Repository: incubator-ranger Updated Branches: refs/heads/master 870070f2e -> 6fd960873
RANGER-798 : Handle different timezone issue while saving audit logs to Solr Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/6fd96087 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/6fd96087 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/6fd96087 Branch: refs/heads/master Commit: 6fd9608735b4403d6229ba88ceaebd7be520810e Parents: 870070f Author: Gautam Borad <[email protected]> Authored: Fri Jan 22 17:26:10 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue Feb 2 11:08:45 2016 +0530 ---------------------------------------------------------------------- .../audit/entity/AuthzAuditEventDbObj.java | 9 ++++++-- .../apache/ranger/audit/provider/MiscUtil.java | 23 +++++++++++++++++++- .../policyengine/RangerAccessRequestImpl.java | 2 +- .../hadoop/RangerHdfsAuthorizer.java | 3 ++- .../authorizer/RangerHiveAccessRequest.java | 3 ++- .../hive/authorizer/RangerHiveAuditHandler.java | 2 +- .../kafka/authorizer/RangerKafkaAuthorizer.java | 2 +- .../kms/authorizer/RangerKmsAuthorizer.java | 3 ++- .../solr/authorizer/RangerSolrAuthorizer.java | 2 +- .../yarn/authorizer/RangerYarnAuthorizer.java | 3 ++- 10 files changed, 41 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java b/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java index e917ea2..a4e8e0f 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java @@ -147,11 +147,16 @@ public class AuthzAuditEventDbObj implements Serializable { public AuthzAuditEventDbObj(AuthzAuditEvent event) { super(); - + Date utcDate=null; + if(event.getEventTime()!=null){ + utcDate=MiscUtil.getUTCDateForLocalDate(event.getEventTime()); + }else{ + utcDate=MiscUtil.getUTCDate(); + } this.repositoryType = event.getRepositoryType(); this.repositoryName = event.getRepositoryName(); this.user = event.getUser(); - this.timeStamp = event.getEventTime(); + this.timeStamp = utcDate; this.accessType = event.getAccessType(); this.resourcePath = event.getResourcePath(); this.resourceType = event.getResourceType(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java ---------------------------------------------------------------------- diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java index f19c885..b7b28ed 100644 --- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java +++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java @@ -23,6 +23,9 @@ import java.rmi.dgc.VMID; import java.security.Principal; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Calendar; +import java.util.Date; +import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Hashtable; import java.util.List; @@ -30,6 +33,7 @@ import java.util.Map; import java.util.Properties; import java.util.Set; import java.util.StringTokenizer; +import java.util.TimeZone; import java.util.UUID; import java.util.regex.Pattern; @@ -782,5 +786,22 @@ public class MiscUtil { logger.debug("<== MiscUti.initLocalHost()"); } } - + public static Date getUTCDateForLocalDate(Date date) { + TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); + Calendar local = Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(local.getTimeInMillis()); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(date.getTime()); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + } + public static Date getUTCDate() { + TimeZone gmtTimeZone = TimeZone.getTimeZone("GMT+0"); + Calendar local = Calendar.getInstance(); + int offset = local.getTimeZone().getOffset(local.getTimeInMillis()); + GregorianCalendar utc = new GregorianCalendar(gmtTimeZone); + utc.setTimeInMillis(local.getTimeInMillis()); + utc.add(Calendar.MILLISECOND, -offset); + return utc.getTime(); + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java index 376f036..411b3a6 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java @@ -159,7 +159,7 @@ public class RangerAccessRequestImpl implements RangerAccessRequest { } public void setAccessTime(Date accessTime) { - this.accessTime = (accessTime == null) ? StringUtil.getUTCDate() : accessTime; + this.accessTime = (accessTime == null) ? new Date() : accessTime; } public void setClientIPAddress(String clientIPAddress) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java ---------------------------------------------------------------------- diff --git a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java index 47577d6..eb63f9e 100644 --- a/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java +++ b/hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java @@ -24,6 +24,7 @@ import static