http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java index d725680..f0cb8f4 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceService.java @@ -19,113 +19,167 @@ package org.apache.ranger.service; +import java.lang.reflect.Type; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import com.google.gson.reflect.TypeToken; import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.collections.MapUtils; import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.ranger.authorization.utils.JsonUtils; +import org.apache.ranger.biz.RangerTagDBRetriever; import org.apache.ranger.common.SearchField; import org.apache.ranger.common.SearchField.DATA_TYPE; import org.apache.ranger.common.SearchField.SEARCH_TYPE; import org.apache.ranger.entity.XXServiceResource; +import org.apache.ranger.plugin.model.RangerPolicy; import org.apache.ranger.plugin.model.RangerServiceResource; +import org.apache.ranger.plugin.model.RangerTag; import org.apache.ranger.plugin.util.SearchFilter; import org.springframework.stereotype.Service; @Service public class RangerServiceResourceService extends RangerServiceResourceServiceBase<XXServiceResource, RangerServiceResource> { - private boolean serviceUpdateNeeded = true; + private static final Log LOG = LogFactory.getLog(RangerServiceResourceService.class); - public RangerServiceResourceService() { - searchFields.add(new SearchField(SearchFilter.TAG_RESOURCE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField(SearchFilter.TAG_SERVICE_ID, "obj.serviceId", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); - searchFields.add(new SearchField(SearchFilter.TAG_RESOURCE_SIGNATURE, "obj.resourceSignature", DATA_TYPE.STRING, SEARCH_TYPE.FULL)); - } + private boolean serviceUpdateNeeded = true; - @Override - protected void validateForCreate(RangerServiceResource vObj) { + public static final Type subsumedDataType = new TypeToken<Map<String, RangerPolicy.RangerPolicyResource>>() {}.getType(); + public static final Type duplicatedDataType = new TypeToken<List<RangerTag>>() {}.getType(); - } + public RangerServiceResourceService() { + searchFields.add(new SearchField(SearchFilter.TAG_RESOURCE_ID, "obj.id", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); + searchFields.add(new SearchField(SearchFilter.TAG_SERVICE_ID, "obj.serviceId", DATA_TYPE.INTEGER, SEARCH_TYPE.FULL)); + searchFields.add(new SearchField(SearchFilter.TAG_RESOURCE_SIGNATURE, "obj.resourceSignature", DATA_TYPE.STRING, SEARCH_TYPE.FULL)); + } - @Override - protected void validateForUpdate(RangerServiceResource vObj, XXServiceResource entityObj) { - if (StringUtils.equals(entityObj.getGuid(), vObj.getGuid()) && - StringUtils.equals(entityObj.getResourceSignature(), vObj.getResourceSignature())) { - serviceUpdateNeeded = false; - } else { - serviceUpdateNeeded = true; - } - } + @Override + protected void validateForCreate(RangerServiceResource vObj) { - @Override - public RangerServiceResource postUpdate(XXServiceResource resource) { - RangerServiceResource ret = super.postUpdate(resource); + } - if (serviceUpdateNeeded) { - daoMgr.getXXServiceVersionInfo().updateServiceVersionInfoForServiceResourceUpdate(resource.getId(), resource.getUpdateTime()); - } + @Override + protected void validateForUpdate(RangerServiceResource vObj, XXServiceResource entityObj) { + if (StringUtils.equals(entityObj.getGuid(), vObj.getGuid()) && + StringUtils.equals(entityObj.getResourceSignature(), vObj.getResourceSignature())) { + serviceUpdateNeeded = false; + } else { + serviceUpdateNeeded = true; + } + } - return ret; - } + @Override + public RangerServiceResource postUpdate(XXServiceResource resource) { + RangerServiceResource ret = super.postUpdate(resource); - public RangerServiceResource getPopulatedViewObject(XXServiceResource xObj) { - return populateViewBean(xObj); - } + if (serviceUpdateNeeded) { + daoMgr.getXXServiceVersionInfo().updateServiceVersionInfoForServiceResourceUpdate(resource.getId(), resource.getUpdateTime()); + } - public RangerServiceResource getServiceResourceByGuid(String guid) { - RangerServiceResource ret = null; + return ret; + } - XXServiceResource xxServiceResource = daoMgr.getXXServiceResource().findByGuid(guid); - - if(xxServiceResource != null) { - ret = populateViewBean(xxServiceResource); - } + public RangerServiceResource getPopulatedViewObject(XXServiceResource xObj) { + return populateViewBean(xObj); + } - return ret; - } + public RangerServiceResource getServiceResourceByGuid(String guid) { + RangerServiceResource ret = null; - public List<RangerServiceResource> getByServiceId(Long serviceId) { - List<RangerServiceResource> ret = new ArrayList<RangerServiceResource>(); + XXServiceResource xxServiceResource = daoMgr.getXXServiceResource().findByGuid(guid); - List<XXServiceResource> xxServiceResources = daoMgr.getXXServiceResource().findByServiceId(serviceId); + if (xxServiceResource != null) { + ret = populateViewBean(xxServiceResource); + } - if(CollectionUtils.isNotEmpty(xxServiceResources)) { - for(XXServiceResource xxServiceResource : xxServiceResources) { - RangerServiceResource serviceResource = populateViewBean(xxServiceResource); + return ret; + } - ret.add(serviceResource); - } - } + public List<RangerServiceResource> getByServiceId(Long serviceId) { + List<RangerServiceResource> ret = new ArrayList<RangerServiceResource>(); - return ret; - } + List<XXServiceResource> xxServiceResources = daoMgr.getXXServiceResource().findByServiceId(serviceId); - public RangerServiceResource getByServiceAndResourceSignature(Long serviceId, String resourceSignature) { - RangerServiceResource ret = null; + if (CollectionUtils.isNotEmpty(xxServiceResources)) { + for (XXServiceResource xxServiceResource : xxServiceResources) { + RangerServiceResource serviceResource = populateViewBean(xxServiceResource); - XXServiceResource xxServiceResource = daoMgr.getXXServiceResource().findByServiceAndResourceSignature(serviceId, resourceSignature); - - if(xxServiceResource != null) { - ret = populateViewBean(xxServiceResource); - } + ret.add(serviceResource); + } + } - return ret; - } + return ret; + } - public List<RangerServiceResource> getTaggedResourcesInServiceId(Long serviceId) { - List<RangerServiceResource> ret = new ArrayList<RangerServiceResource>(); + public RangerServiceResource getByServiceAndResourceSignature(Long serviceId, String resourceSignature) { + RangerServiceResource ret = null; - List<XXServiceResource> xxServiceResources = daoMgr.getXXServiceResource().findByServiceId(serviceId); - - if(CollectionUtils.isNotEmpty(xxServiceResources)) { - for(XXServiceResource xxServiceResource : xxServiceResources) { - RangerServiceResource serviceResource = populateViewBean(xxServiceResource); + XXServiceResource xxServiceResource = daoMgr.getXXServiceResource().findByServiceAndResourceSignature(serviceId, resourceSignature); - ret.add(serviceResource); - } - } + if (xxServiceResource != null) { + ret = populateViewBean(xxServiceResource); + } - return ret; - } + return ret; + } + + public List<RangerServiceResource> getTaggedResourcesInServiceId(Long serviceId) { + List<RangerServiceResource> ret = new ArrayList<RangerServiceResource>(); + + List<XXServiceResource> xxServiceResources = daoMgr.getXXServiceResource().findByServiceId(serviceId); + + if (CollectionUtils.isNotEmpty(xxServiceResources)) { + for (XXServiceResource xxServiceResource : xxServiceResources) { + RangerServiceResource serviceResource = populateViewBean(xxServiceResource); + + ret.add(serviceResource); + } + } + + return ret; + } + + @Override + protected XXServiceResource mapViewToEntityBean(RangerServiceResource serviceResource, XXServiceResource xxServiceResource, int operationContext) { + XXServiceResource ret = super.mapViewToEntityBean(serviceResource, xxServiceResource, operationContext); + if (MapUtils.isNotEmpty(serviceResource.getResourceElements())) { + String serviceResourceElements = JsonUtils.mapToJson(serviceResource.getResourceElements()); + if (StringUtils.isNotEmpty(serviceResourceElements)) { + ret.setServiceResourceElements(serviceResourceElements); + } else { + LOG.info("Empty string representing serviceResourceElements in [" + ret + "]!!"); + } + } + + return ret; + } + + @Override + protected RangerServiceResource mapEntityToViewBean(RangerServiceResource serviceResource, XXServiceResource xxServiceResource) { + RangerServiceResource ret = super.mapEntityToViewBean(serviceResource, xxServiceResource); + if (StringUtils.isNotEmpty(xxServiceResource.getServiceResourceElements())) { + Map<String, RangerPolicy.RangerPolicyResource> serviceResourceElements = + RangerTagDBRetriever.gsonBuilder.fromJson(xxServiceResource.getServiceResourceElements(), RangerServiceResourceService.subsumedDataType); + if (MapUtils.isNotEmpty(serviceResourceElements)) { + ret.setResourceElements(serviceResourceElements); + } else { + LOG.info("Empty serviceResourceElement in [" + ret + "]!!"); + } + } else { + LOG.info("Empty string representing serviceResourceElements in [" + xxServiceResource + "]!!"); + } + + return ret; + } + + @Override + Map<String, RangerPolicy.RangerPolicyResource> getServiceResourceElements(XXServiceResource xxServiceResource) { + return new HashMap<>(); + } }
