ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a...@apache.org
Subject incubator-ranger git commit: RANGER-594 User friendly error messages for policy validation error failures and unify error processing for all 3 types validations
Date Wed, 05 Aug 2015 21:11:56 GMT
Repository: incubator-ranger
Updated Branches:
  refs/heads/master 68a4352b3 -> 79bd7e3c8


RANGER-594 User friendly error messages for policy validation error failures and unify error processing for all 3 types validations


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/79bd7e3c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/79bd7e3c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/79bd7e3c

Branch: refs/heads/master
Commit: 79bd7e3c8dd5903c5ed2089416cb33ef4d566cf7
Parents: 68a4352
Author: Alok Lal <alok@apache.org>
Authored: Tue Aug 4 10:38:44 2015 -0700
Committer: Alok Lal <alok@apache.org>
Committed: Wed Aug 5 13:21:39 2015 -0700

----------------------------------------------------------------------
 .../plugin/errors/ValidationErrorCode.java      |  25 ++
 .../model/validation/RangerPolicyValidator.java | 361 +++++++------------
 .../validation/RangerServiceDefValidator.java   |  67 ++--
 .../validation/RangerServiceValidator.java      |  45 +--
 .../validation/ValidationFailureDetails.java    |  21 +-
 .../ValidationFailureDetailsBuilder.java        |   2 +-
 .../TestValidationFailureDetails.java           |  55 ---
 7 files changed, 185 insertions(+), 391 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
index c40efc9..b458394 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
@@ -60,6 +60,31 @@ public enum ValidationErrorCode {
     SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NO_VALUES(2018, "enum [{0}] does not have any elements"),
     SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_INVALID_DEFAULT_INDEX(2019, "default index[{0}] for enum [{1}] is invalid"),
     SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_ENUM_ELEMENT(2020, "An enum element in enum element collection of enum [{0}] is null"),
+
+    // POLICY VALIDATION
+    POLICY_VALIDATION_ERR_UNSUPPORTED_ACTION(3001, "Internal error: method signature isValid(Long) is only supported for DELETE"),
+    POLICY_VALIDATION_ERR_MISSING_FIELD(3002, "Internal error: missing field[{0}]"),
+    POLICY_VALIDATION_ERR_NULL_POLICY_OBJECT(3003, "Internal error: policy object passed in was null"),
+    POLICY_VALIDATION_ERR_INVALID_POLICY_ID(3004, "Invalid policy id provided for update: no policy found for id[{0}]"),
+    POLICY_VALIDATION_ERR_POLICY_NAME_MULTIPLE_POLICIES_WITH_SAME_NAME(3005, "Internal error: multiple policies found with the name[{0}]"),
+    POLICY_VALIDATION_ERR_POLICY_NAME_CONFLICT(3006, "id/name conflict: another policy already exists with name[{0}] for service[{1}, its id is[{2}]"),
+    POLICY_VALIDATION_ERR_INVALID_SERVICE_NAME(3007, "no service found with name[{0}]"),
+    POLICY_VALIDATION_ERR_MISSING_POLICY_ITEMS(3008, "at least one policy item must be specified if audit isn't enabled"),
+    POLICY_VALIDATION_ERR_MISSING_SERVICE_DEF(3009, "Internal error: Service def[{0}] of policy's service[{1}] does not exist!"),
+    POLICY_VALIDATION_ERR_DUPLICATE_POLICY_RESOURCE(3010, "another policy[{0}] with matching resources[{1}] exists for service[{2}]!"),
+    POLICY_VALIDATION_ERR_INVALID_RESOURCE_NO_COMPATIBLE_HIERARCHY(3011, "policy resources [{0}] are not compatible with any resource hierarchy for service def[{1}]! Valid hierarchies are: {2}"),
+    POLICY_VALIDATION_ERR_INVALID_RESOURCE_MISSING_MANDATORY(3012, "policy is missing required resources. Mandatory resources of potential hierarchies are: {0}"),
+    POLICY_VALIDATION_ERR_NULL_RESOURCE_DEF(3013, "Internal error: a resource-def on resource def collection of service-def[{0}] was null"),
+    POLICY_VALIDATION_ERR_MISSING_RESOURCE_DEF_NAME(3014, "Internal error: name of a resource-def on resource def collection of service-def[{0}] was null"),
+    POLICY_VALIDATION_ERR_EXCLUDES_NOT_SUPPORTED(3015, "isExcludes specified as [{0}] for resource [{1}] which doesn't support isExcludes"),
+    POLICY_VALIDATION_ERR_EXCLUDES_REQUIRES_ADMIN(3016, "isExcludes specified as [{0}] for resource [{1}].  Insufficient permissions to create excludes policy."),
+    POLICY_VALIDATION_ERR_RECURSIVE_NOT_SUPPORTED(3017, "isRecursive specified as [{0}] for resource [{1}] which doesn't support isRecursive"),
+    POLICY_VALIDATION_ERR_INVALID_RESOURCE_VALUE_REGEX(3018, "Value[{0}] of resource[{1}] does not conform to the validation regex[{2}] defined on the service-def[{3}]"),
+    POLICY_VALIDATION_ERR_NULL_POLICY_ITEM(3019, "policy items object was null"),
+    POLICY_VALIDATION_ERR_MISSING_USER_AND_GROUPS(3020, "both users and user-groups collections on the policy item were null/empty"),
+    POLICY_VALIDATION_ERR_NULL_POLICY_ITEM_ACCESS(3021, "policy items access object was null"),
+    POLICY_VALIDATION_ERR_POLICY_ITEM_ACCESS_TYPE_INVALID(3022, "access type[{0}] not among valid types for service[{1}]"),
+    POLICY_VALIDATION_ERR_POLICY_ITEM_ACCESS_TYPE_DENY(3023, "access type is set to deny.  Currently deny access types are not supported."),
     ;
 
 

