Repository: incubator-ranger Updated Branches: refs/heads/ranger-0.5 60ae01301 -> 19aa95ec7
RANGER-562: Policy migration updated to ignore incorrect permission type and continue with migration Signed-off-by: Madhan Neethiraj <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/19aa95ec Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/19aa95ec Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/19aa95ec Branch: refs/heads/ranger-0.5 Commit: 19aa95ec7df94e543a6533bcf992c0e7d09ce620 Parents: 60ae013 Author: Gautam Borad <[email protected]> Authored: Fri Jun 19 18:33:59 2015 -0400 Committer: sneethiraj <[email protected]> Committed: Fri Jun 19 18:51:19 2015 -0400 ---------------------------------------------------------------------- .../ranger/patch/PatchMigration_J10002.java | 28 +++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/19aa95ec/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java index 1747324..44306d8 100644 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java @@ -20,10 +20,13 @@ package org.apache.ranger.patch; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; +import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Map.Entry; +import java.util.Set; +import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.apache.ranger.biz.RangerBizUtil; @@ -91,6 +94,15 @@ public class PatchMigration_J10002 extends BaseLoader { private static int policyCounter = 0; private static int serviceCounter = 0; + static Set<String> unsupportedLegacyPermTypes = new HashSet<String>(); + + static { + unsupportedLegacyPermTypes.add("Unknown"); + unsupportedLegacyPermTypes.add("Reset"); + unsupportedLegacyPermTypes.add("Obfuscate"); + unsupportedLegacyPermTypes.add("Mask"); + } + public static void main(String[] args) { logger.info("main()"); try { @@ -451,6 +463,10 @@ public class PatchMigration_J10002 extends BaseLoader { } String accessType = ServiceUtil.toAccessType(permMap.getPermType()); + if(StringUtils.isBlank(accessType) || unsupportedLegacyPermTypes.contains(accessType)) { + logger.info(accessType + ": is not a valid access-type, ignoring accesstype for policy: " + xRes.getPolicyName()); + continue; + } if(StringUtils.equalsIgnoreCase(accessType, "Admin")) { policyItem.setDelegateAdmin(Boolean.TRUE); @@ -464,6 +480,16 @@ public class PatchMigration_J10002 extends BaseLoader { ipAddress = permMap.getIpAddress(); } + if(CollectionUtils.isEmpty(accessList)) { + logger.info("no access specified. ignoring policyItem for policy: " + xRes.getPolicyName()); + continue; + } + + if(CollectionUtils.isEmpty(userList) && CollectionUtils.isEmpty(groupList)) { + logger.info("no user or group specified. ignoring policyItem for policy: " + xRes.getPolicyName()); + continue; + } + policyItem.setUsers(userList); policyItem.setGroups(groupList); policyItem.setAccesses(accessList); @@ -525,4 +551,4 @@ public class PatchMigration_J10002 extends BaseLoader { return groupName; } -} \ No newline at end of file +}
