subject:"ranger git commit\: RANGER\-1491\:Automatically map group of external users to Administrator Role"

ranger git commit: RANGER-1491 : Automatically map group of external users to Administrator Role

2017-08-10 Thread gautam

Repository: ranger
Updated Branches:
  refs/heads/master 0878d19e9 -> 9f5721bbe


RANGER-1491 : Automatically map group of external users to Administrator Role

Signed-off-by: Gautam Borad 


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/9f5721bb
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/9f5721bb
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/9f5721bb

Branch: refs/heads/master
Commit: 9f5721bbed8057586e63a5ea5552ddecf5cc67ca
Parents: 0878d19
Author: Bhavik Patel 
Authored: Mon Aug 7 15:47:00 2017 +0530
Committer: Gautam Borad 
Committed: Fri Aug 11 12:12:57 2017 +0530

--
 .../java/org/apache/ranger/biz/UserMgr.java |  96 +--
 .../java/org/apache/ranger/biz/XUserMgr.java| 169 +++
 .../org/apache/ranger/service/XUserService.java |   8 +-
 .../java/org/apache/ranger/view/VXUser.java |   1 +
 .../java/org/apache/ranger/biz/TestUserMgr.java |   4 +-
 .../org/apache/ranger/biz/TestXUserMgr.java | 141 ++
 .../process/LdapPolicyMgrUserGroupBuilder.java  | 156 --
 .../config/UserGroupSyncConfig.java |  53 
 .../ranger/unixusersync/model/XUserInfo.java|  20 +-
 .../process/PolicyMgrUserGroupBuilder.java  | 281 ---
 unixauthservice/scripts/install.properties  |  16 ++
 unixauthservice/scripts/setup.py|  18 ++
 .../templates/installprop2xml.properties|   4 +
 .../templates/ranger-ugsync-template.xml|  16 ++
 14 files changed, 777 insertions(+), 206 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/ranger/blob/9f5721bb/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
--
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 6f77832..c1145e7 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -142,6 +142,7 @@ public class UserMgr {
Collection userRoleList) {
XXPortalUser user = mapVXPortalUserToXXPortalUser(userProfile);
checkAdminAccess();
+xUserMgr.checkAccessRoles((List) userRoleList);
user = createUser(user, userStatus, userRoleList);
 
return user;
@@ -174,9 +175,13 @@ public class UserMgr {
ArrayList roleList = new ArrayList();
Collection reqRoleList = userProfile.getUserRoleList();
if (reqRoleList != null && reqRoleList.size() > 0) {
-   for (String role : reqRoleList) {
-   roleList.add(role);
-   }
+for (String role : reqRoleList) {
+if (role != null) {
+roleList.add(role);
+} else {
+roleList.add(RangerConstants.ROLE_USER);
+}
+}
} else {
roleList.add(RangerConstants.ROLE_USER);
}
@@ -1104,16 +1109,18 @@ public class UserMgr {
checkAdminAccess();
logger.info("create:" + userProfile.getLoginId());
XXPortalUser xXPortalUser = null;
+Collection existingRoleList = null;
+Collection reqRoleList = null;
String loginId = userProfile.getLoginId();
String emailAddress = userProfile.getEmailAddress();
 
-   if (loginId != null && !loginId.isEmpty()) {
+if (loginId != null && !loginId.isEmpty()) {
xXPortalUser = this.findByLoginId(loginId);
if (xXPortalUser == null) {
if (!stringUtil.isEmpty(emailAddress)) {
xXPortalUser = 
this.findByEmailAddress(emailAddress);
if (xXPortalUser == null) {
-   xXPortalUser = 
this.createUser(userProfile,
+xXPortalUser = 
this.createUser(userProfile,

RangerCommonEnums.STATUS_ENABLED);
} else {
throw restErrorUtil
@@ -1125,9 +1132,9 @@ public class UserMgr {

MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);
}
} else {
-   userProfile.setEmailAddress(null);
-

ranger git commit: RANGER-1491:Automatically map group of external users to Administrator Role

2017-08-10 Thread gautam

Repository: ranger
Updated Branches:
  refs/heads/ranger-0.7 694ff57f1 -> 99abbcfa9


