Repository: incubator-ranger Updated Branches: refs/heads/tag-policy fa19908a9 -> 79a4f9dbd
RANGER-274: tag-based-policies: added tagService attribute to RangerService Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/49d1fdbd Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/49d1fdbd Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/49d1fdbd Branch: refs/heads/tag-policy Commit: 49d1fdbd166bec6c90878d007c90ded3631acccb Parents: 049c13b Author: Madhan Neethiraj <[email protected]> Authored: Mon May 18 06:23:59 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Mon May 18 06:27:43 2015 -0700 ---------------------------------------------------------------------- .../ranger/plugin/model/RangerService.java | 23 ++++++++++-- .../ranger/plugin/store/TestServiceStore.java | 2 +- .../services/hbase/TestRangerServiceHBase.java | 2 +- .../services/hdfs/TestRangerServiceHdfs.java | 2 +- .../hive/client/TestRangerServiceHive.java | 2 +- .../knox/client/TestRangerServiceKnox.java | 2 +- .../db/mysql/patches/009-updated_schema.sql | 4 ++- .../db/oracle/patches/009-updated_schema.sql | 4 ++- .../db/postgres/xa_core_db_postgres.sql | 4 ++- .../db/sqlserver/xa_core_db_sqlserver.sql | 11 ++++++ .../org/apache/ranger/entity/XXServiceBase.java | 37 +++++++++++++++++++- .../service/RangerServiceServiceBase.java | 18 ++++++++++ 12 files changed, 100 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java index f5e4d3e..521453c 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java @@ -44,6 +44,7 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri private String type = null; private String name = null; private String description = null; + private String tagService = null; private Map<String, String> configs = null; private Long policyVersion = null; private Date policyUpdateTime = null; @@ -53,7 +54,7 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri * @param type */ public RangerService() { - this(null, null, null, null); + this(null, null, null, null, null); } /** @@ -61,13 +62,15 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri * @param name * @param description * @param configs + * @param tagServiceName */ - public RangerService(String type, String name, String description, Map<String, String> configs) { + public RangerService(String type, String name, String description, String tagService, Map<String, String> configs) { super(); setType(type); setName(name); setDescription(description); + setTagService(tagService); setConfigs(configs); } @@ -81,6 +84,7 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri setName(other.getName()); setDescription(other.getDescription()); setConfigs(other.getConfigs()); + setTagService(other.tagService); } /** @@ -126,6 +130,20 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri } /** + * @return the tagService + */ + public String getTagService() { + return tagService; + } + + /** + * @param tagServiceName the tagServiceName to set + */ + public void setTagService(String tagService) { + this.tagService = tagService; + } + + /** * @return the configs */ public Map<String, String> getConfigs() { @@ -197,6 +215,7 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri sb.append("name={").append(name).append("} "); sb.append("type={").append(type).append("} "); sb.append("description={").append(description).append("} "); + sb.append("tagService={").append(tagService).append("} "); sb.append("configs={"); if(configs != null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java index 852040e..59bbb25 100644 --- a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java +++ b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestServiceStore.java @@ -123,7 +123,7 @@ public class TestServiceStore { int initServiceCount = services == null ? 