Java Code Examples for org.apache.ranger.plugin.policyengine.RangerAccessRequest#getUser()

The following examples show how to use org.apache.ranger.plugin.policyengine.RangerAccessRequest#getUser() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RangerSampleProjectProvider.java    From ranger with Apache License 2.0 6 votes vote down vote up 
@Override
public void enrich(RangerAccessRequest request) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerSampleProjectProvider.enrich(" + request + ")");
	}
	
	if(request != null && userProjectMap != null && request.getUser() != null) {
		Map<String, Object> context = request.getContext();
		String              project = userProjectMap.getProperty(request.getUser());

		if(context != null && !StringUtils.isEmpty(project)) {
			request.getContext().put(contextName, project);
		} else {
			if(LOG.isDebugEnabled()) {
				LOG.debug("RangerSampleProjectProvider.enrich(): skipping due to unavailable context or project. context=" + context + "; project=" + project);
			}
		}
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerSampleProjectProvider.enrich(" + request + ")");
	}
}
Example 2
Source File: RangerSolrAuditHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up 
private boolean isAuditingNeeded(final RangerAccessResult result) {
    boolean                  ret       = true;
    RangerAccessRequest      request   = result.getAccessRequest();
    RangerAccessResourceImpl resource  = (RangerAccessResourceImpl) request.getResource();
    String resourceName                = (String) resource.getValue(RangerSolrAuthorizer.KEY_COLLECTION);
    String requestUser                 = request.getUser();
    if (resourceName != null && resourceName.equals(RANGER_AUDIT_COLLECTION) && excludeUsers.contains(requestUser)) {
       ret = false;
    }
    return ret;
}
Example 3
Source File: RangerOptimizedPolicyEvaluator.java    From ranger with Apache License 2.0 5 votes vote down vote up 
private boolean isOwnerMatch(RangerAccessRequest request) {
    boolean ret = false;

    if (hasResourceOwner) {
        RangerAccessResource accessedResource = request.getResource();
        String resourceOwner = accessedResource != null ? accessedResource.getOwnerUser() : null;
        String user = request.getUser();

        if (user != null && resourceOwner != null && user.equals(resourceOwner)) {
            ret = true;
        }
    }

    return ret;
}
Example 4
Source File: RangerDefaultPolicyItemEvaluator.java    From ranger with Apache License 2.0 5 votes vote down vote up 
private boolean matchUserGroupAndOwner(RangerAccessRequest request) {
	if(LOG.isDebugEnabled()) {
		LOG.debug("==> RangerDefaultPolicyItemEvaluator.matchUserGroupAndOwner(" + request + ")");
	}

	boolean ret = false;

	String user = request.getUser();
	Set<String> userGroups = request.getUserGroups();

	RangerAccessResource accessedResource = request.getResource();
	String resourceOwner = accessedResource != null ? accessedResource.getOwnerUser() : null;

	if (!ret) {
		Set<String> roles = null;
		if (CollectionUtils.isNotEmpty(policyItem.getRoles())) {
			roles = RangerAccessRequestUtil.getCurrentUserRolesFromContext(request.getContext());
		}
		ret = matchUserGroupAndOwner(user, userGroups, roles, resourceOwner);
	}

	if(LOG.isDebugEnabled()) {
		LOG.debug("<== RangerDefaultPolicyItemEvaluator.matchUserGroupAndOwner(" + request + "): " + ret);
	}

	return ret;
}