http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java index 6af682a..329d3ee 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerServiceResourceServiceBase.java @@ -73,26 +73,31 @@ public abstract class RangerServiceResourceServiceBase<T extends XXServiceResour vObj.setServiceName(xService.getName()); - List<XXServiceResourceElement> resElementList = daoMgr.getXXServiceResourceElement().findByResourceId(xObj.getId()); - Map<String, RangerPolicy.RangerPolicyResource> resourceElements = new HashMap<String, RangerPolicy.RangerPolicyResource>(); + Map<String, RangerPolicy.RangerPolicyResource> resourceElements = getServiceResourceElements(xObj); - for (XXServiceResourceElement resElement : resElementList) { - List<String> resValueMapList = daoMgr.getXXServiceResourceElementValue().findValuesByResElementId(resElement.getId()); + vObj.setResourceElements(resourceElements); - XXResourceDef xResDef = daoMgr.getXXResourceDef().getById(resElement.getResDefId()); + return vObj; + } - RangerPolicyResource policyRes = new RangerPolicyResource(); - policyRes.setIsExcludes(resElement.getIsExcludes()); - policyRes.setIsRecursive(resElement.getIsRecursive()); - policyRes.setValues(resValueMapList); + Map<String, RangerPolicyResource> getServiceResourceElements(T xObj) { + List<XXServiceResourceElement> resElementList = daoMgr.getXXServiceResourceElement().findByResourceId(xObj.getId()); + Map<String, RangerPolicy.RangerPolicyResource> resourceElements = new HashMap<String, RangerPolicy.RangerPolicyResource>(); - resourceElements.put(xResDef.getName(), policyRes); - } + for (XXServiceResourceElement resElement : resElementList) { + List<String> resValueMapList = daoMgr.getXXServiceResourceElementValue().findValuesByResElementId(resElement.getId()); - vObj.setResourceElements(resourceElements); + XXResourceDef xResDef = daoMgr.getXXResourceDef().getById(resElement.getResDefId()); - return vObj; - } + RangerPolicyResource policyRes = new RangerPolicyResource(); + policyRes.setIsExcludes(resElement.getIsExcludes()); + policyRes.setIsRecursive(resElement.getIsRecursive()); + policyRes.setValues(resValueMapList); + + resourceElements.put(xResDef.getName(), policyRes); + } + return resourceElements; + } public PList<V> searchServiceResources(SearchFilter searchFilter) { PList<V> retList = new PList<V>(); http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java index 82eb252..10c73f0 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefService.java @@ -23,6 +23,8 @@ import java.util.ArrayList; import java.util.List; import org.apache.commons.collections.CollectionUtils; +import org.apache.ranger.authorization.utils.JsonUtils; +import org.apache.ranger.biz.RangerTagDBRetriever; import org.apache.ranger.common.SearchField; import org.apache.ranger.common.SearchField.DATA_TYPE; import org.apache.ranger.common.SearchField.SEARCH_TYPE; @@ -102,5 +104,27 @@ public class RangerTagDefService extends RangerTagDefServiceBase<XXTagDef, Range return ret; } + + @Override + protected RangerTagDef mapEntityToViewBean(RangerTagDef vObj, XXTagDef xObj) { + super.mapEntityToViewBean(vObj, xObj); + + List<RangerTagDef.RangerTagAttributeDef> attributeDefs = RangerTagDBRetriever.gsonBuilder.fromJson(xObj.getTagAttrDefs(), RangerTagDBRetriever.subsumedDataType); + vObj.setAttributeDefs(attributeDefs); + + return vObj; + } + + @Override + protected XXTagDef mapViewToEntityBean(RangerTagDef vObj, XXTagDef xObj, int OPERATION_CONTEXT) { + super.mapViewToEntityBean(vObj, xObj, OPERATION_CONTEXT); + xObj.setTagAttrDefs(JsonUtils.listToJson(vObj.getAttributeDefs())); + return xObj; + } + + @Override + public List<RangerTagDef.RangerTagAttributeDef> getAttributeDefForTagDef(XXTagDef xtagDef) { + return new ArrayList<>(); + } } http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java index 408358c..929a4b0 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagDefServiceBase.java @@ -40,7 +40,7 @@ public abstract class RangerTagDefServiceBase<T extends XXTagDef, V extends Rang GUIDUtil guidUtil; @Autowired - RangerAuditFields rangerAuditFields; + RangerAuditFields<?> rangerAuditFields; @Autowired RangerConfigUtil configUtil; http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java index 28b9115..2fa8830 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerTagService.java @@ -19,13 +19,21 @@ package org.apache.ranger.service; +import java.lang.reflect.Type; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import com.google.gson.reflect.TypeToken; import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.ranger.authorization.utils.JsonUtils; +import org.apache.ranger.biz.RangerTagDBRetriever; import org.apache.ranger.common.SearchField; import org.apache.ranger.common.SearchField.DATA_TYPE; import org.apache.ranger.common.SearchField.SEARCH_TYPE; +import org.apache.ranger.entity.XXServiceResource; import org.apache.ranger.entity.XXTag; import org.apache.ranger.plugin.model.RangerTag; import org.apache.ranger.plugin.util.SearchFilter; @@ -35,6 +43,8 @@ import org.springframework.stereotype.Service; @Service public class RangerTagService extends RangerTagServiceBase<XXTag, RangerTag> { + public static final Type subsumedDataType = new TypeToken<Map<String, String>>() {}.getType(); + public RangerTagService() { searchFields.add(new SearchField(SearchFilter.TAG_ID, "obj.id", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); searchFields.add(new SearchField(SearchFilter.TAG_DEF_ID, "obj.type", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL)); @@ -95,13 +105,12 @@ public class RangerTagService extends RangerTagServiceBase<XXTag, RangerTag> { public List<RangerTag> getTagsForResourceId(Long resourceId) { List<RangerTag> ret = new ArrayList<RangerTag>(); - List<XXTag> xxTags = daoMgr.getXXTag().findForResourceId(resourceId); - - if(CollectionUtils.isNotEmpty(xxTags)) { - for(XXTag xxTag : xxTags) { - RangerTag tag = populateViewBean(xxTag); + XXServiceResource serviceResourceEntity = daoMgr.getXXServiceResource().getById(resourceId); - ret.add(tag); + if (serviceResourceEntity != null) { + String tagsText = serviceResourceEntity.getTags(); + if (StringUtils.isNotEmpty(tagsText)) { + ret = RangerTagDBRetriever.gsonBuilder.fromJson(tagsText, RangerServiceResourceService.duplicatedDataType); } } @@ -111,13 +120,12 @@ public class RangerTagService extends RangerTagServiceBase<XXTag, RangerTag> { public List<RangerTag> getTagsForResourceGuid(String resourceGuid) { List<RangerTag> ret = new ArrayList<RangerTag>(); - List<XXTag> xxTags = daoMgr.getXXTag().findForResourceGuid(resourceGuid); - - if(CollectionUtils.isNotEmpty(xxTags)) { - for(XXTag xxTag : xxTags) { - RangerTag tag = populateViewBean(xxTag); + XXServiceResource serviceResourceEntity = daoMgr.getXXServiceResource().findByGuid(resourceGuid); - ret.add(tag); + if (serviceResourceEntity != null) { + String tagsText = serviceResourceEntity.getTags(); + if (StringUtils.isNotEmpty(tagsText)) { + ret = RangerTagDBRetriever.gsonBuilder.fromJson(tagsText, RangerServiceResourceService.duplicatedDataType); } } @@ -139,4 +147,25 @@ public class RangerTagService extends RangerTagServiceBase<XXTag, RangerTag> { return ret; } + + @Override + protected RangerTag mapEntityToViewBean(RangerTag vObj, XXTag xObj) { + super.mapEntityToViewBean(vObj, xObj); + + Map<String, String> attributes = RangerTagDBRetriever.gsonBuilder.fromJson(xObj.getTagAttrs(), RangerTagService.subsumedDataType); + vObj.setAttributes(attributes); + return vObj; + } + + @Override + protected XXTag mapViewToEntityBean(RangerTag vObj, XXTag xObj, int OPERATION_CONTEXT) { + super.mapViewToEntityBean(vObj, xObj, OPERATION_CONTEXT); + xObj.setTagAttrs(JsonUtils.mapToJson(vObj.getAttributes())); + return xObj; + } + + @Override + public Map<String, String> getAttributesForTag(XXTag xTag) { + return new HashMap<>(); + } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java b/security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java index c96878d..5f5b5c4 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XPortalUserService.java @@ -269,18 +269,10 @@ public class XPortalUserService extends //0.6 daoManager.getXXTagDef().updateUserIDReference("added_by_id", xXPortalUserId); daoManager.getXXTagDef().updateUserIDReference("upd_by_id", xXPortalUserId); - daoManager.getXXTagAttributeDef().updateUserIDReference("added_by_id", xXPortalUserId); - daoManager.getXXTagAttributeDef().updateUserIDReference("upd_by_id", xXPortalUserId); daoManager.getXXServiceResource().updateUserIDReference("added_by_id", xXPortalUserId); daoManager.getXXServiceResource().updateUserIDReference("upd_by_id", xXPortalUserId); - daoManager.getXXServiceResourceElement().updateUserIDReference("added_by_id", xXPortalUserId); - daoManager.getXXServiceResourceElement().updateUserIDReference("upd_by_id", xXPortalUserId); - daoManager.getXXServiceResourceElementValue().updateUserIDReference("added_by_id", xXPortalUserId); - daoManager.getXXServiceResourceElementValue().updateUserIDReference("upd_by_id", xXPortalUserId); daoManager.getXXTag().updateUserIDReference("added_by_id", xXPortalUserId); daoManager.getXXTag().updateUserIDReference("upd_by_id", xXPortalUserId); - daoManager.getXXTagAttribute().updateUserIDReference("added_by_id", xXPortalUserId); - daoManager.getXXTagAttribute().updateUserIDReference("upd_by_id", xXPortalUserId); daoManager.getXXTagResourceMap().updateUserIDReference("added_by_id", xXPortalUserId); daoManager.getXXTagResourceMap().updateUserIDReference("upd_by_id", xXPortalUserId); } http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/main/resources/META-INF/jpa_named_queries.xml ---------------------------------------------------------------------- diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml index cdf6ba6..be51592 100644 --- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml +++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml @@ -244,22 +244,11 @@ </query> </named-query> - <named-query name="XXUser.findByPolicyItemId"> - <query>select obj.name from XXUser obj, XXPolicyItemUserPerm polItemUser - where polItemUser.policyItemId = :polItemId and polItemUser.userId = obj.id </query> - </named-query> - <named-query name="XXUser.findByPortalUserId"> <query>select obj from XXUser obj, XXPortalUser portalUser where portalUser.id = :portalUserId and obj.name = portalUser.loginId</query> </named-query> - <named-query name="XXGroup.findByPolicyItemId"> - <query>select obj.name from XXGroup obj, XXPolicyItemGroupPerm polItemGrp - where polItemGrp.policyItemId = :polItemId and polItemGrp.groupId = obj.id </query> - </named-query> - - <!