RANGER-998: Trim Policy name before storing it in Ranger DB. Signed-off-by: Gautam Borad <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/bc634846 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/bc634846 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/bc634846 Branch: refs/heads/master Commit: bc634846b5e9c177b38ba862e25a559c27adb070 Parents: 69f546a Author: pradeep agrawal <[email protected]> Authored: Tue May 31 09:05:24 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Tue May 31 11:34:09 2016 +0530 ---------------------------------------------------------------------- .../ranger/biz/RangerPolicyRetriever.java | 3 +- .../org/apache/ranger/biz/ServiceDBStore.java | 4 +- .../org/apache/ranger/common/ServiceUtil.java | 6 +- .../patch/PatchTagModulePermission_J10005.java | 128 +++++++++++++++++++ .../patch/PatchTagModulePersmission_J10005.java | 103 --------------- .../org/apache/ranger/rest/PublicAPIsv2.java | 2 +- .../org/apache/ranger/rest/ServiceREST.java | 2 +- .../ranger/service/RangerPolicyServiceBase.java | 4 +- .../apache/ranger/service/XPolicyService.java | 4 +- 9 files changed, 141 insertions(+), 115 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java index 6b4b149..3ba33d4 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java @@ -26,6 +26,7 @@ import java.util.ListIterator; import java.util.Map; import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ranger.authorization.utils.StringUtil; @@ -489,7 +490,7 @@ public class RangerPolicyRetriever { ret.setUpdateTime(xPolicy.getUpdateTime()); ret.setVersion(xPolicy.getVersion()); ret.setService(service == null ? null : service.getName()); - ret.setName(xPolicy.getName()); + ret.setName(StringUtils.trim(xPolicy.getName())); ret.setPolicyType(xPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xPolicy.getPolicyType()); ret.setDescription(xPolicy.getDescription()); ret.setResourceSignature(xPolicy.getResourceSignature()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index c488d4a..d2178f4 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -2347,7 +2347,7 @@ public class ServiceDBStore extends AbstractServiceStore { policy.setIsEnabled(true); policy.setVersion(1L); - policy.setName(policyName); + policy.setName(StringUtils.trim(policyName)); policy.setService(createdService.getName()); policy.setDescription("Policy for data with " + tagType + " tag"); policy.setIsAuditEnabled(true); @@ -2427,7 +2427,7 @@ public class ServiceDBStore extends AbstractServiceStore { policy.setIsEnabled(true); policy.setVersion(1L); - policy.setName(policyName); + policy.setName(StringUtils.trim(policyName)); policy.setService(createdService.getName()); policy.setDescription("Policy for " + policyName); policy.setIsAuditEnabled(true); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java index 4343c45..0feb5db 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java @@ -226,7 +226,7 @@ public class ServiceUtil { ret.setService(resource.getAssetName()); } - ret.setName(resource.getPolicyName()); + ret.setName(StringUtils.trim(resource.getPolicyName())); ret.setDescription(resource.getDescription()); ret.setIsEnabled(resource.getResourceStatus() == RangerCommonEnums.STATUS_ENABLED); ret.setIsAuditEnabled(resource.getAuditList() != null && resource.getAuditList().size() > 0); @@ -797,7 +797,7 @@ public class ServiceUtil { rangerObjectToDataObject(policy, ret); - ret.setPolicyName(policy.getName()); + ret.setPolicyName(StringUtils.trim(policy.getName())); ret.setDescription(policy.getDescription()); ret.setRepositoryName(policy.getService()); ret.setIsEnabled(policy.getIsEnabled() ? true : false); @@ -1004,7 +1004,7 @@ public class ServiceUtil { ret = (RangerPolicy) dataObjectToRangerObject(vXPolicy, ret); ret.setService(service.getName()); - ret.setName(vXPolicy.getPolicyName()); + ret.setName(StringUtils.trim(vXPolicy.getPolicyName())); ret.setDescription(vXPolicy.getDescription()); ret.setIsEnabled(vXPolicy.getIsEnabled() == true); ret.setIsAuditEnabled(vXPolicy.getIsAuditEnabled()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePermission_J10005.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePermission_J10005.