From commits-return-4218-archive-asf-public=cust-asf.ponee.io@ranger.apache.org Tue Feb 27 10:34:53 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id CCCE8180671 for ; Tue, 27 Feb 2018 10:34:50 +0100 (CET) Received: (qmail 42960 invoked by uid 500); 27 Feb 2018 09:34:49 -0000 Mailing-List: contact commits-help@ranger.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.apache.org Delivered-To: mailing list commits@ranger.apache.org Received: (qmail 42940 invoked by uid 99); 27 Feb 2018 09:34:49 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Feb 2018 09:34:49 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 04096DFA6C; Tue, 27 Feb 2018 09:34:48 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: mehul@apache.org To: commits@ranger.apache.org Date: Tue, 27 Feb 2018 09:34:49 -0000 Message-Id: <7c9a0d1934c44c4a9521aa6efb829368@git.apache.org> In-Reply-To: References: X-Mailer: ASF-Git Admin Mailer Subject: [2/3] ranger git commit: RANGER-1972 : Ability to label policies, filter/search and show policies by labels RANGER-1972 : Ability to label policies, filter/search and show policies by labels Signed-off-by: Mehul Parikh Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/44b37384 Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/44b37384 Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/44b37384 Branch: refs/heads/master Commit: 44b3738480032c5304aa3f1c2d75e6808d31cc65 Parents: 625cd35 Author: Bhavik Patel Authored: Wed Feb 14 17:30:26 2018 +0530 Committer: Mehul Parikh Committed: Tue Feb 27 14:20:57 2018 +0530 ---------------------------------------------------------------------- .../ranger/plugin/model/RangerPolicy.java | 37 +++- .../plugin/store/AbstractPredicateUtil.java | 42 +++++ .../apache/ranger/plugin/util/SearchFilter.java | 3 + .../optimized/current/ranger_core_db_mysql.sql | 45 +++++ .../mysql/patches/030-policy-labels-schema.sql | 60 ++++++ .../optimized/current/ranger_core_db_oracle.sql | 34 ++++ .../oracle/patches/030-policy-labels-schema.sql | 48 +++++ .../current/ranger_core_db_postgres.sql | 40 ++++ .../patches/030-policy-labels-schema.sql | 56 ++++++ .../current/ranger_core_db_sqlanywhere.sql | 47 +++++ .../patches/030-policy-labels-schema.sql | 59 ++++++ .../current/ranger_core_db_sqlserver.sql | 69 ++++++- .../patches/030-policy-labels-schema.sql | 100 ++++++++++ .../ranger/biz/RangerPolicyRetriever.java | 49 ++++- .../org/apache/ranger/biz/ServiceDBStore.java | 82 ++++++++- .../apache/ranger/common/RangerSearchUtil.java | 6 +- .../apache/ranger/db/RangerDaoManagerBase.java | 11 ++ .../org/apache/ranger/db/XXPolicyLabelDao.java | 104 +++++++++++ .../apache/ranger/db/XXPolicyLabelMapDao.java | 70 +++++++ .../org/apache/ranger/entity/XXPolicyLabel.java | 150 +++++++++++++++ .../apache/ranger/entity/XXPolicyLabelMap.java | 181 +++++++++++++++++++ .../org/apache/ranger/rest/ServiceREST.java | 39 ++++ .../service/RangerPolicyLabelsService.java | 66 +++++++ .../ranger/service/RangerPolicyService.java | 69 ++++++- .../ranger/service/RangerPolicyServiceBase.java | 2 + .../java/org/apache/ranger/view/VXPolicy.java | 11 ++ .../org/apache/ranger/view/VXPolicyLabel.java | 70 +++++++ .../apache/ranger/view/VXPolicyLabelList.java | 80 ++++++++ .../resources/META-INF/jpa_named_queries.xml | 45 +++++ .../main/webapp/scripts/models/RangerPolicy.js | 63 ++++++- .../scripts/modules/globalize/message/en.js | 7 +- .../src/main/webapp/scripts/utils/XAUtils.js | 22 ++- .../views/policies/RangerPolicyDetail.js | 4 +- .../scripts/views/policies/RangerPolicyForm.js | 11 +- .../scripts/views/policies/RangerPolicyRO.js | 1 + .../views/policies/RangerPolicyTableLayout.js | 46 +++-- .../views/reports/PlugableServiceDiffDetail.js | 14 +- .../scripts/views/reports/UserAccessLayout.js | 74 ++++++-- security-admin/src/main/webapp/styles/xa.css | 6 +- .../policies/RangerPolicyDetail_tmpl.html | 9 + .../templates/policies/RangerPolicyRO_tmpl.html | 14 ++ .../reports/UserAccessLayout_tmpl.html | 8 + .../apache/ranger/biz/TestServiceDBStore.java | 26 ++- .../org/apache/ranger/rest/TestServiceREST.java | 23 ++- 44 files changed, 1940 insertions(+), 63 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java index 60daed9..534fe49 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java @@ -71,13 +71,14 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria private List dataMaskPolicyItems; private List rowFilterPolicyItems; private String serviceType; + private List policyLabels; /** * @param */ public RangerPolicy() { - this(null, null, null, null, null, null, null); + this(null, null, null, null, null, null, null, null); } /** @@ -89,7 +90,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria * @param policyItems * @param resourceSignature TODO */ - public RangerPolicy(String service, String name, Integer policyType, String description, Map resources, List policyItems, String resourceSignature) { + public RangerPolicy(String service, String name, Integer policyType, String description, Map resources, List policyItems, String resourceSignature, List policyLables) { super(); setService(service); @@ -105,6 +106,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria setDenyExceptions(null); setDataMaskPolicyItems(null); setRowFilterPolicyItems(null); + setPolicyLabels(policyLables); } /** @@ -126,6 +128,7 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria setDenyExceptions(other.getDenyExceptions()); setDataMaskPolicyItems(other.getDataMaskPolicyItems()); setRowFilterPolicyItems(other.getRowFilterPolicyItems()); + setPolicyLabels(other.getPolicyLabels()); } /** @@ -220,6 +223,26 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria this.serviceType = serviceType; } + public List getPolicyLabels() { + return policyLabels; + } + + public void setPolicyLabels(List policyLabels) { + if (this.policyLabels == null) { + this.policyLabels = new ArrayList<>(); + } + + if (this.policyLabels == policyLabels) { + return; + } + + this.policyLabels.clear(); + + if (policyLabels != null) { + this.policyLabels.addAll(policyLabels); + } + } + /** * @return the resources */ @@ -423,7 +446,15 @@ public class RangerPolicy extends RangerBaseModelObject implements java.io.Seria } } sb.append("} "); - + sb.append("policyLabels={"); + if(policyLabels != null) { + for(String policyLabel : policyLabels) { + if(policyLabel != null) { + sb.append(policyLabel).append(" "); + } + } + } + sb.append("} "); sb.append("policyItems={"); if(policyItems != null) { for(RangerPolicyItem policyItem : policyItems) { http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java index 7583864..a139443 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/AbstractPredicateUtil.java @@ -96,6 +96,7 @@ public class AbstractPredicateUtil { addPredicateForPartialPolicyName(filter.getParam(SearchFilter.POLICY_NAME_PARTIAL), predicates); addPredicateForResourceSignature(filter.getParam(SearchFilter.RESOURCE_SIGNATURE), predicates); addPredicateForPolicyType(filter.getParam(SearchFilter.POLICY_TYPE), predicates); + addPredicateForPartialPolicyLabels(filter.getParam(SearchFilter.POLICY_LABELS_PARTIAL), predicates); } public Comparator getSorter(SearchFilter filter) { @@ -818,6 +819,47 @@ public class AbstractPredicateUtil { return ret; } + private Predicate addPredicateForPartialPolicyLabels(final String policyLabels, List predicates) { + if (StringUtils.isEmpty(policyLabels)) { + return null; + } + + Predicate ret = new Predicate() { + @Override + public boolean evaluate(Object object) { + if (object == null) { + return false; + } + boolean ret = false; + + if (object instanceof RangerPolicy) { + RangerPolicy policy = (RangerPolicy) object; + // exact match + /*if (policy.getPolicyLabels().contains(policyLabels)) { + ret = true; + }*/ + /*partial match*/ + for (String