ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From prad...@apache.org
Subject ranger git commit: RANGER-1612 : When servicedef is accessed, def_options property "enableDenyAndExceptionsInPolicies" is returned as "false" if there is no value set for it.
Date Fri, 26 May 2017 12:37:59 GMT
Repository: ranger
Updated Branches:
  refs/heads/ranger-0.7 ca53a68e4 -> cf01599b8


RANGER-1612 : When servicedef is accessed, def_options property "enableDenyAndExceptionsInPolicies"
is returned as "false" if there is no value set for it.

Change-Id: Icb63b00e09412544ae5eabc745cf7c99af435362


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/cf01599b
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/cf01599b
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/cf01599b

Branch: refs/heads/ranger-0.7
Commit: cf01599b8724e080bcb760ef207fcf9fe9943396
Parents: ca53a68
Author: pradeep <pradeep@apache.org>
Authored: Fri May 26 16:59:22 2017 +0530
Committer: pradeep <pradeep@apache.org>
Committed: Fri May 26 18:05:26 2017 +0530

----------------------------------------------------------------------
 NOTICE.txt                                      |  1 -
 .../PatchForHiveServiceDefUpdate_J10006.java    | 68 ++++++++++++++++++
 .../PatchForHiveServiceDefUpdate_J10007.java    | 75 +++++++++++++++++++-
 3 files changed, 140 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/cf01599b/NOTICE.txt
----------------------------------------------------------------------
diff --git a/NOTICE.txt b/NOTICE.txt
index 0cd1f15..f6c41f3 100644
--- a/NOTICE.txt
+++ b/NOTICE.txt
@@ -2,6 +2,5 @@ Apache Ranger
 Copyright 2014-2017 The Apache Software Foundation
 
 This product includes software developed at The Apache Software Foundation (http://www.apache.org/).
-This product includes json2.js (https://github.com/douglascrockford/JSON-js - Public Domain
license) by Douglas Crockford
 This product includes Font Awesome 3.2.1 (http://fontawesome.io/ - SIL Open Font License
(OFL) licensee) by Dave Gandy
 This product includes software developed by Spring Security Project (http://www.springframework.org/security)

http://git-wip-us.apache.org/repos/asf/ranger/blob/cf01599b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
index 7d6a23d..348969a 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10006.java
@@ -17,7 +17,9 @@
 
 package org.apache.ranger.patch;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
+import org.apache.ranger.entity.XXServiceDef;
 import org.apache.ranger.biz.RangerBizUtil;
 import org.apache.ranger.biz.ServiceDBStore;
 import org.apache.ranger.common.JSONUtil;
@@ -37,6 +39,9 @@ import org.apache.ranger.util.CLIUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import java.util.HashMap;
+import java.util.Map;
+
 @Component
 public class PatchForHiveServiceDefUpdate_J10006 extends BaseLoader {
 	private static final Logger logger = Logger.getLogger(PatchForHiveServiceDefUpdate_J10006.class);
@@ -114,9 +119,18 @@ public class PatchForHiveServiceDefUpdate_J10006 extends BaseLoader {
 		RangerServiceDef dbHiveServiceDef 		= null;
 		RangerDataMaskDef dataMaskDef 			= null;
 		RangerRowFilterDef rowFilterDef 		= null;
+		XXServiceDef xXServiceDefObj			= null;
 		try{
 			embeddedHiveServiceDef=EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
 			if(embeddedHiveServiceDef!=null){
+				xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
+				Map<String, String> serviceDefOptionsPreUpdate=null;
+				String jsonStrPreUpdate=null;
+				if(xXServiceDefObj!=null) {
+					jsonStrPreUpdate=xXServiceDefObj.getDefOptions();
+					serviceDefOptionsPreUpdate=jsonStringToMap(jsonStrPreUpdate);
+					xXServiceDefObj=null;
+				}
 				dataMaskDef= embeddedHiveServiceDef.getDataMaskDef();
 				rowFilterDef= embeddedHiveServiceDef.getRowFilterDef();
 
