Repository: incubator-ranger Updated Branches: refs/heads/ranger-0.5 56d1a0335 -> c829f26bd
RANGER-218 : LDAP Groups incorrectly labelled internal Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/c829f26b Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/c829f26b Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/c829f26b Branch: refs/heads/ranger-0.5 Commit: c829f26bd8b0ad31cbd97a4641c232e34c3ce738 Parents: 56d1a03 Author: Gautam Borad <[email protected]> Authored: Tue Feb 2 12:31:10 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue Feb 2 12:59:46 2016 +0530 ---------------------------------------------------------------------- .../ranger/service/XGroupServiceBase.java | 2 ++ .../ranger/unixusersync/model/XGroupInfo.java | 8 ++++++- .../process/PolicyMgrUserGroupBuilder.java | 22 +++++++++++++++++--- 3 files changed, 28 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c829f26b/security-admin/src/main/java/org/apache/ranger/service/XGroupServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XGroupServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/XGroupServiceBase.java index 68df919..8ac97ce 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XGroupServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XGroupServiceBase.java @@ -47,6 +47,7 @@ public abstract class XGroupServiceBase<T extends XXGroup, V extends VXGroup> mObj.setDescription( vObj.getDescription()); mObj.setGroupType( vObj.getGroupType()); mObj.setCredStoreId( vObj.getCredStoreId()); + mObj.setGroupSource(vObj.getGroupSource()); return mObj; } @@ -58,6 +59,7 @@ public abstract class XGroupServiceBase<T extends XXGroup, V extends VXGroup> vObj.setDescription( mObj.getDescription()); vObj.setGroupType( mObj.getGroupType()); vObj.setCredStoreId( mObj.getCredStoreId()); + vObj.setGroupSource(mObj.getGroupSource()); return vObj; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c829f26b/ugsync/src/main/java/org/apache/ranger/unixusersync/model/XGroupInfo.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/model/XGroupInfo.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/model/XGroupInfo.java index 1b8b0b8..a351d35 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/model/XGroupInfo.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/model/XGroupInfo.java @@ -25,7 +25,7 @@ public class XGroupInfo { private String name ; private String description ; private String groupType ; - + private String groupSource; public String getId() { return id; } @@ -51,6 +51,12 @@ public class XGroupInfo { public void setGroupType(String groupType) { this.groupType = groupType; } + public String getGroupSource() { + return groupSource; + } + public void setGroupSource(String groupSource) { + this.groupSource = groupSource; + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c829f26b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java index 3e4deae..67379d5 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java @@ -83,7 +83,7 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { private static final String PM_DEL_USER_GROUP_LINK_URI = "/service/xusers/group/${groupName}/user/${userName}" ; // DELETE private static final String PM_ADD_LOGIN_USER_URI = "/service/users/default" ; // POST - + private static final String GROUP_SOURCE_EXTERNAL ="1"; private static String LOCAL_HOSTNAME = "unknown" ; private String recordsToPullPerCall = "1000" ; private boolean isMockRun = false ; @@ -293,10 +293,16 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { List<String> oldGroups = user.getGroups() ; List<String> addGroups = new ArrayList<String>() ; List<String> delGroups = new ArrayList<String>() ; - + List<String> updateGroups = new ArrayList<String>() ; + XGroupInfo tempXGroupInfo=null; for(String group : groups) { if (! oldGroups.contains(group)) { addGroups.add(group) ; + }else{ + tempXGroupInfo=groupName2XGroupInfoMap.get(group); + if(tempXGroupInfo!=null && ! GROUP_SOURCE_EXTERNAL.equals(tempXGroupInfo.getGroupSource())){ + updateGroups.add(group); + } } } @@ -325,7 +331,13 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { if (! isMockRun ) { delXUserGroupInfo(user, delGroups) ; } - + if (! isMockRun) { + if (!updateGroups.isEmpty()){ + ugInfo.setXuserInfo(addXUserInfo(userName)); + ugInfo.setXgroupInfo(getXGroupInfoList(updateGroups)); + addUserGroupInfo(ugInfo); + } + } } } @@ -543,6 +555,8 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { addGroup.setGroupType("1") ; + addGroup.setGroupSource(GROUP_SOURCE_EXTERNAL); + return addGroup ; } @@ -570,6 +584,8 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { XGroupInfo group = groupName2XGroupInfoMap.get(groupName) ; if (group == null) { group = addXGroupInfo(groupName) ; + }else if(!GROUP_SOURCE_EXTERNAL.equals(group.getGroupSource())){ + group.setGroupSource(GROUP_SOURCE_EXTERNAL); } xGroupInfoList.add(group); }
