Merge branch 'master' into tag-policy
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/5a022141 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/5a022141 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/5a022141 Branch: refs/heads/tag-policy Commit: 5a022141c5394b4ee60e95a8303545585d927c84 Parents: 2474fed 144c215 Author: Madhan Neethiraj <[email protected]> Authored: Mon Jun 1 16:19:26 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Mon Jun 1 16:19:26 2015 -0700 ---------------------------------------------------------------------- .../org/apache/ranger/audit/dao/DaoManager.java | 2 + .../audit/destination/DBAuditDestination.java | 322 +++++++ .../audit/destination/FileAuditDestination.java | 11 + .../audit/destination/HDFSAuditDestination.java | 14 + .../destination/Log4JAuditDestination.java | 120 +++ .../audit/destination/SolrAuditDestination.java | 11 +- .../audit/provider/AuditProviderFactory.java | 11 +- .../ranger/audit/provider/BaseAuditHandler.java | 139 ++- .../audit/provider/Log4jAuditProvider.java | 2 +- .../apache/ranger/audit/provider/MiscUtil.java | 15 + .../audit/provider/MultiDestAuditProvider.java | 20 +- .../ranger/audit/queue/AuditAsyncQueue.java | 26 +- .../ranger/audit/queue/AuditBatchQueue.java | 26 +- .../ranger/audit/queue/AuditFileSpool.java | 4 + .../apache/ranger/audit/queue/AuditQueue.java | 22 + .../ranger/audit/queue/AuditSummaryQueue.java | 25 +- .../admin/client/RangerAdminRESTClient.java | 7 +- .../plugin/audit/RangerDefaultAuditHandler.java | 5 +- .../validation/RangerServiceDefHelper.java | 30 +- .../plugin/store/AbstractServiceStore.java | 17 +- .../plugin/store/EmbeddedServiceDefsUtil.java | 10 + .../validation/TestRangerServiceDefHelper.java | 42 +- .../ranger/server/tomcat/EmbeddedServer.java | 4 +- kms/config/kms-webapp/kms-log4j.properties | 6 +- kms/pom.xml | 10 + kms/scripts/db_setup.py | 8 +- kms/scripts/dba_script.py | 8 +- .../hadoop/crypto/key/kms/server/KMS.java | 68 +- .../hadoop/crypto/key/kms/server/KMSACLs.java | 6 +- .../kms/server/KeyAuthorizationKeyProvider.java | 5 +- .../crypto/key/kms/server/TestKMSACLs.java | 11 +- .../kafka/client/ServiceKafkaClient.java | 5 +- .../kms/authorizer/RangerKmsAuthorizer.java | 30 +- .../services/solr/client/ServiceSolrClient.java | 5 +- security-admin/scripts/db_setup.py | 8 +- security-admin/scripts/dba_script.py | 8 +- .../scripts/ranger-admin-site-template.xml | 2 +- security-admin/src/bin/ranger_install.py | 25 +- .../org/apache/ranger/biz/RangerBizUtil.java | 142 +++ .../org/apache/ranger/biz/ServiceDBStore.java | 280 +++--- .../java/org/apache/ranger/biz/SessionMgr.java | 16 +- .../java/org/apache/ranger/biz/UserMgr.java | 23 +- .../java/org/apache/ranger/biz/XUserMgr.java | 35 + .../apache/ranger/common/PropertiesUtil.java | 14 + .../org/apache/ranger/common/SearchUtil.java | 5 +- .../org/apache/ranger/common/ServiceUtil.java | 13 +- .../apache/ranger/common/UserSessionBase.java | 9 + .../apache/ranger/common/XMLPropertiesUtil.java | 2 +- .../org/apache/ranger/rest/ServiceREST.java | 216 +++-- .../java/org/apache/ranger/rest/XUserREST.java | 11 +- .../handler/RangerAuthenticationProvider.java | 19 +- .../ranger/service/RangerServiceDefService.java | 55 +- .../service/RangerServiceServiceBase.java | 34 +- .../ranger/service/XAccessAuditService.java | 9 + .../org/apache/ranger/service/XUserService.java | 6 +- .../org/apache/ranger/view/VXAccessAudit.java | 19 + .../conf.dist/ranger-admin-default-site.xml | 7 +- .../resources/conf.dist/ranger-admin-site.xml | 2 +- .../webapp/scripts/controllers/Controller.js | 4 +- .../scripts/modules/globalize/message/en.js | 3 +- .../src/main/webapp/scripts/utils/XAUtils.js | 38 +- .../views/permissions/ModulePermissionForm.js | 10 +- .../views/permissions/ModulePermsTableLayout.js | 2 + .../scripts/views/policies/PermissionList.js | 13 +- .../views/policies/RangerPolicyTableLayout.js | 2 + .../webapp/scripts/views/reports/AuditLayout.js | 39 +- .../main/webapp/scripts/views/users/UserForm.js | 22 +- .../scripts/views/users/UserTableLayout.js | 17 +- .../templates/users/UserTableLayout_tmpl.html | 4 +- .../apache/ranger/biz/TestServiceDBStore.java | 901 +++++++++++++++++-- .../org/apache/ranger/rest/TestServiceREST.java | 449 ++++++--- .../rest/TestServiceRESTForValidation.java | 1 + src/main/assembly/kms.xml | 2 + src/main/assembly/plugin-kafka.xml | 2 + .../process/PolicyMgrUserGroupBuilder.java | 4 + .../config/UserGroupSyncConfig.java | 9 +- unixauthservice/scripts/setup.py | 4 + .../scripts/updatepolicymgrpassword.py | 105 +-- .../UnixAuthenticationService.java | 2 +- 79 files changed, 2941 insertions(+), 699 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java ---------------------------------------------------------------------- diff --cc agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java index 155971f,0000000..d394022 mode 100644,000000..100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractServiceStore.java @@@ -1,417 -1,0 +1,430 @@@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.plugin.store; + +import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.ranger.plugin.model.RangerBaseModelObject; +import org.apache.ranger.plugin.model.RangerPolicy; +import org.apache.ranger.plugin.model.RangerService; +import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.util.SearchFilter; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.HashSet; +import java.util.List; +import java.util.Objects; +import java.util.UUID; + +public abstract class AbstractServiceStore implements ServiceStore { + private static final Log LOG = LogFactory.getLog(AbstractServiceStore.class); + + + private static final int MAX_ACCESS_TYPES_IN_SERVICE_DEF = 1000; + + + @Override + public void updateTagServiceDefForAccessTypes() throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ServiceDefDBStore.updateTagServiceDefForAccessTypes()"); + } + List<RangerServiceDef> allServiceDefs = getServiceDefs(new SearchFilter()); + for (RangerServiceDef serviceDef : allServiceDefs) { + updateTagServiceDefForUpdatingAccessTypes(serviceDef); + } + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceDefDBStore.updateTagServiceDefForAccessTypes()"); + } + } + + @Override + public void deleteServiceDef(Long id, Boolean forceDelete) throws Exception { + deleteServiceDef(id); // Ignore forceDelete flag + } + + @Override + public PList<RangerServiceDef> getPaginatedServiceDefs(SearchFilter filter) throws Exception { + List<RangerServiceDef> resultList = getServiceDefs(filter); + + return new PList<RangerServiceDef>(resultList, 0, resultList.size(), + (long)resultList.size(), resultList.size(), filter.getSortType(), filter.getSortBy()); + } + + @Override + public PList<RangerService> getPaginatedServices(SearchFilter filter) throws Exception { + List<RangerService> resultList = getServices(filter); + + return new PList<RangerService>(resultList, 0, resultList.size(), (long)resultList.size(), + resultList.size(), filter.getSortType(), filter.getSortBy()); + } + + @Override + public PList<RangerPolicy> getPaginatedPolicies(SearchFilter filter) throws Exception { + List<RangerPolicy> resultList = getPolicies(filter); + + return new PList<RangerPolicy>(resultList, 0, resultList.size(), (long)resultList.size(), + resultList.size(), filter.getSortType(), filter.getSortBy()); + } + + @Override + public PList<RangerPolicy> getPaginatedServicePolicies(Long serviceId, SearchFilter filter) throws Exception { + List<RangerPolicy> resultList = getServicePolicies(serviceId, filter); + + return new PList<RangerPolicy>(resultList, 0, resultList.size(), (long)resultList.size(), + resultList.size(), filter.getSortType(), filter.getSortBy()); + } + + @Override + public PList<RangerPolicy> getPaginatedServicePolicies(String serviceName, SearchFilter filter) throws Exception { + List<RangerPolicy> resultList = getServicePolicies(serviceName, filter); + + return new PList<RangerPolicy>(resultList, 0, resultList.size(), (long)resultList.size(), + resultList.size(), filter.getSortType(), filter.getSortBy()); + } + + @Override + public RangerPolicy getPolicyFromEventTime(String eventTimeStr, Long policyId) { + RangerPolicy ret = null; + try { + ret = getPolicy(policyId); + } catch (Exception e) { + // Do nothing + } + return ret; + } + + @Override + public RangerPolicy getPolicyForVersionNumber(Long policyId, Integer