RANGER-910 : Improve db and java patches execution logic to make that more robust
Signed-off-by: Gautam Borad <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/4e73a3ac Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/4e73a3ac Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/4e73a3ac Branch: refs/heads/ranger-0.5 Commit: 4e73a3ac30f0334905f9ed49e8a75b1ed7d2120f Parents: 29cf453 Author: Pradeep Agrawal <[email protected]> Authored: Mon Apr 4 19:54:55 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue Apr 5 17:24:27 2016 +0530 ---------------------------------------------------------------------- .../db/postgres/patches/019-create-indexes.sql | 6 +- security-admin/scripts/db_setup.py | 1003 ++++++++++++++---- .../org/apache/ranger/biz/ServiceDBStore.java | 11 +- .../java/org/apache/ranger/biz/UserMgr.java | 2 +- .../java/org/apache/ranger/biz/XUserMgr.java | 58 + .../apache/ranger/biz/TestServiceDBStore.java | 4 +- 6 files changed, 833 insertions(+), 251 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4e73a3ac/security-admin/db/postgres/patches/019-create-indexes.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/postgres/patches/019-create-indexes.sql b/security-admin/db/postgres/patches/019-create-indexes.sql index 22b3dc8..5d497d9 100644 --- a/security-admin/db/postgres/patches/019-create-indexes.sql +++ b/security-admin/db/postgres/patches/019-create-indexes.sql @@ -35,8 +35,4 @@ CREATE INDEX x_policy_item_condition_IDX_type ON x_policy_item_condition(type); CREATE INDEX x_policy_item_user_perm_IDX_policy_item_id ON x_policy_item_user_perm(policy_item_id); CREATE INDEX x_policy_item_user_perm_IDX_user_id ON x_policy_item_user_perm(user_id); CREATE INDEX x_policy_item_group_perm_IDX_policy_item_id ON x_policy_item_group_perm(policy_item_id); -CREATE INDEX x_policy_item_group_perm_IDX_group_id ON x_policy_item_group_perm(group_id); - -CREATE INDEX x_service_resource_IDX_service_id ON x_service_resource(service_id); -CREATE INDEX x_service_resource_element_IDX_res_id ON x_service_resource_element(res_id); -CREATE INDEX x_service_resource_element_IDX_res_def_id ON x_service_resource_element(res_def_id); \ No newline at end of file +CREATE INDEX x_policy_item_group_perm_IDX_group_id ON x_policy_item_group_perm(group_id); \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4e73a3ac/security-admin/scripts/db_setup.py ---------------------------------------------------------------------- diff --git a/security-admin/scripts/db_setup.py b/security-admin/scripts/db_setup.py index 9732442..b95124c 100644 --- a/security-admin/scripts/db_setup.py +++ b/security-admin/scripts/db_setup.py @@ -24,6 +24,7 @@ import fileinput from os.path import basename from subprocess import Popen,PIPE from datetime import date +import time import datetime from time import gmtime, strftime globalDict = {} @@ -233,33 +234,66 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) if os_name == "LINUX": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -input %s -c ;" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), user(), now(), user(),'N') ;\"" %(version) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\" -c ;" %(version) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), user(), now(), user(),'N') ;\" -c ;" %(version) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + sys.exit(1) + if os_name == "LINUX": + query = get_cmd + " -input %s" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -input %s -c ;" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") @@ -279,33 +313,67 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) if os_name == "LINUX": - query = get_cmd2 + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s -c ;" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\"" %(version) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), user(), now(), user(),'N') ;\"" %(version) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), user(), now(), user()) ;\" -c ;" %(version) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', now(), user(), now(), user(),'N') ;\" -c ;" %(version) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + sys.exit(1) + get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) + if os_name == "LINUX": + query = get_cmd2 + " -input %s" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd2 + " -input %s -c ;" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) else: log("[I] Table XA_ACCESS_AUDIT does not exists in " +audit_db_name,"error") sys.exit(1) @@ -375,34 +443,76 @@ class MysqlConf(BaseDB): if output.strip(version + " |"): log("[I] Java patch "+ className +" is already applied" ,"info") else: - log ("[I] java patch "+ className +" is being applied..","info") if os_name == "LINUX": - path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) - if os_name == "LINUX": - ret = subprocess.call(shlex.split(get_cmd)) - elif os_name == "WINDOWS": - ret = subprocess.call(get_cmd) - if ret == 0: - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), user(), now(), user()) ;\"" %(version) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', now(), user(), now(), user(),'N') ;\"" %(version) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), user(), now(), user()) ;\" -c ;" %(version) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', now(), user(), now(), user(),'N') ;\" -c ;" %(version) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log ("[I] java patch "+ className +" is applied..","info") + log ("[I] java patch "+ className +" is being applied..","info") else: log("[E] java patch "+ className +" failed", "error") sys.exit(1) - else: - log("[E] applying java patch "+ className +" failed", "error") - sys.exit(1) + if os_name == "LINUX": + path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + elif os_name == "WINDOWS": + path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) + if os_name == "LINUX": + ret = subprocess.call(shlex.split(get_java_cmd)) + elif os_name == "WINDOWS": + ret = subprocess.call(get_java_cmd) + if ret == 0: + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] java patch "+ className +" is applied..","info") + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] applying java patch "+ className +" failed", "error") + sys.exit(1) + + class OracleConf(BaseDB): # Constructor def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN): @@ -528,33 +638,65 @@ class OracleConf(BaseDB): if output.strip(version +" |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd = self.get_jisql_cmd(db_user, db_password) if os_name == "LINUX": - query = get_cmd + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version +" |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user) + query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\" -c ;" %(version, db_user, db_user) + query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\" -c ;" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + if os_name == "LINUX": + query = get_cmd + " -input %s -c /" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -input %s -c /" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd + " -c \; -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " Import failed!","error") sys.exit(1) - else: - log("[E] "+name + " Import failed!","error") - sys.exit(1) def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") @@ -574,33 +716,66 @@ class OracleConf(BaseDB): if output.strip(version +" |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd2 = self.get_jisql_cmd(db_user, db_password) if os_name == "LINUX": - query = get_cmd2 + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd1 + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s -c /" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version +" |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd1 + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user) + query = get_cmd1 + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s');\" -c ;" %(version, db_user, db_user) + query = get_cmd1 + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'%s', sysdate, '%s', sysdate, '%s','N');\" -c ;" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + get_cmd2 = self.get_jisql_cmd(db_user, db_password) + if os_name == "LINUX": + query = get_cmd2 + " -input %s -c /" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd2 + " -input %s -c /" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd1 + " -c \; -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd1 + " -c \; -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " Import failed!","error") sys.exit(1) - else: - log("[E] "+name + " Import failed!","error") - sys.exit(1) else: log("[I] Patch file not found","error") sys.exit(1) @@ -687,36 +862,77 @@ class OracleConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] java patch "+ className +" is already applied" ,"info") + log("[I] Java patch "+ className +" is already applied" ,"info") else: - log ("[I] java patch "+ className +" is being applied..","info") if os_name == "LINUX": - path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - elif os_name == "WINDOWS": - path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_cmd = "%s -Djava.security.egd=file:///dev/urandom -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) - if os_name == "LINUX": - ret = subprocess.call(shlex.split(get_cmd)) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - ret = subprocess.call(get_cmd) - if ret == 0: - get_cmd = self.get_jisql_cmd(db_user, db_password) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s');\"" %(version, db_user, db_user) + query = get_cmd + " -c \; -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s','N');\"" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s');\" -c ;" %(version, db_user, db_user) + query = get_cmd + " -query \"insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by,active) values ( X_DB_VERSION_H_SEQ.nextval,'J%s', sysdate, '%s', sysdate, '%s','N');\" -c ;" %(version, db_user, db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] java patch "+ className +" applied", "info") + log ("[I] java patch "+ className +" is being applied..","info") else: log("[E] java patch "+ className +" failed", "error") sys.exit(1) - else: - log("[E] java patch "+ className +" failed", "error") - sys.exit(1) + if os_name == "LINUX": + path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + elif