0 : services.size(); - RangerService svc = new RangerService(sdName, serviceName, "test service description", null); + RangerService svc = new RangerService(sdName, serviceName, "test service description", null, null); RangerService createdSvc = svcStore.createService(svc); assertNotNull("createService() failed", createdSvc); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/hbase-agent/src/test/java/org/apache/ranger/services/hbase/TestRangerServiceHBase.java ---------------------------------------------------------------------- diff --git a/hbase-agent/src/test/java/org/apache/ranger/services/hbase/TestRangerServiceHBase.java b/hbase-agent/src/test/java/org/apache/ranger/services/hbase/TestRangerServiceHBase.java index d506598..6340204 100644 --- a/hbase-agent/src/test/java/org/apache/ranger/services/hbase/TestRangerServiceHBase.java +++ b/hbase-agent/src/test/java/org/apache/ranger/services/hbase/TestRangerServiceHBase.java @@ -58,7 +58,7 @@ public class TestRangerServiceHBase { buildLookupContext(); sd = new RangerServiceDef(sdName, "org.apache.ranger.services.hbase.RangerServiceHBase", "TestService", "test servicedef description", null, null, null, null, null, null); - svc = new RangerService(sdName, serviceName, "unit test hbase resource lookup and validateConfig", configs); + svc = new RangerService(sdName, serviceName, "unit test hbase resource lookup and validateConfig", null, configs); svcHBase = new RangerServiceHBase(); svcHBase.init(sd, svc); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java b/hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java index 91f5a43..0af6a3f 100644 --- a/hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java +++ b/hdfs-agent/src/test/java/org/apache/ranger/services/hdfs/TestRangerServiceHdfs.java @@ -56,7 +56,7 @@ public class TestRangerServiceHdfs { buildLookupContext(); sd = new RangerServiceDef(sdName, "org.apache.ranger.service.hdfs.RangerServiceHdfs", "TestService", "test servicedef description", null, null, null, null, null, null); - svc = new RangerService(sdName, serviceName, "unit test hdfs resource lookup and validateConfig",configs); + svc = new RangerService(sdName, serviceName, "unit test hdfs resource lookup and validateConfig", null, configs); svcHdfs = new RangerServiceHdfs(); svcHdfs.init(sd, svc); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestRangerServiceHive.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestRangerServiceHive.java b/hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestRangerServiceHive.java index 79ed05d..d65d3b7 100644 --- a/hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestRangerServiceHive.java +++ b/hive-agent/src/test/java/org/apache/ranger/services/hive/client/TestRangerServiceHive.java @@ -57,7 +57,7 @@ public class TestRangerServiceHive { buildLookupContext(); sd = new RangerServiceDef(sdName, "org.apache.ranger.services.hive.RangerServiceHive", "TestHiveService", "test servicedef description", null, null, null, null, null, null); - svc = new RangerService(sdName, serviceName, "unit test hive resource lookup and validateConfig", configs); + svc = new RangerService(sdName, serviceName, "unit test hive resource lookup and validateConfig", null, configs); svcHive = new RangerServiceHive(); svcHive.init(sd, svc); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestRangerServiceKnox.java ---------------------------------------------------------------------- diff --git a/knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestRangerServiceKnox.java b/knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestRangerServiceKnox.java index 6bba0c7..e931aea 100644 --- a/knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestRangerServiceKnox.java +++ b/knox-agent/src/test/java/org/apache/ranger/services/knox/client/TestRangerServiceKnox.java @@ -59,7 +59,7 @@ public class TestRangerServiceKnox { buildLookupContext(); sd = new RangerServiceDef(sdName, " org.apache.ranger.services.knox.RangerServiceKnox", "TestKnoxService", "test Knox servicedef description", null, null, null, null, null, null); - svc = new RangerService(sdName, serviceName, "unit test Knox resource lookup and validateConfig", configs); + svc = new RangerService(sdName, serviceName, "unit test Knox resource lookup and validateConfig", null, configs); svcKnox = new RangerServiceKnox(); svcKnox.init(sd, svc); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/db/mysql/patches/009-updated_schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/mysql/patches/009-updated_schema.sql b/security-admin/db/mysql/patches/009-updated_schema.sql index 4f58acc..8709e96 100644 --- a/security-admin/db/mysql/patches/009-updated_schema.sql +++ b/security-admin/db/mysql/patches/009-updated_schema.sql @@ -57,6 +57,7 @@ CREATE TABLE `x_service` ( `policy_update_time`datetime DEFAULT NULL, `description` varchar(1024) DEFAULT NULL, `is_enabled` tinyint(1) NOT NULL DEFAULT '0', +`tag_service` bigint(20) DEFAULT NULL, primary key (`id`), UNIQUE KEY `X_service_name` (`name`), KEY `x_service_added_by_id` (`added_by_id`), @@ -66,7 +67,8 @@ KEY `x_service_up_time` (`update_time`), KEY `x_service_type` (`type`), CONSTRAINT `x_service_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), CONSTRAINT `x_service_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`), -CONSTRAINT `x_service_FK_type` FOREIGN KEY (`type`) REFERENCES `x_service_def` (`id`) +CONSTRAINT `x_service_FK_type` FOREIGN KEY (`type`) REFERENCES `x_service_def` (`id`), +CONSTRAINT `x_service_FK_tag_service` FOREIGN KEY (`tag_service`) REFERENCES `x_service` (`id`) ); DROP TABLE IF EXISTS `x_policy`; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/db/oracle/patches/009-updated_schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/oracle/patches/009-updated_schema.sql b/security-admin/db/oracle/patches/009-updated_schema.sql index 77a7d72..06e553c 100644 --- a/security-admin/db/oracle/patches/009-updated_schema.sql +++ b/security-admin/db/oracle/patches/009-updated_schema.sql @@ -68,11 +68,13 @@ policy_version NUMBER(20) DEFAULT NULL NULL, policy_update_time DATE DEFAULT NULL NULL, description VARCHAR(1024) DEFAULT NULL NULL, is_enabled NUMBER(1) DEFAULT '0' NOT NULL, +tag_service NUMBER(20) DEFAULT NULL NULL, primary key (id), CONSTRAINT x_service_name UNIQUE (name), CONSTRAINT x_service_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), CONSTRAINT x_service_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), -CONSTRAINT x_service_FK_type FOREIGN KEY (type) REFERENCES x_service_def (id) +CONSTRAINT x_service_FK_type FOREIGN KEY (type) REFERENCES x_service_def (id), +CONSTRAINT x_service_FK_tag_service FOREIGN KEY (tag_service) REFERENCES x_service (id) ); commit; CREATE TABLE x_policy ( http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/db/postgres/xa_core_db_postgres.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/postgres/xa_core_db_postgres.sql b/security-admin/db/postgres/xa_core_db_postgres.sql index ac54aa8..b022543 100644 --- a/security-admin/db/postgres/xa_core_db_postgres.sql +++ b/security-admin/db/postgres/xa_core_db_postgres.sql @@ -497,11 +497,13 @@ policy_version BIGINT DEFAULT NULL NULL, policy_update_time TIMESTAMP DEFAULT NULL NULL, description VARCHAR(1024) DEFAULT NULL NULL, is_enabled BOOLEAN DEFAULT '0' NOT NULL, +tag_service BIGINT DEFAULT NULL NULL, primary key(id), CONSTRAINT x_service_name UNIQUE(name), CONSTRAINT x_service_FK_added_by_id FOREIGN KEY(added_by_id) REFERENCES x_portal_user(id), CONSTRAINT x_service_FK_upd_by_id FOREIGN KEY(upd_by_id) REFERENCES x_portal_user(id), -CONSTRAINT x_service_FK_type FOREIGN KEY(type) REFERENCES x_service_def(id) +CONSTRAINT x_service_FK_type FOREIGN KEY(type) REFERENCES x_service_def(id), +CONSTRAINT x_service_FK_tag_service FOREIGN KEY(tag_service) REFERENCES x_service(id) ); DROP TABLE IF EXISTS x_policy CASCADE; DROP SEQUENCE IF EXISTS x_policy_seq; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/db/sqlserver/xa_core_db_sqlserver.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql index af0241c..ed573f1 100644 --- a/security-admin/db/sqlserver/xa_core_db_sqlserver.sql +++ b/security-admin/db/sqlserver/xa_core_db_sqlserver.sql @@ -1526,6 +1526,11 @@ BEGIN ALTER TABLE [dbo].[x_service] DROP CONSTRAINT x_service_FK_type END GO +IF (OBJECT_ID('x_service_FK_tag_service') IS NOT NULL) +BEGIN + ALTER TABLE [dbo].[x_service] DROP CONSTRAINT x_service_FK_tag_service +END +GO IF (OBJECT_ID('x_policy_FK_added_by_id') IS NOT NULL) BEGIN ALTER TABLE [dbo].[x_policy] DROP CONSTRAINT x_policy_FK_added_by_id @@ -1783,6 +1788,7 @@ CREATE TABLE [dbo].[x_service] ( [policy_update_time] [datetime2] DEFAULT NULL NULL, [description] [varchar](1024) DEFAULT NULL NULL, [is_enabled] [tinyint] DEFAULT 0 NOT NULL, + [tag_service] [bigint] DEFAULT NULL NULL, PRIMARY KEY CLUSTERED ( [id] ASC @@ -2270,6 +2276,11 @@ REFERENCES [dbo].[x_service_def] ([id]) GO ALTER TABLE [dbo].[x_service] CHECK CONSTRAINT [x_service_FK_type] GO +ALTER TABLE [dbo].