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
index 8817049..da817c6 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
@@ -25,6 +25,7 @@ import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.ranger.plugin.errors.ValidationErrorCode;
 import org.apache.ranger.plugin.model.RangerPolicy;
 import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
 import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
@@ -71,19 +72,22 @@ public class RangerPolicyValidator extends RangerValidator {
 
 		boolean valid = true;
 		if (action != Action.DELETE) {
-			failures.add(new RangerPolicyValidationErrorBuilder()
+			ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_UNSUPPORTED_ACTION;
+			failures.add(new ValidationFailureDetailsBuilder()
 				.isAnInternalError()
-				.becauseOf("method signature isValid(Long) is only supported for DELETE")
-				.errorCode(ErrorCode.InternalError_InvalidMethodInvocation)
+				.becauseOf(error.getMessage())
+				.errorCode(error.getErrorCode())
 				.build());
 			valid = false;
 		} else if (id == null) {
-			failures.add(new RangerPolicyValidationErrorBuilder()
-				.becauseOf("policy id was null/missing")
-				.field("id")
-				.isMissing()
-				.errorCode(ErrorCode.Missing_PolicyId_Delete)
-				.build());
+			ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+			failures.add(new ValidationFailureDetailsBuilder()
+					.becauseOf("policy id was null/missing")
+					.field("id")
+					.isMissing()
+					.errorCode(error.getErrorCode())
+					.becauseOf(error.getMessage("id"))
+					.build());
 			valid = false;
 		} else if (getPolicy(id) == null) {
 			if (LOG.isDebugEnabled()) {
@@ -107,34 +111,33 @@ public class RangerPolicyValidator extends RangerValidator {
 		}
 		boolean valid = true;
 		if (policy == null) {
-			String message = "policy object passed in was null";
-			LOG.debug(message);
-			failures.add(new RangerPolicyValidationErrorBuilder()
+			ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_NULL_POLICY_OBJECT;
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("policy")
 				.isMissing()
-				.becauseOf(message)
-				.errorCode(ErrorCode.Missing_PolicyObject)
+				.becauseOf(error.getMessage())
+				.errorCode(error.getErrorCode())
 				.build());
 			valid = false;
 		} else {
 			Long id = policy.getId();
 			if (action == Action.UPDATE) { // id is ignored for CREATE
 				if (id == null) {
-					String message = "policy id was null/empty/blank"; 
-					LOG.debug(message);
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("id")
 						.isMissing()
-						.becauseOf(message)
-						.errorCode(ErrorCode.Missing_PolicyId_Update)
+						.becauseOf(error.getMessage("id"))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else if (getPolicy(id) == null) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_POLICY_ID;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("id")
 						.isSemanticallyIncorrect()
-						.becauseOf("Invalid policy id provided for update: no policy found for id[" + id + "]")
-						.errorCode(ErrorCode.Invalid_PolicyId)
+						.becauseOf(error.getMessage(id))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				}
@@ -142,40 +145,42 @@ public class RangerPolicyValidator extends RangerValidator {
 			String policyName = policy.getName();
 			String serviceName = policy.getService();
 			if (StringUtils.isBlank(policyName)) {
-				String message = "policy name was null/empty/blank[" + policyName + "]";
-				LOG.debug(message);
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("name")
 					.isMissing()
-					.becauseOf(message)
-					.errorCode(ErrorCode.Missing_PolicyName)
+					.becauseOf(error.getMessage("name"))
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			} else {
 				List<RangerPolicy> policies = getPolicies(serviceName, policyName);
 				if (CollectionUtils.isNotEmpty(policies)) {
 					if (policies.size() > 1) {
-						failures.add(new RangerPolicyValidationErrorBuilder()
+						ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_MULTIPLE_POLICIES_WITH_SAME_NAME;
+						failures.add(new ValidationFailureDetailsBuilder()
 							.field("name")
 							.isAnInternalError()
-							.becauseOf("multiple policies found with the name[" + policyName + "]")
-							.errorCode(ErrorCode.InternalError_Data_MultiplePoliciesSameName)
+							.becauseOf(error.getMessage(policyName))
+							.errorCode(error.getErrorCode())
 							.build());
 						valid = false;
 					} else if (action == Action.CREATE) { // size == 1
-						failures.add(new RangerPolicyValidationErrorBuilder()
+						ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_CONFLICT;
+						failures.add(new ValidationFailureDetailsBuilder()
 							.field("policy name")
 							.isSemanticallyIncorrect()
-							.becauseOf("A policy already exists with name[" + policyName + "] for service[" + serviceName + "]; its id is[" + policies.iterator().next().getId() + "]")
-							.errorCode(ErrorCode.Duplicate_PolicyName_Create)
+							.becauseOf(error.getMessage(policyName, serviceName, policies.iterator().next().getId()))
+							.errorCode(error.getErrorCode())
 							.build());
 						valid = false;
 					} else if (!policies.iterator().next().getId().equals(id)) { // size == 1 && action == UPDATE
-						failures.add(new RangerPolicyValidationErrorBuilder()
+						ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_NAME_CONFLICT;
+						failures.add(new ValidationFailureDetailsBuilder()
 							.field("id/name")
 							.isSemanticallyIncorrect()
-							.errorCode(ErrorCode.Duplicate_PolicyName_Update)
-							.becauseOf("id/name conflict: another policy already exists with name[" + policyName + "], its id is[" + policies.iterator().next().getId() + "]")
+							.becauseOf(error.getMessage(policyName, serviceName, policies.iterator().next().getId()))
+							.errorCode(error.getErrorCode())
 							.build());
 						valid = false;
 					}
@@ -184,21 +189,23 @@ public class RangerPolicyValidator extends RangerValidator {
 			RangerService service = null;
 			boolean serviceNameValid = false;
 			if (StringUtils.isBlank(serviceName)) {
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("service name")
 					.isMissing()
-					.errorCode(ErrorCode.Missing_ServiceName)
-					.becauseOf("service name was null/empty/blank")
+					.becauseOf(error.getMessage("service name"))
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			} else {
 				service = getService(serviceName);
 				if (service == null) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_SERVICE_NAME;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("service name")
 						.isSemanticallyIncorrect()
-						.becauseOf("no service found with name[" + serviceName + "]")
-						.errorCode(ErrorCode.Invalid_ServiceName)
+						.becauseOf(error.getMessage(serviceName))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -210,24 +217,24 @@ public class RangerPolicyValidator extends RangerValidator {
 			RangerServiceDef serviceDef = null;
 			String serviceDefName = null;
 			if (CollectionUtils.isEmpty(policyItems) && !isAuditEnabled) {