os_name == "WINDOWS": + path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) + if os_name == "LINUX": + ret = subprocess.call(shlex.split(get_java_cmd)) + elif os_name == "WINDOWS": + ret = subprocess.call(get_java_cmd) + if ret == 0: + if os_name == "LINUX": + query = get_cmd + " -c \; -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] java patch "+ className +" is applied..","info") + else: + if os_name == "LINUX": + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] applying java patch "+ className +" failed", "error") + sys.exit(1) + class PostgresConf(BaseDB): # Constructor @@ -839,31 +1055,64 @@ class PostgresConf(BaseDB): log("[I] Patch "+ name +" is already applied" ,"info") else: if os_name == "LINUX": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -input %s -c ;" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\"" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\" -c ;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] Patch "+ name +" is being applied..","info") + else: + log("[E] Patch "+ name +" failed", "error") if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\"" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s" %file_name jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s -c ;" %file_name jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) else: - log("[E] Updating patch version failed", "error") + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") @@ -884,33 +1133,66 @@ class PostgresConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) if os_name == "LINUX": - query = get_cmd2 + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s -c ;" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\"" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\"" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\" -c ;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) + if os_name == "LINUX": + query = get_cmd2 + " -input %s" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd2 + " -input %s -c ;" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) else: log("[I] Table XA_ACCESS_AUDIT does not exists in " +audit_db_name,"error") sys.exit(1) @@ -981,36 +1263,76 @@ class PostgresConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] java patch "+ className +" is already applied" ,"info") + log("[I] Java patch "+ className +" is already applied" ,"info") else: - log ("[I] java patch "+ className +" is being applied..","info") if os_name == "LINUX": - path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s")%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - elif os_name == "WINDOWS": - path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s")%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) - if os_name == "LINUX": - ret = subprocess.call(shlex.split(get_cmd)) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - ret = subprocess.call(get_cmd) - if ret == 0: - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), '%s@%s', now(), '%s@%s') ;\"" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\"" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', now(), '%s@%s', now(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', current_timestamp, '%s', current_timestamp, '%s','N') ;\" -c ;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] java patch "+ className +" applied", "info") + log ("[I] java patch "+ className +" is being applied..","info") else: log("[E] java patch "+ className +" failed", "error") sys.exit(1) - else: - log("[E] java patch "+ className +" failed", "error") - sys.exit(1) + if os_name == "LINUX": + path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + elif os_name == "WINDOWS": + path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) + if os_name == "LINUX": + ret = subprocess.call(shlex.split(get_java_cmd)) + elif os_name == "WINDOWS": + ret = subprocess.call(get_java_cmd) + if ret == 0: + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] java patch "+ className +" is applied..","info") + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\"" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] applying java patch "+ className +" failed", "error") + sys.exit(1) class SqlServerConf(BaseDB): @@ -1103,7 +1425,7 @@ class SqlServerConf(BaseDB): log("[I] Executing patch on " + db_name + " from file: " + name,"info") get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) if os_name == "LINUX": - query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) jisql_log(query, db_password) @@ -1112,31 +1434,64 @@ class SqlServerConf(BaseDB): log("[I] Patch "+ name +" is already applied" ,"info") else: if os_name == "LINUX": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] Patch "+ name +" is being applied..","info") + else: + log("[E] Patch "+ name +" failed", "error") if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s" %file_name jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s" %file_name jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) else: - log("[E] Updating patch version failed", "error") + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") @@ -1148,7 +1503,7 @@ class SqlServerConf(BaseDB): log("[I] Executing patch on " + audit_db_name + " from file: " + name,"info") get_cmd1 = xa_sqlObj.get_jisql_cmd(db_user, db_password, db_name) if os_name == "LINUX": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) + query = get_cmd1 + " -c \; query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) jisql_log(query, db_password) @@ -1156,33 +1511,66 @@ class SqlServerConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: - get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) if os_name == "LINUX": - query = get_cmd2 + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd1 + " -c \; query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd2 + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: + get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) if os_name == "LINUX": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log ("[I] Patch "+ name +" is being applied..","info") else: - log("[E] Updating patch version failed", "error") + log("[E] Patch "+ name +" failed", "error") + if os_name == "LINUX": + query = get_cmd2 + " -input %s" %file_name + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd2 + " -input %s" %file_name + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) else: log("[I] Table XA_ACCESS_AUDIT does not exists in " +audit_db_name,"error") sys.exit(1) @@ -1236,36 +1624,77 @@ class SqlServerConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] java patch "+ className +" is already applied" ,"info") + log("[I] Java patch "+ className +" is already applied" ,"info") else: - log ("[I] java patch "+ className +" is being applied..","info") if os_name == "LINUX": - path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - elif os_name == "WINDOWS": - path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) - if os_name == "LINUX": - ret = subprocess.call(shlex.split(get_cmd)) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c \;" %(version) elif os_name == "WINDOWS": - ret = subprocess.call(get_cmd) - if ret == 0: - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] java patch "+ className +" applied", "info") + log ("[I] java patch "+ className +" is being applied..","info") else: - log("[E] java patch "+ className +" failed", "error") + log("[E] java patch "+ className +" failed", "error") sys.exit(1) - else: - log("[E] java patch "+ className +" failed", "error") - sys.exit(1) + if os_name == "LINUX": + path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + elif os_name == "WINDOWS": + path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) + if os_name == "LINUX": + ret = subprocess.call(shlex.split(get_java_cmd)) + elif os_name == "WINDOWS": + ret = subprocess.call(get_java_cmd) + if ret == 0: + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] java patch "+ className +" is applied..","info") + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] applying java patch "+ className +" failed", "error") + sys.exit(1) + class SqlAnywhereConf(BaseDB): # Constructor @@ -1357,7 +1786,7 @@ class SqlAnywhereConf(BaseDB): log("[I] Executing patch on " + db_name + " from file: " + name,"info") get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) if os_name == "LINUX": - query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) jisql_log(query, db_password) @@ -1366,31 +1795,64 @@ class SqlAnywhereConf(BaseDB): log("[I] Patch "+ name +" is already applied" ,"info") else: if os_name == "LINUX": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(shlex.split(query)) + query = get_cmd + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) elif os_name == "WINDOWS": - query = get_cmd + " -input %s" %file_name - jisql_log(query, db_password) - ret = subprocess.call(query) - if ret == 0: - log("[I] "+name + " patch applied","info") + query = get_cmd + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while output.strip(version + " |"): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] Patch "+ name +" is being applied..","info") + else: + log("[E] Patch "+ name +" failed", "error") if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s" %file_name jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -input %s" %file_name jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] Patch version updated", "info") + log("[I] "+name + " patch applied","info") + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log("[I] Patch version updated", "info") + else: + log("[E] Updating patch version failed", "error") + sys.exit(1) else: - log("[E] Updating patch version failed", "error") + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] "+name + " import failed!","error") sys.exit(1) - else: - log("[E] "+name + " import failed!","error") - sys.exit(1) def import_auditdb_patches(self, xa_sqlObj,xa_db_host, audit_db_host, db_name, audit_db_name, db_user, audit_db_user, db_password, audit_db_password, file_name, TABLE_NAME): log("[I] --------- Checking XA_ACCESS_AUDIT table to apply audit db patches --------- ","info") @@ -1402,7 +1864,7 @@ class SqlAnywhereConf(BaseDB): log("[I] Executing patch on " + audit_db_name + " from file: " + name,"info") get_cmd1 = xa_sqlObj.get_jisql_cmd(db_user, db_password, db_name) if os_name == "LINUX": - query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) + query = get_cmd1 + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\"" %(version) elif os_name == "WINDOWS": query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'Y';\" -c ;" %(version) jisql_log(query, db_password) @@ -1410,6 +1872,31 @@ class SqlAnywhereConf(BaseDB): if output.strip(version + " |"): log("[I] Patch "+ name +" is already applied" ,"info") else: + if os_name == "LINUX": + query = get_cmd1 + " -c \; -query \"select version from x_db_version_h where version = '%s' and active = 'N';\"" %(version) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"select version from x_db_version_h where version = '%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while output.strip(version + " |"): + log("[I] Patch "+ name +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: + if os_name == "LINUX": + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] Patch "+ name +" is being applied..","info") + else: + log("[E] Patch "+ name +" failed", "error") get_cmd2 = self.get_jisql_cmd(db_user, db_password, audit_db_name) if os_name == "LINUX": query = get_cmd2 + " -input %s" %file_name @@ -1420,13 +1907,13 @@ class SqlAnywhereConf(BaseDB): jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] "+name + " patch applied","info") if os_name == "LINUX": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + log("[I] "+name + " patch applied","info") + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c \;" %(version) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd1 + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd1 + " -query \"update x_db_version_h set active='Y' where version='%s' and active='N';\" -c ;" %(version) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: @@ -1435,6 +1922,14 @@ class SqlAnywhereConf(BaseDB): log("[E] Updating patch version failed", "error") sys.exit(1) else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) log("[E] "+name + " import failed!","error") sys.exit(1) else: @@ -1491,36 +1986,76 @@ class SqlAnywhereConf(BaseDB): jisql_log(query, db_password) output = check_output(query) if output.strip(version + " |"): - log("[I] java patch "+ className +" is already applied" ,"info") + log("[I] Java patch "+ className +" is already applied" ,"info") else: - log ("[I] java patch "+ className +" is being applied..","info") - if os_name == "LINUX": - path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - elif os_name == "WINDOWS": - path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) - get_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) if os_name == "LINUX": - ret = subprocess.call(shlex.split(get_cmd)) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c \;" %(version) elif os_name == "WINDOWS": - ret = subprocess.call(get_cmd) - if ret == 0: - get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) + query = get_cmd + " -query \"select version from x_db_version_h where version = 'J%s' and active = 'N';\" -c ;" %(version) + jisql_log(query, db_password) + output = check_output(query) + if output.strip(version + " |"): + while(output.strip(version + " |")): + log("[I] Java patch "+ className +" is being applied by some other process" ,"info") + time.sleep(300) + jisql_log(query, db_password) + output = check_output(query) + else: if os_name == "LINUX": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c \;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c \;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(shlex.split(query)) elif os_name == "WINDOWS": - query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ('J%s', GETDATE(), '%s@%s', GETDATE(), '%s@%s') ;\" -c ;" %(version,db_user,xa_db_host,db_user,xa_db_host) + query = get_cmd + " -query \"insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by,active) values ('J%s', GETDATE(), '%s', GETDATE(), '%s','N') ;\" -c ;" %(version,db_user,db_user) jisql_log(query, db_password) ret = subprocess.call(query) if ret == 0: - log("[I] java patch "+ className +" applied", "info") + log ("[I] java patch "+ className +" is being applied..","info") else: - log("[E] java patch "+ className +" failed", "error") + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + if os_name == "LINUX": + path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + elif os_name == "WINDOWS": + path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s" )%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR) + get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.