Repository: incubator-ranger Updated Branches: refs/heads/ranger-0.5 291215dce -> 04daba455
RANGER-798 : Handle different timezone issue while saving audit logs to Solr Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/04daba45 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/04daba45 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/04daba45 Branch: refs/heads/ranger-0.5 Commit: 04daba455c9ca091feeab342771539780ec10c3a Parents: 291215d Author: Gautam Borad <[email protected]> Authored: Mon Feb 1 18:03:49 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue Feb 2 11:07:40 2016 +0530 ---------------------------------------------------------------------- .../audit/entity/AuthzAuditEventDbObj.java | 9 ++++++-- .../apache/ranger/audit/provider/MiscUtil.java | 22 ++++++++++++++++++++ .../policyengine/RangerAccessRequestImpl.java | 2 +- .../hadoop/RangerHdfsAuthorizer.java | 3 ++- .../authorizer/RangerHiveAccessRequest.java | 3 ++- .../hive/authorizer/RangerHiveAuditHandler.java | 3 ++- .../kafka/authorizer/RangerKafkaAuthorizer.java | 2 +- .../kms/authorizer/RangerKmsAuthorizer.java | 3 ++- .../solr/authorizer/RangerSolrAuthorizer.java | 2 +- .../yarn/authorizer/RangerYarnAuthorizer.java | 3 ++- 10 files changed, 42 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java b/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java index d52a60a..0bef9ea 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java @@ -145,11 +145,16 @@ public class AuthzAuditEventDbObj implements Serializable { public AuthzAuditEventDbObj(AuthzAuditEvent event) { super(); - + Date utcDate=null; + if(event.getEventTime()!=null){ + utcDate=MiscUtil.getUTCDateForLocalDate(event.getEventTime()); + }else{ + utcDate=MiscUtil.getUTCDate(); + } this.repositoryType = event.getRepositoryType(); this.repositoryName = event.getRepositoryName(); this.user = event.getUser(); - this.timeStamp = event.getEventTime(); + this.timeStamp = utcDate; this.accessType = event.getAccessType(); this.resourcePath = event.getResourcePath(); this.resourceType = event.getResourceType(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java index 9586f73..7399a48 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java @@ -23,6 +23,9 @@ import java.rmi.dgc.VMID; import java.security.Principal; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Hashtable; import java.util.List; @@ -30,6 +33,7 @@ import java.util.Map; import java.util.Properties; import java.util.Set; import java.util.StringTokenizer; +import java.util.TimeZone; import java.util.UUID; import java.util.regex.Pattern; @@ -761,4 +765,22 @@ public class MiscUtil { } } + public static Date getUTCDateForLocalDate(Date date) { + TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); + Calendar local = Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(local.getTimeInMillis()); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(date.getTime()); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + } + public static Date getUTCDate() { + TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); + Calendar local = Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(local.getTimeInMillis()); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(local.getTimeInMillis()); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java index fe50ca6..22c6dac 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java @@ -159,7 +159,7 @@ public class RangerAccessRequestImpl implements RangerAccessRequest { } public void setAccessTime(Date accessTime) { - this.accessTime = (accessTime == null) ? StringUtil.getUTCDate() : accessTime; + this.accessTime = (accessTime == null) ? new Date(): accessTime; } public void setClientIPAddress(String clientIPAddress) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java index 5125af7..225f9fd 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java @@ -24,6 +24,7 @@ import static org.apache.ranger.authorization.hadoop.constants.RangerHadoopConst import static org.apache.ranger.authorization.hadoop.constants.RangerHadoopConstants.WRITE_ACCCESS_TYPE; import java.net.InetAddress; +import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.Map; @@ -452,7 +453,7 @@ class RangerHdfsAccessRequest extends RangerAccessRequestImpl { super.setAccessType(accessType); super.setUser(user); super.setUserGroups(groups); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(getRemoteIp()); super.setAction(access.toString()); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java index 2ae4149..11328c4 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java @@ -19,6 +19,7 @@ package org.apache.ranger.authorization.hive.authorizer; +import java.util.Date; import java.util.Set; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext; @@ -46,7 +47,7 @@ public class RangerHiveAccessRequest extends RangerAccessRequestImpl { this.setResource(resource); this.setUser(user); this.setUserGroups(userGroups); - this.setAccessTime(StringUtil.getUTCDate()); + this.setAccessTime(new Date()); this.setAction(hiveOpTypeName); if(context != null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java index 0f13577..c22e9d8 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java @@ -21,6 +21,7 @@ package org.apache.ranger.authorization.hive.authorizer; import java.util.ArrayList; import java.util.Collection; +import java.util.Date; import java.util.HashMap; import java.util.Iterator; import java.util.List; @@ -159,7 +160,7 @@ public class RangerHiveAuditHandler extends RangerDefaultAuditHandler { auditEvent.setAction("DFS"); auditEvent.setUser(userName); auditEvent.setAccessResult((short)(accessGranted ? 1 : 0)); - auditEvent.setEventTime(StringUtil.getUTCDate()); + auditEvent.setEventTime(new Date()); auditEvent.setRepositoryType(repositoryType); auditEvent.setRepositoryName(repositoryName) ; auditEvent.setRequestData(dfsCommand); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java index bb6a337..47bd24e 100644 --- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java +++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java @@ -148,7 +148,7 @@ public class RangerKafkaAuthorizer implements Authorizer { ip = ip.substring(1); } - Date eventTime = StringUtil.getUTCDate(); + Date eventTime =new Date(); String accessType = mapToRangerAccessType(operation); boolean validationFailed = false; String validationStr = ""; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java b/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java index 04b8b91..2324f8d 100755 --- a/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java +++ b/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java @@ -21,6 +21,7 @@ package org.apache.ranger.authorization.kms.authorizer; import java.net.InetAddress; import java.net.UnknownHostException; +import java.util.Date; import java.util.HashMap; import java.util.Map; import java.util.concurrent.Executors; @@ -377,7 +378,7 @@ public class RangerKmsAuthorizer implements Runnable, KeyACLs { super.setAccessType(accessType); super.setUser(ugi.getShortUserName()); super.setUserGroups(Sets.newHashSet(ugi.getGroupNames())); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(clientIp); super.setAction(accessType); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java index a8ecf15..e52493a 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java +++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java @@ -167,7 +167,7 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin { String userName = getUserName(context); Set<String> userGroups = getGroupsForUser(userName); String ip = null; - Date eventTime = StringUtil.getUTCDate(); + Date eventTime = new Date(); // // Set the IP if (useProxyIP) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/04daba45/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java index ab9b7a9..a48e1a2 100644 --- a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java +++ b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java @@ -21,6 +21,7 @@ package org.apache.ranger.authorization.yarn.authorizer; import java.net.InetAddress; +import java.util.Date; import java.util.HashMap; import java.util.Map; @@ -279,7 +280,7 @@ class RangerYarnAccessRequest extends RangerAccessRequestImpl { super.setAccessType(accessType); super.setUser(ugi.getShortUserName()); super.setUserGroups(Sets.newHashSet(ugi.getGroupNames())); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(getRemoteIp()); super.setAction(accessType); }