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePermission_J10005.java new file mode 100644 index 0000000..a274f97 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePermission_J10005.java @@ -0,0 +1,128 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ranger.patch; + +import java.util.List; +import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; +import org.apache.ranger.db.RangerDaoManager; +import org.apache.ranger.entity.XXModuleDef; +import org.apache.ranger.entity.XXPolicy; +import org.apache.ranger.entity.XXPortalUser; +import org.apache.ranger.service.XPortalUserService; +import org.apache.ranger.biz.XUserMgr; +import org.apache.ranger.common.RangerConstants; +import org.apache.ranger.util.CLIUtil; +import org.apache.ranger.view.VXPortalUser; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +@Component +public class PatchTagModulePermission_J10005 extends BaseLoader { + private static Logger logger = Logger + .getLogger(PatchTagModulePermission_J10005.class); + + @Autowired + XUserMgr xUserMgr; + + @Autowired + XPortalUserService xPortalUserService; + + @Autowired + RangerDaoManager daoManager; + + public static void main(String[] args) { + logger.info("main()"); + try { + PatchTagModulePermission_J10005 loader = (PatchTagModulePermission_J10005) CLIUtil + .getBean(PatchTagModulePermission_J10005.class); + + loader.init(); + while (loader.isMoreToProcess()) { + loader.load(); + } + logger.info("Load complete. Exiting!!!"); + System.exit(0); + } catch (Exception e) { + logger.error("Error loading", e); + System.exit(1); + } + } + + @Override + public void init() throws Exception { + // Do Nothing + } + + @Override + public void execLoad() { + logger.info("==> PermissionPatch.execLoad()"); + assignPermissionOnTagModuleToAdminUsers(); + trimPolicyName(); + logger.info("<== PermissionPatch.execLoad()"); + } + + public void assignPermissionOnTagModuleToAdminUsers() { + int countUserPermissionUpdated = 0; + XXModuleDef xModDef = daoManager.getXXModuleDef().findByModuleName(RangerConstants.MODULE_TAG_BASED_POLICIES); + if(xModDef==null){ + return; + } + List<XXPortalUser> allAdminUsers = daoManager.getXXPortalUser().findByRole(RangerConstants.ROLE_SYS_ADMIN); + if(!CollectionUtils.isEmpty(allAdminUsers)){ + for (XXPortalUser xPortalUser : allAdminUsers) { + VXPortalUser vPortalUser = xPortalUserService.populateViewBean(xPortalUser); + if(vPortalUser!=null){ + vPortalUser.setUserRoleList(daoManager.getXXPortalUserRole().findXPortalUserRolebyXPortalUserId(vPortalUser.getId())); + xUserMgr.createOrUpdateUserPermisson(vPortalUser,xModDef.getId(), false); + countUserPermissionUpdated += 1; + logger.info("Added '" + xModDef.getModule() + "' permission to user '" + xPortalUser.getLoginId() + "'"); + } + } + } + logger.info(countUserPermissionUpdated + " permissions were assigned"); + } + + @Override + public void printStats() { + } + + private void trimPolicyName(){ + List<XXPolicy> policies=daoManager.getXXPolicy().getAll(); + if(!CollectionUtils.isEmpty(policies)){ + String policyName=null; + for(XXPolicy xXPolicy:policies){ + try{ + if(xXPolicy!=null){ + policyName=xXPolicy.getName(); + if(!StringUtils.isEmpty(policyName)){ + if(policyName.startsWith(" ") || policyName.endsWith(" ")){ + xXPolicy.setName(StringUtils.trim(policyName)); + daoManager.getXXPolicy().update(xXPolicy); + } + } + } + }catch(Exception ex){ + logger.info("Error during policy update:"+xXPolicy.toString()); + logger.error(ex); + } + } + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePersmission_J10005.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePersmission_J10005.java b/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePersmission_J10005.java deleted file mode 100644 index bda4b30..0000000 --- a/security-admin/src/main/java/org/apache/ranger/patch/PatchTagModulePersmission_J10005.java +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ranger.patch; - -import java.util.List; -import org.apache.commons.collections.CollectionUtils; -import org.apache.log4j.Logger; -import org.apache.ranger.db.RangerDaoManager; -import org.apache.ranger.entity.XXModuleDef; -import org.apache.ranger.entity.XXPortalUser; -import org.apache.ranger.service.XPortalUserService; -import org.apache.ranger.biz.XUserMgr; -import org.apache.ranger.common.RangerConstants; -import org.apache.ranger.util.CLIUtil; -import org.apache.ranger.view.VXPortalUser; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -@Component -public class PatchTagModulePersmission_J10005 extends BaseLoader { - private static Logger logger = Logger - .getLogger(PatchTagModulePersmission_J10005.class); - - @Autowired - XUserMgr xUserMgr; - - @Autowired - XPortalUserService xPortalUserService; - - @Autowired - RangerDaoManager daoManager; - - public static void main(String[] args) { - logger.info("main()"); - try { - PatchTagModulePersmission_J10005 loader = (PatchTagModulePersmission_J10005) CLIUtil - .getBean(PatchTagModulePersmission_J10005.class); - - loader.init(); - while (loader.isMoreToProcess()) { - loader.load(); - } - logger.info("Load complete. Exiting!!!"); - System.exit(0); - } catch (Exception e) { - logger.error("Error loading", e); - System.exit(1); - } - } - - @Override - public void init() throws Exception { - // Do Nothing - } - - @Override - public void execLoad() { - logger.info("==> PermissionPatch.execLoad()"); - assignPermissionOnTagModuleToAdminUsers(); - logger.info("<== PermissionPatch.execLoad()"); - } - - public void assignPermissionOnTagModuleToAdminUsers() { - int countUserPermissionUpdated = 0; - XXModuleDef xModDef = daoManager.getXXModuleDef().findByModuleName(RangerConstants.MODULE_TAG_BASED_POLICIES); - if(xModDef==null){ - return; - } - List<XXPortalUser> allAdminUsers = daoManager.getXXPortalUser().findByRole(RangerConstants.ROLE_SYS_ADMIN); - if(!CollectionUtils.isEmpty(allAdminUsers)){ - for (XXPortalUser xPortalUser : allAdminUsers) { - VXPortalUser vPortalUser = xPortalUserService.populateViewBean(xPortalUser); - if(vPortalUser!=null){ - vPortalUser.setUserRoleList(daoManager.getXXPortalUserRole().findXPortalUserRolebyXPortalUserId(vPortalUser.getId())); - xUserMgr.createOrUpdateUserPermisson(vPortalUser,xModDef.getId(), false); - countUserPermissionUpdated += 1; - logger.info("Added '" + xModDef.getModule() + "' permission to user '" + xPortalUser.getLoginId() + "'"); - } - } - } - logger.info(countUserPermissionUpdated + " permissions were assigned"); - } - - @Override - public void printStats() { - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java index 4432bac..6ecb356 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java @@ -362,7 +362,7 @@ public class PublicAPIsv2 { policy.setGuid(oldPolicy.getGuid()); } if(StringUtils.isEmpty(policy.getName())) { - policy.setName(oldPolicy.getName()); + policy.setName(StringUtils.trim(oldPolicy.getName())); } return serviceREST.updatePolicy(policy); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index 886e78f..1028c8d 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -1207,7 +1207,7 @@ public class ServiceREST { } if(StringUtils.isNotEmpty(policyName)) { - policy.setName(policyName); + policy.setName(StringUtils.trim(policyName)); } if(Boolean.valueOf(updateIfExists)) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java index 630be4f..bde18bd 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java @@ -95,7 +95,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends + "Service Not Found : " + vObj.getName(), MessageEnums.INVALID_INPUT_DATA); } xObj.setService(xService.getId()); - xObj.setName(vObj.getName()); + xObj.setName(StringUtils.trim(vObj.getName())); xObj.setPolicyType(vObj.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : vObj.getPolicyType()); xObj.setDescription(vObj.getDescription()); xObj.setResourceSignature(vObj.getResourceSignature()); @@ -112,7 +112,7 @@ public abstract class RangerPolicyServiceBase<T extends XXPolicyBase, V extends vObj.setGuid(xObj.getGuid()); vObj.setVersion(xObj.getVersion()); vObj.setService(xService.getName()); - vObj.setName(xObj.getName()); + vObj.setName(StringUtils.trim(xObj.getName())); vObj.setPolicyType(xObj.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xObj.getPolicyType()); vObj.setDescription(xObj.getDescription()); vObj.setResourceSignature(xObj.getResourceSignature()); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/bc634846/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java index 5e8ed56..16e3fdf 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java @@ -91,7 +91,7 @@ public class XPolicyService extends PublicAPIServiceBase<VXResource, VXPolicy> { VXPolicy vXPolicy = new VXPolicy(); vXPolicy = super.mapBaseAttributesToPublicObject(vXResource, vXPolicy); - vXPolicy.setPolicyName(vXResource.getPolicyName()); + vXPolicy.setPolicyName(StringUtils.trim(vXResource.getPolicyName())); vXPolicy.setResourceName(vXResource.getName()); vXPolicy.setDescription(vXResource.getDescription()); vXPolicy.setRepositoryName(vXResource.getAssetName()); @@ -153,7 +153,7 @@ public class XPolicyService extends PublicAPIServiceBase<VXResource, VXPolicy> { vXResource = super.mapBaseAttributesToXAObject(vXPolicy, vXResource); vXResource.setName(vXPolicy.getResourceName()); - vXResource.setPolicyName(vXPolicy.getPolicyName()); + vXResource.setPolicyName(StringUtils.trim(vXPolicy.getPolicyName())); vXResource.setDescription(vXPolicy.getDescription()); vXResource.setResourceType(getResourceType(vXPolicy));