versionNo) { + RangerPolicy ret = null; + try { + ret = getPolicy(policyId); + } catch (Exception e) { + // Do nothing + } + return ret; + } + + @Override + public String getPolicyForVersionNumber(Long policyId) { + RangerPolicy ret = null; + try { + ret = getPolicy(policyId); + } catch (Exception e) { + // Do nothing + } + return ret == null ? null : ret.getName(); + } + + protected void preCreate(RangerBaseModelObject obj) throws Exception { + obj.setId(0L); + obj.setGuid(UUID.randomUUID().toString()); + obj.setCreateTime(new Date()); + obj.setUpdateTime(obj.getCreateTime()); + obj.setVersion(1L); + } + + protected void preCreate(RangerService service) throws Exception { + preCreate((RangerBaseModelObject)service); + + service.setPolicyVersion(0L); + service.setPolicyUpdateTime(service.getCreateTime()); + } + + protected void postCreate(RangerBaseModelObject obj) throws Exception { + if(obj instanceof RangerServiceDef) { + updateTagServiceDefForUpdatingAccessTypes((RangerServiceDef)obj); + } + } + + protected void preUpdate(RangerBaseModelObject obj) throws Exception { + if(obj.getId() == null) { + obj.setId(0L); + } + + if(obj.getGuid() == null) { + obj.setGuid(UUID.randomUUID().toString()); + } + + if(obj.getCreateTime() == null) { + obj.setCreateTime(new Date()); + } + + Long version = obj.getVersion(); + + if(version == null) { + version = 1L; + } else { + version = version + 1; + } + + obj.setVersion(version); + obj.setUpdateTime(new Date()); + } + + protected void postUpdate(RangerBaseModelObject obj) throws Exception { + if(obj instanceof RangerServiceDef) { + RangerServiceDef serviceDef = (RangerServiceDef)obj; + + updateTagServiceDefForUpdatingAccessTypes(serviceDef); + updateServicesForServiceDefUpdate(serviceDef); + } + } + + protected void preDelete(RangerBaseModelObject obj) throws Exception { + // TODO: + } + + protected void postDelete(RangerBaseModelObject obj) throws Exception { + if(obj instanceof RangerServiceDef) { + updateTagServiceDefForDeletingAccessTypes(((RangerServiceDef) obj).getName()); + } + } + + protected long getMaxId(List<? extends RangerBaseModelObject> objs) { + long ret = -1; + + if (objs != null) { + for (RangerBaseModelObject obj : objs) { + if (obj.getId() > ret) { + ret = obj.getId(); + } + } + } + return ret; + } + + // when a service-def is updated, the updated service-def should be made available to plugins + // this is achieved by incrementing policyVersion of all its services + protected void updateServicesForServiceDefUpdate(RangerServiceDef serviceDef) throws Exception { + boolean isTagServiceDef = StringUtils.equals(serviceDef.getName(), EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME); + + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.SERVICE_TYPE, serviceDef.getName()); + + List<RangerService> services = getServices(filter); + + if(CollectionUtils.isNotEmpty(services)) { + for(RangerService service : services) { + service.setPolicyVersion(getNextVersion(service.getPolicyVersion())); + service.setPolicyUpdateTime(serviceDef.getUpdateTime()); + + updateService(service); + + if(isTagServiceDef) { + filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_SERVICE_NAME, service.getName()); + + List<RangerService> referrringServices = getServices(filter); + + if(CollectionUtils.isNotEmpty(referrringServices)) { + for(RangerService referringService : referrringServices) { + referringService.setPolicyVersion(getNextVersion(referringService.getPolicyVersion())); + referringService.setPolicyUpdateTime(serviceDef.getUpdateTime()); + + updateService(referringService); + } + } + } + } + } + } + + private RangerServiceDef.RangerAccessTypeDef findAccessTypeDef(long itemId, List<RangerServiceDef.RangerAccessTypeDef> accessTypeDefs) { + RangerServiceDef.RangerAccessTypeDef ret = null; + + for(RangerServiceDef.RangerAccessTypeDef accessTypeDef : accessTypeDefs) { + if(itemId == accessTypeDef.getItemId()) { + ret = accessTypeDef; + break; + } + } + return ret; + } + + private void updateTagServiceDefForUpdatingAccessTypes(RangerServiceDef serviceDef) throws Exception { + if (StringUtils.equals(serviceDef.getName(), EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) { + return; + } + + String serviceDefName = serviceDef.getName(); + + RangerServiceDef tagServiceDef; + try { + tagServiceDef = this.getServiceDef(EmbeddedServiceDefsUtil.instance().getTagServiceDefId()); + } catch (Exception e) { - LOG.error("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes -- Could not find TAG ServiceDef.. ", e); ++ LOG.error("AbstractServiceStore.updateTagServiceDefForUpdatingAccessTypes" + serviceDef.getName() + "): could not find TAG ServiceDef.. ", e); + throw e; + } + ++ if(tagServiceDef == null) { ++ LOG.error("AbstractServiceStore.updateTagServiceDefForUpdatingAccessTypes(" + serviceDef.getName() + "): could not fund TAG ServiceDef.. "); ++ ++ return; ++ } ++ + List<RangerServiceDef.RangerAccessTypeDef> toAdd = new ArrayList<RangerServiceDef.RangerAccessTypeDef>(); + List<RangerServiceDef.RangerAccessTypeDef> toUpdate = new ArrayList<RangerServiceDef.RangerAccessTypeDef>(); + List<RangerServiceDef.RangerAccessTypeDef> toDelete = new ArrayList<RangerServiceDef.RangerAccessTypeDef>(); + + List<RangerServiceDef.RangerAccessTypeDef> svcDefAccessTypes = serviceDef.getAccessTypes(); + List<RangerServiceDef.RangerAccessTypeDef> tagDefAccessTypes = tagServiceDef.getAccessTypes(); + + long itemIdOffset = serviceDef.getId() * (MAX_ACCESS_TYPES_IN_SERVICE_DEF + 1); + + for (RangerServiceDef.RangerAccessTypeDef svcAccessType : svcDefAccessTypes) { + long tagAccessTypeItemId = svcAccessType.getItemId() + itemIdOffset; + + RangerServiceDef.RangerAccessTypeDef tagAccessType = findAccessTypeDef(tagAccessTypeItemId, tagDefAccessTypes); + + if(tagAccessType == null) { + tagAccessType = new RangerServiceDef.RangerAccessTypeDef(); + + tagAccessType.setItemId(tagAccessTypeItemId); + tagAccessType.setName(serviceDefName + ":" + svcAccessType.getName()); + tagAccessType.setLabel(svcAccessType.getLabel()); + tagAccessType.setRbKeyLabel(svcAccessType.getRbKeyLabel()); + + tagAccessType.setImpliedGrants(new HashSet<String>()); + if(CollectionUtils.isNotEmpty(svcAccessType.getImpliedGrants())) { + for(String svcImpliedGrant : svcAccessType.getImpliedGrants()) { + tagAccessType.getImpliedGrants().add(serviceDefName + ":" + svcImpliedGrant); + } + } + + toAdd.add(tagAccessType); + } + } + + for (RangerServiceDef.RangerAccessTypeDef tagAccessType : tagDefAccessTypes) { + if (tagAccessType.getName().startsWith(serviceDefName + ":")) { + long svcAccessTypeItemId = tagAccessType.getItemId() - itemIdOffset; + + RangerServiceDef.RangerAccessTypeDef svcAccessType = findAccessTypeDef(svcAccessTypeItemId, svcDefAccessTypes); + + if(svcAccessType == null) { // accessType has been deleted in service + toDelete.add(tagAccessType); + continue; + } + + boolean isUpdated = false; + + if(! Objects.equals(tagAccessType.getName().substring(serviceDefName.length() + 1), svcAccessType.getName())) { + isUpdated = true; + } else if(! Objects.equals(tagAccessType.getLabel(), svcAccessType.getLabel())) { + isUpdated = true; + } else if(! Objects.equals(tagAccessType.getRbKeyLabel(), svcAccessType.getRbKeyLabel())) { + isUpdated = true; + } else { + Collection<String> tagImpliedGrants = tagAccessType.getImpliedGrants(); + Collection<String> svcImpliedGrants = svcAccessType.getImpliedGrants(); + + int tagImpliedGrantsLen = tagImpliedGrants == null ? 0 : tagImpliedGrants.size(); + int svcImpliedGrantsLen = svcImpliedGrants == null ? 