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_POLICY_ITEMS;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy items")
 					.isMissing()
-					.becauseOf("at least one policy item must be specified if audit isn't enabled")
-					.errorCode(ErrorCode.Missing_PolicyItems)
+					.becauseOf(error.getMessage())
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			} else if (service != null) {
 				serviceDefName = service.getType();
 				serviceDef = getServiceDef(serviceDefName);
 				if (serviceDef == null) {
-					String message = String.format("Service def[%s] of policy's service[%s] does not exist!", serviceDefName, serviceName);
-					LOG.debug(message);
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_SERVICE_DEF;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy service def")
 						.isAnInternalError()
-						.becauseOf(message)
-						.errorCode(ErrorCode.InternalError_Data_MissingServiceDef)
+						.becauseOf(error.getMessage(serviceDefName, serviceName))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -283,17 +290,16 @@ public class RangerPolicyValidator extends RangerValidator {
 			String signature = policySignature.getSignature();
 			List<RangerPolicy> policies = getPoliciesForResourceSignature(policy.getService(), signature);
 			if (CollectionUtils.isNotEmpty(policies)) {
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_DUPLICATE_POLICY_RESOURCE;
 				RangerPolicy matchedPolicy = policies.iterator().next();
 				// there shouldn't be a matching policy for create.  During update only match should be to itself
 				if (action == Action.CREATE || (action == Action.UPDATE && (policies.size() > 1 || !matchedPolicy.getId().equals(policy.getId())))) {
-					String message = String.format("another policy[%s] with matching resources[%s] exists for service[%s]!",
-							matchedPolicy.getName(), matchedPolicy.getResources(), policy.getService());
-					failures.add(new RangerPolicyValidationErrorBuilder()
-						.field("resources")
-						.isSemanticallyIncorrect()
-						.becauseOf(message)
-						.errorCode(ErrorCode.Duplicate_PolicyResource)
-						.build());
+					failures.add(new ValidationFailureDetailsBuilder()
+							.field("resources")
+							.isSemanticallyIncorrect()
+							.becauseOf(error.getMessage(matchedPolicy.getName(), matchedPolicy.getResources(), policy.getService()))
+							.errorCode(error.getErrorCode())
+							.build());
 					valid = false;
 				}
 			}
@@ -327,15 +333,13 @@ public class RangerPolicyValidator extends RangerValidator {
 			 */
 			Set<List<RangerResourceDef>> candidateHierarchies = filterHierarchies_hierarchyHasAllPolicyResources(policyResources, hierarchies, defHelper);
 			if (candidateHierarchies.isEmpty()) {
-				// let's build a helpful message for user
-				String message = String.format("policy resources %s are not compatible with any resource hierarchy for service def[%s]! Valid hierarchies are: %s",
-						policyResources.toString(), serviceDef.getName(), toStringHierarchies_all(hierarchies, defHelper));
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_RESOURCE_NO_COMPATIBLE_HIERARCHY;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy resources")
 					.subField("incompatible")
 					.isSemanticallyIncorrect()
-					.becauseOf(message)
-					.errorCode(ErrorCode.Invalid_PolicyResource_NoCompatibleHierarchy)
+					.becauseOf(error.getMessage(policyResources.toString(), serviceDef.getName(), toStringHierarchies_all(hierarchies, defHelper)))
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			} else {
@@ -349,12 +353,13 @@ public class RangerPolicyValidator extends RangerValidator {
 				 */
 				Set<List<RangerResourceDef>> validHierarchies = filterHierarchies_mandatoryResourcesSpecifiedInPolicy(policyResources, candidateHierarchies, defHelper);
 				if (validHierarchies.isEmpty()) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_RESOURCE_MISSING_MANDATORY;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy resources")
 						.subField("missing mandatory")
 						.isSemanticallyIncorrect()
-						.errorCode(ErrorCode.Invalid_PolicyResource_MissingMandatory)
-						.becauseOf("policy is missing required resources. Mandatory resources of potential hierarchies are: " + toStringHierarchies_mandatory(candidateHierarchies, defHelper))
+						.becauseOf(error.getMessage(toStringHierarchies_mandatory(candidateHierarchies, defHelper)))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -457,19 +462,21 @@ public class RangerPolicyValidator extends RangerValidator {
 			Map<String, RangerPolicyResource> policyResources = getPolicyResourceWithLowerCaseKeys(inputPolicyResources);
 			for (RangerResourceDef resourceDef : resourceDefs) {
 				if (resourceDef == null) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_NULL_RESOURCE_DEF;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("resource-def")
 						.isAnInternalError()
-						.errorCode(ErrorCode.InternalError_Data_NullResourceDef)
-						.becauseOf("a resource-def on resource def collection of service-def[" + serviceDefName + "] was null")
+						.becauseOf(error.getMessage(serviceDefName))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else if (StringUtils.isBlank(resourceDef.getName())) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_RESOURCE_DEF_NAME;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("resource-def-name")
 						.isAnInternalError()
-						.errorCode(ErrorCode.InternalError_Data_NullResourceDefName)
-						.becauseOf("name of a resource-def on resource def collection of service-def[" + serviceDefName + "] was null")
+						.becauseOf(error.getMessage(serviceDefName))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -483,34 +490,37 @@ public class RangerPolicyValidator extends RangerValidator {
 						boolean excludesSupported = Boolean.TRUE.equals(resourceDef.getExcludesSupported()); // could be null
 						boolean policyResourceIsExcludes = Boolean.TRUE.equals(policyResource.getIsExcludes()); // could be null
 						if (policyResourceIsExcludes && !excludesSupported) {
-							failures.add(new RangerPolicyValidationErrorBuilder()
+							ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_EXCLUDES_NOT_SUPPORTED;
+							failures.add(new ValidationFailureDetailsBuilder()
 								.field("isExcludes")
 								.subField(resourceName)
 								.isSemanticallyIncorrect()
-								.errorCode(ErrorCode.Invalid_Excludes_NotSupported)
-								.becauseOf("isExcludes specified as [" + policyResourceIsExcludes + "] for resource [" + resourceName + "] which doesn't support isExcludes")
+								.becauseOf(error.getMessage(policyResourceIsExcludes, resourceName))
+								.errorCode(error.getErrorCode())
 								.build());
 							valid = false;
 						}
 						if (policyResourceIsExcludes && !isAdmin) {
-							failures.add(new RangerPolicyValidationErrorBuilder()
+							ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_EXCLUDES_REQUIRES_ADMIN;
+							failures.add(new ValidationFailureDetailsBuilder()
 								.field("isExcludes")
 								.subField("isAdmin")
 								.isSemanticallyIncorrect()
