Return-Path: X-Original-To: apmail-ranger-commits-archive@www.apache.org Delivered-To: apmail-ranger-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 49225CAC2 for ; Fri, 12 Dec 2014 01:30:46 +0000 (UTC) Received: (qmail 60330 invoked by uid 500); 12 Dec 2014 01:30:46 -0000 Delivered-To: apmail-ranger-commits-archive@ranger.apache.org Received: (qmail 60299 invoked by uid 500); 12 Dec 2014 01:30:46 -0000 Mailing-List: contact commits-help@ranger.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.incubator.apache.org Delivered-To: mailing list commits@ranger.incubator.apache.org Received: (qmail 60277 invoked by uid 99); 12 Dec 2014 01:30:46 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Dec 2014 01:30:46 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO mail.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with SMTP; Fri, 12 Dec 2014 01:30:05 +0000 Received: (qmail 59036 invoked by uid 99); 12 Dec 2014 01:29:45 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 12 Dec 2014 01:29:45 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 557CAA27CEE; Fri, 12 Dec 2014 01:29:45 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: madhan@apache.org To: commits@ranger.incubator.apache.org Date: Fri, 12 Dec 2014 01:29:57 -0000 Message-Id: In-Reply-To: <6a9f7bd059b94d5483aebaf3628fc137@git.apache.org> References: <6a9f7bd059b94d5483aebaf3628fc137@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [14/51] [partial] incubator-ranger git commit: RANGER-194: Rename packages from xasecure to apache ranger X-Virus-Checked: Checked by ClamAV on apache.org http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XResourceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XResourceService.java b/security-admin/src/main/java/com/xasecure/service/XResourceService.java deleted file mode 100644 index bbbf458..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XResourceService.java +++ /dev/null @@ -1,1115 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -import java.io.File; -import java.lang.reflect.Field; -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map.Entry; - -import com.xasecure.common.ContextUtil; -import com.xasecure.common.MessageEnums; -import com.xasecure.common.PropertiesUtil; -import com.xasecure.common.SearchCriteria; -import com.xasecure.common.SearchField; -import com.xasecure.common.SearchField.DATA_TYPE; -import com.xasecure.common.SearchField.SEARCH_TYPE; -import com.xasecure.common.SortField; -import com.xasecure.common.StringUtil; -import com.xasecure.common.UserSessionBase; -import com.xasecure.common.XAConstants; -import com.xasecure.view.VXResponse; - -import org.apache.commons.lang.ArrayUtils; -import org.apache.commons.lang.StringUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Scope; -import org.springframework.stereotype.Service; - -import com.xasecure.biz.XABizUtil; -import com.xasecure.common.AppConstants; -import com.xasecure.common.view.VTrxLogAttr; -import com.xasecure.db.XADaoManager; -import com.xasecure.entity.*; -import com.xasecure.util.XAEnumUtil; -import com.xasecure.view.*; -@Service -@Scope("singleton") -public class XResourceService extends - XResourceServiceBase { - - @Autowired - XPermMapService xPermMapService; - - @Autowired - XAuditMapService xAuditMapService; - - @Autowired - XUserService xUserService; - - @Autowired - StringUtil stringUtil; - - @Autowired - XADaoManager xADaoManager; - @Autowired - XABizUtil xaBizUtil; - - @Autowired - XAEnumUtil xaEnumUtil; - - @Autowired - XPolicyService xPolicyService; - - static HashMap trxLogAttrs = new HashMap(); - - static String fileSeparator = PropertiesUtil.getProperty( - "xa.file.separator", "/"); - - static { - trxLogAttrs.put("name", new VTrxLogAttr("name", "Resource Path", false)); - trxLogAttrs.put("description", new VTrxLogAttr("description", "Policy Description", false)); - trxLogAttrs.put("resourceType", new VTrxLogAttr("resourceType", "Policy Type", true)); - trxLogAttrs.put("isEncrypt", new VTrxLogAttr("isEncrypt", "Policy Encryption", true)); - trxLogAttrs.put("isRecursive", new VTrxLogAttr("isRecursive", "Is Policy Recursive", true)); - trxLogAttrs.put("databases", new VTrxLogAttr("databases", "Databases", false)); - trxLogAttrs.put("tables", new VTrxLogAttr("tables", "Tables", false)); - trxLogAttrs.put("columnFamilies", new VTrxLogAttr("columnFamilies", "Column Families", false)); - trxLogAttrs.put("columns", new VTrxLogAttr("columns", "Columns", false)); - trxLogAttrs.put("udfs", new VTrxLogAttr("udfs", "UDF", false)); - trxLogAttrs.put("resourceStatus", new VTrxLogAttr("resourceStatus", "Policy Status", true)); - trxLogAttrs.put("tableType", new VTrxLogAttr("tableType", "Table Type", true)); - trxLogAttrs.put("columnType", new VTrxLogAttr("columnType", "Column Type", true)); - trxLogAttrs.put("policyName", new VTrxLogAttr("policyName", "Policy Name", false)); - trxLogAttrs.put("topologies", new VTrxLogAttr("topologies", "Topologies", false)); - trxLogAttrs.put("services", new VTrxLogAttr("services", "Services", false)); - trxLogAttrs.put("assetType", new VTrxLogAttr("assetType", "Repository Type", true)); - } - - public XResourceService() { - searchFields.add(new SearchField("name", "obj.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("fullname", "obj.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("policyName", "obj.policyName", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("fullPolicyName", "obj.policyName", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("columns", "obj.columns", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("columnFamilies", - "obj.columnFamilies", SearchField.DATA_TYPE.STRING, - SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("tables", "obj.tables", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("udfs", "obj.udfs", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("databases", "obj.databases", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("assetId", "obj.assetId", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("resourceType", "obj.resourceType", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("isEncrypt", "obj.isEncrypt", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("isRecursive", "obj.isRecursive", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); - - searchFields.add(new SearchField("groupName", "xxGroup.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL, - "XXPermMap xxPermMap, XXGroup xxGroup", "xxPermMap.resourceId " - + "= obj.id and xxPermMap.groupId = xxGroup.id")); - - searchFields.add(new SearchField("userName", "xUser.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL, - "XXPermMap xxPermMap, XXUser xUser", "xxPermMap.resourceId " - + "= obj.id and xxPermMap.userId = xUser.id")); - - searchFields.add(new SearchField("userId", "xxPermMap.userId", - SearchField.DATA_TYPE.INT_LIST, SearchField.SEARCH_TYPE.FULL, - "XXPermMap xxPermMap", "xxPermMap.resourceId = obj.id ")); - - searchFields.add(new SearchField("groupId", "xxPermMap.groupId", - SearchField.DATA_TYPE.INT_LIST, SearchField.SEARCH_TYPE.FULL, - "XXPermMap xxPermMap", "xxPermMap.resourceId = obj.id")); - - searchFields.add(new SearchField("assetType", "xxAsset.assetType", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL, - "XXAsset xxAsset", "xxAsset.id = obj.assetId ")); - - searchFields.add(new SearchField("id", "obj.id", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("topologies", "obj.topologies", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("services", "obj.services", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("tableType", "obj.tableType", - DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("columnType", "obj.columnType", - DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("repositoryName", "xxAsset.name", - DATA_TYPE.STRING, SEARCH_TYPE.PARTIAL, "XXAsset xxAsset", - "xxAsset.id = obj.assetId")); - searchFields.add(new SearchField("resourceStatus", - "obj.resourceStatus", DATA_TYPE.INT_LIST, SEARCH_TYPE.FULL)); - - sortFields.add(new SortField("name", "obj.name")); - sortFields.add(new SortField("isRecursive", "obj.isRecursive")); - sortFields.add(new SortField("isEncrypt", "obj.isEncrypt")); - - } - - @Override - protected void validateForCreate(VXResource vObj) { - if(vObj == null){ - throw restErrorUtil.createRESTException("Policy not provided.", - MessageEnums.DATA_NOT_FOUND); - } - Long assetId = vObj.getAssetId(); - int assetType; - if(assetId != null){ - XXAsset xAsset = xADaoManager.getXXAsset().getById(assetId); - if(xAsset != null){ - assetType = xAsset.getAssetType(); - } else { - throw restErrorUtil.createRESTException("The repository for which " - + "the policy is created, doesn't exist in the system.", - MessageEnums.OPER_NOT_ALLOWED_FOR_STATE); - } - } else { - logger.debug("Asset id not provided."); - throw restErrorUtil.createRESTException("Please provide repository" - + " id for policy.", MessageEnums.OPER_NOT_ALLOWED_FOR_STATE); - } - - String resourceName = vObj.getName(); -// Long resourceId = vObj.getId(); -// int isRecursive = vObj.getIsRecursive(); - if(stringUtil.isEmpty(resourceName)){ - logger.error("Resource name not found for : " + vObj.toString()); - throw restErrorUtil.createRESTException("Please provide valid resources.", - MessageEnums.INVALID_INPUT_DATA); - } - -// String[] resourceNameList = stringUtil.split(resourceName, ","); -// for(String resName : resourceNameList){ -// List xXResourceList = null; -// if (assetType == AppConstants.ASSET_HDFS) { -// xXResourceList = appDaoManager.getXXResource() -// .findByResourceNameAndAssetIdAndRecursiveFlag(resName, assetId, isRecursive); -// } else { -// xXResourceList = appDaoManager.getXXResource() -// .findByResourceNameAndAssetIdAndResourceType(vObj.getName(), -// vObj.getAssetId(), vObj.getResourceType()); -// } -// -// if (xXResourceList != null) { -// boolean similarPolicyFound = false; -// for(XXResource xxResource : xXResourceList){ -// String dbResourceName = xxResource.getName(); -// // Not checking dbResourceName to be null or empty -// // as this should never be the case -// String[] resources = stringUtil.split(dbResourceName, ","); -// for(String dbResource: resources){ -// if(dbResource.equalsIgnoreCase(resName)){ -// if(resourceId!