0 : svcImpliedGrants.size(); + + if(tagImpliedGrantsLen != svcImpliedGrantsLen) { + isUpdated = true; + } else if(tagImpliedGrantsLen > 0) { + for(String svcImpliedGrant : svcImpliedGrants) { + if(! tagImpliedGrants.contains(serviceDefName + ":" + svcImpliedGrant)) { + isUpdated = true; + break; + } + } + } + } + + if(isUpdated) { + tagAccessType.setName(serviceDefName + ":" + svcAccessType.getName()); + tagAccessType.setLabel(svcAccessType.getLabel()); + tagAccessType.setRbKeyLabel(svcAccessType.getRbKeyLabel()); + + tagAccessType.setImpliedGrants(new HashSet<String>()); + if(CollectionUtils.isNotEmpty(svcAccessType.getImpliedGrants())) { + for(String svcImpliedGrant : svcAccessType.getImpliedGrants()) { + tagAccessType.getImpliedGrants().add(serviceDefName + ":" + svcImpliedGrant); + } + } + + toUpdate.add(tagAccessType); + } + } + } + + if(CollectionUtils.isNotEmpty(toAdd) || CollectionUtils.isNotEmpty(toUpdate) || CollectionUtils.isNotEmpty(toDelete)) { + tagDefAccessTypes.addAll(toAdd); + tagDefAccessTypes.removeAll(toDelete); + + try { + updateServiceDef(tagServiceDef); + LOG.info("AbstractServiceStore.updateTagServiceDefForUpdatingAccessTypes -- updated TAG service def with " + serviceDefName + " access types"); + } catch (Exception e) { + LOG.error("AbstractServiceStore.updateTagServiceDefForUpdatingAccessTypes -- Failed to update TAG ServiceDef.. ", e); + throw e; + } + } + } + + private void updateTagServiceDefForDeletingAccessTypes(String serviceDefName) throws Exception { + if (serviceDefName.equals(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) { + return; + } + + RangerServiceDef tagServiceDef; + try { + tagServiceDef = this.getServiceDef(EmbeddedServiceDefsUtil.instance().getTagServiceDefId()); + } catch (Exception e) { - LOG.error("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes -- Could not find TAG ServiceDef.. ", e); ++ LOG.error("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes(" + serviceDefName + "): could not fund TAG ServiceDef.. ", e); + throw e; + } ++ ++ if(tagServiceDef == null) { ++ LOG.error("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes(" + serviceDefName + "): could not fund TAG ServiceDef.. "); ++ ++ return; ++ } ++ + List<RangerServiceDef.RangerAccessTypeDef> accessTypes = new ArrayList<RangerServiceDef.RangerAccessTypeDef>(); + + for (RangerServiceDef.RangerAccessTypeDef accessType : tagServiceDef.getAccessTypes()) { + if (accessType.getName().startsWith(serviceDefName + ":")) { + accessTypes.add(accessType); + } + } + + tagServiceDef.getAccessTypes().removeAll(accessTypes); + try { + updateServiceDef(tagServiceDef); + LOG.info("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes -- updated TAG service def with " + serviceDefName + " access types"); + } catch (Exception e) { + LOG.error("AbstractServiceStore.updateTagServiceDefForDeletingAccessTypes -- Failed to update TAG ServiceDef.. ", e); + throw e; + } + } + + protected long getNextVersion(Long currentVersion) { + return currentVersion == null ? 1L : currentVersion + 1; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --cc security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 66111ba,e0dbea29..9d00fe3 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@@ -775,9 -786,9 +790,9 @@@ public class ServiceDBStore extends Abs MessageEnums.DATA_NOT_FOUND); } ++ List<XXService> serviceList = daoMgr.getXXService().findByServiceDefId(serviceDefId); if (!forceDelete) { -- List<XXService> svcDefServiceList = daoMgr.getXXService().findByServiceDefId(serviceDefId); -- if (!stringUtil.isEmpty(svcDefServiceList)) { ++ if(CollectionUtils.isNotEmpty(serviceList)) { throw restErrorUtil.createRESTException( "Services exists under given service definition, can't delete Service-Def: " + serviceDef.getName(), MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); @@@ -827,10 -838,10 +842,10 @@@ configDefDao.remove(configDef); } -- XXServiceDao serviceDao = daoMgr.getXXService(); -- List<XXService> serviceList = serviceDao.findByServiceDefId(serviceDefId); -- for(XXService service : serviceList) { -- deleteService(service.getId()); ++ if(CollectionUtils.isNotEmpty(serviceList)) { ++ for(XXService service : serviceList) { ++ deleteService(service.getId()); ++ } } Long version = serviceDef.getVersion(); @@@ -981,102 -983,82 +993,86 @@@ } boolean createDefaultPolicy = true; - boolean isAllowed=false; - - UserSessionBase usb = ContextUtil.getCurrentUserSession(); - - List<String> userRoleList = usb == null ? null : usb.getUserRoleList(); - if (userRoleList != null && userRoleList.contains(RangerConstants.ROLE_KEY_ADMIN)) { - if ("KMS".equalsIgnoreCase(service.getType())) { - isAllowed = true; + Map<String, String> configs = service.getConfigs(); + Map<String, String> validConfigs = validateRequiredConfigParams(service, configs); + if (validConfigs == null) { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ConfigParams cannot be null, ServiceDefDBStore.createService(" + service + ")"); } + throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT); } - if (usb != null && usb.isUserAdmin() || populateExistingBaseFields) { - isAllowed = true; + + // While creating, value of version should be 1. + service.setVersion(new Long(1)); + + if (populateExistingBaseFields) { + svcServiceWithAssignedId.setPopulateExistingBaseFields(true); + service = svcServiceWithAssignedId.create(service); + svcServiceWithAssignedId.setPopulateExistingBaseFields(false); + createDefaultPolicy = false; + } else { + service = svcService.create(service); } + XXService xCreatedService = daoMgr.getXXService().getById(service.getId()); + VXUser vXUser = null; - if (isAllowed) { - Map<String, String> configs = service.getConfigs(); - Map<String, String> validConfigs = validateRequiredConfigParams( - service, configs); - if (validConfigs == null) { - if (LOG.isDebugEnabled()) { - LOG.debug("==> ConfigParams cannot be null, ServiceDefDBStore.createService(" + service + ")"); - } - throw restErrorUtil.createRESTException( - "ConfigParams cannot be null.", - MessageEnums.ERROR_CREATING_OBJECT); - } + XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap(); + for (Entry<String, String> configMap : validConfigs.entrySet()) { + String configKey = configMap.getKey(); + String configValue = configMap.getValue(); - // While creating, value of version should be 1. - service.setVersion(new Long(1)); - - if(populateExistingBaseFields) { - svcServiceWithAssignedId.setPopulateExistingBaseFields(true); - service = svcServiceWithAssignedId.create(service); - svcServiceWithAssignedId.setPopulateExistingBaseFields(false); - createDefaultPolicy = false; - } else { - service = svcService.create(service); - } - XXService xCreatedService = daoMgr.getXXService().getById(service.getId()); - VXUser vXUser = null; - - XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap(); - for (Entry<String, String> configMap : validConfigs.entrySet()) { - String configKey = configMap.getKey(); - String configValue = configMap.getValue(); - - if(StringUtils.equalsIgnoreCase(configKey, "username")) { - String userName = stringUtil.getValidUserName(configValue); - XXUser xxUser = daoMgr.getXXUser().findByUserName(userName); - if (xxUser != null) { - vXUser = xUserService.populateViewBean(xxUser); - } else { - vXUser = new VXUser(); - vXUser.setName(userName); - vXUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); - vXUser = xUserMgr.createXUser(vXUser); + if (StringUtils.equalsIgnoreCase(configKey, "username")) { + String userName = stringUtil.getValidUserName(configValue); + XXUser xxUser = daoMgr.getXXUser().findByUserName(userName); + if (xxUser != null) { + vXUser = xUserService.populateViewBean(xxUser); + } else { + vXUser = new VXUser(); + vXUser.setName(userName); + vXUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); + + UserSessionBase usb = ContextUtil.getCurrentUserSession(); + if (usb != null && !usb.isUserAdmin()) { + throw restErrorUtil.createRESTException("User does not exist with given username: [" + + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } + vXUser = xUserMgr.createXUser(vXUser); } + } - if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) { - String encryptedPwd = PasswordUtils.encryptPassword(configValue); - String decryptedPwd = PasswordUtils.decryptPassword(encryptedPwd); + if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) { + String encryptedPwd = PasswordUtils.encryptPassword(configValue); + String decryptedPwd = PasswordUtils.decryptPassword(encryptedPwd); - if (StringUtils.equals(decryptedPwd, configValue)) { - configValue = encryptedPwd; - } + if (StringUtils.equals(decryptedPwd, configValue)) { + configValue = encryptedPwd; } - - XXServiceConfigMap xConfMap = new XXServiceConfigMap(); - xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xCreatedService); - xConfMap.setServiceId(xCreatedService.getId()); - xConfMap.setConfigkey(configKey); - xConfMap.setConfigvalue(configValue); - xConfMap = xConfMapDao.create(xConfMap); } - RangerService createdService = svcService.getPopulatedViewObject(xCreatedService); - dataHistService.createObjectDataHistory(createdService, RangerDataHistService.ACTION_CREATE); - - List<XXTrxLog> trxLogList = svcService.getTransactionLog(createdService, RangerServiceService.OPERATION_CREATE_CONTEXT); - bizUtil.createTrxLog(trxLogList); - if (createdService.getType().equals(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) { - createDefaultPolicy = false; - } - if (createDefaultPolicy) { - createDefaultPolicy(xCreatedService, vXUser); - } + XXServiceConfigMap xConfMap = new XXServiceConfigMap(); + xConfMap = (XXServiceConfigMap) rangerAuditFields.populateAuditFields(xConfMap, xCreatedService); + xConfMap.setServiceId(xCreatedService.getId()); + xConfMap.setConfigkey(configKey); + xConfMap.setConfigvalue(configValue); + xConfMap = xConfMapDao.create(xConfMap); + } + RangerService createdService = svcService.getPopulatedViewObject(xCreatedService); + dataHistService.createObjectDataHistory(createdService, RangerDataHistService.ACTION_CREATE); - return createdService; - } else { - LOG.debug("Logged in user doesn't have admin access to create repository."); - throw restErrorUtil.createRESTException( - "Sorry, you don't have permission to perform the operation", - MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY); + List<XXTrxLog> trxLogList = svcService.getTransactionLog(createdService, + RangerServiceService.OPERATION_CREATE_CONTEXT); + bizUtil.createTrxLog(trxLogList); + ++ if (createdService.getType().equals(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) { ++ createDefaultPolicy = false; ++ } + + if (createDefaultPolicy) { + createDefaultPolicy(xCreatedService, vXUser); } + + return createdService; + } @Override http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- diff --cc security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index 2167151,4423633..c8d43ed --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@@ -74,8 -77,7 +77,9 @@@ import org.apache.ranger.plugin.policye import org.apache.ranger.plugin.policyengine.RangerPolicyEngineOptions; import org.apache.ranger.plugin.policyevaluator.RangerPolicyEvaluator; import org.apache.ranger.plugin.service.ResourceLookupContext; +import org.apache.ranger.plugin.store.PList; +import org.apache.ranger.plugin.store.ServiceStore; + import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil; import org.apache.ranger.plugin.util.GrantRevokeRequest; import org.apache.ranger.plugin.util.SearchFilter; import org.apache.ranger.plugin.util.ServicePolicies; @@@ -314,16 -345,6 +349,18 @@@ public class ServiceREST throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true); } - ret = new RangerServiceDefList(); ++ if(paginatedSvcDefs != null) { ++ ret = new RangerServiceDefList(); + - ret.setServiceDefs(paginatedSvcDefs.getList()); - ret.setPageSize(paginatedSvcDefs.getPageSize()); - ret.setResultSize(paginatedSvcDefs.getResultSize()); - ret.setStartIndex(paginatedSvcDefs.getStartIndex()); - ret.setTotalCount(paginatedSvcDefs.getTotalCount()); - ret.setSortBy(paginatedSvcDefs.getSortBy()); - ret.setSortType(paginatedSvcDefs.getSortType()); ++ ret.setServiceDefs(paginatedSvcDefs.getList()); ++ ret.setPageSize(paginatedSvcDefs.getPageSize()); ++ ret.setResultSize(paginatedSvcDefs.getResultSize()); ++ ret.setStartIndex(paginatedSvcDefs.getStartIndex()); ++ ret.setTotalCount(paginatedSvcDefs.getTotalCount()); ++ ret.setSortBy(paginatedSvcDefs.getSortBy()); ++ ret.setSortType(paginatedSvcDefs.getSortType()); ++ } + if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceREST.getServiceDefs(): count=" + (ret == null ? 0 : ret.getListSize())); } @@@ -491,17 -537,6 +555,19 @@@ throw restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST, excp.getMessage(), true); } - ret = new RangerServiceList(); ++ if(paginatedSvcs != null) { ++ ret = new RangerServiceList(); + + - ret.setServices(paginatedSvcs.getList()); - ret.setPageSize(paginatedSvcs.getPageSize()); - ret.setResultSize(paginatedSvcs.getResultSize()); - ret.setStartIndex(paginatedSvcs.getStartIndex()); - ret.setTotalCount(paginatedSvcs.getTotalCount()); - ret.setSortBy(paginatedSvcs.getSortBy()); - ret.setSortType(paginatedSvcs.getSortType()); ++ ret.setServices(paginatedSvcs.getList()); ++ ret.setPageSize(paginatedSvcs.getPageSize()); ++ ret.setResultSize(paginatedSvcs.getResultSize()); ++ ret.setStartIndex(paginatedSvcs.getStartIndex()); ++ ret.setTotalCount(paginatedSvcs.getTotalCount()); ++ ret.setSortBy(paginatedSvcs.getSortBy()); ++ ret.setSortType(paginatedSvcs.getSortType()); ++ } + if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceREST.getServices(): count=" + (ret == null ? 0 : ret.getListSize())); } @@@ -1014,19 -1047,9 +1080,21 @@@ SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields); try { - ret = svcStore.getPaginatedPolicies(filter); + paginatedPolicies = svcStore.getPaginatedPolicies(filter); - ret = new RangerPolicyList(); - applyAdminAccessFilter(ret); ++ if(paginatedPolicies != null) { ++ ret = new RangerPolicyList(); + - ret.setPolicies(paginatedPolicies.getList()); - ret.setPageSize(paginatedPolicies.getPageSize()); - ret.setResultSize(paginatedPolicies.getResultSize()); - ret.setStartIndex(paginatedPolicies.getStartIndex()); - ret.setTotalCount(paginatedPolicies.getTotalCount()); - ret.setSortBy(paginatedPolicies.getSortBy()); - ret.setSortType(paginatedPolicies.getSortType()); ++ ret.setPolicies(paginatedPolicies.getList()); ++ ret.setPageSize(paginatedPolicies.getPageSize()); ++ ret.setResultSize(paginatedPolicies.getResultSize()); ++ ret.setStartIndex(paginatedPolicies.getStartIndex()); ++ ret.setTotalCount(paginatedPolicies.getTotalCount()); ++ ret.setSortBy(paginatedPolicies.getSortBy()); ++ ret.setSortType(paginatedPolicies.getSortType()); + - applyAdminAccessFilter(ret); ++ applyAdminAccessFilter(ret); ++ } } catch (Exception excp) { LOG.error("getPolicies() failed", excp); @@@ -1108,19 -1129,9 +1176,21 @@@ SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields); try { - ret = svcStore.getPaginatedServicePolicies(serviceId, filter); + paginatedPolicies = svcStore.getPaginatedServicePolicies(serviceId, filter); - ret = new RangerPolicyList(); - applyAdminAccessFilter(ret); ++ if(paginatedPolicies != null) { ++ ret = new RangerPolicyList(); + - ret.setPolicies(paginatedPolicies.getList()); - ret.setPageSize(paginatedPolicies.getPageSize()); - ret.setResultSize(paginatedPolicies.getResultSize()); - ret.setStartIndex(paginatedPolicies.getStartIndex()); - ret.setTotalCount(paginatedPolicies.getTotalCount()); - ret.setSortBy(paginatedPolicies.getSortBy()); - ret.setSortType(paginatedPolicies.getSortType()); ++ ret.setPolicies(paginatedPolicies.getList()); ++ ret.setPageSize(paginatedPolicies.getPageSize()); ++ ret.setResultSize(paginatedPolicies.getResultSize()); ++ ret.setStartIndex(paginatedPolicies.getStartIndex()); ++ ret.setTotalCount(paginatedPolicies.getTotalCount()); ++ ret.setSortBy(paginatedPolicies.getSortBy()); ++ ret.setSortType(paginatedPolicies.getSortType()); + - applyAdminAccessFilter(ret); ++ applyAdminAccessFilter(ret); ++ } } catch (Exception excp) { LOG.error("getServicePolicies(" + serviceId + ") failed", excp); @@@ -1133,7 -1144,7 +1203,7 @@@ if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceREST.getServicePolicies(" + serviceId + "): count=" -- + ret.getListSize()); ++ + (ret == null ? 0 : ret.getListSize())); } return ret; } @@@ -1154,19 -1163,9 +1224,21 @@@ SearchFilter filter = searchUtil.getSearchFilter(request, policyService.sortFields); try { - ret = svcStore.getPaginatedServicePolicies(serviceName, filter); + paginatedPolicies = svcStore.getPaginatedServicePolicies(serviceName, filter); - ret = new RangerPolicyList(); - applyAdminAccessFilter(ret); ++ if(paginatedPolicies != null) { ++ ret = new RangerPolicyList(); + - ret.setPolicies(paginatedPolicies.getList()); - ret.setPageSize(paginatedPolicies.getPageSize()); - ret.setResultSize(paginatedPolicies.getResultSize()); - ret.setStartIndex(paginatedPolicies.getStartIndex()); - ret.setTotalCount(paginatedPolicies.getTotalCount()); - ret.setSortBy(paginatedPolicies.getSortBy()); - ret.setSortType(paginatedPolicies.getSortType()); ++ ret.setPolicies(paginatedPolicies.getList()); ++ ret.setPageSize(paginatedPolicies.getPageSize()); ++ ret.setResultSize(paginatedPolicies.getResultSize()); ++ ret.setStartIndex(paginatedPolicies.getStartIndex()); ++ ret.setTotalCount(paginatedPolicies.getTotalCount()); ++ ret.setSortBy(paginatedPolicies.getSortBy()); ++ ret.setSortType(paginatedPolicies.getSortType()); + - applyAdminAccessFilter(ret); ++ applyAdminAccessFilter(ret); ++ } } catch (Exception excp) { LOG.error("getServicePolicies(" + serviceName + ") failed", excp); @@@ -1179,7 -1178,7 +1251,7 @@@ if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceREST.getServicePolicies(" + serviceName + "): count=" -- + ret.getListSize()); ++ + (ret == null ? 