ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From me...@apache.org
Subject ranger git commit: RANGER-2182 : Handle upgrade scenario since atlas-service def is added with new resources for relationship
Date Thu, 09 Aug 2018 08:41:31 GMT
Repository: ranger
Updated Branches:
  refs/heads/ranger-1 1e2e15d48 -> 0a10ea8b3


RANGER-2182 : Handle upgrade scenario since atlas-service def is added with new resources
for relationship

Signed-off-by: Mehul Parikh <mehul@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/0a10ea8b
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/0a10ea8b
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/0a10ea8b

Branch: refs/heads/ranger-1
Commit: 0a10ea8b3b67f14f419145f1d0899e0b582cac54
Parents: 1e2e15d
Author: Bhavik Patel <bhavikpatel552@gmail.com>
Authored: Wed Aug 8 17:29:49 2018 +0530
Committer: Mehul Parikh <mehul@apache.org>
Committed: Thu Aug 9 14:10:50 2018 +0530

----------------------------------------------------------------------
 .../service-defs/ranger-servicedef-atlas.json   | 174 ++++++++-
 .../optimized/current/ranger_core_db_mysql.sql  |   1 +
 .../optimized/current/ranger_core_db_oracle.sql |   1 +
 .../current/ranger_core_db_postgres.sql         |   1 +
 .../current/ranger_core_db_sqlanywhere.sql      |   2 +
 .../current/ranger_core_db_sqlserver.sql        |   1 +
 ...AtlasResourceAndAccessTypeUpdate_J10016.java | 359 +++++++++++++++++++
 7 files changed, 522 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
----------------------------------------------------------------------
diff --git a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
index 8838f41..07a9800 100644
--- a/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
+++ b/agents-common/src/main/resources/service-defs/ranger-servicedef-atlas.json
@@ -1,17 +1,16 @@
 {
-	"id":15,
+        "id": 15,
 	"name": "atlas",
 	"implClass": "org.apache.ranger.services.atlas.RangerServiceAtlas",
 	"label": "Atlas Metadata Server",
 	"description": "Atlas Metadata Server",
 	"guid": "311a79b7-16f5-46f4-9829-a0224b9999c5",
-	"resources": [
-		{
+        "resources": [{
 			"itemId": 1,
 			"name": "type-category",
 			"type": "string",
 			"level": 10,
-			"mandatory" : true,
+                        "mandatory": true,
 			"lookupSupported": true,
 			"recursiveSupported": false,
 			"excludesSupported": true,
@@ -28,7 +27,7 @@
 			"name": "type",
 			"type": "string",
 			"level": 20,
-			"mandatory" : true,
+                        "mandatory": true,
 			"parent": "type-category",
 			"lookupSupported": true,
 			"recursiveSupported": false,
@@ -40,14 +39,14 @@
 			},
 			"label": "Type Name",
 			"description": "Type Name",
-			"accessTypeRestrictions": [ "type-create", "type-update", "type-delete" ]
+                        "accessTypeRestrictions": ["type-create", "type-update", "type-delete"]
 		},
 		{
 			"itemId": 3,
 			"name": "entity-type",
 			"type": "string",
 			"level": 10,
-			"mandatory" : true,
+                        "mandatory": true,
 			"lookupSupported": true,
 			"recursiveSupported": false,
 			"excludesSupported": true,
@@ -64,7 +63,7 @@
 			"name": "entity-classification",
 			"type": "string",
 			"level": 20,
-			"mandatory" : true,
+                        "mandatory": true,
 			"parent": "entity-type",
 			"lookupSupported": true,
 			"recursiveSupported": false,
@@ -82,7 +81,7 @@
 			"name": "entity",
 			"type": "string",
 			"level": 30,
-			"mandatory" : true,
+                        "mandatory": true,
 			"parent": "entity-classification",
 			"lookupSupported": true,
 			"recursiveSupported": false,
@@ -94,14 +93,14 @@
 			},
 			"label": "Entity ID",
 			"description": "Entity ID",
-			"accessTypeRestrictions": [ "entity-read", "entity-create", "entity-update", "entity-delete",
"entity-add-classification", "entity-update-classification", "entity-remove-classification"
]
+                        "accessTypeRestrictions": ["entity-read", "entity-create", "entity-update",
