Return-Path: X-Original-To: apmail-ranger-commits-archive@www.apache.org Delivered-To: apmail-ranger-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6CD051743A for ; Wed, 27 May 2015 02:52:33 +0000 (UTC) Received: (qmail 75749 invoked by uid 500); 27 May 2015 02:52:33 -0000 Delivered-To: apmail-ranger-commits-archive@ranger.apache.org Received: (qmail 75722 invoked by uid 500); 27 May 2015 02:52:33 -0000 Mailing-List: contact commits-help@ranger.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.incubator.apache.org Delivered-To: mailing list commits@ranger.incubator.apache.org Received: (qmail 75713 invoked by uid 99); 27 May 2015 02:52:33 -0000 Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 May 2015 02:52:33 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id D2F88C8F51 for ; Wed, 27 May 2015 02:52:32 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.771 X-Spam-Level: * X-Spam-Status: No, score=1.771 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id X8lrnzOtN1Ex for ; Wed, 27 May 2015 02:52:27 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with SMTP id 7580F20B92 for ; Wed, 27 May 2015 02:52:27 +0000 (UTC) Received: (qmail 75556 invoked by uid 99); 27 May 2015 02:52:27 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 May 2015 02:52:27 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 0AA1EDFF5E; Wed, 27 May 2015 02:52:27 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: madhan@apache.org To: commits@ranger.incubator.apache.org Date: Wed, 27 May 2015 02:52:27 -0000 Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: [1/5] incubator-ranger git commit: RANGER-246 Revert format changes to RangerBasePlugin Repository: incubator-ranger Updated Branches: refs/heads/tag-policy 51fba28de -> f796d82bd RANGER-246 Revert format changes to RangerBasePlugin Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/48a2cd1e Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/48a2cd1e Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/48a2cd1e Branch: refs/heads/tag-policy Commit: 48a2cd1ec74e1b90fd606042646f62d60c331007 Parents: ec7ac83 Author: Don Bosco Durai Authored: Tue May 26 11:22:18 2015 -0700 Committer: Don Bosco Durai Committed: Tue May 26 11:22:18 2015 -0700 ---------------------------------------------------------------------- .../ranger/plugin/service/RangerBasePlugin.java | 177 +++++++------------ 1 file changed, 68 insertions(+), 109 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/48a2cd1e/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java index 75ba6b9..8131ab6 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java @@ -43,23 +43,25 @@ import org.apache.ranger.plugin.util.GrantRevokeRequest; import org.apache.ranger.plugin.util.PolicyRefresher; import org.apache.ranger.plugin.util.ServicePolicies; + public class RangerBasePlugin { private static final Log LOG = LogFactory.getLog(RangerBasePlugin.class); - private String serviceType = null; - private String appId = null; - private String serviceName = null; - private PolicyRefresher refresher = null; - private RangerPolicyEngine policyEngine = null; + private String serviceType = null; + private String appId = null; + private String serviceName = null; + private PolicyRefresher refresher = null; + private RangerPolicyEngine policyEngine = null; private RangerPolicyEngineOptions policyEngineOptions = new RangerPolicyEngineOptions(); private RangerAccessResultProcessor resultProcessor = null; Map logHistoryList = new Hashtable(); int logInterval = 30000; // 30 seconds + public RangerBasePlugin(String serviceType, String appId) { this.serviceType = serviceType; - this.appId = appId; + this.appId = appId; } public String getServiceType() { @@ -75,8 +77,7 @@ public class RangerBasePlugin { public int