RANGER-595: updated tag-store implementation; replaced externalId references with guid; service.tagVersion incremented on changes to tagging for the service-resources
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/303f7b70 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/303f7b70 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/303f7b70 Branch: refs/heads/tag-policy Commit: 303f7b7023f2e20464186babf97c461ea598062c Parents: 83cb21e Author: Madhan Neethiraj <[email protected]> Authored: Fri Aug 28 02:48:17 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Fri Aug 28 14:54:02 2015 -0700 ---------------------------------------------------------------------- .../admin/client/RangerAdminRESTClient.java | 2 +- .../plugin/model/RangerServiceResource.java | 10 +- .../apache/ranger/plugin/model/RangerTag.java | 7 +- .../ranger/plugin/model/RangerTagDef.java | 1 + .../ranger/plugin/store/AbstractTagStore.java | 324 +----- .../ranger/plugin/store/TagPredicateUtil.java | 91 +- .../apache/ranger/plugin/store/TagStore.java | 48 +- .../ranger/plugin/store/TagValidator.java | 124 +-- .../ranger/plugin/store/file/TagFileStore.java | 866 ++++++++++++--- .../apache/ranger/plugin/util/SearchFilter.java | 28 +- .../apache/ranger/plugin/util/ServiceTags.java | 14 +- .../ranger/plugin/store/TestTagStore.java | 24 +- .../016-updated-schema-for-tag-based-policy.sql | 93 +- .../java/org/apache/ranger/biz/TagDBStore.java | 1011 +++++++++++------- .../org/apache/ranger/common/AppConstants.java | 12 +- .../apache/ranger/db/RangerDaoManagerBase.java | 38 +- .../apache/ranger/db/XXServiceResourceDao.java | 85 ++ .../ranger/db/XXServiceResourceElementDao.java | 49 + .../db/XXServiceResourceElementValueDao.java | 61 ++ .../java/org/apache/ranger/db/XXTagDao.java | 70 +- .../java/org/apache/ranger/db/XXTagDefDao.java | 45 + .../apache/ranger/db/XXTagResourceMapDao.java | 102 +- .../apache/ranger/db/XXTaggedResourceDao.java | 49 - .../ranger/db/XXTaggedResourceValueDao.java | 49 - .../ranger/db/XXTaggedResourceValueMapDao.java | 62 -- .../org/apache/ranger/entity/XXServiceBase.java | 74 ++ .../apache/ranger/entity/XXServiceResource.java | 245 +++++ .../ranger/entity/XXServiceResourceElement.java | 245 +++++ .../entity/XXServiceResourceElementValue.java | 220 ++++ .../java/org/apache/ranger/entity/XXTag.java | 86 -- .../apache/ranger/entity/XXTagResourceMap.java | 28 +- .../apache/ranger/entity/XXTaggedResource.java | 245 ----- .../ranger/entity/XXTaggedResourceValue.java | 245 ----- .../ranger/entity/XXTaggedResourceValueMap.java | 220 ---- .../java/org/apache/ranger/rest/TagREST.java | 174 ++- .../apache/ranger/rest/TagRESTConstants.java | 31 +- .../ranger/service/RangerServiceDefService.java | 9 - .../service/RangerServiceResourceService.java | 96 ++ .../RangerServiceResourceServiceBase.java | 112 ++ .../ranger/service/RangerTagDefService.java | 60 ++ .../service/RangerTagResourceMapService.java | 190 ++++ .../RangerTagResourceMapServiceBase.java | 75 ++ .../apache/ranger/service/RangerTagService.java | 82 +- .../ranger/service/RangerTagServiceBase.java | 33 +- .../service/RangerTaggedResourceService.java | 51 - .../RangerTaggedResourceServiceBase.java | 112 -- .../resources/META-INF/jpa_named_queries.xml | 122 ++- 47 files changed, 3611 insertions(+), 2409 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java index 3f0c5dd..5ec7996 100644 --- a/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java +++ b/agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java @@ -222,7 +222,7 @@ public class RangerAdminRESTClient implements RangerAdminClient { } if(LOG.isDebugEnabled()) { - LOG.debug("<==> RangerAdminRESTClient.getTaggedResources(" + lastKnownVersion + "): "); + LOG.debug("<== RangerAdminRESTClient.getServiceTagsIfUpdated(" + lastKnownVersion + "): "); } return ret; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java index 3728f6d..c9e07eb 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceResource.java @@ -43,15 +43,15 @@ public class RangerServiceResource extends RangerBaseModelObject { private String resourceSignature = null; - public RangerServiceResource(String externalId, String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec, String resourceSignature) { + public RangerServiceResource(String guid, String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec, String resourceSignature) { super(); - setGuid(externalId); + setGuid(guid); setServiceName(serviceName); setResourceSpec(resourceSpec); setResourceSignature(resourceSignature); } - public RangerServiceResource(String externalId, String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) { - this(externalId, serviceName, resourceSpec, null); + public RangerServiceResource(String guid, String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) { + this(guid, serviceName, resourceSpec, null); } public RangerServiceResource(String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) { this(null, serviceName, resourceSpec, null); @@ -94,7 +94,7 @@ public class RangerServiceResource extends RangerBaseModelObject { sb.append("{ "); - sb.append("externalId={").append(getGuid()).append("} "); + sb.append("guid={").append(getGuid()).append("} "); sb.append("serviceName={").append(serviceName).append("} "); sb.append("resourceSpec={"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java index 25dc24d..6e4685a 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTag.java @@ -38,11 +38,12 @@ import java.util.Map; public class RangerTag extends RangerBaseModelObject { private static final long serialVersionUID = 1L; - private String name; + private String name; private Map<String, String> attributeValues; public RangerTag(String guid, String name, Map<String, String> attributeValues) { super(); + setGuid(guid); setName(name); setAttributeValues(attributeValues); @@ -82,10 +83,10 @@ public class RangerTag extends RangerBaseModelObject { } public StringBuilder toString(StringBuilder sb) { + sb.append("RangerTag={"); - sb.append("{ "); + super.toString(sb); - sb.append("guid={").append(getGuid()).append("} "); sb.append("name={").append(name).append("} "); sb.append("attributeValues={"); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTagDef.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTagDef.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTagDef.java index 0f58c96..bd9bbfa 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTagDef.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerTagDef.java @@ -102,6 +102,7 @@ public class RangerTagDef extends RangerBaseModelObject { @XmlAccessorType(XmlAccessType.FIELD) public static class RangerTagAttributeDef implements java.io.Serializable { + private static final long serialVersionUID = 1L; private String name = null; private String type = null; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java index 43d25a7..ed1b64d 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractTagStore.java @@ -19,14 +19,9 @@ package org.apache.ranger.plugin.store; -import org.apache.commons.collections.CollectionUtils; -import org.apache.commons.collections.MapUtils; -import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ranger.plugin.model.*; -import org.apache.ranger.plugin.util.SearchFilter; -import org.apache.ranger.plugin.util.ServiceTags; import java.util.*; @@ -48,9 +43,11 @@ public abstract class AbstractTagStore implements TagStore { protected void preCreate(RangerBaseModelObject obj) throws Exception { obj.setId(0L); + if(obj.getGuid() == null) { obj.setGuid(UUID.randomUUID().toString()); } + obj.setCreateTime(new Date()); obj.setUpdateTime(obj.getCreateTime()); obj.setVersion(1L); @@ -88,7 +85,6 @@ public abstract class AbstractTagStore implements TagStore { } protected void preDelete(RangerBaseModelObject obj) throws Exception { - // TODO: } protected void postDelete(RangerBaseModelObject obj) throws Exception { @@ -106,322 +102,6 @@ public abstract class AbstractTagStore implements TagStore { } return ret; } - - @Override - public PList<RangerTagDef> getPaginatedTagDefs(SearchFilter filter) throws Exception { - List<RangerTagDef> list = getTagDefs(filter); - - return new PList<RangerTagDef>(list, 0, list.size(), - (long)list.size(), list.size(), filter.getSortType(), filter.getSortBy()); - } - - @Override - public PList<RangerTagResourceMap> getPaginatedTagResourceMaps(SearchFilter filter) throws Exception { - List<RangerTagResourceMap> list = getTagResourceMaps(filter); - - return new PList<RangerTagResourceMap>(list, 0, list.size(), - (long)list.size(), list.size(), filter.getSortType(), filter.getSortBy()); - } - - - @Override - public List<RangerTagDef> getTagDefsByExternalId(String externalId) throws Exception { - - List<RangerTagDef> ret; - - if (StringUtils.isNotBlank(externalId)) { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_EXTERNAL_ID, externalId); - - ret = getTagDefs(filter); - - } else { - ret = null; - } - - return ret; - } - - @Override - public RangerTag getTagById(Long id) throws Exception { - if (LOG.isDebugEnabled()) { - LOG.debug("==> AbstractTagStore.getTagById(" + id + ")"); - } - - RangerTag ret = null; - - if (id != null) { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_ID, id.toString()); - - List<RangerTag> tags = getTags(filter); - - if (CollectionUtils.isNotEmpty(tags) && CollectionUtils.size(tags) == 1) { - ret = tags.get(0); - } - } - - if (LOG.isDebugEnabled()) { - LOG.debug("<== AbstractTagStore.getTagDefById(" + id + "): " + ret); - } - - return ret; - } - - @Override - public List<RangerTag> getTagsByName(String name) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_NAME, name); - - return getTags(filter); - } - - @Override - public List<RangerTag> getTagsByExternalId(String