label :policy.getPolicyLabels()){ + ret = StringUtils.containsIgnoreCase(label, policyLabels); + if(ret){ + return ret; + } + } + + } else { + ret = true; + } + return ret; + } + }; + if (predicates != null) { + predicates.add(ret); + } + + return ret; + } + + public Predicate createPredicateForResourceSignature(final String policySignature) { if (StringUtils.isEmpty(policySignature)) { http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java index fa4f767..4a8f139 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java @@ -52,6 +52,9 @@ public class SearchFilter { public static final String RESOURCE_SIGNATURE = "resourceSignature:"; // search public static final String POLICY_TYPE = "policyType"; // search public static final String GUID = "guid"; //search + public static final String POLICY_LABEL = "policyLabel"; // search + public static final String POLICY_LABELS_PARTIAL = "policyLabelsPartial"; // search + public static final String POLICY_LABEL_ID = "policyLabelId"; // search, sort public static final String TAG_DEF_ID = "tagDefId"; // search public static final String TAG_DEF_GUID = "tagDefGuid"; // search http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql index 69f3768..d516d64 100644 --- a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql +++ b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql @@ -47,6 +47,8 @@ DROP TABLE IF EXISTS `x_access_type_def_grants`; DROP TABLE IF EXISTS `x_access_type_def`; DROP TABLE IF EXISTS `x_resource_def`; DROP TABLE IF EXISTS `x_service_config_def`; +DROP TABLE IF EXISTS `x_policy_label_map`; +DROP TABLE IF EXISTS `x_policy_label`; DROP TABLE IF EXISTS `x_policy`; DROP TABLE IF EXISTS `x_service`; DROP TABLE IF EXISTS `x_service_def`; @@ -1200,6 +1202,45 @@ CREATE TABLE IF NOT EXISTS `x_plugin_info`( KEY `x_plugin_info_IDX_host_name`(`host_name`) )ROW_FORMAT=DYNAMIC; +CREATE TABLE `x_policy_label` ( +`id` bigint(20) NOT NULL AUTO_INCREMENT , +`guid` varchar(1024) DEFAULT NULL, +`create_time` datetime DEFAULT NULL, +`update_time` datetime DEFAULT NULL, +`added_by_id` bigint(20) DEFAULT NULL, +`upd_by_id` bigint(20) DEFAULT NULL, +`label_name` varchar(512) DEFAULT NULL, +primary key (`id`), +UNIQUE KEY `x_policy_label_UK_label_name` (`label_name`), +KEY `x_policy_label_added_by_id` (`added_by_id`), +KEY `x_policy_label_upd_by_id` (`upd_by_id`), +KEY `x_policy_label_cr_time` (`create_time`), +KEY `x_policy_label_up_time` (`update_time`), +KEY `x_policy_label_name` (`label_name`), +CONSTRAINT `x_policy_label_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`) +)ROW_FORMAT=DYNAMIC; + +CREATE TABLE `x_policy_label_map` ( +`id` bigint(20) NOT NULL AUTO_INCREMENT , +`guid` varchar(1024) DEFAULT NULL, +`create_time` datetime DEFAULT NULL, +`update_time` datetime DEFAULT NULL, +`added_by_id` bigint(20) DEFAULT NULL, +`upd_by_id` bigint(20) DEFAULT NULL, +`policy_id` bigint(20) DEFAULT NULL, +`policy_label_id` bigint(20) DEFAULT NULL, +primary key (`id`), +UNIQUE INDEX `x_policy_label_map_pid_plid` (`policy_id`, `policy_label_id`), +KEY `x_policy_label_map_added_by_id` (`added_by_id`), +KEY `x_policy_label_map_upd_by_id` (`upd_by_id`), +KEY `x_policy_label_map_cr_time` (`create_time`), +KEY `x_policy_label_map_up_time` (`update_time`), +CONSTRAINT `x_policy_label_map_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_map_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_map_FK_policy_id` FOREIGN KEY (`policy_id`) REFERENCES `x_policy` (`id`), +CONSTRAINT `x_policy_label_map_FK_policy_label_id` FOREIGN KEY (`policy_label_id`) REFERENCES `x_policy_label` (`id`) +)ROW_FORMAT=DYNAMIC; CREATE INDEX x_service_config_def_IDX_def_id ON x_service_config_def(def_id); CREATE INDEX x_resource_def_IDX_def_id ON x_resource_def(def_id); @@ -1228,6 +1269,9 @@ CREATE INDEX x_datamask_type_def_IDX_def_id ON x_datamask_type_def(def_id); CREATE INDEX x_policy_item_datamask_IDX_policy_item_id ON x_policy_item_datamask(policy_item_id); CREATE INDEX x_policy_item_rowfilter_IDX_policy_item_id ON x_policy_item_rowfilter(policy_item_id); CREATE INDEX x_service_version_info_IDX_service_id ON x_service_version_info(service_id); +CREATE INDEX x_policy_label_label_id ON x_policy_label(id); +CREATE INDEX x_policy_label_label_name ON x_policy_label(label_name); +CREATE INDEX x_policy_label_label_map_id ON x_policy_label_map(id); CREATE VIEW vx_trx_log AS select x_trx_log.id AS id,x_trx_log.create_time AS create_time,x_trx_log.update_time AS update_time,x_trx_log.added_by_id AS added_by_id,x_trx_log.upd_by_id AS upd_by_id,x_trx_log.class_type AS class_type,x_trx_log.object_id AS object_id,x_trx_log.parent_object_id AS parent_object_id,x_trx_log.parent_object_class_type AS parent_object_class_type,x_trx_log.attr_name AS attr_name,x_trx_log.parent_object_name AS parent_object_name,x_trx_log.object_name AS object_name,x_trx_log.prev_val AS prev_val,x_trx_log.new_val AS new_val,x_trx_log.trx_id AS trx_id,x_trx_log.action AS action,x_trx_log.sess_id AS sess_id,x_trx_log.req_id AS req_id,x_trx_log.sess_type AS sess_type from x_trx_log where id in(select min(x_trx_log.id) from x_trx_log group by x_trx_log.trx_id); @@ -1272,6 +1316,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('027',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('028',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('029',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y'); +INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('030',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y'); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,3,UTC_TIMESTAMP(),UTC_TIMESTAMP(),1,1,1); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,1,UTC_TIMESTAMP(),UTC_TIMESTAMP(),1,1,1); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/mysql/patches/030-policy-labels-schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/mysql/patches/030-policy-labels-schema.sql b/security-admin/db/mysql/patches/030-policy-labels-schema.sql new file mode 100644 index 0000000..33af2a8 --- /dev/null +++ b/security-admin/db/mysql/patches/030-policy-labels-schema.sql @@ -0,0 +1,60 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. + +DROP TABLE IF EXISTS `x_policy_label`; +CREATE TABLE `x_policy_label` ( +`id` bigint(20) NOT NULL AUTO_INCREMENT , +`guid` varchar(1024) DEFAULT NULL, +`create_time` datetime DEFAULT NULL, +`update_time` datetime DEFAULT NULL, +`added_by_id` bigint(20) DEFAULT NULL, +`upd_by_id` bigint(20) DEFAULT NULL, +`label_name` varchar(512) DEFAULT NULL, +primary key (`id`), +UNIQUE KEY `x_policy_label_UK_label_name` (`label_name`), +KEY `x_policy_label_added_by_id` (`added_by_id`), +KEY `x_policy_label_upd_by_id` (`upd_by_id`), +KEY `x_policy_label_cr_time` (`create_time`), +KEY `x_policy_label_up_time` (`update_time`), +KEY `x_policy_label_name` (`label_name`), +CONSTRAINT `x_policy_label_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`) +)ROW_FORMAT=DYNAMIC; + +DROP TABLE IF EXISTS `x_policy_label_map`; +CREATE TABLE `x_policy_label_map` ( +`id` bigint(20) NOT NULL AUTO_INCREMENT , +`guid` varchar(1024) DEFAULT NULL, +`create_time` datetime DEFAULT NULL, +`update_time` datetime DEFAULT NULL, +`added_by_id` bigint(20) DEFAULT NULL, +`upd_by_id` bigint(20) DEFAULT NULL, +`policy_id` bigint(20) DEFAULT NULL, +`policy_label_id` bigint(20) DEFAULT NULL, +primary key (`id`), +UNIQUE INDEX `x_policy_label_map_pid_plid` (`policy_id`, `policy_label_id`), +KEY `x_policy_label_map_added_by_id` (`added_by_id`), +KEY `x_policy_label_map_upd_by_id` (`upd_by_id`), +KEY `x_policy_label_map_cr_time` (`create_time`), +KEY `x_policy_label_map_up_time` (`update_time`), +CONSTRAINT `x_policy_label_map_FK_added_by_id` FOREIGN KEY (`added_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_map_FK_upd_by_id` FOREIGN KEY (`upd_by_id`) REFERENCES `x_portal_user` (`id`), +CONSTRAINT `x_policy_label_map_FK_policy_id` FOREIGN KEY (`policy_id`) REFERENCES `x_policy` (`id`), +CONSTRAINT `x_policy_label_map_FK_policy_label_id` FOREIGN KEY (`policy_label_id`) REFERENCES `x_policy_label` (`id`) +)ROW_FORMAT=DYNAMIC; + +CREATE INDEX x_policy_label_label_id ON x_policy_label(id); +CREATE INDEX x_policy_label_label_name ON x_policy_label(label_name); +CREATE INDEX x_policy_label_label_map_id ON x_policy_label_map(id); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql index 5abbcd0..abc7d59 100644 --- a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql +++ b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql @@ -69,6 +69,8 @@ CREATE SEQUENCE X_POLICY_ITEM_DATAMASK_SEQ START WITH 1 INCREMENT BY 1 NOCACHE N CREATE SEQUENCE X_POLICY_ITEM_ROWFILTER_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; CREATE SEQUENCE X_SERVICE_VERSION_INFO_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; CREATE SEQUENCE X_PLUGIN_INFO_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; +CREATE SEQUENCE X_POLICY_LABEL_MAP_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; +CREATE SEQUENCE X_POLICY_LABEL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; --CREATE SEQUENCE X_DB_VERSION_H_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; commit; @@ -1056,6 +1058,37 @@ info VARCHAR(1024) NOT NULL, PRIMARY KEY (id), CONSTRAINT x_plugin_info_UK UNIQUE (service_name, host_name, app_type) ); + +CREATE TABLE x_policy_label ( +id NUMBER(20) NOT NULL, +guid VARCHAR(1024) DEFAULT NULL NULL, +create_time DATE DEFAULT NULL NULL, +update_time DATE DEFAULT NULL NULL, +added_by_id NUMBER(20) DEFAULT NULL NULL, +upd_by_id NUMBER(20) DEFAULT NULL NULL, +label_name VARCHAR(512) DEFAULT NULL, +primary key (id), +CONSTRAINT x_pl_UK_label_name UNIQUE (label_name), +CONSTRAINT x_pl_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_pl_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id) +); + +CREATE TABLE x_policy_label_map ( +id NUMBER(20) NOT NULL, +guid VARCHAR(1024) DEFAULT NULL NULL, +create_time DATE DEFAULT NULL NULL, +update_time DATE DEFAULT NULL NULL, +added_by_id NUMBER(20) DEFAULT NULL NULL, +upd_by_id NUMBER(20) DEFAULT NULL NULL, +policy_id NUMBER(20) DEFAULT NULL, +policy_label_id NUMBER(20) DEFAULT NULL, +primary key (id), +CONSTRAINT x_plmap_uk_pid_plid UNIQUE (policy_id,policy_label_id), +CONSTRAINT x_plmap_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_plmap_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_plmap_FK_policy_id FOREIGN KEY (policy_id) REFERENCES x_policy (id), +CONSTRAINT x_plmap_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES x_policy_label (id) +); commit; CREATE VIEW vx_trx_log AS select x_trx_log.id AS id,x_trx_log.create_time AS create_time,x_trx_log.update_time AS update_time,x_trx_log.added_by_id AS added_by_id,x_trx_log.upd_by_id AS upd_by_id,x_trx_log.class_type AS class_type,x_trx_log.object_id AS object_id,x_trx_log.parent_object_id AS parent_object_id,x_trx_log.parent_object_class_type AS parent_object_class_type,x_trx_log.attr_name AS attr_name,x_trx_log.parent_object_name AS parent_object_name,x_trx_log.object_name AS object_name,x_trx_log.prev_val AS prev_val,x_trx_log.new_val AS new_val,x_trx_log.trx_id AS trx_id,x_trx_log.action AS action,x_trx_log.sess_id AS sess_id,x_trx_log.req_id AS req_id,x_trx_log.sess_type AS sess_type from x_trx_log where id in(select min(x_trx_log.id) from x_trx_log group by x_trx_log.trx_id); @@ -1257,6 +1290,7 @@ INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,act INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '027',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y'); INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '028',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y'); INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '029',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y'); +INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, '030',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y'); INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES (X_DB_VERSION_H_SEQ.nextval, 'DB_PATCHES',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y'); INSERT INTO x_user_module_perm (id,user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (X_USER_MODULE_PERM_SEQ.nextval,1,3,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),1,1,1); INSERT INTO x_user_module_perm (id,user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (X_USER_MODULE_PERM_SEQ.nextval,1,1,sys_extract_utc(systimestamp),sys_extract_utc(systimestamp),1,1,1); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/oracle/patches/030-policy-labels-schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/oracle/patches/030-policy-labels-schema.sql b/security-admin/db/oracle/patches/030-policy-labels-schema.sql new file mode 100644 index 0000000..894b934 --- /dev/null +++ b/security-admin/db/oracle/patches/030-policy-labels-schema.sql @@ -0,0 +1,48 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +/ +CREATE SEQUENCE X_POLICY_LABEL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; +CREATE TABLE x_policy_label ( +id NUMBER(20) NOT NULL, +guid VARCHAR(1024) DEFAULT NULL NULL, +create_time DATE DEFAULT NULL NULL, +update_time DATE DEFAULT NULL NULL, +added_by_id NUMBER(20) DEFAULT NULL NULL, +upd_by_id NUMBER(20) DEFAULT NULL NULL, +label_name VARCHAR(512) DEFAULT NULL, +primary key (id), +CONSTRAINT x_pl_UK_label_name UNIQUE (label_name), +CONSTRAINT x_pl_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_pl_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id) +); +COMMIT; +CREATE SEQUENCE X_POLICY_LABEL_MAP_SEQ START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE; +CREATE TABLE x_policy_label_map ( +id NUMBER(20) NOT NULL, +guid VARCHAR(1024) DEFAULT NULL NULL, +create_time DATE DEFAULT NULL NULL, +update_time DATE DEFAULT NULL NULL, +added_by_id NUMBER(20) DEFAULT NULL NULL, +upd_by_id NUMBER(20) DEFAULT NULL NULL, +policy_id NUMBER(20) DEFAULT NULL, +policy_label_id NUMBER(20) DEFAULT NULL, +primary key (id), +CONSTRAINT x_plmap_uk_pid_plid UNIQUE (policy_id,policy_label_id), +CONSTRAINT x_plmap_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_plmap_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_plmap_FK_policy_id FOREIGN KEY (policy_id) REFERENCES x_policy (id), +CONSTRAINT x_plmap_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES x_policy_label (id) +); +commit; http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql index 6dfc841..8862946 100644 --- a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql +++ b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql @@ -1169,6 +1169,42 @@ primary key (id), CONSTRAINT x_plugin_info_UK UNIQUE (service_name, host_name, app_type) ); +DROP TABLE IF EXISTS x_policy_label_map CASCADE; +DROP SEQUENCE IF EXISTS x_policy_label_map_seq; +DROP TABLE IF EXISTS x_policy_label CASCADE; +DROP SEQUENCE IF EXISTS x_policy_label_seq; +CREATE SEQUENCE x_policy_label_seq; +CREATE TABLE x_policy_label ( +id BIGINT DEFAULT nextval('x_policy_label_seq'::regclass), +guid VARCHAR(64) DEFAULT NULL NULL, +create_time TIMESTAMP DEFAULT NULL NULL, +update_time TIMESTAMP DEFAULT NULL NULL, +added_by_id BIGINT DEFAULT NULL NULL, +upd_by_id BIGINT DEFAULT NULL NULL, +label_name VARCHAR(512) DEFAULT NULL, +primary key (id), +CONSTRAINT x_policy_label_UK_label_name UNIQUE (label_name), +CONSTRAINT x_policy_label_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id) +); + +CREATE SEQUENCE x_policy_label_map_seq; +CREATE TABLE x_policy_label_map ( +id BIGINT DEFAULT nextval('x_policy_label_map_seq'::regclass), +guid VARCHAR(64) DEFAULT NULL NULL, +create_time TIMESTAMP DEFAULT NULL NULL, +update_time TIMESTAMP DEFAULT