RANGER-1491:Automatically map group of external users to Administrator Role

Signed-off-by: Gautam Borad 


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/99abbcfa
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/99abbcfa
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/99abbcfa

Branch: refs/heads/ranger-0.7
Commit: 99abbcfa99667b60ae5f217db4bce44ac01bfdce
Parents: 694ff57
Author: Bhavik Patel 
Authored: Tue Aug 8 10:59:54 2017 +0530
Committer: Gautam Borad 
Committed: Fri Aug 11 12:13:08 2017 +0530

--
 .../java/org/apache/ranger/biz/UserMgr.java |  63 +-
 .../java/org/apache/ranger/biz/XUserMgr.java|  87 +---
 .../org/apache/ranger/service/XUserService.java |   7 +-
 .../java/org/apache/ranger/view/VXUser.java |   1 +
 .../java/org/apache/ranger/biz/TestUserMgr.java |   4 +-
 .../org/apache/ranger/biz/TestXUserMgr.java |  45 -
 .../process/LdapPolicyMgrUserGroupBuilder.java  | 123 +++-
 .../config/UserGroupSyncConfig.java |  41 
 .../ranger/unixusersync/model/XUserInfo.java|  20 +-
 .../process/PolicyMgrUserGroupBuilder.java  | 201 ++-
 unixauthservice/scripts/install.properties  |  15 ++
 unixauthservice/scripts/setup.py|  17 ++
 .../templates/installprop2xml.properties|   4 +
 .../templates/ranger-ugsync-template.xml|  16 ++
 14 files changed, 588 insertions(+), 56 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/ranger/blob/99abbcfa/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
--
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index be16f75..f27bfc1 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -142,6 +142,7 @@ public class UserMgr {
Collection userRoleList) {
XXPortalUser user = mapVXPortalUserToXXPortalUser(userProfile);
checkAdminAccess();
+xUserMgr.checkAccessRoles((List) userRoleList);
user = createUser(user, userStatus, userRoleList);
 
return user;
@@ -175,7 +176,11 @@ public class UserMgr {
Collection reqRoleList = userProfile.getUserRoleList();
if (reqRoleList != null && reqRoleList.size() > 0) {
for (String role : reqRoleList) {
-   roleList.add(role);
+if (role != null) {
+roleList.add(role);
+} else {
+
roleList.add(RangerConstants.ROLE_USER);
+}
}
} else {
roleList.add(RangerConstants.ROLE_USER);
@@ -1109,6 +1114,8 @@ public class UserMgr {
checkAdminAccess();
logger.info("create:" + userProfile.getLoginId());
XXPortalUser xXPortalUser = null;
+Collection existingRoleList = null;
+Collection reqRoleList = null;
String loginId = userProfile.getLoginId();
String emailAddress = userProfile.getEmailAddress();
 
@@ -1143,13 +1150,59 @@ public class UserMgr {
 */
}
}
+VXPortalUser userProfileRes = null;
if (xXPortalUser != null) {
-   return 
mapXXPortalUserToVXPortalUserForDefaultAccount(xXPortalUser);
-   } else {
-   return null;
-   }
+userProfileRes = 
mapXXPortalUserToVXPortalUserForDefaultAccount(xXPortalUser);
+if (userProfile.getUserRoleList() != null
+&& 
userProfile.getUserRoleList().size() > 0
+&& ((List) 
userProfile.getUserRoleList()).get(0) != null) {
+reqRoleList = userProfile.getUserRoleList();
+existingRoleList = 
this.getRolesByLoginId(loginId);
+XXPortalUser xxPortalUser = 
daoManager.getXXPortalUser()
+
.findByLoginId(userProfile.getLoginId());
+if (xxPortalUser != null && 
xxPortalUser.getUserSource() == RangerCommonEnums.USER_EXTERNAL) {
+

ranger git commit: RANGER-1491 : Automatically map group of external users to Administrator Role

ranger git commit: RANGER-1491:Automatically map group of external users to Administrator Role

2 matches

Site Navigation

Mail list logo

Footer information