=null){ -// Long dbResourceId = xxResource.getId(); -// if(!resourceId.equals(dbResourceId)){ -// similarPolicyFound = true; -// break; -// } -// } else { -// similarPolicyFound = true; -// break; -// } -// } -// } -// if(similarPolicyFound){ -// break; -// } -// } -// if(similarPolicyFound){ -// throw restErrorUtil.createRESTException( -// "Similar policy already exists for the resource : " + resName, -// MessageEnums.ERROR_DUPLICATE_OBJECT); -// } -// } -// } - -// if(vObj.getAssetType()) - - } - - @Override - protected void validateForUpdate(VXResource vObj, XXResource mObj) { - if (vObj != null && vObj.getAssetType() == AppConstants.ASSET_HDFS) { - if (!(vObj.getName() != null) || vObj.getName().isEmpty()) { - throw restErrorUtil.createRESTException("Please provide the " - + "resource path.", MessageEnums.INVALID_INPUT_DATA); - } - } - if (!vObj.getName().equalsIgnoreCase(mObj.getName()) || - vObj.getIsRecursive()!=mObj.getIsRecursive() || - vObj.getResourceType() != mObj.getResourceType()) { - validateForCreate(vObj); - } - - } - - @Override - public VXResource createResource(VXResource vXResource) { - - VXResource resource = super.createResource(vXResource); - - List newAuditMapList = new ArrayList(); - List vxAuditMapList = vXResource.getAuditList(); - if (vxAuditMapList != null) { - for (VXAuditMap vxAuditMap : vxAuditMapList) { - vxAuditMap.setResourceId(resource.getId()); - vxAuditMap = xAuditMapService.createResource(vxAuditMap); - newAuditMapList.add(vxAuditMap); - } - } - - List newPermMapList = new ArrayList(); - List vxPermMapList = vXResource.getPermMapList(); - if (vxPermMapList != null) { - for (VXPermMap permMap : vxPermMapList) { - if (permMap.getUserId() == null && permMap.getGroupId() == null - && vxAuditMapList == null){ - if(vxAuditMapList == null){ - throw restErrorUtil.createRESTException("Please provide" - + " valid group/user permissions for policy.", - MessageEnums.INVALID_INPUT_DATA); - } - } else { - permMap.setResourceId(resource.getId()); - permMap = xPermMapService.createResource(permMap); - newPermMapList.add(permMap); - } - } - } - - - resource.setPermMapList(newPermMapList); - resource.setAuditList(newAuditMapList); - return resource; - } - @Override - public boolean deleteResource(Long id) { - return super.deleteResource(id); - } - - @Override - public VXResource populateViewBean(XXResource xXResource) { - VXResource vXResource = super.populateViewBean(xXResource); - populateAssetProperties(vXResource); - populatePermList(vXResource); - return vXResource; - } - - private void populateAssetProperties(VXResource vXResource) { - XXAsset xxAsset = xADaoManager.getXXAsset().getById( - vXResource.getAssetId()); - if (xxAsset != null) { - vXResource.setAssetName(xxAsset.getName()); - } - vXResource.setAssetType(xxAsset.getAssetType()); - } - - private void populateAuditList(VXResource vXResource) { - SearchCriteria searchCriteria = new SearchCriteria(); - searchCriteria.addParam("resourceId", vXResource.getId()); - VXAuditMapList vXAuditMapList = xAuditMapService - .searchXAuditMaps(searchCriteria); - if (vXAuditMapList != null && vXAuditMapList.getResultSize() != 0) { - List auditMapList = vXAuditMapList.getList(); - vXResource.setAuditList(auditMapList); - } - } - - private void populatePermList(VXResource vXResource) { - SearchCriteria searchCriteria = new SearchCriteria(); - searchCriteria.addParam("resourceId", vXResource.getId()); - VXPermMapList vXPermMapList = xPermMapService - .searchXPermMaps(searchCriteria); - if (vXPermMapList != null && vXPermMapList.getResultSize() != 0) { - List permMapList = vXPermMapList.getList(); - vXResource.setPermMapList(permMapList); - } - } - - @Override - public VXResourceList searchXResources(SearchCriteria searchCriteria) { - - VXResourceList returnList; - UserSessionBase currentUserSession = ContextUtil - .getCurrentUserSession(); - // If user is system admin - if (currentUserSession.isUserAdmin()) { - returnList = super.searchXResources(searchCriteria); - - } else {// need to be optimize - returnList = new VXResourceList(); - int startIndex = searchCriteria.getStartIndex(); - int pageSize = searchCriteria.getMaxRows(); - searchCriteria.setStartIndex(0); - searchCriteria.setMaxRows(Integer.MAX_VALUE); - List resultList = (List) searchResources( - searchCriteria, searchFields, sortFields, returnList); - List adminPermResourceList = new ArrayList(); - for (XXResource xXResource : resultList) { - VXResponse vXResponse = xaBizUtil.hasPermission(populateViewBean(xXResource), - AppConstants.XA_PERM_TYPE_ADMIN); - if(vXResponse.getStatusCode() == VXResponse.STATUS_SUCCESS){ - adminPermResourceList.add(xXResource); - } - } - - if (adminPermResourceList.size() > 0) { - populatePageList(adminPermResourceList, startIndex, pageSize, - returnList); - } - } - if(returnList!=null && returnList.getResultSize()>0){ - for (VXResource vXResource : returnList.getVXResources()) { - populateAuditList(vXResource); - } - } - return returnList; - } - - private void populatePageList(List resourceList, - int startIndex, int pageSize, VXResourceList vxResourceList) { - List onePageList = new ArrayList(); - for (int i = startIndex; i < pageSize + startIndex - && i < resourceList.size(); i++) { - VXResource vXResource = populateViewBean(resourceList.get(i)); - onePageList.add(vXResource); - } - vxResourceList.setVXResources(onePageList); - vxResourceList.setStartIndex(startIndex); - vxResourceList.setPageSize(pageSize); - vxResourceList.setResultSize(onePageList.size()); - vxResourceList.setTotalCount(resourceList.size()); - - } - - @Override - protected XXResource mapViewToEntityBean(VXResource vObj, XXResource mObj, int OPERATION_CONTEXT) { - super.mapViewToEntityBean(vObj, mObj, OPERATION_CONTEXT); - mObj.setUdfs(vObj.getUdfs()); - if(vObj!=null && mObj!=null){ - XXPortalUser xXPortalUser= null; - if(mObj.getAddedByUserId()==null || mObj.getAddedByUserId()==0){ - if(!stringUtil.isEmpty(vObj.getOwner())){ - xXPortalUser=xADaoManager.getXXPortalUser().findByLoginId(vObj.getOwner()); - if(xXPortalUser!=null){ - mObj.setAddedByUserId(xXPortalUser.getId()); - } - } - } - if(mObj.getUpdatedByUserId()==null || mObj.getUpdatedByUserId()==0){ - if(!stringUtil.isEmpty(vObj.getUpdatedBy())){ - xXPortalUser= xADaoManager.getXXPortalUser().findByLoginId(vObj.getUpdatedBy()); - if(xXPortalUser!=null){ - mObj.setUpdatedByUserId(xXPortalUser.getId()); - } - } - } - - } - return mObj; - } - - @Override - protected VXResource mapEntityToViewBean(VXResource vObj, XXResource mObj) { - super.mapEntityToViewBean(vObj, mObj); - vObj.setUdfs(mObj.getUdfs()); - populateAssetProperties(vObj); - if(mObj!=null && vObj!=null){ - XXPortalUser xXPortalUser= null; - if(stringUtil.isEmpty(vObj.getOwner())){ - xXPortalUser=xADaoManager.getXXPortalUser().getById(mObj.getAddedByUserId()); - if(xXPortalUser!=null){ - vObj.setOwner(xXPortalUser.getLoginId()); - } - } - if(stringUtil.isEmpty(vObj.getUpdatedBy())){ - xXPortalUser= xADaoManager.getXXPortalUser().getById(mObj.getUpdatedByUserId()); - if(xXPortalUser!=null){ - vObj.setUpdatedBy(xXPortalUser.getLoginId()); - } - } - } - return vObj; - } - - /** - * check resource parent path permission for user and group - * @param vXResource - */ - public void checkAccess(VXResource vXResource) { - - XXAsset xxAsset = xADaoManager.getXXAsset().getById( - vXResource.getAssetId()); - if (xxAsset == null) { - throw restErrorUtil - .createRESTException("Asset not found", - MessageEnums.DATA_NOT_FOUND, vXResource.getId(), - null, null); - } - int assetType = xxAsset.getAssetType(); - - if(assetType==AppConstants.ASSET_HDFS){ - -// int resourceType = vXResource.getResourceType(); - int resourceType = xPolicyService.getResourceType(vXResource); - List resourceTypeList = xaBizUtil - .getResorceTypeParentHirearchy(resourceType, assetType); - - List pathList = new ArrayList(); - String resourceNames = vXResource.getName(); - String[] resourceList = stringUtil.split(resourceNames, ","); - List resourceArrayList=new ArrayList(); - if(resourceList!