[ranger] branch master updated (b0ae138ce -> 376c8f7d6)
This is an automated email from the ASF dual-hosted git repository. rmani pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git from b0ae138ce RANGER-4378: updated implied-grants handling to use RangerServiceDefHelper add 376c8f7d6 RANGER-4400: Fixed ConcurrentModificationException in RangerKafkaAuditHandler.processResults(Collection results) (#285) No new revisions were added by this update. Summary of changes: .../kafka/authorizer/RangerKafkaAuditHandler.java | 78 -- 1 file changed, 29 insertions(+), 49 deletions(-)
[ranger] 01/02: RANGER-4455: updated RangerGdsValidator to account for permissions assigned to public group
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git commit bee247bd42ce542b00cbffe8a27e41180443dfa4 Author: prashant AuthorDate: Wed Oct 4 16:45:25 2023 +0530 RANGER-4455: updated RangerGdsValidator to account for permissions assigned to public group Signed-off-by: Madhan Neethiraj --- .../ranger/validation/RangerGdsValidator.java | 49 +- 1 file changed, 30 insertions(+), 19 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java index be5ac56e6..d9f204eef 100755 --- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java +++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java @@ -22,6 +22,7 @@ import org.apache.commons.collections.MapUtils; import org.apache.commons.lang.StringUtils; import org.apache.ranger.common.MessageEnums; import org.apache.ranger.common.RESTErrorUtil; +import org.apache.ranger.common.RangerConstants; import org.apache.ranger.plugin.errors.ValidationErrorCode; import org.apache.ranger.plugin.model.RangerGds; import org.apache.ranger.plugin.model.RangerGds.GdsPermission; @@ -62,21 +63,23 @@ public class RangerGdsValidator { GdsPermission permission = GdsPermission.NONE; - if (acl.getUsers() != null) { +if (acl.getUsers() != null) { permission = getHigherPrivilegePermission(permission, acl.getUsers().get(user)); - } +} + +if (acl.getGroups() != null) { +permission = getHigherPrivilegePermission(permission, acl.getGroups().get(RangerConstants.GROUP_PUBLIC)); - if (acl.getGroups() != null) { - Set groups = dataProvider.getGroupsForUser(user); +Set groups = dataProvider.getGroupsForUser(user); if (CollectionUtils.isNotEmpty(groups)) { for (String group : groups) { permission = getHigherPrivilegePermission(permission, acl.getGroups().get(group)); } } - } +} - if (acl.getRoles() != null) { +if (acl.getRoles() != null) { Set roles = dataProvider.getRolesForUser(user); if (CollectionUtils.isNotEmpty(roles)) { @@ -84,9 +87,9 @@ public class RangerGdsValidator { permission = getHigherPrivilegePermission(permission, acl.getRoles().get(role)); } } - } +} - return permission; +return permission; } public void validateCreate(RangerDataset dataset) { @@ -564,13 +567,17 @@ public class RangerGdsValidator { } if (!ret && acl.getGroups() != null) { -Set userGroups = dataProvider.getGroupsForUser(userName); +ret = isAllowed(acl.getGroups().get(RangerConstants.GROUP_PUBLIC), permission); -for (String userGroup : userGroups) { -ret = isAllowed(acl.getGroups().get(userGroup), permission); +if(!ret) { +Set userGroups = dataProvider.getGroupsForUser(userName); -if (ret) { -break; +for (String userGroup : userGroups) { +ret = isAllowed(acl.getGroups().get(userGroup), permission); + +if (ret) { +break; +} } } } @@ -648,14 +655,18 @@ public class RangerGdsValidator { } if (!isAdmin && MapUtils.isNotEmpty(acl.getGroups())) { -Set userGroups = dataProvider.getGroupsForUser(userName); +isAdmin = isAllowed(acl.getGroups().get(RangerConstants.GROUP_PUBLIC), GdsPermission.ADMIN); -if (userGroups != null) { -for (String userGroup : userGroups) { -isAdmin = isAllowed(acl.getGroups().get(userGroup), GdsPermission.ADMIN); +if (!isAdmin) { +Set userGroups = dataProvider.getGroupsForUser(userName); -if (isAdmin) { -break; +if (userGroups != null) { +for (String userGroup : userGroups) { +isAdmin = isAllowed(acl.getGroups().get(userGroup), GdsPermission.ADMIN); + +if (isAdmin) { +break; +} } } }
[ranger] branch RANGER-3923 updated (ff6f20d23 -> 4c37f3080)