0 : ret.getListSize())); } return ret; @@@ -1443,13 -1442,7 +1515,10 @@@ @GET @Path("/policy/{policyId}/versionList") public VXString getPolicyVersionList(@PathParam("policyId") Long policyId) { - return svcStore.getPolicyVersionList(policyId); + - String policyVersionListStr = svcStore.getPolicyForVersionNumber(policyId); - - VXString ret = new VXString(); - ret.setValue(policyVersionListStr); ++ VXString policyVersionListStr = svcStore.getPolicyVersionList(policyId); + - return ret; ++ return policyVersionListStr; } @GET http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java ---------------------------------------------------------------------- diff --cc security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java index 591b245,4970ffe..398a48d --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefService.java @@@ -20,9 -20,13 +20,10 @@@ package org.apache.ranger.service import java.util.ArrayList; import java.util.List; -import org.apache.ranger.common.ContextUtil; -import org.apache.ranger.common.RangerConstants; -import org.apache.ranger.common.SearchField; -import org.apache.ranger.common.SortField; +import org.apache.ranger.common.*; import org.apache.ranger.common.SearchField.DATA_TYPE; import org.apache.ranger.common.SearchField.SEARCH_TYPE; + import org.apache.ranger.common.UserSessionBase; import org.apache.ranger.entity.XXContextEnricherDef; import org.apache.ranger.entity.XXAccessTypeDef; import org.apache.ranger.entity.XXEnumDef; @@@ -157,39 -159,26 +158,24 @@@ public class RangerServiceDefService ex return this.populateViewBean(xServiceDef); } @Override - @SuppressWarnings("unchecked") public RangerServiceDefList searchRangerServiceDefs(SearchFilter searchFilter) { - List<RangerServiceDef> serviceDefList = new ArrayList<RangerServiceDef>(); + //List<RangerServiceDef> serviceDefList = new ArrayList<RangerServiceDef>(); RangerServiceDefList retList = new RangerServiceDefList(); - + int startIndex = searchFilter.getStartIndex(); + int pageSize = searchFilter.getMaxRows(); + searchFilter.setStartIndex(0); + searchFilter.setMaxRows(Integer.MAX_VALUE); List<XXServiceDef> xSvcDefList = (List<XXServiceDef>) searchResources(searchFilter, searchFields, sortFields, retList); - UserSessionBase userSession = ContextUtil.getCurrentUserSession(); - - if (userSession == null) { - // Internal user - for (XXServiceDef xSvcDef : xSvcDefList) { - if (xSvcDef != null) { - serviceDefList.add(populateViewBean(xSvcDef)); - } - } - } else { - List<String> userRoleList = userSession.getUserRoleList(); - for (XXServiceDef xSvcDef : xSvcDefList) { - if(userRoleList != null && !userRoleList.contains(RangerConstants.ROLE_KEY_ADMIN)){ - if(xSvcDef!=null && !"KMS".equalsIgnoreCase(xSvcDef.getName())){ - serviceDefList.add(populateViewBean(xSvcDef)); - } - } - else if(userRoleList != null && userRoleList.contains(RangerConstants.ROLE_KEY_ADMIN)){ - if(xSvcDef!=null && "KMS".equalsIgnoreCase(xSvcDef.getName())){ - serviceDefList.add(populateViewBean(xSvcDef)); - break; - } - } - UserSessionBase sessionBase = ContextUtil.getCurrentUserSession(); - //List<String> userRoleList = (sessionBase != null) ? sessionBase.getUserRoleList() : null; + List<XXServiceDef> permittedServiceDefs = new ArrayList<XXServiceDef>(); + for (XXServiceDef xSvcDef : xSvcDefList) { + if(bizUtil.hasAccess(xSvcDef, null)){ + permittedServiceDefs.add(xSvcDef); } } - retList.setServiceDefs(serviceDefList); - + //retList.setServiceDefs(serviceDefList); + if(permittedServiceDefs.size() > 0) { + populatePageList(permittedServiceDefs, startIndex, pageSize, retList); + } return retList; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java ---------------------------------------------------------------------- diff --cc security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java index e91952b,6f95a8a..0c48a55 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java @@@ -85,7 -88,7 +88,8 @@@ import org.apache.ranger.plugin.model.R import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef; +import org.apache.ranger.plugin.store.PList; + import org.apache.ranger.plugin.store.ServicePredicateUtil; import org.apache.ranger.plugin.util.SearchFilter; import org.apache.ranger.plugin.util.ServicePolicies; import org.apache.ranger.security.context.RangerContextHolder; @@@ -183,6 -201,6 +202,7 @@@ public class TestServiceDBStore RangerServiceDef rangerServiceDef = new RangerServiceDef(); rangerServiceDef.setId(Id); ++ rangerServiceDef.setName("RangerServiceHdfs"); rangerServiceDef.setImplClass("RangerServiceHdfs"); rangerServiceDef.setLabel("HDFS Repository"); rangerServiceDef.setDescription("HDFS Repository"); @@@ -421,15 -477,560 +479,564 @@@ @Test public void test12updateServiceDef() throws Exception { - RangerServiceDef serviceDef = rangerServiceDef(); + setup(); + XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class); + XXServiceDef xServiceDef = Mockito.mock(XXServiceDef.class); + XXServiceConfigDefDao xServiceConfigDefDao = Mockito + .mock(XXServiceConfigDefDao.class); + XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class); + XXAccessTypeDefDao xAccessTypeDefDao = Mockito + .mock(XXAccessTypeDefDao.class); + XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito + .mock(XXPolicyConditionDefDao.class); + XXContextEnricherDefDao xContextEnricherDefDao = Mockito + .mock(XXContextEnricherDefDao.class); + XXEnumDefDao xEnumDefDao = Mockito.mock(XXEnumDefDao.class); ++ XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); + + RangerServiceDef rangerServiceDef = rangerServiceDef(); + Long serviceDefId = rangerServiceDef.getId(); + + List<XXServiceConfigDef> svcConfDefList = new ArrayList<XXServiceConfigDef>(); + XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef(); + serviceConfigDefObj.setId(Id); + serviceConfigDefObj.setType("1"); + svcConfDefList.add(serviceConfigDefObj); + + List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>(); + XXResourceDef resourceDef = new XXResourceDef(); + resourceDef.setAddedByUserId(Id); + resourceDef.setCreateTime(new Date()); + resourceDef.setDefid(Id); + resourceDef.setDescription("test"); + resourceDef.setId(Id); + resDefList.add(resourceDef); + + List<XXAccessTypeDef> accessTypeDefList = new ArrayList<XXAccessTypeDef>(); + XXAccessTypeDef accessTypeDefObj = new XXAccessTypeDef(); + accessTypeDefObj.setAddedByUserId(Id); + accessTypeDefObj.setCreateTime(new Date()); + accessTypeDefObj.setDefid(Id); + accessTypeDefObj.setId(Id); + accessTypeDefObj.setLabel("Read"); + accessTypeDefObj.setName("read"); + accessTypeDefObj.setOrder(null); + accessTypeDefObj.setRbkeylabel(null); + accessTypeDefObj.setUpdatedByUserId(Id); + accessTypeDefObj.setUpdateTime(new Date()); + accessTypeDefList.add(accessTypeDefObj); + + List<XXPolicyConditionDef> policyConditionDefList = new ArrayList<XXPolicyConditionDef>(); + XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef(); + policyConditionDefObj.setAddedByUserId(Id); + policyConditionDefObj.setCreateTime(new Date()); + policyConditionDefObj.setDefid(Id); + policyConditionDefObj.setDescription("policy"); + policyConditionDefObj.setId(Id); + policyConditionDefObj.setName("country"); + policyConditionDefObj.setOrder(0); + policyConditionDefObj.setUpdatedByUserId(Id); + policyConditionDefObj.setUpdateTime(new Date()); + policyConditionDefList.add(policyConditionDefObj); + + List<XXContextEnricherDef> contextEnricherDefList = new ArrayList<XXContextEnricherDef>(); + XXContextEnricherDef contextEnricherDefObj = new XXContextEnricherDef(); + contextEnricherDefObj.setAddedByUserId(Id); + contextEnricherDefObj.setCreateTime(new Date()); + contextEnricherDefObj.setDefid(Id); + contextEnricherDefObj.setId(Id); + contextEnricherDefObj.setName("country-provider"); + contextEnricherDefObj + .setEnricherOptions("contextName=COUNTRY;dataFile=/etc/ranger/data/userCountry.properties"); + contextEnricherDefObj.setEnricher("RangerCountryProvider"); + contextEnricherDefObj.setOrder(null); + contextEnricherDefObj.setUpdatedByUserId(Id); + contextEnricherDefObj.setUpdateTime(new