=null && resourceList.length>0) - { - Collections.addAll(resourceArrayList, resourceList); - } - - for (String resourceName : resourceList) { - String policyPath = resourceName; - String[] policyPathParts = policyPath.split(fileSeparator); - - if(policyPathParts.length>1){ - pathList.add(fileSeparator); - } - - StringBuffer path = new StringBuffer(); - for (int i = 1; i < policyPathParts.length - 1; i++) { - path.append(fileSeparator + policyPathParts[i]); - pathList.add(path.toString()); - } - if(path!=null){ - if(resourceArrayList.contains(path.toString())){ - continue; - } - if(resourceArrayList.contains(path.toString()+"/")){ - continue; - } - } - - if (pathList != null && pathList.size() != 0) { - List vxPermMaps = vXResource.getPermMapList(); - //update perm list and read and execute - vxPermMaps=updatePermMaps(vxPermMaps); - for (VXPermMap vxPermMap : vxPermMaps) { - //check only read and execution permission - if (vxPermMap.getPermFor() == AppConstants.XA_PERM_FOR_USER - &&(vxPermMap.getPermType()==AppConstants.XA_PERM_TYPE_READ || - vxPermMap.getPermType()==AppConstants.XA_PERM_TYPE_EXECUTE)) { - boolean access = checkUserAccess(vxPermMap, pathList, - vXResource.getAssetId(), - vXResource.getIsRecursive(), assetType, - resourceTypeList); - - if (!access) { - XXUser xxUser = xADaoManager.getXXUser().getById( - vxPermMap.getUserId()); - throw restErrorUtil.createRESTException( - xxUser.getName() + " may not have " - + AppConstants.getLabelFor_XAPermType( - vxPermMap.getPermType()).toLowerCase() - + " permission on parent folder. Do you want to save this policy?" - , - MessageEnums.OPER_NO_PERMISSION, - null, "parentPermission", null); - - } - } - //check only read and execution permission - if (vxPermMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP - &&(vxPermMap.getPermType()==AppConstants.XA_PERM_TYPE_READ || - vxPermMap.getPermType()==AppConstants.XA_PERM_TYPE_EXECUTE)) { - boolean access = checkGroupAccess(vxPermMap, pathList, - vXResource.getAssetId(), - vXResource.getIsRecursive(), assetType, - resourceTypeList); - if (!access) { - XXGroup xxGroup = xADaoManager.getXXGroup() - .getById(vxPermMap.getGroupId()); - throw restErrorUtil.createRESTException(xxGroup - .getName() + " may not have " + AppConstants - .getLabelFor_XAPermType(vxPermMap.getPermType()).toLowerCase() - + " permission on parent folder. Do you want to save this policy?" - , - MessageEnums.OPER_NO_PERMISSION, null, - "parentPermission", null); - } - } - } - } - } - } - } - - /** - * check user permission - * - * @param vxPermMap - * @param pathList - * @return - */ - public boolean checkUserAccess(VXPermMap vxPermMap, List pathList, - Long assetId, int isRecursive, int assetType, - List resourceTypeList) { - boolean isAccess = false; - boolean isRecursivlyAllowed; - // all possible path and check access on all path - for (int i = 0; i < pathList.size(); i++) { - isAccess = false; - isRecursivlyAllowed = false; - HashMap accessMap = fetchUserAccessMap( - vxPermMap.getUserId(), vxPermMap.getPermType(), - pathList.get(i), assetType, assetId, isRecursive, - resourceTypeList); - //isAccess = Boolean.getBoolean(""+accessMap.get("isAccess")); - //isRecursivlyAllowed = Boolean.getBoolean(""+accessMap.get("isRecursive")); - isAccess=(Boolean)accessMap.get("isAccess"); - isRecursivlyAllowed=(Boolean)accessMap.get("isRecursive"); - // if user have recursively access then return true - if (isAccess && isRecursivlyAllowed) { - return true; - } - // access fail for root folder return false - if (!isAccess) { - break; - } - - } - return isAccess; - } - - /** - * check group permission on path - * - * @param vxPermMap - * @param pathList - * @return - */ - public boolean checkGroupAccess(VXPermMap vxPermMap, List pathList, - Long assetId, int isRecursive, int assetType, - List resourceTypeList) { - boolean isAccess = false; - boolean isRecursivlyAllowed; - for (int i = 0; i < pathList.size(); i++) { - isAccess = false; - isRecursivlyAllowed = false; - HashMap accessMap = fetchGroupAccessMap( - vxPermMap.getGroupId(), vxPermMap.getPermType(), - pathList.get(i), assetType, assetId, isRecursive, - resourceTypeList); - isAccess = Boolean.getBoolean(""+accessMap.get("isAccess")); - isRecursivlyAllowed = Boolean.getBoolean(""+accessMap.get("isRecursive")); - if (isAccess && isRecursivlyAllowed) { - return true; - } - if (!isAccess) { - break; - } - - } - return isAccess; - } - - public HashMap fetchUserAccessMap(Long userId, - int permType, String path, int assetType, Long assetId, - int isRecursive, List resourceTypeList) { - HashMap accessMap = new HashMap(); - boolean isAccess = false; - List xGroupList = xADaoManager.getXXGroup().findByUserId( - userId); - boolean isRecursivlyAllowed = false; - List xXResourceList = null; - if (assetType == AppConstants.ASSET_HDFS) { - xXResourceList = xADaoManager.getXXResource().findByAssetId( - assetId); - //this code block is to add record of 'public' group in group_user mapping list. - XXGroup xXGroupPublic = xADaoManager.getXXGroup(). - findByGroupName(XAConstants.GROUP_PUBLIC); - if (xXGroupPublic != null - && xXGroupPublic.getName().trim() - .equalsIgnoreCase(XAConstants.GROUP_PUBLIC)) { - if(xGroupList!=null){ - xGroupList.add(xXGroupPublic); - }else{ - xGroupList=new ArrayList(); - xGroupList.add(xXGroupPublic); - } - } - } else { - xXResourceList = xADaoManager.getXXResource() - .findByAssetIdAndResourceTypes(assetId, resourceTypeList); - } - String expandedName = xaBizUtil.replaceMetaChars(path); - if (xXResourceList != null) { - // If resource name is comma separated, then we need to check each - // of the resources - for (XXResource xResource : xXResourceList) { - String resource = xResource.getName(); - - if (resource == null || resource.isEmpty()) { - logger.debug("Resource name not found for resourceId : " - + xResource.getId()); - throw restErrorUtil.createRESTException( - "Resource name not found.", - MessageEnums.DATA_NOT_FOUND); - } - - String[] dbResourceNameList = resource.split(","); - boolean matchFound = false; - for (String dbResourceName : dbResourceNameList) { - String[] requestResNameList = expandedName.split(","); - for (String resourceName : requestResNameList) { - if (xaBizUtil.comparePathsForExactMatch(resourceName, - dbResourceName)) { - matchFound = true; - } else { - // resource name has a file extension then don't - // append "/*" - // "/*" is required for directory matching - if (xResource.getIsRecursive() == AppConstants.BOOL_TRUE) { - matchFound = xaBizUtil - .isRecursiveWildCardMatch(resourceName, - dbResourceName); - } else { - matchFound = xaBizUtil - .nonRecursiveWildCardMatch( - resourceName, dbResourceName); - } - } - if (matchFound) { - break; - } - } - if (matchFound) { - break; - } - } - if (matchFound) { - // get the perms for this resource - List permMapList = xADaoManager.getXXPermMap() - .findByResourceId(xResource.getId()); - for (XXPermMap permMap : permMapList) { - if (permMap.getPermType() == permType) { - if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP - && xaBizUtil.isGroupInList( - permMap.getGroupId(), xGroupList)) { - isAccess = true; - isRecursivlyAllowed = xResource.getIsRecursive() == AppConstants.BOOL_TRUE ? true - : false; - } else if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_USER - && permMap.getUserId().equals(userId)) { - isAccess = true; - isRecursivlyAllowed = xResource.getIsRecursive() == AppConstants.BOOL_TRUE ? true - : false; - } - } - } - } - } - } - accessMap.put("isAccess", isAccess); - accessMap.put("isRecursive", isRecursivlyAllowed); - return accessMap; - } - - public HashMap fetchGroupAccessMap(Long groupId, - int permType, String path, int assetType, Long assetId, - int isRecursive, List resourceTypeList) { - - boolean isAccess = false; - boolean isRecursivlyAllowed = false; - HashMap accessMap = new HashMap(); - List xXResourceList = new ArrayList(); - - if (assetType == AppConstants.ASSET_HDFS) { - xXResourceList = xADaoManager.getXXResource().findByAssetId( - assetId); - } else { - xXResourceList = xADaoManager.getXXResource() - .findByAssetIdAndResourceTypes(assetId, resourceTypeList); - } - - String expandedName = xaBizUtil.replaceMetaChars(path); - - for (XXResource xResource : xXResourceList) { - String resource = xResource.getName(); - - if (resource == null || resource.isEmpty()) { - logger.debug("Resource name not found for resourceId : " - + xResource.getId()); - throw restErrorUtil.createRESTException( - "Resource name not found.", - MessageEnums.DATA_NOT_FOUND); - } - - String[] dbResourceNameList = resource.split(","); - boolean matchFound = false; - - for (String dbResourceName : dbResourceNameList) { - - String[] requestResNameList = expandedName.split(","); - for (String resourceName : requestResNameList) { - if (xaBizUtil.comparePathsForExactMatch(resourceName, - dbResourceName)) { - matchFound = true; - } else { - // resource name has a file extension then don't - // append "/*" - // "/*" is required for directory matching - if (xResource.getIsRecursive() == AppConstants.BOOL_TRUE) { - matchFound = xaBizUtil - .isRecursiveWildCardMatch(resourceName, - dbResourceName); - } else { - matchFound = xaBizUtil - .nonRecursiveWildCardMatch( - resourceName, dbResourceName); - } - } - if (matchFound) { - break; - } - } - if (matchFound) { - break; - } - } - if (matchFound) { - // get the perms for this resource - List permMapList = xADaoManager.getXXPermMap() - .findByResourceId(xResource.getId()); - for (XXPermMap permMap : permMapList) { - if (permMap.getPermType() == permType) { - if (permMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP - && permMap.getGroupId().doubleValue() == groupId.doubleValue()) { - isAccess = true; - isRecursivlyAllowed = (xResource.getIsRecursive() == AppConstants.BOOL_TRUE); - } - } - } - } - } - - accessMap.put("isAccess", isAccess); - accessMap.put("isRecursive", isRecursivlyAllowed); - return accessMap; - } - - public List updatePermMaps(List vxPermMaps) { - List updatedPermList = new ArrayList(); - - List listOfUser = new ArrayList(); - List listOfGroup = new ArrayList(); - - //[1] : Populate perm maps for user and groups - for (VXPermMap vxPermMap : vxPermMaps) { - if (vxPermMap.getPermFor() == AppConstants.XA_PERM_FOR_USER) { - if (!listOfUser.contains(vxPermMap.getUserId())) { - listOfUser.add(vxPermMap.getUserId()); - } - } else if (vxPermMap.getPermFor() == AppConstants.XA_PERM_FOR_GROUP) { - if (!listOfGroup.contains(vxPermMap.getGroupId())) { - listOfGroup.add(vxPermMap.getGroupId()); - } - } - } - - HashMap> userPermMap = - new HashMap>(); - - for (Long userId : listOfUser) { - HashMap userPerm = new HashMap(); - for (VXPermMap vxPermMap : vxPermMaps) { - if (vxPermMap.getPermFor() == AppConstants.XA_PERM_FOR_USER - && vxPermMap.getUserId() == userId) { - userPerm.put(vxPermMap.getPermType(), vxPermMap); - } - } - userPermMap.put(userId, userPerm); - } - - //[2] : - HashMap> groupPermMap = - new HashMap>(); - - for (Long groupId : listOfGroup) { - HashMap groupPerm = new HashMap(); - for (VXPermMap vxPermMap : vxPermMaps) { - Long permGroupId = vxPermMap.getGroupId(); - int permFor = vxPermMap.getPermFor(); - if (permFor == AppConstants.XA_PERM_FOR_GROUP - && permGroupId.equals(groupId)) { - groupPerm.put(vxPermMap.getPermType(), vxPermMap); - } - } - groupPermMap.put(groupId, groupPerm); - } - - for (Long userId : listOfUser) { - HashMap map = userPermMap.get(userId); - VXPermMap vxPermMap = null; - - for (Entry perm : map.entrySet()) { - vxPermMap = perm.getValue(); - break; - } - - if (map.size() > 0 && map.get(AppConstants.XA_PERM_TYPE_READ) == null) { - vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_READ); - map.put(AppConstants.XA_PERM_TYPE_READ, vxPermMap); - } - - if (map.size() > 1 && map.get(AppConstants.XA_PERM_TYPE_EXECUTE) == null) { - vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_EXECUTE); - map.put(AppConstants.XA_PERM_TYPE_EXECUTE, vxPermMap); - } - userPermMap.put(userId, map); - } - - for (Long groupId : listOfGroup) { - HashMap map = groupPermMap.get(groupId); - VXPermMap vxPermMap = null; - - for (Entry perm : map.entrySet()) { - vxPermMap = perm.getValue(); - break; - } - - if (map.size() > 0 && map.get(AppConstants.XA_PERM_TYPE_READ) == null) { - vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_READ); - map.put(AppConstants.XA_PERM_TYPE_READ, vxPermMap); - } - - if (map.size() > 1 && map.get(AppConstants.XA_PERM_TYPE_EXECUTE) == null) { - vxPermMap.setPermType(AppConstants.XA_PERM_TYPE_EXECUTE); - map.put(AppConstants.XA_PERM_TYPE_EXECUTE, vxPermMap); - } - groupPermMap.put(groupId, map); - } - - // [3] : - for (Entry> entry : userPermMap - .entrySet()) { - for (Entry innerEntry : entry.getValue() - .entrySet()) { - updatedPermList.add(innerEntry.getValue()); - } - } - - for (Entry> entry : groupPermMap - .entrySet()) { - for (Entry innerEntry : entry.getValue() - .entrySet()) { - updatedPermList.add(innerEntry.getValue()); - } - } - - return updatedPermList; - } - - public List getTransactionLog(VXResource vResource, String action){ - return getTransactionLog(vResource, null, action); - } - - public List getTransactionLog(VXResource vObj, XXResource mObj, String action){ - if(vObj == null && (action == null || !action.equalsIgnoreCase("update"))){ - return null; - } - - XXAsset xAsset = xADaoManager.getXXAsset().getById(vObj.getAssetId()); - String parentObjectName = xAsset.getName(); - - List trxLogList = new ArrayList(); - Field[] fields = vObj.getClass().getDeclaredFields(); - - Field nameField; - try { - nameField = vObj.getClass().getDeclaredField("name"); - nameField.setAccessible(true); - String objectName = ""+nameField.get(vObj); - - for(Field field : fields){ - field.setAccessible(true); - String fieldName = field.getName(); - if(!trxLogAttrs.containsKey(fieldName)){ - continue; - } - - int policyType = vObj.getAssetType(); - if(policyType == AppConstants.ASSET_HDFS){ - String[] ignoredAttribs = {"tableType", "columnType", "isEncrypt", "databases", - "tables", "columnFamilies", "columns", "udfs"}; - if(ArrayUtils.contains(ignoredAttribs, fieldName)){ - continue; - } - } else if(policyType == AppConstants.ASSET_HIVE) { - String[] ignoredAttribs = {"name", "isRecursive", "isEncrypt", "columnFamilies"}; - if(ArrayUtils.contains(ignoredAttribs, fieldName)){ - continue; - } - } else if(policyType == AppConstants.ASSET_HBASE){ - String[] ignoredAttribs = {"name", "tableType", "columnType", "isRecursive", "databases", - "udfs"}; - if(ArrayUtils.contains(ignoredAttribs, fieldName)){ - continue; - } - } else if(policyType == AppConstants.ASSET_KNOX || policyType == AppConstants.ASSET_STORM){ - String[] ignoredAttribs = {"name", "tableType", "columnType", "isEncrypt", "databases", - "tables", "columnFamilies", "columns", "udfs"}; - if(ArrayUtils.contains(ignoredAttribs, fieldName)){ - continue; - } - } - - VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName); - - XXTrxLog xTrxLog = new XXTrxLog(); - xTrxLog.setAttributeName(vTrxLogAttr.getAttribUserFriendlyName()); - - String value = null; - boolean isEnum = vTrxLogAttr.isEnum(); - if(isEnum){ - String enumName = XXResource.getEnumName(fieldName); - if(enumName==null && fieldName.equals("assetType")){ - enumName="CommonEnums.AssetType"; - } - int enumValue = field.get(vObj) == null ? 0 : Integer.parseInt(""+field.get(vObj)); - value = xaEnumUtil.getLabel(enumName, enumValue); - } else { - value = ""+field.get(vObj); - if(value == null || value.equalsIgnoreCase("null")){ - continue; - } - } - - if(action.equalsIgnoreCase("create")){ - if(stringUtil.isEmpty(value)){ - continue; - } - xTrxLog.setNewValue(value); - } else if(action.equalsIgnoreCase("delete")){ - xTrxLog.setPreviousValue(value); - } else if(action.equalsIgnoreCase("update")){ - String oldValue = null; - Field[] mFields = mObj.getClass().getDeclaredFields(); - for(Field mField : mFields){ - mField.setAccessible(true); - String mFieldName = mField.getName(); - if(fieldName.equalsIgnoreCase(mFieldName)){ - if(isEnum){ - String enumName = XXResource.getEnumName(mFieldName); - if(enumName==null && mFieldName.equals("assetType")){ - enumName="CommonEnums.AssetType"; - } - int enumValue = mField.get(mObj) == null ? 0 : Integer.parseInt(""+mField.get(mObj)); - oldValue = xaEnumUtil.getLabel(enumName, enumValue); - } else { - oldValue = mField.get(mObj)+""; - } - break; - } - } - if(value.equalsIgnoreCase(oldValue) && !fieldName.equals("policyName")){ - continue; - } - xTrxLog.setPreviousValue(oldValue); - xTrxLog.setNewValue(value); - } - - xTrxLog.setAction(action); - xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_RESOURCE); - xTrxLog.setObjectId(vObj.getId()); - xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_ASSET); - xTrxLog.setParentObjectId(vObj.getAssetId()); - xTrxLog.setParentObjectName(parentObjectName); - xTrxLog.setObjectName(objectName); - trxLogList.add(xTrxLog); - - } - - } catch (IllegalArgumentException e) { - e.printStackTrace(); - } catch (IllegalAccessException e) { - e.printStackTrace(); - } catch (NoSuchFieldException e) { - e.printStackTrace(); - } catch (SecurityException e) { - e.printStackTrace(); - } - - if(trxLogList.size()==0){ - XXTrxLog xTrxLog = new XXTrxLog(); - xTrxLog.setAction(action); - xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_RESOURCE); - xTrxLog.setObjectId(vObj.getId()); - xTrxLog.setObjectName(vObj.getName()); - xTrxLog.setParentObjectClassType(AppConstants.CLASS_TYPE_XA_ASSET); - xTrxLog.setParentObjectId(vObj.getAssetId()); - xTrxLog.setParentObjectName(parentObjectName); - trxLogList.add(xTrxLog); - } - - return trxLogList; - } - - @Override - public VXResource readResource(Long id){ - VXResource vXResource = super.readResource(id); - - VXResponse vXResponse = xaBizUtil.hasPermission(vXResource, - AppConstants.XA_PERM_TYPE_ADMIN); - if (vXResponse.getStatusCode() == VXResponse.STATUS_ERROR) { - throw restErrorUtil.createRESTException( - "You don't have permission to perform this action", - MessageEnums.OPER_NO_PERMISSION, id, "Resource", - "Trying to read unauthorized resource."); - } - - populateAssetProperties(vXResource); - populatePermList(vXResource); - populateAuditList(vXResource); - return vXResource; - } - - public VXResourceList searchXResourcesWithoutLogin(SearchCriteria searchCriteria) { - VXResourceList returnList = super.searchXResources(searchCriteria); - if(returnList!