externalId) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_EXTERNAL_ID, externalId); - - return getTags(filter); - } - - - @Override - public RangerServiceResource getServiceResourceById(Long id) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_ID, id.toString()); - - List<RangerServiceResource> resources = getServiceResources(filter); - if (CollectionUtils.isEmpty(resources) || resources.size() > 1) { - throw new Exception("Not exactly one resource found with id=" + id); - } - - return resources.get(0); - } - - @Override - public List<RangerServiceResource> getServiceResourcesByExternalId(String externalId) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_EXTERNAL_ID, externalId); - - return getServiceResources(filter); - } - - @Override - public List<RangerServiceResource> getServiceResourcesByServiceAndResourceSpec(String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) throws Exception { - List<RangerServiceResource> ret = null; - - RangerService service; - try { - service = svcStore.getServiceByName(serviceName); - } catch (Exception excp) { - LOG.error("AbstractTagStore.getTaggedResource - failed to get service " + serviceName); - throw new Exception("Invalid service: " + serviceName); - } - - if (MapUtils.isNotEmpty(resourceSpec)) { - - RangerServiceResource resource = new RangerServiceResource(serviceName, resourceSpec); - ret = getServiceResources(resource); - } - - return ret; - } - - private List<RangerServiceResource> getServiceResources(RangerServiceResource resource) throws Exception { - - List<RangerServiceResource> ret = null; - - RangerServiceResourceSignature serializer = new RangerServiceResourceSignature(resource); - String signature = serializer.getSignature(); - - SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_SIGNATURE, signature); - - ret = getServiceResources(filter); - - return ret; - } - - @Override - public List<RangerTagResourceMap> getTagResourceMap(String externalResourceId, String externalTagId) throws Exception { - List<RangerTagResourceMap> ret = null; - - SearchFilter serviceResourceFilter = new SearchFilter(); - SearchFilter tagFilter = new SearchFilter(); - - serviceResourceFilter.setParam(SearchFilter.TAG_RESOURCE_EXTERNAL_ID, externalResourceId); - List<RangerServiceResource> serviceResources = getServiceResources(serviceResourceFilter); - - tagFilter.setParam(SearchFilter.TAG_EXTERNAL_ID, externalTagId); - List<RangerTag> tags = getTags(tagFilter); - - if (CollectionUtils.isNotEmpty(serviceResources) && CollectionUtils.isNotEmpty(tags)) { - - for (RangerServiceResource serviceResource : serviceResources) { - - Long resourceId = serviceResource.getId(); - - for (RangerTag tag : tags) { - - Long tagId = tag.getId(); - - SearchFilter mapFilter = new SearchFilter(); - - mapFilter.setParam(SearchFilter.TAG_MAP_TAG_ID, tagId.toString()); - - mapFilter.setParam(SearchFilter.TAG_MAP_RESOURCE_ID, resourceId.toString()); - - ret = getTagResourceMaps(mapFilter); - - if (CollectionUtils.isNotEmpty(ret)) { - break; - } - } - } - } - - return ret; - } - - @Override - public RangerTagResourceMap getTagResourceMapById(Long id) throws Exception { - SearchFilter filter = new SearchFilter(); - - filter.setParam(SearchFilter.TAG_MAP_ID, id.toString()); - - List<RangerTagResourceMap> list = getTagResourceMaps(filter); - - if (CollectionUtils.isEmpty(list) || CollectionUtils.size(list) != 1) { - throw new Exception("Cannot find unique tagResourceMap object with id=" + id); - } - return list.get(0); - } - - @Override - public ServiceTags getServiceTagsIfUpdated(String serviceName, Long lastKnownVersion) throws Exception { - - ServiceTags ret = new ServiceTags(); - - boolean tagsChanged = true; - - RangerService service = null; - - try { - service = svcStore.getServiceByName(serviceName); - ret.setServiceName(serviceName); - } catch (Exception exception) { - LOG.error("Cannot find service for serviceName=" + serviceName); - tagsChanged = false; - } - - if (lastKnownVersion != null - && service != null && service.getTagVersion() != null - && lastKnownVersion.compareTo(service.getTagVersion()) >= 0 ) { - tagsChanged = false; - } - - if (tagsChanged) { - SearchFilter filter = new SearchFilter(); - - filter.setParam(SearchFilter.TAG_RESOURCE_SERVICE_NAME, serviceName); - - List<RangerServiceResource> serviceResources = getServiceResources(filter); - - Map<Long, RangerTag> tagsMap = new HashMap<Long, RangerTag>(); - Map<Long, List<Long>> resourceToTagIdsMap = new HashMap<Long, List<Long>>(); - - for (RangerServiceResource serviceResource : serviceResources) { - List<RangerTag> tagList = getTagsForServiceResourceObject(serviceResource); - - if (CollectionUtils.isNotEmpty(tagList)) { - List<Long> tagIdList = new ArrayList<Long>(); - for (RangerTag tag : tagList) { - tagsMap.put(tag.getId(), tag); - tagIdList.add(tag.getId()); - } - resourceToTagIdsMap.put(serviceResource.getId(), tagIdList); - } - } - - if (MapUtils.isEmpty(resourceToTagIdsMap)) { - serviceResources.clear(); - } - - ret.setServiceResources(serviceResources); - ret.setResourceToTagIds(resourceToTagIdsMap); - ret.setTags(tagsMap); - - if (service != null && service.getTagVersion() != null) { - ret.setTagVersion(service.getTagVersion()); - } - if (service != null && service.getTagUpdateTime() != null) { - ret.setTagUpdateTime(service.getTagUpdateTime()); - } - if (LOG.isDebugEnabled()) { - LOG.debug("Changes to tagVersion detected, tagVersion in service=" + (service == null ? null : service.getTagVersion()) - + ", Plugin-provided lastKnownVersion=" + lastKnownVersion); - } - } else { - if (LOG.isDebugEnabled()) { - LOG.debug("No changes to tagVersion detected, tagVersion in service=" + (service == null ? null : service.getTagVersion()) - + ", Plugin-provided lastKnownVersion=" + lastKnownVersion); - } - ret.setTagVersion(lastKnownVersion); - } - - return ret; - - } - - @Override - public List<RangerTag> getTagsForServiceResource(Long resourceId) throws Exception { - RangerServiceResource serviceResource = getServiceResourceById(resourceId); - - List<RangerTag> tagList = getTagsForServiceResourceObject(serviceResource); - - return tagList; - } - - @Override - public List<RangerTag> getTagsForServiceResourceByExtId(String resourceExtId) throws Exception { - List<RangerTag> tagList = new ArrayList<RangerTag>(); - - List<RangerServiceResource> serviceResources = getServiceResourcesByExternalId(resourceExtId); - for (RangerServiceResource serviceResource : serviceResources) { - List<RangerTag> tmp = getTagsForServiceResourceObject(serviceResource); - tagList.addAll(tmp); - } - return tagList; - } - - private List<RangerTag> getTagsForServiceResourceObject(RangerServiceResource serviceResource) throws Exception { - - List<RangerTag> tagList = new ArrayList<RangerTag>(); - - if (serviceResource != null) { - SearchFilter mapFilter = new SearchFilter(); - mapFilter.setParam(SearchFilter.TAG_MAP_RESOURCE_ID, serviceResource.getId().toString()); - - List<RangerTagResourceMap> associations = getTagResourceMaps(mapFilter); - if (CollectionUtils.isNotEmpty(associations)) { - - for (RangerTagResourceMap association : associations) { - RangerTag tag = getTagById(association.getTagId()); - if (tag != null) { - tagList.add(tag); - } - } - } - } - return tagList; - } - - @Override - public List<RangerTagResourceMap> getTagResourceMapsByResourceId(Long tagId) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_MAP_RESOURCE_ID, tagId.toString()); - List<RangerTagResourceMap> associations = getTagResourceMaps(filter); - return associations; - } - - @Override - public List<RangerTagResourceMap> getTagResourceMapsByTagId(Long tagId) throws Exception { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_MAP_TAG_ID, tagId.toString()); - List<RangerTagResourceMap> associations = getTagResourceMaps(filter); - return associations; - } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/store/TagPredicateUtil.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagPredicateUtil.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagPredicateUtil.java index 950969e..de48240 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagPredicateUtil.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagPredicateUtil.java @@ -38,21 +38,19 @@ public class TagPredicateUtil extends AbstractPredicateUtil { super.addPredicates(filter, predicates); addPredicateForTagDefId(filter.getParam(SearchFilter.TAG_DEF_ID), predicates); - addPredicateForTagDefExternalId(filter.getParam(SearchFilter.TAG_DEF_EXTERNAL_ID), predicates); + addPredicateForTagDefGuid(filter.getParam(SearchFilter.TAG_DEF_GUID), predicates); addPredicateForTagDefName(filter.getParam(SearchFilter.TAG_DEF_NAME), predicates); addPredicateForTagId(filter.getParam(SearchFilter.TAG_ID), predicates); - addPredicateForTagExternalId(filter.getParam(SearchFilter.TAG_EXTERNAL_ID), predicates); + addPredicateForTagGuid(filter.getParam(SearchFilter.TAG_GUID), predicates); addPredicateForTagName(filter.getParam(SearchFilter.TAG_NAME), predicates); addPredicateForResourceId(filter.getParam(SearchFilter.TAG_RESOURCE_ID), predicates); - addPredicateForResourceExternalId(filter.getParam(SearchFilter.TAG_RESOURCE_EXTERNAL_ID), predicates); + addPredicateForResourceGuid(filter.getParam(SearchFilter.TAG_RESOURCE_GUID), predicates); addPredicateForServiceResourceServiceName(filter.getParam(SearchFilter.TAG_RESOURCE_SERVICE_NAME), predicates); addPredicateForResourceSignature(filter.getParam(SearchFilter.TAG_RESOURCE_SIGNATURE), predicates); addPredicateForTagResourceMapId(filter.getParam(SearchFilter.TAG_MAP_ID), predicates); - addPredicateForTagResourceMapResourceId(filter.getParam(SearchFilter.TAG_MAP_RESOURCE_ID), predicates); - addPredicateForTagResourceMapTagId(filter.getParam(SearchFilter.TAG_MAP_TAG_ID), predicates); } private