This is an automated email from the ASF dual-hosted git repository. dineshkumar pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push: new 846213982 RANGER-4081 - If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error 846213982 is described below commit 84621398238f61fbfafe9d38c8171db77ab334fc Author: Dhaval.Rajpara <dhavalrajpara1...@gmail.com> AuthorDate: Tue Jun 13 15:11:19 2023 +0530 RANGER-4081 - If the url to edit a policy, service or permissions for a module, and the url to view user/group/roles contains an invalid id, then page should display an error Signed-off-by: Dineshkumar Yadav <dineshkumar.ya...@outlook.com> --- .../java/org/apache/ranger/biz/ServiceDBStore.java | 4 + .../org/apache/ranger/common/RangerSearchUtil.java | 7 ++ .../java/org/apache/ranger/rest/ServiceREST.java | 28 +++++-- .../src/main/webapp/react-webapp/src/App.jsx | 14 ++++ .../main/webapp/react-webapp/src/utils/XAEnums.js | 6 +- .../main/webapp/react-webapp/src/utils/XAUtils.js | 8 ++ .../main/webapp/react-webapp/src/utils/fetchAPI.js | 17 +++- .../webapp/react-webapp/src/views/ErrorPage.jsx | 13 ++- .../main/webapp/react-webapp/src/views/Layout.jsx | 37 ++++++-- .../src/views/PermissionsModule/EditPermission.jsx | 10 +-- .../views/PolicyListing/AddUpdatePolicyForm.jsx | 95 ++++++++++++--------- .../views/PolicyListing/PolicyListingTabView.jsx | 13 +-- .../src/views/SecurityZone/SecurityZoneForm.jsx | 4 +- .../src/views/SecurityZone/ZoneListing.jsx | 4 +- .../views/ServiceManager/ServiceAuditFilter.jsx | 8 +- .../src/views/ServiceManager/ServiceForm.jsx | 98 ++++++++++++---------- .../groups_details/GroupForm.jsx | 4 +- .../UserGroupRoleListing/role_details/RoleForm.jsx | 2 +- .../users_details/EditUserView.jsx | 2 +- .../scripts/model_bases/RangerServiceDefBase.js | 2 +- .../main/webapp/scripts/models/RangerServiceDef.js | 5 +- .../webapp/scripts/modules/globalize/message/en.js | 3 +- .../src/main/webapp/scripts/utils/XAUtils.js | 6 ++ .../main/webapp/scripts/views/common/ErrorView.js | 3 + .../webapp/scripts/views/service/ServiceCreate.js | 3 + 25 files changed, 267 insertions(+), 129 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java index 7030542d9..1f9801ba2 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java @@ -1916,6 +1916,10 @@ public class ServiceDBStore extends AbstractServiceStore { // TODO: As of now we are allowing SYS_ADMIN to read all the // services including KMS + if (xService == null) { + throw restErrorUtil.createRESTException("Data Not Found for given Id", + MessageEnums.DATA_NOT_FOUND, id, null, "readResource : No Object found with given id."); + } if (!bizUtil.hasAccess(xService, null)) { throw restErrorUtil.createRESTException("Logged in user is not allowed to read service, id: " + id, MessageEnums.OPER_NO_PERMISSION); diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java index 8030fe7a4..e8aab9af5 100644 --- a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java @@ -182,6 +182,13 @@ public class RangerSearchUtil extends SearchUtil { MessageEnums.INVALID_INPUT_DATA, null, SearchFilter.PAGE_SIZE); ret.setMaxRows(validatePageSize(pageSize)); + if (request.getParameter(SearchFilter.POLICY_TYPE) != null) { + int policyType = restErrorUtil.parseInt(request.getParameter(SearchFilter.POLICY_TYPE), 0, + "Invalid value for parameter policyType", MessageEnums.INVALID_INPUT_DATA, null, + SearchFilter.POLICY_TYPE); + ret.setParam(SearchFilter.POLICY_TYPE, Integer.toString(policyType)); + } + ret.setGetCount(restErrorUtil.parseBoolean(request.getParameter("getCount"), true)); String sortBy = restErrorUtil.validateString(request.getParameter(SearchFilter.SORT_BY), StringUtil.VALIDATION_ALPHA, "Invalid value for parameter sortBy", MessageEnums.INVALID_INPUT_DATA, diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java index 6348d0287..e91d3bc71 100644 --- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java +++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java @@ -33,6 +33,7 @@ import java.util.Map; import java.util.Map.Entry; import java.util.Set; import java.util.TreeMap; +import java.util.stream.IntStream; import java.util.Objects; import javax.annotation.Nonnull; @@ -59,6 +60,7 @@ import org.apache.commons.io.IOUtils; import org.apache.commons.lang.ArrayUtils; import org.apache.commons.lang.RandomStringUtils; import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.math.NumberUtils; import org.apache.ranger.admin.client.datatype.RESTResponse; import org.apache.ranger.authorization.hadoop.config.RangerAdminConfig; import org.apache.ranger.authorization.utils.StringUtil; @@ -446,15 +448,18 @@ public class ServiceREST { perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServiceDef(serviceDefId=" + id + ")"); } XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(id); - if(EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(xServiceDef.getName())) { - if (!bizUtil.hasModuleAccess(RangerConstants.MODULE_TAG_BASED_POLICIES)) { - throw restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is not having permissions on the tag module.", true); + if (xServiceDef != null) { + if (EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME.equals(xServiceDef.getName())) { + if (!bizUtil.hasModuleAccess(RangerConstants.MODULE_TAG_BASED_POLICIES)) { + throw restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, + "User is not having permissions on the tag module.", true); + } + } + if (!bizUtil.hasAccess(xServiceDef, null)) { + throw restErrorUtil.createRESTException( + "User is not allowed to access service-def, id: " + xServiceDef.getId(), + MessageEnums.OPER_NO_PERMISSION); } - } - if (!bizUtil.hasAccess(xServiceDef, null)) { - throw restErrorUtil.createRESTException( - "User is not allowed to access service-def, id: " + xServiceDef.getId(), - MessageEnums.OPER_NO_PERMISSION); } ret = svcStore.getServiceDef(id); @@ -2997,6 +3002,13 @@ public class ServiceREST { perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.getServicePolicies(serviceId=" + serviceId + ")"); } + String policyTypeStr = filter.getParam(SearchFilter.POLICY_TYPE); + if (policyTypeStr != null && !IntStream.of(RangerPolicy.POLICY_TYPES).anyMatch(x -> x == Integer.parseInt(policyTypeStr))) { + throw restErrorUtil.createRESTException("policyTypes with id: " + policyTypeStr + " does not exist", + MessageEnums.DATA_NOT_FOUND, Long.parseLong(policyTypeStr), null, + "readResource : No Object found with given id."); + } + // get all policies from the store; pick the page to return after applying filter int savedStartIndex = filter == null ? 0 : filter.getStartIndex(); int savedMaxRows = filter == null ? Integer.MAX_VALUE : filter.getMaxRows(); diff --git a/security-admin/src/main/webapp/react-webapp/src/App.jsx b/security-admin/src/main/webapp/react-webapp/src/App.jsx index 28df2d026..bc3cf9a7a 100644 --- a/security-admin/src/main/webapp/react-webapp/src/App.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/App.jsx @@ -30,6 +30,7 @@ import { getUserProfile, setUserProfile } from "Utils/appState"; import LayoutComp from "Views/Layout"; import { getServiceDef, setServiceDef } from "./utils/appState"; import { filter, sortBy } from "lodash"; + const HomeComp = lazy(() => import("Views/Home")); const ServiceFormComp = lazy(() => import("Views/ServiceManager/ServiceForm")); const UserProfileComp = lazy(() => import("Views/UserProfile")); @@ -325,6 +326,19 @@ export default class App extends Component { path="/knoxSSOWarning" element={<ErrorPage errorCode="checkSSOTrue" />} /> + {/*DATA NOT FOUND PAGE*/} + <Route + path="/dataNotFound" + element={<ErrorPage errorCode="400" />} + /> + <Route + path="/pageNotFound" + element={<ErrorPage errorCode="404" />} + /> + <Route + path="/forbidden" + element={<ErrorPage errorCode="403" />} + /> <Route path="/locallogin" element={<Loader />} /> {/* NOT FOUND ROUTE */} <Route path="*" /> diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js b/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js index be1c2cbb8..29da52dc6 100644 --- a/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js +++ b/security-admin/src/main/webapp/react-webapp/src/utils/XAEnums.js @@ -621,7 +621,11 @@ export const PathAssociateWithModule = { Permission: ["/permissions/models", "/permissions/:permissionId/edit"], Profile: ["/userprofile"], KnoxSignOut: ["/knoxSSOWarning"], - localLogin: ["/locallogin"] + DataNotFound: ["/dataNotFound"], + PageNotFound: ["/pageNotFound"], + localLogin: ["/locallogin"], + slashPath: ["/"], + Forbidden: ["/forbidden"] }; /* Access */ diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js b/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js index ec4258d24..19c600d1a 100644 --- a/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js +++ b/security-admin/src/main/webapp/react-webapp/src/utils/XAUtils.js @@ -151,6 +151,10 @@ export const hasAccessToPath = (pathName) => { let moduleNames = union(userModules, groupModules); moduleNames.push("Profile"); moduleNames.push("KnoxSignOut"); + moduleNames.push("DataNotFound"); + moduleNames.push("PageNotFound"); + moduleNames.push("Forbidden"); + moduleNames.push("localLogin"); if (isSystemAdmin() || isAuditor()) { moduleNames.push("Permission"); @@ -1391,3 +1395,7 @@ export const checkKnoxSSO = async (navigate) => { console.error(`Error