Repository: incubator-ranger Updated Branches: refs/heads/master e8c4658a3 -> c28abae1f
Revert "RANGER-991: Ranger should support authorization for Apache Atlas" This reverts commit 72d61a87ed746d0e67cfdc3324faf7f5c5f7be45. Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/c28abae1 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/c28abae1 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/c28abae1 Branch: refs/heads/master Commit: c28abae1fb525432b90b8c3c87e7c46ca77a861e Parents: e8c4658 Author: Madhan Neethiraj <[email protected]> Authored: Tue May 24 23:28:26 2016 -0700 Committer: Madhan Neethiraj <[email protected]> Committed: Tue May 24 23:28:26 2016 -0700 ---------------------------------------------------------------------- agents-common/scripts/enable-agent.sh | 33 --- .../plugin/store/EmbeddedServiceDefsUtil.java | 10 +- .../ranger/services/tag/RangerServiceTag.java | 119 +++++++++++ .../service-defs/ranger-servicedef-atlas.json | 207 ------------------- plugin-atlas/.gitignore | 3 - .../conf/ranger-atlas-audit-changes.cfg | 30 --- plugin-atlas/conf/ranger-atlas-audit.xml | 122 ----------- .../conf/ranger-atlas-security-changes.cfg | 29 --- plugin-atlas/conf/ranger-atlas-security.xml | 83 -------- .../conf/ranger-policymgr-ssl-changes.cfg | 23 --- plugin-atlas/conf/ranger-policymgr-ssl.xml | 63 ------ plugin-atlas/pom.xml | 66 ------ plugin-atlas/scripts/install.properties | 110 ---------- .../atlas/authorizer/RangerAtlasAuthorizer.java | 143 ------------- .../atlas/authorizer/RangerAtlasResource.java | 60 ------ .../services/atlas/RangerServiceAtlas.java | 62 ------ plugin-atlas/src/test/resource/log4j.properties | 34 --- plugin-atlas/template/configuration.xml | 20 -- pom.xml | 5 - ranger-atlas-plugin-shim/.gitignore | 2 - ranger-atlas-plugin-shim/pom.xml | 84 -------- .../atlas/authorizer/RangerAtlasAuthorizer.java | 142 ------------- src/main/assembly/atlas-agent.xml | 170 --------------- 23 files changed, 120 insertions(+), 1500 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/agents-common/scripts/enable-agent.sh ---------------------------------------------------------------------- diff --git a/agents-common/scripts/enable-agent.sh b/agents-common/scripts/enable-agent.sh index 39c4633..1fa1845 100755 --- a/agents-common/scripts/enable-agent.sh +++ b/agents-common/scripts/enable-agent.sh @@ -184,8 +184,6 @@ elif [ "${HCOMPONENT_NAME}" = "kafka" ]; then HCOMPONENT_LIB_DIR=${HCOMPONENT_INSTALL_DIR}/libs elif [ "${HCOMPONENT_NAME}" = "storm" ]; then HCOMPONENT_LIB_DIR=${HCOMPONENT_INSTALL_DIR}/extlib-daemon -elif [ "${HCOMPONENT_NAME}" = "atlas" ]; then - HCOMPONENT_LIB_DIR=${HCOMPONENT_INSTALL_DIR}/server/webapp/atlas/WEB-INF/lib fi HCOMPONENT_CONF_DIR=${HCOMPONENT_INSTALL_DIR}/conf @@ -715,37 +713,6 @@ then fi fi -#Update Properties to File -#$1 -> propertyName $2 -> newPropertyValue $3 -> fileName -updatePropertyToFile(){ - sed -i 's@^'$1'=[^ ]*$@'$1'='$2'@g' $3 - validate=$(sed '/^\#/d' $3 | grep "^$1" | tail -n 1 | cut -d "=" -f2-) # for validation - if test -z "$validate" ; then log "[E] '$1' not found in $3 file while Updating....!!"; exit 1; fi - echo "Property $1 updated successfully with : '$2'" -} - -if [ "${HCOMPONENT_NAME}" = "atlas" ] -then - if [ "${action}" = "enable" ] - then - authName="org.apache.ranger.authorization.atlas.authorizer.RangerAtlasAuthorizer" - else - authName="org.apache.atlas.authorize.SimpleAtlasAuthorizer" - fi - - dt=`date '+%Y%m%d%H%M%S'` - fn=`ls ${HCOMPONENT_CONF_DIR}/atlas-application.properties 2> /dev/null` - if [ -f "${fn}" ] - then - dn=`dirname ${fn}` - bn=`basename ${fn}` - bf=${dn}/.${bn}.${dt} - echo "backup of ${fn} to ${bf} ..." - cp ${fn} ${bf} - echo "Updating properties file: [${fn}] ... " - updatePropertyToFile atlas.authorizer.impl $authName ${fn} - fi -fi # # Set notice to restart the ${HCOMPONENT_NAME} # http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java index 2002295..bf29ee6 100755 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/EmbeddedServiceDefsUtil.java @@ -47,7 +47,7 @@ public class EmbeddedServiceDefsUtil { // following servicedef list should be reviewed/updated whenever a new embedded service-def is added - private static final String DEFAULT_BOOTSTRAP_SERVICEDEF_LIST = "tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas"; + private static final String DEFAULT_BOOTSTRAP_SERVICEDEF_LIST = "tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr"; private static final String PROPERTY_SUPPORTED_SERVICE_DEFS = "ranger.supportedcomponents"; private Set<String> supportedServiceDefs; public static final String EMBEDDED_SERVICEDEF_TAG_NAME = "tag"; @@ -61,7 +61,6 @@ public class EmbeddedServiceDefsUtil { public static final String EMBEDDED_SERVICEDEF_KAFKA_NAME = "kafka"; public static final String EMBEDDED_SERVICEDEF_SOLR_NAME = "solr"; public static final String EMBEDDED_SERVICEDEF_NIFI_NAME = "nifi"; - public static final String EMBEDDED_SERVICEDEF_ATLAS_NAME = "atlas"; public static final String PROPERTY_CREATE_EMBEDDED_SERVICE_DEFS = "ranger.service.store.create.embedded.service-defs"; @@ -75,7 +74,6 @@ public class EmbeddedServiceDefsUtil { public static final String KAFKA_IMPL_CLASS_NAME = "org.apache.ranger.services.kafka.RangerServiceKafka"; public static final String SOLR_IMPL_CLASS_NAME = "org.apache.ranger.services.solr.RangerServiceSolr"; public static final String NIFI_IMPL_CLASS_NAME = "org.apache.ranger.services.nifi.RangerServiceNiFi"; - public static final String ATLAS_IMPL_CLASS_NAME = "org.apache.ranger.services.atlas.RangerServiceAtlas"; private static EmbeddedServiceDefsUtil instance = new EmbeddedServiceDefsUtil(); @@ -90,7 +88,6 @@ public class EmbeddedServiceDefsUtil { private RangerServiceDef kafkaServiceDef = null; private RangerServiceDef solrServiceDef = null; private RangerServiceDef nifiServiceDef = null; - private RangerServiceDef atlasServiceDef = null; private RangerServiceDef tagServiceDef = null; @@ -128,7 +125,6 @@ public class EmbeddedServiceDefsUtil { kafkaServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_KAFKA_NAME); solrServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_SOLR_NAME); nifiServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_NIFI_NAME); - atlasServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_ATLAS_NAME); tagServiceDef = getOrCreateServiceDef(store, EMBEDDED_SERVICEDEF_TAG_NAME); @@ -181,10 +177,6 @@ public class EmbeddedServiceDefsUtil { return getId(nifiServiceDef); } - public long getAtlasServiceDefId() { - return getId(atlasServiceDef); - } - public long getTagServiceDefId() { return getId(tagServiceDef); } private long getId(RangerServiceDef serviceDef) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java new file mode 100644 index 0000000..f36a9a6 --- /dev/null +++ b/agents-common/src/main/java/org/apache/ranger/services/tag/RangerServiceTag.java @@ -0,0 +1,119 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.services.tag; + +import java.util.