Predicate addPredicateForTagDefId(final String id, List<Predicate> predicates) { @@ -87,8 +85,8 @@ public class TagPredicateUtil extends AbstractPredicateUtil { return ret; } - private Predicate addPredicateForTagDefExternalId(final String externalId, List<Predicate> predicates) { - if (externalId == null || StringUtils.isEmpty(externalId)) { + private Predicate addPredicateForTagDefGuid(final String guid, List<Predicate> predicates) { + if (StringUtils.isEmpty(guid)) { return null; } @@ -105,7 +103,7 @@ public class TagPredicateUtil extends AbstractPredicateUtil { if (object instanceof RangerTagDef) { RangerTagDef tagDef = (RangerTagDef) object; - ret = StringUtils.equals(externalId, tagDef.getGuid()); + ret = StringUtils.equals(guid, tagDef.getGuid()); } return ret; @@ -170,6 +168,9 @@ public class TagPredicateUtil extends AbstractPredicateUtil { RangerTag tag = (RangerTag) object; ret = StringUtils.equals(id, tag.getId().toString()); + } else if (object instanceof RangerTagResourceMap) { + RangerTagResourceMap tagResourceMap = (RangerTagResourceMap) object; + ret = StringUtils.equals(id, tagResourceMap.getTagId().toString()); } return ret; @@ -183,8 +184,8 @@ public class TagPredicateUtil extends AbstractPredicateUtil { return ret; } - private Predicate addPredicateForTagExternalId(final String externalId, List<Predicate> predicates) { - if (StringUtils.isEmpty(externalId)) { + private Predicate addPredicateForTagGuid(final String guid, List<Predicate> predicates) { + if (StringUtils.isEmpty(guid)) { return null; } @@ -201,7 +202,7 @@ public class TagPredicateUtil extends AbstractPredicateUtil { if (object instanceof RangerTag) { RangerTag tag = (RangerTag) object; - ret = StringUtils.equals(externalId, tag.getGuid()); + ret = StringUtils.equals(guid, tag.getGuid()); } return ret; @@ -266,6 +267,10 @@ public class TagPredicateUtil extends AbstractPredicateUtil { RangerServiceResource resource = (RangerServiceResource) object; ret = StringUtils.equals(id, resource.getId().toString()); + } else if(object instanceof RangerTagResourceMap) { + RangerTagResourceMap tagResourceMap = (RangerTagResourceMap)object; + + ret = StringUtils.equals(id, tagResourceMap.getId().toString()); } return ret; @@ -279,7 +284,7 @@ public class TagPredicateUtil extends AbstractPredicateUtil { return ret; } - private Predicate addPredicateForResourceExternalId(final String id, List<Predicate> predicates) { + private Predicate addPredicateForResourceGuid(final String id, List<Predicate> predicates) { if (StringUtils.isEmpty(id)) { return null; } @@ -404,66 +409,4 @@ public class TagPredicateUtil extends AbstractPredicateUtil { return ret; } - - private Predicate addPredicateForTagResourceMapResourceId(final String resourceId, List<Predicate> predicates) { - if (StringUtils.isEmpty(resourceId)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - - boolean ret = false; - - if (object == null) { - return ret; - } - - if (object instanceof RangerTagResourceMap) { - RangerTagResourceMap tagResourceMap = (RangerTagResourceMap) object; - ret = StringUtils.equals(resourceId, tagResourceMap.getResourceId().toString()); - } - - return ret; - } - }; - - if (predicates != null) { - predicates.add(ret); - } - - return ret; - } - - private Predicate addPredicateForTagResourceMapTagId(final String tagId, List<Predicate> predicates) { - if (StringUtils.isEmpty(tagId)) { - return null; - } - - Predicate ret = new Predicate() { - @Override - public boolean evaluate(Object object) { - - boolean ret = false; - - if (object == null) { - return ret; - } - - if (object instanceof RangerTagResourceMap) { - RangerTagResourceMap tagResourceMap = (RangerTagResourceMap) object; - ret = StringUtils.equals(tagId, tagResourceMap.getTagId().toString()); - } - - return ret; - } - }; - - if (predicates != null) { - predicates.add(ret); - } - - return ret; - } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java index aaa70c6..f9d1086 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagStore.java @@ -35,6 +35,7 @@ public interface TagStore { void setServiceStore(ServiceStore svcStore); + RangerTagDef createTagDef(RangerTagDef tagDef) throws Exception; RangerTagDef updateTagDef(RangerTagDef TagDef) throws Exception; @@ -43,14 +44,17 @@ public interface TagStore { void deleteTagDefById(Long id) throws Exception; - List<RangerTagDef> getTagDef(String name) throws Exception; - RangerTagDef getTagDefById(Long id) throws Exception; + RangerTagDef getTagDefByGuid(String guid) throws Exception; + + List<RangerTagDef> getTagDefsByName(String name) throws Exception; + List<RangerTagDef> getTagDefs(SearchFilter filter) throws Exception; PList<RangerTagDef> getPaginatedTagDefs(SearchFilter filter) throws Exception; + RangerTag createTag(RangerTag tag) throws Exception; RangerTag updateTag(RangerTag tag) throws Exception; @@ -59,52 +63,62 @@ public interface TagStore { RangerTag getTagById(Long id) throws Exception; + RangerTag getTagByGuid(String guid) throws Exception; + List<RangerTag> getTagsByName(String name) throws Exception; - List<RangerTag> getTagsByExternalId(String externalId) throws Exception; + List<RangerTag> getTagsForResourceId(Long resourceId) throws Exception; + + List<RangerTag> getTagsForResourceGuid(String resourceGuid) throws Exception; List<RangerTag> getTags(SearchFilter filter) throws Exception; + PList<RangerTag> getPaginatedTags(SearchFilter filter) throws Exception; + + RangerServiceResource createServiceResource(RangerServiceResource resource) throws Exception; RangerServiceResource updateServiceResource(RangerServiceResource resource) throws Exception; void deleteServiceResourceById(Long id) throws Exception; - List<RangerServiceResource> getServiceResourcesByExternalId(String externalId) throws Exception; - RangerServiceResource getServiceResourceById(Long id) throws Exception; + RangerServiceResource getServiceResourceByGuid(String guid) throws Exception; + List<RangerServiceResource> getServiceResourcesByServiceAndResourceSpec(String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) throws Exception; List<RangerServiceResource> getServiceResources(SearchFilter filter) throws Exception; + PList<RangerServiceResource> getPaginatedServiceResources(SearchFilter filter) throws Exception; + + RangerTagResourceMap createTagResourceMap(RangerTagResourceMap tagResourceMap) throws Exception; void deleteTagResourceMapById(Long id) throws Exception; - List<RangerTagResourceMap> getTagResourceMap(String externalResourceId, String externalTagId) throws Exception; - RangerTagResourceMap getTagResourceMapById(Long id) throws Exception; - List<RangerTagResourceMap> getTagResourceMapsByTagId(Long tagId) throws Exception; + List<RangerTagResourceMap> getTagResourceMapsForTagId(Long tagId) throws Exception; - List<RangerTagResourceMap> getTagResourceMapsByResourceId(Long resourceId) throws Exception; + List<RangerTagResourceMap> getTagResourceMapsForTagGuid(String tagGuid) throws Exception; - List<RangerTagResourceMap> getTagResourceMaps(SearchFilter filter) throws Exception; + List<RangerTagResourceMap> getTagResourceMapsForResourceId(Long resourceId) throws Exception; - ServiceTags getServiceTagsIfUpdated(String serviceName, Long lastKnownVersion) throws Exception; + List<RangerTagResourceMap> getTagResourceMapsForResourceGuid(String resourceGuid) throws Exception; - PList<RangerTagResourceMap> getPaginatedTagResourceMaps(SearchFilter filter) throws Exception; + RangerTagResourceMap getTagResourceMapForTagAndResourceId(Long tagId, Long resourceId) throws Exception; - List<String> getTags(String serviceName) throws Exception; + RangerTagResourceMap getTagResourceMapForTagAndResourceGuid(String tagGuid, String resourceGuid) throws Exception; - List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception; + List<RangerTagResourceMap> getTagResourceMaps(SearchFilter filter) throws Exception; + + PList<RangerTagResourceMap> getPaginatedTagResourceMaps(SearchFilter filter) throws Exception; - List<RangerTag> getTagsForServiceResource(Long resourceId) throws Exception; - List<RangerTag> getTagsForServiceResourceByExtId(String resourceExtId) throws Exception; + ServiceTags getServiceTagsIfUpdated(String serviceName, Long lastKnownVersion) throws Exception; - List<RangerTagDef> getTagDefsByExternalId(String extId) throws Exception; + List<String> getTags(String serviceName) throws Exception; + List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/store/TagValidator.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagValidator.java index ada5dd2..8c2b230 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/TagValidator.