occurred while logout! ${error}`); } }; + +export const navigateTo = { + navigate: null +}; diff --git a/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js b/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js index 86f8fb79d..5d9a7d5c4 100644 --- a/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js +++ b/security-admin/src/main/webapp/react-webapp/src/utils/fetchAPI.js @@ -17,7 +17,6 @@ * under the License. */ import axios from "axios"; -import history from "./history"; import ErrorPage from "../views/ErrorPage"; import { RANGER_REST_CSRF_ENABLED, @@ -26,6 +25,7 @@ import { CSRFToken } from "./appConstants"; import { toast } from "react-toastify"; +import { navigateTo } from "./XAUtils"; let csrfEnabled = false; let restCsrfCustomHeader = null; @@ -88,6 +88,21 @@ async function fetchApi(axiosConfig = {}, otherConf = {}) { window.location.replace("login.jsp?sessionTimeout=true"); } } + if ( + error?.response?.status === 400 && + (error?.response?.data?.messageList?.[0]?.name == "DATA_NOT_FOUND" || + error?.response?.data?.messageList?.[0]?.name == "INVALID_INPUT_DATA") + ) { + navigateTo.navigate("/dataNotFound", { replace: true }); + } + if (error?.response?.status === 404) { + navigateTo.navigate("/pageNotFound", { replace: true }); + return; + } + if (error?.response?.status === 403) { + navigateTo.navigate("/forbidden", { replace: true }); + return; + } throw error; } } diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx index 6ed0ed9a8..9e99e5077 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/ErrorPage.jsx @@ -21,7 +21,6 @@ import React, { useState, useEffect } from "react"; import { useNavigate } from "react-router-dom"; import errorIcon from "Images/error-404-icon.png"; import { Button } from "react-bootstrap"; -import { PathAssociateWithModule } from "../utils/XAEnums"; export const ErrorPage = (props) => { const [errorCode, setErrorCode] = useState(null); @@ -63,6 +62,10 @@ export const ErrorPage = (props) => { setErrorCode("Page not found (404)."); setErrorInfo("Sorry, this page isn't here or has moved."); } + if (props.errorCode == "400") { + setErrorCode("Data Not Found (400)."); + setErrorInfo("Data not found for given page."); + } }); return ( @@ -80,7 +83,13 @@ export const ErrorPage = (props) => { </div> </div> <div className="mt-2"> - <Button size="sm" onClick={() => navigate(-1)} className="mr-1"> + <Button + size="sm" + onClick={() => + props.errorCode == "checkSSOTrue" ? navigate(-1) : navigate(-2) + } + className="mr-1" + > <i className="fa-fw fa fa-long-arrow-left"></i> Go back </Button> {props.errorCode !== "checkSSOTrue" && ( diff --git a/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx index f27f4de40..49edc2861 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/Layout.jsx @@ -19,19 +19,28 @@ import React, { useState, useEffect } from "react"; import { Button, Modal } from "react-bootstrap"; -import { useLocation, Outlet, Navigate, useNavigate } from "react-router-dom"; +import { + useLocation, + Outlet, + Navigate, + useNavigate, + matchRoutes +} from "react-router-dom"; import ErrorPage from "./ErrorPage"; -import { hasAccessToPath, checkKnoxSSO } from "Utils/XAUtils"; +import { hasAccessToPath, checkKnoxSSO, navigateTo } from "Utils/XAUtils"; import { useIdleTimer } from "react-idle-timer"; import { getUserProfile } from "Utils/appState"; import SideBar from "./SideBar/SideBar"; import { Loader } from "../components/CommonComponents"; import { Suspense } from "react"; +import { PathAssociateWithModule } from "../utils/XAEnums"; +import { flatMap, includes, values } from "lodash"; const Layout = () => { let location = useLocation(); const navigate = useNavigate(); const userProfile = getUserProfile(); + navigateTo.navigate = useNavigate(); const [open, setOpen] = useState(false); const [timer, setTimer] = useState(0); @@ -120,17 +129,29 @@ const Layout = () => { <SideBar /> </div> {location.pathname === "/" && - window.location.pathname !== "/locallogin" && ( + window.location.pathname !