org.apache.ranger.authorization.hadoop.constants.RangerHadoopConst import static org.apache.ranger.authorization.hadoop.constants.RangerHadoopConstants.WRITE_ACCCESS_TYPE; import java.net.InetAddress; +import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.Map; @@ -460,7 +461,7 @@ class RangerHdfsAccessRequest extends RangerAccessRequestImpl { super.setAccessType(accessType); super.setUser(user); super.setUserGroups(groups); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(getRemoteIp()); super.setAction(access.toString()); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java index 3140056..94e3419 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java @@ -19,6 +19,7 @@ package org.apache.ranger.authorization.hive.authorizer; +import java.util.Date; import java.util.Set; import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext; @@ -47,7 +48,7 @@ public class RangerHiveAccessRequest extends RangerAccessRequestImpl { this.setResource(resource); this.setUser(user); this.setUserGroups(userGroups); - this.setAccessTime(StringUtil.getUTCDate()); + this.setAccessTime(new Date()); this.setAction(hiveOpTypeName); if(context != null) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java ---------------------------------------------------------------------- diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java index 22c2a30..e0e1e7a 100644 --- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java +++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuditHandler.java @@ -143,7 +143,7 @@ public class RangerHiveAuditHandler extends RangerDefaultAuditHandler { auditEvent.setAction("DFS"); auditEvent.setUser(userName); auditEvent.setAccessResult((short)(accessGranted ? 1 : 0)); - auditEvent.setEventTime(StringUtil.getUTCDate()); + auditEvent.setEventTime(new Date()); auditEvent.setRepositoryType(repositoryType); auditEvent.setRepositoryName(repositoryName) ; auditEvent.setRequestData(dfsCommand); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java index bb6a337..dd149e1 100644 --- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java +++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java @@ -148,7 +148,7 @@ public class RangerKafkaAuthorizer implements Authorizer { ip = ip.substring(1); } - Date eventTime = StringUtil.getUTCDate(); + Date eventTime = new Date(); String accessType = mapToRangerAccessType(operation); boolean validationFailed = false; String validationStr = ""; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java b/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java index 04b8b91..2324f8d 100755 --- a/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java +++ b/plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java @@ -21,6 +21,7 @@ package org.apache.ranger.authorization.kms.authorizer; import java.net.InetAddress; import java.net.UnknownHostException; +import java.util.Date; import java.util.HashMap; import java.util.Map; import java.util.concurrent.Executors; @@ -377,7 +378,7 @@ public class RangerKmsAuthorizer implements Runnable, KeyACLs { super.setAccessType(accessType); super.setUser(ugi.getShortUserName()); super.setUserGroups(Sets.newHashSet(ugi.getGroupNames())); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(clientIp); super.setAction(accessType); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java index a8ecf15..e52493a 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java +++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java @@ -167,7 +167,7 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin { String userName = getUserName(context); Set<String> userGroups = getGroupsForUser(userName); String ip = null; - Date eventTime = StringUtil.getUTCDate(); + Date eventTime = new Date(); // // Set the IP if (useProxyIP) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/6fd96087/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java index ab9b7a9..a48e1a2 100644 --- a/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java +++ b/plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java @@ -21,6 +21,7 @@ package org.apache.ranger.authorization.yarn.authorizer; import java.net.InetAddress; +import java.util.Date; import java.util.HashMap; import java.util.Map; @@ -279,7 +280,7 @@ class RangerYarnAccessRequest extends RangerAccessRequestImpl { super.setAccessType(accessType); super.setUser(ugi.getShortUserName()); super.setUserGroups(Sets.newHashSet(ugi.getGroupNames())); - super.setAccessTime(StringUtil.getUTCDate()); + super.setAccessTime(new Date()); super.setClientIPAddress(getRemoteIp()); super.setAction(accessType); }