@@ -137,6 +151,23 @@ public class PatchForHiveServiceDefUpdate_J10006 extends BaseLoader {
 						logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME+"service-def");
 						System.exit(1);
 					}
+					xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
+					if(xXServiceDefObj!=null) {
+						String jsonStrPostUpdate=xXServiceDefObj.getDefOptions();
+						Map<String, String> serviceDefOptionsPostUpdate=jsonStringToMap(jsonStrPostUpdate);
+						if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES))
{
+							if(serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES))
{
+								String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+								if (preUpdateValue == null) {
+									serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+								} else {
+									serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES,
preUpdateValue);
+								}
+								xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
+								daoMgr.getXXServiceDef().update(xXServiceDefObj);
+							}
+						}
+					}
 				}
 			}
 			}catch(Exception e)
@@ -144,4 +175,41 @@ public class PatchForHiveServiceDefUpdate_J10006 extends BaseLoader {
 				logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME+"service-def",
e);
 			}
 	}
+	private String mapToJsonString(Map<String, String> map) {
+		String ret = null;
+		if(map != null) {
+			try {
+				ret = jsonUtil.readMapToString(map);
+			} catch(Exception excp) {
+				logger.warn("mapToJsonString() failed to convert map: " + map, excp);
+			}
+		}
+		return ret;
+	}
+	protected Map<String, String> jsonStringToMap(String jsonStr) {
+		Map<String, String> ret = null;
+		if(!StringUtils.isEmpty(jsonStr)) {
+			try {
+				ret = jsonUtil.jsonToMap(jsonStr);
+			} catch(Exception excp) {
+				// fallback to earlier format: "name1=value1;name2=value2"
+				for(String optionString : jsonStr.split(";")) {
+					if(StringUtils.isEmpty(optionString)) {
+						continue;
+					}
+					String[] nvArr = optionString.split("=");
+					String name  = (nvArr != null && nvArr.length > 0) ? nvArr[0].trim() : null;
+					String value = (nvArr != null && nvArr.length > 1) ? nvArr[1].trim() : null;
+					if(StringUtils.isEmpty(name)) {
+						continue;
+					}
+					if(ret == null) {
+						ret = new HashMap<String, String>();
+					}
+					ret.put(name, value);
+				}
+			}
+		}
+		return ret;
+	}
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ranger/blob/cf01599b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java
b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java
index e0c6a65..e4bcdfa 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForHiveServiceDefUpdate_J10007.java
@@ -17,6 +17,7 @@
 
 package org.apache.ranger.patch;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.apache.ranger.biz.RangerBizUtil;
 import org.apache.ranger.biz.ServiceDBStore;
@@ -34,8 +35,10 @@ import org.apache.ranger.service.XPolicyService;
 import org.apache.ranger.util.CLIUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
-
+import org.apache.ranger.entity.XXServiceDef;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 
 @Component
 public class PatchForHiveServiceDefUpdate_J10007 extends BaseLoader {
@@ -116,11 +119,19 @@ public class PatchForHiveServiceDefUpdate_J10007 extends BaseLoader
{
 		RangerServiceDef dbHiveServiceDef 		= null;
 		List<RangerServiceDef.RangerResourceDef> 	embeddedHiveResourceDefs  = null;
 		List<RangerServiceDef.RangerAccessTypeDef> 	embeddedHiveAccessTypes   = null;
-
+		XXServiceDef xXServiceDefObj			= null;
 		try{
 			embeddedHiveServiceDef=EmbeddedServiceDefsUtil.instance().getEmbeddedServiceDef(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
 			if(embeddedHiveServiceDef!=null){
 