== "/locallogin" && + window.location.pathname != "/dataNotFound" && + window.location.pathname != "/pageNotFound" && + window.location.pathname != "/forbidden" && ( <Navigate to="/policymanager/resource" replace={true} /> )} <div id="content" className="content-body"> <div id="ranger-content"> - {hasAccessToPath(location.pathname) ? ( - <Suspense fallback={<Loader />}> - <Outlet /> - </Suspense> + {matchRoutes( + flatMap(values(PathAssociateWithModule)).map((val) => ({ + path: val + })), + location.pathname + ) ? ( + hasAccessToPath(location.pathname) ? ( + <Suspense fallback={<Loader />}> + <Outlet /> + </Suspense> + ) : ( + <ErrorPage errorCode="401" /> + ) ) : ( - <ErrorPage errorCode="401" /> + <ErrorPage errorCode="404" /> )} </div> diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx index f2570e458..a3e55dfbd 100755 --- a/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/PermissionsModule/EditPermission.jsx @@ -190,20 +190,20 @@ const EditPermission = (props) => { url: `xusers/permission/${permissionId}`, params: {} }); - data = permissionResp.data; + data = permissionResp?.data; } catch (error) { console.error(`Error occurred while fetching Permissions ! ${error}`); } - groups = reverse(data.groupPermList); - users = reverse(data.userPermList); + groups = reverse(data?.groupPermList); + users = reverse(data?.userPermList); dispatch({ type: "SET_DATA", data, - grpData: groups.map((obj) => ({ + grpData: groups?.map((obj) => ({ label: obj.groupName, value: obj.groupId })), - usrData: users.map((obj) => ({ + usrData: users?.map((obj) => ({ label: obj.userName, value: obj.userId })) diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx index ee3d21d15..a27cbaa28 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx @@ -95,7 +95,7 @@ function reducer(state, action) { loader: false, serviceDetails: action.serviceDetails, serviceCompDetails: action.serviceCompDetails, - policyData: action.policyData, + policyData: action?.policyData, formData: action.formData }; default: @@ -219,6 +219,21 @@ export default function AddUpdatePolicyForm(props) { let serviceCompData = serviceDefs?.allServiceDefs?.find((servicedef) => { return servicedef.name == serviceData.type; }); + if (serviceCompData) { + let serviceDefPolicyType = 0; + if ( + serviceCompData?.dataMaskDef && + Object.keys(serviceCompData.dataMaskDef).length != 0 + ) + serviceDefPolicyType++; + if ( + serviceCompData?.rowFilterDef && + Object.keys(serviceCompData.rowFilterDef).length != 0 + ) + serviceDefPolicyType++; + if (+policyType > serviceDefPolicyType) + navigate("/pageNotFound", { replace: true }); + } let policyData = null; if (policyId) { policyData = await fetchPolicyData(); @@ -287,63 +302,63 @@ export default function AddUpdatePolicyForm(props) { data.policyItems = policyId && policyData?.policyItems?.length > 0 ? setPolicyItemVal( - policyData.policyItems, - serviceCompData.accessTypes, + policyData?.policyItems, + serviceCompData?.accessTypes, null, - serviceCompData.name + serviceCompData?.name ) : [{}]; data.allowExceptions = policyId && policyData?.allowExceptions?.length > 0 ? setPolicyItemVal( - policyData.allowExceptions, - serviceCompData.accessTypes, + policyData?.allowExceptions, + serviceCompData?.accessTypes, null, - serviceCompData.name + serviceCompData?.name ) : [{}]; data.denyPolicyItems = policyId && policyData?.denyPolicyItems?.length > 0 ? setPolicyItemVal( - policyData.denyPolicyItems, - serviceCompData.accessTypes, + policyData?.denyPolicyItems, + serviceCompData?.accessTypes, null, - serviceCompData.name + serviceCompData?.name ) : [{}]; data.denyExceptions = policyId && policyData?.denyExceptions?.length > 0 ? setPolicyItemVal( policyData.denyExceptions, - serviceCompData.accessTypes, + serviceCompData?.accessTypes, null, - serviceCompData.name + serviceCompData?.name ) : [{}]; data.dataMaskPolicyItems = policyId && policyData?.dataMaskPolicyItems?.length > 0 ? setPolicyItemVal( policyData.dataMaskPolicyItems, - serviceCompData.dataMaskDef.accessTypes, - serviceCompData.dataMaskDef.maskTypes, - serviceCompData.name + serviceCompData?.dataMaskDef?.accessTypes, + serviceCompData?.dataMaskDef?.maskTypes, + serviceCompData?.name ) : [{}]; data.rowFilterPolicyItems = policyId && policyData?.rowFilterPolicyItems?.length > 0 ? setPolicyItemVal( policyData.rowFilterPolicyItems, - serviceCompData.rowFilterDef.accessTypes, + serviceCompData?.rowFilterDef?.accessTypes, null, - serviceCompData.name + serviceCompData?.name ) : [{}]; if (policyId) { - data.policyName = policyData.name; - data.isEnabled = policyData.isEnabled; - data.policyPriority = policyData.policyPriority == 0 ? false : true; - data.description = policyData.description; - data.isAuditEnabled = policyData.isAuditEnabled; + data.policyName = policyData?.name; + data.isEnabled = policyData?.isEnabled; + data.policyPriority = policyData?.policyPriority == 0 ? false : true; + data.description = policyData?.description; + data.isAuditEnabled = policyData?.isAuditEnabled; data.policyLabel = policyData && policyData?.policyLabels?.map((val) => { @@ -352,32 +367,32 @@ export default function AddUpdatePolicyForm(props) { let serviceCompResourcesDetails; if ( RangerPolicyType.RANGER_MASKING_POLICY_TYPE.value == - policyData.policyType + policyData?.policyType ) { - serviceCompResourcesDetails = serviceCompData.dataMaskDef.resources; + serviceCompResourcesDetails = serviceCompData?.dataMaskDef?.resources; } else if ( RangerPolicyType.RANGER_ROW_FILTER_POLICY_TYPE.value == - policyData.policyType + policyData?.policyType ) { - serviceCompResourcesDetails = serviceCompData.rowFilterDef.resources; + serviceCompResourcesDetails = serviceCompData?.rowFilterDef?.resources; } else { - serviceCompResourcesDetails = serviceCompData.resources; + serviceCompResourcesDetails = serviceCompData?.resources; } - if (policyData.resources) { + if (policyData?.resources) { let lastResourceLevel = []; - Object.entries(policyData.resources).map(([key, value]) => { + Object.entries(policyData?.resources).map(([key, value]) => { let setResources = find(serviceCompResourcesDetails, ["name", key]); - data[`resourceName-${setResources.level}`] = setResources; - data[`value-${setResources.level}`] = value.values.map((m) => { + data[`resourceName-${setResources?.level}`] = setResources; + data[`value-${setResources?.level}`] = value.values.map((m) => { return { label: m, value: m }; }); - if (setResources.excludesSupported) { - data[`isExcludesSupport-${setResources.level}`] = + if (setResources?.excludesSupported) { + data[`isExcludesSupport-${setResources?.level}`] = value.isExcludes == false; } - if (setResources.recursiveSupported) { - data[`isRecursiveSupport-${setResources.level}`] = - value.isRecursive; + if (setResources?.recursiveSupported) { + data[`isRecursiveSupport-${setResources?.level}`] = + value?.isRecursive; } lastResourceLevel.push({ level: setResources.level, @@ -389,16 +404,16 @@ export default function AddUpdatePolicyForm(props) { "parent", lastResourceLevel.name ]); - if (setLastResources) { + if (setLastResources && setLastResources?.isValidLeaf) { data[`resourceName-${setLastResources.level}`] = { label: "None", value: "none" }; } } - if (policyData.validitySchedules) { + if (policyData?.validitySchedules) { data["validitySchedules"] = []; - policyData.validitySchedules.filter((val) => { + policyData?.validitySchedules.filter((val) => { let obj = {}; if (val.endTime) { obj["endTime"] = moment(val.endTime, "YYYY/MM/DD HH:mm:ss"); @@ -1084,7 +1099,7 @@ export default function AddUpdatePolicyForm(props) { getEnumElementByValue( RangerPolicyType, +input.value - ).label + )?.label } </Badge> </h6> diff --git a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx index 606b56832..633290f75 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/PolicyListingTabView.jsx @@ -99,10 +99,10 @@ export const PolicyListingTabView = () => { url: `plugins/services/${params.serviceId}` }); getAllServicesData = await fetchApi({ - url: `plugins/services?serviceType=${getServiceData.data.type}` + url: `plugins/services?serviceType=${getServiceData?.data?.type}` }); getServiceDefData = serviceDefs?.allServiceDefs?.find((serviceDef) => { - return serviceDef.name == getServiceData.data.type; + return serviceDef.name == getServiceData?.data?.type; }); isTagView = @@ -123,8 +123,8 @@ export const PolicyListingTabView = () => { dispatch({ type: "SERVICES_DATA", - allServicesData: getAllServicesData.data.services, - serviceData: getServiceData.data, + allServicesData: getAllServicesData?.data?.services, + serviceData: getServiceData?.data, serviceDefData: getServiceDefData }); @@ -315,8 +315,9 @@ export const PolicyListingTabView = () => { /> {loader ? ( <Loader /> - ) : isRenderMasking(serviceDefData.dataMaskDef) || - isRenderRowFilter(serviceDefData.rowFilterDef) ? ( + ) : (isRenderMasking(serviceDefData.dataMaskDef) || + isRenderRowFilter(serviceDefData.rowFilterDef)) && + params.policyType < 3 ? ( <Tabs id="PolicyListing" activeKey={params.policyType} diff --git a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx index 1324a856c..ea76fa823 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/SecurityZoneForm.jsx @@ -207,7 +207,7 @@ const SecurityZoneForm = (props) => { ); toast.error(error.response.data.msgDesc); } - setZone(zoneResp.data); + setZone(zoneResp?.data); } setLoader(false); @@ -467,7 +467,7 @@ const SecurityZoneForm = (props) => { sortBy(filterServiceDef.resources, "itemId"), ["parent", lastResourceLevel.name] ); - if (setLastResources) { + if (setLastResources && setLastResources?.isValidLeaf) { serviceResource[`resourceName-${setLastResources.level}`] = { label: "None", value: "none" diff --git a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx index fe66cfe01..ea6ba813a 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/SecurityZone/ZoneListing.jsx @@ -80,7 +80,9 @@ class ZoneListing extends Component { zoneList = sortBy(zoneList, ["name"]); if (zoneId !