ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From v..@apache.org
Subject incubator-ranger git commit: RANGER-1005 : Add command line utility to change Ranger user password
Date Thu, 02 Jun 2016 05:04:53 GMT
Repository: incubator-ranger
Updated Branches:
  refs/heads/master a3089d1f0 -> f9300ca97


RANGER-1005 : Add command line utility to change Ranger user password

Signed-off-by: Velmurugan Periasamy <vel@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/f9300ca9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/f9300ca9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/f9300ca9

Branch: refs/heads/master
Commit: f9300ca972cdeda4ec6bb0fe25fbb55853566c3c
Parents: a3089d1
Author: pradeep agrawal <pradeep.agrawal@freestoneinfotech.com>
Authored: Tue May 31 20:50:50 2016 +0530
Committer: Velmurugan Periasamy <vel@apache.org>
Committed: Thu Jun 2 01:04:38 2016 -0400

----------------------------------------------------------------------
 security-admin/scripts/changepasswordutil.py    | 121 ++++++++++++++++++
 .../patch/cliutil/ChangePasswordUtil.java       | 127 +++++++++++++++++++
 src/main/assembly/admin-web.xml                 |   1 +
 3 files changed, 249 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f9300ca9/security-admin/scripts/changepasswordutil.py
----------------------------------------------------------------------
diff --git a/security-admin/scripts/changepasswordutil.py b/security-admin/scripts/changepasswordutil.py
new file mode 100644
index 0000000..c6025f3
--- /dev/null
+++ b/security-admin/scripts/changepasswordutil.py
@@ -0,0 +1,121 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License. See accompanying LICENSE file.
+#
+
+import os
+import re
+import sys
+import errno
+import shlex
+import logging
+import subprocess
+import platform
+import fileinput
+import getpass
+import shutil
+from xml.etree import ElementTree as ET
+from os.path import basename
+from subprocess import Popen,PIPE
+from datetime import date
+from datetime import datetime
+
+os_name = platform.system()
+os_name = os_name.upper()
+
+if os_name == "LINUX":
+	RANGER_ADMIN_HOME = os.getenv("RANGER_ADMIN_HOME")
+	if RANGER_ADMIN_HOME is None:
+		RANGER_ADMIN_HOME = os.getcwd()
+elif os_name == "WINDOWS":
+	RANGER_ADMIN_HOME = os.getenv("RANGER_ADMIN_HOME")
+
+def log(msg,type):
+	if type == 'info':
+		logging.info(" %s",msg)
+	if type == 'debug':
+		logging.debug(" %s",msg)
+	if type == 'warning':
+		logging.warning(" %s",msg)
+	if type == 'exception':
+		logging.exception(" %s",msg)
+	if type == 'error':
+		logging.error(" %s",msg)
+
+
+def main(argv):
+	FORMAT = '%(asctime)-15s %(message)s'
+	logging.basicConfig(format=FORMAT, level=logging.DEBUG)
+
+	app_home = os.path.join(RANGER_ADMIN_HOME,"ews","webapp")
+	ranger_log = os.path.join(RANGER_ADMIN_HOME,"ews","logs")
+
+	if os.environ['JAVA_HOME'] == "":
+		log("[E] ---------- JAVA_HOME environment property not defined, aborting installation.
----------", "error")
+		sys.exit(1)
+	JAVA_BIN=os.path.join(os.environ['JAVA_HOME'],'bin','java')
+	if os_name == "WINDOWS" :
+		JAVA_BIN = JAVA_BIN+'.exe'
+	if os.path.isfile(JAVA_BIN):
+		pass
+	else:
+		while os.path.isfile(JAVA_BIN) == False:
+			log("Enter java executable path: :","info")
+			JAVA_BIN=raw_input()
+	log("[I] Using Java:" + str(JAVA_BIN),"info")
+
+	USERNAME = ''
+	OLD_PASSWORD = ''
+	NEW_PASSWORD=''
+
+	if len(argv)==4:
+		userName=argv[1]
+		oldPassword=argv[2]
+		newPassword=argv[3]
+	else:
+		log("[E] Invalid argument list.", "error")
+		log("[I] Usage : python changepasswordutil.py <loginID> <currentPassword> <newPassword>","info")
+		sys.exit(1)
+
+	while userName == "":
+		print "Enter user name:"
+		userName=raw_input()
+
+	while oldPassword == "":
+		oldPassword=getpass.getpass("Enter current password:")
+
+	while newPassword == "":
+		newPassword=getpass.getpass("Enter new password:")
+
+	if oldPassword==newPassword:
+		log("[E] Old Password and New Password argument are same. Exiting!!", "error")
+		sys.exit(1)
+
+	if userName != "" and oldPassword != "" and newPassword != "":
+		if os_name == "LINUX":
+			path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home)
+		elif os_name == "WINDOWS":
+			path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home)
+		get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(JAVA_BIN,ranger_log,path,'ChangePasswordUtil',userName,oldPassword,newPassword)
+		if os_name == "LINUX":
+			ret = subprocess.call(shlex.split(get_java_cmd))
+		elif os_name == "WINDOWS":
+			ret = subprocess.call(get_java_cmd)
+		if ret == 0:
+			log("[I] Password updated successfully","info")
+		else:
+			log("[E] Unable to update password of user:"+userName,"error")
+			sys.exit(1)
+	else:
+		log("[E] Input Error","error")
+
+main(sys.argv)