This is an automated email from the ASF dual-hosted git repository. madhan pushed a change to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git from ff6f20d23 Merge branch 'master' into RANGER-3923 new bee247bd4 RANGER-4455: updated RangerGdsValidator to account for permissions assigned to public group new 4c37f3080 RANGER-4410: updated sharedResource search to support filter by zone-id and zone-name The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../service/RangerGdsSharedResourceService.java| 3 ++ .../ranger/validation/RangerGdsValidator.java | 49 +- 2 files changed, 33 insertions(+), 19 deletions(-)
[ranger] 02/02: RANGER-4410: updated sharedResource search to support filter by zone-id and zone-name
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git commit 4c37f308017e3acee694e9b13cdfee01da817e10 Author: root AuthorDate: Wed Oct 4 18:18:59 2023 +0530 RANGER-4410: updated sharedResource search to support filter by zone-id and zone-name Signed-off-by: Madhan Neethiraj --- .../java/org/apache/ranger/service/RangerGdsSharedResourceService.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java index eadbb9228..7f6dee9ec 100755 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerGdsSharedResourceService.java @@ -64,6 +64,9 @@ public class RangerGdsSharedResourceService extends RangerGdsBaseModelService
[ranger] 01/01: Merge branch 'master' into RANGER-3923
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git commit ff6f20d23a10a907203978850a804b1cbdf0118f Merge: 249b47083 b0ae138ce Author: Madhan Neethiraj AuthorDate: Wed Oct 4 09:36:05 2023 -0700 Merge branch 'master' into RANGER-3923 .../plugin/model/RangerSecurityZoneHeaderInfo.java | 7 + .../service-defs/ranger-servicedef-kafka.json | 2 +- .../org/apache/ranger/biz/SecurityZoneDBStore.java | 7 + .../org/apache/ranger/db/XXSecurityZoneDao.java| 23 +++ .../java/org/apache/ranger/rest/PublicAPIsv2.java | 16 ++ .../org/apache/ranger/rest/SecurityZoneREST.java | 27 .../main/resources/META-INF/jpa_named_queries.xml | 12 ++ .../main/webapp/react-webapp/src/views/Home.jsx| 13 +- .../views/PolicyListing/PolicyListingTabView.jsx | 169 ++--- .../views/PolicyListing/PolicyPermissionItem.jsx | 1 + .../views/PolicyListing/TagBasePermissionItem.jsx | 81 ++ .../src/views/SecurityZone/SecurityZoneForm.jsx| 2 +- .../src/views/ServiceManager/ImportPolicy.jsx | 27 +++- .../views/ServiceManager/ServiceDefinitions.jsx| 14 +- .../react-webapp/src/views/SideBar/TopNavBar.jsx | 6 - 15 files changed, 226 insertions(+), 181 deletions(-)
[ranger] branch RANGER-3923 updated (249b47083 -> ff6f20d23)
This is an automated email from the ASF dual-hosted git repository. madhan pushed a change to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git from 249b47083 RANGER-4442: add creator as ADMIN in ACL dataShare, dataset and project add ee7bf6909 RANGER-4348: Filter audits for cc_metric_reporter user on Kafka service repo add e23d09f49 RANGER-4419 : In Tag-based policy from Ranger Admin UI, Allow Conditions permissions item is not showing services permissions which have enableDenyAndExceptionsInPolicies flag false. add f400998bd RANGER-4399 : Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission add b0ae138ce RANGER-4378: updated implied-grants handling to use RangerServiceDefHelper new ff6f20d23 Merge branch 'master' into RANGER-3923 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../plugin/model/RangerSecurityZoneHeaderInfo.java | 7 + .../service-defs/ranger-servicedef-kafka.json | 2 +- .../org/apache/ranger/biz/SecurityZoneDBStore.java | 7 + .../org/apache/ranger/db/XXSecurityZoneDao.java| 23 +++ .../java/org/apache/ranger/rest/PublicAPIsv2.java | 16 ++ .../org/apache/ranger/rest/SecurityZoneREST.java | 27 .../main/resources/META-INF/jpa_named_queries.xml | 12 ++ .../main/webapp/react-webapp/src/views/Home.jsx| 13 +- .../views/PolicyListing/PolicyListingTabView.jsx | 169 ++--- .../views/PolicyListing/PolicyPermissionItem.jsx | 1 + .../views/PolicyListing/TagBasePermissionItem.jsx | 81 ++ .../src/views/SecurityZone/SecurityZoneForm.jsx| 2 +- .../src/views/ServiceManager/ImportPolicy.jsx | 27 +++- .../views/ServiceManager/ServiceDefinitions.jsx| 14 +- .../react-webapp/src/views/SideBar/TopNavBar.jsx | 6 - 15 files changed, 226 insertions(+), 181 deletions(-)