== undefined) { - selectedZone = zoneList.find((obj) => obj.id === +zoneId) || null; + selectedZone = + zoneList.find((obj) => obj.id === +zoneId) || + this.props.navigate("/dataNotFound"); } else { if (zoneList.length > 0) { selectedZone = zoneList[0]; diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx index 8f1271a36..f75ddd4c3 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceAuditFilter.jsx @@ -91,7 +91,7 @@ export default function ServiceAuditFilter(props) { const getResourceData = (resourceData) => { let dataStructure = []; - let levels = uniq(map(serviceDefDetails.resources, "level")); + let levels = uniq(map(serviceDefDetails?.resources, "level")); dataStructure = levels.map((level, index) => { if ( @@ -151,8 +151,8 @@ export default function ServiceAuditFilter(props) { const getAccessTypeOptions = () => { let srcOp = []; - srcOp = serviceDefDetails.accessTypes; - return srcOp.map(({ label, name: value }) => ({ + srcOp = serviceDefDetails?.accessTypes; + return srcOp?.map(({ label, name: value }) => ({ label, value })); @@ -358,7 +358,7 @@ export default function ServiceAuditFilter(props) { ); } if (colName == "Permissions") { - if (serviceDefDetails.name == "tag") { + if (serviceDefDetails?.name == "tag") { return ( <td key={`${name}.accessTypes`} diff --git a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx index 8d03c3ffd..3652e6c16 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/ServiceManager/ServiceForm.jsx @@ -31,6 +31,7 @@ import ServiceAuditFilter from "./ServiceAuditFilter"; import TestConnection from "./TestConnection"; import { commonBreadcrumb, + navigateTo, serverError, updateTagActive } from "../../utils/XAUtils"; @@ -97,6 +98,15 @@ class ServiceForm extends Component { }; componentDidMount() { + let servicedefs; + + servicedefs = this.serviceDefData.allServiceDefs.find((id) => { + return id.id == this.props.params.serviceDefId; + }); + + if (servicedefs == undefined) { + return navigateTo.navigate("/pageNotFound", { replace: true }); + } this.fetchServiceDef(); } @@ -162,31 +172,31 @@ class ServiceForm extends Component { serviceJson["id"] = this.props.params.serviceId; } - serviceJson["name"] = values.name; - serviceJson["displayName"] = values.displayName; - serviceJson["description"] = values.description; - serviceJson["type"] = this.state.serviceDef.name; + serviceJson["name"] = values?.name; + serviceJson["displayName"] = values?.displayName; + serviceJson["description"] = values?.description; + serviceJson["type"] = this.state?.serviceDef?.name; serviceJson["tagService"] = - values.tagService == null ? "" : values.tagService.value; - serviceJson["isEnabled"] = values.isEnabled === "true"; + values?.tagService == null ? "" : values.tagService.value; + serviceJson["isEnabled"] = values?.isEnabled === "true"; serviceJson["configs"] = {}; - for (const config in values.configs) { + for (const config in values?.configs) { for (const jsonConfig in this.configsJson) { if (config === this.configsJson[jsonConfig]) { - serviceJson["configs"][jsonConfig] = values.configs[config]; + serviceJson["configs"][jsonConfig] = values?.configs[config]; } } } - if (values.customConfigs !== undefined) { - values.customConfigs.map((config) => { + if (values?.customConfigs !== undefined) { + values.customConfigs?.map((config) => { config !== undefined && (serviceJson["configs"][config.name] = config.value); }); } - if (values.isAuditFilter) { + if (values?.isAuditFilter) { serviceJson["configs"]["ranger.plugin.audit.filters"] = this.getAuditFiltersToSave(values.auditFilters); } else { @@ -316,7 +326,7 @@ class ServiceForm extends Component { : false; updateTagActive(isTagView); - if (serviceDef.resources !== undefined) { + if (serviceDef?.resources !== undefined) { for (const obj of serviceDef.resources) { if ( this.props.params.serviceId === undefined && @@ -328,7 +338,7 @@ class ServiceForm extends Component { } } - let auditFilters = find(serviceDef.configs, { + let auditFilters = find(serviceDef?.configs, { name: "ranger.plugin.audit.filters" }); @@ -375,24 +385,24 @@ class ServiceForm extends Component { } const serviceJson = {}; - serviceJson["name"] = serviceResp.data.name; - serviceJson["displayName"] = serviceResp.data.displayName; - serviceJson["description"] = serviceResp.data.description; - serviceJson["isEnabled"] = JSON.stringify(serviceResp.data.isEnabled); + serviceJson["name"] = serviceResp?.data?.name; + serviceJson["displayName"] = serviceResp?.data?.displayName; + serviceJson["description"] = serviceResp?.data?.description; + serviceJson["isEnabled"] = JSON.stringify(serviceResp?.data?.isEnabled); serviceJson["tagService"] = - serviceResp.data.tagService !