=null && returnList.getResultSize()>0){ - for (VXResource vXResource : returnList.getVXResources()) { - populateAuditList(vXResource); - } - } - return returnList; - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XResourceServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XResourceServiceBase.java b/security-admin/src/main/java/com/xasecure/service/XResourceServiceBase.java deleted file mode 100644 index 4007c34..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XResourceServiceBase.java +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -/** - * - */ - -import java.util.ArrayList; -import java.util.List; - -import com.xasecure.common.*; -import com.xasecure.entity.*; -import com.xasecure.view.*; -import com.xasecure.service.*; - -public abstract class XResourceServiceBase - extends AbstractBaseResourceService { - public static final String NAME = "XResource"; - - public XResourceServiceBase() { - - } - - @SuppressWarnings("unchecked") - @Override - protected XXResource mapViewToEntityBean(VXResource vObj, XXResource mObj, int OPERATION_CONTEXT) { - mObj.setName( vObj.getName()); - mObj.setDescription( vObj.getDescription()); - mObj.setResourceType( vObj.getResourceType()); - mObj.setAssetId( vObj.getAssetId()); - mObj.setParentId( vObj.getParentId()); - mObj.setParentPath( vObj.getParentPath()); - mObj.setIsEncrypt( vObj.getIsEncrypt()); - mObj.setIsRecursive( vObj.getIsRecursive()); - mObj.setResourceGroup( vObj.getResourceGroup()); - mObj.setDatabases( vObj.getDatabases()); - mObj.setTables( vObj.getTables()); - mObj.setColumnFamilies( vObj.getColumnFamilies()); - mObj.setColumns( vObj.getColumns()); - mObj.setUdfs( vObj.getUdfs()); - mObj.setResourceStatus( vObj.getResourceStatus()); - mObj.setTableType( vObj.getTableType()); - mObj.setColumnType( vObj.getColumnType()); - mObj.setPolicyName( vObj.getPolicyName()); - mObj.setTopologies( vObj.getTopologies()); - mObj.setServices( vObj.getServices()); - return mObj; - } - - @SuppressWarnings("unchecked") - @Override - protected VXResource mapEntityToViewBean(VXResource vObj, XXResource mObj) { - vObj.setName( mObj.getName()); - vObj.setDescription( mObj.getDescription()); - vObj.setResourceType( mObj.getResourceType()); - vObj.setAssetId( mObj.getAssetId()); - vObj.setParentId( mObj.getParentId()); - vObj.setParentPath( mObj.getParentPath()); - vObj.setIsEncrypt( mObj.getIsEncrypt()); - vObj.setIsRecursive( mObj.getIsRecursive()); - vObj.setResourceGroup( mObj.getResourceGroup()); - vObj.setDatabases( mObj.getDatabases()); - vObj.setTables( mObj.getTables()); - vObj.setColumnFamilies( mObj.getColumnFamilies()); - vObj.setColumns( mObj.getColumns()); - vObj.setUdfs( mObj.getUdfs()); - vObj.setResourceStatus( mObj.getResourceStatus()); - vObj.setTableType( mObj.getTableType()); - vObj.setColumnType( mObj.getColumnType()); - vObj.setPolicyName( mObj.getPolicyName()); - vObj.setTopologies( mObj.getTopologies()); - vObj.setServices( mObj.getServices()); - return vObj; - } - - /** - * @param searchCriteria - * @return - */ - public VXResourceList searchXResources(SearchCriteria searchCriteria) { - VXResourceList returnList = new VXResourceList(); - List xResourceList = new ArrayList(); - - @SuppressWarnings("unchecked") - List resultList = (List)searchResources(searchCriteria, - searchFields, sortFields, returnList); - - // Iterate over the result list and create the return list - for (XXResource gjXResource : resultList) { - @SuppressWarnings("unchecked") - VXResource vXResource = populateViewBean((T)gjXResource); - xResourceList.add(vXResource); - } - - returnList.setVXResources(xResourceList); - return returnList; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XTrxLogService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XTrxLogService.java b/security-admin/src/main/java/com/xasecure/service/XTrxLogService.java deleted file mode 100644 index 66c445b..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XTrxLogService.java +++ /dev/null @@ -1,461 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.Date; -import java.util.List; -import java.util.Map; - -import javax.persistence.EntityManager; -import javax.persistence.TypedQuery; -import javax.persistence.criteria.CriteriaBuilder; -import javax.persistence.criteria.CriteriaQuery; -import javax.persistence.criteria.ParameterExpression; -import javax.persistence.criteria.Predicate; -import javax.persistence.criteria.Root; -import javax.persistence.criteria.Subquery; -import javax.persistence.metamodel.EntityType; -import javax.persistence.metamodel.Metamodel; -import javax.persistence.metamodel.SingularAttribute; - -import com.xasecure.common.SearchCriteria; -import com.xasecure.common.SearchField; -import com.xasecure.common.SortField; -import com.xasecure.common.SortField.SORT_ORDER; -import com.xasecure.db.XADaoManager; -import com.xasecure.view.*; -import com.xasecure.entity.*; -import com.xasecure.entity.view.VXXTrxLog; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Scope; -import org.springframework.stereotype.Service; - -@Service -@Scope("singleton") -public class XTrxLogService extends XTrxLogServiceBase { - @Autowired - XADaoManager xADaoManager; - public XTrxLogService(){ - searchFields.add(new SearchField("attributeName", "obj.attributeName", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("action", "obj.action", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - searchFields.add(new SearchField("sessionId", "obj.sessionId", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("startDate", "obj.createTime", - SearchField.DATA_TYPE.DATE, SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN)); - searchFields.add(new SearchField("endDate", "obj.createTime", - SearchField.DATA_TYPE.DATE, SearchField.SEARCH_TYPE.LESS_EQUAL_THAN)); - searchFields.add(new SearchField("owner", "obj.addedByUserId", - SearchField.DATA_TYPE.INT_LIST, SearchField.SEARCH_TYPE.FULL)); - searchFields.add(new SearchField("objectClassType", "obj.objectClassType", - SearchField.DATA_TYPE.INT_LIST, SearchField.SEARCH_TYPE.FULL)); - - sortFields.add(new SortField("createDate", "obj.createTime", true, SORT_ORDER.DESC)); - } - - @Override - protected void validateForCreate(VXTrxLog vObj) {} - - @Override - protected void validateForUpdate(VXTrxLog vObj, XXTrxLog mObj) {} - - @Override - public VXTrxLogList searchXTrxLogs(SearchCriteria searchCriteria) { - - EntityManager em = daoMgr.getEntityManager(); - CriteriaBuilder criteriaBuilder = em.getCriteriaBuilder(); - Metamodel entityMetaModel = em.getMetamodel(); - Class klass = VXXTrxLog.class; - EntityType entityType = entityMetaModel.entity(klass); - CriteriaQuery selectCQ = criteriaBuilder.createQuery(klass); - Root rootEntityType = selectCQ.from(klass); - Predicate predicate = criteriaBuilder.conjunction(); - String fieldName=null; - String clientFieldName =null; - Object paramValue = null; - boolean isListValue = false; - SingularAttribute attr =null; - Collection intValueList = null; - Date fieldValue =null; - Predicate stringPredicate =null; - Predicate intPredicate = null; - Predicate datePredicate =null; - Map paramList = searchCriteria.getParamList(); - for(String key : paramList.keySet()){ - for(SearchField searchField : searchFields){ - fieldName = searchField.getFieldName(); - clientFieldName = searchField.getClientFieldName(); - paramValue = paramList.get(key); - isListValue = false; - if (paramValue != null && paramValue instanceof Collection) { - isListValue = true; - } - if(fieldName != null){ - fieldName = fieldName.contains(".") ? fieldName.substring(fieldName.indexOf(".") + 1) : fieldName; - } - if(key.equalsIgnoreCase(clientFieldName)){ - // build where clause depending upon given parameters - if(searchField.getDataType() == SearchField.DATA_TYPE.STRING) { - // build where clause for String datatypes - attr = entityType.getSingularAttribute(fieldName); - if(attr != null){ - stringPredicate = criteriaBuilder.equal(rootEntityType.get(attr), paramValue); - if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.PARTIAL)) { - String val = "%" + paramValue + "%"; - stringPredicate = criteriaBuilder.like(rootEntityType.get(attr), val); - } - predicate = criteriaBuilder.and(predicate, stringPredicate); - - } - } else if (searchField.getDataType() == SearchField.DATA_TYPE.INT_LIST || - isListValue && searchField.getDataType() == SearchField.DATA_TYPE.INTEGER) { - // build where clause for integer lists or integers datatypes - intValueList = null; - if (paramValue != null && (paramValue instanceof Integer || paramValue instanceof Long)) { - intValueList = new ArrayList(); - intValueList.add((Number) paramValue); - } else { - intValueList = (Collection) paramValue; - } - for(Number value : intValueList){ - attr = entityType.getSingularAttribute(fieldName); - if(attr != null){ - intPredicate = criteriaBuilder.equal(rootEntityType.get(attr), value); - predicate = criteriaBuilder.and(predicate, intPredicate); - } - } - - } else if (searchField.getDataType() == SearchField.DATA_TYPE.DATE){ - // build where clause for date datatypes - fieldValue = (Date) paramList.get(searchField - .getClientFieldName()); - attr = entityType.getSingularAttribute(fieldName); - if (fieldValue != null) { - if (searchField.getCustomCondition() == null) { - datePredicate = criteriaBuilder.equal(rootEntityType.get(attr), fieldValue); - if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_THAN)) { - datePredicate = criteriaBuilder.lessThan(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_EQUAL_THAN)) { - datePredicate = criteriaBuilder.lessThanOrEqualTo(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_THAN)) { - datePredicate = criteriaBuilder.greaterThan(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN)) { - datePredicate = criteriaBuilder.greaterThanOrEqualTo(rootEntityType.get(attr), fieldValue); - } else { - datePredicate = criteriaBuilder.equal(rootEntityType.get(attr), fieldValue); - } - predicate = criteriaBuilder.and(predicate, datePredicate); - } - } - - } - } - } - } - - selectCQ.where(predicate); - if(searchCriteria.getSortType()!