+				xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
+				Map<String, String> serviceDefOptionsPreUpdate=null;
+				String jsonStrPreUpdate=null;
+				if(xXServiceDefObj!=null) {
+					jsonStrPreUpdate=xXServiceDefObj.getDefOptions();
+					serviceDefOptionsPreUpdate=jsonStringToMap(jsonStrPreUpdate);
+					xXServiceDefObj=null;
+				}
 				dbHiveServiceDef=svcDBStore.getServiceDefByName(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
 				
 				if(dbHiveServiceDef!=null){
@@ -133,7 +144,9 @@ public class PatchForHiveServiceDefUpdate_J10007 extends BaseLoader {
 							dbHiveServiceDef.setResources(embeddedHiveResourceDefs);
 						}
 						if (embeddedHiveAccessTypes != null) {
-							dbHiveServiceDef.setAccessTypes(embeddedHiveAccessTypes);
+							if(!embeddedHiveAccessTypes.toString().equalsIgnoreCase(dbHiveServiceDef.getAccessTypes().toString()))
{
+								dbHiveServiceDef.setAccessTypes(embeddedHiveAccessTypes);
+							}
 						}
 					}
 
@@ -145,6 +158,23 @@ public class PatchForHiveServiceDefUpdate_J10007 extends BaseLoader {
 						logger.error("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME+"service-def");
 						throw new RuntimeException("Error while updating "+SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME+"service-def");
 					}
+					xXServiceDefObj = daoMgr.getXXServiceDef().findByName(SERVICEDBSTORE_SERVICEDEFBYNAME_HIVE_NAME);
+					if(xXServiceDefObj!=null) {
+						String jsonStrPostUpdate=xXServiceDefObj.getDefOptions();
+						Map<String, String> serviceDefOptionsPostUpdate=jsonStringToMap(jsonStrPostUpdate);
+						if (serviceDefOptionsPostUpdate != null && serviceDefOptionsPostUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES))
{
+							if(serviceDefOptionsPreUpdate == null || !serviceDefOptionsPreUpdate.containsKey(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES))
{
+								String preUpdateValue = serviceDefOptionsPreUpdate == null ? null : serviceDefOptionsPreUpdate.get(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+								if (preUpdateValue == null) {
+									serviceDefOptionsPostUpdate.remove(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES);
+								} else {
+									serviceDefOptionsPostUpdate.put(RangerServiceDef.OPTION_ENABLE_DENY_AND_EXCEPTIONS_IN_POLICIES,
preUpdateValue);
+								}
+								xXServiceDefObj.setDefOptions(mapToJsonString(serviceDefOptionsPostUpdate));
+								daoMgr.getXXServiceDef().update(xXServiceDefObj);
+							}
+						}
+					}
 				}
 			}
 			}catch(Exception e)
@@ -163,4 +193,43 @@ public class PatchForHiveServiceDefUpdate_J10007 extends BaseLoader {
 		}
 		return ret;
 	}
+
+	private String mapToJsonString(Map<String, String> map) {
+		String ret = null;
+		if(map != null) {
+			try {
+				ret = jsonUtil.readMapToString(map);
+			} catch(Exception excp) {
+				logger.warn("mapToJsonString() failed to convert map: " + map, excp);
+			}
+		}
+		return ret;
+	}
+
+	protected Map<String, String> jsonStringToMap(String jsonStr) {
+		Map<String, String> ret = null;
+		if(!StringUtils.isEmpty(jsonStr)) {
+			try {
+				ret = jsonUtil.jsonToMap(jsonStr);
+			} catch(Exception excp) {
+				// fallback to earlier format: "name1=value1;name2=value2"
+				for(String optionString : jsonStr.split(";")) {
+					if(StringUtils.isEmpty(optionString)) {
+						continue;
+					}
+					String[] nvArr = optionString.split("=");
+					String name  = (nvArr != null && nvArr.length > 0) ? nvArr[0].trim() : null;
+					String value = (nvArr != null && nvArr.length > 1) ? nvArr[1].trim() : null;
+					if(StringUtils.isEmpty(name)) {
+						continue;
+					}
+					if(ret == null) {
+						ret = new HashMap<String, String>();
+					}
+					ret.put(name, value);
+				}
+			}
+		}
+		return ret;
+	}
 }
\ No newline at end of file


Mime
View raw message