getServiceDefId() { RangerServiceDef serviceDef = getServiceDef(); - return serviceDef != null && serviceDef.getId() != null ? serviceDef - .getId().intValue() : -1; + return serviceDef != null && serviceDef.getId() != null ? serviceDef.getId().intValue() : -1; } public String getAppId() { @@ -90,50 +91,29 @@ public class RangerBasePlugin { public void init() { cleanup(); - RangerConfiguration.getInstance().addResourcesForServiceType( - serviceType); + RangerConfiguration.getInstance().addResourcesForServiceType(serviceType); RangerConfiguration.getInstance().initAudit(appId); - String propertyPrefix = "ranger.plugin." + serviceType; - long pollingIntervalMs = RangerConfiguration.getInstance().getLong( - propertyPrefix + ".policy.pollIntervalMs", 30 * 1000); - String cacheDir = RangerConfiguration.getInstance().get( - propertyPrefix + ".policy.cache.dir"); - - serviceName = RangerConfiguration.getInstance().get( - propertyPrefix + ".service.name"); - - policyEngineOptions.evaluatorType = RangerConfiguration.getInstance() - .get(propertyPrefix + ".policyengine.option.evaluator.type", - RangerPolicyEvaluator.EVALUATOR_TYPE_CACHED); - policyEngineOptions.cacheAuditResults = RangerConfiguration - .getInstance().getBoolean( - propertyPrefix - + ".policyengine.option.cache.audit.results", - true); - policyEngineOptions.disableContextEnrichers = RangerConfiguration - .getInstance() - .getBoolean( - propertyPrefix - + ".policyengine.option.disable.context.enrichers", - false); - policyEngineOptions.disableCustomConditions = RangerConfiguration - .getInstance() - .getBoolean( - propertyPrefix - + ".policyengine.option.disable.custom.conditions", - false); + String propertyPrefix = "ranger.plugin." + serviceType; + long pollingIntervalMs = RangerConfiguration.getInstance().getLong(propertyPrefix + ".policy.pollIntervalMs", 30 * 1000); + String cacheDir = RangerConfiguration.getInstance().get(propertyPrefix + ".policy.cache.dir"); + + serviceName = RangerConfiguration.getInstance().get(propertyPrefix + ".service.name"); + + policyEngineOptions.evaluatorType = RangerConfiguration.getInstance().get(propertyPrefix + ".policyengine.option.evaluator.type", RangerPolicyEvaluator.EVALUATOR_TYPE_CACHED); + policyEngineOptions.cacheAuditResults = RangerConfiguration.getInstance().getBoolean(propertyPrefix + ".policyengine.option.cache.audit.results", true); + policyEngineOptions.disableContextEnrichers = RangerConfiguration.getInstance().getBoolean(propertyPrefix + ".policyengine.option.disable.context.enrichers", false); + policyEngineOptions.disableCustomConditions = RangerConfiguration.getInstance().getBoolean(propertyPrefix + ".policyengine.option.disable.custom.conditions", false); + RangerAdminClient admin = createAdminClient(propertyPrefix); - refresher = new PolicyRefresher(this, serviceType, appId, serviceName, - admin, pollingIntervalMs, cacheDir); + refresher = new PolicyRefresher(this, serviceType, appId, serviceName, admin, pollingIntervalMs, cacheDir); refresher.startRefresher(); } public void setPolicies(ServicePolicies policies) { - RangerPolicyEngine policyEngine = new RangerPolicyEngineImpl(policies, - policyEngineOptions); + RangerPolicyEngine policyEngine = new RangerPolicyEngineImpl(policies, policyEngineOptions); this.policyEngine = policyEngine; } @@ -141,11 +121,11 @@ public class RangerBasePlugin { public void cleanup() { PolicyRefresher refresher = this.refresher; - this.serviceName = null; + this.serviceName = null; this.policyEngine = null; - this.refresher = null; + this.refresher = null; - if (refresher != null) { + if(refresher != null) { refresher.stopRefresher(); } } @@ -162,16 +142,14 @@ public class RangerBasePlugin { return isAccessAllowed(request, resultProcessor); } - public Collection isAccessAllowed( - Collection