"entity-delete", "entity-add-classification", "entity-update-classification", "entity-remove-classification"]
 		},
 		{
 			"itemId": 6,
 			"name": "atlas-service",
 			"type": "string",
 			"level": 10,
-			"mandatory" : true,
+                        "mandatory": true,
 			"lookupSupported": true,
 			"recursiveSupported": false,
 			"excludesSupported": true,
@@ -112,11 +111,138 @@
 			},
 			"label": "Atlas Service",
 			"description": "Atlas Service",
-			"accessTypeRestrictions": [ "admin-import", "admin-export" ]
+                        "accessTypeRestrictions": ["admin-import", "admin-export"]
+                }, {
+                        "itemId": 7,
+                        "name": "relationship-type",
+                        "type": "string",
+                        "level": 10,
+                        "mandatory": true,
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "Relationship Type",
+                        "description": "Relationship Type"
+                }, {
+                        "itemId": 8,
+                        "name": "end-one-entity-type",
+                        "type": "string",
+                        "level": 20,
+                        "mandatory": true,
+                        "parent": "relationship-type",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End1 Entity Type",
+                        "description": "End1 Entity Type"
+                },
+                {
+                        "itemId": 9,
+                        "name": "end-one-entity-classification",
+                        "type": "string",
+                        "level": 30,
+                        "mandatory": true,
+                        "parent": "end-one-entity-type",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End1 Entity Classification",
+                        "description": "End1 Entity Classification"
+                },
+                {
+                        "itemId": 10,
+                        "name": "end-one-entity",
+                        "type": "string",
+                        "level": 40,
+                        "mandatory": true,
+                        "parent": "end-one-entity-classification",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End1 Entity ID",
+                        "description": "End1 Entity ID"
+                },
+                {
+                        "itemId": 11,
+                        "name": "end-two-entity-type",
+                        "type": "string",
+                        "level": 50,
+                        "mandatory": true,
+                        "parent": "end-one-entity",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End2 Entity Type",
+                        "description": "End2 Entity Type"
+                },
+                {
+                        "itemId": 12,
+                        "name": "end-two-entity-classification",
+                        "type": "string",
+                        "level": 60,
+                        "mandatory": true,
+                        "parent": "end-two-entity-type",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End2 Entity Classification",
+                        "description": "End2 Entity Classification"
+                },
+                {
+                        "itemId": 13,
+                        "name": "end-two-entity",
+                        "type": "string",
+                        "level": 70,
+                        "mandatory": true,
+                        "parent": "end-two-entity-classification",
+                        "lookupSupported": true,
+                        "recursiveSupported": false,
+                        "excludesSupported": true,
+                        "matcher": "org.apache.ranger.plugin.resourcematcher.RangerDefaultResourceMatcher",
+                        "matcherOptions": {
+                                "wildCard": "true",
+                                "ignoreCase": "true"
+                        },
+                        "label": "End2 Entity ID",