[x_service] WITH CHECK ADD CONSTRAINT [x_service_FK_tag_service] FOREIGN KEY([tag_service]) +REFERENCES [dbo].[x_service] ([id]) +GO +ALTER TABLE [dbo].[x_service] CHECK CONSTRAINT [x_service_FK_tag_service] +GO ALTER TABLE [dbo].[x_policy] WITH CHECK ADD CONSTRAINT [x_policy_FK_added_by_id] FOREIGN KEY([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) GO http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java b/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java index 9fc7349..087eb8d 100644 --- a/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java @@ -68,6 +68,15 @@ public abstract class XXServiceBase extends XXDBBase { protected String name; /** + * tagService of the XXService + * <ul> + * </ul> + * + */ + @Column(name = "tag_service") + protected Long tagService; + + /** * policyVersion of the XXService * <ul> * </ul> @@ -180,6 +189,25 @@ public abstract class XXServiceBase extends XXDBBase { } /** + * This method sets the value to the member attribute <b> tagService</b> . + * + * @param tagService + * Value to set member attribute <b> tagService</b> + */ + public void setTagService(Long tagService) { + this.tagService = tagService; + } + + /** + * Returns the value for the member attribute <b>tagService</b> + * + * @return Long - value of member attribute <b>tagService</b> . + */ + public Long getTagService() { + return this.tagService; + } + + /** * This method sets the value to the member attribute <b> policyVersion</b> * . You cannot set null to the attribute. * @@ -297,6 +325,13 @@ public abstract class XXServiceBase extends XXDBBase { } else if (!name.equals(other.name)) { return false; } + if (tagService == null) { + if (other.tagService != null) { + return false; + } + } else if (!tagService.equals(other.tagService)) { + return false; + } if (policyUpdateTime == null) { if (other.policyUpdateTime != null) { return false; @@ -343,7 +378,7 @@ public abstract class XXServiceBase extends XXDBBase { @Override public String toString() { return "XXServiceBase [" + super.toString() + " guid=" + guid + ", version=" + version + ", type=" + type - + ", name=" + name + ", policyVersion=" + policyVersion + ", policyUpdateTime=" + policyUpdateTime + + ", name=" + name + ", tagService=" + tagService + ", policyVersion=" + policyVersion + ", policyUpdateTime=" + policyUpdateTime + ", description=" + description + ", isEnabled=" + isEnabled + "]"; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/49d1fdbd/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java index 66f02fe..4388a78 100755 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java @@ -72,8 +72,24 @@ public abstract class RangerServiceServiceBase<T extends XXServiceBase, V extend "No ServiceDefinition found with name :" + vObj.getType(), MessageEnums.INVALID_INPUT_DATA); } + + Long tagServiceId = null; + String tagServiceName = vObj.getTagService(); + if(! StringUtils.isEmpty(tagServiceName)) { + XXService xTagService = daoMgr.getXXService().findByName(tagServiceName); + + if(xTagService == null) { + throw restErrorUtil.createRESTException( + "No Service found with name :" + tagServiceName, + MessageEnums.INVALID_INPUT_DATA); + } + + tagServiceId = xTagService.getId(); + } + xObj.setType(xServiceDef.getId()); xObj.setName(vObj.getName()); + xObj.setTagService(tagServiceId); xObj.setPolicyVersion(vObj.getPolicyVersion()); xObj.setPolicyUpdateTime(vObj.getPolicyUpdateTime()); xObj.setDescription(vObj.getDescription()); @@ -85,11 +101,13 @@ public abstract class RangerServiceServiceBase<T extends XXServiceBase, V extend @SuppressWarnings("unchecked") protected RangerService mapEntityToViewBean(RangerService vObj, XXServiceBase xObj) { XXServiceDef xServiceDef = daoMgr.getXXServiceDef().getById(xObj.getType()); + XXService xTagService = xObj.getTagService() != null ? daoMgr.getXXService().getById(xObj.getTagService()) : null; vObj.setType(xServiceDef.getName()); vObj.setGuid(xObj.getGuid()); vObj.setVersion(xObj.getVersion()); vObj.setName(xObj.getName()); vObj.setDescription(xObj.getDescription()); + vObj.setTagService(xTagService != null ? xTagService.getName() : null); vObj.setPolicyVersion(xObj.getPolicyVersion()); vObj.setPolicyUpdateTime(xObj.getPolicyUpdateTime()); vObj.setIsEnabled(xObj.getIsenabled());