%s"%(self.JAVA_BIN,ranger_log,path,className) + if os_name == "LINUX": + ret = subprocess.call(shlex.split(get_java_cmd)) + elif os_name == "WINDOWS": + ret = subprocess.call(get_java_cmd) + if ret == 0: + if os_name == "LINUX": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + if ret == 0: + log ("[I] java patch "+ className +" is applied..","info") + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] java patch "+ className +" failed", "error") + sys.exit(1) + else: + if os_name == "LINUX": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c \;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(shlex.split(query)) + elif os_name == "WINDOWS": + query = get_cmd + " -query \"delete from x_db_version_h where version='J%s' and active='N';\" -c ;" %(version) + jisql_log(query, db_password) + ret = subprocess.call(query) + log("[E] applying java patch "+ className +" failed", "error") sys.exit(1) - else: - log("[E] java patch "+ className +" failed", "error") - sys.exit(1) def set_options(self, db_name, db_user, db_password, TABLE_NAME): get_cmd = self.get_jisql_cmd(db_user, db_password, db_name) http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4e73a3ac/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 02925c0..8ec820a 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -1032,16 +1032,12 @@ public class ServiceDBStore implements ServiceStore { if (xxUser != null) { vXUser = xUserService.populateViewBean(xxUser); } else { - vXUser = new VXUser(); - vXUser.setName(userName); - vXUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); - UserSessionBase usb = ContextUtil.getCurrentUserSession(); if (usb != null && !usb.isUserAdmin()) { throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } - vXUser = xUserMgr.createXUser(vXUser); + vXUser = xUserMgr.createServiceConfigUser(userName); } } @@ -1152,15 +1148,12 @@ public class ServiceDBStore implements ServiceStore { if (xxUser != null) { vXUser = xUserService.populateViewBean(xxUser); } else { - vXUser = new VXUser(); - vXUser.setName(userName); - vXUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); UserSessionBase usb = ContextUtil.getCurrentUserSession(); if (usb != null && !usb.isUserAdmin()) { throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION); } - vXUser = xUserMgr.createXUser(vXUser); + vXUser = xUserMgr.createServiceConfigUser(userName); } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4e73a3ac/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java index 571265c..b186667 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java @@ -1175,7 +1175,7 @@ public class UserMgr { } } - private VXPortalUser mapXXPortalUserToVXPortalUserForDefaultAccount( + protected VXPortalUser mapXXPortalUserToVXPortalUserForDefaultAccount( XXPortalUser user) { VXPortalUser userProfile = new VXPortalUser(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4e73a3ac/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 63c36da..e05a58e 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -29,6 +29,7 @@ import java.util.Set; import org.apache.commons.collections.CollectionUtils; import org.apache.ranger.common.ContextUtil; +import org.apache.ranger.common.GUIDUtil; import org.apache.ranger.common.RangerCommonEnums; import org.apache.ranger.entity.XXGroupPermission; import org.apache.ranger.entity.XXModuleDef; @@ -140,6 +141,9 @@ public class XUserMgr extends XUserMgrBase { @Autowired SessionMgr sessionMgr; + + @Autowired + GUIDUtil guidUtil; @Autowired RangerPolicyService policyService; @@ -1755,4 +1759,58 @@ public class XUserMgr extends XUserMgrBase { policyItems.removeAll(itemsToRemove); } } + + protected VXUser createServiceConfigUser(String userName){ + if (userName == null || "null".equalsIgnoreCase(userName) || userName.trim().isEmpty()) { + logger.error("User Name: "+userName); + throw restErrorUtil.createRESTException("Please provide a valid username.",MessageEnums.INVALID_INPUT_DATA); + } + VXUser vXUser = null; + VXPortalUser vXPortalUser=null; + XXUser xxUser = daoManager.getXXUser().findByUserName(userName); + XXPortalUser xXPortalUser = daoManager.getXXPortalUser().findByLoginId(userName); + String actualPassword = ""; + if(xxUser!=null && xXPortalUser!=null){ + vXUser = xUserService.populateViewBean(xxUser); + return vXUser; + } + if(xxUser==null){ + vXUser=new VXUser(); + vXUser.setName(userName); + vXUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); + vXUser.setDescription(vXUser.getName()); + actualPassword = vXUser.getPassword(); + } + if(xXPortalUser==null){ + vXPortalUser=new VXPortalUser(); + vXPortalUser.setLoginId(userName); + vXPortalUser.setEmailAddress(guidUtil.genGUID()); + vXPortalUser.setFirstName(vXUser.getFirstName()); + vXPortalUser.setLastName(vXUser.getLastName()); + vXPortalUser.setPassword(vXUser.getPassword()); + vXPortalUser.setUserSource(RangerCommonEnums.USER_EXTERNAL); + ArrayList<String> roleList = new ArrayList<String>(); + roleList.add(RangerConstants.ROLE_USER); + vXPortalUser.setUserRoleList(roleList); + xXPortalUser = userMgr.mapVXPortalUserToXXPortalUser(vXPortalUser); + xXPortalUser=userMgr.createUser(xXPortalUser, RangerCommonEnums.STATUS_ENABLED, roleList); + } + VXUser createdXUser=null; + if(xxUser==null && vXUser!=null){ + createdXUser = xUserService.createResource(vXUser); + } + if(createdXUser!=null){ + logger.info("User created: "+createdXUser.getName()); + createdXUser.setPassword(actualPassword); + List<XXTrxLog> trxLogList = xUserService.getTransactionLog(createdXUser, "create"); + String hiddenPassword = PropertiesUtil.getProperty("ranger.password.hidden", "*****"); + createdXUser.setPassword(hiddenPassword); + xaBizUtil.createTrxLog(trxLogList); + if(xXPortalUser!=null){ + vXPortalUser=userMgr.mapXXPortalUserToVXPortalUserForDefaultAccount(xXPortalUser); + assignPermissionToUser(vXPortalUser, true); + } + } + return createdXUser; + } }