== undefined + serviceResp?.data?.tagService !== undefined ? { - value: serviceResp.data.tagService, - label: serviceResp.data.tagService + value: serviceResp?.data?.tagService, + label: serviceResp?.data?.tagService } : null; serviceJson["configs"] = {}; - let serviceDefConfigs = map(this.state.serviceDef.configs, "name"); + let serviceDefConfigs = map(this.state?.serviceDef?.configs, "name"); let serviceCustomConfigs = without( - difference(keys(serviceResp.data.configs), serviceDefConfigs), + difference(keys(serviceResp?.data?.configs), serviceDefConfigs), "ranger.plugin.audit.filters" ); @@ -402,7 +412,7 @@ class ServiceForm extends Component { }); let editCustomConfigs = serviceCustomConfigs.map((config) => { - return { name: config, value: serviceResp.data.configs[config] }; + return { name: config, value: serviceResp?.data?.configs[config] }; }); serviceJson["customConfigs"] = @@ -429,7 +439,7 @@ class ServiceForm extends Component { } this.setState({ - service: serviceResp.data, + service: serviceResp?.data, editInitialValues: serviceJson, loader: false }); @@ -443,9 +453,9 @@ class ServiceForm extends Component { url: `plugins/services?serviceType=tag`, params: params }); - op = tagServiceResp.data.services; + op = tagServiceResp?.data?.services; - return op.map((obj) => ({ + return op?.map((obj) => ({ label: obj.displayName, value: obj.displayName })); @@ -515,32 +525,32 @@ class ServiceForm extends Component { obj.resources = {}; let lastResourceLevel = []; - Object.entries(item.resources).map(([key, value]) => { - let setResources = find(serviceDef.resources, ["name", key]); - obj.resources[`resourceName-${setResources.level}`] = setResources; - obj.resources[`value-${setResources.level}`] = value.values.map( + Object.entries(item.resources)?.map(([key, value]) => { + let setResources = find(serviceDef?.resources, ["name", key]); + obj.resources[`resourceName-${setResources?.level}`] = setResources; + obj.resources[`value-${setResources?.level}`] = value.values?.map( (m) => { return { label: m, value: m }; } ); - if (setResources.excludesSupported) { + if (setResources?.excludesSupported) { obj.resources[`isExcludesSupport-${setResources.level}`] = value?.isExcludes != false; } - if (setResources.recursiveSupported) { + if (setResources?.recursiveSupported) { obj.resources[`isRecursiveSupport-${setResources.level}`] = value.isRecursive != false; } lastResourceLevel.push({ - level: setResources.level, - name: setResources.name + level: setResources?.level, + name: setResources?.name }); }); lastResourceLevel = maxBy(lastResourceLevel, "level"); - let setLastResources = find(serviceDef.resources, [ + let setLastResources = find(serviceDef?.resources, [ "parent", - lastResourceLevel.name + lastResourceLevel?.name ]); if (setLastResources) { @@ -616,7 +626,7 @@ class ServiceForm extends Component { }; getServiceConfigs = (serviceDef) => { - if (serviceDef.configs !== undefined) { + if (serviceDef?.configs !== undefined) { let formField = []; const filterServiceConfigs = reject(serviceDef.configs, { name: "ranger.plugin.audit.filters" @@ -921,9 +931,9 @@ class ServiceForm extends Component { url: "xusers/lookup/users", params: params }); - op = userResp.data.vXStrings; + op = userResp?.data?.vXStrings; - return op.map((obj) => ({ + return op?.map((obj) => ({ label: obj.value, value: obj.value })); @@ -936,12 +946,12 @@ class ServiceForm extends Component { url: "xusers/lookup/groups", params: params }); - op = userResp.data.vXStrings; + op = userResp?.data?.vXStrings; if (!inputValue) { this.state.groupsDataRef = op; } - return op.map((obj) => ({ + return op?.map((obj) => ({ label: obj.value, value: obj.value })); @@ -966,9 +976,9 @@ class ServiceForm extends Component { }; ServiceDefnBreadcrumb = () => { let serviceDetails = {}; - serviceDetails["serviceDefId"] = this.state.serviceDef.id; + serviceDetails["serviceDefId"] = this.state.serviceDef?.id; serviceDetails["serviceId"] = this.props.params.serviceId; - if (this.state.serviceDef.name === "tag") { + if (this.state.serviceDef?.name === "tag") { return commonBreadcrumb( [ "TagBasedServiceManager", @@ -1194,7 +1204,7 @@ class ServiceForm extends Component { </span> </Col> </Row> - {this.state.serviceDef.name !== "tag" && ( + {this.state?.serviceDef?.name !