-- XXPolicyItem --> <named-query name="XXPolicyItem.findByPolicyId"> <query>select obj from XXPolicyItem obj @@ -388,18 +377,6 @@ <query>select obj from XXPolicyConditionDef obj where obj.defId = :serviceDefId and obj.name = :name order by obj.order</query> </named-query> - <named-query name="XXPolicyConditionDef.findByPolicyItemId"> - <query>select obj from XXPolicyConditionDef obj, XXPolicyItemCondition xPolItemCond - where xPolItemCond.policyItemId = :polItemId and obj.id = xPolItemCond.type order by obj.order</query> - </named-query> - - <named-query name="XXPolicyConditionDef.findByPolicyItemIdAndName"> - <query>select obj from XXPolicyConditionDef obj, XXPolicyItemCondition xPolItemCond - where xPolItemCond.policyItemId = :polItemId and obj.name = :name - and obj.id = xPolItemCond.type order by obj.order - </query> - </named-query> - <!-- XXContextEnricherDef --> <named-query name="XXContextEnricherDef.findByServiceDefId"> <query>select obj from XXContextEnricherDef obj where obj.defId = :serviceDefId order by obj.order</query> @@ -511,10 +488,6 @@ </named-query> <!-- XXPolicyResource --> - <named-query name="XXPolicyResource.findByResDefIdAndPolicyId"> - <query>select obj from XXPolicyResource obj where - obj.policyId = :polId and obj.resDefId = :resDefId</query> - </named-query> <named-query name="XXPolicyResource.findByPolicyId"> <query>select obj from XXPolicyResource obj @@ -533,11 +506,6 @@ <named-query name="XXPolicyResource.findByResDefId"> <query>select obj from XXPolicyResource obj where obj.resDefId = :resDefId</query> </named-query> - - <!-- XXPolicyResourceMap --> - <named-query name="XXPolicyResourceMap.findByPolicyResId"> - <query>select obj from XXPolicyResourceMap obj where obj.resourceId = :polResId order by obj.order</query> - </named-query> <named-query name="XXPolicyResourceMap.findByPolicyId"> <query>select obj from XXPolicyResourceMap obj, XXPolicyResource res @@ -556,13 +524,6 @@ </named-query> <!-- XXPolicyItemAccess --> - <named-query name="XXPolicyItemAccess.findByPolicyItemId"> - <query>select obj from XXPolicyItemAccess obj where obj.policyItemId = :polItemId order by obj.order</query> - </named-query> - - <named-query name="XXPolicyItemAccess.findByType"> - <query>select obj from XXPolicyItemAccess obj where obj.type = :type</query> - </named-query> <named-query name="XXPolicyItemAccess.findByPolicyId"> <query>select obj from XXPolicyItemAccess obj, XXPolicyItem item @@ -579,21 +540,214 @@ order by item.policyId, obj.policyItemId, obj.order </query> </named-query> - - <!-- XXPolicyItemCondition --> - <named-query name="XXPolicyItemCondition.findByPolicyItemId"> - <query>select obj from XXPolicyItemCondition obj where obj.policyItemId = :polItemId order by obj.order</query> + + <!-- XXPolicyRefAccessType --> + <named-query name="XXPolicyRefAccessType.findByPolicyId"> + <query>select obj from XXPolicyRefAccessType obj where obj.policyId = :policyId </query> + </named-query> + + <named-query name="XXPolicyRefAccessType.findByAccessTypeDefId"> + <query>select obj from XXPolicyRefAccessType obj where obj.accessDefId = :accessDefId</query> + </named-query> + + <!-- XXPolicyRefCondition --> + <named-query name="XXPolicyRefCondition.findByPolicyId"> + <query>select obj from XXPolicyRefCondition obj where obj.policyId = :policyId </query> + </named-query> + + <named-query name="XXPolicyRefCondition.findByConditionName"> + <query>select obj from XXPolicyRefCondition obj where obj.conditionName = :conditionName</query> + </named-query> + + <!-- XXPolicyRefGroup --> + <named-query name="XXPolicyRefGroup.findByPolicyId"> + <query>select obj from XXPolicyRefGroup obj where obj.policyId = :policyId </query> + </named-query> + + <named-query name="XXPolicyRefGroup.findByGroupName"> + <query>select obj from XXPolicyRefGroup obj where obj.groupName = :groupName</query> + </named-query> + +<!-- new queries --> + <named-query name="XXPolicyRefGroup.findByGroupIdAndPolicyId"> + <query>select obj from XXPolicyRefGroup obj where obj.groupId = :groupId and obj.policyId = :policyId </query> + </named-query> + + <named-query name="XXPolicyRefCondition.findByConditionDefIdAndPolicyId"> + <query>select obj from XXPolicyRefCondition obj where obj.conditionDefId = :conditionDefId and obj.policyId = :policyId </query> + </named-query> + <named-query name="XXPolicyRefCondition.findByConditionDefId"> + <query>select obj from XXPolicyRefCondition obj where obj.conditionDefId = :conditionDefId </query> + </named-query> + + <named-query name="XXUser.findUpdatedUserNames"> + <query>select distinct obj from XXUser obj, XXPolicyRefUser ref where ref.policyId = :policyId and ref.userId = obj.id + and ref.userName != obj.name</query> + </named-query> + + <named-query name="XXAccessTypeDef.findUpdatedAccessDefNames"> + <query>select distinct obj from XXAccessTypeDef obj, XXPolicyRefAccessType ref where ref.policyId = :policyId and ref.accessDefId = obj.id + and ref.accessTypeName != obj.name</query> + </named-query> + + <named-query name="XXDataMaskTypeDef.findUpdatedDataMaskDefNames"> + <query>select distinct obj from XXDataMaskTypeDef obj, XXPolicyRefDataMaskType ref where ref.policyId = :policyId and ref.dataMaskDefId = obj.id + and ref.dataMaskTypeName != obj.name</query> + </named-query> + + <named-query name="XXResourceDef.findUpdatedResourceDefNames"> + <query>select distinct obj from XXResourceDef obj, XXPolicyRefResource ref where ref.policyId = :policyId and ref.resourceDefId = obj.id + and ref.resourceName != obj.name</query> + </named-query> + + <named-query name="XXPolicyRefGroup.findUpdatedGroupNamesByPolicy"> + <query>select groupRef.policyId, groupRef.groupName, grp.name + from XXPolicyRefGroup groupRef, XXGroup grp + where groupRef.policyId = :policy + and groupRef.groupId = grp.id + and groupRef.groupName != grp.name + </query> + </named-query> + + <named-query name="XXPolicyRefGroup.findUpdatedGroupNamesByService"> + <query>select groupRef.policyId, groupRef.groupName, grp.name + from XXPolicy policy, XXPolicyRefGroup groupRef, XXGroup grp + where policy.service = :service + and groupRef.policyId = policy.id + and groupRef.groupId = grp.id + and groupRef.groupName != grp.name + </query> + </named-query> + + <named-query name="XXPolicyRefUser.findUpdatedUserNamesByPolicy"> + <query>select userRef.policyId, userRef.userName, user.name + from XXPolicyRefUser userRef, XXUser user + where userRef.policyId = :policy + and userRef.userId = user.id + and userRef.userName != user.name + </query> + </named-query> + + <named-query name="XXPolicyRefUser.findUpdatedUserNamesByService"> + <query>select userRef.policyId, userRef.userName, user.name + from XXPolicy policy, XXPolicyRefUser userRef, XXUser user + where policy.service = :service + and userRef.policyId = policy.id + and userRef.userId = user.id + and userRef.userName != user.name + </query> + </named-query> + + <named-query name="XXPolicyRefAccessType.findUpdatedAccessNamesByPolicy"> + <query>select accessRef.policyId, accessRef.accessTypeName, accessDef.name + from XXPolicyRefAccessType accessRef, XXAccessTypeDef accessDef + where accessRef.policyId = :policy + and accessRef.accessDefId = accessDef.id + and accessRef.accessTypeName != accessDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefAccessType.findUpdatedAccessNamesByService"> + <query>select accessRef.policyId, accessRef.accessTypeName, accessDef.name + from XXPolicy policy, XXPolicyRefAccessType accessRef, XXAccessTypeDef accessDef + where policy.service = :service + and accessRef.policyId = policy.id + and accessRef.accessDefId = accessDef.id + and accessRef.accessTypeName != accessDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefResource.findUpdatedResourceNamesByPolicy"> + <query>select resourceRef.policyId, resourceRef.resourceName, resourceDef.name + from XXPolicyRefResource resourceRef, XXResourceDef resourceDef + where resourceRef.policyId = :policy + and resourceRef.resourceDefId = resourceDef.id + and resourceRef.resourceName != resourceDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefResource.findUpdatedResourceNamesByService"> + <query>select resourceRef.policyId, resourceRef.resourceName, resourceDef.name + from XXPolicy policy, XXPolicyRefResource resourceRef, XXResourceDef resourceDef + where policy.service = :service + and resourceRef.policyId = policy.id + and resourceRef.resourceDefId = resourceDef.id + and resourceRef.resourceName != resourceDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefDataMaskType.findUpdatedDataMaskNamesByPolicy"> + <query>select dataMaskRef.policyId, dataMaskRef.dataMaskTypeName, dMaskDef.name + from XXPolicyRefDataMaskType dataMaskRef, XXDataMaskTypeDef dMaskDef + where dataMaskRef.policyId = :policy + and dataMaskRef.dataMaskDefId = dMaskDef.id + and dataMaskRef.dataMaskTypeName != dMaskDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefDataMaskType.findUpdatedDataMaskNamesByService"> + <query>select dataMaskRef.policyId, dataMaskRef.dataMaskTypeName, dMaskDef.name + from XXPolicy policy, XXPolicyRefDataMaskType dataMaskRef, XXDataMaskTypeDef dMaskDef + where policy.service = :service + and dataMaskRef.policyId = policy.id + and dataMaskRef.dataMaskDefId = dMaskDef.id + and dataMaskRef.dataMaskTypeName != dMaskDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefCondition.findUpdatedConditionNamesByPolicy"> + <query>select conditionRef.policyId, conditionRef.conditionName, condDef.name + from XXPolicyRefCondition conditionRef, XXPolicyConditionDef condDef + where conditionRef.policyId = :policy + and conditionRef.conditionDefId = condDef.id + and conditionRef.conditionName != condDef.name + </query> + </named-query> + + <named-query name="XXPolicyRefCondition.findUpdatedConditionNamesByService"> + <query>select conditionRef.policyId, conditionRef.conditionName, condDef.name + from XXPolicy policy, XXPolicyRefCondition conditionRef, XXPolicyConditionDef condDef + where policy.service = :service + and conditionRef.policyId = policy.id + and conditionRef.conditionDefId = condDef.id + and conditionRef.conditionName != condDef.name + </query> + </named-query> +<!