RANGER-660: updated TagREST to support delete and replace operatios Signed-off-by: Madhan Neethiraj <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/9a398915 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/9a398915 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/9a398915 Branch: refs/heads/master Commit: 9a398915883d6d1924b0d1689992059bea5c032c Parents: a9e1135 Author: Abhay Kulkarni <[email protected]> Authored: Mon Oct 12 13:20:58 2015 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Mon Oct 12 22:45:54 2015 -0700 ---------------------------------------------------------------------- .../apache/ranger/plugin/util/ServiceTags.java | 1 + .../ranger/rest/ServiceTagsProcessor.java | 68 +++++++++++++++++++- .../source/atlas/AtlasNotificationMapper.java | 56 ---------------- 3 files changed, 67 insertions(+), 58 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9a398915/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java index d03e7bc..6963058 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/ServiceTags.java @@ -46,6 +46,7 @@ public class ServiceTags implements java.io.Serializable { public static final String OP_ADD_OR_UPDATE = "add_or_update"; public static final String OP_DELETE = "delete"; + public static final String OP_REPLACE = "replace"; public static final String TAGMODEL_SHARED = "shared"; public static final String TAGMODEL_RESOURCE_PRIVATE = "resource_private"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9a398915/security-admin/src/main/java/org/apache/ranger/rest/ServiceTagsProcessor.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceTagsProcessor.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceTagsProcessor.java index 586f6b7..b1986be 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceTagsProcessor.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceTagsProcessor.java @@ -30,8 +30,10 @@ import org.apache.ranger.plugin.model.RangerTagDef; import org.apache.ranger.plugin.model.RangerTagResourceMap; import org.apache.ranger.plugin.store.RangerServiceResourceSignature; import org.apache.ranger.plugin.store.TagStore; +import org.apache.ranger.plugin.util.SearchFilter; import org.apache.ranger.plugin.util.ServiceTags; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -61,6 +63,8 @@ public class ServiceTagsProcessor { addOrUpdate(serviceTags); } else if (StringUtils.equalsIgnoreCase(op, ServiceTags.OP_DELETE)) { delete(serviceTags); + } else if (StringUtils.equalsIgnoreCase(op, ServiceTags.OP_REPLACE)) { + replace(serviceTags); } else { LOG.error("Unknown op, op=" + op); } @@ -326,13 +330,32 @@ public class ServiceTagsProcessor { LOG.debug("==> ServiceTagsProcessor.delete()"); } + // We dont expect any resourceId->tagId mappings in delete operation, so ignoring them if specified + List<RangerServiceResource> serviceResources = serviceTags.getServiceResources(); if (CollectionUtils.isNotEmpty(serviceResources)) { + boolean isResourePrivateTag = StringUtils.equals(serviceTags.getTagModel(), ServiceTags.TAGMODEL_RESOURCE_PRIVATE) ? true : false; + for (RangerServiceResource serviceResource : serviceResources) { try { RangerServiceResource objToDelete = tagStore.getServiceResourceByGuid(serviceResource.getGuid()); - if(objToDelete != null) { + if (objToDelete != null) { + + List<RangerTagResourceMap> tagResourceMaps = tagStore.getTagResourceMapsForResourceGuid(objToDelete.getGuid()); + + if (CollectionUtils.isNotEmpty(tagResourceMaps)) { + for (RangerTagResourceMap tagResourceMap : tagResourceMaps) { + long tagId = tagResourceMap.getTagId(); + + tagStore.deleteTagResourceMap(tagResourceMap.getId()); + + if(isResourePrivateTag) { + tagStore.deleteTag(tagId); + } + } + } + tagStore.deleteServiceResource(objToDelete.getId()); } } catch (Exception exception) { @@ -349,7 +372,7 @@ public class ServiceTagsProcessor { try { RangerTag objToDelete = tagStore.getTagByGuid(tag.getGuid()); - if(objToDelete != null) { + if (objToDelete != null) { tagStore.deleteTag(objToDelete.getId()); } } catch (Exception