+                        "description": "End2 Entity ID",
+                        "accessTypeRestrictions": [
+                                "add-relationship",
+                                "update-relationship",
+                                "remove-relationship"
+                        ]
 		}
 	],
-	"accessTypes": [
-		{
+        "accessTypes": [{
 			"itemId": 1,
 			"name": "type-create",
 			"label": "Create Type"
@@ -175,10 +301,24 @@
 			"itemId": 12,
 			"name": "admin-import",
 			"label": "Admin Import"
+                },
+                {
+                        "itemId": 13,
+                        "name": "add-relationship",
+                        "label": "Add Relationship"
+                },
+                {
+                        "itemId": 14,
+                        "name": "update-relationship",
+                        "label": "Update Relationship"
+                },
+                {
+                        "itemId": 15,
+                        "name": "remove-relationship",
+                        "label": "Remove Relationship"
 		}
 	],
-	"configs": [
-		{
+        "configs": [{
 			"itemId": 1,
 			"name": "username",
 			"type": "string",
@@ -210,4 +350,4 @@
 	"options": {
 		"enableDenyAndExceptionsInPolicies": "true"
 	}
-}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
index e82df40..9d200ba 100644
--- a/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
+++ b/security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
@@ -1381,4 +1381,5 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10013',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10014',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10015',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10016',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('JAVA_PATCHES',UTC_TIMESTAMP(),'Ranger 1.0.0',UTC_TIMESTAMP(),'localhost','Y');

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
index 9aadbde..bafdb96 100644
--- a/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
+++ b/security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
@@ -1357,5 +1357,6 @@ INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,act
 INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES
(X_DB_VERSION_H_SEQ.nextval,'J10013',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
 INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES
(X_DB_VERSION_H_SEQ.nextval,'J10014',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
 INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES
(X_DB_VERSION_H_SEQ.nextval,'J10015',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
+INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES
(X_DB_VERSION_H_SEQ.nextval,'J10016',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
 INSERT INTO x_db_version_h (id,version,inst_at,inst_by,updated_at,updated_by,active) VALUES
(X_DB_VERSION_H_SEQ.nextval,'JAVA_PATCHES',sys_extract_utc(systimestamp),'Ranger 1.0.0',sys_extract_utc(systimestamp),'localhost','Y');
 commit;

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
index 4766910..2bc58ac 100644
--- a/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
+++ b/security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql
@@ -1470,6 +1470,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10013',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10014',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10015',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10016',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('JAVA_PATCHES',current_timestamp,'Ranger 1.0.0',current_timestamp,'localhost','Y');
 
 DROP VIEW IF EXISTS vx_trx_log;

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
index 82f638d..1b64eea 100644
--- a/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
+++ b/security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql
@@ -1661,6 +1661,8 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
 GO
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10015',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 GO