[ranger] branch master updated: RANGER-4378: updated implied-grants handling to use RangerServiceDefHelper
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new b0ae138ce RANGER-4378: updated implied-grants handling to use RangerServiceDefHelper b0ae138ce is described below commit b0ae138ce7d55a0e1f75702a432af6124b832a08 Author: Madhan Neethiraj AuthorDate: Mon Oct 2 03:38:31 2023 -0700 RANGER-4378: updated implied-grants handling to use RangerServiceDefHelper --- .../model/validation/RangerServiceDefHelper.java | 32 ++ .../ranger/plugin/policyengine/PolicyEngine.java | 27 -- 2 files changed, 38 insertions(+), 21 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java index 4e287f9a4..c1388abc2 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefHelper.java @@ -36,6 +36,7 @@ import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerServiceDef; +import org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -311,6 +312,10 @@ public class RangerServiceDefHelper { return _delegate.getWildcardEnabledResourceDef(resourceName, policyType); } + public Map> getImpliedAccessGrants() { + return _delegate.getImpliedAccessGrants(); + } + /** * Not designed for public access. Package level only for testability. */ @@ -323,6 +328,7 @@ public class RangerServiceDefHelper { final boolean _checkForCycles; final boolean _valid; final List _orderedResourceNames; + final Map> _impliedGrants; final static Set> EMPTY_RESOURCE_HIERARCHY = Collections.unmodifiableSet(new HashSet>()); @@ -352,6 +358,8 @@ public class RangerServiceDefHelper { } } + _impliedGrants = computeImpliedGrants(); + if (isValid) { _orderedResourceNames = buildSortedResourceNames(); } else { @@ -611,6 +619,30 @@ public class RangerServiceDefHelper { return this._orderedResourceNames; } + Map> getImpliedAccessGrants() { return _impliedGrants; } + + private Map> computeImpliedGrants() { + Map> ret = new HashMap<>(); + + if (_serviceDef != null && CollectionUtils.isNotEmpty(_serviceDef.getAccessTypes())) { + for (RangerAccessTypeDef accessTypeDef : _serviceDef.getAccessTypes()) { + if (CollectionUtils.isNotEmpty(accessTypeDef.getImpliedGrants())) { + Collection impliedAccessGrants = ret.get(accessTypeDef.getName()); + + if(impliedAccessGrants == null) { + impliedAccessGrants = new HashSet<>(); + + ret.put(accessTypeDef.getName(), impliedAccessGrants); + } + + impliedAccessGrants.addAll(accessTypeDef.getImpliedGrants()); + } + } + } + + return ret; + } + private static class ResourceNameLevel implements Comparable { private String resourceName; private intlevel; diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java index 4a5406301..04f010a03 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/PolicyEngine.java @@ -36,6 +36,7 @@ import org.apache.ranger.plugin.contextenricher.RangerContextEnricher; import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerPolicyDelta; import org.apache.ranger.plugin.model.RangerServiceDef; +import
[ranger] branch master updated: RANGER-4399 : Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission
This is an automated email from the ASF dual-hosted git repository. dineshkumar pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git The following commit(s) were added to refs/heads/master by this push: new f400998bd RANGER-4399 : Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission f400998bd is described below commit f400998bdac38b5f9cfd5401345155017e9d05f9 Author: Dineshkumar Yadav AuthorDate: Tue Sep 26 18:52:59 2023 +0530 RANGER-4399 : Need to fix zone drop-down option in policy listing for user not having 'Security Zone' module permission Signed-off-by: Dineshkumar Yadav --- .../plugin/model/RangerSecurityZoneHeaderInfo.java | 7 + .../org/apache/ranger/biz/SecurityZoneDBStore.java | 7 + .../org/apache/ranger/db/XXSecurityZoneDao.java| 23 +++ .../java/org/apache/ranger/rest/PublicAPIsv2.java | 16 ++ .../org/apache/ranger/rest/SecurityZoneREST.java | 27 .../main/resources/META-INF/jpa_named_queries.xml | 12 ++ .../main/webapp/react-webapp/src/views/Home.jsx| 13 +- .../views/PolicyListing/PolicyListingTabView.jsx | 169 ++--- .../src/views/ServiceManager/ImportPolicy.jsx | 27 +++- .../views/ServiceManager/ServiceDefinitions.jsx| 14 +- .../react-webapp/src/views/SideBar/TopNavBar.jsx | 6 - 11 files changed, 175 insertions(+), 146 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerSecurityZoneHeaderInfo.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerSecurityZoneHeaderInfo.java index 02927b07b..c42b0bedd 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerSecurityZoneHeaderInfo.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerSecurityZoneHeaderInfo.java @@ -46,4 +46,11 @@ public class RangerSecurityZoneHeaderInfo extends RangerBaseModelObject implemen public void setName(String name) { this.name = name; } + +public StringBuilder toString(StringBuilder sb) { +sb.append("id={").append(getId()).append("} "); +sb.append("name={").append(name).append("} "); +sb.append("isEnabled={").append(getIsEnabled()).append("} "); +return sb; +} } diff --git a/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java index a2c4e30ca..3cecfbc2f 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java @@ -245,4 +245,11 @@ public class SecurityZoneDBStore implements SecurityZoneStore { return services; } + +public List getSecurityZoneHeaderInfoListByServiceId(Long serviceId, Boolean isTagService ) { +if(serviceId == null){ +throw restErrorUtil.createRESTException("Invalid value for serviceId", MessageEnums.INVALID_INPUT_DATA); +} +return daoMgr.getXXSecurityZoneDao().findAllZoneHeaderInfosByServiceId(serviceId,isTagService); +} } diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java index 5f73b64ea..5fe0e856d 100644 --- a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java +++ b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneDao.java @@ -122,4 +122,27 @@ public class XXSecurityZoneDao extends BaseDao { return securityZoneList; } + +public List findAllZoneHeaderInfosByServiceId(Long serviceId, Boolean isTagService) { +if(serviceId == null){ +return Collections.emptyList(); +} +List results = null; +if(isTagService){ +results = getEntityManager().createNamedQuery("XXSecurityZone.findAllZoneHeaderInfosByTagServiceId") +.setParameter("tagServiceId", serviceId) +.getResultList(); +}else{ +results = getEntityManager().createNamedQuery("XXSecurityZone.findAllZoneHeaderInfosByServiceId") +.setParameter("serviceId", serviceId) +.getResultList(); +} + +List securityZoneList = new ArrayList(results.size()); +for (Object[] result : results) { +securityZoneList.add(new RangerSecurityZoneHeaderInfo((Long) result[0], (String) result[1])); +} + +return securityZoneList; +} } diff --git a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java index 92ade823b..eebab8108 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java +++
[ranger] 02/02: RANGER-4442: add creator as ADMIN in ACL dataShare, dataset and project
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git commit 249b47083b4ec0751d6436380306bda87056314b Author: prashant AuthorDate: Wed Oct 4 12:12:53 2023 +0530 RANGER-4442: add creator as ADMIN in ACL dataShare, dataset and project Signed-off-by: Madhan Neethiraj --- .../java/org/apache/ranger/biz/GdsDBStore.java | 34 ++ 1 file changed, 34 insertions(+) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java index a1f5ef6fe..42a2fa16c 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java @@ -46,6 +46,7 @@ import org.apache.ranger.plugin.model.RangerGds.RangerDataShare; import org.apache.ranger.plugin.model.RangerGds.RangerDataShareInDataset; import org.apache.ranger.plugin.model.RangerGds.RangerDataset; import org.apache.ranger.plugin.model.RangerGds.RangerDatasetInProject; +import org.apache.ranger.plugin.model.RangerGds.RangerGdsObjectACL; import org.apache.ranger.plugin.model.RangerGds.RangerProject; import org.apache.ranger.plugin.model.RangerGds.RangerSharedResource; import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem; @@ -174,6 +175,12 @@ public class GdsDBStore extends AbstractGdsStore { dataset.setGuid(guidUtil.genGUID()); } +if (dataset.getAcl() == null) { +dataset.setAcl(new RangerGdsObjectACL()); +} + +addCreatorAsAclAdmin(dataset.getAcl()); + RangerDataset ret = datasetService.create(dataset); datasetService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT); @@ -451,6 +458,12 @@ public class GdsDBStore extends AbstractGdsStore { project.setGuid(guidUtil.genGUID()); } +if (project.getAcl() == null) { +project.setAcl(new RangerGdsObjectACL()); +} + +addCreatorAsAclAdmin(project.getAcl()); + RangerProject ret = projectService.create(project); projectService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT); @@ -733,6 +746,12 @@ public class GdsDBStore extends AbstractGdsStore { dataShare.setGuid(guidUtil.genGUID()); } +if (dataShare.getAcl() == null) { +dataShare.setAcl(new RangerGdsObjectACL()); +} + +addCreatorAsAclAdmin(dataShare.getAcl()); + RangerDataShare ret = dataShareService.create(dataShare); dataShareService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT); @@ -1394,4 +1413,19 @@ public class GdsDBStore extends AbstractGdsStore { } } } + +private void addCreatorAsAclAdmin(RangerGdsObjectACL acl) { +String currentUser = bizUtil.getCurrentUserLoginId(); +Map userAcl = acl.getUsers(); + +if (userAcl == null) { +userAcl = new HashMap<>(); + +acl.setUsers(userAcl); +} + +if (acl.getUsers().get(currentUser) != GdsPermission.ADMIN) { +acl.getUsers().put(currentUser, GdsPermission.ADMIN); +} +} }
[ranger] 01/02: RANGER-4445: new REST endpoints for dataset policies
This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git commit 55d2e6bfcbc02825aa5d23f38adad11f7ea1eea9 Author: Madhan Neethiraj AuthorDate: Mon Oct 2 12:15:44 2023 -0700 RANGER-4445: new REST endpoints for dataset policies --- .../apache/ranger/plugin/model/RangerService.java | 66 +--- .../model/validation/RangerServiceValidator.java | 83 ++--- .../ranger/plugin/store/AbstractGdsStore.java | 25 -- .../ranger/plugin/store/AbstractPredicateUtil.java | 34 -- .../ranger/plugin/store/AbstractServiceStore.java | 3 +- .../org/apache/ranger/plugin/store/GdsStore.java | 34 +- .../ranger/plugin/store/ServicePredicateUtil.java | 77 - .../ranger/plugin/util/RangerPerfTracer.java | 28 +- .../ranger/services/gds/RangerServiceGds.java | 58 +--- .../service-defs/ranger-servicedef-gds.json| 16 +- .../apache_ranger/client/ranger_gds_client.py | 80 - .../main/python/apache_ranger/model/ranger_base.py | 2 + .../src/main/python/sample_gds_client.py | 14 + .../optimized/current/ranger_core_db_mysql.sql | 32 +- .../optimized/current/ranger_core_db_postgres.sql | 36 ++- .../java/org/apache/ranger/biz/GdsDBStore.java | 353 - .../java/org/apache/ranger/biz/RangerBizUtil.java | 8 + .../java/org/apache/ranger/biz/ServiceDBStore.java | 53 +--- .../java/org/apache/ranger/biz/ServiceMgr.java | 6 - .../org/apache/ranger/common/AppConstants.java | 7 +- .../org/apache/ranger/db/RangerDaoManagerBase.java | 2 + .../apache/ranger/db/XXGdsDatasetPolicyMapDao.java | 85 + .../apache/ranger/db/XXGdsProjectPolicyMapDao.java | 85 + .../java/org/apache/ranger/db/XXPolicyDao.java | 33 ++ .../java/org/apache/ranger/db/XXServiceDao.java| 23 +- .../ranger/entity/XXGdsDatasetPolicyMap.java | 106 +++ .../ranger/entity/XXGdsProjectPolicyMap.java | 106 +++ .../org/apache/ranger/entity/XXServiceBase.java| 24 +- .../apache/ranger/entity/XXServiceVersionInfo.java | 29 +- .../main/java/org/apache/ranger/rest/GdsREST.java | 316 +- .../java/org/apache/ranger/rest/ServiceREST.java | 61 +++- .../ranger/security/context/RangerAPIList.java | 2 + .../service/RangerServiceDefServiceBase.java | 4 +- .../ranger/service/RangerServiceService.java | 7 - .../ranger/service/RangerServiceServiceBase.java | 26 +- .../main/resources/META-INF/jpa_named_queries.xml | 31 +- 36 files changed, 1405 insertions(+), 550 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java index e79c5d8e3..0cb58bae0 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerService.java @@ -49,16 +49,13 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri private DatepolicyUpdateTime; private LongtagVersion; private