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/TagValidator.java @@ -57,21 +57,18 @@ public class TagValidator { tag.setId(exist.getId()); } - public void preUpdateTagByExternalId(String externalId, final RangerTag tag) throws Exception { + public void preUpdateTagByGuid(String guid, final RangerTag tag) throws Exception { if (StringUtils.isBlank(tag.getName())) { throw new Exception("Tag has no name"); } - List<RangerTag> exist = tagStore.getTagsByExternalId(externalId); - if (CollectionUtils.isEmpty(exist) || CollectionUtils.size(exist) != 1) { - throw new Exception("Attempt to update nonexistent or multiple tags, externalId=" + externalId); + RangerTag existing = tagStore.getTagByGuid(guid); + if (existing == null) { + throw new Exception("Attempt to update nonexistent tag, guid=" + guid); } - RangerTag onlyTag = exist.get(0); - - tag.setId(onlyTag.getId()); - tag.setGuid(externalId); - + tag.setId(existing.getId()); + tag.setGuid(existing.getGuid()); } public void preUpdateTagByName(String name, final RangerTag tag) throws Exception { @@ -98,26 +95,24 @@ public class TagValidator { throw new Exception("Attempt to delete nonexistent tag, id=" + id); } - List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsByTagId(exist.getId()); + List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsForTagId(exist.getId()); if (CollectionUtils.isNotEmpty(associations)) { throw new Exception("Attempt to delete tag which is associated with a service-resource, id=" + id); } return exist; } - public RangerTag preDeleteTagByExternalId(String externalId) throws Exception { - List<RangerTag> exist; - exist = tagStore.getTagsByExternalId(externalId); - if (CollectionUtils.isEmpty(exist) || CollectionUtils.size(exist) != 1) { - throw new Exception("Attempt to delete nonexistent or multiple tags, externalId=" + externalId); + public RangerTag preDeleteTagByGuid(String guid) throws Exception { + RangerTag exiting = tagStore.getTagByGuid(guid); + if (exiting == null) { + throw new Exception("Attempt to delete nonexistent tag, guid=" + guid); } - RangerTag ret = exist.get(0); - List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsByTagId(ret.getId()); + List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsForTagId(exiting.getId()); if (CollectionUtils.isNotEmpty(associations)) { - throw new Exception("Attempt to delete tag which is associated with a service-resource, externalId=" + externalId); + throw new Exception("Attempt to delete tag which is associated with a service-resource, guid=" + guid); } - return ret; + return exiting; } public RangerTag preDeleteTagByName(String name) throws Exception { @@ -127,7 +122,7 @@ public class TagValidator { throw new Exception("Attempt to delete nonexistent or multiple tags, name=" + name); } RangerTag ret = exist.get(0); - List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsByTagId(ret.getId()); + List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsForTagId(ret.getId()); if (CollectionUtils.isNotEmpty(associations)) { throw new Exception("Attempt to delete tag which is associated with a service-resource, name=" + name); } @@ -173,23 +168,20 @@ public class TagValidator { } - public void preUpdateServiceResourceByExternalId(String externalId, RangerServiceResource resource) throws Exception { + public void preUpdateServiceResourceByGuid(String guid, RangerServiceResource resource) throws Exception { if (StringUtils.isBlank(resource.getServiceName()) || resource.getResourceSpec() == null || CollectionUtils.size(resource.getResourceSpec()) == 0) { throw new Exception("No serviceName or resourceSpec in RangerServiceResource"); } - List<RangerServiceResource> exist; - exist = tagStore.getServiceResourcesByExternalId(externalId); - if (CollectionUtils.isEmpty(exist) || CollectionUtils.size(exist) != 1) { - throw new Exception("Attempt to update nonexistent or multiple resources, externalId=" + externalId); + RangerServiceResource existing = tagStore.getServiceResourceByGuid(guid); + if (existing == null) { + throw new Exception("Attempt to update nonexistent resource, guid=" + guid); } - RangerServiceResource onlyResource = exist.get(0); - - resource.setId(onlyResource.getId()); - resource.setGuid(externalId); + resource.setId(existing.getId()); + resource.setGuid(guid); RangerServiceResourceSignature serializer = new RangerServiceResourceSignature(resource); resource.setResourceSignature(serializer.getSignature()); @@ -201,60 +193,60 @@ public class TagValidator { if (exist == null) { throw new Exception("Attempt to delete nonexistent resource, id=" + id); } - List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsByResourceId(exist.getId()); + List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsForResourceId(exist.getId()); if (CollectionUtils.isNotEmpty(associations)) { throw new Exception("Attempt to delete serviceResource which is associated with a tag, id=" + id); } return exist; } - public RangerServiceResource preDeleteServiceResourceByExternalId(String externalId) throws Exception { - List<RangerServiceResource> exist; - exist = tagStore.getServiceResourcesByExternalId(externalId); - if (CollectionUtils.isEmpty(exist) || CollectionUtils.size(exist) != 1) { - throw new Exception("Attempt to delete nonexistent or multiple resources, externalId=" + externalId); + public RangerServiceResource preDeleteServiceResourceByGuid(String guid) throws Exception { + RangerServiceResource existing = tagStore.getServiceResourceByGuid(guid); + if (existing == null) { + throw new Exception("Attempt to delete nonexistent resource, guid=" + guid); } - RangerServiceResource ret = exist.get(0); - List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsByResourceId(ret.getId()); + List<RangerTagResourceMap> associations = tagStore.getTagResourceMapsForResourceId(existing.getId()); if (CollectionUtils.isNotEmpty(associations)) { - throw new Exception("Attempt to delete serviceResource which is associated with a tag, externalId=" + externalId); + throw new Exception("Attempt to delete serviceResource which is associated with a tag, guid=" + guid); } - return ret; + return existing; } - public RangerTagResourceMap preCreateTagResourceMap(String externalResourceId, String externalTagId) throws Exception { - if (StringUtils.isBlank(externalResourceId) || StringUtils.isBlank(externalTagId)) { - throw new Exception("Both externalResourceId and internalResourceId need to be non-empty"); + public RangerTagResourceMap preCreateTagResourceMap(String tagGuid, String resourceGuid) throws Exception { + if (StringUtils.isBlank(resourceGuid) || StringUtils.isBlank(tagGuid)) { + throw new Exception("Both resourceGuid and resourceId need to be non-empty"); } - List<RangerTagResourceMap> exist; - exist = tagStore.getTagResourceMap(externalResourceId, externalTagId); - if (CollectionUtils.isNotEmpty(exist)) { - throw new Exception("Attempt to create existing association between resourceId=" + externalResourceId + " and tagId=" + externalTagId); + RangerTagResourceMap exist = tagStore.getTagResourceMapForTagAndResourceGuid(tagGuid, resourceGuid); + if (exist != null) { + throw new Exception("Attempt to create existing association between resourceId=" + resourceGuid + " and tagId=" + tagGuid); + } + + RangerServiceResource existingServiceResource = tagStore.getServiceResourceByGuid(resourceGuid); + + if(existingServiceResource == null) { + throw new Exception("No resource found for guid=" + resourceGuid); } - List<RangerServiceResource> existingServiceResources = tagStore.getServiceResourcesByExternalId(externalResourceId); - List<RangerTag> existingTags = tagStore.getTagsByExternalId(externalTagId); - - if (CollectionUtils.isNotEmpty(existingServiceResources) && CollectionUtils.size(existingServiceResources) == 1) { - if (CollectionUtils.isNotEmpty(existingTags) && CollectionUtils.size(existingTags) == 1) { - RangerTagResourceMap newTagResourceMap = new RangerTagResourceMap(); - newTagResourceMap.setResourceId(existingServiceResources.get(0).getId()); - newTagResourceMap.setTagId(existingTags.get(0).getId()); - return newTagResourceMap; - } else { - throw new Exception("No unique tag found for externalId=" + externalTagId); - } - } else { - throw new Exception("No unique resource found for externalId=" + externalResourceId); + + RangerTag existingTag = tagStore.getTagByGuid(tagGuid); + + if(existingTag == null) { + throw new Exception("No tag found for guid=" + tagGuid); } + + RangerTagResourceMap newTagResourceMap = new RangerTagResourceMap(); + newTagResourceMap.setResourceId(existingServiceResource.getId()); + newTagResourceMap.setTagId(existingTag.getId()); + + return newTagResourceMap; } - public RangerTagResourceMap preDeleteTagResourceMap(String externalResourceId, String externalTagId) throws Exception { - List<RangerTagResourceMap> exist; - exist = tagStore.getTagResourceMap(externalResourceId, externalTagId); - if (CollectionUtils.isEmpty(exist) || CollectionUtils.size(exist) != 1) { - throw new Exception("Attempt to create nonexistent association between resourceId=" + externalResourceId + " and tagId=" + externalTagId); + public RangerTagResourceMap preDeleteTagResourceMap(String tagGuid, String resourceGuid) throws Exception { + RangerTagResourceMap existing = tagStore.getTagResourceMapForTagAndResourceGuid(tagGuid, resourceGuid); + if (existing == null) { + throw new Exception("Attempt to delete nonexistent association between resourceId=" + resourceGuid + " and tagId=" + tagGuid); } - return exist.get(0); + + return existing; } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java index 8a63f72..6117034 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java @@ -20,6 +20,7 @@ package org.apache.ranger.plugin.store.file; import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.collections.MapUtils; import org.apache.commons.lang.ObjectUtils; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; @@ -28,9 +29,12 @@ import org.apache.hadoop.fs.Path; import org.apache.ranger.authorization.hadoop.config.RangerConfiguration; import org.apache.ranger.plugin.model.*; import org.apache.ranger.plugin.store.AbstractTagStore; +import org.apache.ranger.plugin.store.PList; +import org.apache.ranger.plugin.store.RangerServiceResourceSignature; import org.apache.ranger.plugin.store.TagPredicateUtil; import org.apache.ranger.plugin.store.TagStore; import org.apache.ranger.plugin.util.SearchFilter; +import org.apache.ranger.plugin.util.ServiceTags; import java.util.