Repository: incubator-ranger Updated Branches: refs/heads/master 405b3e6a8 -> d673e5940
RANGER-383 : Add new column to track resource signature in policy table Signed-off-by: Madhan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/d673e594 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/d673e594 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/d673e594 Branch: refs/heads/master Commit: d673e5940680a69e600b87f017d3d76ac39cd4e0 Parents: 405b3e6 Author: Gautam Borad <[email protected]> Authored: Thu Apr 9 14:23:22 2015 +0530 Committer: Madhan Neethiraj <[email protected]> Committed: Thu Apr 9 07:50:47 2015 -0700 ---------------------------------------------------------------------- .../ranger/plugin/model/RangerPolicy.java | 37 +++++++++++++++----- .../ranger/plugin/store/TestServiceStore.java | 2 +- .../db/mysql/patches/009-updated_schema.sql | 2 +- .../db/oracle/patches/009-updated_schema.sql | 2 +- .../db/postgres/xa_core_db_postgres.sql | 2 +- .../db/sqlserver/xa_core_db_sqlserver.sql | 7 ++-- .../java/org/apache/ranger/db/XXPolicyDao.java | 12 +++++++ .../org/apache/ranger/entity/XXPolicyBase.java | 36 +++++++++++++++++-- .../ranger/service/RangerPolicyServiceBase.java | 2 ++ .../resources/META-INF/jpa_named_queries.xml | 4 +++ 10 files changed, 85 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java index 9130863..4001e7e 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java @@ -43,20 +43,21 @@ import org.codehaus.jackson.map.annotate.JsonSerialize; public class RangerPolicy extends RangerBaseModelObject implements java.io.Serializable { private static final long serialVersionUID = 1L; - private String service = null; - private String name = null; - private Integer policyType = null; - private String description = null; - private Boolean isAuditEnabled = null; - private Map<String, RangerPolicyResource> resources = null; - private List<RangerPolicyItem> policyItems = null; + private String service = null; + private String name = null; + private Integer policyType = null; + private String description = null; + private String resourceSignature = null; + private Boolean isAuditEnabled = null; + private Map<String, RangerPolicyResource> resources = null; + private List<RangerPolicyItem> policyItems = null; /** * @param type */ public RangerPolicy() { - this(null, null, null, null, null, null); + this(null, null, null, null, null, null, null); } /** @@ -66,14 +67,16 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria * @param description * @param resources * @param policyItems + * @param resourceSignature TODO */ - public RangerPolicy(String service, String name, Integer policyType, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems) { + public RangerPolicy(String service, String name, Integer policyType, String description, Map<String, RangerPolicyResource> resources, List<RangerPolicyItem> policyItems, String resourceSignature) { super(); setService(service); setName(name); setPolicyType(policyType); setDescription(description); + setResourceSignature(resourceSignature); setIsAuditEnabled(null); setResources(resources); setPolicyItems(policyItems); @@ -89,6 +92,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria setName(other.getName()); setPolicyType(other.getPolicyType()); setDescription(other.getDescription()); + setResourceSignature(other.getResourceSignature()); setIsAuditEnabled(other.getIsAuditEnabled()); setResources(other.getResources()); setPolicyItems(other.getPolicyItems()); @@ -149,6 +153,20 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria public void setDescription(String description) { this.description = description; } + + /** + * @return the resourceSignature + */ + public String getResourceSignature() { + return resourceSignature; + } + + /** + * @param resourceSignature the resourceSignature to set + */ + public void setResourceSignature(String resourceSignature) { + this.resourceSignature = resourceSignature; + } /** * @return the isAuditEnabled @@ -238,6 +256,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria sb.append("name={").append(name).append("} "); sb.append("policyType={").append(policyType).append("} "); sb.append("description={").append(description).append("} "); + sb.append("resourceSignature={").append(resourceSignature).append("} "); sb.append("isAuditEnabled={").append(isAuditEnabled).append("} "); sb.append("resources={"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java index 7ceb00e..852040e 100644 --- a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java +++ b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java @@ -153,7 +153,7 @@ public class TestServiceStore { int initPolicyCount = policies == null ? 