-								.becauseOf("isExcludes specified as [" + policyResourceIsExcludes + "] for resource [" + resourceName + "].  Insufficient permissions to create excludes policy.")
-								.errorCode(ErrorCode.Invalid_Excludes_RequiresAdmin)
+								.becauseOf(error.getMessage(policyResourceIsExcludes, resourceName))
+								.errorCode(error.getErrorCode())
 								.build());
 							valid = false;
 						}
 						boolean recursiveSupported = Boolean.TRUE.equals(resourceDef.getRecursiveSupported());
 						boolean policyIsRecursive = Boolean.TRUE.equals(policyResource.getIsRecursive());
 						if (policyIsRecursive && !recursiveSupported) {
-							failures.add(new RangerPolicyValidationErrorBuilder()
+							ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_RECURSIVE_NOT_SUPPORTED;
+							failures.add(new ValidationFailureDetailsBuilder()
 								.field("isRecursive")
 								.subField(resourceName)
 								.isSemanticallyIncorrect()
-								.becauseOf("isRecursive specified as [" + policyIsRecursive + "] for resource [" + resourceName + "] which doesn't support isRecursive")
-								.errorCode(ErrorCode.Invalid_Recursive_NotSupported)
+								.becauseOf(error.getMessage(policyIsRecursive, resourceName))
+								.errorCode(error.getErrorCode())
 								.build());
 							valid = false;
 						}
@@ -541,14 +551,13 @@ public class RangerPolicyValidator extends RangerValidator {
 					if (StringUtils.isBlank(aValue)) {
 						LOG.debug("resource value was blank");
 					} else if (!aValue.matches(regEx)) {
-						String message = String.format("Value[%s] of resource[%s] does not conform to the validation regex[%s] defined on the service-def[%s]", aValue, name, regEx, serviceDef.getName());
-						LOG.debug(message);
-						failures.add(new RangerPolicyValidationErrorBuilder()
+						ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_INVALID_RESOURCE_VALUE_REGEX;
+						failures.add(new ValidationFailureDetailsBuilder()
 							.field("resource-values")
 							.subField(name)
 							.isSemanticallyIncorrect()
-							.becauseOf(message)
-							.errorCode(ErrorCode.Invalid_ResourceValue_RegEx)
+							.becauseOf(error.getMessage(aValue, name, regEx, serviceDef.getName()))
+							.errorCode(error.getErrorCode())
 							.build());
 						valid = false;
 					}
@@ -573,11 +582,12 @@ public class RangerPolicyValidator extends RangerValidator {
 		} else {
 			for (RangerPolicyItem policyItem : policyItems) {
 				if (policyItem == null) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_NULL_POLICY_ITEM;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy item")
 						.isMissing()
-						.becauseOf("policy items object was null")
-						.errorCode(ErrorCode.InternalError_Data_NullPolicyItem)
+						.becauseOf(error.getMessage())
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -605,11 +615,12 @@ public class RangerPolicyValidator extends RangerValidator {
 			// access items collection can't be empty (unless delegated admin is true) and should be otherwise valid
 			if (CollectionUtils.isEmpty(policyItem.getAccesses())) {
 				if (!Boolean.TRUE.equals(policyItem.getDelegateAdmin())) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy item accesses")
 						.isMissing()
-						.becauseOf("policy items accesses collection was null")
-						.errorCode(ErrorCode.Missing_PolicyItemAccesses)
+						.becauseOf(error.getMessage("policy item accesses"))
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -620,11 +631,12 @@ public class RangerPolicyValidator extends RangerValidator {
 			}
 			// both users and user-groups collections can't be empty
 			if (CollectionUtils.isEmpty(policyItem.getUsers()) && CollectionUtils.isEmpty(policyItem.getGroups())) {
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_USER_AND_GROUPS;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy item users/user-groups")
 					.isMissing()
-					.becauseOf("both users and user-groups collections on the policy item were null/empty")
-					.errorCode(ErrorCode.Missing_PolicyItemUserGroup)
+					.becauseOf(error.getMessage())
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			}
@@ -648,11 +660,12 @@ public class RangerPolicyValidator extends RangerValidator {
 			Set<String> accessTypes = getAccessTypes(serviceDef);
 			for (RangerPolicyItemAccess access : accesses) {
 				if (access == null) {
-					failures.add(new RangerPolicyValidationErrorBuilder()
+					ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_NULL_POLICY_ITEM_ACCESS;
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy item access")
 						.isMissing()
-						.becauseOf("policy items access object was null")
-						.errorCode(ErrorCode.InternalError_Data_NullPolicyItemAccess)
+						.becauseOf(error.getMessage())
+						.errorCode(error.getErrorCode())
 						.build());
 					valid = false;
 				} else {
@@ -681,34 +694,33 @@ public class RangerPolicyValidator extends RangerValidator {
 		} else {
 			String accessType = access.getType();
 			if (StringUtils.isBlank(accessType)) {
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_MISSING_FIELD;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy item access type")
 					.isMissing()
-					.becauseOf("policy items access type's name was null/empty/blank")
-					.errorCode(ErrorCode.Missing_PolicyItemAccessType)
+					.becauseOf(error.getMessage("policy item access type"))
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			} else if (!accessTypes.contains(accessType.toLowerCase())) {
-				String message = String.format("access type[%s] not among valid types for service[%s]", accessType, accessTypes);
-				LOG.debug(message);
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_ITEM_ACCESS_TYPE_INVALID;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy item access type")
 					.isSemanticallyIncorrect()
-					.becauseOf(message)
-					.errorCode(ErrorCode.Invalid_PolicyItemAccessType)
+					.becauseOf(error.getMessage(accessType, accessTypes))
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			}
 			Boolean isAllowed = access.getIsAllowed();
 			// it can be null (which is treated as allowed) but not false
 			if (isAllowed != null && isAllowed == false) {
-				String message = "access type is set to deny.  Currently deny access types are not supported.";
-				LOG.debug(message);
-				failures.add(new RangerPolicyValidationErrorBuilder()
+				ValidationErrorCode error = ValidationErrorCode.POLICY_VALIDATION_ERR_POLICY_ITEM_ACCESS_TYPE_DENY;
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("policy item access type allowed")
 					.isSemanticallyIncorrect()
-					.becauseOf(message)
-					.errorCode(ErrorCode.Invalid_PolicyItemAccessType_Deny)
+					.becauseOf(error.getMessage())
+					.errorCode(error.getErrorCode())
 					.build());
 				valid = false;
 			}
@@ -719,129 +731,4 @@ public class RangerPolicyValidator extends RangerValidator {
 		}
 		return valid;
 	}
-
-	static class RangerPolicyValidationErrorBuilder extends ValidationFailureDetailsBuilder {
-
-		@Override
-		ValidationFailureDetails build() {
-			return new RangerPolicyValidationFailure(_errorCode, _fieldName, _subFieldName, _missing, _semanticError, _internalError, _reason);