*; import java.util.regex.Matcher; @@ -40,20 +44,20 @@ public class TagFileStore extends AbstractTagStore { private static final Log LOG = LogFactory.getLog(TagFileStore.class); public static final String PROPERTY_TAG_FILE_STORE_DIR = "ranger.tag.store.file.dir"; - protected static final String FILE_PREFIX_TAG_DEF = "ranger-tagdef-"; - protected static final String FILE_PREFIX_TAG = "ranger-tag-"; - protected static final String FILE_PREFIX_RESOURCE = "ranger-serviceresource-"; - protected static final String FILE_PREFIX_TAG_RESOURCE_MAP = "ranger-tagresourcemap-"; - private String tagDataDir = null; - private long nextTagDefId = 0; - private long nextTagId = 0; - private long nextServiceResourceId = 0; - private long nextTagResourceMapId = 0; + protected static final String FILE_PREFIX_TAG_DEF = "ranger-tagdef-"; + protected static final String FILE_PREFIX_TAG = "ranger-tag-"; + protected static final String FILE_PREFIX_RESOURCE = "ranger-serviceresource-"; + protected static final String FILE_PREFIX_TAG_RESOURCE_MAP = "ranger-tagresourcemap-"; + private String tagDataDir = null; + private long nextTagDefId = 0; + private long nextTagId = 0; + private long nextServiceResourceId = 0; + private long nextTagResourceMapId = 0; private TagPredicateUtil predicateUtil = null; - private FileStoreUtil fileStoreUtil = null; + private FileStoreUtil fileStoreUtil = null; private volatile static TagFileStore instance = null; @@ -78,9 +82,7 @@ public class TagFileStore extends AbstractTagStore { fileStoreUtil = new FileStoreUtil(); predicateUtil = new TagPredicateUtil(); - if (LOG.isDebugEnabled()) - - { + if (LOG.isDebugEnabled()) { LOG.debug("<== TagFileStore.TagFileStore()"); } } @@ -103,6 +105,7 @@ public class TagFileStore extends AbstractTagStore { if (LOG.isDebugEnabled()) { LOG.debug("==> TagFileStore.initStore()"); } + fileStoreUtil.initStore(tagDataDir); if (LOG.isDebugEnabled()) { @@ -116,13 +119,13 @@ public class TagFileStore extends AbstractTagStore { LOG.debug("==> TagFileStore.createTagDef(" + tagDef + ")"); } - List<RangerTagDef> existing = getTagDef(tagDef.getName()); + List<RangerTagDef> existing = getTagDefsByName(tagDef.getName()); if (CollectionUtils.isNotEmpty(existing)) { throw new Exception(tagDef.getName() + ": tag-def already exists (id=" + existing.get(0).getId() + ")"); } - RangerTagDef ret; + RangerTagDef ret = null; try { preCreate(tagDef); @@ -154,11 +157,13 @@ public class TagFileStore extends AbstractTagStore { RangerTagDef existing = null; if(tagDef.getId() == null) { - List<RangerTagDef> existingDefs = getTagDef(tagDef.getName()); + List<RangerTagDef> existingDefs = getTagDefsByName(tagDef.getName()); if (CollectionUtils.isEmpty(existingDefs)) { throw new Exception("tag-def does not exist: name=" + tagDef.getName()); } + + existing = existingDefs.get(0); } else { existing = this.getTagDefById(tagDef.getId()); @@ -167,8 +172,7 @@ public class TagFileStore extends AbstractTagStore { } } - - RangerTagDef ret; + RangerTagDef ret = null; try { preUpdate(existing); @@ -198,77 +202,106 @@ public class TagFileStore extends AbstractTagStore { LOG.debug("==> TagFileStore.deleteTagDef(" + name + ")"); } - List<RangerTagDef> existingDefs = getTagDef(name); + List<RangerTagDef> existingDefs = getTagDefsByName(name); - if (CollectionUtils.isEmpty(existingDefs)) { - throw new Exception("no tag-def exists with name=" + name); + if (CollectionUtils.isNotEmpty(existingDefs)) { + try { + for(RangerTagDef existing : existingDefs) { + deleteTagDef(existing); + } + } catch (Exception excp) { + throw new Exception("failed to delete tag-def with ID=" + name, excp); + } } - try { - for(RangerTagDef existing : existingDefs) { - Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_DEF, existing.getId())); + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.deleteTagDef(" + name + ")"); + } + } - preDelete(existing); + @Override + public void deleteTagDefById(Long id) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.deleteTagDefById(" + id + ")"); + } - fileStoreUtil.deleteFile(filePath); + RangerTagDef existing = getTagDefById(id); - postDelete(existing); - } - } catch (Exception excp) { - throw new Exception("failed to delete tag-def with ID=" + name, excp); + if(existing != null) { + deleteTagDef(existing); } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.deleteTagDef(" + name + ")"); + LOG.debug("<== TagFileStore.deleteTagDefById(" + id + ")"); + } + } + + @Override + public RangerTagDef getTagDefById(Long id) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagDefById(" + id + ")"); + } + + RangerTagDef ret = null; + + if (id != null) { + SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_ID, id.toString()); + + List<RangerTagDef> tagDefs = getTagDefs(filter); + + ret = CollectionUtils.isEmpty(tagDefs) ? null : tagDefs.get(0); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagDefById(" + id + "): " + ret); } + return ret; } @Override - public List<RangerTagDef> getTagDef(String name) throws Exception { + public RangerTagDef getTagDefByGuid(String guid) throws Exception { if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.getTagDef(" + name + ")"); + LOG.debug("==> TagFileStore.getTagDefByGuid(" + guid + ")"); } - List<RangerTagDef> ret; + RangerTagDef ret = null; - if (StringUtils.isNotBlank(name)) { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_NAME, name); + if (StringUtils.isNotBlank(guid)) { + SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_GUID, guid); List<RangerTagDef> tagDefs = getTagDefs(filter); - ret = CollectionUtils.isEmpty(tagDefs) ? null : tagDefs; - } else { - ret = null; + if(CollectionUtils.isNotEmpty(tagDefs)) { + ret = tagDefs.get(0); + } } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.getTagDef(" + name + "): " + ret); + LOG.debug("<== TagFileStore.getTagDefByGuid(" + guid + "): " + ret); } return ret; } @Override - public RangerTagDef getTagDefById(Long id) throws Exception { + public List<RangerTagDef> getTagDefsByName(String name) throws Exception { if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.getTagDefById(" + id + ")"); + LOG.debug("==> TagFileStore.getTagDef(" + name + ")"); } - RangerTagDef ret; + List<RangerTagDef> ret = null; - if (id != null) { - SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_ID, id.toString()); + if (StringUtils.isNotBlank(name)) { + SearchFilter filter = new SearchFilter(SearchFilter.TAG_DEF_NAME, name); List<RangerTagDef> tagDefs = getTagDefs(filter); - ret = CollectionUtils.isEmpty(tagDefs) ? null : tagDefs.get(0); - } else { - ret = null; + ret = CollectionUtils.isEmpty(tagDefs) ? null : tagDefs; } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.getTagDefById(" + id + "): " + ret); + LOG.debug("<== TagFileStore.getTagDef(" + name + "): " + ret); } return ret; @@ -276,7 +309,6 @@ public class TagFileStore extends AbstractTagStore { @Override public List<RangerTagDef> getTagDefs(SearchFilter filter) throws Exception { - if (LOG.isDebugEnabled()) { LOG.debug("==> TagFileStore.getTagDefs()"); } @@ -285,25 +317,43 @@ public class TagFileStore extends AbstractTagStore { if (CollectionUtils.isNotEmpty(ret) && filter != null && !filter.isEmpty()) { CollectionUtils.filter(ret, predicateUtil.getPredicate(filter)); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagDefs(): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; + } + + @Override + public PList<RangerTagDef> getPaginatedTagDefs(SearchFilter filter) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getPaginatedTagDefs()"); + } - //Comparator<RangerBaseModelObject> comparator = getSorter(filter); + PList<RangerTagDef> ret = null; - //if(comparator != null) { - //Collections.sort(ret, comparator); - //} + List<RangerTagDef> list = getTagDefs(filter); + + if(list != null) { + ret = new PList<RangerTagDef>(list, 0, list.size(), list.size(), list.size(), filter.getSortType(), filter.getSortBy()); } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.getTagDefs(): count=" + (ret == null ? 0 : ret.size())); + LOG.debug("<== TagFileStore.getPaginatedTagDefs(): count=" + (ret == null ? 0 : ret.getPageSize())); } return ret; } @Override - public RangerTag createTag(RangerTag tag) throws Exception - { - RangerTag ret; + public RangerTag createTag(RangerTag tag) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.createTag(" + tag + ")"); + } + + RangerTag ret = null; try { preCreate(tag); @@ -320,16 +370,19 @@ public class TagFileStore extends AbstractTagStore { } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.createTag(" + tag + ")"); + LOG.debug("<== TagFileStore.createTag(" + tag + "): " + ret); } return ret; } @Override - public RangerTag updateTag(RangerTag tag) throws Exception - { - RangerTag ret; + public RangerTag updateTag(RangerTag tag) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.updateTag(" + tag + ")"); + } + + RangerTag ret = null; try { preUpdate(tag); @@ -344,7 +397,7 @@ public class TagFileStore extends AbstractTagStore { } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.updateTag(" + tag + ")"); + LOG.debug("<== TagFileStore.updateTag(" + tag + "): " + ret); } return ret; @@ -353,33 +406,126 @@ public class TagFileStore extends AbstractTagStore { @Override public void deleteTagById(Long id) throws Exception { if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.deleteTag(" + id + ")"); + LOG.debug("==> TagFileStore.deleteTagById(" + id + ")"); } try { RangerTag tag = getTagById(id); - Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG, tag.getId())); + deleteTag(tag); + } catch (Exception excp) { + throw new Exception("failed to delete tag with ID=" + id, excp); + } - preDelete(tag); + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.deleteTagById(" + id + ")"); + } + } - fileStoreUtil.deleteFile(filePath); + @Override + public RangerTag getTagById(Long id) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagById(" + id + ")"); + } - postDelete(tag); + RangerTag ret = null; - } catch (Exception excp) { - throw new Exception("failed to delete tag with ID=" + id, excp); + if (id != null) { + SearchFilter filter = new