Merge branch 'master' into tag-policy
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/133b82cb Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/133b82cb Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/133b82cb Branch: refs/heads/master Commit: 133b82cb29ed91d3dd0bf3afa57993ff34d6fb97 Parents: f08d5b3 5b371c7 Author: Madhan Neethiraj <[email protected]> Authored: Thu Sep 24 20:34:32 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Thu Sep 24 20:34:32 2015 -0700 ---------------------------------------------------------------------- .../org/apache/ranger/biz/ServiceDBStore.java | 68 ++++++-------------- .../org/apache/ranger/entity/XXPolicyBase.java | 2 + .../org/apache/ranger/entity/XXServiceBase.java | 2 + .../apache/ranger/entity/XXServiceDefBase.java | 2 + .../org/apache/ranger/rest/ServiceREST.java | 1 - .../service/RangerServiceDefServiceBase.java | 1 - .../service/RangerServiceServiceBase.java | 1 - .../apache/ranger/biz/TestServiceDBStore.java | 8 +-- .../org/apache/ranger/rest/TestServiceREST.java | 2 - .../ranger/service/TestRangerPolicyService.java | 1 - .../service/TestRangerServiceDefService.java | 2 - .../TestRangerServiceDefServiceBase.java | 1 - .../service/TestRangerServiceService.java | 1 - .../service/TestRangerServiceServiceBase.java | 1 - src/main/assembly/storm-agent.xml | 1 + 15 files changed, 27 insertions(+), 67 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --cc security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 73a9109,a5ac557..3cd94c4 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@@ -1144,47 -1121,6 +1140,37 @@@ public class ServiceDBStore extends Abs List<XXTrxLog> trxLogList = svcService.getTransactionLog(service, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); - Long version = service.getVersion(); - if(version == null) { - version = new Long(1); - LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null."); - } else { - version = new Long(version.longValue() + 1); - } - - service.setVersion(version); - + boolean hasTagServiceValueChanged = false; + Long existingTagServiceValue = existing.getTagService(); + String newTagServiceName = service.getTagService(); + Long newTagServiceValue = null; + + if (StringUtils.isNotBlank(newTagServiceName)) { + RangerService tmp = getServiceByName(newTagServiceName); + + if (tmp == null || !tmp.getType().equals(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME)) { + if (LOG.isDebugEnabled()) { + LOG.debug("ServiceDBStore.updateService() - " + newTagServiceName + " does not refer to a valid tag service.(" + service + ")"); + } + throw restErrorUtil.createRESTException("Invalid tag service name " + newTagServiceName, MessageEnums.ERROR_CREATING_OBJECT); + + } else { + newTagServiceValue = tmp.getId(); + } + } + + if (existingTagServiceValue == null) { + if (newTagServiceValue != null) { + hasTagServiceValueChanged = true; + } + } else if (!existingTagServiceValue.equals(newTagServiceValue)) { + hasTagServiceValueChanged = true; + } + + if (hasTagServiceValueChanged) { + service.setPolicyVersion(getNextVersion(service.getPolicyVersion())); + } + if(populateExistingBaseFields) { svcServiceWithAssignedId.setPopulateExistingBaseFields(true); service = svcServiceWithAssignedId.update(service); @@@ -1494,22 -1422,14 +1480,17 @@@ } } Map<String, RangerPolicyResource> newResources = policy.getResources(); - List<RangerPolicyItem> newPolicyItems = policy.getPolicyItems(); + List<RangerPolicyItem> policyItems = policy.getPolicyItems(); + List<RangerPolicyItem> denyPolicyItems = policy.getDenyPolicyItems(); + List<RangerPolicyItem> allowExceptions = policy.getAllowExceptions(); + List<RangerPolicyItem> denyExceptions = policy.getDenyExceptions(); + policy.setCreateTime(xxExisting.getCreateTime()); + policy.setGuid(xxExisting.getGuid()); + policy.setVersion(xxExisting.getVersion()); + List<XXTrxLog> trxLogList = policyService.getTransactionLog(policy, xxExisting, RangerPolicyService.OPERATION_UPDATE_CONTEXT); - Long version = policy.getVersion(); - if(version == null) { - version = new Long(1); - LOG.info("Found Version Value: `null`, so setting value of version to 1, While updating object, version should not be null."); - } else { - version = new Long(version.longValue() + 1); - } - - policy.setVersion(version); updatePolicySignature(policy); policy = policyService.update(policy); @@@ -1695,20 -1602,13 +1670,13 @@@ LOG.debug("==> ServiceDBStore.getPaginatedServicePolicies(" + serviceName + ")"); } + if (filter == null) { + filter = new SearchFilter(); + } - PList<RangerPolicy> ret = null; - - try { - if (filter == null) { - filter = new SearchFilter(); - } - - filter.setParam(SearchFilter.SERVICE_NAME, serviceName); + filter.setParam(SearchFilter.SERVICE_NAME, serviceName); - ret = getPaginatedPolicies(filter); - } catch (Exception excp) { - LOG.error("ServiceDBStore.getPaginatedServicePolicies(" + serviceName + "): failed to read policies", excp); - } - RangerPolicyList ret = getPaginatedPolicies(filter); ++ PList<RangerPolicy> ret = getPaginatedPolicies(filter); if (LOG.isDebugEnabled()) { LOG.debug("<== ServiceDBStore.getPaginatedServicePolicies(" + serviceName + "): count=" http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/entity/XXServiceBase.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/entity/XXServiceDefBase.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/service/RangerServiceDefServiceBase.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java ---------------------------------------------------------------------- diff --cc security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java index da519d5,bd4e9d4..db958a5 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java @@@ -2539,9 -2533,9 +2535,9 @@@ public class TestServiceDBStore Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(Id)).thenReturn(xService); + thrown.expect(Exception.class); - RangerPolicyList dbRangerPolicyList = serviceDBStore + PList<RangerPolicy> dbRangerPolicyList = serviceDBStore .getPaginatedServicePolicies(rangerService.getId(), filter); - Assert.assertNull(dbRangerPolicyList); Mockito.verify(daoManager).getXXService(); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/133b82cb/security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyService.java ----------------------------------------------------------------------