=null && searchCriteria.getSortType().equalsIgnoreCase("asc")){ - selectCQ.orderBy(criteriaBuilder.asc(rootEntityType.get("createTime"))); - }else{ - selectCQ.orderBy(criteriaBuilder.desc(rootEntityType.get("createTime"))); - } - int startIndex = searchCriteria.getStartIndex(); - int pageSize = searchCriteria.getMaxRows(); - List resultList = em.createQuery(selectCQ).setFirstResult(startIndex).setMaxResults(pageSize).getResultList(); - VXTrxLogList vxTrxLogList = new VXTrxLogList(); - vxTrxLogList.setStartIndex(startIndex); - vxTrxLogList.setPageSize(pageSize); - List trxLogList = new ArrayList(); - XXPortalUser xXPortalUser=null; - for(VXXTrxLog xTrxLog : resultList){ - VXTrxLog trxLog = mapCustomViewToViewObj(xTrxLog); - xXPortalUser=null; - if(trxLog.getUpdatedBy()!=null){ - xXPortalUser= xADaoManager.getXXPortalUser().getById( - Long.parseLong(trxLog.getUpdatedBy())); - } - if(xXPortalUser!=null){ - trxLog.setOwner(xXPortalUser.getLoginId()); - } - trxLogList.add(trxLog); - } - //vxTrxLogList.setTotalCount(count); - vxTrxLogList.setVXTrxLogs(trxLogList); - return vxTrxLogList; - } - - public Long searchXTrxLogsCount(SearchCriteria searchCriteria) { - - EntityManager em = daoMgr.getEntityManager(); - CriteriaBuilder criteriaBuilder = em.getCriteriaBuilder(); - Class klass = VXXTrxLog.class; - CriteriaQuery criteriaQuery = criteriaBuilder.createQuery(klass); - Root rootEntityType = criteriaQuery.from(klass); - Metamodel entityMetaModel = em.getMetamodel(); - EntityType entityType = entityMetaModel.entity(klass); - CriteriaQuery selectCQ = criteriaQuery.select(rootEntityType); - Map paramList = searchCriteria.getParamList(); - CriteriaQuery countCQ = criteriaBuilder.createQuery(Long.class); - Root countEntityType = countCQ.from(klass); - Predicate predicate = criteriaBuilder.conjunction(); - String fieldName=null; - String clientFieldName =null; - Object paramValue = null; - boolean isListValue = false; - SingularAttribute attr =null; - Collection intValueList = null; - Date fieldValue =null; - Predicate stringPredicate =null; - Predicate intPredicate = null; - Predicate datePredicate =null; - for(String key : paramList.keySet()){ - for(SearchField searchField : searchFields){ - fieldName = searchField.getFieldName(); - clientFieldName = searchField.getClientFieldName(); - paramValue = paramList.get(key); - isListValue = false; - if (paramValue != null && paramValue instanceof Collection) { - isListValue = true; - } - if(fieldName != null){ - fieldName = fieldName.contains(".") ? fieldName.substring(fieldName.indexOf(".") + 1) : fieldName; - } - if(key.equalsIgnoreCase(clientFieldName)){ - // build where clause depending upon given parameters - if(searchField.getDataType() == SearchField.DATA_TYPE.STRING) { - // build where clause for String datatypes - attr = entityType.getSingularAttribute(fieldName); - if(attr != null){ - stringPredicate = criteriaBuilder.equal(rootEntityType.get(attr), paramValue); - if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.PARTIAL)) { - String val = "%" + paramValue + "%"; - stringPredicate = criteriaBuilder.like(rootEntityType.get(attr), val); - } - predicate = criteriaBuilder.and(predicate, stringPredicate); - - } - } else if (searchField.getDataType() == SearchField.DATA_TYPE.INT_LIST || - isListValue && searchField.getDataType() == SearchField.DATA_TYPE.INTEGER) { - // build where clause for integer lists or integers datatypes - intValueList = null; - if (paramValue != null && (paramValue instanceof Integer || paramValue instanceof Long)) { - intValueList = new ArrayList(); - intValueList.add((Number) paramValue); - } else { - intValueList = (Collection) paramValue; - } - for(Number value : intValueList){ - attr = entityType.getSingularAttribute(fieldName); - if(attr != null){ - intPredicate = criteriaBuilder.equal(rootEntityType.get(attr), value); - predicate = criteriaBuilder.and(predicate, intPredicate); - } - } - - } else if (searchField.getDataType() == SearchField.DATA_TYPE.DATE){ - // build where clause for date datatypes - fieldValue = (Date) paramList.get(searchField - .getClientFieldName()); - attr = entityType.getSingularAttribute(fieldName); - if (fieldValue != null) { - if (searchField.getCustomCondition() == null) { - datePredicate = criteriaBuilder.equal(rootEntityType.get(attr), fieldValue); - if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_THAN)) { - datePredicate = criteriaBuilder.lessThan(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_EQUAL_THAN)) { - datePredicate = criteriaBuilder.lessThanOrEqualTo(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_THAN)) { - datePredicate = criteriaBuilder.greaterThan(rootEntityType.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN)) { - datePredicate = criteriaBuilder.greaterThanOrEqualTo(rootEntityType.get(attr), fieldValue); - } else { - datePredicate = criteriaBuilder.equal(rootEntityType.get(attr), fieldValue); - } - predicate = criteriaBuilder.and(predicate, datePredicate); - } - } - - } - } - } - } - countCQ.select(criteriaBuilder.count(rootEntityType)).where(predicate); - List countList = em.createQuery(countCQ).getResultList(); - Long count = 0L; - if(countList != null && countList.size() > 0) { - count = countList.get(0); - if(count == null) { - count = 0L; - } - } - return count; - } - - @SuppressWarnings({ "rawtypes", "unchecked" }) - private Predicate buildWhereClause(Predicate predicate, Map paramList, EntityType trxLogEntity, - CriteriaBuilder criteriaBuilder, Root root){ - - for(String key : paramList.keySet()) { - for(SearchField searchField : searchFields){ - - String fieldName = searchField.getFieldName(); - String clientFieldName = searchField.getClientFieldName(); - - Object paramValue = paramList.get(key); - boolean isListValue = false; - - if (paramValue != null && paramValue instanceof Collection) { - isListValue = true; - } - - if(fieldName != null){ - fieldName = fieldName.contains(".") ? fieldName.substring(fieldName.indexOf(".") + 1) : fieldName; - } - - if(key.equalsIgnoreCase(clientFieldName)){ - // build where clause depending upon given parameters - if(searchField.getDataType() == SearchField.DATA_TYPE.STRING) { - // build where clause for String datatypes - SingularAttribute attr = trxLogEntity.getSingularAttribute(fieldName); - if(attr != null){ - Predicate stringPredicate = criteriaBuilder.equal(root.get(attr), paramValue); - predicate = criteriaBuilder.and(predicate, stringPredicate); - } - } else if (searchField.getDataType() == SearchField.DATA_TYPE.INT_LIST || - isListValue && searchField.getDataType() == SearchField.DATA_TYPE.INTEGER) { - // build where clause for integer lists or integers datatypes - Collection intValueList = null; - if (paramValue != null && (paramValue instanceof Integer || paramValue instanceof Long)) { - intValueList = new ArrayList(); - intValueList.add((Number) paramValue); - } else { - intValueList = (Collection) paramValue; - } - for(Number value : intValueList){ - SingularAttribute attr = trxLogEntity.getSingularAttribute(fieldName); - if(attr != null){ - Predicate intPredicate = criteriaBuilder.equal(root.get(attr), value); - predicate = criteriaBuilder.and(predicate, intPredicate); - } - } - } else if (searchField.getDataType() == SearchField.DATA_TYPE.DATE){ - // build where clause for date datatypes - Date fieldValue = (Date) paramList.get(searchField - .getClientFieldName()); - SingularAttribute attr = trxLogEntity.getSingularAttribute(fieldName); - if (fieldValue != null) { - if (searchField.getCustomCondition() == null) { - Predicate datePredicate = criteriaBuilder.equal(root.get(attr), fieldValue); - if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_THAN)) { - datePredicate = criteriaBuilder.lessThan(root.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.LESS_EQUAL_THAN)) { - datePredicate = criteriaBuilder.lessThanOrEqualTo(root.