NULL NULL, +added_by_id BIGINT DEFAULT NULL NULL, +upd_by_id BIGINT DEFAULT NULL NULL, +policy_id BIGINT DEFAULT NULL, +policy_label_id BIGINT DEFAULT NULL, +primary key (id), +CONSTRAINT x_policy_label_map_pid_plid UNIQUE (policy_id, policy_label_id), +CONSTRAINT x_policy_label_map_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_map_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_map_FK_policy_id FOREIGN KEY (policy_id) REFERENCES x_policy (id), +CONSTRAINT x_policy_label_map_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES x_policy_label (id) +); CREATE INDEX xa_access_audit_added_by_id ON xa_access_audit(added_by_id); CREATE INDEX xa_access_audit_upd_by_id ON xa_access_audit(upd_by_id); @@ -1323,6 +1359,9 @@ CREATE INDEX x_policy_item_rowfilter_IDX_policy_item_id ON x_policy_item_rowfilt CREATE INDEX x_service_version_info_IDX_service_id ON x_service_version_info(service_id); CREATE INDEX x_plugin_info_IDX_service_name ON x_plugin_info(service_name); CREATE INDEX x_plugin_info_IDX_host_name ON x_plugin_info(host_name); +CREATE INDEX x_policy_label_label_id ON x_policy_label(id); +CREATE INDEX x_policy_label_label_name ON x_policy_label(label_name); +CREATE INDEX x_policy_label_label_map_id ON x_policy_label_map(id); INSERT INTO x_portal_user(CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS)VALUES(current_timestamp,current_timestamp,'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1); INSERT INTO x_portal_user_role(CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS)VALUES(current_timestamp,current_timestamp,1,'ROLE_SYS_ADMIN',1); @@ -1363,6 +1402,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('027',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('028',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('029',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y'); +INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('030',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y'); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,3,current_timestamp,current_timestamp,1,1,1); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,1,current_timestamp,current_timestamp,1,1,1); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/postgres/patches/030-policy-labels-schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/postgres/patches/030-policy-labels-schema.sql b/security-admin/db/postgres/patches/030-policy-labels-schema.sql new file mode 100755 index 0000000..b76f5e7 --- /dev/null +++ b/security-admin/db/postgres/patches/030-policy-labels-schema.sql @@ -0,0 +1,56 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +DROP TABLE IF EXISTS x_policy_label_map CASCADE; +DROP SEQUENCE IF EXISTS x_policy_label_map_seq; +DROP TABLE IF EXISTS x_policy_label CASCADE; +DROP SEQUENCE IF EXISTS x_policy_label_seq; +commit; +CREATE SEQUENCE x_policy_label_seq; +CREATE TABLE x_policy_label ( +id BIGINT DEFAULT nextval('x_policy_label_seq'::regclass), +guid VARCHAR(64) DEFAULT NULL NULL, +create_time TIMESTAMP DEFAULT NULL NULL, +update_time TIMESTAMP DEFAULT NULL NULL, +added_by_id BIGINT DEFAULT NULL NULL, +upd_by_id BIGINT DEFAULT NULL NULL, +label_name VARCHAR(512) DEFAULT NULL, +primary key (id), +CONSTRAINT x_policy_label_UK_label_name UNIQUE (label_name), +CONSTRAINT x_policy_label_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id) +); +commit; +CREATE SEQUENCE x_policy_label_map_seq; +CREATE TABLE x_policy_label_map ( +id BIGINT DEFAULT nextval('x_policy_label_map_seq'::regclass), +guid VARCHAR(64) DEFAULT NULL NULL, +create_time TIMESTAMP DEFAULT NULL NULL, +update_time TIMESTAMP DEFAULT NULL NULL, +added_by_id BIGINT DEFAULT NULL NULL, +upd_by_id BIGINT DEFAULT NULL NULL, +policy_id BIGINT DEFAULT NULL, +policy_label_id BIGINT DEFAULT NULL, +primary key (id), +CONSTRAINT x_policy_label_map_pid_plid UNIQUE (policy_id, policy_label_id), +CONSTRAINT x_policy_label_map_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_map_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES x_portal_user (id), +CONSTRAINT x_policy_label_map_FK_policy_id FOREIGN KEY (policy_id) REFERENCES x_policy (id), +CONSTRAINT x_policy_label_map_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES x_policy_label (id) +); +commit; +CREATE INDEX x_policy_label_label_id ON x_policy_label(id); +CREATE INDEX x_policy_label_label_name ON x_policy_label(label_name); +CREATE INDEX x_policy_label_label_map_id ON x_policy_label_map(id); +commit; http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql index d555501..bf3d954 100644 --- a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql +++ b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql @@ -839,6 +839,31 @@ CREATE TABLE dbo.x_plugin_info( CONSTRAINT x_plugin_info_PK_id PRIMARY KEY CLUSTERED(id), CONSTRAINT x_plugin_info_UK UNIQUE NONCLUSTERED (service_name, host_name, app_type) ) +GO +CREATE TABLE dbo.x_policy_label ( + id bigint IDENTITY NOT NULL, + guid varchar(64) DEFAULT NULL NULL, + create_time datetime DEFAULT NULL NULL, + update_time datetime DEFAULT NULL NULL, + added_by_id bigint DEFAULT NULL NULL, + upd_by_id bigint DEFAULT NULL NULL, + label_name varchar(512) DEFAULT NULL, + CONSTRAINT x_policy_label_PK_id PRIMARY KEY CLUSTERED(id), + CONSTRAINT x_policy_label_UK_label_name UNIQUE NONCLUSTERED (label_name) +) +GO +CREATE TABLE dbo.x_policy_label_map ( + id bigint IDENTITY NOT NULL, + guid varchar(64) DEFAULT NULL NULL, + create_time datetime DEFAULT NULL NULL, + update_time datetime DEFAULT NULL NULL, + added_by_id bigint DEFAULT NULL NULL, + upd_by_id bigint DEFAULT NULL NULL, + policy_id bigint NOT NULL, + policy_label_id bigint NOT NULL, + CONSTRAINT x_policy_label_map_PK_id PRIMARY KEY CLUSTERED(id) +) +GO ALTER TABLE dbo.x_asset ADD CONSTRAINT x_asset_FK_added_by_id FOREIGN KEY(added_by_id) REFERENCES dbo.x_portal_user(id) GO ALTER TABLE dbo.x_asset ADD CONSTRAINT x_asset_FK_upd_by_id FOREIGN KEY(upd_by_id) REFERENCES dbo.x_portal_user (id) @@ -1133,6 +1158,20 @@ ALTER TABLE dbo.x_policy_item_rowfilter ADD CONSTRAINT x_policy_item_rowfilter_F GO ALTER TABLE dbo.x_service_version_info ADD CONSTRAINT x_service_version_info_service_id FOREIGN KEY(service_id) REFERENCES dbo.x_service (id) GO +ALTER TABLE dbo.x_policy_label ADD CONSTRAINT x_policy_label_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label ADD CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_policy_id FOREIGN KEY (policy_id) REFERENCES dbo.x_policy (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES dbo.x_policy_label (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT [x_policy_label_map$x_policy_label_map_pid_plid] UNIQUE (policy_id, policy_label_id) +GO CREATE NONCLUSTERED INDEX x_asset_cr_time ON dbo.x_asset(create_time ASC) GO CREATE NONCLUSTERED INDEX x_asset_FK_added_by_id ON dbo.x_asset(added_by_id ASC) @@ -1441,6 +1480,12 @@ CREATE NONCLUSTERED INDEX x_plugin_info_IDX_service_name ON dbo.x_plugin_info(se GO CREATE NONCLUSTERED INDEX x_plugin_info_IDX_host_name ON dbo.x_plugin_info(host_name ASC) GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_id ON dbo.x_policy_label(id ASC) +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_name ON dbo.x_policy_label(label_name ASC) +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_map_id ON dbo.x_policy_label_map(id ASC) +GO insert into x_portal_user (create_time,update_time,first_name,last_name,pub_scr_name,login_id,password,email,status) values (GETDATE(),GETDATE(),'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1) GO insert into x_portal_user_role (create_time,update_time,user_id,user_role,status) values (GETDATE(),GETDATE(),1,'ROLE_SYS_ADMIN',1) @@ -1507,6 +1552,8 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active GO INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('029',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); GO +INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('030',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); +GO INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); GO INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,3,CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,1,1,1); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/sqlanywhere/patches/030-policy-labels-schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlanywhere/patches/030-policy-labels-schema.sql b/security-admin/db/sqlanywhere/patches/030-policy-labels-schema.sql new file mode 100644 index 0000000..b2ed238 --- /dev/null +++ b/security-admin/db/sqlanywhere/patches/030-policy-labels-schema.sql @@ -0,0 +1,59 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +CREATE TABLE dbo.x_policy_label ( + id bigint IDENTITY NOT NULL, + guid varchar(64) DEFAULT NULL NULL, + create_time datetime DEFAULT NULL NULL, + update_time datetime DEFAULT NULL NULL, + added_by_id bigint DEFAULT NULL NULL, + upd_by_id bigint DEFAULT NULL NULL, + label_name varchar(512) DEFAULT NULL, + CONSTRAINT x_policy_label_PK_id PRIMARY KEY CLUSTERED(id), + CONSTRAINT x_policy_label_UK_label_name UNIQUE NONCLUSTERED (label_name) +) +GO +CREATE TABLE dbo.x_policy_label_map ( + id bigint IDENTITY NOT NULL, + guid varchar(64) DEFAULT NULL NULL, + create_time datetime DEFAULT NULL NULL, + update_time datetime DEFAULT NULL NULL, + added_by_id bigint DEFAULT NULL NULL, + upd_by_id bigint DEFAULT NULL NULL, + policy_id bigint NOT NULL, + policy_label_id bigint NOT NULL, + CONSTRAINT x_policy_label_map_PK_id PRIMARY KEY CLUSTERED(id) +) +GO +ALTER TABLE dbo.x_policy_label ADD CONSTRAINT x_policy_label_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label ADD CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_added_by_id FOREIGN KEY (added_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_upd_by_id FOREIGN KEY (upd_by_id) REFERENCES dbo.x_portal_user (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_policy_id FOREIGN KEY (policy_id) REFERENCES dbo.x_policy (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT x_policy_label_map_FK_policy_label_id FOREIGN KEY (policy_label_id) REFERENCES dbo.x_policy_label (id) +GO +ALTER TABLE dbo.x_policy_label_map ADD CONSTRAINT [x_policy_label_map$x_policy_label_map_pid_plid] UNIQUE (policy_id, policy_label_id) +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_id ON dbo.x_policy_label(id ASC) +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_name ON dbo.x_policy_label(label_name ASC) +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_map_id ON dbo.x_policy_label_map(id ASC) +GO +exit http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql index a2be2d4..56e2e99 100644 --- a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql +++ b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql @@ -597,6 +597,14 @@ IF (OBJECT_ID('x_service_config_def') IS NOT NULL) BEGIN DROP TABLE [dbo].[x_service_config_def] END +IF (OBJECT_ID('x_policy_label_map') IS NOT NULL) +BEGIN + DROP TABLE [dbo].[x_policy_label_map] +END +IF (OBJECT_ID('x_policy_label') IS NOT NULL) +BEGIN + DROP TABLE [dbo].[x_policy_label] +END IF (OBJECT_ID('x_policy') IS NOT NULL) BEGIN DROP TABLE [dbo].[x_policy] @@ -1821,6 +1829,43 @@ CONSTRAINT [x_plugin_info$x_plugin_info_UK] UNIQUE NONCLUSTERED SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON SET ANSI_PADDING ON +CREATE TABLE [dbo].[x_policy_label] ( + [id] [bigint] IDENTITY(1,1) NOT NULL, + [guid] [varchar](64) DEFAULT NULL NULL, + [create_time] [datetime2] DEFAULT NULL NULL, + [update_time] [datetime2] DEFAULT NULL NULL, + [added_by_id] [bigint] DEFAULT NULL NULL, + [upd_by_id] [bigint] DEFAULT NULL NULL, + [label_name] [varchar](512) DEFAULT NULL, + PRIMARY KEY CLUSTERED + ( + [id] ASC + )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY], + CONSTRAINT [x_policy_label$x_policy_label_UK_label_name] UNIQUE NONCLUSTERED + ( + [label_name] ASC + )WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +) +SET ANSI_NULLS ON +SET QUOTED_IDENTIFIER ON +SET ANSI_PADDING ON +CREATE TABLE dbo.x_policy_label_map ( + [id] [bigint] IDENTITY(1,1) NOT NULL, + [guid] [varchar](64) DEFAULT NULL NULL, + [create_time] [datetime2] DEFAULT NULL NULL, + [update_time] [datetime2] DEFAULT NULL NULL, + [added_by_id] [bigint] DEFAULT NULL NULL, + [upd_by_id] [bigint] DEFAULT NULL NULL, + [policy_id] [bigint] DEFAULT NULL, + [policy_label_id] [bigint] DEFAULT NULL, + PRIMARY KEY CLUSTERED + ( + [id] ASC + )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +) +SET ANSI_NULLS ON +SET QUOTED_IDENTIFIER ON +SET ANSI_PADDING ON ALTER TABLE [dbo].[x_asset] WITH CHECK ADD CONSTRAINT [x_asset_FK_added_by_id] FOREIGN KEY([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) @@ -2183,6 +2228,13 @@ ALTER TABLE [dbo].[x_policy_item_rowfilter] WITH CHECK ADD CONSTRAINT [x_policy_ ALTER TABLE [dbo].[x_policy_item_rowfilter] WITH CHECK ADD CONSTRAINT [x_policy_item_rowfilter_FK_added_by_id] FOREIGN KEY([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) ALTER TABLE [dbo].[x_policy_item_rowfilter] WITH CHECK ADD CONSTRAINT [x_policy_item_rowfilter_FK_upd_by_id] FOREIGN KEY([upd_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) ALTER TABLE [dbo].[x_service_version_info] WITH CHECK ADD CONSTRAINT [x_service_version_info_service_id] FOREIGN KEY([service_id]) REFERENCES [dbo].[x_service] ([id]) +ALTER TABLE [dbo].[x_policy_label] WITH CHECK ADD CONSTRAINT [x_policy_label_FK_added_by_id] FOREIGN KEY ([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +ALTER TABLE [dbo].[x_policy_label] WITH CHECK ADD CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY ([upd_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_added_by_id] FOREIGN KEY ([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_upd_by_id] FOREIGN KEY ([upd_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_policy_id] FOREIGN KEY ([policy_id]) REFERENCES [dbo].[x_policy] ([id]) +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_policy_label_id] FOREIGN KEY ([policy_label_id]) REFERENCES [dbo].[x_policy_label] ([id]) +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map$x_policy_label_map_pid_plid] UNIQUE (policy_id, policy_label_id) CREATE NONCLUSTERED INDEX [x_asset_cr_time] ON [x_asset] ( [create_time] ASC @@ -2940,13 +2992,11 @@ CREATE NONCLUSTERED INDEX [x_policy_item_rowfilter_IDX_policy_item_id] ON [x_pol [policy_item_id] ASC ) WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] - CREATE NONCLUSTERED INDEX [x_service_version_info_IDX_service_id] ON [x_service_version_info] ( [service_id] ASC ) WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] - CREATE NONCLUSTERED INDEX [x_plugin_info_IDX_service_name] ON [x_plugin_info] ( [service_name] ASC @@ -2957,6 +3007,20 @@ CREATE NONCLUSTERED INDEX [x_plugin_info_IDX_host_name] ON [x_plugin_info] [host_name] ASC ) WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +CREATE NONCLUSTERED INDEX [x_policy_label_IDX_label_id] ON [dbo].[x_policy_label] +( +[id] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_name ON [dbo].[x_policy_label] +( +[label_name] ASC +)WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_map_id ON [dbo].