0 : policies.size(); - RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, 0, "test policy description", null, null); + RangerPolicy policy = new RangerPolicy(updatedSvc.getName(), policyName, 0, "test policy description", null, null, null); policy.getResources().put("path", new RangerPolicyResource("/demo/test/finance", Boolean.FALSE, Boolean.TRUE)); RangerPolicyItem item1 = new RangerPolicyItem(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/mysql/patches/009-updated_schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/mysql/patches/009-updated_schema.sql b/security-admin/db/mysql/patches/009-updated_schema.sql index a0d27e2..40e71ca 100644 --- a/security-admin/db/mysql/patches/009-updated_schema.sql +++ b/security-admin/db/mysql/patches/009-updated_schema.sql @@ -82,10 +82,10 @@ CREATE TABLE `x_policy` ( `name` varchar(512) DEFAULT NULL, `policy_type` int(11) DEFAULT 0, `description` varchar(1024) DEFAULT NULL, +`resource_signature` varchar(128) DEFAULT NULL, `is_enabled` tinyint(1) NOT NULL DEFAULT '0', `is_audit_enabled` tinyint(1) NOT NULL DEFAULT '0', primary key (`id`), -UNIQUE KEY `x_policy_name` (`name`), KEY `x_policy_added_by_id` (`added_by_id`), KEY `x_policy_upd_by_id` (`upd_by_id`), KEY `x_policy_cr_time` (`create_time`), http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/oracle/patches/009-updated_schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/oracle/patches/009-updated_schema.sql b/security-admin/db/oracle/patches/009-updated_schema.sql index c7c8493..cdbdeb8 100644 --- a/security-admin/db/oracle/patches/009-updated_schema.sql +++ b/security-admin/db/oracle/patches/009-updated_schema.sql @@ -87,10 +87,10 @@ service NUMBER(20) DEFAULT NULL NULL, name VARCHAR(512) DEFAULT NULL NULL, policy_type NUMBER(11) DEFAULT '0' NULL, description VARCHAR(1024) DEFAULT NULL NULL, +resource_signature VARCHAR(128) DEFAULT NULL NULL, is_enabled NUMBER(1) DEFAULT '0' NOT NULL, is_audit_enabled NUMBER(1) DEFAULT '0' NOT NULL, primary key (id), -CONSTRAINT x_policy_name UNIQUE (name), CONSTRAINT x_policy_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), CONSTRAINT x_policy_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), CONSTRAINT x_policy_FK_service FOREIGN KEY (service) REFERENCES x_service (id) http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/postgres/xa_core_db_postgres.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/postgres/xa_core_db_postgres.sql b/security-admin/db/postgres/xa_core_db_postgres.sql index 0e1f731..fa65052 100644 --- a/security-admin/db/postgres/xa_core_db_postgres.sql +++ b/security-admin/db/postgres/xa_core_db_postgres.sql @@ -518,10 +518,10 @@ service BIGINT DEFAULT NULL NULL, name VARCHAR(512) DEFAULT NULL NULL, policy_type int(11) DEFAULT 0 NULL, description VARCHAR(1024) DEFAULT NULL NULL, +resource_signature VARCHAR(128) DEFAULT NULL NULL, is_enabled BOOLEAN DEFAULT '0' NOT NULL, is_audit_enabled BOOLEAN DEFAULT '0' NOT NULL, primary key(id), -CONSTRAINT x_policy_name UNIQUE(name), CONSTRAINT x_policy_FK_added_by_id FOREIGN KEY(added_by_id) REFERENCES x_portal_user(id), CONSTRAINT x_policy_FK_upd_by_id FOREIGN KEY(upd_by_id) REFERENCES x_portal_user(id), CONSTRAINT x_policy_FK_service FOREIGN KEY(service) REFERENCES x_service(id) http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/db/sqlserver/xa_core_db_sqlserver.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql index 9bfe39f..665e022 100644 --- a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql +++ b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql @@ -1811,16 +1811,13 @@ CREATE TABLE [dbo].