-		}
-	}
-
-	static class RangerPolicyValidationFailure extends  ValidationFailureDetails {
-
-		public RangerPolicyValidationFailure(int errorCode, String fieldName, String subFieldName, boolean missing, boolean semanticError, boolean internalError, String reason) {
-			super(errorCode, fieldName, subFieldName, missing, semanticError, internalError, reason);
-		}
-
-		// TODO remove and move to baseclass when all 3 move to new message framework
-		@Override
-		public String toString() {
-			LOG.debug("RangerPolicyValidationFailure.toString");
-			String result = null;
-			if (_ErrorCode2MessageTemplate.containsKey(_errorCode)) {
-				Integer templateId = _ErrorCode2MessageTemplate.get(_errorCode);
-				if (templateId != null && _TemplateId2Template.containsKey(templateId)) {
-					String messageTemplate = _TemplateId2Template.get(templateId);
-					if (StringUtils.isNotBlank(messageTemplate)) {
-						// in the worst case result should be at least same as the messageTemplate which we know is not blank
-						result = substituteVariables(messageTemplate);
-					} else {
-						LOG.warn("Internal error: Message template string for template [" + templateId + "] was empty!");
-					}
-				} else {
-					LOG.warn("Internal error: template id for error code [" + templateId + "] was null or template id to message map did not comtain the templateid");
-				}
-			} else {
-				LOG.warn("Internal error: error code [" + _errorCode + "] not found in errorcode to message template map");
-			}
-			if (result == null) {
-				result = super.toString();
-			}
-			return "Policy validation failure: " + result;
-		}
-	}
-
-	static class ErrorCode {
-		public static final int InternalError_InvalidMethodInvocation 					= 1001;
-		public static final int Missing_PolicyId_Delete 								= 1002;
-		public static final int Missing_PolicyObject 									= 1003;
-		public static final int Missing_PolicyId_Update 								= 1004;
-		public static final int Invalid_PolicyId 										= 1005;
-		public static final int Missing_PolicyName 										= 1006;
-		public static final int InternalError_Data_MultiplePoliciesSameName 			= 1007;
-		public static final int Duplicate_PolicyName_Create 							= 1008;
-		public static final int Duplicate_PolicyName_Update 							= 1009;
-		public static final int Missing_ServiceName 									= 1010;
-		public static final int Invalid_ServiceName 									= 1011;
-		public static final int Missing_PolicyItems 									= 1012;
-		public static final int InternalError_Data_MissingServiceDef					= 1013;
-		public static final int Duplicate_PolicyResource 								= 1014;
-		public static final int Invalid_PolicyResource_NoCompatibleHierarchy 			= 1015;
-		public static final int Invalid_PolicyResource_MissingMandatory					= 1016;
-		public static final int InternalError_Data_NullResourceDef						= 1017;
-		public static final int InternalError_Data_NullResourceDefName					= 1018;
-		public static final int Invalid_Excludes_NotSupported							= 1019;
-		public static final int Invalid_Excludes_RequiresAdmin							= 1020;
-		public static final int Invalid_Recursive_NotSupported							= 1021;
-		public static final int Invalid_ResourceValue_RegEx								= 1022;
-		public static final int InternalError_Data_NullPolicyItem 						= 1023;
-		public static final int Missing_PolicyItemAccesses 								= 1024;
-		public static final int Missing_PolicyItemUserGroup 							= 1025;
-		public static final int InternalError_Data_NullPolicyItemAccess					= 1026;
-		public static final int Missing_PolicyItemAccessType							= 1027;
-		public static final int Invalid_PolicyItemAccessType							= 1028;
-		public static final int Invalid_PolicyItemAccessType_Deny						= 1029;
-	}
-	static class MessageId {
-		public static final int InternalError 					= 1;
-		public static final int MissingField 					= 2;
-		public static final int InternalError_BadData 			= 3;
-		public static final int DuplicateValue 					= 4;
-		public static final int InvalidField 					= 5;
-	}
-
-	static Object[][] MessageTemplateData = new Object[][] {
-			{ MessageId.InternalError,								"Internal error: {reason}."},
-			{ MessageId.InternalError_BadData,						"Internal error: bad data encountered [{field}]: {reason}"},
-			{ MessageId.MissingField,								"Missing Required field [{field}]: {reason}"},
-			{ MessageId.InvalidField,								"Invalid value specified for field [{field}]: {reason}"},
-			{ MessageId.DuplicateValue,								"Duplicate value for [{field}]: {reason}"},
-	};
-	static final Map<Integer, String> _TemplateId2Template = createMap(MessageTemplateData);
-
-	static int[][] ErrorCode2MessageTemplateData = new int[][] {
-			{ ErrorCode.InternalError_InvalidMethodInvocation,					MessageId.InternalError},
-			{ ErrorCode.Missing_PolicyId_Delete,								MessageId.MissingField},
-			{ ErrorCode.Missing_PolicyObject,									MessageId.InternalError},
-			{ ErrorCode.Missing_PolicyId_Update,								MessageId.MissingField},
-			{ ErrorCode.Invalid_PolicyId,										MessageId.InvalidField},
-			{ ErrorCode.Missing_PolicyName,										MessageId.MissingField},
-			{ ErrorCode.InternalError_Data_MultiplePoliciesSameName,			MessageId.InternalError_BadData},
-			{ ErrorCode.Duplicate_PolicyName_Create,							MessageId.DuplicateValue},
-			{ ErrorCode.Duplicate_PolicyName_Update,							MessageId.DuplicateValue},
-			{ ErrorCode.Missing_ServiceName,									MessageId.MissingField},
-			{ ErrorCode.Invalid_ServiceName,									MessageId.InvalidField},
-			{ ErrorCode.Missing_PolicyItems,									MessageId.MissingField},
-			{ ErrorCode.InternalError_Data_MissingServiceDef,                   MessageId.InternalError_BadData},
-			{ ErrorCode.Duplicate_PolicyResource,								MessageId.DuplicateValue},
-			{ ErrorCode.Invalid_PolicyResource_NoCompatibleHierarchy,			MessageId.InvalidField},
-			{ ErrorCode.Invalid_PolicyResource_MissingMandatory,				MessageId.MissingField},
-			{ ErrorCode.InternalError_Data_NullResourceDef,						MessageId.InternalError_BadData},
-			{ ErrorCode.InternalError_Data_NullResourceDefName,					MessageId.InternalError_BadData},
-			{ ErrorCode.Invalid_Excludes_NotSupported,							MessageId.InvalidField},
-			{ ErrorCode.Invalid_Excludes_RequiresAdmin,							MessageId.InvalidField},
-			{ ErrorCode.Invalid_Recursive_NotSupported,							MessageId.InvalidField},
-			{ ErrorCode.Invalid_ResourceValue_RegEx,							MessageId.InvalidField},
-			{ ErrorCode.InternalError_Data_NullPolicyItem,						MessageId.InternalError_BadData},
-			{ ErrorCode.Missing_PolicyItemAccesses,								MessageId.MissingField},
-			{ ErrorCode.Missing_PolicyItemUserGroup,							MessageId.MissingField},
-			{ ErrorCode.InternalError_Data_NullPolicyItemAccess,				MessageId.InternalError_BadData},
-			{ ErrorCode.Missing_PolicyItemAccessType,							MessageId.MissingField},
-			{ ErrorCode.Invalid_PolicyItemAccessType,							MessageId.InvalidField},
-			{ ErrorCode.Invalid_PolicyItemAccessType_Deny,						MessageId.InvalidField},
-
-	};
-	static final Map<Integer, Integer> _ErrorCode2MessageTemplate = createMap(ErrorCode2MessageTemplateData);
-
 }

