Java Code Examples for org.apache.ranger.plugin.model.RangerPolicy#setVersion()
The following examples show how to use
org.apache.ranger.plugin.model.RangerPolicy#setVersion() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: RangerServiceHdfs.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy getPolicyForKMSAudit(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerServiceHdfs.getPolicyForKMSAudit()");
}
RangerPolicy policy = new RangerPolicy();
policy.setIsEnabled(true);
policy.setVersion(1L);
policy.setName(AUDITTOHDFS_POLICY_NAME);
policy.setService(service.getName());
policy.setDescription("Policy for " + AUDITTOHDFS_POLICY_NAME);
policy.setIsAuditEnabled(true);
policy.setResources(createKMSAuditResource(resourceHierarchy));
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
//Create policy item for keyadmin
RangerPolicy.RangerPolicyItem policyItem = new RangerPolicy.RangerPolicyItem();
List<String> userKeyAdmin = new ArrayList<String>();
userKeyAdmin.add("keyadmin");
policyItem.setUsers(userKeyAdmin);
policyItem.setAccesses(getAllowedAccesses(policy.getResources()));
policyItem.setDelegateAdmin(false);
policyItems.add(policyItem);
policy.setPolicyItems(policyItems);
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerServiceHdfs.getPolicyForKMSAudit()" + policy);
}
return policy;
}
Example 2
| Source File: PublicAPIs.java From ranger with Apache License 2.0 | 5 votes |
|
@PUT
@Path("/api/policy/{id}")
@Produces({ "application/json", "application/xml" })
public VXPolicy updatePolicy(VXPolicy vXPolicy, @PathParam("id") Long id) {
if(logger.isDebugEnabled()) {
logger.debug("==> PublicAPIs.updatePolicy(): " + vXPolicy );
}
XXPolicy existing = daoMgr.getXXPolicy().getById(id);
if(existing == null) {
throw restErrorUtil.createRESTException("Policy not found for Id: " + id, MessageEnums.DATA_NOT_FOUND);
}
vXPolicy.setId(id);
RangerService service = serviceREST.getServiceByName(vXPolicy.getRepositoryName());
RangerPolicy policy = serviceUtil.toRangerPolicy(vXPolicy,service);
VXPolicy ret = null;
if(policy != null) {
policy.setVersion(existing.getVersion());
RangerPolicy updatedPolicy = serviceREST.updatePolicy(policy);
ret = serviceUtil.toVXPolicy(updatedPolicy, service);
}
if(logger.isDebugEnabled()) {
logger.debug("<== PublicAPIs.updatePolicy(" + policy + "): " + ret);
}
return ret;
}
Example 3
| Source File: RangerPolicyRetriever.java From ranger with Apache License 2.0 | 5 votes |
|
RangerPolicy getNextPolicy() {
RangerPolicy ret = null;
if (service != null && iterPolicy != null && iterPolicy.hasNext()) {
XXPolicy xPolicy = iterPolicy.next();
if (xPolicy != null) {
String policyText = xPolicy.getPolicyText();
ret = JsonUtils.jsonToObject(policyText, RangerPolicy.class);
if (ret != null) {
ret.setId(xPolicy.getId());
ret.setGuid(xPolicy.getGuid());
ret.setCreatedBy(lookupCache.getUserScreenName(xPolicy.getAddedByUserId()));
ret.setUpdatedBy(lookupCache.getUserScreenName(xPolicy.getUpdatedByUserId()));
ret.setCreateTime(xPolicy.getCreateTime());
ret.setUpdateTime(xPolicy.getUpdateTime());
ret.setVersion(xPolicy.getVersion());
ret.setPolicyType(xPolicy.getPolicyType() == null ? RangerPolicy.POLICY_TYPE_ACCESS : xPolicy.getPolicyType());
ret.setService(service.getName());
ret.setServiceType(serviceDef.getName());
ret.setZoneName(lookupCache.getSecurityZoneName(xPolicy.getZoneId()));
updatePolicyReferenceFields(ret);
getPolicyLabels(ret);
}
}
}
return ret;
}
Example 4
| Source File: RangerBaseService.java From ranger with Apache License 2.0 | 5 votes |
|
private RangerPolicy getDefaultPolicy(List<RangerServiceDef.RangerResourceDef> resourceHierarchy) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerBaseService.getDefaultPolicy()");
}
RangerPolicy policy = new RangerPolicy();
String policyName=buildPolicyName(resourceHierarchy);
policy.setIsEnabled(true);
policy.setVersion(1L);
policy.setName(policyName);
policy.setService(service.getName());
policy.setDescription("Policy for " + policyName);
policy.setIsAuditEnabled(true);
policy.setResources(createDefaultPolicyResource(resourceHierarchy));
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();
//Create Default policy item for the service user
RangerPolicy.RangerPolicyItem policyItem = createDefaultPolicyItem(policy.getResources());
policyItems.add(policyItem);
policy.setPolicyItems(policyItems);
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerBaseService.getDefaultPolicy()" + policy);
}
return policy;
}
Example 5
| Source File: PatchForKafkaServiceDefUpdate_J10033.java From ranger with Apache License 2.0 | 4 votes |
|
private RangerPolicy getRangerPolicy(String newResource, XXPortalUser xxPortalUser, XXService xxService) {
RangerPolicy policy = new RangerPolicy();
List<RangerPolicy.RangerPolicyItemAccess> accesses = getPolicyItemAccesses();
List<String> users = new ArrayList<>(DEFAULT_POLICY_USERS);
List<String> groups = new ArrayList<>(DEFAULT_POLICY_GROUP);
List<RangerPolicy.RangerPolicyItemCondition> conditions = new ArrayList<>();
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicy.RangerPolicyResource> policyResource = new HashMap<>();
RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(false);
rangerPolicyResource.setValue("*");
String policyResourceName = CONSUMERGROUP_RESOURCE_NAME;
policyResource.put(policyResourceName, rangerPolicyResource);
policy.setCreateTime(new Date());
policy.setDescription(newResource);
policy.setIsEnabled(true);
policy.setName(newResource);
policy.setCreatedBy(xxPortalUser.getLoginId());
policy.setUpdatedBy(xxPortalUser.getLoginId());
policy.setUpdateTime(new Date());
policy.setService(xxService.getName());
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setPolicyType(0);
policy.setId(0L);
policy.setGuid("");
policy.setPolicyLabels(new ArrayList<>());
policy.setVersion(1L);
RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(policy);
policy.setResourceSignature(resourceSignature.getSignature());
return policy;
}
Example 6
| Source File: PatchForKafkaServiceDefUpdate_J10025.java From ranger with Apache License 2.0 | 4 votes |
|
private RangerPolicy getRangerPolicy(String newResource, XXPortalUser xxPortalUser, XXService xxService) {
RangerPolicy policy = new RangerPolicy();
List<RangerPolicy.RangerPolicyItemAccess> accesses = getPolicyItemAccesses();
List<String> users = new ArrayList<>(DEFAULT_POLICY_USERS);
List<String> groups = new ArrayList<>();
List<RangerPolicy.RangerPolicyItemCondition> conditions = new ArrayList<>();
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
rangerPolicyItem.setAccesses(accesses);
rangerPolicyItem.setConditions(conditions);
rangerPolicyItem.setGroups(groups);
rangerPolicyItem.setUsers(users);
rangerPolicyItem.setDelegateAdmin(false);
policyItems.add(rangerPolicyItem);
Map<String, RangerPolicy.RangerPolicyResource> policyResource = new HashMap<>();
RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(false);
rangerPolicyResource.setValue("*");
String policyResourceName = KAFKA_RESOURCE_CLUSTER;
if ("all - delegationtoken".equals(newResource)) {
policyResourceName = KAFKA_RESOURCE_DELEGATIONTOKEN;
}
policyResource.put(policyResourceName, rangerPolicyResource);
policy.setCreateTime(new Date());
policy.setDescription(newResource);
policy.setIsEnabled(true);
policy.setName(newResource);
policy.setCreatedBy(xxPortalUser.getLoginId());
policy.setUpdatedBy(xxPortalUser.getLoginId());
policy.setUpdateTime(new Date());
policy.setService(xxService.getName());
policy.setIsAuditEnabled(true);
policy.setPolicyItems(policyItems);
policy.setResources(policyResource);
policy.setPolicyType(0);
policy.setId(0L);
policy.setGuid("");
policy.setPolicyLabels(new ArrayList<>());
policy.setVersion(1L);
RangerPolicyResourceSignature resourceSignature = new RangerPolicyResourceSignature(policy);
policy.setResourceSignature(resourceSignature.getSignature());
return policy;
}
Example 7
| Source File: RangerBaseService.java From ranger with Apache License 2.0 | 4 votes |
|
private void addCustomRangerDefaultPolicies(List<RangerPolicy> ret, Map<String, RangerPolicy.RangerPolicyResource> policyResourceMap, String policyPropertyPrefix) throws Exception {
String policyName = configs.get(policyPropertyPrefix + PROP_DEFAULT_POLICY_NAME_SUFFIX);
String description = configs.get(policyPropertyPrefix + "description");
if (StringUtils.isEmpty(description)) {
description = "Policy for " + policyName;
}
RangerPolicy policy = new RangerPolicy();
policy.setName(policyName);
policy.setIsEnabled(true);
policy.setVersion(1L);
policy.setIsAuditEnabled(true);
policy.setService(serviceName);
policy.setDescription(description);
policy.setName(policyName);
policy.setResources(policyResourceMap);
for (int i = 1; ; i++) {
String policyItemPropertyPrefix = policyPropertyPrefix + "policyItem." + i + ".";
String policyItemUsers = configs.get(policyItemPropertyPrefix + "users");
String policyItemGroups = configs.get(policyItemPropertyPrefix + "groups");
String policyItemRoles = configs.get(policyItemPropertyPrefix + "roles");
String policyItemAccessTypes = configs.get(policyItemPropertyPrefix + "accessTypes");
String isDelegateAdmin = configs.get(policyItemPropertyPrefix + "isDelegateAdmin");
if (StringUtils.isEmpty(policyItemAccessTypes) ||
(StringUtils.isEmpty(policyItemUsers) && StringUtils.isEmpty(policyItemGroups) && StringUtils.isEmpty(policyItemRoles))) {
break;
}
RangerPolicyItem policyItem = new RangerPolicyItem();
policyItem.setDelegateAdmin(Boolean.parseBoolean(isDelegateAdmin));
if (StringUtils.isNotBlank(policyItemUsers)) {
policyItem.setUsers(Arrays.asList(policyItemUsers.split(",")));
}
if (StringUtils.isNotBlank(policyItemGroups)) {
policyItem.setGroups(Arrays.asList(policyItemGroups.split(",")));
}
if (StringUtils.isNotBlank(policyItemRoles)) {
policyItem.setRoles(Arrays.asList(policyItemRoles.split(",")));
}
if (StringUtils.isNotBlank(policyItemAccessTypes)) {
for (String accessType : Arrays.asList(policyItemAccessTypes.split(","))) {
RangerPolicyItemAccess polAccess = new RangerPolicyItemAccess(accessType, true);
policyItem.getAccesses().add(polAccess);
}
}
policy.getPolicyItems().add(policyItem);
}
LOG.info(getServiceName() + ": adding default policy: name=" + policy.getName());
ret.add(policy);
}
