This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 000e635 RANGER-3439: Add rest api to get or delete ranger policy
based on guid
000e635 is described below
commit 000e6351ee4628979a20e2b72ac6f226e6dd1c0e
Author: pradeep <prad...@apache.org>
AuthorDate: Mon Nov 22 11:51:16 2021 +0530
RANGER-3439: Add rest api to get or delete ranger policy based on guid
---
.../java/org/apache/ranger/biz/ServiceDBStore.java | 4 ++--
.../java/org/apache/ranger/db/XXPolicyDao.java | 22 +++++++++++++----
.../java/org/apache/ranger/rest/PublicAPIsv2.java | 12 ++++++----
.../java/org/apache/ranger/rest/ServiceREST.java | 28 ++++++++++++----------
.../main/resources/META-INF/jpa_named_queries.xml | 8 +++++--
5 files changed, 50 insertions(+), 24 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 0f0291d..85adda5 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -2303,10 +2303,10 @@ public class ServiceDBStore extends
AbstractServiceStore {
return policyService.read(id);
}
- public RangerPolicy getPolicy(String guid, String serviceName) throws
Exception {
+ public RangerPolicy getPolicy(String guid, String serviceName, String
zoneName) throws Exception {
RangerPolicy ret = null;
if (StringUtils.isNotBlank(guid) &&
StringUtils.isNotBlank(serviceName)) {
- XXPolicy xPolicy =
daoMgr.getXXPolicy().findByPolicyGUIDAndServiceName(guid, serviceName);
+ XXPolicy xPolicy =
daoMgr.getXXPolicy().findPolicyByGUIDAndServiceNameAndZoneName(guid,
serviceName, zoneName);
if (xPolicy != null) {
ret =
policyService.getPopulatedViewObject(xPolicy);
}
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
index b068a06..4677c37 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
@@ -285,16 +285,30 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
return ret;
}
- public XXPolicy findByPolicyGUIDAndServiceName(String guid, String
serviceName) {
- if (guid == null || serviceName == null) {
+ public XXPolicy findPolicyByGUIDAndServiceNameAndZoneName(String guid,
String serviceName, String zoneName) {
+ if (guid == null || serviceName == null) {
return null;
}
+
try {
- XXPolicy xPol =
getEntityManager().createNamedQuery("XXPolicy.findByGUIDAndServiceName",
tClass).setParameter("guid", guid).setParameter("serviceName",
serviceName).getSingleResult();
- return xPol;
+ if (zoneName == null || zoneName.trim().isEmpty()) {
+ return
getEntityManager().createNamedQuery("XXPolicy.findPolicyByPolicyGUIDAndServiceName",
tClass)
+ .setParameter("guid", guid)
+ .setParameter("serviceName",
serviceName)
+ .setParameter("zoneId",
RangerSecurityZone.RANGER_UNZONED_SECURITY_ZONE_ID)
+ .getSingleResult();
+ } else {
+ return getEntityManager()
+
.createNamedQuery("XXPolicy.findPolicyByPolicyGUIDAndServiceNameAndZoneName",
tClass)
+ .setParameter("guid", guid)
+ .setParameter("serviceName",
serviceName)
+ .setParameter("zoneName",
zoneName)
+ .getSingleResult();
+ }
} catch (NoResultException e) {
return null;
}
+
}
public List<XXPolicy> findByPolicyStatus(Boolean isPolicyEnabled) {
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
index 6ab3d52..204cadb 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
@@ -413,8 +413,10 @@ public class PublicAPIsv2 {
@GET
@Path("/api/policy/guid/{guid}")
@Produces({ "application/json", "application/xml" })
- public RangerPolicy getPolicyByGUIDAndServiceName(@PathParam("guid")
String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) {
- return serviceREST.getPolicyByGUIDAndServiceName(guid,
serviceName);
+ public RangerPolicy
getPolicyByGUIDAndServiceNameAndZoneName(@PathParam("guid") String guid,
+
@DefaultValue("")
@QueryParam("serviceName") String serviceName,
+
@DefaultValue("")
@QueryParam("ZoneName") String zoneName) {
+ return
serviceREST.getPolicyByGUIDAndServiceNameAndZoneName(guid, serviceName,
zoneName);
}
@POST
@@ -516,8 +518,10 @@ public class PublicAPIsv2 {
@DELETE
@Path("/api/policy/guid/{guid}")
@Produces({ "application/json", "application/xml" })
- public void deletePolicyByGUIDAndServiceName(@PathParam("guid") String
guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) {
- serviceREST.deletePolicyByGUIDAndServiceName(guid, serviceName);
+ public void
deletePolicyByGUIDAndServiceNameAndZoneName(@PathParam("guid") String guid,
+
@DefaultValue("") @QueryParam("serviceName") String
serviceName,
+
@DefaultValue("") @QueryParam("zoneName") String zoneName) {
+ serviceREST.deletePolicyByGUIDAndServiceNameAndZoneName(guid,
serviceName, zoneName);
}
@GET
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 3ba2965..2f5fda2 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -3762,24 +3762,26 @@ public class ServiceREST {
@GET
@Path("/policies/guid/{guid}")
@Produces({ "application/json", "application/xml" })
- public RangerPolicy getPolicyByGUIDAndServiceName(@PathParam("guid")
String guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) {
+ public RangerPolicy