requests) { + public Collection isAccessAllowed(Collection requests) { return isAccessAllowed(requests, resultProcessor); } - public RangerAccessResult isAccessAllowed(RangerAccessRequest request, - RangerAccessResultProcessor resultProcessor) { + public RangerAccessResult isAccessAllowed(RangerAccessRequest request, RangerAccessResultProcessor resultProcessor) { RangerPolicyEngine policyEngine = this.policyEngine; - if (policyEngine != null) { + if(policyEngine != null) { policyEngine.enrichContext(request); return policyEngine.isAccessAllowed(request, resultProcessor); @@ -180,12 +158,10 @@ public class RangerBasePlugin { return null; } - public Collection isAccessAllowed( - Collection requests, - RangerAccessResultProcessor resultProcessor) { + public Collection isAccessAllowed(Collection requests, RangerAccessResultProcessor resultProcessor) { RangerPolicyEngine policyEngine = this.policyEngine; - if (policyEngine != null) { + if(policyEngine != null) { policyEngine.enrichContext(requests); return policyEngine.isAccessAllowed(requests, resultProcessor); @@ -197,26 +173,24 @@ public class RangerBasePlugin { public RangerAccessResult createAccessResult(RangerAccessRequest request) { RangerPolicyEngine policyEngine = this.policyEngine; - if (policyEngine != null) { + if(policyEngine != null) { return policyEngine.createAccessResult(request); } return null; } - public void grantAccess(GrantRevokeRequest request, - RangerAccessResultProcessor resultProcessor) throws Exception { - if (LOG.isDebugEnabled()) { + public void grantAccess(GrantRevokeRequest request, RangerAccessResultProcessor resultProcessor) throws Exception { + if(LOG.isDebugEnabled()) { LOG.debug("==> RangerAdminRESTClient.grantAccess(" + request + ")"); } - PolicyRefresher refresher = this.refresher; - RangerAdminClient admin = refresher == null ? null : refresher - .getRangerAdminClient(); - boolean isSuccess = false; + PolicyRefresher refresher = this.refresher; + RangerAdminClient admin = refresher == null ? null : refresher.getRangerAdminClient(); + boolean isSuccess = false; try { - if (admin == null) { + if(admin == null) { throw new Exception("ranger-admin client is null"); } @@ -227,24 +201,22 @@ public class RangerBasePlugin { auditGrantRevoke(request, "grant", isSuccess, resultProcessor); } - if (LOG.isDebugEnabled()) { + if(LOG.isDebugEnabled()) { LOG.debug("<== RangerAdminRESTClient.grantAccess(" + request + ")"); } } - public void revokeAccess(GrantRevokeRequest request, - RangerAccessResultProcessor resultProcessor) throws Exception { - if (LOG.isDebugEnabled()) { + public void revokeAccess(GrantRevokeRequest request, RangerAccessResultProcessor resultProcessor) throws Exception { + if(LOG.isDebugEnabled()) { LOG.debug("==> RangerAdminRESTClient.revokeAccess(" + request + ")"); } - PolicyRefresher refresher = this.refresher; - RangerAdminClient admin = refresher == null ? null : refresher - .getRangerAdminClient(); - boolean isSuccess = false; + PolicyRefresher refresher = this.refresher; + RangerAdminClient admin = refresher == null ? null : refresher.getRangerAdminClient(); + boolean isSuccess = false; try { - if (admin == null) { + if(admin == null) { throw new Exception("ranger-admin client is null"); } @@ -255,72 +227,59 @@ public class RangerBasePlugin { auditGrantRevoke(request, "revoke", isSuccess, resultProcessor); } - if (LOG.isDebugEnabled()) { + if(LOG.isDebugEnabled()) { LOG.debug("<== RangerAdminRESTClient.revokeAccess(" + request + ")"); } } + private RangerAdminClient createAdminClient(String propertyPrefix) { - if (LOG.isDebugEnabled()) { - LOG.debug("==> RangerAdminRESTClient.createAdminClient(" - + propertyPrefix + ")"); + if(LOG.isDebugEnabled()) { + LOG.debug("==> RangerAdminRESTClient.createAdminClient(" + propertyPrefix + ")"); } RangerAdminClient ret = null; String propertyName = propertyPrefix + ".policy.source.impl"; - String policySourceImpl = RangerConfiguration.getInstance().get( - propertyName); + String policySourceImpl = RangerConfiguration.getInstance().get(propertyName); - if (StringUtils.isEmpty(policySourceImpl)) { + if(StringUtils.isEmpty(policySourceImpl)) { if (LOG.isDebugEnabled()) { - LOG.debug(String - .format("Value for property[%s] was null or empty. Unxpected! Will use policy source of type[%s]", - propertyName, - RangerAdminRESTClient.class.getName())); + LOG.debug(String.format("Value for property[%s] was null or empty. Unxpected! Will use policy source of type[%s]", propertyName, RangerAdminRESTClient.class.getName())); } } else { if (LOG.isDebugEnabled()) { - LOG.debug(String.format("Value for property[%s] was [%s].", - propertyName, policySourceImpl)); + LOG.debug(String.format("Value for property[%s] was [%s].", propertyName, policySourceImpl)); } try { @SuppressWarnings("unchecked") - Class adminClass = (Class) Class - .forName(policySourceImpl); - + Class adminClass = (Class)Class.forName(policySourceImpl); + ret = adminClass.newInstance(); } catch (Exception excp) { - LOG.error("failed to instantiate policy source of type '" - + policySourceImpl - + "'. Will use policy source of type '" - + RangerAdminRESTClient.class.getName() + "'", excp); + LOG.error("failed to instantiate policy source of type '" + policySourceImpl + "'. Will use policy source of type '" + RangerAdminRESTClient.class.getName() + "'", excp); } } - if (ret == null) { + if(ret == null) { ret = new RangerAdminRESTClient(); } ret.init(serviceName, appId, propertyPrefix); - if (LOG.isDebugEnabled()) { - LOG.debug("<== RangerAdminRESTClient.createAdminClient(" - + propertyPrefix + "): policySourceImpl=" - + policySourceImpl + ", client=" + ret); + if(LOG.isDebugEnabled()) { + LOG.debug("<== RangerAdminRESTClient.createAdminClient(" + propertyPrefix + "): policySourceImpl=" + policySourceImpl + ", client=" + ret); } return ret; } - private void auditGrantRevoke(GrantRevokeRequest request, String action, - boolean isSuccess, RangerAccessResultProcessor resultProcessor) { + private void auditGrantRevoke(GrantRevokeRequest request, String action, boolean isSuccess, RangerAccessResultProcessor resultProcessor) { RangerPolicyEngine policyEngine = this.policyEngine; - if (request != null && resultProcessor != null && policyEngine != null) { + if(request != null && resultProcessor != null && policyEngine != null) { RangerAccessRequestImpl accessRequest = new RangerAccessRequestImpl(); - - accessRequest.setResource(new RangerAccessResourceImpl(request - .getResource())); + + accessRequest.setResource(new RangerAccessResourceImpl(request.getResource())); accessRequest.setUser(request.getGrantor()); accessRequest.setAccessType(RangerPolicyEngine.ADMIN_ACCESS); accessRequest.setAction(action); @@ -330,14 +289,13 @@ public class RangerBasePlugin { accessRequest.setSessionId(request.getSessionId()); // call isAccessAllowed() to determine if audit is enabled or not - RangerAccessResult accessResult = policyEngine.isAccessAllowed( - accessRequest, null); + RangerAccessResult accessResult = policyEngine.isAccessAllowed(accessRequest, null); - if (accessResult != null && accessResult.getIsAudited()) { + if(accessResult != null && accessResult.getIsAudited()) { accessRequest.setAccessType(action); accessResult.setIsAllowed(isSuccess); - if (!isSuccess) { + if(! isSuccess) { accessResult.setPolicyId(-1); } @@ -345,7 +303,7 @@ public class RangerBasePlugin { } } } - + public boolean logErrorMessage(String message) { LogHistory log = logHistoryList.get(message); if (log == null) { @@ -365,4 +323,5 @@ public class RangerBasePlugin { long lastLogTime; String message; } + }