exception) { @@ -381,4 +404,45 @@ public class ServiceTagsProcessor { } } + // Delete all tagdef, tag, serviceResource and tagResourceMaps and then add all objects in provided ServiceTagsids + private void replace(ServiceTags serviceTags) throws Exception { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ServiceTagsProcessor.replace()"); + } + + // TODO: + // This is an inefficient implementation. Replace by direct database deletes + + SearchFilter searchAll = new SearchFilter(); + + List<RangerTagResourceMap> allTagResourceMaps = tagStore.getTagResourceMaps(searchAll); + for (RangerTagResourceMap tagResourceMap : allTagResourceMaps) { + tagStore.deleteTagResourceMap(tagResourceMap.getId()); + } + + List<RangerServiceResource> allServiceResources = tagStore.getServiceResources(searchAll); + for (RangerServiceResource serviceResource : allServiceResources) { + tagStore.deleteServiceResource(serviceResource.getId()); + } + + List<RangerTag> allTags = tagStore.getTags(searchAll); + for (RangerTag tag : allTags) { + tagStore.deleteTag(tag.getId()); + } + + List<RangerTagDef> allTagDefs = tagStore.getTagDefs(searchAll); + for (RangerTagDef tagDef : allTagDefs) { + tagStore.deleteTagDef(tagDef.getId()); + } + + if (LOG.isDebugEnabled()) { + LOG.debug("ServiceTagsProcessor.replace() : All tag-related objects are removed now. Adding objects specified in ServiceTags.."); + } + + addOrUpdate(serviceTags); + + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceTagsProcessor.replace()"); + } + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/9a398915/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java ---------------------------------------------------------------------- diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java b/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java index 2c843af..d5108a1 100644 --- a/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java +++ b/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java @@ -176,7 +176,6 @@ class AtlasNotificationMapper { String[] components = getQualifiedNameComponents(entity); // components should contain qualifiedName, instanceName, dbName, tableName, columnName in that order - String entityTypeName = entity.getTypeName(); String instanceName, dbName, tableName, columnName; @@ -354,59 +353,4 @@ class AtlasNotificationMapper { return type.cast(map.get(name)); } - // Temporary stuff, until qualifiedName is implemented by Atlas - static private String[] getTempNameComponents(Entity entity) { - String ret[] = new String[4]; - if (StringUtils.equals(entity.getTypeName(), ENTITY_TYPE_HIVE_DB)) { - ret[1] = getAttribute(entity.getValues(), "clusterName", String.class); - ret[2] = getAttribute(entity.getValues(), "name", String.class); - ret[3] = null; - ret[0] = ret[1] + "." + ret[2]; - } else if (StringUtils.equals(entity.getTypeName(), ENTITY_TYPE_HIVE_TABLE)) { - String qualifiedName = getAttribute(entity.getValues(), "name", String.class); - String nameHierarchy[] = qualifiedName.split("\\.@"); - - int hierarchyLevels = nameHierarchy.length; - - if (LOG.isDebugEnabled()) { - LOG.debug("----- Entity-Id:" + entity.getId().getGuid()); - LOG.debug("----- Entity-Type-Name:" + entity.getTypeName()); - LOG.debug("----- Entity-Qualified-Name:" + qualifiedName); - LOG.debug("----- Entity-Qualified-Name-Components -----"); - for (int i = 0; i < hierarchyLevels; i++) { - LOG.debug("----- Index:" + i + " Value:" + nameHierarchy[i]); - } - } - - int i; - for (i = 0; i < ret.length; i++) { - ret[i] = null; - } - ret[0] = qualifiedName; - if (hierarchyLevels > 2) { - ret[1] = nameHierarchy[2]; - } - if (hierarchyLevels > 1) { - ret[2] = nameHierarchy[1]; - } - if (hierarchyLevels > 0) { - ret[3] = nameHierarchy[0]; - } - - - } - return ret; - } - - - static private ServiceTags handleEntityUpdate(Entity entity) throws Exception { - - throw new Exception("Not implemented"); - - } - - static private ServiceTags handleTraitDelete(Entity entity) throws Exception { - - throw new Exception("Not implemented"); - } }