getPolicyByGUIDAndServiceNameAndZoneName(@PathParam("guid") String guid,
+
@DefaultValue("") @QueryParam("serviceName") String serviceName,
+
@DefaultValue("") @QueryParam("zoneName") String zoneName) {
if (LOG.isDebugEnabled()) {
- LOG.debug("==>
ServiceREST.getPolicyByGUIDAndServiceName(" + guid + ", " + serviceName + ")");
+ LOG.debug("==>
ServiceREST.getPolicyByGUIDAndServiceNameAndZoneName(" + guid + ", " +
serviceName + ", " + zoneName + ")");
}
RangerPolicy ret = null;
RangerPerfTracer perf = null;
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
- perf = RangerPerfTracer.getPerfTracer(PERF_LOG,
"ServiceREST.getPolicyByGUIDAndServiceName(policyGUID=" + guid + ",
serviceName="+ serviceName + ")");
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG,
"ServiceREST.getPolicyByGUIDAndServiceNameAndZoneName(policyGUID=" + guid + ",
serviceName="+ serviceName + ", zoneName="+ zoneName + ")");
}
- ret = svcStore.getPolicy(guid, serviceName);
+ ret = svcStore.getPolicy(guid, serviceName, zoneName);
if (ret != null) {
ensureAdminAndAuditAccess(ret);
}
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
- LOG.error("getPolicyByGUIDAndServiceName(" + guid + ","
+ serviceName + ") failed", excp);
+ LOG.error("getPolicyByGUIDAndServiceNameAndZoneName(" +
guid + "," + serviceName + ", " + zoneName + ") failed", excp);
throw
restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
@@ -3788,7 +3790,7 @@ public class ServiceREST {
throw
restErrorUtil.createRESTException(HttpServletResponse.SC_NOT_FOUND, "Not
found", true);
}
if (LOG.isDebugEnabled()) {
- LOG.debug("<==
ServiceREST.getPolicyByGUIDAndServiceName(" + guid + ", " + serviceName + "): "
+ ret);
+ LOG.debug("<==
ServiceREST.getPolicyByGUIDAndServiceNameAndZoneName(" + guid + ", " +
serviceName + ", " + zoneName +"): " + ret);
}
return ret;
}
@@ -3796,30 +3798,32 @@ public class ServiceREST {
@DELETE
@Path("/policies/guid/{guid}")
@Produces({ "application/json", "application/xml" })
- public void deletePolicyByGUIDAndServiceName(@PathParam("guid") String
guid, @DefaultValue("") @QueryParam("serviceName") String serviceName) {
+ public void
deletePolicyByGUIDAndServiceNameAndZoneName(@PathParam("guid") String guid,
+ @DefaultValue("")
@QueryParam("serviceName") String serviceName,
+ @DefaultValue("")
@QueryParam("zoneName") String zoneName) {
if (LOG.isDebugEnabled()) {
- LOG.debug("==>
ServiceREST.deletePolicyByGUIDAndServiceName(" + guid + ", " + serviceName +
")");
+ LOG.debug("==>
ServiceREST.deletePolicyByGUIDAndServiceNameAndZoneName(" + guid + ", " +
serviceName + ", " + zoneName +")");
}
RangerPolicy ret = null;
RangerPerfTracer perf = null;
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
- perf = RangerPerfTracer.getPerfTracer(PERF_LOG,
"ServiceREST.deletePolicyByGUIDAndServiceName(policyGUID=" + guid + ",
serviceName="+ serviceName + ")");
+ perf = RangerPerfTracer.getPerfTracer(PERF_LOG,
"ServiceREST.deletePolicyByGUIDAndServiceNameAndZoneName(policyGUID=" + guid +
", serviceName="+ serviceName + ", zoneName="+ zoneName +")");
}
- ret = getPolicyByGUIDAndServiceName(guid, serviceName);
+ ret = getPolicyByGUIDAndServiceNameAndZoneName(guid,
serviceName, zoneName);
if (ret != null) {
deletePolicy(ret.getId());
}
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
- LOG.error("deletePolicyByGUIDAndServiceName(" + guid +
"," + serviceName + ") failed", excp);
+
LOG.error("deletePolicyByGUIDAndServiceNameAndZoneName(" + guid + "," +
serviceName + ", " + zoneName + ") failed", excp);
throw
restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
}
if (LOG.isDebugEnabled()) {
- LOG.debug("<==
ServiceREST.deletePolicyByGUIDAndServiceName(" + guid + ", " + serviceName +
")");
+ LOG.debug("<==
ServiceREST.deletePolicyByGUIDAndServiceNameAndZoneName(" + guid + ", " +
serviceName + ", " + zoneName +")");
}
}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 8225e30..539d600 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -393,8 +393,12 @@
<query>select obj from XXPolicy obj where obj.id in (select
item.policyId from XXPolicyItem item) </query>
</named-query>
- <named-query name="XXPolicy.findByGUIDAndServiceName">
- <query>select obj from XXPolicy obj, XXService svc where
obj.guid = :guid and obj.service = svc.id and svc.name = :serviceName</query>
+ <named-query name="XXPolicy.findPolicyByPolicyGUIDAndServiceName">
+ <query>select obj from XXPolicy obj, XXService svc where
obj.guid = :guid and obj.service = svc.id and svc.name = :serviceName and
obj.zoneId = :zoneId</query>
+ </named-query>
+
+ <named-query
name="XXPolicy.findPolicyByPolicyGUIDAndServiceNameAndZoneName">
+ <query>select obj from XXPolicy obj, XXService svc,
XXSecurityZone zone where obj.guid = :guid and obj.service = svc.id and
svc.name = :serviceName and obj.zoneId = zone.id and zone.name =
:zoneName</query>
</named-query>
<!-- XXServiceDef -->