[x_policy] ( [name] [varchar](512) DEFAULT NULL NULL, [policy_type] [int] DEFAULT 0 NULL, [description] [varchar](1024) DEFAULT NULL NULL, + [resource_signature] [varchar](128) DEFAULT NULL NULL, [is_enabled] [tinyint] DEFAULT 0 NOT NULL, [is_audit_enabled] [tinyint] DEFAULT 0 NOT NULL, PRIMARY KEY CLUSTERED ( [id] ASC -)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY], -CONSTRAINT [x_policy$x_policy_name] UNIQUE NONCLUSTERED -( - [name] ASC -)WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] ) ON [PRIMARY] GO SET ANSI_NULLS ON http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java index cb57b04..e2f5a41 100644 --- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java +++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java @@ -71,5 +71,17 @@ public class XXPolicyDao extends BaseDao<XXPolicy> { return null; } } + + public List<XXPolicy> findByResourceSignature(String resSignature) { + if (resSignature == null) { + return new ArrayList<XXPolicy>(); + } + try { + return getEntityManager().createNamedQuery("XXPolicy.findByResourceSignature", tClass) + .setParameter("resSignature", resSignature).getResultList(); + } catch (NoResultException e) { + return new ArrayList<XXPolicy>(); + } + } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java index 70f2321..7e59530 100644 --- a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java +++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java @@ -80,6 +80,15 @@ public abstract class XXPolicyBase extends XXDBBase { */ @Column(name = "description") protected String description; + + /** + * resource_signature of the XXPolicy + * <ul> + * </ul> + * + */ + @Column(name = "resource_signature") + protected String resourceSignature; /** * isEnabled of the XXPolicy @@ -193,6 +202,20 @@ public abstract class XXPolicyBase extends XXDBBase { public String getDescription() { return this.description; } + + /** + * @return the resourceSignature + */ + public String getResourceSignature() { + return resourceSignature; + } + + /** + * @param resourceSignature the resourceSignature to set + */ + public void setResourceSignature(String resourceSignature) { + this.resourceSignature = resourceSignature; + } /** * This method sets the value to the member attribute <b> isEnabled</b> . @@ -276,6 +299,13 @@ public abstract class XXPolicyBase extends XXDBBase { } else if (!description.equals(other.description)) { return false; } + if (resourceSignature == null) { + if (other.resourceSignature != null) { + return false; + } + } else if (!resourceSignature.equals(other.resourceSignature)) { + return false; + } if (isAuditEnabled != other.isAuditEnabled) { return false; } @@ -320,9 +350,9 @@ public abstract class XXPolicyBase extends XXDBBase { */ @Override public String toString() { - return "XXPolicyBase [" + super.toString() + " guid=" + guid + ", version=" + version + ", service=" + service - + ", name=" + name + ", policyType=" + policyType + ", description=" + description + ", isEnabled=" - + isEnabled + ", isAuditEnabled=" + isAuditEnabled + "]"; + return "XXPolicyBase [guid=" + guid + ", version=" + version + ", service=" + service + ", name=" + name + + ", policyType=" + policyType + ", description=" + description + ", resourceSignature=" + + resourceSignature + ", isEnabled=" + isEnabled + ", isAuditEnabled=" + isAuditEnabled + "]"; } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java index 8814c27..34bc77a 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java @@ -102,6 +102,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends xObj.setName(vObj.getName()); xObj.setPolicyType(vObj.getPolicyType()); xObj.setDescription(vObj.getDescription()); + xObj.setResourceSignature(vObj.getResourceSignature()); xObj.setIsAuditEnabled(vObj.getIsAuditEnabled()); xObj.setIsEnabled(vObj.getIsEnabled()); @@ -118,6 +119,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends vObj.setName(xObj.getName()); vObj.setPolicyType(xObj.getPolicyType()); vObj.setDescription(xObj.getDescription()); + vObj.setResourceSignature(xObj.getResourceSignature()); vObj.setIsEnabled(xObj.getIsEnabled()); vObj.setIsAuditEnabled(xObj.getIsAuditEnabled()); return vObj; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d673e594/security-admin/src/main/resources/META-INF/jpa_named_queries.xml ---------------------------------------------------------------------- diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml index 6a3d795..e5d74f0 100644 --- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml +++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml @@ -211,6 +211,10 @@ <named-query name="XXPolicy.getMaxIdOfXXPolicy"> <query>select MAX(obj.id) from XXPolicy obj</query> </named-query> + + <named-query name="XXPolicy.findByResourceSignature"> + <query>select obj from XXPolicy obj where obj.resourceSignature = :resSignature</query> + </named-query> <!-- XXServiceDef --> <named-query name="XXServiceDef.findByName">