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10016,CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+GO
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('JAVA_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 GO
 exit

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
----------------------------------------------------------------------
diff --git a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
index 46d92c9..4a216fe 100644
--- a/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
+++ b/security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
@@ -3144,6 +3144,7 @@ INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10013',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10014',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10015',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
+INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('J10016',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 INSERT INTO x_db_version_h (version,inst_at,inst_by,updated_at,updated_by,active) VALUES
('JAVA_PATCHES',CURRENT_TIMESTAMP,'Ranger 1.0.0',CURRENT_TIMESTAMP,'localhost','Y');
 GO
 CREATE VIEW [dbo].[vx_trx_log] AS

http://git-wip-us.apache.org/repos/asf/ranger/blob/0a10ea8b/security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasResourceAndAccessTypeUpdate_J10016.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasResourceAndAccessTypeUpdate_J10016.java
b/security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasResourceAndAccessTypeUpdate_J10016.java
new file mode 100644
index 0000000..eed6a9e
--- /dev/null
+++ b/security-admin/src/main/java/org/apache/ranger/patch/PatchForAtlasResourceAndAccessTypeUpdate_J10016.java
@@ -0,0 +1,359 @@
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ranger.patch;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+import org.apache.ranger.biz.ServiceDBStore;
+import org.apache.ranger.common.GUIDUtil;
+import org.apache.ranger.common.JSONUtil;
+import org.apache.ranger.common.RangerValidatorFactory;
+import org.apache.ranger.common.StringUtil;
+import org.apache.ranger.db.RangerDaoManager;
+import org.apache.ranger.entity.XXAccessTypeDef;
+import org.apache.ranger.entity.XXGroup;
+import org.apache.ranger.entity.XXPolicy;
+import org.apache.ranger.entity.XXPolicyItem;
+import org.apache.ranger.entity.XXPolicyItemAccess;
+import org.apache.ranger.entity.XXPolicyItemGroupPerm;
+import org.apache.ranger.entity.XXPolicyResource;
+import org.apache.ranger.entity.XXPolicyResourceMap;
+import org.apache.ranger.entity.XXPortalUser;
+import org.apache.ranger.entity.XXResourceDef;
+import org.apache.ranger.entity.XXService;
+import org.apache.ranger.entity.XXServiceDef;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
+import org.apache.ranger.plugin.model.RangerServiceDef;
+import org.apache.ranger.plugin.model.RangerServiceDef.RangerAccessTypeDef;
+import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
+import org.apache.ranger.plugin.model.validation.RangerValidator.Action;
+import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil;
+import org.apache.ranger.service.RangerPolicyService;
+import org.apache.ranger.util.CLIUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PatchForAtlasResourceAndAccessTypeUpdate_J10016 extends BaseLoader {
+	private static final Logger logger = Logger.getLogger(PatchForAtlasResourceAndAccessTypeUpdate_J10016.class);
+	private static final String RESOURCE_DEF_NAME = "all - relationship-type, end-one-entity-type,
end-one-entity-classification, end-one-entity, end-two-entity-type, end-two-entity-classification,
end-two-entity";
+	private static final List<String> ATLAS_RESOURCES = new ArrayList<>(
+			Arrays.asList("relationship-type", "end-one-entity-type", "end-one-entity-classification",
"end-one-entity",
+					"end-two-entity-type", "end-two-entity-classification", "end-two-entity"));
+	private static final List<String> ATLAS_ACCESS_TYPES = new ArrayList<>(
+			Arrays.asList("add-relationship", "update-relationship", "remove-relationship"));
