ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mad...@apache.org
Subject [2/3] incubator-ranger git commit: RANGER-562: Policy migration updated to ignore incorrect permission type and continue with migration
Date Sat, 20 Jun 2015 15:43:17 GMT
RANGER-562: Policy migration updated to ignore incorrect permission type and continue with
migration

Signed-off-by: Madhan Neethiraj <madhan@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/e2a59009
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/e2a59009
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/e2a59009

Branch: refs/heads/tag-policy
Commit: e2a590096a3637398565f70a53726e4b253ed1f9
Parents: 6f903e3
Author: Gautam Borad <gborad@gmail.com>
Authored: Fri Jun 19 18:33:59 2015 -0400
Committer: Madhan Neethiraj <madhan@apache.org>
Committed: Fri Jun 19 18:34:50 2015 -0400

----------------------------------------------------------------------
 .../ranger/patch/PatchMigration_J10002.java     | 28 +++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e2a59009/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java
b/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java
index 1747324..44306d8 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchMigration_J10002.java
@@ -20,10 +20,13 @@ package org.apache.ranger.patch;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Set;
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.apache.ranger.biz.RangerBizUtil;
@@ -91,6 +94,15 @@ public class PatchMigration_J10002 extends BaseLoader {
 	private static int policyCounter = 0;
 	private static int serviceCounter = 0;
 
+	static Set<String> unsupportedLegacyPermTypes = new HashSet<String>();
+
+	static {
+		unsupportedLegacyPermTypes.add("Unknown");
+		unsupportedLegacyPermTypes.add("Reset");
+		unsupportedLegacyPermTypes.add("Obfuscate");
+		unsupportedLegacyPermTypes.add("Mask");
+	}
+
 	public static void main(String[] args) {
 		logger.info("main()");
 		try {
@@ -451,6 +463,10 @@ public class PatchMigration_J10002 extends BaseLoader {
 				}
 
 				String accessType = ServiceUtil.toAccessType(permMap.getPermType());
+				if(StringUtils.isBlank(accessType) || unsupportedLegacyPermTypes.contains(accessType))
{
+					logger.info(accessType + ": is not a valid access-type, ignoring accesstype for policy:
" + xRes.getPolicyName());
+					continue;
+				}
 
 				if(StringUtils.equalsIgnoreCase(accessType, "Admin")) {
 					policyItem.setDelegateAdmin(Boolean.TRUE);
@@ -464,6 +480,16 @@ public class PatchMigration_J10002 extends BaseLoader {
 				ipAddress = permMap.getIpAddress();
 			}
 
+			if(CollectionUtils.isEmpty(accessList)) {
+				logger.info("no access specified. ignoring policyItem for policy: " + xRes.getPolicyName());
+				continue;
+			}
+
+			if(CollectionUtils.isEmpty(userList) && CollectionUtils.isEmpty(groupList)) {
+				logger.info("no user or group specified. ignoring policyItem for policy: " + xRes.getPolicyName());
+				continue;
+			}
+
 			policyItem.setUsers(userList);
 			policyItem.setGroups(groupList);
 			policyItem.setAccesses(accessList);
@@ -525,4 +551,4 @@ public class PatchMigration_J10002 extends BaseLoader {
 
 		return groupName;
 	}
-}
\ No newline at end of file
+}


Mime
View raw message