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_THAN)) { - datePredicate = criteriaBuilder.greaterThan(root.get(attr), fieldValue); - } else if (searchField.getSearchType().equals(SearchField.SEARCH_TYPE.GREATER_EQUAL_THAN)) { - datePredicate = criteriaBuilder.greaterThanOrEqualTo(root.get(attr), fieldValue); - } else { - datePredicate = criteriaBuilder.equal(root.get(attr), fieldValue); - } - predicate = criteriaBuilder.and(predicate, datePredicate); - } - } - } - } - } - } - return predicate; - } - - private VXTrxLog mapCustomViewToViewObj(VXXTrxLog vXXTrxLog){ - VXTrxLog vXTrxLog = new VXTrxLog(); - vXTrxLog.setId(vXXTrxLog.getId()); - vXTrxLog.setAction(vXXTrxLog.getAction()); - vXTrxLog.setAttributeName(vXXTrxLog.getAttributeName()); - vXTrxLog.setCreateDate(vXXTrxLog.getCreateTime()); - vXTrxLog.setNewValue(vXXTrxLog.getNewValue()); - vXTrxLog.setPreviousValue(vXXTrxLog.getPreviousValue()); - vXTrxLog.setSessionId(vXXTrxLog.getSessionId()); - if(vXXTrxLog.getUpdatedByUserId()==null || vXXTrxLog.getUpdatedByUserId()==0){ - vXTrxLog.setUpdatedBy(null); - }else{ - vXTrxLog.setUpdatedBy(String.valueOf(vXXTrxLog.getUpdatedByUserId())); - } - //We will have to get this from XXUser - //vXTrxLog.setOwner(vXXTrxLog.getAddedByUserName()); - vXTrxLog.setParentObjectClassType(vXXTrxLog.getParentObjectClassType()); - vXTrxLog.setParentObjectName(vXXTrxLog.getParentObjectName()); - vXTrxLog.setObjectClassType(vXXTrxLog.getObjectClassType()); - vXTrxLog.setObjectId(vXXTrxLog.getObjectId()); - vXTrxLog.setObjectName(vXXTrxLog.getObjectName()); - vXTrxLog.setTransactionId(vXXTrxLog.getTransactionId()); - return vXTrxLog; - } - - @Override - protected XXTrxLog mapViewToEntityBean(VXTrxLog vObj, XXTrxLog mObj, int OPERATION_CONTEXT) { - super.mapViewToEntityBean(vObj, mObj, OPERATION_CONTEXT); - if(vObj!=null && mObj!=null){ - XXPortalUser xXPortalUser=null; - if(mObj.getAddedByUserId()==null || mObj.getAddedByUserId()==0){ - if(!stringUtil.isEmpty(vObj.getOwner())){ - xXPortalUser=xADaoManager.getXXPortalUser().findByLoginId(vObj.getOwner()); - if(xXPortalUser!=null){ - mObj.setAddedByUserId(xXPortalUser.getId()); - } - } - } - if(mObj.getUpdatedByUserId()==null || mObj.getUpdatedByUserId()==0){ - if(!stringUtil.isEmpty(vObj.getUpdatedBy())){ - xXPortalUser= xADaoManager.getXXPortalUser().findByLoginId(vObj.getUpdatedBy()); - if(xXPortalUser!=null){ - mObj.setUpdatedByUserId(xXPortalUser.getId()); - } - } - } - } - return mObj; - } - - @Override - protected VXTrxLog mapEntityToViewBean(VXTrxLog vObj, XXTrxLog mObj) { - super.mapEntityToViewBean(vObj, mObj); - if(mObj!=null && vObj!=null){ - XXPortalUser xXPortalUser=null; - if(stringUtil.isEmpty(vObj.getOwner())){ - xXPortalUser= xADaoManager.getXXPortalUser().getById(mObj.getAddedByUserId()); - if(xXPortalUser!=null){ - vObj.setOwner(xXPortalUser.getLoginId()); - } - } - if(stringUtil.isEmpty(vObj.getUpdatedBy())){ - xXPortalUser= xADaoManager.getXXPortalUser().getById(mObj.getUpdatedByUserId()); - if(xXPortalUser!=null){ - vObj.setUpdatedBy(xXPortalUser.getLoginId()); - } - } - } - return vObj; - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XTrxLogServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XTrxLogServiceBase.java b/security-admin/src/main/java/com/xasecure/service/XTrxLogServiceBase.java deleted file mode 100644 index 5fdf21f..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XTrxLogServiceBase.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -/** - * - */ - -import java.util.ArrayList; -import java.util.List; - -import com.xasecure.common.*; -import com.xasecure.entity.*; -import com.xasecure.view.*; -import com.xasecure.service.*; - -public abstract class XTrxLogServiceBase - extends AbstractBaseResourceService { - public static final String NAME = "XTrxLog"; - - public XTrxLogServiceBase() { - - } - - @SuppressWarnings("unchecked") - @Override - protected XXTrxLog mapViewToEntityBean(VXTrxLog vObj, XXTrxLog mObj, int OPERATION_CONTEXT) { - mObj.setObjectClassType( vObj.getObjectClassType()); - mObj.setObjectId( vObj.getObjectId()); - mObj.setParentObjectId( vObj.getParentObjectId()); - mObj.setParentObjectClassType( vObj.getParentObjectClassType()); - mObj.setParentObjectName( vObj.getParentObjectName()); - mObj.setObjectName( vObj.getObjectName()); - mObj.setAttributeName( vObj.getAttributeName()); - mObj.setPreviousValue( vObj.getPreviousValue()); - mObj.setNewValue( vObj.getNewValue()); - mObj.setTransactionId( vObj.getTransactionId()); - mObj.setAction( vObj.getAction()); - mObj.setSessionId( vObj.getSessionId()); - mObj.setRequestId( vObj.getRequestId()); - mObj.setSessionType( vObj.getSessionType()); - return mObj; - } - - @SuppressWarnings("unchecked") - @Override - protected VXTrxLog mapEntityToViewBean(VXTrxLog vObj, XXTrxLog mObj) { - vObj.setObjectClassType( mObj.getObjectClassType()); - vObj.setObjectId( mObj.getObjectId()); - vObj.setParentObjectId( mObj.getParentObjectId()); - vObj.setParentObjectClassType( mObj.getParentObjectClassType()); - vObj.setParentObjectName( mObj.getParentObjectName()); - vObj.setObjectName( mObj.getObjectName()); - vObj.setAttributeName( mObj.getAttributeName()); - vObj.setPreviousValue( mObj.getPreviousValue()); - vObj.setNewValue( mObj.getNewValue()); - vObj.setTransactionId( mObj.getTransactionId()); - vObj.setAction( mObj.getAction()); - vObj.setSessionId( mObj.getSessionId()); - vObj.setRequestId( mObj.getRequestId()); - vObj.setSessionType( mObj.getSessionType()); - return vObj; - } - - /** - * @param searchCriteria - * @return - */ - public VXTrxLogList searchXTrxLogs(SearchCriteria searchCriteria) { - VXTrxLogList returnList = new VXTrxLogList(); - List xTrxLogList = new ArrayList(); - - @SuppressWarnings("unchecked") - List resultList = (List)searchResources(searchCriteria, - searchFields, sortFields, returnList); - - // Iterate over the result list and create the return list - for (XXTrxLog gjXTrxLog : resultList) { - @SuppressWarnings("unchecked") - VXTrxLog vXTrxLog = populateViewBean((T)gjXTrxLog); - xTrxLogList.add(vXTrxLog); - } - - returnList.setVXTrxLogs(xTrxLogList); - return returnList; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XUserService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XUserService.java b/security-admin/src/main/java/com/xasecure/service/XUserService.java deleted file mode 100644 index af44969..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XUserService.java +++ /dev/null @@ -1,380 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -import java.lang.reflect.Field; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.HashSet; -import java.util.LinkedHashSet; -import java.util.List; -import java.util.Set; - -import com.xasecure.common.XACommonEnums; -import com.xasecure.common.MessageEnums; -import com.xasecure.common.PropertiesUtil; -import com.xasecure.common.SearchField; -import com.xasecure.common.SortField; -import com.xasecure.common.StringUtil; -import com.xasecure.common.XAConstants; -import com.xasecure.entity.XXPortalUser; -import com.xasecure.entity.XXPortalUserRole; -import com.xasecure.view.VXPortalUser; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Scope; -import org.springframework.stereotype.Service; - -import com.xasecure.biz.XABizUtil; -import com.xasecure.common.AppConstants; -import com.xasecure.common.view.VTrxLogAttr; -import com.xasecure.db.XADaoManager; -import com.xasecure.entity.*; -import com.xasecure.util.XAEnumUtil; -import com.xasecure.view.*; - -@Service -@Scope("singleton") -public class XUserService extends XUserServiceBase { - - public static Long createdByUserId = 1L; - - @Autowired - XADaoManager daoManager; - - @Autowired - XPermMapService xPermMapService; - - @Autowired - StringUtil stringUtil; - - @Autowired - XAEnumUtil xaEnumUtil; - - @Autowired - XABizUtil xaBizUtil; - - String hiddenPasswordString; - - static HashMap trxLogAttrs = new HashMap(); - static { - trxLogAttrs.put("name", new VTrxLogAttr("name", "Login ID", false)); - trxLogAttrs.put("firstName", new VTrxLogAttr("firstName", "First Name", - false)); - trxLogAttrs.put("lastName", new VTrxLogAttr("lastName", "Last Name", - false)); - trxLogAttrs.put("emailAddress", new VTrxLogAttr("emailAddress", - "Email Address", false)); - trxLogAttrs.put("password", new VTrxLogAttr("password", "Password", - false)); - trxLogAttrs.put("userRoleList", new VTrxLogAttr("userRoleList", "User Role", - false)); - - } - - public XUserService() { - searchFields.add(new SearchField("name", "obj.