== "tag" && ( <Row className="form-group"> <Col xs={3}> <label className="form-label pull-right"> diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx index e1fd5c0d8..3414246f0 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/groups_details/GroupForm.jsx @@ -109,8 +109,8 @@ function GroupForm(props) { } dispatch({ type: "SET_GROUP_DATA", - groupInfo: groupRespData.data, - groupType: groupRespData.data.groupType, + groupInfo: groupRespData?.data, + groupType: groupRespData?.data?.groupType, loader: false }); }; diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx index 8052593de..6143a75be 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/role_details/RoleForm.jsx @@ -165,7 +165,7 @@ function RoleForm() { } dispatch({ type: "SET_ROLE_DATA", - roleInfo: roleRespData.data, + roleInfo: roleRespData?.data, loader: false }); }; diff --git a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx index 313c4c4a6..e47fccc6f 100644 --- a/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/UserGroupRoleListing/users_details/EditUserView.jsx @@ -84,7 +84,7 @@ function AddUserView(props) { } dispatch({ type: "SET_USER_DATA", - userInfo: userRespData.data, + userInfo: userRespData?.data, loader: false }); }; diff --git a/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js b/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js index 7fb6e12bf..4ebd68028 100644 --- a/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js +++ b/security-admin/src/main/webapp/scripts/model_bases/RangerServiceDefBase.js @@ -90,7 +90,7 @@ define(function(require){ */ initialize: function() { this.modelName = 'RangerServiceDefBase'; - //this.bind("error", XAUtils.defaultErrorHandler); + // this.bind("error", XAUtils.defaultErrorHandler); this.bindErrorEvents(); } diff --git a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js index 210376f1a..52c384257 100644 --- a/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js +++ b/security-admin/src/main/webapp/scripts/models/RangerServiceDef.js @@ -37,7 +37,10 @@ define(function(require){ */ initialize: function() { this.modelName = 'RangerServiceDef'; - this.bindErrorEvents(); + this.bind("error", function(e, error){ + var XAUtils = require('utils/XAUtils'); + XAUtils.defaultErrorHandler(undefined, error, e); + }); }, /** * @function schema diff --git a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js index 0a332fc23..f4a91939e 100644 --- a/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js +++ b/security-admin/src/main/webapp/scripts/modules/globalize/message/en.js @@ -501,7 +501,8 @@ define(function(require) { You can still open this instance of Ranger from the same web browser without re-authentication. \ To prevent additional access to Ranger, <b>close all browser windows and exit the browser</b>.', pageNotFound : 'Sorry, this page isn\'t here or has moved.', - resourcesLookup : 'Resouce lookup fail for current resource' + resourcesLookup : 'Resouce lookup fail for current resource', + dataNotFound : 'Data not found for given page.' }, diff --git a/security-admin/src/main/webapp/scripts/utils/XAUtils.js b/security-admin/src/main/webapp/scripts/utils/XAUtils.js index 200fdeab5..3c5907099 100644 --- a/security-admin/src/main/webapp/scripts/utils/XAUtils.js +++ b/security-admin/src/main/webapp/scripts/utils/XAUtils.js @@ -628,6 +628,12 @@ define(function(require) { } else { window.location = 'login.jsp?sessionTimeout=true'; } + }else if(error.status == 400 && error.responseJSON && error.responseJSON.messageList && error.responseJSON.messageList[0].name) { + if(error.responseJSON.messageList[0].name == "DATA_NOT_FOUND" || error.responseJSON.messageList[0].name == "INVALID_INPUT_DATA"){ + App.rContent.show(new vError({ + status : error.status + })); + } } }; XAUtils.select2Focus = function(event) { diff --git a/security-admin/src/main/webapp/scripts/views/common/ErrorView.js b/security-admin/src/main/webapp/scripts/views/common/ErrorView.js index 63dceb77e..392a65775 100644 --- a/security-admin/src/main/webapp/scripts/views/common/ErrorView.js +++ b/security-admin/src/main/webapp/scripts/views/common/ErrorView.js @@ -85,6 +85,9 @@ define(function(require){ } else if(this.status == "checkSSOTrue"){ msg = 'Sign Out Is Not Complete!' moreInfo = localization.tt("msg.signOutIsNotComplete"); + } else if(this.status == 400){ + msg = 'Data Not Found (400).' + moreInfo = localization.tt("msg.dataNotFound"); } else { msg = 'Page not found (404).' moreInfo = localization.tt("msg.pageNotFound"); diff --git a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js index 10ac8b65f..b980b0a70 100644 --- a/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js +++ b/security-admin/src/main/webapp/scripts/views/service/ServiceCreate.js @@ -101,6 +101,9 @@ define(function(require){ this.rangerServiceDefModel.fetch({ cache : false, async : false + }).fail(function(e){ + e.stopPropagation() + return }); }, setupModel : function(){