-- end --> + + <!-- XXPolicyRefDataMaskType --> + <named-query name="XXPolicyRefDataMaskType.findByPolicyId"> + <query>select obj from XXPolicyRefDataMaskType obj where obj.policyId = :policyId </query> + </named-query> + + <named-query name="XXPolicyRefDataMaskType.findByDataMaskTypeName"> + <query>select obj from XXPolicyRefDataMaskType obj where obj.dataMaskTypeName = :dataMaskTypeName</query> + </named-query> + + <!-- XXPolicyRefResource --> + <named-query name="XXPolicyRefResource.findByPolicyId"> + <query>select obj from XXPolicyRefResource obj where obj.policyId = :policyId </query> </named-query> - <named-query name="XXPolicyItemCondition.findByPolicyItemAndDefId"> - <query>select obj from XXPolicyItemCondition obj where - obj.policyItemId = :polItemId and obj.type = :polCondDefId order by obj.order</query> + <named-query name="XXPolicyRefResource.findByResourceDefId"> + <query>select obj from XXPolicyRefResource obj where obj.resourceDefId = :resourceDefId</query> </named-query> - <named-query name="XXPolicyItemCondition.findByPolicyConditionDefId"> - <query>select obj from XXPolicyItemCondition obj where obj.type = :polCondDefId</query> + <!-- XXPolicyRefUser --> + <named-query name="XXPolicyRefUser.findByPolicyId"> + <query>select obj from XXPolicyRefUser obj where obj.policyId = :policyId </query> </named-query> + <named-query name="XXPolicyRefUser.findByUserName"> + <query>select obj from XXPolicyRefUser obj where obj.userName = :userName</query> + </named-query> + + <named-query name="XXPolicyRefUser.findByUserId"> + <query>select obj from XXPolicyRefUser obj where obj.userId = :userId</query> + </named-query> + + <!-- XXPolicyItemCondition --> + <named-query name="XXPolicyItemCondition.findByPolicyId"> <query>select obj from XXPolicyItemCondition obj, XXPolicyItem item where obj.policyItemId = item.id @@ -611,9 +765,6 @@ </named-query> <!-- XXPolicyItemGroupPerm --> - <named-query name="XXPolicyItemGroupPerm.findByPolicyItemId"> - <query>select obj from XXPolicyItemGroupPerm obj where obj.policyItemId = :polItemId order by obj.order</query> - </named-query> <named-query name="XXPolicyItemGroupPerm.findByPolicyId"> <query>select obj from XXPolicyItemGroupPerm obj, XXPolicyItem item @@ -632,9 +783,6 @@ </named-query> <!-- XXPolicyItemUserPerm --> - <named-query name="XXPolicyItemUserPerm.findByPolicyItemId"> - <query>select obj from XXPolicyItemUserPerm obj where obj.policyItemId = :polItemId order by obj.order</query> - </named-query> <named-query name="XXPolicyItemUserPerm.findByPolicyId"> <query>select obj from XXPolicyItemUserPerm obj, XXPolicyItem item @@ -653,9 +801,6 @@ </named-query> <!-- XXPolicyItemDataMaskInfo --> - <named-query name="XXPolicyItemDataMaskInfo.findByPolicyItemId"> - <query>select obj from XXPolicyItemDataMaskInfo obj where obj.policyItemId = :polItemId</query> - </named-query> <named-query name="XXPolicyItemDataMaskInfo.findByPolicyId"> <query>select obj from XXPolicyItemDataMaskInfo obj, XXPolicyItem item @@ -673,14 +818,7 @@ </query> </named-query> - <named-query name="XXPolicyItemDataMaskInfo.findByType"> - <query>select obj from XXPolicyItemDataMaskInfo obj where obj.type = :type</query> - </named-query> - <!-- XXPolicyItemRowFilterInfo --> - <named-query name="XXPolicyItemRowFilterInfo.findByPolicyItemId"> - <query>select obj from XXPolicyItemRowFilterInfo obj where obj.policyItemId = :polItemId</query> - </named-query> <named-query name="XXPolicyItemRowFilterInfo.findByPolicyId"> <query>select obj from XXPolicyItemRowFilterInfo obj, XXPolicyItem item @@ -855,20 +993,6 @@ </query> </named-query> - <named-query name="XXServiceResourceElement.findForServicePlugin"> - <query> - select obj from XXServiceResourceElement obj where obj.resourceId in - (select serviceRes.id from XXServiceResource serviceRes, XXService service where service.id = :serviceId and service.tagService is not null and serviceRes.serviceId = service.id and serviceRes.id in - (select tagResMap.resourceId from XXTagResourceMap tagResMap, XXTag tag, XXTagDef tagDef - where tagResMap.tagId = tag.id and tag.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - ) - order by obj.resourceId, obj.id - </query> - </named-query> - <named-query name="XXServiceResourceElement.findByServiceId"> <query>select obj from XXServiceResourceElement obj where obj.resourceId in (select serviceresource.id from XXServiceResource serviceresource where serviceresource.serviceId = :serviceId) @@ -893,20 +1017,6 @@ </query> </named-query> - <named-query name="XXServiceResourceElementValue.findForServicePlugin"> - <query> - select obj from XXServiceResourceElementValue obj, XXServiceResourceElement serviceResElem where obj.resElementId = serviceResElem.id and - serviceResElem.resourceId in - (select serviceRes.id from XXServiceResource serviceRes, XXService service where service.id = :serviceId and service.tagService is not null and serviceRes.serviceId = service.id and serviceRes.id in - (select tagResMap.resourceId from XXTagResourceMap tagResMap, XXTag tag, XXTagDef tagDef - where tagResMap.tagId = tag.id and tag.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - ) - order by serviceResElem.resourceId, serviceResElem.id - </query> - </named-query> <named-query name="XXServiceResourceElementValue.findByServiceId"> <query>select obj from XXServiceResourceElementValue obj, XXServiceResourceElement resElem where obj.resElementId = resElem.id and resElem.resourceId in (select res.id from XXServiceResource res where res.serviceId = :serviceId) @@ -954,19 +1064,6 @@ order by obj.resourceId</query> </named-query> - <named-query name="XXTagResourceMap.findForServicePlugin"> - <query> - select obj from XXTagResourceMap obj, XXService service, XXServiceResource serviceRes where service.id = :serviceId and service.tagService is not null - and obj.resourceId = serviceRes.id and serviceRes.serviceId = :serviceId - and obj.tagId in - (select tag.id from XXTag tag, XXTagDef tagDef where tag.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - order by obj.resourceId - </query> - </named-query> - <named-query name="XXTagResourceMap.getTagIdsForResourceId"> <query>select obj.tagId from XXTagResourceMap obj where obj.resourceId = :resourceId order by obj.id @@ -980,22 +1077,14 @@ <named-query name="XXTagDef.findByName"> <query>select obj from XXTagDef obj where obj.name = :name</query> </named-query> - - <named-query name="XXTagDef.findByServiceId"> - <query>select obj from XXTagDef obj where obj.id in - (select tag.type from XXTag tag, XXTagResourceMap tagRes, XXServiceResource resource where tag.id = tagRes.tagId and tagRes.resourceId = resource.id and resource.serviceId = :serviceId) - order by obj.id - </query> - </named-query> - <named-query name="XXTagDef.findForServicePlugin"> - <query>select obj from XXTagDef obj, XXService service where service.id = :serviceId and service.tagService is not null and - obj.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policyRes.policyId = policy.id and policy.isEnabled = TRUE and policyResMap.resourceId = policyRes.id) + <named-query name="XXTagDef.findByServiceId"> + <query>select obj.id, obj.guid, obj.version, obj.isEnabled, obj.name, obj.source, obj.tagAttrDefs from XXTagDef obj where obj.id in + (select tag.type from XXTag tag, XXTagResourceMap tagRes, XXServiceResource resource where tag.id = tagRes.tagId and tagRes.resourceId = resource.id and resource.serviceId = :serviceId) order by obj.id </query> </named-query> + <named-query name="XXTagDef.findByResourceId"> <query>select obj from XXTagDef obj where obj.id in (select tag.type from XXTag tag, XXTagResourceMap tagRes where tag.id = tagRes.tagId and tagRes.resourceId = :resourceId) @@ -1017,16 +1106,6 @@ order by obj.tagDefId </query> </named-query> - <named-query name="XXTagAttributeDef.findForServicePlugin"> - <query>select obj from XXTagAttributeDef obj where obj.tagDefId in - (select tagDef.id from XXTagDef tagDef, XXService service where service.id = :serviceId and service.tagService is not null and - tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - order by obj.tagDefId - </query> - </named-query> <named-query name="XXTagAttributeDef.findByResourceId"> <query>select obj from XXTagAttributeDef obj where obj.tagDefId in (select tag.type from XXTag tag, XXTagResourceMap tagRes where tag.id = tagRes.tagId and tagRes.resourceId = :resourceId) @@ -1062,16 +1141,6 @@ </query> </named-query> - <named-query name="XXTag.findForServicePlugin"> - <query> - select obj from XXTag obj, XXTagDef tagDef, XXService service where service.id = :serviceId and service.tagService is not null and - obj.