*; + +import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.collections.MapUtils; +import org.apache.commons.io.FilenameUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.ranger.plugin.model.RangerService; +import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.service.RangerBaseService; +import org.apache.ranger.plugin.service.ResourceLookupContext; +import org.apache.ranger.plugin.store.TagStore; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class RangerServiceTag extends RangerBaseService { + + private static final Log LOG = LogFactory.getLog(RangerServiceTag.class); + + public static final String TAG_RESOURCE_NAME = "tag"; + + private TagStore tagStore = null; + + + public RangerServiceTag() { + super(); + } + + @Override + public void init(RangerServiceDef serviceDef, RangerService service) { + super.init(serviceDef, service); + } + + public void setTagStore(TagStore tagStore) { + this.tagStore = tagStore; + } + + @Override + public HashMap<String,Object> validateConfig() throws Exception { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerServiceTag.validateConfig(" + serviceName + " )"); + } + + HashMap<String, Object> ret = new HashMap<String, Object>(); + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerServiceTag.validateConfig(" + serviceName + " ): " + ret); + } + + return ret; + } + + @Override + public List<String> lookupResource(ResourceLookupContext context) throws Exception { + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerServiceTag.lookupResource(" + context + ")"); + } + + List<String> ret = new ArrayList<String>(); + + if (context != null && StringUtils.equals(context.getResourceName(), TAG_RESOURCE_NAME)) { + try { + List<String> tags = tagStore != null ? tagStore.getTagTypes() : null; + + if(CollectionUtils.isNotEmpty(tags)) { + List<String> valuesToExclude = MapUtils.isNotEmpty(context.getResources()) ? context.getResources().get(TAG_RESOURCE_NAME) : null; + + if(CollectionUtils.isNotEmpty(valuesToExclude)) { + for (String valueToExclude : valuesToExclude) { + tags.remove(valueToExclude); + } + } + + String valueToMatch = context.getUserInput(); + + if(StringUtils.isNotEmpty(valueToMatch)) { + if(! valueToMatch.endsWith("*")) { + valueToMatch += "*"; + } + + for (String tag : tags) { + if(FilenameUtils.wildcardMatch(tag, valueToMatch)) { + ret.add(tag); + } + } + } + } + } catch (Exception excp) { + LOG.error("RangerServiceTag.lookupResource()", excp); + } + } + + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerServiceTag.lookupResource(): tag count=" + ret.size()); + } + + return ret; + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json ---------------------------------------------------------------------- diff --git a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json deleted file mode 100644 index 4a550c6..0000000 --- a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json +++ /dev/null @@ -1,207 +0,0 @@ -{ - "id":11, - "name": "atlas", - "implClass": "org.apache.ranger.services.atlas.RangerServiceAtlas", - "label": "Atlas Metadata Server", - "description": "Atlas Metadata Server", - "resources": - [ - { - "itemId": 1, - "name": "entity", - "type": "string", - "level": 10, - "parent": "", - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { "wildCard":true, "ignoreCase":true }, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Entity", - "description": "Entity" - }, - - { - "itemId": 2, - "name": "type", - "type": "string", - "level": 10, - "parent": "", - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { "wildCard":true, "ignoreCase":true }, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Type", - "description": "Type" - }, - - { - "itemId": 3, - "name": "operation", - "type": "string", - "level": 10, - "parent": "", - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { "wildCard":true, "ignoreCase":true }, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Operations", - "description": "Admin Operations" - }, - - { - "itemId": 4, - "name": "taxonomy", - "type": "string", - "level": 10, - "parent": "", - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { "wildCard":true, "ignoreCase":true }, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Taxonomy", - "description": "Taxonomy" - }, - - { - "itemId": 5, - "name": "term", - "type": "string", - "level": 10, - "parent": "", - "mandatory": true, - "lookupSupported": true, - "recursiveSupported": false, - "excludesSupported": true, - "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher", - "matcherOptions": { "wildCard":true, "ignoreCase":true }, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Term", - "description": "Term" - } - - - ], - - "accessTypes": - [ - { - "itemId": 1, - "name": "read", - "label": "read" - }, - - { - "itemId": 2, - "name": "create", - "label": "create" - }, - - { - "itemId": 3, - "name": "update", - "label": "update" - }, - - { - "itemId": 4, - "name": "delete", - "label": "delete" - }, - - - { - "itemId": 5, - "name": "all", - "label": "All", - "impliedGrants": - [ - "read", - "create", - "update", - "delete" - ] - } - ], - - "configs": - [ - { - "itemId": 1, - "name": "username", - "type": "string", - "mandatory": true, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Username" - }, - - { - "itemId": 2, - "name": "password", - "type": "password", - "mandatory": true, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Password" - }, - - { - "itemId": 