DatetagUpdateTime; - private String gdsService; - private LonggdsVersion; - private DategdsUpdateTime; /** * @param */ public RangerService() { - this(null, null, null, null, null, null); + this(null, null, null, null, null); } /** @@ -69,24 +66,12 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri * @param tagService */ public RangerService(String type, String name, String description, String tagService, Map configs) { - this(type, name, description, tagService, null, configs); - } - - /** -* @param type -* @param name -* @param description -* @param configs -* @param tagService -*/ - public RangerService(String type, String name, String description, String tagService, String gdsService, Map configs) { super(); setType(type); setName(name); setDescription(description); setTagService(tagService); - setGdsService(gdsService); setConfigs(configs); } @@ -106,9 +91,6 @@ public class RangerService extends RangerBaseModelObject implements java.io.Seri setPolicyUpdateTime(other.getPolicyUpdateTime()); setTagVersion(other.getTagVersion()); setTagUpdateTime(other.getTagUpdateTime()); - setGdsService(other.getGdsService()); - setGdsVersion(other.getGdsVersion()); -
[ranger] branch RANGER-3923 updated (5597dedd7 -> 249b47083)
This is an automated email from the ASF dual-hosted git repository. madhan pushed a change to branch RANGER-3923 in repository https://gitbox.apache.org/repos/asf/ranger.git from 5597dedd7 RANGER-4426: added approver in GDS request entities new 55d2e6bfc RANGER-4445: new REST endpoints for dataset policies new 249b47083 RANGER-4442: add creator as ADMIN in ACL dataShare, dataset and project The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/ranger/plugin/model/RangerService.java | 66 +--- .../model/validation/RangerServiceValidator.java | 83 + .../ranger/plugin/store/AbstractGdsStore.java | 25 -- .../ranger/plugin/store/AbstractPredicateUtil.java | 34 -- .../ranger/plugin/store/AbstractServiceStore.java | 3 +- .../org/apache/ranger/plugin/store/GdsStore.java | 34 +- .../ranger/plugin/store/ServicePredicateUtil.java | 77 .../ranger/plugin/util/RangerPerfTracer.java | 28 +- .../ranger/services/gds/RangerServiceGds.java | 58 +-- .../service-defs/ranger-servicedef-gds.json| 16 +- .../apache_ranger/client/ranger_gds_client.py | 80 - .../main/python/apache_ranger/model/ranger_base.py | 2 + .../src/main/python/sample_gds_client.py | 14 + .../optimized/current/ranger_core_db_mysql.sql | 32 +- .../optimized/current/ranger_core_db_postgres.sql | 36 +- .../java/org/apache/ranger/biz/GdsDBStore.java | 387 - .../java/org/apache/ranger/biz/RangerBizUtil.java | 8 + .../java/org/apache/ranger/biz/ServiceDBStore.java | 53 +-- .../java/org/apache/ranger/biz/ServiceMgr.java | 6 - .../org/apache/ranger/common/AppConstants.java | 7 +- .../org/apache/ranger/db/RangerDaoManagerBase.java | 2 + .../apache/ranger/db/XXGdsDatasetPolicyMapDao.java | 85 + .../apache/ranger/db/XXGdsProjectPolicyMapDao.java | 85 + .../java/org/apache/ranger/db/XXPolicyDao.java | 33 ++ .../java/org/apache/ranger/db/XXServiceDao.java| 23 +- .../ranger/entity/XXGdsDatasetPolicyMap.java | 106 ++ .../ranger/entity/XXGdsProjectPolicyMap.java | 106 ++ .../org/apache/ranger/entity/XXServiceBase.java| 24 +- .../apache/ranger/entity/XXServiceVersionInfo.java | 29 +- .../main/java/org/apache/ranger/rest/GdsREST.java | 316 - .../java/org/apache/ranger/rest/ServiceREST.java | 61 +++- .../ranger/security/context/RangerAPIList.java | 2 + .../service/RangerServiceDefServiceBase.java | 4 +- .../ranger/service/RangerServiceService.java | 7 - .../ranger/service/RangerServiceServiceBase.java | 26 +- .../main/resources/META-INF/jpa_named_queries.xml | 31 +- 36 files changed, 1439 insertions(+), 550 deletions(-) create mode 100644 security-admin/src/main/java/org/apache/ranger/db/XXGdsDatasetPolicyMapDao.java create mode 100644 security-admin/src/main/java/org/apache/ranger/db/XXGdsProjectPolicyMapDao.java create mode 100644 security-admin/src/main/java/org/apache/ranger/entity/XXGdsDatasetPolicyMap.java create mode 100644 security-admin/src/main/java/org/apache/ranger/entity/XXGdsProjectPolicyMap.java