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - order by obj.id - </query> - </named-query> - <named-query name="XXTag.findByServiceIdAndOwner"> <query>select obj from XXTag obj where obj.owner = :owner and obj.id in (select tagRes.tagId from XXTagResourceMap tagRes, XXServiceResource resource where tagRes.resourceId = resource.id and resource.serviceId = :serviceId) @@ -1106,18 +1175,6 @@ </query> </named-query> - <named-query name="XXTagAttribute.findForServicePlugin"> - <query> - select obj from XXTagAttribute obj where obj.tagId in - (select tag.id from XXTag tag, XXTagDef tagDef, XXService service where service.id = :serviceId and service.tagService is not null and - tag.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - order by obj.tagId - </query> - </named-query> - <named-query name="XXServiceResource.findByGuid"> <query>select obj from XXServiceResource obj where obj.guid = :guid</query> </named-query> @@ -1129,9 +1186,9 @@ </named-query> <named-query name="XXServiceResource.findTaggedResourcesInServiceId"> - <query>select obj from XXServiceResource obj where obj.serviceId = :serviceId and obj.id in - (select tagResMap.resourceId from XXTagResourceMap tagResMap) - order by obj.id + <query>select obj.id, obj.guid, obj.version, obj.isEnabled, obj.resourceSignature, obj.serviceId, obj.serviceResourceElements, obj.tags from XXServiceResource obj where obj.serviceId = :serviceId and obj.id in + (select tagResMap.resourceId from XXTagResourceMap tagResMap) + order by obj.id </query> </named-query> @@ -1141,18 +1198,6 @@ </query> </named-query> - <named-query name="XXServiceResource.findForServicePlugin"> - <query> - select obj from XXServiceResource obj, XXService service where service.id = :serviceId and service.tagService is not null and obj.serviceId = service.id and obj.id in - (select tagResMap.resourceId from XXTagResourceMap tagResMap, XXTag tag, XXTagDef tagDef - where tagResMap.tagId = tag.id and tag.type = tagDef.id and tagDef.name in - (select policyResMap.value from XXPolicyResourceMap policyResMap, XXPolicyResource policyRes, XXPolicy policy - where policy.service = service.tagService and policy.isEnabled = TRUE and policyRes.policyId = policy.id and policyResMap.resourceId = policyRes.id) - ) - order by obj.id - </query> - </named-query> - <named-query name="XXServiceResource.findByServiceAndResourceSignature"> <query>select obj from XXServiceResource obj where obj.serviceId = :serviceId and obj.resourceSignature = :resourceSignature</query> </named-query> @@ -1182,12 +1227,12 @@ </query> </named-query> <named-query name="XXPolicy.findByUserId"> - <query>select obj from XXPolicy obj, XXPolicyItem polItem,XXPolicyItemUserPerm polItemUserPerm where - obj.id = polItem.policyId and polItem.id = polItemUserPerm.policyItemId and polItemUserPerm.userId = :userId</query> + <query>select obj from XXPolicy obj, XXPolicyRefUser ref where + obj.id = ref.policyId and ref.userId = :userId</query> </named-query> <named-query name="XXPolicy.findByGroupId"> - <query>select obj from XXPolicy obj, XXPolicyItem polItem,XXPolicyItemGroupPerm polItemGroupPerm where - obj.id = polItem.policyId and polItem.id = polItemGroupPerm.policyItemId and polItemGroupPerm.groupId = :groupId</query> + <query>select obj from XXPolicy obj, XXPolicyRefGroup ref where + obj.id = ref.policyId and ref.groupId = :groupId</query> </named-query> <named-query name="XXAccessAudit.getMaxIdOfXXAccessAudit"> <query>select max(obj.id) from XXAccessAudit obj</query> http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java ---------------------------------------------------------------------- diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java index c9db90a..bf19efd 100644 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestServiceDBStore.java @@ -22,8 +22,8 @@ import java.util.Date; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Map.Entry; +import org.apache.commons.collections.ListUtils; import org.apache.ranger.common.ContextUtil; import org.apache.ranger.common.RESTErrorUtil; import org.apache.ranger.common.RangerFactory; @@ -47,7 +47,6 @@ import org.apache.ranger.plugin.model.RangerServiceDef.RangerEnumDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerPolicyConditionDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerResourceDef; import org.apache.ranger.plugin.model.RangerServiceDef.RangerServiceConfigDef; -//import org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil; import org.apache.ranger.plugin.store.PList; import org.apache.ranger.plugin.store.ServicePredicateUtil; import org.apache.ranger.plugin.util.SearchFilter; @@ -67,6 +66,7 @@ import org.apache.ranger.view.RangerServiceDefList; import org.apache.ranger.view.RangerServiceList; import org.apache.ranger.view.VXGroupList; import org.apache.ranger.view.VXString; +import org.apache.ranger.view.VXUser; import org.apache.ranger.view.VXUserList; import org.junit.Assert; import org.junit.FixMethodOrder; @@ -130,13 +130,16 @@ public class TestServiceDBStore { @Mock ServicePredicateUtil predicateUtil; + @Mock + PolicyRefUpdater policyRefUpdater; + @Mock XGroupService xGroupService; @Mock RESTErrorUtil restErrorUtil; - + @Mock AssetMgr assetMgr; @@ -154,6 +157,22 @@ public class TestServiceDBStore { .getCurrentUserSession(); currentUserSession.setUserAdmin(true); } + + private XXAccessTypeDef rangerKmsAccessTypes(String accessTypeName, int itemId) { + XXAccessTypeDef accessTypeDefObj = new XXAccessTypeDef(); + accessTypeDefObj.setAddedByUserId(Id); + accessTypeDefObj.setCreateTime(new Date()); + accessTypeDefObj.setDefid(Long.valueOf(itemId)); + accessTypeDefObj.setId(Long.valueOf(itemId)); + accessTypeDefObj.setItemId(Long.valueOf(itemId)); + accessTypeDefObj.setLabel(accessTypeName); + accessTypeDefObj.setName(accessTypeName); + accessTypeDefObj.setOrder(null); + accessTypeDefObj.setRbkeylabel(null); + accessTypeDefObj.setUpdatedByUserId(Id); + accessTypeDefObj.setUpdateTime(new Date()); + return accessTypeDefObj; + } private RangerServiceDef rangerServiceDef() { List<RangerServiceConfigDef> configs = new ArrayList<RangerServiceConfigDef>(); @@ -224,6 +243,28 @@ public class TestServiceDBStore { return rangerService; } + + private RangerService rangerKMSService() { + Map<String, String> configs = new HashMap<String, String>(); + configs.put("username", "servicemgr"); + configs.put("password", "servicemgr"); + configs.put("provider", "kmsurl"); + + RangerService rangerService = new RangerService(); + rangerService.setId(Id); + rangerService.setConfigs(configs); + rangerService.setCreateTime(new Date()); + rangerService.setDescription("service kms policy"); + rangerService.setGuid("1427365526516_835_1"); + rangerService.setIsEnabled(true); + rangerService.setName("KMS_1"); + rangerService.setPolicyUpdateTime(new Date()); + rangerService.setType("7"); + rangerService.setUpdatedBy("Admin"); + rangerService.setUpdateTime(new Date()); + + return rangerService; + } private RangerPolicy rangerPolicy() { List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>(); @@ -531,14 +572,19 @@ public class TestServiceDBStore { @Test public void test13deleteServiceDef() throws Exception { + setup(); XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); XXDataMaskTypeDefDao xDataMaskDefDao = Mockito.mock(XXDataMaskTypeDefDao.class); XXAccessTypeDefDao xAccessTypeDefDao = Mockito .mock(XXAccessTypeDefDao.class); XXAccessTypeDefGrantsDao xAccessTypeDefGrantsDao = Mockito .mock(XXAccessTypeDefGrantsDao.class); - XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito - .mock(XXPolicyItemAccessDao.class); + XXPolicyRefAccessTypeDao xPolicyRefAccessTypeDao = Mockito + .mock(XXPolicyRefAccessTypeDao.class); + XXPolicyRefConditionDao xPolicyRefConditionDao = Mockito + .mock(XXPolicyRefConditionDao.class); + XXPolicyRefResourceDao xPolicyRefResourceDao = Mockito + .mock(XXPolicyRefResourceDao.class); XXContextEnricherDefDao xContextEnricherDefDao = Mockito .mock(XXContextEnricherDefDao.class); XXEnumDefDao xEnumDefDao = Mockito.mock(XXEnumDefDao.class); @@ -546,13 +592,7 @@ public class TestServiceDBStore { .mock(XXEnumElementDefDao.class); XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito .mock(XXPolicyConditionDefDao.class); - XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito - .mock(XXPolicyItemConditionDao.class); XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class); - XXPolicyResourceDao xPolicyResourceDao = Mockito - .mock(XXPolicyResourceDao.class); - XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito - .mock(XXPolicyResourceMapDao.class); XXServiceConfigDefDao xServiceConfigDefDao = Mockito .mock(XXServiceConfigDefDao.class); @@ -783,6 +823,40 @@ public class TestServiceDBStore { policyItemUserPermObj.setUserId(Id); policyItemUserPermList.add(policyItemUserPermObj); + List<XXPolicyRefAccessType> policyRefAccessTypeList = new ArrayList<XXPolicyRefAccessType>(); + XXPolicyRefAccessType policyRefAccessType = new XXPolicyRefAccessType(); + policyRefAccessType.setId(Id); + policyRefAccessType.setAccessTypeName("myAccessType"); + policyRefAccessType.setPolicyId(Id); + policyRefAccessType.setCreateTime(new Date()); + policyRefAccessType.setUpdateTime(new Date()); + policyRefAccessType.setAddedByUserId(Id); + policyRefAccessType.setUpdatedByUserId(Id); + policyRefAccessTypeList.add(policyRefAccessType); + + List<XXPolicyRefCondition> policyRefConditionsList = new ArrayList<XXPolicyRefCondition>(); + XXPolicyRefCondition