+	private static final String LOGIN_ID_ADMIN = "admin";
+	private static final String GROUP_PUBLIC = "public";
+
+	@Autowired
+	RangerDaoManager daoMgr;
+
+	@Autowired
+	ServiceDBStore svcDBStore;
+
+	@Autowired
+	GUIDUtil guidUtil;
+
+	@Autowired
+	JSONUtil jsonUtil;
+
+	@Autowired
+	StringUtil stringUtil;
+
+	@Autowired
+	RangerValidatorFactory validatorFactory;
+
+	@Autowired
+	ServiceDBStore svcStore;
+
+	@Autowired
+	RangerPolicyService policyService;
+
+	public static void main(String[] args) {
+		logger.info("main()");
+		try {
+			PatchForAtlasResourceAndAccessTypeUpdate_J10016 loader = (PatchForAtlasResourceAndAccessTypeUpdate_J10016)
CLIUtil
+					.getBean(PatchForAtlasResourceAndAccessTypeUpdate_J10016.class);
+			loader.init();
+			while (loader.isMoreToProcess()) {
+				loader.load();
+			}
+			logger.info("Load complete. Exiting!!!");
+			System.exit(0);
+		} catch (Exception e) {
+			logger.error("Error loading", e);
+			System.exit(1);
+		}
+	}
+
+	@Override
+	public void init() throws Exception {
+		// Do Nothing
+	}
+
+	@Override
+	public void execLoad() {
+		logger.info("==> PatchForAtlasResourceAndAccessTypeUpdate.execLoad()");
+		try {
+			updateAtlasResourceAndAccessType();
+		} catch (Exception e) {
+			logger.error("Error whille updateAtlasResourceAndAccessType()data.", e);
+		}
+		logger.info("<== PatchForAtlasResourceAndAccessTypeUpdate.execLoad()");
+	}
+
+	@Override
+	public void printStats() {
+		logger.info("AtlasResourceAndAccessTypeUpdate data ");
+	}
+
+	private void updateAtlasResourceAndAccessType() {
+		RangerServiceDef ret = null;
+		RangerServiceDef embeddedAtlasServiceDef = null;
+		XXServiceDef xXServiceDefObj = null;
+		RangerServiceDef dbAtlasServiceDef = null;
+		List<RangerServiceDef.RangerResourceDef> embeddedAtlasResourceDefs = null;
+		List<RangerServiceDef.RangerAccessTypeDef> embeddedAtlasAccessTypes = null;
+
+		try {
+			embeddedAtlasServiceDef = EmbeddedServiceDefsUtil.instance()
+					.getEmbeddedServiceDef(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+			if (embeddedAtlasServiceDef != null) {
+				xXServiceDefObj = daoMgr.getXXServiceDef()
+						.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+				if (xXServiceDefObj == null) {
+					logger.info(xXServiceDefObj + ": service-def not found. No patching is needed");
+					return;
+				}
+
+				dbAtlasServiceDef = svcDBStore
+						.getServiceDefByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+				embeddedAtlasResourceDefs = embeddedAtlasServiceDef.getResources();
+				embeddedAtlasAccessTypes = embeddedAtlasServiceDef.getAccessTypes();
+				if (checkResourcePresent(embeddedAtlasResourceDefs)) {
+					dbAtlasServiceDef.setResources(embeddedAtlasResourceDefs);
+					if (checkAccessPresent(embeddedAtlasAccessTypes)) {
+						dbAtlasServiceDef.setAccessTypes(embeddedAtlasAccessTypes);
+					}
+				}
+
+				RangerServiceDefValidator validator = validatorFactory.getServiceDefValidator(svcStore);
+				validator.validate(dbAtlasServiceDef, Action.UPDATE);
+				ret = svcStore.updateServiceDef(dbAtlasServiceDef);
+				if (ret == null) {
+					logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME
+							+ " service-def");
+					throw new RuntimeException("Error while updating "
+							+ EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME + " service-def");
+				} else {
+					createDefaultPolicyToExistingService();
+					updatePolicyForRelationshipType();
+				}
+			}
+		} catch (Exception e) {
+			logger.error("Error while updating " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME
+ " service-def",e);
+		}
+
+	}
+
+	private void createDefaultPolicyToExistingService() {
+		logger.info("==> createDefaultPolicyToExistingService ");
+		XXPortalUser xxPortalUser = daoMgr.getXXPortalUser().findByLoginId(LOGIN_ID_ADMIN);
+		Long currentUserId = xxPortalUser.getId();
+
+		XXServiceDef xXServiceDefObj = daoMgr.getXXServiceDef()
+				.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+		if (xXServiceDefObj == null) {