3, - "name": "atlas.rest.address", - "type": "string", - "mandatory": true, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "defaultValue": "http://localhost:21000"; - }, - - { - "itemId": 4, - "name": "commonNameForCertificate", - "type": "string", - "mandatory": false, - "validationRegEx":"", - "validationMessage": "", - "uiHint":"", - "label": "Common Name for Certificate" - } - ], - - "enums": - [ - - ], - - "contextEnrichers": - [ - ], - - "policyConditions": - [ - ] -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/.gitignore ---------------------------------------------------------------------- diff --git a/plugin-atlas/.gitignore b/plugin-atlas/.gitignore deleted file mode 100644 index 02f68bb..0000000 --- a/plugin-atlas/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -/target/ -/bin/ -.settings/ http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-atlas-audit-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-atlas-audit-changes.cfg b/plugin-atlas/conf/ranger-atlas-audit-changes.cfg deleted file mode 100644 index 07fc382..0000000 --- a/plugin-atlas/conf/ranger-atlas-audit-changes.cfg +++ /dev/null @@ -1,30 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -#solr configuration -xasecure.audit.destination.solr %XAAUDIT.SOLR.ENABLE% mod create-if-not-exists -xasecure.audit.destination.solr.urls %XAAUDIT.SOLR.URL% mod create-if-not-exists -xasecure.audit.destination.solr.user %XAAUDIT.SOLR.USER% mod create-if-not-exists -xasecure.audit.destination.solr.password %XAAUDIT.SOLR.PASSWORD% mod create-if-not-exists -xasecure.audit.destination.solr.zookeepers %XAAUDIT.SOLR.ZOOKEEPER% mod create-if-not-exists - - -#hdfs configuration -xasecure.audit.destination.hdfs %XAAUDIT.HDFS.ENABLE% mod create-if-not-exists -xasecure.audit.destination.hdfs.dir %XAAUDIT.HDFS.HDFS_DIR% mod create-if-not-exists - - - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-atlas-audit.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-atlas-audit.xml b/plugin-atlas/conf/ranger-atlas-audit.xml deleted file mode 100644 index 93ad238..0000000 --- a/plugin-atlas/conf/ranger-atlas-audit.xml +++ /dev/null @@ -1,122 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <property> - <name>xasecure.audit.is.enabled</name> - <value>true</value> - </property> - - <!-- Solr audit provider configuration --> - - <property> - <name>xasecure.audit.destination.solr</name> - <value>false</value> - </property> - - <property> - <name>xasecure.audit.destination.solr.urls</name> - <value>NONE</value> - </property> - - <property> - <name>xasecure.audit.destination.solr.zookeepers</name> - <value></value> - </property> - - <property> - <name>xasecure.audit.destination.solr.collection</name> - <value>NONE</value> - </property> - - - <!-- HDFS audit provider configuration --> - <property> - <name>xasecure.audit.destination.hdfs</name> - <value>false</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.dir</name> - <value>hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.subdir</name> - <value>%app-type%/%time:yyyyMMdd%</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.filename.format</name> - <value>%app-type%_ranger_audit_%hostname%.log</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.file.rollover.sec</name> - <value>86400</value> - </property> - - <!-- Audit to HDFS on Azure Datastore (WASB) requires v3 style settings. Comment the above and uncomment only the - following to audit to Azure Blob Datastore via hdfs' WASB schema. - - NOTE: If you specify one audit destination in v3 style then other destinations, if any, must also be specified in v3 style - ==== - - <property> - <name>xasecure.audit.destination.hdfs</name> - <value>enabled</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.dir</name> - <value>wasb://[email protected]</value> - </property> - - the following 3 correspond to the properties with similar name in core-site.xml, i.e. - - fs.azure.account.key.youraccount.blob.core.windows.net => xasecure.audit.destination.hdfs.config.fs.azure.account.key.youraccount.blob.core.windows.net and - - fs.azure.account.keyprovider.youraccount.blob.core.windows.net => xasecure.audit.destination.hdfs.config.fs.azure.account.keyprovider.youraccount.blob.core.windows.net, - - fs.azure.shellkeyprovider.script => xasecure.audit.destination.hdfs.config.fs.azure.shellkeyprovider.script, - - <property> - <name>xasecure.audit.destination.hdfs.config.fs.azure.account.key.youraccount.blob.core.windows.net</name> - <value>YOUR ENCRYPTED ACCESS KEY</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.config.fs.azure.account.keyprovider.youraccount.blob.core.windows.net</name> - <value>org.apache.hadoop.fs.azure.ShellDecryptionKeyProvider</value> - </property> - - <property> - <name>xasecure.audit.destination.hdfs.config.fs.azure.shellkeyprovider.script</name> - <value>/usr/lib/python2.7/dist-packages/hdinsight_common/decrypt.sh</value> - </property> - --> - - <!-- Log4j audit provider configuration --> - <property> - <name>xasecure.audit.destination.log4j</name> - <value>false</value> - </property> - - <property> - <name>xasecure.audit.destination.log4j.logger</name> - <value></value> - </property> - -</configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-atlas-security-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-atlas-security-changes.cfg b/plugin-atlas/conf/ranger-atlas-security-changes.cfg deleted file mode 100644 index 08790b9..0000000 --- a/plugin-atlas/conf/ranger-atlas-security-changes.cfg +++ /dev/null @@ -1,29 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Change the original policy parameter to work with policy manager based. -# -# -ranger.plugin.atlas.service.name %REPOSITORY_NAME% mod create-if-not-exists - -ranger.plugin.atlas.policy.source.impl org.apache.ranger.admin.client.RangerAdminRESTClient mod create-if-not-exists - -ranger.plugin.atlas.policy.rest.url %POLICY_MGR_URL% mod create-if-not-exists -ranger.plugin.atlas.policy.rest.ssl.config.file /etc/atlas/conf/ranger-policymgr-ssl.xml mod create-if-not-exists -ranger.plugin.atlas.policy.pollIntervalMs 30000 mod create-if-not-exists -ranger.plugin.atlas.policy.cache.dir %POLICY_CACHE_FILE_PATH% mod create-if-not-exists -ranger.plugin.atlas.policy.rest.client.connection.timeoutMs 120000 mod create-if-not-exists -ranger.plugin.atlas.policy.rest.client.read.timeoutMs 30000 mod create-if-not-exists - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-atlas-security.