Date()); + contextEnricherDefList.add(contextEnricherDefObj); + + List<XXEnumDef> enumDefList = new ArrayList<XXEnumDef>(); + XXEnumDef enumDefObj = new XXEnumDef(); + enumDefObj.setAddedByUserId(Id); + enumDefObj.setCreateTime(new Date()); + enumDefObj.setDefaultindex(0); + enumDefObj.setDefid(Id); + enumDefObj.setId(Id); + enumDefObj.setName("authnType"); + enumDefObj.setUpdatedByUserId(Id); + enumDefObj.setUpdateTime(new Date()); + enumDefList.add(enumDefObj); + + Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao); + Mockito.when(xServiceDefDao.getById(serviceDefId)).thenReturn( + xServiceDef); + + Mockito.when(daoManager.getXXServiceConfigDef()).thenReturn( + xServiceConfigDefDao); + Mockito.when(xServiceConfigDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(svcConfDefList); + + Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao); + Mockito.when(xResourceDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(resDefList); + + Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn( + xAccessTypeDefDao); + Mockito.when(xAccessTypeDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(accessTypeDefList); + + Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn( + xPolicyConditionDefDao); + Mockito.when(xPolicyConditionDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(policyConditionDefList); + + Mockito.when(daoManager.getXXContextEnricherDef()).thenReturn( + xContextEnricherDefDao); + Mockito.when(xContextEnricherDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(contextEnricherDefList); + + Mockito.when(daoManager.getXXEnumDef()).thenReturn(xEnumDefDao); + Mockito.when(xEnumDefDao.findByServiceDefId(serviceDefId)).thenReturn( + enumDefList); + ++ Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); ++ Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn(null); ++ + Mockito.when(serviceDefService.read(Id)).thenReturn(rangerServiceDef); RangerServiceDef dbServiceDef = serviceDBStore - .updateServiceDef(serviceDef); - Assert.assertNull(dbServiceDef); + .updateServiceDef(rangerServiceDef); + Assert.assertNotNull(dbServiceDef); + Assert.assertEquals(dbServiceDef, rangerServiceDef); + Assert.assertEquals(dbServiceDef.getId(), rangerServiceDef.getId()); + Assert.assertEquals(dbServiceDef.getCreatedBy(), + rangerServiceDef.getCreatedBy()); + Assert.assertEquals(dbServiceDef.getDescription(), + rangerServiceDef.getDescription()); + Assert.assertEquals(dbServiceDef.getGuid(), rangerServiceDef.getGuid()); + Assert.assertEquals(dbServiceDef.getImplClass(), + rangerServiceDef.getImplClass()); + Assert.assertEquals(dbServiceDef.getLabel(), + rangerServiceDef.getLabel()); + Assert.assertEquals(dbServiceDef.getName(), rangerServiceDef.getName()); + Assert.assertEquals(dbServiceDef.getRbKeyDescription(), + rangerServiceDef.getRbKeyDescription()); + Assert.assertEquals(dbServiceDef.getConfigs(), + rangerServiceDef.getConfigs()); + Assert.assertEquals(dbServiceDef.getVersion(), + rangerServiceDef.getVersion()); + Assert.assertEquals(dbServiceDef.getResources(), + rangerServiceDef.getResources()); + } @Test public void test13deleteServiceDef() throws Exception { - serviceDBStore.deleteServiceDef(Id); + XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); + XXAccessTypeDefDao xAccessTypeDefDao = Mockito + .mock(XXAccessTypeDefDao.class); + XXAccessTypeDefGrantsDao xAccessTypeDefGrantsDao = Mockito + .mock(XXAccessTypeDefGrantsDao.class); + XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito + .mock(XXPolicyItemAccessDao.class); + XXContextEnricherDefDao xContextEnricherDefDao = Mockito + .mock(XXContextEnricherDefDao.class); + XXEnumDefDao xEnumDefDao = Mockito.mock(XXEnumDefDao.class); + XXEnumElementDefDao xEnumElementDefDao = Mockito + .mock(XXEnumElementDefDao.class); + XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito + .mock(XXPolicyConditionDefDao.class); + XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito + .mock(XXPolicyItemConditionDao.class); + XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class); + XXPolicyResourceDao xPolicyResourceDao = Mockito + .mock(XXPolicyResourceDao.class); + XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito + .mock(XXPolicyResourceMapDao.class); + XXServiceConfigDefDao xServiceConfigDefDao = Mockito + .mock(XXServiceConfigDefDao.class); + XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class); + XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class); + XXPolicyItemGroupPermDao xPolicyItemGroupPermDao = Mockito + .mock(XXPolicyItemGroupPermDao.class); + XXPolicyItemUserPermDao policyItemUserPermDao = Mockito + .mock(XXPolicyItemUserPermDao.class); + XXServiceConfigMapDao xServiceConfigMapDao = Mockito + .mock(XXServiceConfigMapDao.class); + XXUserDao xUserDao = Mockito.mock(XXUserDao.class); + + RangerServiceDef rangerServiceDef = rangerServiceDef(); + RangerService rangerService = rangerService(); + RangerPolicy rangerPolicy = rangerPolicy(); + String name = "fdfdfds"; + Long serviceDefId = rangerServiceDef.getId(); + + List<XXService> xServiceList = new ArrayList<XXService>(); + XXService xService = new XXService(); + xService.setAddedByUserId(Id); + xService.setCreateTime(new Date()); + xService.setDescription("Hdfs service"); + xService.setGuid("serviceguid"); + xService.setId(Id); + xService.setIsEnabled(true); + xService.setName("Hdfs"); + xService.setPolicyUpdateTime(new Date()); + xService.setPolicyVersion(1L); + xService.setType(1L); + xService.setUpdatedByUserId(Id); + xService.setUpdateTime(new Date()); + xService.setVersion(1L); + xServiceList.add(xService); + + List<XXAccessTypeDef> accessTypeDefList = new ArrayList<XXAccessTypeDef>(); + XXAccessTypeDef accessTypeDefObj = new XXAccessTypeDef(); + accessTypeDefObj.setAddedByUserId(Id); + accessTypeDefObj.setCreateTime(new Date()); + accessTypeDefObj.setDefid(Id); + accessTypeDefObj.setId(Id); + accessTypeDefObj.setLabel("Read"); + accessTypeDefObj.setName("read"); + accessTypeDefObj.setOrder(null); + accessTypeDefObj.setRbkeylabel(null); + accessTypeDefObj.setUpdatedByUserId(Id); + accessTypeDefObj.setUpdateTime(new Date()); + accessTypeDefList.add(accessTypeDefObj); + + List<XXAccessTypeDefGrants> accessTypeDefGrantslist = new ArrayList<XXAccessTypeDefGrants>(); + XXAccessTypeDefGrants accessTypeDefGrantsObj = new XXAccessTypeDefGrants(); + accessTypeDefGrantsObj.setAddedByUserId(Id); + accessTypeDefGrantsObj.setAtdId(Id); + accessTypeDefGrantsObj.setCreateTime(new Date()); + accessTypeDefGrantsObj.setId(Id); + accessTypeDefGrantsObj.setUpdatedByUserId(Id); + accessTypeDefGrantsObj.setUpdateTime(new Date()); + accessTypeDefGrantsObj.setImpliedGrant("read"); + accessTypeDefGrantslist.add(accessTypeDefGrantsObj); + + List<XXPolicyItemAccess> policyItemAccessList = new ArrayList<XXPolicyItemAccess>(); + XXPolicyItemAccess policyItemAccess = new XXPolicyItemAccess(); + policyItemAccess.setAddedByUserId(Id); + policyItemAccess.setCreateTime(new Date()); + policyItemAccess.setPolicyitemid(Id); + policyItemAccess.setId(Id); + policyItemAccess.setOrder(1); + policyItemAccess.setUpdatedByUserId(Id); + policyItemAccess.setUpdateTime(new Date()); + policyItemAccessList.add(policyItemAccess); + + List<XXContextEnricherDef> contextEnricherDefList = new ArrayList<XXContextEnricherDef>(); + XXContextEnricherDef contextEnricherDefObj = new XXContextEnricherDef(); + contextEnricherDefObj.setAddedByUserId(Id); + contextEnricherDefObj.setCreateTime(new Date()); + contextEnricherDefObj.setDefid(Id); + contextEnricherDefObj.setId(Id); + contextEnricherDefObj.setName("country-provider"); + contextEnricherDefObj + .setEnricherOptions("contextName=COUNTRY;dataFile=/etc/ranger/data/userCountry.properties"); + contextEnricherDefObj.setEnricher("RangerCountryProvider"); + contextEnricherDefObj.setOrder(null); + contextEnricherDefObj.setUpdatedByUserId(Id); + contextEnricherDefObj.setUpdateTime(new Date()); + contextEnricherDefList.add(contextEnricherDefObj); + + List<XXEnumDef> enumDefList = new ArrayList<XXEnumDef>(); + XXEnumDef enumDefObj = new XXEnumDef(); + enumDefObj.setAddedByUserId(Id); + enumDefObj.setCreateTime(new Date()); + enumDefObj.setDefaultindex(0); + enumDefObj.setDefid(Id); + enumDefObj.setId(Id); + enumDefObj.setName("authnType"); + enumDefObj.setUpdatedByUserId(Id); + enumDefObj.setUpdateTime(new Date()); + enumDefList.add(enumDefObj); + + List<XXEnumElementDef> xElementsList = new