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f9300ca9/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
new file mode 100644
index 0000000..fd72e97
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
@@ -0,0 +1,127 @@
+/*<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->*/
+
+package org.apache.ranger.patch.cliutil;
+
+import org.apache.log4j.Logger;
+import org.apache.ranger.biz.UserMgr;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXPortalUser;
+import org.apache.ranger.patch.BaseLoader;
+import org.apache.ranger.util.CLIUtil;
+import org.apache.solr.common.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class ChangePasswordUtil extends BaseLoader {
+	private static Logger logger = Logger.getLogger(ChangePasswordUtil.class);
+
+	@Autowired
+	RangerDaoManager daoMgr;
+
+	@Autowired
+	UserMgr userMgr;
+	
+	public static String userLoginId;
+	public static String currentPassword;
+	public static String newPassword;
+
+	public static void main(String[] args) {
+		logger.info("main()");
+		try {
+			ChangePasswordUtil loader = (ChangePasswordUtil) CLIUtil.getBean(ChangePasswordUtil.class);
+			loader.init();
+			if (args.length == 3) {
+				userLoginId = args[0];
+				currentPassword = args[1];
+				newPassword = args[2];
+				if(StringUtils.isEmpty(userLoginId)){
+					System.out.println("Invalid login ID. Exiting!!!");
+					logger.info("Invalid login ID. Exiting!!!");
+					System.exit(1);
+				}
+				if(StringUtils.isEmpty(currentPassword)){
+					System.out.println("Invalid current password. Exiting!!!");
+					logger.info("Invalid current password. Exiting!!!");
+					System.exit(1);
+				}
+				if(StringUtils.isEmpty(newPassword)){
+					System.out.println("Invalid new password. Exiting!!!");
+					logger.info("Invalid new password. Exiting!!!");
+					System.exit(1);
+				}
+				while (loader.isMoreToProcess()) {
+					loader.load();
+				}
+				logger.info("Load complete. Exiting!!!");
+				System.exit(0);
+			}else{
+				System.out.println("ChangePasswordUtil: Incorrect Arguments \n Usage: \n <loginId>
<current-password> <new-password>");
+				logger.error("ChangePasswordUtil: Incorrect Arguments \n Usage: \n <loginId> <current-password>
<new-password>");
+				System.exit(1);
+			}
+		}
+		catch (Exception e) {
+			logger.error("Error loading", e);
+			System.exit(1);
+		}
+	}
+
+	@Override
+	public void init() throws Exception {
+	}
+
+	@Override
+	public void printStats() {
+	}
+
+	@Override
+	public void execLoad() {
+		logger.info("==> ChangePasswordUtil.execLoad()");
+		updateAdminPassword();
+		logger.info("<== ChangePasswordUtil.execLoad()");
+	}
+
+	public void updateAdminPassword() {
+		XXPortalUser xPortalUser=daoMgr.getXXPortalUser().findByLoginId(userLoginId);
+		if (xPortalUser!=null){
+			String dbPassword=xPortalUser.getPassword();
+			String currentEncryptedPassword=null;
+			try {
+				currentEncryptedPassword=userMgr.encrypt(userLoginId, currentPassword);
+				if (currentEncryptedPassword.equals(dbPassword)){
+					userMgr.updatePasswordInSHA256(userLoginId,newPassword);
+					logger.info("User '"+userLoginId+"' Password updated sucessfully.");
+				}
+				else{
+					System.out.println("Invalid user password");
+					logger.error("Invalid user password");
+					System.exit(1);
+				}
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+		}
+		else{
+			System.out.println("User does not exist in DB!!");
+			logger.error("User does not exist in DB");
+			System.exit(1);
+		}
+	}
+}

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f9300ca9/src/main/assembly/admin-web.xml
----------------------------------------------------------------------
diff --git a/src/main/assembly/admin-web.xml b/src/main/assembly/admin-web.xml
index 7fd2abf..7395add 100644
--- a/src/main/assembly/admin-web.xml
+++ b/src/main/assembly/admin-web.xml
@@ -357,6 +357,7 @@
 			<include>update_property.py</include>
 			<include>ranger_credential_helper.py</include>
 			<include>deleteUserGroupUtil.py</include>
+			<include>changepasswordutil.py</include>
 		</includes>
 		<fileMode>544</fileMode>
 	</fileSet>


Mime
View raw message