SearchFilter(SearchFilter.TAG_ID, id.toString()); + + List<RangerTag> tags = getTags(filter); + + if (CollectionUtils.isNotEmpty(tags) && CollectionUtils.size(tags) == 1) { + ret = tags.get(0); + } } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.deleteTag(" + id + ")"); + LOG.debug("<== TagFileStore.getTagDefById(" + id + "): " + ret); } + + return ret; } @Override - public List<RangerTag> getTags(SearchFilter filter) throws Exception { + public RangerTag getTagByGuid(String guid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagByGuid(" + guid + ")"); + } + + RangerTag ret = null; + + if (guid != null) { + SearchFilter filter = new SearchFilter(SearchFilter.TAG_GUID, guid); + + List<RangerTag> tags = getTags(filter); + + if (CollectionUtils.isNotEmpty(tags) && CollectionUtils.size(tags) == 1) { + ret = tags.get(0); + } + } if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagByGuid(" + guid + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerTag> getTagsByName(String name) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagsByName(" + name + ")"); + } + + SearchFilter filter = new SearchFilter(SearchFilter.TAG_NAME, name); + + List<RangerTag> ret = getTags(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagsByName(" + name + "): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; + } + + @Override + public List<RangerTag> getTagsForResourceId(Long resourceId) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagsForResourceId(" + resourceId + ")"); + } + + SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_ID, resourceId.toString()); + + List<RangerTag> ret = getTags(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagsForResourceId(" + resourceId + "): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; + } + + @Override + public List<RangerTag> getTagsForResourceGuid(String resourceGuid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagsForResourceGuid(" + resourceGuid + ")"); + } + + SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_GUID, resourceGuid); + + List<RangerTag> ret = getTags(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagsForResourceGuid(" + resourceGuid + "): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; + } + + @Override + public List<RangerTag> getTags(SearchFilter filter) throws Exception { + if (LOG.isDebugEnabled()) { LOG.debug("==> TagFileStore.getTags()"); } @@ -396,10 +542,35 @@ public class TagFileStore extends AbstractTagStore { return ret; } + @Override + public PList<RangerTag> getPaginatedTags(SearchFilter filter) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getPaginatedTags()"); + } + + PList<RangerTag> ret = null; + + List<RangerTag> list = getTags(filter); + + if(list != null) { + ret = new PList<RangerTag>(list, 0, list.size(), list.size(), list.size(), filter.getSortType(), filter.getSortBy()); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getPaginatedTags(): count=" + (ret == null ? 0 : ret.getPageSize())); + } + + return ret; + } + @Override public RangerServiceResource createServiceResource(RangerServiceResource resource) throws Exception { - RangerServiceResource ret; + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.createServiceResource(" + resource + ")"); + } + + RangerServiceResource ret = null; try { preCreate(resource); @@ -416,7 +587,7 @@ public class TagFileStore extends AbstractTagStore { } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.createServiceResource(" + resource + ")"); + LOG.debug("<== TagFileStore.createServiceResource(" + resource + "): " + ret); } return ret; @@ -427,7 +598,8 @@ public class TagFileStore extends AbstractTagStore { if (LOG.isDebugEnabled()) { LOG.debug("==> TagFileStore.updateServiceResource(" + resource + ")"); } - RangerServiceResource ret; + + RangerServiceResource ret = null; try { preUpdate(resource); @@ -442,7 +614,7 @@ public class TagFileStore extends AbstractTagStore { } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.updateServiceResource(" + resource + ")"); + LOG.debug("<== TagFileStore.updateServiceResource(" + resource + "): " + ret); } return ret; @@ -452,27 +624,87 @@ public class TagFileStore extends AbstractTagStore { @Override public void deleteServiceResourceById(Long id) throws Exception { if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.deleteServiceResource(" + id + ")"); + LOG.debug("==> TagFileStore.deleteServiceResourceById(" + id + ")"); } try { RangerServiceResource resource = getServiceResourceById(id); - Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_RESOURCE, resource.getId())); + deleteServiceResource(resource); + } catch (Exception excp) { + throw new Exception("failed to delete service-resource with ID=" + id, excp); + } - preDelete(resource); + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.deleteServiceResourceById(" + id + ")"); + } + } - fileStoreUtil.deleteFile(filePath); + @Override + public RangerServiceResource getServiceResourceById(Long id) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getServiceResourceById(" + id + ")"); + } - postDelete(resource); + RangerServiceResource ret = null; - } catch (Exception excp) { - throw new Exception("failed to delete service-resource with ID=" + id, excp); + SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_ID, id.toString()); + + List<RangerServiceResource> resources = getServiceResources(filter); + + if (CollectionUtils.isNotEmpty(resources)) { + ret = resources.get(0); } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.deleteServiceResource(" + id + ")"); + LOG.debug("<== TagFileStore.getServiceResourceById(" + id + "): " + ret); } + + return ret; + } + + @Override + public RangerServiceResource getServiceResourceByGuid(String guid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getServiceResourcesByGuid(" + guid + ")"); + } + + RangerServiceResource ret = null; + + SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_GUID, guid); + + List<RangerServiceResource> resources = getServiceResources(filter); + + if (CollectionUtils.isNotEmpty(resources)) { + ret = resources.get(0); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getServiceResourcesByGuid(" + guid + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerServiceResource> getServiceResourcesByServiceAndResourceSpec(String serviceName, Map<String, RangerPolicy.RangerPolicyResource> resourceSpec) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getServiceResourcesByServiceAndResourceSpec(" + serviceName + ", " + resourceSpec + ")"); + } + + List<RangerServiceResource> ret = null; + + if (MapUtils.isNotEmpty(resourceSpec)) { + RangerServiceResource resource = new RangerServiceResource(serviceName, resourceSpec); + + ret = getServiceResources(resource); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getServiceResourcesByServiceAndResourceSpec(" + serviceName + ", " + resourceSpec + "): count=" + (ret == null ? 0 : ret.size())); + } + + return ret; } @Override @@ -495,18 +727,45 @@ public class TagFileStore extends AbstractTagStore { } @Override - public RangerTagResourceMap createTagResourceMap(RangerTagResourceMap tagResourceMap) throws Exception { + public PList<RangerServiceResource> getPaginatedServiceResources(SearchFilter filter) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getPaginatedServiceResources()"); + } + + PList<RangerServiceResource> ret = null; - RangerTagResourceMap ret; + List<RangerServiceResource> list = getServiceResources(filter); + + if(list != null) { + ret = new PList<RangerServiceResource>(list, 0, list.size(), list.size(), list.size(), filter.getSortType(), filter.getSortBy()); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getPaginatedServiceResources(): count=" + (ret == null ? 0 : ret.getPageSize())); + } + + return ret; + } + + + @Override + public RangerTagResourceMap createTagResourceMap(RangerTagResourceMap tagResourceMap) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.createTagResourceMap(" + tagResourceMap + ")"); + } preCreate(tagResourceMap); tagResourceMap.setId(nextTagResourceMapId); - ret = fileStoreUtil.saveToFile(tagResourceMap, new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_RESOURCE_MAP, nextTagResourceMapId++)), false); + RangerTagResourceMap ret = fileStoreUtil.saveToFile(tagResourceMap, new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_RESOURCE_MAP, nextTagResourceMapId++)), false); postCreate(ret); + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.createTagResourceMap(" + tagResourceMap + "): " + ret); + } + return ret; } @@ -519,21 +778,178 @@ public class TagFileStore extends AbstractTagStore { try { RangerTagResourceMap tagResourceMap = getTagResourceMapById(id); - Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_RESOURCE_MAP, tagResourceMap.getId())); + deleteTagResourceMap(tagResourceMap); + } catch (Exception excp) { + throw new Exception("failed to delete tagResourceMap with ID=" + id, excp); + } - preDelete(tagResourceMap); + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.deleteTagResourceMapById(" + id + ")"); + } + } - fileStoreUtil.deleteFile(filePath); + @Override + public RangerTagResourceMap getTagResourceMapById(Long id) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapById(" + id + ")"); + } - postDelete(tagResourceMap); + RangerTagResourceMap ret = null; - } catch (Exception excp) { - throw new Exception("failed to delete tagResourceMap with ID=" + id, excp); + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_MAP_ID, id.toString()); + + List<RangerTagResourceMap> list = getTagResourceMaps(filter); + + if (CollectionUtils.isNotEmpty(list)) { + ret = list.get(0); } if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.deleteTagResourceMapById(" + id + ")"); + LOG.debug("<== TagFileStore.getTagResourceMapById(" + id + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerTagResourceMap> getTagResourceMapsForTagId(Long tagId) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapsForTagId(" + tagId + ")"); + } + + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_ID, tagId.toString()); + + List<RangerTagResourceMap> ret = getTagResourceMaps(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapsForTagId(" + tagId + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerTagResourceMap> getTagResourceMapsForTagGuid(String tagGuid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapsForTagGuid(" + tagGuid + ")"); + } + + List<RangerTagResourceMap> ret = null; + + RangerTag tag = getTagByGuid(tagGuid); + + if(tag != null) { + SearchFilter filter = new SearchFilter(); + filter.setParam(SearchFilter.TAG_ID, tag.getId().toString()); + + ret = getTagResourceMaps(filter); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapsForTagGuid(" + tagGuid + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerTagResourceMap> getTagResourceMapsForResourceId(Long resourceId) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapById(" + resourceId + ")"); + } + + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_RESOURCE_ID, resourceId.toString()); + + List<RangerTagResourceMap> ret = getTagResourceMaps(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapById(" + resourceId + "): " + ret); + } + + return ret; + } + + @Override + public List<RangerTagResourceMap> getTagResourceMapsForResourceGuid(String resourceGuid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapsForResourceGuid(" + resourceGuid + ")"); + } + + SearchFilter filter = new SearchFilter(); + + RangerServiceResource resource = getServiceResourceByGuid(resourceGuid); + filter.setParam(SearchFilter.TAG_RESOURCE_ID, resource.getId().toString()); + + List<RangerTagResourceMap> ret = getTagResourceMaps(filter); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapsForResourceGuid(" + resourceGuid + "): " + ret); + } + + return ret; + } + + @Override + public RangerTagResourceMap getTagResourceMapForTagAndResourceId(Long tagId, Long resourceId) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapForTagAndResourceId(" + tagId + ", " + resourceId + ")"); + } + + RangerTagResourceMap ret = null; + + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_ID, tagId.toString()); + filter.setParam(SearchFilter.TAG_RESOURCE_ID, resourceId.toString()); + + List<RangerTagResourceMap> tagResourceMaps = getTagResourceMaps(filter); + + if(CollectionUtils.isNotEmpty(tagResourceMaps)) { + ret = tagResourceMaps.get(0); } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapForTagAndResourceId(" + tagId + ", " + resourceId + "): " + ret); + } + + return ret; + } + + @Override + public RangerTagResourceMap getTagResourceMapForTagAndResourceGuid(String tagGuid, String resrouceGuid) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTagResourceMapForTagAndResourceGuid(" + tagGuid + ", " + resrouceGuid + ")"); + } + + RangerTagResourceMap ret = null; + + SearchFilter filter = new SearchFilter(); + + RangerTag tag = getTagByGuid(tagGuid); + RangerServiceResource resource = getServiceResourceByGuid(resrouceGuid); + + if(tag != null && resource != null) { + filter.setParam(SearchFilter.TAG_ID, tag.getId().toString()); + filter.setParam(SearchFilter.TAG_RESOURCE_ID, resource.getId().toString()); + + List<RangerTagResourceMap> tagResourceMaps = getTagResourceMaps(filter); + + if(CollectionUtils.isNotEmpty(tagResourceMaps)) { + ret = tagResourceMaps.get(0); + } + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTagResourceMapForTagAndResourceGuid(" + tagGuid + ", " + resrouceGuid + "): " + ret); + } + + return ret; } @Override @@ -556,6 +972,190 @@ public class TagFileStore extends AbstractTagStore { } + @Override + public PList<RangerTagResourceMap> getPaginatedTagResourceMaps(SearchFilter filter) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getPaginatedTagResourceMaps()"); + } + + PList<RangerTagResourceMap> ret = null; + + List<RangerTagResourceMap> list = getTagResourceMaps(filter); + + if(CollectionUtils.isNotEmpty(list)) { + ret = new PList<RangerTagResourceMap>(list, 0, list.size(), list.size(), list.size(), filter.getSortType(), filter.getSortBy()); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getPaginatedTagResourceMaps(): count=" + (ret == null ? 0 : ret.getPageSize())); + } + + return ret; + } + + + @Override + public ServiceTags getServiceTagsIfUpdated(String serviceName, Long lastKnownVersion) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + ")"); + } + + ServiceTags ret = new ServiceTags(); + + boolean tagsChanged = true; + + RangerService service = null; + + try { + service = svcStore.getServiceByName(serviceName); + ret.setServiceName(serviceName); + } catch (Exception exception) { + LOG.error("Cannot find service for serviceName=" + serviceName); + tagsChanged = false; + } + + if (lastKnownVersion != null + && service != null && service.getTagVersion() != null + && lastKnownVersion.compareTo(service.getTagVersion()) >= 0 ) { + tagsChanged = false; + } + + if (tagsChanged) { + SearchFilter filter = new SearchFilter(); + + filter.setParam(SearchFilter.TAG_RESOURCE_SERVICE_NAME, serviceName); + + List<RangerServiceResource> serviceResources = getServiceResources(filter); + + Map<Long, RangerTag> tagsMap = new HashMap<Long, RangerTag>(); + Map<Long, List<Long>> resourceToTagIdsMap = new HashMap<Long, List<Long>>(); + + for (RangerServiceResource serviceResource : serviceResources) { + List<RangerTag> tagList = getTagsForServiceResourceObject(serviceResource); + + if (CollectionUtils.isNotEmpty(tagList)) { + List<Long> tagIdList = new ArrayList<Long>(); + for (RangerTag tag : tagList) { + tagsMap.put(tag.getId(), tag); + tagIdList.add(tag.getId()); + } + resourceToTagIdsMap.put(serviceResource.getId(), tagIdList); + } + } + + if (MapUtils.isEmpty(resourceToTagIdsMap)) { + serviceResources.clear(); + } + + ret.setServiceResources(serviceResources); + ret.setResourceToTagIds(resourceToTagIdsMap); + ret.setTags(tagsMap); + + if (service != null && service.getTagVersion() != null) { + ret.setTagVersion(service.getTagVersion()); + } + if (service != null && service.getTagUpdateTime() != null) { + ret.setTagUpdateTime(service.getTagUpdateTime()); + } + if (LOG.isDebugEnabled()) { + LOG.debug("Changes to tagVersion detected, tagVersion in service=" + (service == null ? null : service.getTagVersion()) + + ", Plugin-provided lastKnownVersion=" + lastKnownVersion); + } + } else { + if (LOG.isDebugEnabled()) { + LOG.debug("No changes to tagVersion detected, tagVersion in service=" + (service == null ? null : service.getTagVersion()) + + ", Plugin-provided lastKnownVersion=" + lastKnownVersion); + } + ret.setTagVersion(lastKnownVersion); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getServiceTagsIfUpdated(" + serviceName + ", " + lastKnownVersion + "): " + ret); + } + + return ret; + + } + + @Override + public List<String> getTags(String serviceName) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.getTags(" + serviceName + ")"); + } + + List<String> ret = new ArrayList<String>(); + + // Ignore serviceName + List<RangerTag> allTags = getAllTags(); + + for (RangerTag tag : allTags) { + ret.add(tag.getName()); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.getTags(" + serviceName + "): count=" + ret.size()); + } + + return ret; + } + + @Override + public List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> TagFileStore.lookupTags(" + serviceName + ", " + tagNamePattern + ")"); + } + + List<String> ret = new ArrayList<String>(); + List<String> tags = getTags(serviceName); + + if (CollectionUtils.isNotEmpty(tags)) { + Pattern p = Pattern.compile(tagNamePattern); + for (String tagName : tags) { + Matcher m = p.matcher(tagName); + + if (LOG.isDebugEnabled()) { + LOG.debug("TagFileStore.lookupTags) - Trying to match .... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName); + } + + if (m.matches()) { + if (LOG.isDebugEnabled()) { + LOG.debug("TagFileStore.lookupTags) - Match found.... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName); + } + + ret.add(tagName); + } + } + } + + if (LOG.isDebugEnabled()) { + LOG.debug("<== TagFileStore.lookupTags(" + serviceName + ", " + tagNamePattern + "): count=" + ret.size()); + } + + return ret; + } + + private List<RangerTag> getTagsForServiceResourceObject(RangerServiceResource serviceResource) throws Exception { + + List<RangerTag> tagList = new ArrayList<RangerTag>(); + + if (serviceResource != null) { + SearchFilter mapFilter = new SearchFilter(); + mapFilter.setParam(SearchFilter.TAG_RESOURCE_ID, serviceResource.getId().toString()); + + List<RangerTagResourceMap> associations = getTagResourceMaps(mapFilter); + if (CollectionUtils.isNotEmpty(associations)) { + + for (RangerTagResourceMap association : associations) { + RangerTag tag = getTagById(association.getTagId()); + if (tag != null) { + tagList.add(tag); + } + } + } + } + return tagList; + } + private List<RangerTagDef> getAllTagDefs() throws Exception { if (LOG.isDebugEnabled()) { LOG.debug("==> TagFileStore.getAllTagDefs()"); @@ -712,62 +1312,58 @@ public class TagFileStore extends AbstractTagStore { return ret; } - @Override - public List<String> getTags(String serviceName) throws Exception { + private void deleteTagDef(RangerTagDef tagDef) throws Exception { + Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_DEF, tagDef.getId())); - if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.getTags(" + serviceName + ")"); - } + preDelete(tagDef); - // Ignore serviceName - List<RangerTag> allTags = getAllTags(); + fileStoreUtil.deleteFile(filePath); - List<String> ret = new ArrayList<String>(); + postDelete(tagDef); + } - for (RangerTag tag : allTags) { - ret.add(tag.getName()); - } + private void deleteTag(RangerTag tag) throws Exception { + Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG, tag.getId())); - return ret; + preDelete(tag); + + fileStoreUtil.deleteFile(filePath); + + postDelete(tag); } - @Override - public List<String> lookupTags(String serviceName, String tagNamePattern) throws Exception { + private void deleteServiceResource(RangerServiceResource resource) throws Exception { + Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_RESOURCE, resource.getId())); - if (LOG.isDebugEnabled()) { - LOG.debug("==> TagFileStore.lookupTags(" + serviceName + ", " + tagNamePattern + ")"); - } + preDelete(resource); - List<String> tagNameList = getTags(serviceName); - List<String> matchedTagList = new ArrayList<String>(); + fileStoreUtil.deleteFile(filePath); - if (CollectionUtils.isNotEmpty(tagNameList)) { - Pattern p = Pattern.compile(tagNamePattern); - for (String tagName : tagNameList) { - Matcher m = p.matcher(tagName); - if (LOG.isDebugEnabled()) { - LOG.debug("TagFileStore.lookupTags) - Trying to match .... