFilter.POLICY_NAME, request.getParameter(SearchFilter.POLICY_NAME)); ret.setParam(SearchFilter.POLICY_NAME_PARTIAL, request.getParameter(SearchFilter.POLICY_NAME_PARTIAL)); ret.setParam(SearchFilter.POLICY_ID, request.getParameter(SearchFilter.POLICY_ID)); - ret.setParam(SearchFilter.STATUS, request.getParameter(SearchFilter.STATUS)); + ret.setParam(SearchFilter.IS_ENABLED, request.getParameter(SearchFilter.IS_ENABLED)); + ret.setParam(SearchFilter.IS_RECURSIVE, request.getParameter(SearchFilter.IS_RECURSIVE)); ret.setParam(SearchFilter.USER, request.getParameter(SearchFilter.USER)); ret.setParam(SearchFilter.GROUP, request.getParameter(SearchFilter.GROUP)); ret.setParam(SearchFilter.POL_RESOURCE, request.getParameter(SearchFilter.POL_RESOURCE)); @@ -79,6 +79,39 @@ public class RangerSearchUtil extends SearchUtil { return ret; } + public SearchFilter getSearchFilterFromLegacyRequest(HttpServletRequest request, List<SortField> sortFields) { + if (request == null) { + return null; + } + + SearchFilter ret = new SearchFilter(); + + if (MapUtils.isEmpty(request.getParameterMap())) { + ret.setParams(new HashMap<String, String>()); + } + + ret.setParam(SearchFilter.SERVICE_TYPE, request.getParameter("repositoryType")); + ret.setParam(SearchFilter.SERVICE_NAME, request.getParameter("repositoryName")); + ret.setParam(SearchFilter.SERVICE_ID, request.getParameter("repositoryId")); + ret.setParam(SearchFilter.POLICY_NAME, request.getParameter("policyName")); + ret.setParam(SearchFilter.USER, request.getParameter("userName")); + ret.setParam(SearchFilter.GROUP, request.getParameter("groupName")); + ret.setParam(SearchFilter.IS_ENABLED, request.getParameter("isEnabled")); + ret.setParam(SearchFilter.IS_RECURSIVE, request.getParameter("isRecursive")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "path", request.getParameter("resourceName")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "database", request.getParameter("databases")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "table", request.getParameter("tables")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "udf", request.getParameter("udfs")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "column", request.getParameter("columns")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "column-family", request.getParameter("columnFamilies")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "topology", request.getParameter("topologies")); + ret.setParam(SearchFilter.RESOURCE_PREFIX + "service", request.getParameter("services")); + + extractCommonCriteriasForFilter(request, ret, sortFields); + + return ret; + } + public SearchFilter extractCommonCriteriasForFilter(HttpServletRequest request, SearchFilter ret, List<SortField> sortFields) { int startIndex = restErrorUtil.parseInt(request.getParameter(SearchFilter.START_INDEX), 0, "Invalid value for parameter startIndex", MessageEnums.INVALID_INPUT_DATA, null, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java index ae11a1b..ece20b1 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java @@ -46,6 +46,8 @@ import org.apache.ranger.common.annotation.RangerAnnotationJSMgrName; import org.apache.ranger.db.RangerDaoManager; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerService; +import org.apache.ranger.plugin.util.SearchFilter; +import org.apache.ranger.service.RangerPolicyService; import org.apache.ranger.service.XAssetService; import org.apache.ranger.service.XPolicyService; import org.apache.ranger.service.XRepositoryService; @@ -95,6 +97,9 @@ public class PublicAPIs { XPolicyService xPolicyService; @Autowired + RangerPolicyService policyService; + + @Autowired StringUtil stringUtil; @Autowired @@ -407,8 +412,10 @@ public class PublicAPIs { if(logger.isDebugEnabled()) { logger.debug("==> PublicAPIs.searchPolicies(): "); } - - List<RangerPolicy> rangerPolicyList = serviceREST.getPolicies(request); + + SearchFilter filter = searchUtil.getSearchFilterFromLegacyRequest(request, policyService.sortFields); + + List<RangerPolicy> rangerPolicyList = serviceREST.getPolicies(filter); VXPolicyList vXPolicyList = null; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index d7182a3..c85422c 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -936,13 +936,26 @@ public class ServiceREST { @Produces({ "application/json", "application/xml" }) public List<RangerPolicy> getPolicies(@Context HttpServletRequest request) { if(LOG.isDebugEnabled()) { - LOG.debug("==> ServiceREST.getPolicies()"); + LOG.debug("==> ServiceREST.getPolicies(request)"); } - List<RangerPolicy> ret = null; - SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields); - + + List<RangerPolicy> ret = getPolicies(filter); + + if(LOG.isDebugEnabled()) { + LOG.debug("<== ServiceREST.getPolicies(request): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; + } + + public List<RangerPolicy> getPolicies(SearchFilter filter) { + if(LOG.isDebugEnabled()) { + LOG.debug("==> ServiceREST.getPolicies(filter)"); + } + + List<RangerPolicy> ret = null; try { ret = svcStore.getPolicies(filter); @@ -953,7 +966,7 @@ public class ServiceREST { } if(LOG.isDebugEnabled()) { - LOG.debug("<== ServiceREST.getPolicies(): count=" + (ret == null ? 0 : ret.size())); + LOG.debug("<== ServiceREST.getPolicies(filter): count=" + (ret == null ? 0 : ret.size())); } return ret; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java index f49da1b..3193407 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java @@ -79,7 +79,7 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range "XXService xSvc", "xSvc.id = obj.service")); searchFields.add(new SearchField(SearchFilter.SERVICE_ID, "xSvc.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL, "XXService xSvc", "xSvc.id = obj.service")); - searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); + searchFields.add(new SearchField(SearchFilter.IS_ENABLED, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.POLICY_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.POLICY_NAME, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.USER, "xUser.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL, http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java index acf0bf1..a6a0cbb 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java @@ -34,7 +34,7 @@ public class RangerServiceDefService extends RangerServiceDefServiceBase<XXServi searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); + searchFields.add(new SearchField(SearchFilter.IS_ENABLED, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime")); sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime")); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/10f5fd60/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java index 171b89b..9d1ebd6 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceService.java @@ -58,7 +58,7 @@ public class RangerServiceService extends RangerServiceServiceBase<XXService, Ra searchFields.add(new SearchField(SearchFilter.SERVICE_TYPE_ID, "obj.type", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.SERVICE_NAME, "obj.name", DATA_TYPE.STRING, SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.SERVICE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField(SearchFilter.STATUS, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); + searchFields.add(new SearchField(SearchFilter.IS_ENABLED, "obj.isEnabled", DATA_TYPE.BOOLEAN, SEARCH_TYPE.FULL)); sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime")); sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime"));