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-atlas-security.xml b/plugin-atlas/conf/ranger-atlas-security.xml deleted file mode 100644 index 933c8e7..0000000 --- a/plugin-atlas/conf/ranger-atlas-security.xml +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <property> - <name>ranger.plugin.atlas.service.name</name> - <value>atlasdev</value> - <description> - Name of the Ranger service containing policies for this YARN instance - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.source.impl</name> - <value>org.apache.ranger.admin.client.RangerAdminRESTClient</value> - <description> - Class to retrieve policies from the source - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.rest.url</name> - <value>http://policymanagerhost:port</value> - <description> - URL to Ranger Admin - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.rest.ssl.config.file</name> - <value>/etc/atlas/conf/ranger-policymgr-ssl.xml</value> - <description> - Path to the file containing SSL details to contact Ranger Admin - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.pollIntervalMs</name> - <value>30000</value> - <description> - How often to poll for changes in policies? - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.cache.dir</name> - <value>/etc/ranger/atlasdev/policycache</value> - <description> - Directory where Ranger policies are cached after successful retrieval from the source - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.rest.client.connection.timeoutMs</name> - <value>120000</value> - <description> - RangerRestClient Connection Timeout in Milli Seconds - </description> - </property> - - <property> - <name>ranger.plugin.atlas.policy.rest.client.read.timeoutMs</name> - <value>30000</value> - <description> - RangerRestClient read Timeout in Milli Seconds - </description> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg b/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg deleted file mode 100644 index 6bf4265..0000000 --- a/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg +++ /dev/null @@ -1,23 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SSL Params -# -xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-policymgr-ssl.xml b/plugin-atlas/conf/ranger-policymgr-ssl.xml deleted file mode 100644 index 964aac7..0000000 --- a/plugin-atlas/conf/ranger-policymgr-ssl.xml +++ /dev/null @@ -1,63 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <!-- The following properties are used for 2-way SSL client server validation --> - <property> - <name>xasecure.policymgr.clientssl.keystore</name> - <value>hadoopdev-clientcert.jks</value> - <description> - Java Keystore files - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore</name> - <value>cacerts-xasecure.jks</value> - <description> - java truststore file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.credential.file</name> - <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> - <description> - java keystore credential file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.credential.file</name> - <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> - <description> - java truststore credential file - </description> - </property> -</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/pom.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/pom.xml b/plugin-atlas/pom.xml deleted file mode 100644 index 2c82c57..0000000 --- a/plugin-atlas/pom.xml +++ /dev/null @@ -1,66 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> - <modelVersion>4.0.0</modelVersion> - <artifactId>ranger-atlas-plugin</artifactId> - <name>Atlas Security Plugin</name> - <description>Atlas Security Plugins</description> - <packaging>jar</packaging> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - </properties> - <parent> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger</artifactId> - <version>0.6.0-SNAPSHOT</version> - <relativePath>..</relativePath> - </parent> - <dependencies> - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>${commons.lang.version}</version> - </dependency> - <dependency> - <groupId>com.google.code.gson</groupId> - <artifactId>gson</artifactId> - </dependency> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger-plugins-common</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger-plugins-audit</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.atlas</groupId> - <artifactId>atlas-authorization</artifactId> - <version>${atlas.version}</version> - </dependency> - <dependency> - <groupId>org.apache.atlas</groupId> - <artifactId>atlas-common</artifactId> - <version>${atlas.version}</version> - </dependency> - </dependencies> -</project> - - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/scripts/install.properties ---------------------------------------------------------------------- diff --git a/plugin-atlas/scripts/install.properties b/plugin-atlas/scripts/install.properties deleted file mode 100644 index b339d26..0000000 --- a/plugin-atlas/scripts/install.properties +++ /dev/null @@ -1,110 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Location of Policy Manager URL -# -# Example: -# POLICY_MGR_URL=http://policymanager.xasecure.net:6080 -# -POLICY_MGR_URL= - -# -# Location of db client library (please check the location of the jar file) -# -# Example: -# SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar -# SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar -# -SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar - -# -# This is the repository name created within policy manager -# -# Example: -# REPOSITORY_NAME=atlasdev -# -REPOSITORY_NAME= - -# AUDIT configuration with V3 properties - -#Should audit be summarized at source -XAAUDIT.SUMMARY.ENABLE=true - -# Enable audit logs to Solr -#Example -#XAAUDIT.SOLR.ENABLE=true -#XAAUDIT.SOLR.URL=http://localhost:6083/solr/ranger_audits -#XAAUDIT.SOLR.ZOOKEEPER= -#XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/atlas/audit/solr/spool - -XAAUDIT.SOLR.ENABLE=false -XAAUDIT.SOLR.URL=NONE -XAAUDIT.SOLR.USER=NONE -XAAUDIT.SOLR.PASSWORD=NONE -XAAUDIT.SOLR.ZOOKEEPER=NONE - -# Enable audit logs to HDFS -#Example -#XAAUDIT.HDFS.ENABLE=true -#XAAUDIT.HDFS.HDFS_DIR=hdfs://node-1.example.com:8020/ranger/audit -# If using Azure Blob Storage -#XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path> -#XAAUDIT.HDFS.HDFS_DIR=wasb://[email protected]/ranger/audit -#XAAUDIT.HDFS.FILE_SPOOL_DIR=/var/log/atlas/audit/hdfs/spool - -XAAUDIT.HDFS.ENABLE=false -XAAUDIT.HDFS.HDFS_DIR=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit - -# Following additional propertis are needed When auditing to Azure Blob Storage via HDFS -# Get these values from your /etc/hadoop/conf/core-site.xml -#XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path> -XAAUDIT.HDFS.AZURE_ACCOUNTNAME=__REPLACE_AZURE_ACCOUNT_NAME -XAAUDIT.HDFS.AZURE_ACCOUNTKEY=__REPLACE_AZURE_ACCOUNT_KEY -XAAUDIT.HDFS.AZURE_SHELL_KEY_PROVIDER=__REPLACE_AZURE_SHELL_KEY_PROVIDER -XAAUDIT.HDFS.AZURE_ACCOUNTKEY_PROVIDER=__REPLACE_AZURE_ACCOUNT_KEY_PROVIDER - -# End of V3 properties - - -# -# SSL Client Certificate Information -# -# Example: -# SSL_KEYSTORE_FILE_PATH=/etc/atlas/conf/ranger-plugin-keystore.jks -# SSL_KEYSTORE_PASSWORD=none -# SSL_TRUSTSTORE_FILE_PATH=/etc/atlas/conf/ranger-plugin-truststore.jks -# SSL_TRUSTSTORE_PASSWORD=none -# -# You do not need use SSL between agent and security admin tool, please leave these sample value as it is. -# -SSL_KEYSTORE_FILE_PATH=/etc/atlas/conf/ranger-plugin-keystore.jks -SSL_KEYSTORE_PASSWORD=myKeyFilePassword -SSL_TRUSTSTORE_FILE_PATH=/etc/atlas/conf/ranger-plugin-truststore.jks -SSL_TRUSTSTORE_PASSWORD=changeit - -# -# Custom component user -# CUSTOM_COMPONENT_USER=<custom-user> -# keep blank if component user is default -CUSTOM_USER=atlas - - -# -# Custom component group -# CUSTOM_COMPONENT_GROUP=<custom-group> -# keep blank if component group is default -CUSTOM_GROUP=hadoop - http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java ---------------------------------------------------------------------- diff --git a/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java b/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java deleted file mode 100644 index c735aa7..0000000 --- a/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java +++ /dev/null @@ -1,143 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.authorization.atlas.authorizer; - -import java.util.Date; -import java.util.Set; - -import org.apache.atlas.authorize.AtlasAccessRequest; -import org.apache.atlas.authorize.AtlasAuthorizationException; -import org.apache.atlas.authorize.AtlasAuthorizer; -import org.apache.atlas.authorize.AtlasResourceTypes; -import org.apache.ranger.plugin.audit.RangerDefaultAuditHandler; -import org.apache.ranger.plugin.policyengine.RangerAccessRequestImpl; -import org.apache.ranger.plugin.policyengine.RangerAccessResult; -import org.apache.ranger.plugin.service.RangerBasePlugin; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class RangerAtlasAuthorizer implements AtlasAuthorizer { - private static final Logger LOG = LoggerFactory.getLogger(RangerAtlasAuthorizer.class); - private static boolean isDebugEnabled = LOG.isDebugEnabled(); - private static volatile RangerBasePlugin atlasPlugin = null; - - @Override - public void init() { - if (LOG.isDebugEnabled()) { - LOG.debug("==> RangerAtlasPlugin.init()"); - } - - RangerBasePlugin plugin = atlasPlugin; - - if (plugin == null) { - synchronized (RangerAtlasPlugin.class) { - plugin = atlasPlugin; - - if (plugin == null) { - plugin = new RangerAtlasPlugin(); - plugin.init(); - plugin.setResultProcessor(new RangerDefaultAuditHandler()); - atlasPlugin = plugin; - - } - } - } - if (LOG.isDebugEnabled()) { - LOG.debug("<== RangerAtlasPlugin.init()"); - } - } - - @Override - public boolean isAccessAllowed(AtlasAccessRequest request) throws AtlasAuthorizationException { - boolean isAccessAllowed = true; - if (isDebugEnabled) { - LOG.debug("==> isAccessAllowed( " + request + " )"); - } - - String resource = request.getResource(); - String user = request.getUser(); - Set<String> userGroups = request.getUserGroups(); - String action = request.getAction().name(); - Set<AtlasResourceTypes> resourceTypes = request.getResourceTypes(); - String clientIPAddress = request.getClientIPAddress(); - - for (AtlasResourceTypes resourceType : resourceTypes) { - RangerAtlasAccessRequest rangerRequest = - new RangerAtlasAccessRequest(resourceType, resource, action, user, userGroups, clientIPAddress); - if (isDebugEnabled) { - LOG.debug("Creating RangerAtlasAccessRequest with values [resource : " + resource + ", user : " + user - + ", Groups : " + userGroups + ", action : " + action + ", resourceType : " + resourceType - + ", clientIP : " + clientIPAddress + "]"); - } - isAccessAllowed = checkAccess(rangerRequest); - if (!isAccessAllowed) { - break; - } - } - - if (isDebugEnabled) { - LOG.debug("<== isAccessAllowed Returning value :: " + isAccessAllowed); - } - return isAccessAllowed; - } - - private boolean checkAccess(RangerAtlasAccessRequest request) { - boolean isAccessAllowed = false; - RangerBasePlugin plugin = atlasPlugin; - - if (plugin != null) { - RangerAccessResult rangerResult = plugin.isAccessAllowed(request); - isAccessAllowed = (rangerResult == null) ? false : rangerResult.getIsAllowed(); - } else { - isAccessAllowed = false; - LOG.warn("AtlasPlugin not initialized properly : " + plugin+"... Access blocked!!!"); - } - return isAccessAllowed; - } - - @Override - public void cleanUp() { - if (isDebugEnabled) { - LOG.debug("==> cleanUp "); - } - } - - class RangerAtlasPlugin extends RangerBasePlugin { - RangerAtlasPlugin() { - super("atlas", "atlas"); - } - } - -} - -class RangerAtlasAccessRequest extends RangerAccessRequestImpl { - - public RangerAtlasAccessRequest(AtlasResourceTypes resType, String resource, String action, String user, - Set<String> userGroups, String clientIp) { - super.setResource(new RangerAtlasResource(resType, resource)); - super.setAccessType(action); - super.setUser(user); - super.setUserGroups(userGroups); - super.setAccessTime(new Date(System.currentTimeMillis())); - super.setClientIPAddress(clientIp); - super.setAction(action); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java ---------------------------------------------------------------------- diff --git a/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java b/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java deleted file mode 100644 index 01b0f82..0000000 --- a/plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasResource.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.authorization.atlas.authorizer; - -import org.apache.atlas.authorize.AtlasResourceTypes; -import org.apache.ranger.plugin.policyengine.RangerAccessResourceImpl; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class RangerAtlasResource extends RangerAccessResourceImpl { - public static final String KEY_TYPE = "type"; - public static final String KEY_ENTITY = "entity"; - public static final String KEY_OPERATION = "operation"; - public static final String KEY_TAXONOMY = "taxonomy"; - public static final String KEY_TERM = "term"; - - private static final Logger LOG = LoggerFactory.getLogger(RangerAtlasResource.class); - - public RangerAtlasResource(AtlasResourceTypes resourceType, String atlasResource) { - switch (resourceType) { - case TYPE: - setValue(KEY_TYPE, atlasResource); - break; - case ENTITY: - setValue(KEY_ENTITY, atlasResource); - break; - case OPERATION: - setValue(KEY_OPERATION, atlasResource); - break; - case TAXONOMY: - setValue(KEY_TAXONOMY, atlasResource); - break; - case TERM: - setValue(KEY_TERM, atlasResource); - break; - default: - LOG.warn("Invalid Resource : " + atlasResource); - break; - } - - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java ---------------------------------------------------------------------- diff --git a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java b/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java deleted file mode 100644 index 47616f4..0000000 --- a/plugin-atlas/src/main/java/org/apache/ranger/services/atlas/RangerServiceAtlas.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ranger.services.atlas; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.ranger.plugin.client.BaseClient; -import org.apache.ranger.plugin.model.RangerService; -import org.apache.ranger.plugin.model.RangerServiceDef; -import org.apache.ranger.plugin.service.RangerBaseService; -import org.apache.ranger.plugin.service.ResourceLookupContext; - -public class RangerServiceAtlas extends RangerBaseService { - - private static final Log LOG = LogFactory.getLog(RangerServiceAtlas.class); - - public RangerServiceAtlas() { - super(); - } - - @Override - public void init(RangerServiceDef serviceDef, RangerService service) { - super.init(serviceDef, service); - } - - @Override - public HashMap<String, Object> validateConfig() throws Exception { - if (LOG.isDebugEnabled()) { - LOG.debug("This method will be implemented"); - } - HashMap<String, Object> responseMap = new HashMap<String, Object>(); - String msg = "This feature is not available currently"; - BaseClient.generateResponseDataMap(true, msg, msg, null, null, responseMap); - return responseMap; - } - - @Override - public List<String> lookupResource(ResourceLookupContext context) throws Exception { - //This feature is not available currently - return new ArrayList<String>(); - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/src/test/resource/log4j.properties ---------------------------------------------------------------------- diff --git a/plugin-atlas/src/test/resource/log4j.properties b/plugin-atlas/src/test/resource/log4j.properties deleted file mode 100644 index f7ab2ba..0000000 --- a/plugin-atlas/src/test/resource/log4j.properties +++ /dev/null @@ -1,34 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -##-- To prevent junits from cluttering the build run by default all test runs send output to null appender -log4j.appender.devnull=org.apache.log4j.varia.NullAppender -ranger.root.logger=FATAL,devnull - -##-- uncomment the following line during during development/debugging so see debug messages during test run to be emitted to console -# ranger.root.logger=DEBUG,console -log4j.rootLogger=${ranger.root.logger} - -# Logging Threshold -log4j.threshold=ALL - -# -# console -# Add "console" to rootlogger above if you want to use this -# -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.target=System.err -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%d{ISO8601} %-5p [%t] %c{2}: %m%n http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/plugin-atlas/template/configuration.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/template/configuration.xml b/plugin-atlas/template/configuration.xml deleted file mode 100644 index bdb0125..0000000 --- a/plugin-atlas/template/configuration.xml +++ /dev/null @@ -1,20 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<configuration> -</configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 29292a7..327f30c 100644 --- a/pom.xml +++ b/pom.xml @@ -104,11 +104,9 @@ <module>ranger-storm-plugin-shim</module> <module>ranger-kafka-plugin-shim</module> <module>ranger-solr-plugin-shim</module> - <module>ranger-atlas-plugin-shim</module> <module>ranger-hive-utils</module> <module>ranger-examples</module> <module>ranger-tools</module> - <module>plugin-atlas</module> </modules> <properties> <javac.source.version>1.7</javac.source.version> @@ -164,7 +162,6 @@ <hamcrest.all.version>1.3</hamcrest.all.version> <hbase.version>1.1.3</hbase.version> <hive.version>2.1.0-SNAPSHOT</hive.version> - <atlas.version>0.7-incubating-SNAPSHOT</atlas.version> <htrace-core.version>3.1.0-incubating</htrace-core.version> <httpcomponents.httpclient.version>4.3.6</httpcomponents.httpclient.version> <httpcomponents.httpcore.version>4.4.3</httpcomponents.httpcore.version> @@ -404,7 +401,6 @@ <descriptor>src/main/assembly/kms.xml</descriptor> <descriptor>src/main/assembly/ranger-tools.xml</descriptor> <descriptor>src/main/assembly/ranger-src.xml</descriptor> - <descriptor>src/main/assembly/atlas-agent.xml</descriptor> </descriptors> </configuration> </plugin> @@ -521,7 +517,6 @@ <exclude>**/.classpath/**</exclude> <exclude>**/*.iml</exclude> <exclude>**/target/**</exclude> - <exclude>**/bin/**</exclude> <exclude>**/CHANGES</exclude> <exclude>**/ISSUES</exclude> <exclude>**/patchprocess/**</exclude> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/ranger-atlas-plugin-shim/.gitignore ---------------------------------------------------------------------- diff --git a/ranger-atlas-plugin-shim/.gitignore b/ranger-atlas-plugin-shim/.gitignore deleted file mode 100644 index b9c5b0b..0000000 --- a/ranger-atlas-plugin-shim/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -/target/ -.settings/ http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/ranger-atlas-plugin-shim/pom.xml ---------------------------------------------------------------------- diff --git a/ranger-atlas-plugin-shim/pom.xml b/ranger-atlas-plugin-shim/pom.xml deleted file mode 100644 index a656d94..0000000 --- a/ranger-atlas-plugin-shim/pom.xml +++ /dev/null @@ -1,84 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> - <modelVersion>4.0.0</modelVersion> - <artifactId>ranger-atlas-plugin-shim</artifactId> - <name>Atlas Security Plugin Shim</name> - <description>Atlas Security Plugins Shim</description> - <packaging>jar</packaging> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - </properties> - <parent> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger</artifactId> - <version>0.6.0-SNAPSHOT</version> - <relativePath>..</relativePath> - </parent> - <dependencies> - <dependency> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> - <version>${commons.logging.version}</version> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-common</artifactId> - <version>${hadoop.version}</version> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-hdfs</artifactId> - <version>${hadoop.version}</version> - </dependency> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger-plugin-classloader</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>commons-lang</groupId> - <artifactId>commons-lang</artifactId> - <version>${commons.lang.version}</version> - </dependency> - <dependency> - <groupId>com.google.code.gson</groupId> - <artifactId>gson</artifactId> - </dependency> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger-plugins-common</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.ranger</groupId> - <artifactId>ranger-plugins-audit</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.atlas</groupId> - <artifactId>atlas-authorization</artifactId> - <version>${atlas.version}</version> - </dependency> - <dependency> - <groupId>org.apache.atlas</groupId> - <artifactId>atlas-common</artifactId> - <version>${atlas.version}</version> - </dependency> - </dependencies> -</project> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java ---------------------------------------------------------------------- diff --git a/ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java b/ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java deleted file mode 100644 index d8bdefd..0000000 --- a/ranger-atlas-plugin-shim/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.authorization.atlas.authorizer; - -import org.apache.atlas.authorize.AtlasAccessRequest; -import org.apache.atlas.authorize.AtlasAuthorizationException; -import org.apache.atlas.authorize.AtlasAuthorizer; -import org.apache.ranger.plugin.classloader.RangerPluginClassLoader; -import org.apache.ranger.plugin.service.RangerBasePlugin; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class RangerAtlasAuthorizer implements AtlasAuthorizer { - private static final Logger LOG = LoggerFactory.getLogger(RangerAtlasAuthorizer.class); - private static boolean isDebugEnabled = LOG.isDebugEnabled(); - private static volatile RangerBasePlugin atlasPlugin = null; - - private static final String RANGER_PLUGIN_TYPE = "atlas"; - private static final String[] RANGER_PLUGIN_LIB_DIR = new String[] {"lib/ranger-atlas-plugin"}; - private static final String RANGER_ATLAS_AUTHORIZER_IMPL_CLASSNAME = "org.apache.ranger.authorization.atlas.authorizer.RangerAtlasAuthorizer"; - - private AtlasAuthorizer rangerAtlasAuthorizerImpl = null; - private static RangerPluginClassLoader rangerPluginClassLoader = null; - - public RangerAtlasAuthorizer() { - if(LOG.isDebugEnabled()) { - LOG.debug("==> RangerAtlasAuthorizer.RangerAtlasAuthorizer()"); - } - - this.init0(); - - if(LOG.isDebugEnabled()) { - LOG.debug("<== RangerAtlasAuthorizer.RangerAtlasAuthorizer()"); - } - } - - private void init0() { - LOG.info("Initializing RangerAtlasPlugin"); - try { - rangerPluginClassLoader = RangerPluginClassLoader.getInstance(RANGER_PLUGIN_TYPE, this.getClass()); - - @SuppressWarnings("unchecked") - Class<AtlasAuthorizer> cls = (Class<AtlasAuthorizer>) Class.forName(RANGER_ATLAS_AUTHORIZER_IMPL_CLASSNAME, true, rangerPluginClassLoader); - - activatePluginClassLoader(); - - rangerAtlasAuthorizerImpl = cls.newInstance(); - } catch (Exception e) { - // check what need to be done - LOG.error("Error Enabling RangerAtlasPluing", e); - } finally { - deactivatePluginClassLoader(); - } - if (LOG.isDebugEnabled()) { - LOG.debug("<== RangerAtlasPlugin.init()"); - } - } - - @Override - public void init() { - if (isDebugEnabled) { - LOG.debug("gautam init <==="); - } - - try { - activatePluginClassLoader(); - - rangerAtlasAuthorizerImpl.init(); - } finally { - deactivatePluginClassLoader(); - } - - if (isDebugEnabled) { - LOG.debug("gautam init ===> " ); - } - - } - - @Override - public boolean isAccessAllowed(AtlasAccessRequest request) throws AtlasAuthorizationException { - boolean isAccessAllowed = false; - if (isDebugEnabled) { - LOG.debug("isAccessAllowed <==="); - } - - try { - activatePluginClassLoader(); - - isAccessAllowed = rangerAtlasAuthorizerImpl.isAccessAllowed(request); - } finally { - deactivatePluginClassLoader(); - } - - if (isDebugEnabled) { - LOG.debug("isAccessAllowed ===> Returning value :: " + isAccessAllowed); - } - return isAccessAllowed; - } - - @Override - public void cleanUp() { - if (isDebugEnabled) { - LOG.debug("cleanUp <==="); - } - try { - activatePluginClassLoader(); - rangerAtlasAuthorizerImpl.cleanUp(); - } finally { - deactivatePluginClassLoader(); - } - - } - - private void activatePluginClassLoader() { - if(rangerPluginClassLoader != null) { - rangerPluginClassLoader.activate(); - } - } - - private void deactivatePluginClassLoader() { - if(rangerPluginClassLoader != null) { - rangerPluginClassLoader.deactivate(); - } - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/c28abae1/src/main/assembly/atlas-agent.xml ---------------------------------------------------------------------- diff --git a/src/main/assembly/atlas-agent.xml b/src/main/assembly/atlas-agent.xml deleted file mode 100644 index a1c1cc5..0000000 --- a/src/main/assembly/atlas-agent.xml +++ /dev/null @@ -1,170 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<assembly> - <id>atlas-plugin</id> - <formats> - <format>tar.gz</format> - <format>zip</format> - </formats> - <baseDirectory>${project.name}-${project.version}-atlas-plugin</baseDirectory> - <includeBaseDirectory>true</includeBaseDirectory> - <moduleSets> - - <moduleSet> - <binaries> - <includeDependencies>false</includeDependencies> - <unpack>false</unpack> - <directoryMode>755</directoryMode> - <fileMode>644</fileMode> - <outputDirectory>/lib</outputDirectory> - </binaries> - <includes> - <include>org.apache.ranger:ranger-atlas-plugin-shim</include> - <include>org.apache.ranger:ranger-plugin-classloader</include> - </includes> - </moduleSet> - - <moduleSet> - <binaries> - <includeDependencies>false</includeDependencies> - <unpack>false</unpack> - <directoryMode>755</directoryMode> - <fileMode>644</fileMode> - <dependencySets> - <dependencySet> - <outputDirectory>/lib/ranger-atlas-plugin-impl</outputDirectory> - <includes> - <include>org.apache.hadoop:hadoop-common:jar:${hadoop-common.version}</include> - <include>com.google.code.gson:gson</include> - <include>org.eclipse.persistence:eclipselink</include> - <include>org.eclipse.persistence:javax.persistence</include> - <include>com.sun.jersey:jersey-bundle</include> - <include>com.google.guava:guava:jar:${guava.version}</include> - <include>org.codehaus.jackson:jackson-core-asl</include> - <include>org.codehaus.jackson:jackson-jaxrs</include> - <include>org.codehaus.jackson:jackson-mapper-asl</include> - <include>org.codehaus.jackson:jackson-xc</include> - <include>commons-configuration:commons-configuration</include> - <include>com.google.code.gson:gson*</include> - <include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include> - <include>org.noggit:noggit:jar:${noggit.version}</include> - <include>com.google.protobuf:protobuf-java:jar:${protobuf-java.version}</include> - <include>org.apache.hadoop:hadoop-hdfs:jar:${hadoop.version}</include> - <include>org.apache.hadoop:hadoop-common:jar:${hadoop-common.version}</include> - <include>org.apache.htrace:htrace-core:jar:${htrace-core.version}</include> - <include>org.codehaus.jackson:jackson-core-asl:jar:${codehaus.jackson.version}</include> - <include>org.codehaus.jackson:jackson-mapper-asl:jar:${codehaus.jackson.version}</include> - </includes> - <unpack>false</unpack> - </dependencySet> - <dependencySet> - <outputDirectory>/install/lib</outputDirectory> - <unpack>false</unpack> - <directoryMode>755</directoryMode> - <fileMode>644</fileMode> - <includes> - <include>commons-cli:commons-cli</include> - <include>commons-collections:commons-collections</include> - <include>commons-configuration:commons-configuration:jar:${commons.configuration.version}</include> - <include>commons-io:commons-io:jar:${commons.io.version}</include> - <include>commons-lang:commons-lang:jar:${commons.lang.version}</include> - <include>commons-logging:commons-logging</include> - <include>com.google.guava:guava:jar:${guava.version}</include> - <include>org.slf4j:slf4j-api:jar:${slf4j-api.version}</include> - <include>org.apache.hadoop:hadoop-common:jar:${hadoop-common.version}</include> - <include>org.apache.hadoop:hadoop-auth:jar:${hadoop-common.version}</include> - <include>org.apache.ranger:ranger-plugins-cred</include> - <include>org.apache.ranger:credentialbuilder</include> - </includes> - </dependencySet> - </dependencySets> - <outputDirectory>/lib/ranger-atlas-plugin-impl</outputDirectory> - </binaries> - <includes> - <include>org.apache.ranger:ranger_solrj</include> - <include>org.apache.ranger:ranger-plugins-audit</include> - <include>org.apache.ranger:ranger-plugins-cred</include> - <include>org.apache.ranger:ranger-plugins-common</include> - <include>org.apache.ranger:ranger-atlas-plugin</include> - </includes> - </moduleSet> - <moduleSet> - <binaries> - <includeDependencies>false</includeDependencies> - <outputDirectory>/install/lib</outputDirectory> - <unpack>false</unpack> - </binaries> - <includes> - <include>org.apache.ranger:ranger-plugins-installer</include> - <include>org.apache.ranger:credentialbuilder</include> - </includes> - </moduleSet> - </moduleSets> - <fileSets> - <!-- conf.templates for enable --> - <fileSet> - <outputDirectory>/install/conf.templates/enable</outputDirectory> - <directory>plugin-atlas/conf</directory> - <excludes> - <exclude>*.sh</exclude> - </excludes> - <fileMode>700</fileMode> - </fileSet> - <fileSet> - <outputDirectory>/install/conf.templates/default</outputDirectory> - <directory>plugin-atlas/template</directory> - <fileMode>700</fileMode> - </fileSet> - <!-- version file --> - <fileSet> - <outputDirectory>/</outputDirectory> - <directory>${project.build.outputDirectory}</directory> - <includes> - <include>version</include> - </includes> - <fileMode>444</fileMode> - </fileSet> - </fileSets> - <!-- enable/disable script for plugin --> - <files> - <file> - <source>agents-common/scripts/enable-agent.sh</source> - <outputDirectory>/</outputDirectory> - <destName>enable-atlas-plugin.sh</destName> - <fileMode>755</fileMode> - </file> - <file> - <source>security-admin/scripts/ranger_credential_helper.py</source> - <outputDirectory>/</outputDirectory> - <fileMode>755</fileMode> - </file> - <file> - <source>agents-common/scripts/enable-agent.sh</source> - <outputDirectory>/</outputDirectory> - <destName>disable-atlas-plugin.sh</destName> - <fileMode>755</fileMode> - </file> - <file> - <source>plugin-atlas/scripts/install.properties</source> - <outputDirectory>/</outputDirectory> - <destName>install.properties</destName> - <fileMode>755</fileMode> - </file> - </files> -</assembly> -