ArrayList<XXEnumElementDef>(); + XXEnumElementDef enumElementDefObj = new XXEnumElementDef(); + enumElementDefObj.setAddedByUserId(Id); + enumElementDefObj.setCreateTime(new Date()); + enumElementDefObj.setEnumdefid(Id); + enumElementDefObj.setId(Id); + enumElementDefObj.setLabel("Authentication"); + enumElementDefObj.setName("authentication"); + enumElementDefObj.setUpdateTime(new Date()); + enumElementDefObj.setUpdatedByUserId(Id); + enumElementDefObj.setRbkeylabel(null); + enumElementDefObj.setOrder(0); + xElementsList.add(enumElementDefObj); + + List<XXPolicyConditionDef> xConditionDefList = new ArrayList<XXPolicyConditionDef>(); + XXPolicyConditionDef policyConditionDefObj = new XXPolicyConditionDef(); + policyConditionDefObj.setAddedByUserId(Id); + policyConditionDefObj.setCreateTime(new Date()); + policyConditionDefObj.setDefid(Id); + policyConditionDefObj.setDescription("policy conditio"); + policyConditionDefObj.setId(Id); + policyConditionDefObj.setName(name); + policyConditionDefObj.setOrder(1); + policyConditionDefObj.setLabel("label"); + xConditionDefList.add(policyConditionDefObj); + + List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>(); + XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition(); + policyItemCondition.setAddedByUserId(Id); + policyItemCondition.setCreateTime(new Date()); + policyItemCondition.setType(1L); + policyItemCondition.setId(Id); + policyItemCondition.setOrder(1); + policyItemCondition.setPolicyItemId(Id); + policyItemCondition.setUpdatedByUserId(Id); + policyItemCondition.setUpdateTime(new Date()); + policyItemConditionList.add(policyItemCondition); + + List<XXResourceDef> resDefList = new ArrayList<XXResourceDef>(); + XXResourceDef resourceDef = new XXResourceDef(); + resourceDef.setAddedByUserId(Id); + resourceDef.setCreateTime(new Date()); + resourceDef.setDefid(Id); + resourceDef.setDescription("test"); + resourceDef.setId(Id); + resDefList.add(resourceDef); + + List<XXPolicyResource> policyResourceList = new ArrayList<XXPolicyResource>(); + XXPolicyResource policyResource = new XXPolicyResource(); + policyResource.setId(Id); + policyResource.setCreateTime(new Date()); + policyResource.setAddedByUserId(Id); + policyResource.setIsExcludes(false); + policyResource.setIsRecursive(false); + policyResource.setPolicyId(Id); + policyResource.setResDefId(Id); + policyResource.setUpdatedByUserId(Id); + policyResource.setUpdateTime(new Date()); + policyResourceList.add(policyResource); + + List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>(); + XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap(); + policyResourceMap.setAddedByUserId(Id); + policyResourceMap.setCreateTime(new Date()); + policyResourceMap.setId(Id); + policyResourceMap.setOrder(1); + policyResourceMap.setResourceId(Id); + policyResourceMap.setUpdatedByUserId(Id); + policyResourceMap.setUpdateTime(new Date()); + policyResourceMap.setValue("1L"); + policyResourceMapList.add(policyResourceMap); + + List<XXServiceConfigDef> serviceConfigDefList = new ArrayList<XXServiceConfigDef>(); + XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef(); + serviceConfigDefObj.setAddedByUserId(Id); + serviceConfigDefObj.setCreateTime(new Date()); + serviceConfigDefObj.setDefaultvalue("simple"); + serviceConfigDefObj.setDescription("service config"); + serviceConfigDefObj.setId(Id); + serviceConfigDefObj.setIsMandatory(true); + serviceConfigDefObj.setName(name); + serviceConfigDefObj.setLabel("username"); + serviceConfigDefObj.setRbkeydescription(null); + serviceConfigDefObj.setRbkeylabel(null); + serviceConfigDefObj.setRbKeyValidationMessage(null); + serviceConfigDefObj.setType("password"); + serviceConfigDefList.add(serviceConfigDefObj); + + List<XXPolicy> policiesList = new ArrayList<XXPolicy>(); + XXPolicy policy = new XXPolicy(); + policy.setAddedByUserId(Id); + policy.setCreateTime(new Date()); + policy.setDescription("polcy test"); + policy.setGuid(""); + policy.setId(rangerService.getId()); + policy.setIsAuditEnabled(true); + policy.setName("HDFS_1-1-20150316062453"); + policy.setService(rangerService.getId()); + policiesList.add(policy); + + List<XXPolicyItem> policyItemList = new ArrayList<XXPolicyItem>(); + XXPolicyItem policyItem = new XXPolicyItem(); + policyItem.setAddedByUserId(Id); + policyItem.setCreateTime(new Date()); + policyItem.setDelegateAdmin(false); + policyItem.setId(Id); + policyItem.setOrder(1); + policyItem.setPolicyId(Id); + policyItem.setUpdatedByUserId(Id); + policyItem.setUpdateTime(new Date()); + policyItemList.add(policyItem); + + List<XXServiceConfigMap> svcConfigMapList = new ArrayList<XXServiceConfigMap>(); + XXServiceConfigMap xConfMap = new XXServiceConfigMap(); + xConfMap.setAddedByUserId(null); + xConfMap.setConfigkey(name); + xConfMap.setConfigvalue(name); + xConfMap.setCreateTime(new Date()); + xConfMap.setServiceId(Id); + + List<XXPolicyItemGroupPerm> policyItemGroupPermlist = new ArrayList<XXPolicyItemGroupPerm>(); + XXPolicyItemGroupPerm policyItemGroupPermObj = new XXPolicyItemGroupPerm(); + policyItemGroupPermObj.setAddedByUserId(Id); + policyItemGroupPermObj.setCreateTime(new Date()); + policyItemGroupPermObj.setGroupId(Id); + policyItemGroupPermObj.setId(Id); + policyItemGroupPermObj.setOrder(1); + policyItemGroupPermObj.setPolicyItemId(Id); + policyItemGroupPermObj.setUpdatedByUserId(Id); + policyItemGroupPermObj.setUpdateTime(new Date()); + policyItemGroupPermlist.add(policyItemGroupPermObj); + + List<XXPolicyItemUserPerm> policyItemUserPermList = new ArrayList<XXPolicyItemUserPerm>(); + XXPolicyItemUserPerm policyItemUserPermObj = new XXPolicyItemUserPerm(); + policyItemUserPermObj.setAddedByUserId(Id); + policyItemUserPermObj.setCreateTime(new Date()); + policyItemUserPermObj.setId(Id); + policyItemUserPermObj.setOrder(1); + policyItemUserPermObj.setPolicyItemId(Id); + policyItemUserPermObj.setUpdatedByUserId(serviceDefId); + policyItemUserPermObj.setUpdateTime(new Date()); + policyItemUserPermObj.setUserId(Id); + policyItemUserPermList.add(policyItemUserPermObj); + + XXUser xUser = new XXUser(); + xUser.setAddedByUserId(Id); + xUser.setCreateTime(new Date()); + xUser.setCredStoreId(Id); + xUser.setDescription("user test"); + xUser.setId(Id); + xUser.setIsVisible(null); + xUser.setName(name); + xUser.setStatus(0); + xUser.setUpdatedByUserId(Id); + xUser.setUpdateTime(new Date()); + + Mockito.when(serviceDefService.read(Id)).thenReturn(rangerServiceDef); + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); - Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn( - xServiceList); ++ Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn(null); ++// xServiceList); + - Mockito.when(stringUtil.isEmpty(xServiceList)).thenReturn(true); + Mockito.when(daoManager.getXXAccessTypeDef()).thenReturn( + xAccessTypeDefDao); + Mockito.when(xAccessTypeDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(accessTypeDefList); + + Mockito.when(daoManager.getXXAccessTypeDefGrants()).thenReturn( + xAccessTypeDefGrantsDao); + Mockito.when( + xAccessTypeDefGrantsDao.findByATDId(accessTypeDefObj.getId())) + .thenReturn(accessTypeDefGrantslist); + + Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn( + xPolicyItemAccessDao); + Mockito.when(xPolicyItemAccessDao.findByType(accessTypeDefObj.getId())) + .thenReturn(policyItemAccessList); + + Mockito.when(daoManager.getXXContextEnricherDef()).thenReturn( + xContextEnricherDefDao); + Mockito.when(xContextEnricherDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(contextEnricherDefList); + + Mockito.when(daoManager.getXXEnumDef()).thenReturn(xEnumDefDao); + Mockito.when(xEnumDefDao.findByServiceDefId(serviceDefId)).thenReturn( + enumDefList); + + Mockito.when(daoManager.getXXEnumElementDef()).thenReturn( + xEnumElementDefDao); + Mockito.when(xEnumElementDefDao.findByEnumDefId(enumDefObj.getId())) + .thenReturn(xElementsList); + + Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn( + xPolicyConditionDefDao); + Mockito.when(xPolicyConditionDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(xConditionDefList); + + Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn( + xPolicyItemConditionDao); + Mockito.when( + xPolicyItemConditionDao + .findByPolicyConditionDefId(policyConditionDefObj + .getId())).thenReturn(policyItemConditionList); + + Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao); + Mockito.when(xResourceDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(resDefList); + + Mockito.when(daoManager.getXXPolicyResource()).thenReturn( + xPolicyResourceDao); + Mockito.when(xPolicyResourceDao.findByResDefId(resourceDef.getId())) + .thenReturn(policyResourceList); + + Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn( + xPolicyResourceMapDao); + Mockito.when( + xPolicyResourceMapDao.findByPolicyResId(policyResource.getId())) + .thenReturn(policyResourceMapList); + + Mockito.when(daoManager.getXXServiceConfigDef()).thenReturn( + xServiceConfigDefDao); + Mockito.when(xServiceConfigDefDao.findByServiceDefId(serviceDefId)) + .thenReturn(serviceConfigDefList); + + Mockito.when(svcService.read(Id)).thenReturn(rangerService); + + Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao); + Mockito.when(xPolicyDao.findByServiceId(rangerService.getId())) + .thenReturn(policiesList); + + Mockito.when(policyService.read(Id)).thenReturn(rangerPolicy); + + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); + Mockito.when(xServiceDao.findByName("HDFS_1-1-20150316062453")) + .thenReturn(xService); + Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( + rangerService); + + Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao); + Mockito.when(xPolicyItemDao.findByPolicyId(rangerPolicy.getId())) + .thenReturn(policyItemList); + + Mockito.when(daoManager.getXXPolicyItemGroupPerm()).thenReturn( + xPolicyItemGroupPermDao); + Mockito.when( + xPolicyItemGroupPermDao.findByPolicyItemId(policyItem.getId())) + .thenReturn(policyItemGroupPermlist); + + Mockito.when(daoManager.getXXPolicyItemUserPerm()).thenReturn( + policyItemUserPermDao); + Mockito.when( + policyItemUserPermDao.findByPolicyItemId(policyItem.getId())) + .thenReturn(policyItemUserPermList); + + svcServiceWithAssignedId.setPopulateExistingBaseFields(true); + + Mockito.when(svcServiceWithAssignedId.update(rangerService)) + .thenReturn(rangerService); + + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); + Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( + xService); ++ Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn(null); + + Mockito.when(svcService.update(rangerService)) + .thenReturn(rangerService); + + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); + Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( + xService); + + Mockito.when(daoManager.getXXServiceConfigMap()).thenReturn( + xServiceConfigMapDao); + Mockito.when( + xServiceConfigMapDao.findByServiceId(rangerService.getId())) + .thenReturn(svcConfigMapList); + + Mockito.when( + rangerAuditFields.populateAuditFields( + Mockito.isA(XXServiceConfigMap.class), + Mockito.isA(XXService.class))).thenReturn(xConfMap); + + Mockito.when(stringUtil.getValidUserName(name)).thenReturn(name); + Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao); + Mockito.when(xUserDao.findByUserName(name)).thenReturn(xUser); + Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); - serviceDBStore.deleteServiceDef(Id); ++ serviceDBStore.deleteServiceDef(Id, true); + Mockito.verify(daoManager).getXXContextEnricherDef(); + Mockito.verify(daoManager).getXXEnumDef(); } @Test @@@ -1797,15 -2528,18 +2530,18 @@@ filter.setParam(SearchFilter.POLICY_NAME, "policyName"); filter.setParam(SearchFilter.SERVICE_NAME, "serviceName"); RangerService rangerService = rangerService(); - Mockito.when(svcService.read(rangerService.getId())).thenReturn( - rangerService); + + XXService xService = xService(); + XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); + Mockito.when(xServiceDao.getById(Id)).thenReturn(xService); - RangerPolicyList dbRangerPolicyList = serviceDBStore + PList<RangerPolicy> dbRangerPolicyList = serviceDBStore .getPaginatedServicePolicies(rangerService.getId(), filter); Assert.assertNull(dbRangerPolicyList); - Mockito.verify(svcService).read(rangerService.getId()); + Mockito.verify(daoManager).getXXService(); } - + @Test public void test38getPolicyVersionList() throws Exception { XXDataHistDao xDataHistDao = Mockito.mock(XXDataHistDao.class); @@@ -1832,4 -2567,40 +2569,40 @@@ Assert.assertNull(dbRangerPolicy); Mockito.verify(daoManager).getXXDataHist(); } + + @Test + public void test40getPoliciesByResourceSignature() throws Exception { + List<RangerPolicy> rangerPolicyLists = new ArrayList<RangerPolicy>(); + RangerPolicy rangerPolicy = rangerPolicy(); + rangerPolicyLists.add(rangerPolicy); + + String serviceName = "HDFS_1"; + String policySignature = "Repo"; + Boolean isPolicyEnabled = true; + + RangerService rangerService = rangerService(); + List<XXPolicy> policiesList = new ArrayList<XXPolicy>(); + XXPolicy policy = new XXPolicy(); + policy.setAddedByUserId(Id); + policy.setCreateTime(new Date()); + policy.setDescription("polcy test"); + policy.setGuid(""); + policy.setId(rangerService.getId()); + policy.setIsAuditEnabled(true); + policy.setName("HDFS_1-1-20150316062453"); + policy.setService(rangerService.getId()); + policiesList.add(policy); + + XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class); + Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao); + Mockito.when( + xPolicyDao.findByResourceSignatureByPolicyStatus(serviceName, + policySignature, isPolicyEnabled)).thenReturn( + policiesList); + List<RangerPolicy> policyList = serviceDBStore + .getPoliciesByResourceSignature(serviceName, policySignature, + isPolicyEnabled); + Assert.assertNotNull(policyList); + Mockito.verify(daoManager).getXXPolicy(); + } -} +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5a022141/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java ---------------------------------------------------------------------- diff --cc security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java index 5c72d0d,f024b99..e07a72d --- a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java +++ b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java @@@ -437,6 -500,39 +501,39 @@@ public class TestServiceREST } @Test + public void test7getServiceDefs() throws Exception { + HttpServletRequest request = Mockito.mock(HttpServletRequest.class); + SearchFilter filter = new SearchFilter(); + filter.setParam(SearchFilter.POLICY_NAME, "policyName"); + filter.setParam(SearchFilter.SERVICE_NAME, "serviceName"); + Mockito.when( + searchUtil.getSearchFilter(request, + serviceDefService.sortFields)).thenReturn(filter); + + List<RangerServiceDef> serviceDefsList = new ArrayList<RangerServiceDef>(); + RangerServiceDef serviceDef = rangerServiceDef(); + serviceDefsList.add(serviceDef); - RangerServiceDefList serviceDefList = new RangerServiceDefList(); ++ PList<RangerServiceDef> serviceDefList = new PList<RangerServiceDef>(); + serviceDefList.setPageSize(0); + serviceDefList.setResultSize(1); + serviceDefList.setSortBy("asc"); + serviceDefList.setSortType("1"); + serviceDefList.setStartIndex(0); + serviceDefList.setTotalCount(10); - serviceDefList.setServiceDefs(serviceDefsList); ++ serviceDefList.setList(serviceDefsList); + Mockito.when(svcStore.getPaginatedServiceDefs(filter)).thenReturn( + serviceDefList); + Mockito.when(serviceDefService.searchRangerServiceDefs(filter)) - .thenReturn(serviceDefList); ++ .thenReturn(new RangerServiceDefList(serviceDefsList)); + RangerServiceDefList dbRangerServiceDef = serviceREST + .getServiceDefs(request); + Assert.assertNotNull(dbRangerServiceDef); + Mockito.verify(searchUtil).getSearchFilter(request, + serviceDefService.sortFields); + Mockito.verify(svcStore).getPaginatedServiceDefs(filter); + } + + @Test public void test8updateServiceDef() throws Exception { RangerService rangerService = rangerService(); @@@ -724,9 -899,8 +901,8 @@@ public void test22getServicePoliciesById() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); RangerPolicy rangerPolicy = rangerPolicy(); - - RangerPolicyList ret = Mockito.mock(RangerPolicyList.class); + PList<RangerPolicy> ret = Mockito.mock(PList.class); SearchFilter filter = new SearchFilter(); filter.setParam(SearchFilter.POLICY_NAME, "policyName"); filter.setParam(SearchFilter.SERVICE_NAME, "serviceName"); @@@ -862,8 -1029,7 +1032,7 @@@ @Test public void test34countServices() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); - - RangerServiceList ret = Mockito.mock(RangerServiceList.class); + PList<RangerService> ret = Mockito.mock(PList.class); SearchFilter filter = new SearchFilter(); filter.setParam(SearchFilter.POLICY_NAME, "policyName"); filter.setParam(SearchFilter.SERVICE_NAME, "serviceName");