+			logger.debug("ServiceDef not fount with name :" + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+			return;
+		}
+		Long xServiceDefId = xXServiceDefObj.getId();
+		List<XXService> xxServices = daoMgr.getXXService().findByServiceDefId(xServiceDefId);
+		for (XXService xxService : xxServices) {
+			List<XXPolicy> xxPolicies = daoMgr.getXXPolicy().findByServiceId(xxService.getId());
+			Boolean isPolicyPresent = true;
+			for (XXPolicy xxPolicy : xxPolicies) {
+				if (!xxPolicy.getName().equalsIgnoreCase(RESOURCE_DEF_NAME)) {
+					isPolicyPresent = false;
+				} else {
+					isPolicyPresent = true;
+					break;
+				}
+			}
+			if (!isPolicyPresent) {
+				XXPolicy xxPolicy = new XXPolicy();
+				xxPolicy.setName(RESOURCE_DEF_NAME);
+				xxPolicy.setDescription(RESOURCE_DEF_NAME);
+				xxPolicy.setService(xxService.getId());
+				xxPolicy.setPolicyPriority(RangerPolicy.POLICY_PRIORITY_NORMAL);
+				xxPolicy.setIsAuditEnabled(Boolean.TRUE);
+				xxPolicy.setIsEnabled(Boolean.TRUE);
+				xxPolicy.setPolicyType(RangerPolicy.POLICY_TYPE_ACCESS);
+				xxPolicy.setGuid(guidUtil.genGUID());
+				xxPolicy.setAddedByUserId(currentUserId);
+				xxPolicy.setUpdatedByUserId(currentUserId);
+				RangerPolicy rangerPolicy = new RangerPolicy();
+				RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(rangerPolicy);
+				xxPolicy.setResourceSignature(resourceSignature.getSignature());
+				XXPolicy createdPolicy = daoMgr.getXXPolicy().create(xxPolicy);
+
+				XXPolicyItem xxPolicyItem = new XXPolicyItem();
+				xxPolicyItem.setIsEnabled(Boolean.TRUE);
+				xxPolicyItem.setDelegateAdmin(Boolean.TRUE);
+				xxPolicyItem.setItemType(0);
+				xxPolicyItem.setOrder(0);
+				xxPolicyItem.setAddedByUserId(currentUserId);
+				xxPolicyItem.setUpdatedByUserId(currentUserId);
+				xxPolicyItem.setPolicyId(createdPolicy.getId());
+				XXPolicyItem createdXXPolicyItem = daoMgr.getXXPolicyItem().create(xxPolicyItem);
+
+				List<String> accessTypes = Arrays.asList("add-relationship", "update-relationship",
+						"remove-relationship");
+				for (int i = 0; i < accessTypes.size(); i++) {
+					XXAccessTypeDef xAccTypeDef = daoMgr.getXXAccessTypeDef().findByNameAndServiceId(accessTypes.get(i),
+							xxPolicy.getService());
+					if (xAccTypeDef == null) {
+						throw new RuntimeException(accessTypes.get(i) + ": is not a valid access-type. policy='"
+								+ xxPolicy.getName() + "' service='" + xxPolicy.getService() + "'");
+					}
+					XXPolicyItemAccess xPolItemAcc = new XXPolicyItemAccess();
+					xPolItemAcc.setIsAllowed(Boolean.TRUE);
+					xPolItemAcc.setType(xAccTypeDef.getId());
+					xPolItemAcc.setOrder(i);
+					xPolItemAcc.setAddedByUserId(currentUserId);
+					xPolItemAcc.setUpdatedByUserId(currentUserId);
+					xPolItemAcc.setPolicyitemid(createdXXPolicyItem.getId());
+					daoMgr.getXXPolicyItemAccess().create(xPolItemAcc);
+				}
+
+				List<String> groups = Arrays.asList(GROUP_PUBLIC);
+				for (int i = 0; i < groups.size(); i++) {
+					String group = groups.get(i);
+					if (StringUtils.isBlank(group)) {
+						continue;
+					}
+					XXGroup xGrp = daoMgr.getXXGroup().findByGroupName(group);
+					if (xGrp == null) {
+						throw new RuntimeException(group + ": group does not exist. policy='" + xxPolicy.getName()
+								+ "' service='" + xxPolicy.getService() + "' group='" + group + "'");
+					}
+					XXPolicyItemGroupPerm xGrpPerm = new XXPolicyItemGroupPerm();
+					xGrpPerm.setGroupId(xGrp.getId());
+					xGrpPerm.setPolicyItemId(createdXXPolicyItem.getId());
+					xGrpPerm.setOrder(i);
+					xGrpPerm.setAddedByUserId(currentUserId);
+					xGrpPerm.setUpdatedByUserId(currentUserId);
+					daoMgr.getXXPolicyItemGroupPerm().create(xGrpPerm);
+				}
+
+				for (int i = 0; i < ATLAS_RESOURCES.size(); i++) {
+					XXResourceDef xResDef = daoMgr.getXXResourceDef().findByNameAndPolicyId(ATLAS_RESOURCES.get(i),
+							createdPolicy.getId());
+					if (xResDef == null) {
+						throw new RuntimeException(ATLAS_RESOURCES.get(i) + ": is not a valid resource-type.