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java
index 75372c2..0507fc4 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceDefValidator.java
@@ -80,7 +80,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		boolean valid = true;
 		if (action != Action.DELETE) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_UNSUPPORTED_ACTION;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 					.isAnInternalError()
 					.errorCode(error.getErrorCode())
 					.becauseOf(error.getMessage(action))
@@ -88,7 +88,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			valid = false;
 		} else if (id == null) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_MISSING_FIELD;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("id")
 				.isMissing()
 				.errorCode(error.getErrorCode())
@@ -118,7 +118,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		boolean valid = true;
 		if (serviceDef == null) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_NULL_SERVICE_DEF_OBJECT;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("service def")
 				.isMissing()
 				.errorCode(error.getErrorCode())
@@ -161,7 +161,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		if (action == Action.UPDATE) { // id is ignored for CREATE
 			if (id == null) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_EMPTY_SERVICE_DEF_ID;
-				failures.add(new RangerServiceDefValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("id")
 					.isMissing()
 					.errorCode(error.getErrorCode())
@@ -170,7 +170,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 				valid = false;
 			} else if (getServiceDef(id) == null) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_DEF_ID;
-				failures.add(new RangerServiceDefValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("id")
 					.isSemanticallyIncorrect()
 					.errorCode(error.getErrorCode())
@@ -194,7 +194,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 
 		if (StringUtils.isBlank(name)) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_DEF_NAME;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("name")
 				.isMissing()
 				.errorCode(error.getErrorCode())
@@ -205,7 +205,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			RangerServiceDef otherServiceDef = getServiceDef(name);
 			if (otherServiceDef != null && action == Action.CREATE) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_SERVICE_DEF_NAME_CONFICT;
-				failures.add(new RangerServiceDefValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("name")
 					.isSemanticallyIncorrect()
 					.errorCode(error.getErrorCode())
@@ -214,7 +214,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 				valid = false;
 			} else if (otherServiceDef != null && !Objects.equals(id, otherServiceDef.getId())) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_ID_NAME_CONFLICT;
-				failures.add(new RangerServiceDefValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("id/name")
 					.isSemanticallyIncorrect()
 					.errorCode(error.getErrorCode())
@@ -238,7 +238,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		boolean valid = true;
 		if (CollectionUtils.isEmpty(accessTypeDefs)) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_MISSING_FIELD;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("access types")
 				.isMissing()
 				.errorCode(error.getErrorCode())
@@ -263,7 +263,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 				Set<String> unknownAccessTypes = Sets.difference(Sets.newHashSet(impliedGrants), accessNames);
 				if (!unknownAccessTypes.isEmpty()) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_IMPLIED_GRANT_UNKNOWN_ACCESS_TYPE;
-					failures.add(new RangerServiceDefValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("implied grants")
 						.subField(unknownAccessTypes.iterator().next())  // we return just on item here.  Message has all unknow items
 						.isSemanticallyIncorrect()
@@ -276,7 +276,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 				String name = def.getName(); // note: this name could be null/blank/empty!
 				if (impliedGrants.contains(name)) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_IMPLIED_GRANT_IMPLIES_ITSELF;
-					failures.add(new RangerServiceDefValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("implied grants")
 						.subField(name)
 						.isSemanticallyIncorrect()
@@ -311,7 +311,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 				valid = isUnique(name, names, "policy condition def name", "policy condition defs", failures) && valid;
 				if (StringUtils.isBlank(conditionDef.getEvaluator())) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_POLICY_CONDITION_NULL_EVALUATOR;
-					failures.add(new RangerServiceDefValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("policy condition def evaluator")
 						.subField(name)
 						.isMissing()
@@ -374,7 +374,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			
 			if (!enumTypes.contains(subType)) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_CONFIG_DEF_UNKNOWN_ENUM;
-				failures.add(new RangerServiceDefValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 					.field("config def subtype")
 					.subField(configName)
 					.isSemanticallyIncorrect()
@@ -390,7 +390,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 					Set<String> enumValues = getEnumValues(enumDef);
 					if (!enumValues.contains(defaultValue)) {
 						ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_CONFIG_DEF_UNKNOWN_ENUM_VALUE;
-						failures.add(new RangerServiceDefValidationErrorBuilder()
+						failures.add(new ValidationFailureDetailsBuilder()
 								.field("config def default value")
 								.subField(configName)
 								.isSemanticallyIncorrect()
@@ -418,7 +418,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		Set<String> validTypes = ImmutableSet.of("bool", "enum", "int", "string", "password", "path");
 		if (StringUtils.isBlank(type)) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_CONFIG_DEF_MISSING_TYPE;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("config def type")
 				.subField(configName)
 				.isMissing()
@@ -428,7 +428,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			valid = false;
 		} else if (!validTypes.contains(type)) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_CONFIG_DEF_INVALID_TYPE;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("config def type")
 				.subField(configName)
 				.isSemanticallyIncorrect()
@@ -453,7 +453,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		List<RangerResourceDef> resources = serviceDef.getResources();
 		if (CollectionUtils.isEmpty(resources)) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_MISSING_FIELD;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 					.field("resources")
 					.isMissing()
 					.errorCode(error.getErrorCode())
@@ -487,7 +487,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 		RangerServiceDefHelper defHelper = _factory.createServiceDefHelper(serviceDef, false);
 		if (!defHelper.isResourceGraphValid()) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_RESOURCE_GRAPH_INVALID;
-			failures.add(new RangerServiceDefValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 				.field("resource graph")
 				.isSemanticallyIncorrect()
 				.errorCode(error.getErrorCode())
@@ -524,7 +524,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			for (RangerEnumDef enumDef : enumDefs) {
 				if (enumDef == null) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_OBJECT;
-					failures.add(new RangerServiceDefValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("enum def")
 						.isMissing()
 						.errorCode(error.getErrorCode())
@@ -539,7 +539,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 					// enum must contain at least one valid value and those values should be non-blank and distinct
 					if (CollectionUtils.isEmpty(enumDef.getElements())) {
 						ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NO_VALUES;
-						failures.add(new RangerServiceDefValidationErrorBuilder()
+						failures.add(new ValidationFailureDetailsBuilder()
 							.field("enum values")
 							.subField(enumName)
 							.isMissing()
@@ -553,7 +553,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 						int defaultIndex = getEnumDefaultIndex(enumDef);
 						if (defaultIndex < 0 || defaultIndex >= enumDef.getElements().size()) { // max index is one less than the size of the elements list
 							ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_INVALID_DEFAULT_INDEX;
-							failures.add(new RangerServiceDefValidationErrorBuilder()
+							failures.add(new ValidationFailureDetailsBuilder()
 								.field("enum default index")
 								.subField(enumName)
 								.isSemanticallyIncorrect()
@@ -588,7 +588,7 @@ public class RangerServiceDefValidator extends RangerValidator {
 			for (RangerEnumElementDef elementDef : enumElementsDefs) {
 				if (elementDef == null) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_ENUM_ELEMENT;
-					failures.add(new RangerServiceDefValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 						.field("enum element")
 						.subField(enumName)
 						.isMissing()
@@ -608,27 +608,4 @@ public class RangerServiceDefValidator extends RangerValidator {
 		}
 		return valid;
 	}
-
-	static class RangerServiceDefValidationErrorBuilder extends ValidationFailureDetailsBuilder {
-
-		@Override
-		ValidationFailureDetails build() {
-			return new RangerServiceDefValidationFailure(_errorCode, _fieldName, _subFieldName, _missing, _semanticError, _internalError, _reason);
-		}
-	}
-
-	static class RangerServiceDefValidationFailure extends  ValidationFailureDetails {
-
-		public RangerServiceDefValidationFailure(int errorCode, String fieldName, String subFieldName, boolean missing, boolean semanticError, boolean internalError, String reason) {
-			super(errorCode, fieldName, subFieldName, missing, semanticError, internalError, reason);
-		}
-
-		// TODO remove and move to baseclass when all 3 move to new message framework
-		@Override
-		public String toString() {
-			LOG.debug("RangerServiceDefValidationFailure.toString");
-			return String.format("%s: %d, %s", "Policy validation failure", _errorCode, _reason);
-		}
-	}
-
 }