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName); - } - if (m.matches()) { - if (LOG.isDebugEnabled()) { - LOG.debug("TagFileStore.lookupTags) - Match found.... tagNamePattern=" + tagNamePattern + ", tagName=" + tagName); - } - matchedTagList.add(tagName); - } - } - } + postDelete(resource); + } - if (LOG.isDebugEnabled()) { - LOG.debug("<== TagFileStore.lookupTags(" + serviceName + ", " + tagNamePattern + ")"); - } + private void deleteTagResourceMap(RangerTagResourceMap tagResourceMap) throws Exception { + Path filePath = new Path(fileStoreUtil.getDataFile(FILE_PREFIX_TAG_RESOURCE_MAP, tagResourceMap.getId())); + + preDelete(tagResourceMap); + + fileStoreUtil.deleteFile(filePath); - return matchedTagList; + postDelete(tagResourceMap); } - @Override - public void deleteTagDefById(Long id) throws Exception { - // TODO Auto-generated method stub + private List<RangerServiceResource> getServiceResources(RangerServiceResource resource) throws Exception { + + List<RangerServiceResource> ret = null; + + RangerServiceResourceSignature serializer = new RangerServiceResourceSignature(resource); + String signature = serializer.getSignature(); + SearchFilter filter = new SearchFilter(SearchFilter.TAG_RESOURCE_SIGNATURE, signature); + + ret = getServiceResources(filter); + + return ret; } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java index 9dc4994..743df88 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java @@ -51,23 +51,17 @@ public class SearchFilter { public static final String RESOURCE_SIGNATURE = "resourceSignature:"; // search public static final String POLICY_TYPE = "policyType"; // search - public static final String TAG_DEF_ID = "tagDefId"; // search - public static final String TAG_DEF_EXTERNAL_ID = "tagDefExtId"; // search - public static final String TAG_DEF_NAME = "tagDefName"; // search - - public static final String TAG_ID = "tagId"; // search - public static final String TAG_EXTERNAL_ID = "tagExternalId"; // search - public static final String TAG_NAME = "tagName"; // search - - public static final String TAG_RESOURCE_ID = "resourceId"; // search - public static final String TAG_RESOURCE_EXTERNAL_ID = "externalResourceId"; // search - public static final String TAG_RESOURCE_SERVICE_NAME = "resourceServiceName"; // search - public static final String TAG_RESOURCE_SIGNATURE = "resourceSignature"; // search - - - public static final String TAG_MAP_ID = "tagResourceMapId"; // search - public static final String TAG_MAP_RESOURCE_ID = "tagResourceMapResourceId"; // search - public static final String TAG_MAP_TAG_ID = "tagResourceMapTagId"; // search + public static final String TAG_DEF_ID = "tagDefId"; // search + public static final String TAG_DEF_GUID = "tagDefGuid"; // search + public static final String TAG_DEF_NAME = "tagDefName"; // search + public static final String TAG_ID = "tagId"; // search + public static final String TAG_GUID = "tagGuid"; // search + public static final String TAG_NAME = "tagName"; // search + public static final String TAG_RESOURCE_ID = "resourceId"; // search + public static final String TAG_RESOURCE_GUID = "resourceGuid"; // search + public static final String TAG_RESOURCE_SERVICE_NAME = "resourceServiceName"; // search + public static final String TAG_RESOURCE_SIGNATURE = "resourceSignature"; // search + public static final String TAG_MAP_ID = "tagResourceMapId"; // search private Map<String, String> params = null; private int startIndex = 0; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java index 3159b2b..e56e942 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java @@ -44,13 +44,13 @@ import org.codehaus.jackson.map.annotate.JsonSerialize; public class ServiceTags implements java.io.Serializable { private static final long serialVersionUID = 1L; - private String serviceName; - private Long tagVersion; - private Date tagUpdateTime; - Map<Long, RangerTagDef> tagDefinitions; - Map<Long, RangerTag> tags; - List<RangerServiceResource> serviceResources; - Map<Long, List<Long>> resourceToTagIds; + private String serviceName; + private Long tagVersion; + private Date tagUpdateTime; + private Map<Long, RangerTagDef> tagDefinitions; + private Map<Long, RangerTag> tags; + private List<RangerServiceResource> serviceResources; + private Map<Long, List<Long>> resourceToTagIds; /** * @return the serviceName http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/303f7b70/agents-common/src/test/java/org/apache/ranger/plugin/store/TestTagStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestTagStore.java b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestTagStore.java index 797b083..e0f4865 100644 --- a/agents-common/src/test/java/org/apache/ranger/plugin/store/TestTagStore.java +++ b/agents-common/src/test/java/org/apache/ranger/plugin/store/TestTagStore.java @@ -35,14 +35,10 @@ import org.apache.hadoop.fs.*; import org.apache.ranger.authorization.hadoop.config.RangerConfiguration; import org.apache.ranger.plugin.model.*; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource; -import org.apache.ranger.plugin.policyengine.RangerAccessRequest; -import org.apache.ranger.plugin.policyengine.RangerAccessResource; import org.apache.ranger.plugin.store.file.ServiceFileStore; import org.apache.ranger.plugin.store.file.TagFileStore; -import org.apache.ranger.plugin.store.rest.ServiceRESTStore; import org.apache.ranger.plugin.util.SearchFilter; import org.apache.ranger.plugin.util.ServiceTags; -import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; @@ -201,8 +197,8 @@ public class TestTagStore { @Test public void testTagStore_serviceresource() throws Exception { - String externalId = "GUID_SERVICERESOURCE_TEST"; - String newExternalId = "NEW_GUID_SERVICERESOURCE_TEST"; + String guid = "GUID_SERVICERESOURCE_TEST"; + String newGuid = "NEW_GUID_SERVICERESOURCE_TEST"; Map<String, RangerPolicyResource> resourceResources = new HashMap<String, RangerPolicyResource>(); @@ -217,7 +213,7 @@ public class TestTagStore { RangerServiceResource serviceResource = new RangerServiceResource(); serviceResource.setServiceName(serviceName); serviceResource.setResourceSpec(resourceResources); - serviceResource.setGuid(externalId); + serviceResource.setGuid(guid); validator.preCreateServiceResource(serviceResource); RangerServiceResource createdServiceResource = tagStore.createServiceResource(serviceResource); @@ -229,7 +225,7 @@ public class TestTagStore { assertEquals("createServiceResource() failed", initServiceResourceCount + 1, serviceResources == null ? 0 : serviceResources.size()); - createdServiceResource.setGuid(newExternalId); + createdServiceResource.setGuid(newGuid); validator.preUpdateServiceResourceById(createdServiceResource.getId(), createdServiceResource); RangerServiceResource updatedServiceResource = tagStore.updateServiceResource(createdServiceResource); @@ -259,15 +255,15 @@ public class TestTagStore { String tagName = "ssn"; - String externalResourceId = "GUID_SERVICERESOURCE_TEST"; - String externalTagId = "GUID_TAG_TEST"; + String resourceGuid = "GUID_SERVICERESOURCE_TEST"; + String tagGuid = "GUID_TAG_TEST"; List<RangerTag> tags = tagStore.getTags(filter); int initTagCount = tags == null ? 0 : tags.size(); RangerTag tag = new RangerTag(tagName, new HashMap<String, String>()); - tag.setGuid(externalTagId); + tag.setGuid(tagGuid); validator.preCreateTag(tag); RangerTag createdTag = tagStore.createTag(tag); @@ -291,7 +287,7 @@ public class TestTagStore { serviceResource.setServiceName(serviceName); serviceResource.setResourceSpec(resourceResources); - serviceResource.setGuid(externalResourceId); + serviceResource.setGuid(resourceGuid); validator.preCreateServiceResource(serviceResource); RangerServiceResource createdServiceResource = tagStore.createServiceResource(serviceResource); @@ -303,7 +299,7 @@ public class TestTagStore { // Now create map - RangerTagResourceMap tagResourceMap = validator.preCreateTagResourceMap(externalResourceId, externalTagId); + RangerTagResourceMap tagResourceMap = validator.preCreateTagResourceMap(tagGuid, resourceGuid); RangerTagResourceMap createdTagResourceMap = tagStore.createTagResourceMap(tagResourceMap); @@ -315,7 +311,7 @@ public class TestTagStore { assertTrue("No tagged resources found!", CollectionUtils.isNotEmpty(resourceList) && CollectionUtils.size(resourceList) == 1); // Delete all created entities - RangerTagResourceMap map = validator.preDeleteTagResourceMap(externalResourceId, externalTagId); + RangerTagResourceMap map = validator.preDeleteTagResourceMap(tagGuid, resourceGuid); tagStore.deleteTagResourceMapById(map.getId()); validator.preDeleteServiceResourceById(createdServiceResource.getId());