policyRefCondition = new XXPolicyRefCondition(); + policyRefCondition.setId(Id); + policyRefCondition.setAddedByUserId(Id); + policyRefCondition.setConditionDefId(Id); + policyRefCondition.setConditionName("myConditionName"); + policyRefCondition.setPolicyId(Id); + policyRefCondition.setUpdatedByUserId(Id); + policyRefCondition.setCreateTime(new Date()); + policyRefCondition.setUpdateTime(new Date()); + policyRefConditionsList.add(policyRefCondition); + + List<XXPolicyRefResource> policyRefResourcesList = new ArrayList<XXPolicyRefResource>(); + XXPolicyRefResource policyRefResource = new XXPolicyRefResource(); + policyRefResource.setAddedByUserId(Id); + policyRefResource.setCreateTime(new Date()); + policyRefResource.setId(Id); + policyRefResource.setPolicyId(Id); + policyRefResource.setResourceDefId(Id); + policyRefResource.setUpdateTime(new Date()); + policyRefResource.setResourceName("myresourceName"); + policyRefResourcesList.add(policyRefResource); + XXUser xUser = new XXUser(); xUser.setAddedByUserId(Id); xUser.setCreateTime(new Date()); @@ -795,6 +869,18 @@ public class TestServiceDBStore { xUser.setUpdatedByUserId(Id); xUser.setUpdateTime(new Date()); + Mockito.when(daoManager.getXXPolicyRefAccessType()).thenReturn(xPolicyRefAccessTypeDao); + Mockito.when(xPolicyRefAccessTypeDao.findByAccessTypeDefId(Id)).thenReturn(policyRefAccessTypeList); + Mockito.when(xPolicyRefAccessTypeDao.remove(policyRefAccessType)).thenReturn(true); + + Mockito.when(daoManager.getXXPolicyRefCondition()).thenReturn(xPolicyRefConditionDao); + Mockito.when(xPolicyRefConditionDao.findByConditionDefId(Id)).thenReturn(policyRefConditionsList); + Mockito.when(xPolicyRefConditionDao.remove(policyRefCondition)).thenReturn(true); + + Mockito.when(daoManager.getXXPolicyRefResource()).thenReturn(xPolicyRefResourceDao); + Mockito.when(xPolicyRefResourceDao.findByResourceDefID(Id)).thenReturn(policyRefResourcesList); + Mockito.when(xPolicyRefResourceDao.remove(policyRefResource)).thenReturn(true); + Mockito.when(serviceDefService.read(Id)).thenReturn(rangerServiceDef); Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.findByServiceDefId(serviceDefId)).thenReturn(null); @@ -811,11 +897,6 @@ public class TestServiceDBStore { xAccessTypeDefGrantsDao.findByATDId(accessTypeDefObj.getId())) .thenReturn(accessTypeDefGrantslist); - Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn( - xPolicyItemAccessDao); - Mockito.when(xPolicyItemAccessDao.findByType(accessTypeDefObj.getId())) - .thenReturn(policyItemAccessList); - Mockito.when(daoManager.getXXContextEnricherDef()).thenReturn( xContextEnricherDefDao); Mockito.when(xContextEnricherDefDao.findByServiceDefId(serviceDefId)) @@ -835,28 +916,10 @@ public class TestServiceDBStore { Mockito.when(xPolicyConditionDefDao.findByServiceDefId(serviceDefId)) .thenReturn(xConditionDefList); - Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn( - xPolicyItemConditionDao); - Mockito.when( - xPolicyItemConditionDao - .findByPolicyConditionDefId(policyConditionDefObj - .getId())).thenReturn(policyItemConditionList); - Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao); Mockito.when(xResourceDefDao.findByServiceDefId(serviceDefId)) .thenReturn(resDefList); - Mockito.when(daoManager.getXXPolicyResource()).thenReturn( - xPolicyResourceDao); - Mockito.when(xPolicyResourceDao.findByResDefId(resourceDef.getId())) - .thenReturn(policyResourceList); - - Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn( - xPolicyResourceMapDao); - Mockito.when( - xPolicyResourceMapDao.findByPolicyResId(policyResource.getId())) - .thenReturn(policyResourceMapList); - Mockito.when(daoManager.getXXServiceConfigDef()).thenReturn( xServiceConfigDefDao); Mockito.when(xServiceConfigDefDao.findByServiceDefId(serviceDefId)) @@ -1058,8 +1121,6 @@ public class TestServiceDBStore { public void test20updateService() throws Exception { XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); XXService xService = Mockito.mock(XXService.class); - //XXServiceVersionInfoDao xServiceVersionInfoDao = Mockito.mock(XXServiceVersionInfoDao.class); - //XXServiceVersionInfo xServiceVersionInfo = Mockito.mock(XXServiceVersionInfo.class); XXServiceConfigMapDao xServiceConfigMapDao = Mockito .mock(XXServiceConfigMapDao.class); XXServiceConfigDefDao xServiceConfigDefDao = Mockito @@ -1136,10 +1197,6 @@ public class TestServiceDBStore { Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( rangerService); - //Mockito.when(daoManager.getXXServiceVersionInfo()).thenReturn(xServiceVersionInfoDao); - //Mockito.when(xServiceVersionInfoDao.findByServiceId(Id)).thenReturn(xServiceVersionInfo); - //Mockito.when(xServiceVersionInfoDao.update(xServiceVersionInfo)).thenReturn(xServiceVersionInfo); - RangerService dbRangerService = serviceDBStore .updateService(rangerService, options); Assert.assertNotNull(dbRangerService); @@ -1158,31 +1215,16 @@ public class TestServiceDBStore { @Test public void test21deleteService() throws Exception { + setup(); XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class); XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); XXService xService = Mockito.mock(XXService.class); - //XXServiceVersionInfoDao xServiceVersionInfoDao = Mockito.mock(XXServiceVersionInfoDao.class); - //XXServiceVersionInfo xServiceVersionInfo = Mockito.mock(XXServiceVersionInfo.class); - XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class); - XXPolicyItemDataMaskInfoDao xxPolicyItemDataMaskInfoDao = Mockito.mock(XXPolicyItemDataMaskInfoDao.class); - XXPolicyItemRowFilterInfoDao xxPolicyItemRowFilterInfoDao = Mockito.mock(XXPolicyItemRowFilterInfoDao.class); - XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); - XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito - .mock(XXPolicyItemConditionDao.class); - XXPolicyItemGroupPermDao xPolicyItemGroupPermDao = Mockito - .mock(XXPolicyItemGroupPermDao.class); - XXPolicyItemUserPermDao xPolicyItemUserPermDao = Mockito - .mock(XXPolicyItemUserPermDao.class); - XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito - .mock(XXPolicyItemAccessDao.class); - XXPolicyResourceDao xPolicyResourceDao = Mockito - .mock(XXPolicyResourceDao.class); - XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito - .mock(XXPolicyResourceMapDao.class); XXServiceConfigMapDao xServiceConfigMapDao = Mockito .mock(XXServiceConfigMapDao.class); + XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); - RangerService rangerService = rangerService(); + + RangerService rangerService = rangerService(); RangerPolicy rangerPolicy = rangerPolicy(); String name = "HDFS_1-1-20150316062453"; @@ -1224,9 +1266,6 @@ public class TestServiceDBStore { policyItem.setUpdateTime(new Date()); policyItemList.add(policyItem); - //List<XXPolicyItemDataMaskInfo> policyItemDataMaskInfoList = new ArrayList<XXPolicyItemDataMaskInfo>(); - //List<XXPolicyItemRowFilterInfo> policyItemRowFilterInfoList = new ArrayList<XXPolicyItemRowFilterInfo>(); - List<XXPolicyItemCondition> policyItemConditionList = new ArrayList<XXPolicyItemCondition>(); XXPolicyItemCondition policyItemCondition = new XXPolicyItemCondition(); policyItemCondition.setAddedByUserId(Id); @@ -1329,54 +1368,6 @@ public class TestServiceDBStore { Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( rangerService); - //Mockito.when(daoManager.getXXServiceVersionInfo()).thenReturn(xServiceVersionInfoDao); - //Mockito.when(xServiceVersionInfoDao.findByServiceId(Id)).thenReturn(xServiceVersionInfo); - //Mockito.when(xServiceVersionInfoDao.update(xServiceVersionInfo)).thenReturn(xServiceVersionInfo); - - Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao); - Mockito.when(xPolicyItemDao.findByPolicyId(policyItem.getId())) - .thenReturn(policyItemList); - - Mockito.when(daoManager.getXXPolicyItemDataMaskInfo()).thenReturn(xxPolicyItemDataMaskInfoDao); - //Mockito.when(xxPolicyItemDataMaskInfoDao.findByPolicyItemId(policyItem.getId())).thenReturn(policyItemDataMaskInfoList); - - Mockito.when(daoManager.getXXPolicyItemRowFilterInfo()).thenReturn(xxPolicyItemRowFilterInfoDao); - //Mockito.when(xxPolicyItemRowFilterInfoDao.findByPolicyItemId(policyItem.getId())).thenReturn(policyItemRowFilterInfoList); - - Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn( - xPolicyItemConditionDao); - /*Mockito.when( - xPolicyItemConditionDao.findByPolicyItemId(policyItemCondition - .getId())).thenReturn(policyItemConditionList); - */ - Mockito.when(daoManager.getXXPolicyItemGroupPerm()).thenReturn( - xPolicyItemGroupPermDao); - /*Mockito.when( - xPolicyItemGroupPermDao.findByPolicyItemId(policyItem.getId())) - .thenReturn(policyItemGroupPermList); - */ - Mockito.when(daoManager.getXXPolicyItemUserPerm()).thenReturn( - xPolicyItemUserPermDao); - /*Mockito.when(xPolicyItemUserPermDao.findByPolicyItemId(Id)).thenReturn( - policyItemUserPermList);*/ - - Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn( - xPolicyItemAccessDao); - /*Mockito.when( - xPolicyItemAccessDao.findByPolicyItemId(policyItemAccess - .getId())).thenReturn(policyItemAccessList); - */ - Mockito.when(daoManager.getXXPolicyResource()).thenReturn( - xPolicyResourceDao); - Mockito.when(xPolicyResourceDao.findByPolicyId(policyResource.getId())) - .thenReturn(policyResourceList); - - Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn( - xPolicyResourceMapDao); - /*Mockito.when( - xPolicyResourceMapDao.findByPolicyResId(policyResourceMap - .getId())).thenReturn(policyResourceMapList); - */ Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(Id)).thenReturn(xService); @@ -1389,12 +1380,14 @@ public class TestServiceDBStore { Mockito.when( xServiceConfigMapDao.findByServiceId(rangerService.getId())) .thenReturn(xConfMapList); - - Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn(xPolicyLabelMapDao); - /*Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())).thenReturn(xxPolicyLabelMapList);*/ + Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn(xPolicyLabelMapDao); + Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())).thenReturn(ListUtils.EMPTY_LIST); Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); - serviceDBStore.deleteService(Id); + Mockito.when(policyRefUpdater.cleanupRefTables(rangerPolicy)).thenReturn(true); + + serviceDBStore.deleteService(Id); + Mockito.verify(svcService).delete(rangerService); } @Test @@ -1520,16 +1513,13 @@ public class TestServiceDBStore { } @Test - public void tess26createPolicy() throws Exception { + public void test26createPolicy() throws Exception { setup(); XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class); XXPolicy xPolicy = Mockito.mock(XXPolicy.class); XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class); XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); - //XXServiceVersionInfoDao xServiceVersionInfoDao = Mockito.mock(XXServiceVersionInfoDao.class); XXService xService = Mockito.mock(XXService.class); - //XXServiceVersionInfo xServiceVersionInfo = Mockito.mock(XXServiceVersionInfo.class); - XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class); XXServiceDef xServiceDef = serviceDef(); Map<String, String> configs = new HashMap<String, String>(); @@ -1684,9 +1674,6 @@ public class TestServiceDBStore { Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.findByName(name)).thenReturn(xService); - //Mockito.when(daoManager.getXXServiceVersionInfo()).thenReturn(xServiceVersionInfoDao); - //Mockito.when(xServiceVersionInfoDao.findByServiceId(Id)).thenReturn(xServiceVersionInfo); - //Mockito.when(xServiceVersionInfoDao.update(xServiceVersionInfo)).thenReturn(xServiceVersionInfo); Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( rangerService); @@ -1701,15 +1688,8 @@ public class TestServiceDBStore { rangerPolicy); Mockito.when(daoManager.getXXPolicy()).thenReturn(xPolicyDao); - Mockito.when(xPolicyDao.getById(Id)).thenReturn(xPolicy); - - Mockito.when( - rangerAuditFields.populateAuditFields( - Mockito.isA(XXPolicyItem.class), - Mockito.isA(XXPolicy.class))).thenReturn(xPolicyItem); - Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao); - Mockito.when(xPolicyItemDao.create(xPolicyItem)) - .thenReturn(xPolicyItem); + Mockito.when(xPolicyDao.getById(Id)).thenReturn(xPolicy);Mockito.doNothing().when(policyRefUpdater).createNewPolMappingForRefTable(rangerPolicy, xPolicy, xServiceDef); + Mockito.when(policyService.getPopulatedViewObject(xPolicy)).thenReturn(rangerPolicy); Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(Id)).thenReturn(xService); @@ -1721,61 +1701,12 @@ public class TestServiceDBStore { .mock(RangerPolicyResourceSignature.class); Mockito.when(factory.createPolicyResourceSignature(rangerPolicy)) .thenReturn(signature); - - XXResourceDefDao xResourceDefDao = Mockito.mock(XXResourceDefDao.class); - XXResourceDef xResourceDef = Mockito.mock(XXResourceDef.class); - XXPolicyResourceDao xPolicyResourceDao = Mockito - .mock(XXPolicyResourceDao.class); - XXPolicyConditionDefDao xPolicyConditionDefDao = Mockito - .mock(XXPolicyConditionDefDao.class); - Mockito.when(daoManager.getXXResourceDef()).thenReturn(xResourceDefDao); - Mockito.when(xResourceDefDao.findByNameAndPolicyId(policyName, Id)) - .thenReturn(xResourceDef); - - Mockito.when( - rangerAuditFields.populateAuditFields( - Mockito.isA(XXPolicyResource.class), - Mockito.isA(XXPolicy.class))).thenReturn( - xPolicyResource); - Mockito.when(daoManager.getXXPolicyResource()).thenReturn( - xPolicyResourceDao); - Mockito.when(xPolicyResourceDao.create(xPolicyResource)).thenReturn( - xPolicyResource); - - Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn( - xPolicyConditionDefDao); - Mockito.when( - xPolicyConditionDefDao.findByServiceDefIdAndName(Id, - policyItemCondition.getType())).thenReturn( - policyConditionDefObj); - for (Entry<String, RangerPolicyResource> resource : policyResource - .entrySet()) { - Mockito.when(daoManager.getXXResourceDef()).thenReturn( - xResourceDefDao); - Mockito.when( - xResourceDefDao.findByNameAndPolicyId(resource.getKey(), - rangerPolicy.getId())).thenReturn(xResourceDef); - } - - Mockito.when(daoManager.getXXPolicyConditionDef()).thenReturn( - xPolicyConditionDefDao); - Mockito.when( - xPolicyConditionDefDao.findByServiceDefIdAndName( - xServiceDef.getId(), policyItemCondition.getType())) - .thenReturn(policyConditionDefObj); Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); - //RangerTransactionSynchronizationAdapter spy = Mockito.spy(transactionSynchronizationAdapter); - //Mockito.doNothing().when(spy).executeOnTransactionCommit(Mockito.any(Runnable.class)); - RangerPolicy dbRangerPolicy = serviceDBStore.createPolicy(rangerPolicy); - Assert.assertNull(dbRangerPolicy); - Assert.assertEquals(Id, rangerPolicy.getId()); - Mockito.verify(daoManager).getXXServiceDef(); - Mockito.verify(policyService).create(rangerPolicy); - Mockito.verify(rangerAuditFields).populateAuditFields( - Mockito.isA(XXPolicyItem.class), Mockito.isA(XXPolicy.class)); - Mockito.verify(daoManager).getXXPolicyItem(); + + Assert.assertNotNull(dbRangerPolicy); + Assert.assertEquals(Id, dbRangerPolicy.getId()); } @Test @@ -1816,18 +1747,10 @@ public class TestServiceDBStore { XXPolicyDao xPolicyDao = Mockito.mock(XXPolicyDao.class); XXPolicy xPolicy = Mockito.mock(XXPolicy.class); XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); - XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); XXService xService = Mockito.mock(XXService.class); - //XXServiceVersionInfoDao xServiceVersionInfoDao = Mockito.mock(XXServiceVersionInfoDao.class); XXServiceDefDao xServiceDefDao = Mockito.mock(XXServiceDefDao.class); XXServiceDef xServiceDef = Mockito.mock(XXServiceDef.class); - //XXServiceVersionInfo xServiceVersionInfo = Mockito.mock(XXServiceVersionInfo.class); - XXPolicyResourceDao xPolicyResourceDao = Mockito - .mock(XXPolicyResourceDao.class); - XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito - .mock(XXPolicyResourceMapDao.class); - XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class); - XXPolicyItem xPolicyItem = Mockito.mock(XXPolicyItem.class); + XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); RangerService rangerService = rangerService(); @@ -1859,8 +1782,6 @@ public class TestServiceDBStore { policyResourceMap.setValue("1L"); policyResourceMapList.add(policyResourceMap); - List<XXPolicyLabelMap> xxPolicyLabelMapList = new ArrayList<>(); - List<XXServiceConfigDef> xServiceConfigDefList = new ArrayList<XXServiceConfigDef>(); XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef(); serviceConfigDefObj.setId(Id); @@ -1888,10 +1809,6 @@ public class TestServiceDBStore { Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( rangerService); - //Mockito.when(daoManager.getXXServiceVersionInfo()).thenReturn(xServiceVersionInfoDao); - //Mockito.when(xServiceVersionInfoDao.findByServiceId(Id)).thenReturn(xServiceVersionInfo); - //Mockito.when(xServiceVersionInfoDao.update(xServiceVersionInfo)).thenReturn(xServiceVersionInfo); - Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao); Mockito.when(xServiceDefDao.findByName(rangerService.getType())) .thenReturn(xServiceDef); @@ -1902,24 +1819,6 @@ public class TestServiceDBStore { Mockito.when(xPolicyDao.getById(rangerPolicy.getId())).thenReturn( xPolicy); - Mockito.when(daoManager.getXXPolicyResource()).thenReturn( - xPolicyResourceDao); - Mockito.when(xPolicyResourceDao.findByPolicyId(rangerPolicy.getId())) - .thenReturn(policyResourceList); - - Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn( - xPolicyResourceMapDao); - Mockito.when( - xPolicyResourceMapDao.findByPolicyResId(policyResourceMap - .getId())).thenReturn(policyResourceMapList); - - Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao); - - Mockito.when( - rangerAuditFields.populateAuditFields( - Mockito.isA(XXPolicyItem.class), - Mockito.isA(XXPolicy.class))).thenReturn(xPolicyItem); - Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( xService); @@ -1927,19 +1826,19 @@ public class TestServiceDBStore { Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( xService); + Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn(xPolicyLabelMapDao); + Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())).thenReturn(ListUtils.EMPTY_LIST); - Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn( - xPolicyLabelMapDao); - Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())) - .thenReturn(xxPolicyLabelMapList); RangerPolicyResourceSignature signature = Mockito .mock(RangerPolicyResourceSignature.class); Mockito.when(factory.createPolicyResourceSignature(rangerPolicy)) .thenReturn(signature); Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); + Mockito.when(policyRefUpdater.cleanupRefTables(rangerPolicy)).thenReturn(true); + - RangerPolicy dbRangerPolicy = serviceDBStore.updatePolicy(rangerPolicy); + RangerPolicy dbRangerPolicy = serviceDBStore.updatePolicy(rangerPolicy); Assert.assertNotNull(dbRangerPolicy); Assert.assertEquals(dbRangerPolicy, rangerPolicy); Assert.assertEquals(dbRangerPolicy.getId(), rangerPolicy.getId()); @@ -1955,9 +1854,6 @@ public class TestServiceDBStore { rangerPolicy.getIsEnabled()); Assert.assertEquals(dbRangerPolicy.getVersion(), rangerPolicy.getVersion()); - - Mockito.verify(rangerAuditFields).populateAuditFields( - Mockito.isA(XXPolicyItem.class), Mockito.isA(XXPolicy.class)); } @Test @@ -1965,24 +1861,7 @@ public class TestServiceDBStore { setup(); XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); XXService xService = Mockito.mock(XXService.class); - //XXServiceVersionInfoDao xServiceVersionInfoDao = Mockito.mock(XXServiceVersionInfoDao.class); - //XXServiceVersionInfo xServiceVersionInfo = Mockito.mock(XXServiceVersionInfo.class); - XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); - XXPolicyItemDao xPolicyItemDao = Mockito.mock(XXPolicyItemDao.class); - XXPolicyItemDataMaskInfoDao xPolicyItemDataMaskInfoDao = Mockito.mock(XXPolicyItemDataMaskInfoDao.class); - XXPolicyItemRowFilterInfoDao xPolicyItemRowFilterInfoDao = Mockito.mock(XXPolicyItemRowFilterInfoDao.class); - XXPolicyItemConditionDao xPolicyItemConditionDao = Mockito - .mock(XXPolicyItemConditionDao.class); - XXPolicyItemGroupPermDao xPolicyItemGroupPermDao = Mockito - .mock(XXPolicyItemGroupPermDao.class); - XXPolicyItemUserPermDao xPolicyItemUserPermDao = Mockito - .mock(XXPolicyItemUserPermDao.class); - XXPolicyItemAccessDao xPolicyItemAccessDao = Mockito - .mock(XXPolicyItemAccessDao.class); - XXPolicyResourceDao xPolicyResourceDao = Mockito - .mock(XXPolicyResourceDao.class); - XXPolicyResourceMapDao xPolicyResourceMapDao = Mockito - .mock(XXPolicyResourceMapDao.class); + XXPolicyLabelMapDao xPolicyLabelMapDao = Mockito.mock(XXPolicyLabelMapDao.class); RangerService rangerService = rangerService(); RangerPolicy rangerPolicy = rangerPolicy(); @@ -2071,7 +1950,6 @@ public class TestServiceDBStore { policyResource.setUpdateTime(new Date()); policyResourceList.add(policyResource); - List<XXPolicyResourceMap> policyResourceMapList = new ArrayList<XXPolicyResourceMap>(); XXPolicyResourceMap policyResourceMap = new XXPolicyResourceMap(); policyResourceMap.setAddedByUserId(Id); policyResourceMap.setCreateTime(new Date()); @@ -2081,8 +1959,6 @@ public class TestServiceDBStore { policyResourceMap.setUpdatedByUserId(Id); policyResourceMap.setUpdateTime(new Date()); policyResourceMap.setValue("1L"); - policyResourceMapList.add(policyResourceMap); - List<XXPolicyLabelMap> xxPolicyLabelMapList = new ArrayList<>(); List<XXServiceConfigDef> xServiceConfigDefList = new ArrayList<XXServiceConfigDef>(); XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef(); serviceConfigDefObj.setId(Id); @@ -2096,68 +1972,17 @@ public class TestServiceDBStore { Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( rangerService); - Mockito.when(daoManager.getXXPolicyItem()).thenReturn(xPolicyItemDao); - Mockito.when(xPolicyItemDao.findByPolicyId(policyItem.getId())) - .thenReturn(policyItemList); - - Mockito.when(daoManager.getXXPolicyItemDataMaskInfo()).thenReturn(xPolicyItemDataMaskInfoDao); - - Mockito.when(daoManager.getXXPolicyItemRowFilterInfo()).thenReturn(xPolicyItemRowFilterInfoDao); - - Mockito.when(daoManager.getXXPolicyItemCondition()).thenReturn( - xPolicyItemConditionDao); - Mockito.when( - xPolicyItemConditionDao.findByPolicyItemId(policyItemCondition - .getId())).thenReturn(policyItemConditionList); - - Mockito.when(daoManager.getXXPolicyItemGroupPerm()).thenReturn( - xPolicyItemGroupPermDao); - Mockito.when( - xPolicyItemGroupPermDao.findByPolicyItemId(policyItem.getId())) - .thenReturn(policyItemGroupPermList); - - Mockito.when(daoManager.getXXPolicyItemUserPerm()).thenReturn( - xPolicyItemUserPermDao); - Mockito.when(xPolicyItemUserPermDao.findByPolicyItemId(Id)).thenReturn( - policyItemUserPermList); - - Mockito.when(daoManager.getXXPolicyItemAccess()).thenReturn( - xPolicyItemAccessDao); - Mockito.when( - xPolicyItemAccessDao.findByPolicyItemId(policyItemAccess - .getId())).thenReturn(policyItemAccessList); - - Mockito.when(daoManager.getXXPolicyResource()).thenReturn( - xPolicyResourceDao); - Mockito.when(xPolicyResourceDao.findByPolicyId(policyResource.getId())) - .thenReturn(policyResourceList); - - Mockito.when(daoManager.getXXPolicyResourceMap()).thenReturn( - xPolicyResourceMapDao); - Mockito.when( - xPolicyResourceMapDao.findByPolicyResId(policyResourceMap - .getId())).thenReturn(policyResourceMapList); - Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(Id)).thenReturn(xService); - //Mockito.when(daoManager.getXXServiceVersionInfo()).thenReturn(xServiceVersionInfoDao); - //Mockito.when(xServiceVersionInfoDao.findByServiceId(Id)).thenReturn(xServiceVersionInfo); - //Mockito.when(xServiceVersionInfoDao.update(xServiceVersionInfo)).thenReturn(xServiceVersionInfo); - Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( xService); + Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn(xPolicyLabelMapDao); + Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())).thenReturn(ListUtils.EMPTY_LIST); Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); - - Mockito.when(daoManager.getXXPolicyLabelMap()).thenReturn( - xPolicyLabelMapDao); - Mockito.when(xPolicyLabelMapDao.findByPolicyId(rangerPolicy.getId())) - .thenReturn(xxPolicyLabelMapList); - //RangerTransactionSynchronizationAdapter spy = Mockito.spy(transactionSynchronizationAdapter); - //Mockito.doNothing().when(spy).executeOnTransactionCommit(Mockito.any(Runnable.class)); - + Mockito.when(policyRefUpdater.cleanupRefTables(rangerPolicy)).thenReturn(true); serviceDBStore.deletePolicy(Id); } @@ -2493,4 +2318,98 @@ public class TestServiceDBStore { Mockito.verify(daoManager).getXXServiceConfigMap(); Mockito.verify(xxServiceConfigMapDao).findByServiceNameAndConfigKey(rService.getName(), configName); } + + @Test + public void test41createKMSService() throws Exception { + XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class); + XXServiceConfigMapDao xServiceConfigMapDao = Mockito + .mock(XXServiceConfigMapDao.class); + XXUserDao xUserDao = Mockito.mock(XXUserDao.class); + XXServiceConfigDefDao xServiceConfigDefDao = Mockito + .mock(XXServiceConfigDefDao.class); + XXService xService = Mockito.mock(XXService.class); + XXUser xUser = Mockito.mock(XXUser.class); + + Mockito.when(xServiceDao.findByName("KMS_1")).thenReturn( + xService); + Mockito.when(!bizUtil.hasAccess(xService, null)).thenReturn(true); + + RangerService rangerService = rangerKMSService(); + VXUser vXUser = null; + String userName = "servicemgr"; + + List<XXServiceConfigDef> svcConfDefList = new ArrayList<XXServiceConfigDef>(); + XXServiceConfigDef serviceConfigDefObj = new XXServiceConfigDef(); + serviceConfigDefObj.setId(Id); + serviceConfigDefObj.setType("7"); + svcConfDefList.add(serviceConfigDefObj); + Mockito.when(daoManager.getXXServiceConfigDef()).thenReturn( + xServiceConfigDefDao); + + Mockito.when(svcService.create(rangerService)).thenReturn(rangerService); + + Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao); + Mockito.when(xServiceDao.getById(rangerService.getId())).thenReturn( + xService); + Mockito.when(daoManager.getXXServiceConfigMap()).thenReturn( + xServiceConfigMapDao); + + Mockito.when(stringUtil.getValidUserName(userName)) + .thenReturn(userName); + Mockito.when(daoManager.getXXUser()).thenReturn(xUserDao); + Mockito.when(xUserDao.findByUserName(userName)).thenReturn(xUser); + + Mockito.when(xUserService.populateViewBean(xUser)).thenReturn(vXUser); + VXUser vXUserHdfs = new VXUser(); + vXUserHdfs.setName("hdfs"); + vXUserHdfs.setPassword("hdfs"); + VXUser vXUserHive = new VXUser(); + vXUserHive.setName("hive"); + vXUserHive.setPassword("hive"); + + XXServiceConfigMap xConfMap = new XXServiceConfigMap(); + + Mockito.when(svcService.getPopulatedViewObject(xService)).thenReturn( + rangerService); + + Mockito.when( + rangerAuditFields.populateAuditFields( + Mockito.isA(XXServiceConfigMap.class), + Mockito.isA(XXService.class))).thenReturn(xConfMap); + + List<XXAccessTypeDef> accessTypeDefList = new ArrayList<XXAccessTypeDef>(); + accessTypeDefList.add(rangerKmsAccessTypes("getmetadata", 7)); + accessTypeDefList.add(rangerKmsAccessTypes("generateeek", 8)); + accessTypeDefList.add(rangerKmsAccessTypes("decrypteek", 9)); + + RangerServiceDef ran = new RangerServiceDef(); + ran.setName("KMS Test"); + + ServiceDBStore spy = Mockito.spy(serviceDBStore); + + Mockito.when(spy.getServiceByName("KMS_1")).thenReturn( + rangerService); + Mockito.doNothing().when(spy).createDefaultPolicies(rangerService); + + RangerResourceDef resourceDef = new RangerResourceDef(); + resourceDef.setItemId(Id); + resourceDef.setName("keyname"); + resourceDef.setType("string"); + resourceDef.setType("string"); + resourceDef.setLabel("Key Name"); + resourceDef.setDescription("Key Name"); + + List<RangerResourceDef> resourceHierarchy = new ArrayList<RangerResourceDef>(); + resourceHierarchy.addAll(resourceHierarchy); + + spy.createService(rangerService); + vXUser = new VXUser(); + vXUser.setName(userName); + vXUser.setPassword(userName); + + spy.createDefaultPolicies(rangerService); + + Mockito.verify(daoManager, Mockito.atLeast(1)).getXXService(); + Mockito.verify(daoManager).getXXServiceConfigMap(); + } } http://git-wip-us.apache.org/repos/asf/ranger/blob/d424b1a8/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java ---------------------------------------------------------------------- diff --git a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java index 15344ea..a8e6e61 100644 --- a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java +++ b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java @@ -281,7 +281,7 @@ public class TestServiceREST { return rangerService; } - public RangerPolicy rangerPolicy() { + RangerPolicy rangerPolicy() { List<RangerPolicyItemAccess> accesses = new ArrayList<RangerPolicyItemAccess>(); List<String> users = new ArrayList<String>(); List<String> groups = new ArrayList<String>();