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceValidator.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceValidator.java
index 3cfaa3e..847bc9a 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerServiceValidator.java
@@ -69,7 +69,7 @@ public class RangerServiceValidator extends RangerValidator {
 		boolean valid = true;
 		if (action != Action.DELETE) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_UNSUPPORTED_ACTION;
-			failures.add(new RangerServiceValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 					.isAnInternalError()
 					.errorCode(error.getErrorCode())
 					.becauseOf(error.getMessage(action))
@@ -77,7 +77,7 @@ public class RangerServiceValidator extends RangerValidator {
 			valid = false;
 		} else if (id == null) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_MISSING_FIELD;
-			failures.add(new RangerServiceValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 					.field("id")
 					.isMissing()
 					.errorCode(error.getErrorCode())
@@ -107,7 +107,7 @@ public class RangerServiceValidator extends RangerValidator {
 		boolean valid = true;
 		if (service == null) {
 			ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_NULL_SERVICE_OBJECT;
-			failures.add(new RangerServiceValidationErrorBuilder()
+			failures.add(new ValidationFailureDetailsBuilder()
 					.field("service")
 					.isMissing()
 					.errorCode(error.getErrorCode())
@@ -119,7 +119,7 @@ public class RangerServiceValidator extends RangerValidator {
 			if (action == Action.UPDATE) { // id is ignored for CREATE
 				if (id == null) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_EMPTY_SERVICE_ID;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("id")
 							.isMissing()
 							.errorCode(error.getErrorCode())
@@ -128,7 +128,7 @@ public class RangerServiceValidator extends RangerValidator {
 					valid = false;
 				} else if (getService(id) == null) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_ID;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("id")
 							.isSemanticallyIncorrect()
 							.errorCode(error.getErrorCode())
@@ -142,7 +142,7 @@ public class RangerServiceValidator extends RangerValidator {
 			RangerServiceDef serviceDef = null;
 			if (!nameSpecified) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_NAME;
-				failures.add(new RangerServiceValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 						.field("name")
 						.isMissing()
 						.errorCode(error.getErrorCode())
@@ -153,7 +153,7 @@ public class RangerServiceValidator extends RangerValidator {
 				RangerService otherService = getService(name);
 				if (otherService != null && action == Action.CREATE) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_SERVICE_NAME_CONFICT;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("name")
 							.isSemanticallyIncorrect()
 							.errorCode(error.getErrorCode())
@@ -162,7 +162,7 @@ public class RangerServiceValidator extends RangerValidator {
 					valid = false;
 				} else if (otherService != null && otherService.getId() !=null && !otherService.getId().equals(id)) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_ID_NAME_CONFLICT;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("id/name")
 							.isSemanticallyIncorrect()
 							.errorCode(error.getErrorCode())
@@ -175,7 +175,7 @@ public class RangerServiceValidator extends RangerValidator {
 			boolean typeSpecified = StringUtils.isNotBlank(type);
 			if (!typeSpecified) {
 				ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_MISSING_SERVICE_DEF;
-				failures.add(new RangerServiceValidationErrorBuilder()
+				failures.add(new ValidationFailureDetailsBuilder()
 						.field("type")
 						.isMissing()
 						.errorCode(error.getErrorCode())
@@ -186,7 +186,7 @@ public class RangerServiceValidator extends RangerValidator {
 				serviceDef = getServiceDef(type);
 				if (serviceDef == null) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_INVALID_SERVICE_DEF;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("type")
 							.isSemanticallyIncorrect()
 							.errorCode(error.getErrorCode())
@@ -202,7 +202,7 @@ public class RangerServiceValidator extends RangerValidator {
 				Set<String> missingParameters = Sets.difference(reqiredParameters, inputParameters);
 				if (!missingParameters.isEmpty()) {
 					ValidationErrorCode error = ValidationErrorCode.SERVICE_VALIDATION_ERR_REQUIRED_PARM_MISSING;
-					failures.add(new RangerServiceValidationErrorBuilder()
+					failures.add(new ValidationFailureDetailsBuilder()
 							.field("configuration")
 							.subField(missingParameters.iterator().next()) // we return any one parameter!
 							.isMissing()
@@ -219,27 +219,4 @@ public class RangerServiceValidator extends RangerValidator {
 		}
 		return valid;
 	}
-
-	static class RangerServiceValidationErrorBuilder extends ValidationFailureDetailsBuilder {
-
-		@Override
-		ValidationFailureDetails build() {
-			return new RangerPolicyValidationFailure(_errorCode, _fieldName, _subFieldName, _missing, _semanticError, _internalError, _reason);
-		}
-	}
-
-	static class RangerPolicyValidationFailure extends  ValidationFailureDetails {
-
-		public RangerPolicyValidationFailure(int errorCode, String fieldName, String subFieldName, boolean missing, boolean semanticError, boolean internalError, String reason) {
-			super(errorCode, fieldName, subFieldName, missing, semanticError, internalError, reason);
-		}
-
-		// TODO remove and move to baseclass when all 3 move to new message framework
-		@Override
-		public String toString() {
-			LOG.debug("RangerServiceValidationFailure.toString");
-			return String.format("%s: %d, %s", "Policy validation failure", _errorCode, _reason);
-		}
-	}
-
 }