policy='"
+								+ createdPolicy.getName() + "' service='" + createdPolicy.getService() + "'");
+					}
+					XXPolicyResource xPolRes = new XXPolicyResource();
+
+					xPolRes.setAddedByUserId(currentUserId);
+					xPolRes.setUpdatedByUserId(currentUserId);
+					xPolRes.setIsExcludes(Boolean.FALSE);
+					xPolRes.setIsRecursive(Boolean.FALSE);
+					xPolRes.setPolicyId(createdPolicy.getId());
+					xPolRes.setResDefId(xResDef.getId());
+					xPolRes = daoMgr.getXXPolicyResource().create(xPolRes);
+
+					XXPolicyResourceMap xPolResMap = new XXPolicyResourceMap();
+					xPolResMap.setResourceId(xPolRes.getId());
+					xPolResMap.setValue("*");
+					xPolResMap.setOrder(i);
+					xPolResMap.setAddedByUserId(currentUserId);
+					xPolResMap.setUpdatedByUserId(currentUserId);
+					daoMgr.getXXPolicyResourceMap().create(xPolResMap);
+				}
+				logger.info("Creating policy for service id : " + xxService.getId());
+			}
+		}
+		logger.info("<== createDefaultPolicyToExistingService ");
+	}
+
+	private boolean checkResourcePresent(List<RangerServiceDef.RangerResourceDef> resourceDefs)
{
+		boolean ret = false;
+		for (RangerServiceDef.RangerResourceDef resourceDef : resourceDefs) {
+			if (ATLAS_RESOURCES.contains(resourceDef.getName())) {
+				ret = true;
+				break;
+			}
+		}
+		return ret;
+	}
+
+	private boolean checkAccessPresent(List<RangerAccessTypeDef> embeddedAtlasAccessTypes)
{
+		boolean ret = false;
+		for (RangerServiceDef.RangerAccessTypeDef accessDef : embeddedAtlasAccessTypes) {
+			if (ATLAS_ACCESS_TYPES.contains(accessDef.getName())) {
+				ret = true;
+				break;
+			}
+		}
+		return ret;
+	}
+
+	private void updatePolicyForRelationshipType() {
+		logger.info("===> updatePolicyForRelationshipType ");
+		XXPortalUser xxPortalUser = daoMgr.getXXPortalUser().findByLoginId(LOGIN_ID_ADMIN);
+		Long currentUserId = xxPortalUser.getId();
+		XXServiceDef xXServiceDefObj = daoMgr.getXXServiceDef()
+				.findByName(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+		if (xXServiceDefObj == null) {
+			logger.debug(
+					"xXServiceDefObj not found with name : " + EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_ATLAS_NAME);
+			return;
+		}
+		Long xServiceDefId = xXServiceDefObj.getId();
+		XXResourceDef xxResourceDef = daoMgr.getXXResourceDef().findByNameAndServiceDefId(RESOURCE_DEF_NAME,
+				xServiceDefId);
+		List<XXPolicyResource> policyResources = daoMgr.getXXPolicyResource().findByResDefId(xxResourceDef.getId());
+		for (XXPolicyResource xxPolicyResource : policyResources) {
+			XXPolicy xxPolicy = daoMgr.getXXPolicy().getById(xxPolicyResource.getPolicyid());
+			List<XXPolicyItem> xxPolicyItems = daoMgr.getXXPolicyItem().findByPolicyId(xxPolicy.getId());
+			for (XXPolicyItem xxPolicyItem : xxPolicyItems) {
+				XXGroup xxGroup = daoMgr.getXXGroup().findByGroupName(GROUP_PUBLIC);
+				if (xxGroup == null) {
+					logger.error("Group name 'public' not found in database");
+					return;
+				}
+				Long publicGroupId = xxGroup.getId();
+				XXPolicyItemGroupPerm xxPolicyItemGroupPerm = new XXPolicyItemGroupPerm();
+				xxPolicyItemGroupPerm.setPolicyItemId(xxPolicyItem.getId());
+				xxPolicyItemGroupPerm.setGroupId(publicGroupId);
+				xxPolicyItemGroupPerm.setOrder(0);
+				xxPolicyItemGroupPerm.setAddedByUserId(currentUserId);
+				xxPolicyItemGroupPerm.setUpdatedByUserId(currentUserId);
+				daoMgr.getXXPolicyItemGroupPerm().create(xxPolicyItemGroupPerm);
+			}
+		}
+		logger.info("<=== updatePolicyForRelationshipType ");
+	}
+}


Mime
View raw message