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL)); - - searchFields.add(new SearchField("emailAddress", "xXPortalUser.emailAddress", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL, - "XXPortalUser xXPortalUser", "xXPortalUser.loginId = obj.name ")); - - searchFields.add(new SearchField("userName", "obj.name", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL)); - - searchFields.add(new SearchField("userSource", "xXPortalUser.userSource", - SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL, - "XXPortalUser xXPortalUser", "xXPortalUser.loginId = obj.name ")); - - searchFields.add(new SearchField("userRoleList", "xXPortalUserRole.userRole", - SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL, - "XXPortalUser xXPortalUser, XXPortalUserRole xXPortalUserRole", - "xXPortalUser.id=xXPortalUserRole.userId and xXPortalUser.loginId = obj.name ")); - - - createdByUserId = new Long(PropertiesUtil.getIntProperty( - "xa.xuser.createdByUserId", 1)); - - hiddenPasswordString = PropertiesUtil.getProperty("xa.password.hidden", - "*****"); - - sortFields.add(new SortField("name", "obj.name",true,SortField.SORT_ORDER.ASC)); - - } - - @Override - protected void validateForCreate(VXUser vObj) { - - XXUser xUser = daoManager.getXXUser().findByUserName(vObj.getName()); - if (xUser != null) { - throw restErrorUtil.createRESTException("XUser already exists", - MessageEnums.ERROR_DUPLICATE_OBJECT); - } - - } - - @Override - protected void validateForUpdate(VXUser vObj, XXUser mObj) { - String vObjName = vObj.getName(); - String mObjName = mObj.getName(); - if (vObjName != null && mObjName != null) { - if (!vObjName.trim().equals(mObjName.trim())) { - validateForCreate(vObj); - } - } - } - - public VXUser getXUserByUserName(String userName) { - XXUser xxUser = daoManager.getXXUser().findByUserName(userName); - if (xxUser == null) { - throw restErrorUtil.createRESTException(userName + " is Not Found", - MessageEnums.DATA_NOT_FOUND); - } - return super.populateViewBean(xxUser); - - } - - public VXUser createXUserWithOutLogin(VXUser vxUser) { - XXUser xxUser = daoManager.getXXUser().findByUserName(vxUser.getName()); - boolean userExists = true; - if (xxUser == null) { - xxUser = new XXUser(); - userExists = false; - } - - xxUser = mapViewToEntityBean(vxUser, xxUser, 0); - XXPortalUser xXPortalUser = daoManager.getXXPortalUser().getById(createdByUserId); - if (xXPortalUser != null) { - xxUser.setAddedByUserId(createdByUserId); - xxUser.setUpdatedByUserId(createdByUserId); - } - - if (userExists) { - xxUser = getDao().update(xxUser); - } else { - xxUser = getDao().create(xxUser); - } - vxUser = postCreate(xxUser); - return vxUser; - } - - public VXUser readResourceWithOutLogin(Long id) { - XXUser resource = getDao().getById(id); - if (resource == null) { - // Returns code 400 with DATA_NOT_FOUND as the error message - throw restErrorUtil.createRESTException(getResourceName() - + " not found", MessageEnums.DATA_NOT_FOUND, id, null, - "preRead: " + id + " not found."); - } - - VXUser vxUser = populateViewBean(resource); - return vxUser; - } - - @Override - protected VXUser mapEntityToViewBean(VXUser vObj, XXUser mObj) { - super.mapEntityToViewBean(vObj, mObj); - String userName = vObj.getName(); - populateUserAttributes(userName, vObj); - return vObj; - } - - @Override - public VXUser populateViewBean(XXUser xUser) { - VXUser vObj = super.populateViewBean(xUser); - String userName = vObj.getName(); - populateUserAttributes(userName, vObj); - populateGroupList(xUser.getId(), vObj); - return vObj; - } - - private void populateGroupList(Long xUserId, VXUser vObj) { - List xGroupUserList = daoManager.getXXGroupUser() - .findByUserId(xUserId); - Set groupIdList = new LinkedHashSet(); - Set groupNameList = new LinkedHashSet(); - if (xGroupUserList != null) { - for (XXGroupUser xGroupUser : xGroupUserList) { - groupIdList.add(xGroupUser.getParentGroupId()); - groupNameList.add(xGroupUser.getName()); - } - } - List groups = new ArrayList(groupIdList); - List groupNames = new ArrayList(groupNameList); - vObj.setGroupIdList(groups); - vObj.setGroupNameList(groupNames); - } - - private void populateUserAttributes(String userName, VXUser vObj) { - if (userName != null && !userName.isEmpty()) { - List userRoleList =new ArrayList(); - XXPortalUser xXPortalUser = daoManager.getXXPortalUser().findByLoginId(userName); - if (xXPortalUser != null) { - vObj.setFirstName(xXPortalUser.getFirstName()); - vObj.setLastName(xXPortalUser.getLastName()); - vObj.setPassword(PropertiesUtil - .getProperty("xa.password.hidden")); - String emailAddress = xXPortalUser.getEmailAddress(); - if (emailAddress != null - && stringUtil.validateEmail(emailAddress)) { - vObj.setEmailAddress(xXPortalUser.getEmailAddress()); - } - vObj.setStatus(xXPortalUser.getStatus()); - vObj.setUserSource(xXPortalUser.getUserSource()); - List gjUserRoleList = daoMgr.getXXPortalUserRole().findByParentId( - xXPortalUser.getId()); - - for (XXPortalUserRole gjUserRole : gjUserRoleList) { - userRoleList.add(gjUserRole.getUserRole()); - } - } - if(userRoleList==null || userRoleList.size()==0){ - userRoleList.add(XAConstants.ROLE_USER); - } - vObj.setUserRoleList(userRoleList); - } - } - - public List getTransactionLog(VXUser vResource, String action) { - return getTransactionLog(vResource, null, action); - } - - public List getTransactionLog(VXUser vObj, VXPortalUser mObj, - String action) { - if (vObj == null - && (action == null || !action.equalsIgnoreCase("update"))) { - return null; - } - - List trxLogList = new ArrayList(); - try { - Field nameField = vObj.getClass().getDeclaredField("name"); - nameField.setAccessible(true); - String objectName = "" + nameField.get(vObj); - Field[] fields = vObj.getClass().getDeclaredFields(); - - for (Field field : fields) { - field.setAccessible(true); - String fieldName = field.getName(); - if (!trxLogAttrs.containsKey(fieldName)) { - continue; - } - - VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName); - - XXTrxLog xTrxLog = new XXTrxLog(); - xTrxLog.setAttributeName(vTrxLogAttr - .getAttribUserFriendlyName()); - - String value = null; - if (vTrxLogAttr.isEnum()) { - String enumName = XXUser.getEnumName(fieldName); - int enumValue = field.get(vObj) == null ? 0 : Integer - .parseInt("" + field.get(vObj)); - value = xaEnumUtil.getLabel(enumName, enumValue); - } else { - value = "" + field.get(vObj); - if ((value == null || value.equalsIgnoreCase("null")) - && !action.equalsIgnoreCase("update")) { - continue; - } - } - - if (fieldName.equalsIgnoreCase("password")) { - if (value.equalsIgnoreCase(hiddenPasswordString)) { - continue; - } - } - - if (action.equalsIgnoreCase("create")) { - if (stringUtil.isEmpty(value) - || (fieldName.equalsIgnoreCase("emailAddress") && !stringUtil - .validateEmail(value))) { - continue; - } - xTrxLog.setNewValue(value); - } else if (action.equalsIgnoreCase("delete")) { - if (fieldName.equalsIgnoreCase("emailAddress") - && !stringUtil.validateEmail(value)) { - continue; - } - xTrxLog.setPreviousValue(value); - } else if (action.equalsIgnoreCase("update")) { - String oldValue = null; - Field[] mFields = mObj.getClass().getDeclaredFields(); - for (Field mField : mFields) { - mField.setAccessible(true); - String mFieldName = mField.getName(); - if (mFieldName.equalsIgnoreCase("loginId")) { - mFieldName = "name"; - } - if (fieldName.equalsIgnoreCase(mFieldName)) { - oldValue = mField.get(mObj) + ""; - break; - } - } - if (oldValue.equalsIgnoreCase(value)) { - continue; - } - if (fieldName.equalsIgnoreCase("emailAddress")) { - if (stringUtil.validateEmail(oldValue)) { - xTrxLog.setPreviousValue(oldValue); - } - if (stringUtil.validateEmail(value)) { - xTrxLog.setNewValue(value); - } - } else { - xTrxLog.setPreviousValue(oldValue); - xTrxLog.setNewValue(value); - } - } - - xTrxLog.setAction(action); - xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_USER); - xTrxLog.setObjectId(vObj.getId()); - xTrxLog.setObjectName(objectName); - - trxLogList.add(xTrxLog); - } - - if (trxLogList.size() == 0) { - XXTrxLog xTrxLog = new XXTrxLog(); - xTrxLog.setAction(action); - xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_XA_USER); - xTrxLog.setObjectId(vObj.getId()); - xTrxLog.setObjectName(objectName); - trxLogList.add(xTrxLog); - } - - } catch (IllegalArgumentException e) { - e.printStackTrace(); - } catch (IllegalAccessException e) { - e.printStackTrace(); - } catch (NoSuchFieldException e) { - e.printStackTrace(); - } catch (SecurityException e) { - e.printStackTrace(); - } - - return trxLogList; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/service/XUserServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/com/xasecure/service/XUserServiceBase.java b/security-admin/src/main/java/com/xasecure/service/XUserServiceBase.java deleted file mode 100644 index bf30a49..0000000 --- a/security-admin/src/main/java/com/xasecure/service/XUserServiceBase.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - - package com.xasecure.service; - -/** - * - */ - -import java.util.ArrayList; -import java.util.List; - -import com.xasecure.common.*; -import com.xasecure.entity.*; -import com.xasecure.view.*; -import com.xasecure.service.*; - -public abstract class XUserServiceBase - extends AbstractBaseResourceService { - public static final String NAME = "XUser"; - - public XUserServiceBase() { - - } - - @SuppressWarnings("unchecked") - @Override - protected XXUser mapViewToEntityBean(VXUser vObj, XXUser mObj, int OPERATION_CONTEXT) { - mObj.setName( vObj.getName()); - mObj.setDescription( vObj.getDescription()); - mObj.setCredStoreId( vObj.getCredStoreId()); - return mObj; - } - - @SuppressWarnings("unchecked") - @Override - protected VXUser mapEntityToViewBean(VXUser vObj, XXUser mObj) { - vObj.setName( mObj.getName()); - vObj.setDescription( mObj.getDescription()); - vObj.setCredStoreId( mObj.getCredStoreId()); - return vObj; - } - - /** - * @param searchCriteria - * @return - */ - public VXUserList searchXUsers(SearchCriteria searchCriteria) { - VXUserList returnList = new VXUserList(); - List xUserList = new ArrayList(); - - @SuppressWarnings("unchecked") - List resultList = (List)searchResources(searchCriteria, - searchFields, sortFields, returnList); - - // Iterate over the result list and create the return list - for (XXUser gjXUser : resultList) { - @SuppressWarnings("unchecked") - VXUser vXUser = populateViewBean((T)gjXUser); - xUserList.add(vXUser); - } - - returnList.setVXUsers(xUserList); - return returnList; - } - -}