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetails.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetails.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetails.java
index 64e7e50..a0e8573 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetails.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetails.java
@@ -48,11 +48,6 @@ public class ValidationFailureDetails {
 		_reason = reason;
 	}
 
-	// TODO - legacy signature remove after all 3 are ported over to new message framework
-	public ValidationFailureDetails(String fieldName, String subFieldName, boolean missing, boolean semanticError, boolean internalError, String reason) {
-		this(-1, fieldName, subFieldName, missing, semanticError, internalError, reason);
-	}
-
 	public String getFieldName() {
 		return _fieldName;
 	}
@@ -76,23 +71,11 @@ public class ValidationFailureDetails {
 		return _subFieldName;
 	}
 
-	// matches "{blah}", "{{blah}", "{   }" and yields variables names like "blah", "{blah", "   ", etc. for substitution
-	static final Pattern _Pattern = Pattern.compile("\\{([^\\}]+)\\}");
-
-	public String substituteVariables(String template) {
-		return template.replace("{field}", _fieldName == null ? "" : _fieldName)
-				.replace("{sub-field}", _subFieldName == null ? "" : _subFieldName)
-				.replace("{reason}", _reason == null ? "" : _reason);
-	}
-
-	// TODO legacy implementation.  Remove when all
 	@Override
 	public String toString() {
 		LOG.debug("ValidationFailureDetails.toString()");
-		return String.format("Field[%s]%s is %s: reason[%s]", 
-				_fieldName, 
-				_subFieldName == null ? "" : ", subField[" + _subFieldName + "]",
-				getType(), _reason);
+		return String.format("%s: error code[%d], reason[%s], field[%s], subfield[%s], type[%s]", "Policy validation failure",
+				_errorCode, _reason, _fieldName, _subFieldName, getType());
 	}
 
 	@Override

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetailsBuilder.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetailsBuilder.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetailsBuilder.java
index ab67f1f..b39e572 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetailsBuilder.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/ValidationFailureDetailsBuilder.java
@@ -49,7 +49,7 @@ public class ValidationFailureDetailsBuilder {
 	}
 	
 	ValidationFailureDetails build() {
-		return new ValidationFailureDetails(_fieldName, _subFieldName, _missing, _semanticError, _internalError, _reason);
+		return new ValidationFailureDetails(_errorCode, _fieldName, _subFieldName, _missing, _semanticError, _internalError, _reason);
 	}
 
 	ValidationFailureDetailsBuilder subField(String missingParameter) {

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/79bd7e3c/agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestValidationFailureDetails.java
----------------------------------------------------------------------
diff --git a/agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestValidationFailureDetails.java b/agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestValidationFailureDetails.java
deleted file mode 100644
index 815d41c..0000000
--- a/agents-common/src/test/java/org/apache/ranger/plugin/model/validation/TestValidationFailureDetails.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.plugin.model.validation;
-
-import junit.framework.TestCase;
-import org.junit.Test;
-
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import static org.junit.Assert.assertEquals;
-
-public class TestValidationFailureDetails {
-
-    @Test
-    public void test1() {
-        String[] templates = new String[] {
-                "The {field}, was missing and sub-field {sub-field} was mssing, too. Validation failed due to {reason}", // pattern at end.
-                "{field}, was missing and sub-field {sub-field} was mssing, too. Validation failed due to {reason}.",    // pattern at start but not end.
-                "The {field}, was missing and sub-field {sub-field} was mssing, too. Validation failed due to {missing}.",    // unknown substitute
-                "Template does not have field, but had {sub-field} along with a {reason} and a sprious field named {missing}.",    // unknown substitute
-        };
-
-        ValidationFailureDetails failureDetails = new ValidationFailureDetails("id", "subType", false, false, false, "foo-bar");
-
-        String[] results = new String[] {
-                "The id, was missing and sub-field subType was mssing, too. Validation failed due to foo-bar", // pattern at end.
-                "id, was missing and sub-field subType was mssing, too. Validation failed due to foo-bar.",    // pattern at start but not end.
-                "The id, was missing and sub-field subType was mssing, too. Validation failed due to {missing}.",    // unknown substitute
-                "Template does not have field, but had subType along with a foo-bar and a sprious field named {missing}.",    // unknown substitute
-        };
-
-        for (int i = 0; i < templates.length; i++) {
-            String result = failureDetails.substituteVariables(templates[i]);
-            assertEquals(results[i], result);
-        }
-    }
-}
\ No newline at end of file


Mime
View raw message