[x_policy_label_map] +( +[id] ASC +)WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] + insert into x_portal_user (CREATE_TIME,UPDATE_TIME,FIRST_NAME,LAST_NAME,PUB_SCR_NAME,LOGIN_ID,PASSWORD,EMAIL,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'Admin','','Admin','admin','ceb4f32325eda6142bd65215f4c0f371','',1); insert into x_portal_user_role (CREATE_TIME,UPDATE_TIME,USER_ID,USER_ROLE,STATUS) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,1,'ROLE_SYS_ADMIN',1); insert into x_user (CREATE_TIME,UPDATE_TIME,user_name,status,descr) values (CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,'admin',0,'Administrator'); @@ -2990,6 +3054,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('027',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('028',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('029',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); +INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('030',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES ('DB_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y'); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,3,CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,1,1,1); INSERT INTO x_user_module_perm (user_id,module_id,create_time,update_time,added_by_id,upd_by_id,is_allowed) VALUES (1,1,CURRENT_TIMESTAMP,CURRENT_TIMESTAMP,1,1,1); http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/db/sqlserver/patches/030-policy-labels-schema.sql ---------------------------------------------------------------------- diff --git a/security-admin/db/sqlserver/patches/030-policy-labels-schema.sql b/security-admin/db/sqlserver/patches/030-policy-labels-schema.sql new file mode 100755 index 0000000..d83f5a5 --- /dev/null +++ b/security-admin/db/sqlserver/patches/030-policy-labels-schema.sql @@ -0,0 +1,100 @@ +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +GO +IF (OBJECT_ID('x_policy_label_map') IS NOT NULL) +BEGIN + DROP TABLE [dbo].[x_policy_label_map] +END +GO +IF (OBJECT_ID('x_policy_label') IS NOT NULL) +BEGIN + DROP TABLE [dbo].[x_policy_label] +END +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +SET ANSI_PADDING ON +GO +CREATE TABLE [dbo].[x_policy_label] ( + [id] [bigint] IDENTITY(1,1) NOT NULL, + [guid] [varchar](64) DEFAULT NULL NULL, + [create_time] [datetime2] DEFAULT NULL NULL, + [update_time] [datetime2] DEFAULT NULL NULL, + [added_by_id] [bigint] DEFAULT NULL NULL, + [upd_by_id] [bigint] DEFAULT NULL NULL, + [label_name] [varchar](512) DEFAULT NULL, + PRIMARY KEY CLUSTERED + ( + [id] ASC + )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY], + CONSTRAINT [x_policy_label$x_policy_label_UK_label_name] UNIQUE NONCLUSTERED + ( + [label_name] ASC + )WITH (PAD_INDEX = OFF,STATISTICS_NORECOMPUTE = OFF,IGNORE_DUP_KEY = OFF,ALLOW_ROW_LOCKS = ON,ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +) +GO +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +SET ANSI_PADDING ON +GO +CREATE TABLE dbo.x_policy_label_map ( + [id] [bigint] IDENTITY(1,1) NOT NULL, + [guid] [varchar](64) DEFAULT NULL NULL, + [create_time] [datetime2] DEFAULT NULL NULL, + [update_time] [datetime2] DEFAULT NULL NULL, + [added_by_id] [bigint] DEFAULT NULL NULL, + [upd_by_id] [bigint] DEFAULT NULL NULL, + [policy_id] [bigint] DEFAULT NULL, + [policy_label_id] [bigint] DEFAULT NULL, + PRIMARY KEY CLUSTERED + ( + [id] ASC + )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] +) +GO +ALTER TABLE [dbo].[x_policy_label] WITH CHECK ADD CONSTRAINT [x_policy_label_FK_added_by_id] FOREIGN KEY ([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label] WITH CHECK ADD CONSTRAINT x_policy_label_FK_upd_by_id FOREIGN KEY ([upd_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_added_by_id] FOREIGN KEY ([added_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_upd_by_id] FOREIGN KEY ([upd_by_id]) REFERENCES [dbo].[x_portal_user] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_policy_id] FOREIGN KEY ([policy_id]) REFERENCES [dbo].[x_policy] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map_FK_policy_label_id] FOREIGN KEY ([policy_label_id]) REFERENCES [dbo].[x_policy_label] ([id]) +GO +ALTER TABLE [dbo].[x_policy_label_map] WITH CHECK ADD CONSTRAINT [x_policy_label_map$x_policy_label_map_pid_plid] UNIQUE (policy_id, policy_label_id) +GO +CREATE NONCLUSTERED INDEX [x_policy_label_IDX_label_id] ON [dbo].[x_policy_label] +( +[id] ASC +) +WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_name ON [dbo].[x_policy_label] +( +[label_name] ASC +)WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +CREATE NONCLUSTERED INDEX x_policy_label_IDX_label_map_id ON [dbo].[x_policy_label_map] +( +[id] ASC +)WITH (SORT_IN_TEMPDB = OFF, DROP_EXISTING = OFF, IGNORE_DUP_KEY = OFF, ONLINE = OFF) ON [PRIMARY] +GO +exit http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java index 1b6f440..2c4241d 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java @@ -235,6 +235,7 @@ public class RangerPolicyRetriever { final Map conditions = new HashMap(); final Map resourceDefs = new HashMap(); final Map dataMasks = new HashMap(); + final Map policyLabels = new HashMap(); String getUserName(Long userId) { String ret = null; @@ -256,6 +257,26 @@ public class RangerPolicyRetriever { return ret; } + String getPolicyLabelName(Long policyLabelId) { + String ret = null; + + if(policyLabelId != null) { + ret = policyLabels.get(policyLabelId); + + if(ret == null) { + XXPolicyLabel xxPolicyLabel = daoMgr.getXXPolicyLabels().getById(policyLabelId); + + if(xxPolicyLabel != null) { + ret = xxPolicyLabel.getPolicyLabel(); + + policyLabels.put(policyLabelId, ret); + } + } + } + + return ret; + } + String getUserScreenName(Long userId) { String ret = null; @@ -413,6 +434,7 @@ public class RangerPolicyRetriever { final ListIterator iterConditions; final ListIterator iterDataMaskInfos; final ListIterator iterRowFilterInfos; + final ListIterator iterPolicyLabels; RetrieverContext(XXService xService) { Long serviceId = xService == null ? null : xService.getId(); @@ -427,6 +449,7 @@ public class RangerPolicyRetriever { List xConditions = daoMgr.getXXPolicyItemCondition().findByServiceId(serviceId); List xDataMaskInfos = daoMgr.getXXPolicyItemDataMaskInfo().findByServiceId(serviceId); List xRowFilterInfos = daoMgr.getXXPolicyItemRowFilterInfo().findByServiceId(serviceId); + List xxPolicyLabelMap = daoMgr.getXXPolicyLabelMap().findByServiceId(serviceId); this.service = xService; this.iterPolicy = xPolicies.listIterator(); @@ -439,6 +462,7 @@ public class RangerPolicyRetriever { this.iterConditions = xConditions.listIterator(); this.iterDataMaskInfos = xDataMaskInfos.listIterator(); this.iterRowFilterInfos = xRowFilterInfos.listIterator(); + this.iterPolicyLabels = xxPolicyLabelMap.listIterator(); } RetrieverContext(XXPolicy xPolicy) { @@ -458,6 +482,7 @@ public class RangerPolicyRetriever { List xConditions = daoMgr.getXXPolicyItemCondition().findByPolicyId(policyId); List xDataMaskInfos = daoMgr.getXXPolicyItemDataMaskInfo().findByPolicyId(policyId); List xRowFilterInfos = daoMgr.getXXPolicyItemRowFilterInfo().findByPolicyId(policyId); + List xPolicyLabelMap = daoMgr.getXXPolicyLabelMap().findByPolicyId(policyId); this.service = xService; this.iterPolicy = xPolicies.listIterator(); @@ -470,6 +495,7 @@ public class RangerPolicyRetriever { this.iterConditions = xConditions.listIterator(); this.iterDataMaskInfos = xDataMaskInfos.listIterator(); this.iterRowFilterInfos = xRowFilterInfos.listIterator(); + this.iterPolicyLabels = xPolicyLabelMap.listIterator(); } RangerPolicy getNextPolicy() { @@ -496,6 +522,7 @@ public class RangerPolicyRetriever { ret.setResourceSignature(xPolicy.getResourceSignature()); ret.setIsAuditEnabled(xPolicy.getIsAuditEnabled()); + getPolicyLabels(ret); getResource(ret); getPolicyItems(ret); } @@ -504,6 +531,25 @@ public class RangerPolicyRetriever { return ret; } + private void getPolicyLabels(RangerPolicy ret) { + List xPolicyLabels = new ArrayList(); + while(iterPolicyLabels.hasNext()) { + XXPolicyLabelMap xPolicyLabel = iterPolicyLabels.next(); + if(xPolicyLabel.getPolicyId().equals(ret.getId())) { + String policyLabel = lookupCache.getPolicyLabelName(xPolicyLabel.getPolicyLabelId()); + if (policyLabel != null) { + xPolicyLabels.add(policyLabel); + } + ret.setPolicyLabels(xPolicyLabels); + } else { + if(iterPolicyLabels.hasPrevious()) { + iterPolicyLabels.previous(); + } + break; + } + } + } + List getAllPolicies() { List ret = new ArrayList(); @@ -558,7 +604,8 @@ public class RangerPolicyRetriever { || iterAccesses.hasNext() || iterConditions.hasNext() || iterDataMaskInfos.hasNext() - || iterRowFilterInfos.hasNext(); + || iterRowFilterInfos.hasNext() + || iterPolicyLabels.hasNext(); return !moreToProcess; } http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 7aee433..5665577 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -85,6 +85,7 @@ import org.apache.ranger.db.XXPolicyItemDataMaskInfoDao; import org.apache.ranger.db.XXPolicyItemGroupPermDao; import org.apache.ranger.db.XXPolicyItemRowFilterInfoDao; import org.apache.ranger.db.XXPolicyItemUserPermDao; +import org.apache.ranger.db.XXPolicyLabelMapDao; import org.apache.ranger.db.XXPolicyResourceDao; import org.apache.ranger.db.XXPolicyResourceMapDao; import org.apache.ranger.db.XXResourceDefDao; @@ -109,6 +110,8 @@ import org.apache.ranger.entity.XXPolicyItemDataMaskInfo; import org.apache.ranger.entity.XXPolicyItemGroupPerm; import org.apache.ranger.entity.XXPolicyItemRowFilterInfo; import org.apache.ranger.entity.XXPolicyItemUserPerm; +import org.apache.ranger.entity.XXPolicyLabel; +import org.apache.ranger.entity.XXPolicyLabelMap; import org.apache.ranger.entity.XXPolicyResource; import org.apache.ranger.entity.XXPolicyResourceMap; import org.apache.ranger.entity.XXResourceDef; @@ -153,6 +156,7 @@ import org.apache.ranger.rest.ServiceREST; import org.apache.ranger.rest.TagREST; import org.apache.ranger.service.RangerAuditFields; import org.apache.ranger.service.RangerDataHistService; +import org.apache.ranger.service.RangerPolicyLabelsService; import org.apache.ranger.service.RangerPolicyService; import org.apache.ranger.service.RangerPolicyWithAssignedIdService; import org.apache.ranger.service.RangerServiceDefService; @@ -166,6 +170,7 @@ import org.apache.ranger.view.RangerPolicyList; import org.apache.ranger.view.RangerServiceDefList; import org.apache.ranger.view.RangerServiceList; import org.apache.ranger.view.VXGroup; +import org.apache.ranger.view.VXPolicyLabelList; import org.apache.ranger.view.VXString; import org.apache.ranger.view.VXUser; import org.springframework.beans.factory.annotation.Autowired; @@ -239,6 +244,9 @@ public class ServiceDBStore extends AbstractServiceStore { RangerPolicyService policyService; @Autowired + RangerPolicyLabelsService policyLabelsService; + + @Autowired XUserService xUserService; @Autowired @@ -1846,6 +1854,7 @@ public class ServiceDBStore extends AbstractServiceStore { List denyExceptions = policy.getDenyExceptions(); List dataMaskItems = policy.getDataMaskPolicyItems(); List rowFilterItems = policy.getRowFilterPolicyItems(); + List policyLabels = policy.getPolicyLabels(); policy.setVersion(Long.valueOf(1)); updatePolicySignature(policy); @@ -1872,8 +1881,11 @@ public class ServiceDBStore extends AbstractServiceStore { createNewPolicyItemsForPolicy(policy, xCreatedPolicy, denyExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS); createNewDataMaskPolicyItemsForPolicy(policy, xCreatedPolicy, dataMaskItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATAMASK); createNewRowFilterPolicyItemsForPolicy(policy, xCreatedPolicy, rowFilterItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ROWFILTER); + + createNewLabelsForPolicy(xCreatedPolicy, policyLabels); + handlePolicyUpdate(service, true); - RangerPolicy createdPolicy = policyService.getPopulatedViewObject(xCreatedPolicy); + RangerPolicy createdPolicy = policyService.getPopulatedViewObject(xCreatedPolicy); dataHistService.createObjectDataHistory(createdPolicy, RangerDataHistService.ACTION_CREATE); List trxLogList = policyService.getTransactionLog(createdPolicy, RangerPolicyService.OPERATION_CREATE_CONTEXT); @@ -1962,6 +1974,7 @@ public class ServiceDBStore extends AbstractServiceStore { List denyExceptions = policy.getDenyExceptions(); List dataMaskPolicyItems = policy.getDataMaskPolicyItems(); List rowFilterItems = policy.getRowFilterPolicyItems(); + List policyLabels = policy.getPolicyLabels(); policy.setCreateTime(xxExisting.getCreateTime()); policy.setGuid(xxExisting.getGuid()); @@ -1981,6 +1994,7 @@ public class ServiceDBStore extends AbstractServiceStore { deleteExistingPolicyResources(policy); deleteExistingPolicyItems(policy); + deleteExistingPolicyLabel(policy); createNewResourcesForPolicy(policy, newUpdPolicy, newResources); createNewPolicyItemsForPolicy(policy, newUpdPolicy, policyItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ALLOW); @@ -1989,6 +2003,7 @@ public class ServiceDBStore extends AbstractServiceStore { createNewPolicyItemsForPolicy(policy, newUpdPolicy, denyExceptions, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DENY_EXCEPTIONS); createNewDataMaskPolicyItemsForPolicy(policy, newUpdPolicy, dataMaskPolicyItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_DATAMASK); createNewRowFilterPolicyItemsForPolicy(policy, newUpdPolicy, rowFilterItems, xServiceDef, RangerPolicyItemEvaluator.POLICY_ITEM_TYPE_ROWFILTER); + createNewLabelsForPolicy(newUpdPolicy, policyLabels); handlePolicyUpdate(service, isTagVersionUpdateNeeded); RangerPolicy updPolicy = policyService.getPopulatedViewObject(newUpdPolicy); @@ -2032,6 +2047,7 @@ public class ServiceDBStore extends AbstractServiceStore { deleteExistingPolicyItems(policy); deleteExistingPolicyResources(policy); + deleteExistingPolicyLabel(policy); policyService.delete(policy); handlePolicyUpdate(service, true); @@ -2065,6 +2081,7 @@ public class ServiceDBStore extends AbstractServiceStore { List trxLogList = policyService.getTransactionLog(policy, RangerPolicyService.OPERATION_DELETE_CONTEXT); deleteExistingPolicyItemsNative(policy); deleteExistingPolicyResourcesNative(policy); + deleteExistingPolicyLabelNative(policy); daoMgr.getXXPolicy().deletePolicyIDReference("id",policy.getId()); handlePolicyUpdate(service, true); dataHistService.createObjectDataHistory(policy, RangerDataHistService.ACTION_DELETE); @@ -3014,6 +3031,29 @@ public class ServiceDBStore extends AbstractServiceStore { } } + private void createNewLabelsForPolicy(XXPolicy xPolicy, List policyLabels) + throws Exception { + for (String policyLabel : policyLabels) { + XXPolicyLabel xXPolicyLabel = daoMgr.getXXPolicyLabels().findByName(policyLabel); + if (xXPolicyLabel == null) { + xXPolicyLabel = new XXPolicyLabel(); + if (StringUtils.isNotEmpty(policyLabel)) { + xXPolicyLabel.setPolicyLabel(policyLabel); + xXPolicyLabel = rangerAuditFields.populateAuditFieldsForCreate(xXPolicyLabel); + xXPolicyLabel = daoMgr.getXXPolicyLabels().create(xXPolicyLabel); + } + } + if (xXPolicyLabel.getId() != null) { + XXPolicyLabelMap xxPolicyLabelMap = new XXPolicyLabelMap(); + xxPolicyLabelMap.setPolicyId(xPolicy.getId()); + xxPolicyLabelMap.setPolicyLabelId(xXPolicyLabel.getId()); + xxPolicyLabelMap = rangerAuditFields.populateAuditFieldsForCreate(xxPolicyLabelMap); + xxPolicyLabelMap = daoMgr.getXXPolicyLabelMap().create(xxPolicyLabelMap); + } + } + } + + private Boolean deleteExistingPolicyItems(RangerPolicy policy) { if(policy == null) { return false; @@ -3085,6 +3125,20 @@ public class ServiceDBStore extends AbstractServiceStore { return true; } + private Boolean deleteExistingPolicyLabel(RangerPolicy policy) { + if (policy == null) { + return false; + } + + List xxPolicyLabelMaps = daoMgr.getXXPolicyLabelMap().findByPolicyId(policy.getId()); + XXPolicyLabelMapDao policyLabelMapDao = daoMgr.getXXPolicyLabelMap(); + for (XXPolicyLabelMap xxPolicyLabelMap : xxPolicyLabelMaps) { + policyLabelMapDao.remove(xxPolicyLabelMap); + } + return true; + } + + private Boolean deleteExistingPolicyItemsNative(RangerPolicy policy) { if(policy == null) { return false; @@ -3116,6 +3170,14 @@ public class ServiceDBStore extends AbstractServiceStore { return true; } + private Boolean deleteExistingPolicyLabelNative(RangerPolicy policy) { + if(policy == null) { + return false; + } + daoMgr.getXXPolicyLabelMap().deletePolicyIDReference("policy_id", policy.getId()); + return true; + } + @Override public Boolean getPopulateExistingBaseFields() { return populateExistingBaseFields; @@ -3999,4 +4061,22 @@ public class ServiceDBStore extends AbstractServiceStore { genericUser.setDescription(RangerPolicyEngine.RESOURCE_OWNER); xUserService.createXUserWithOutLogin(genericUser); } + + public List getPolicyLabels(SearchFilter searchFilter) { + if (LOG.isDebugEnabled()) { + LOG.debug("==> ServiceDBStore.getPolicyLabels()"); + } + VXPolicyLabelList vxPolicyLabelList = new VXPolicyLabelList(); + List xPolList = (List) policyLabelsService.searchResources(searchFilter, + policyLabelsService.searchFields, policyLabelsService.sortFields, vxPolicyLabelList); + List result = new ArrayList(); + for (XXPolicyLabel xPolicyLabel : xPolList) { + result.add(xPolicyLabel.getPolicyLabel()); + } + if (LOG.isDebugEnabled()) { + LOG.debug("<== ServiceDBStore.getPolicyLabels()"); + } + return result; + } + } http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java index 92b0e03..56aa831 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java @@ -66,7 +66,8 @@ public class RangerSearchUtil extends SearchUtil { ret.setParam(SearchFilter.POL_RESOURCE, request.getParameter(SearchFilter.POL_RESOURCE)); ret.setParam(SearchFilter.RESOURCE_SIGNATURE, request.getParameter(SearchFilter.RESOURCE_SIGNATURE)); ret.setParam(SearchFilter.POLICY_TYPE, request.getParameter(SearchFilter.POLICY_TYPE)); - + ret.setParam(SearchFilter.POLICY_LABEL, request.getParameter(SearchFilter.POLICY_LABEL)); + ret.setParam(SearchFilter.POLICY_LABELS_PARTIAL, request.getParameter(SearchFilter.POLICY_LABELS_PARTIAL)); ret.setParam(SearchFilter.PLUGIN_HOST_NAME, request.getParameter(SearchFilter.PLUGIN_HOST_NAME)); ret.setParam(SearchFilter.PLUGIN_APP_TYPE, request.getParameter(SearchFilter.PLUGIN_APP_TYPE)); ret.setParam(SearchFilter.PLUGIN_ENTITY_TYPE, request.getParameter(SearchFilter.PLUGIN_ENTITY_TYPE)); @@ -210,11 +211,8 @@ public class RangerSearchUtil extends SearchUtil { int objectClassType, boolean hasAttributes, boolean isCountQuery) { StringBuilder queryClause = buildWhereClause(searchCriteria, searchFields); - super.addOrderByClause(queryClause, sortClause); - Query query = em.createQuery(queryStr + queryClause); - resolveQueryParams(query, searchCriteria, searchFields); if (!isCountQuery) { http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java index db20a14..d61cbc7 100644 --- a/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java +++ b/security-admin/src/main/java/org/apache/ranger/db/RangerDaoManagerBase.java @@ -366,6 +366,9 @@ public abstract class RangerDaoManagerBase { if ("XXPluginInfo".equals(className)) { return getXXPluginInfo(); } + if ("XXPolicyLabel".equals(className)) { + return getXXPolicyLabels(); + } logger.error("No DaoManager found for className=" + className, new Throwable()); return null; } @@ -461,6 +464,14 @@ public abstract class RangerDaoManagerBase { return new XXResourceDefDao(this); } + public XXPolicyLabelDao getXXPolicyLabels() { + return new XXPolicyLabelDao(this); + } + + public XXPolicyLabelMapDao getXXPolicyLabelMap() { + return new XXPolicyLabelMapDao(this); + } + public XXAccessTypeDefDao getXXAccessTypeDef() { return new XXAccessTypeDefDao(this); } http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelDao.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelDao.java new file mode 100644 index 0000000..59221bf --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelDao.java @@ -0,0 +1,104 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ranger.db; + +import java.util.ArrayList; +import java.util.List; + +import javax.persistence.NoResultException; + +import org.apache.ranger.common.db.BaseDao; +import org.apache.ranger.entity.XXPolicyLabel; + +public class XXPolicyLabelDao extends BaseDao { + + public XXPolicyLabelDao(RangerDaoManagerBase daoMgr) { + super(daoMgr); + } + + public List getAllPolicyLabels() { + try { + return getEntityManager().createNamedQuery("XXPolicyLabel.getAllPolicyLabels", tClass) + .getResultList(); + } catch (NoResultException e) { + return new ArrayList(); + } + } + + public XXPolicyLabel findByName(String policyLabel) { + if (policyLabel == null) { + return null; + } + try { + return getEntityManager().createNamedQuery("XXPolicyLabel.findByName", tClass) + .setParameter("policyLabel", policyLabel).getSingleResult(); + } catch (NoResultException e) { + return null; + } + } + + public List getByName(String policyLabel) { + if (policyLabel == null) { + return null; + } + try { + return getEntityManager().createNamedQuery("XXPolicyLabel.findByName", tClass) + .setParameter("policyLabel", policyLabel).getResultList(); + } catch (NoResultException e) { + return null; + } + } + + + public XXPolicyLabel findByPolicyLabelId(Long policyLabelId) { + if (policyLabelId == null) { + return null; + } + try { + return (XXPolicyLabel) getEntityManager().createNamedQuery("XXPolicyLabel.findByPolicyLabelId", tClass) + .setParameter("policyLabelId", policyLabelId).getSingleResult(); + } catch (NoResultException e) { + return null; + } + } + + public List findByServiceId(Long serviceId) { + if (serviceId == null) { + return null; + } + try { + return getEntityManager().createNamedQuery("XXPolicyLabel.findByServiceId", tClass) + .setParameter("serviceId", serviceId).getResultList(); + } catch (NoResultException e) { + return null; + } + } + + public List findByPolicyId(Long policyId) { + if (policyId == null) { + return null; + } + try { + return getEntityManager().createNamedQuery("XXPolicyLabel.findByPolicyId", tClass) + .setParameter("policyId", policyId).getResultList(); + } catch (NoResultException e) { + return null; + } + } + +} http://git-wip-us.apache.org/repos/asf/ranger/blob/44b37384/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelMapDao.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelMapDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelMapDao.java new file mode 100644 index 0000000..a318513 --- /dev/null +++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyLabelMapDao.java @@ -0,0 +1,70 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ranger.db; + +import java.util.List; + +import javax.persistence.NoResultException; + +import org.apache.ranger.common.db.BaseDao; +import org.apache.ranger.entity.XXPolicyLabelMap; + +public class XXPolicyLabelMapDao extends BaseDao { + + public XXPolicyLabelMapDao(RangerDaoManagerBase daoMgr) { + super(daoMgr); + } + + public List findByPolicyId(Long policyId) { + if(policyId == null) { + return null; + } + try { + return getEntityManager() + .createNamedQuery("XXPolicyLabelMap.findByPolicyId", tClass) + .setParameter("policyId", policyId).getResultList(); + } catch (NoResultException e) { + return null; + } + } + + public XXPolicyLabelMap findByPolicyLabelId(Long policyLabelId) { + if (policyLabelId == null) { + return null; + } + try { + return (XXPolicyLabelMap) getEntityManager().createNamedQuery("XXPolicyLabelMap.findByPolicyLabelId", tClass) + .setParameter("policyLabelId", policyLabelId).getResultList(); + } catch (NoResultException e) { + return null; + } + } + + public List findByServiceId(Long serviceId) { + if (serviceId == null) { + return null; + } + try { + return getEntityManager().createNamedQuery("XXPolicyLabelMap.findByServiceId", tClass) + .setParameter("serviceId", serviceId).getResultList(); + } catch (NoResultException e) { + return null; + } + } + +}