This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push: new 9e92583d3 RANGER-4648: updated GDS validation for name length 9e92583d3 is described below commit 9e92583d331a7c1358e0e57588cc27fbc16c55c9 Author: princeap173 <princeap...@gmail.com> AuthorDate: Sun Jan 14 13:53:37 2024 +0530 RANGER-4648: updated GDS validation for name length Signed-off-by: Madhan Neethiraj <mad...@apache.org> --- .../ranger/plugin/errors/ValidationErrorCode.java | 5 +++- .../ranger/validation/RangerGdsValidator.java | 26 ++++++++++++++++++ .../views/GovernedData/Dataset/AddDatasetView.jsx | 5 ++++ .../GovernedData/Dataset/DatasetDetailLayout.jsx | 31 +++++++++++++++------- .../GovernedData/Datashare/AddDatashareView.jsx | 4 +++ .../Datashare/DatashareDetailLayout.jsx | 6 +++++ 6 files changed, 66 insertions(+), 11 deletions(-) diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java index 38b302ee9..dccd8f4f5 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java @@ -66,7 +66,7 @@ public enum ValidationErrorCode { SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_INVALID_DEFAULT_INDEX(2019, "default index[{0}] for enum [{1}] is invalid"), SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_ENUM_ELEMENT(2020, "An enum element in enum element collection of enum [{0}] is null"), SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_RESOURCE_LEVELS(2021, "Resource-def levels are not in increasing order in an hierarchy"), - SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid resource name. Resource name should consist of only lowercase, hyphen or underscore characters"), + SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid resource name. Resource name should consist of only lowercase, hyphen or underscore characters"), SERVICE_DEF_VALIDATION_ERR_INVALID_MANADORY_VALUE_FOR_SERVICE_RESOURCE(2023, "{0} cannot be mandatory because {1}(parent) is not mandatory"), // POLICY VALIDATION @@ -164,6 +164,9 @@ public enum ValidationErrorCode { GDS_VALIDATION_ERR_UPDATE_IMMUTABLE_FIELD(4126, "[{0}] can't be updated"), GDS_VALIDATION_ERR_DATASET_IN_PROJECT_ID_NOT_FOUND(4127, "Dataset-in-project with ID [{0}] does not exist"), GDS_VALIDATION_ERR_SHARED_RESOURCE_CONFLICT(4128, "Shared resource with resources [{0}] already exists for data share [{1}]"), + GDS_DATASET_NAME_TOO_LONG(4129, "Invalid dataset name=[{0}]. Dataset name should not be longer than 512 characters"), + GDS_DATASHARE_NAME_TOO_LONG(4130, "Invalid datashare name=[{0}]. Datashare name should not be longer than 512 characters"), + GDS_PROJECT_NAME_TOO_LONG(4131, "Invalid project name=[{0}]. Project name should not be longer than 512 characters"), ; diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java index 27e7cc143..6efe9f420 100755 --- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java +++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java @@ -53,6 +53,8 @@ public class RangerGdsValidator { private final RangerGdsValidationDataProvider dataProvider; + public static final Integer GDS_ENTITIES_NAME_MAX_LENGTH = 512; + @Autowired RESTErrorUtil restErrorUtil; @@ -70,6 +72,10 @@ public class RangerGdsValidator { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT, "name", dataset.getName(), existing)); } + if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name", dataset.getName())); + } + validateAcl(dataset.getAcl(), "acl", result); if (!result.isSuccess()) { @@ -98,6 +104,10 @@ public class RangerGdsValidator { if (existingDatasetNameId != null) { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT, "name", dataset.getName(), existingDatasetNameId)); } + + if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name", dataset.getName())); + } } } @@ -136,6 +146,10 @@ public class RangerGdsValidator { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT, "name", project.getName(), existing)); } + if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name", project.getName())); + } + validateAcl(project.getAcl(), "acl", result); if (!result.isSuccess()) { @@ -164,6 +178,10 @@ public class RangerGdsValidator { if (existingProjectNameId != null) { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT, "name", project.getName(), existingProjectNameId)); } + + if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name", project.getName())); + } } } @@ -202,6 +220,10 @@ public class RangerGdsValidator { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT, "name", dataShare.getName(), existing)); } + if (dataShare.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG, "name", dataShare.getName())); + } + validateServiceZoneAdmin(dataShare.getService(), dataShare.getZone(), result); validateAcl(dataShare.getAcl(), "acl", result); @@ -236,6 +258,10 @@ public class RangerGdsValidator { if (existingDataShareNameId != null) { result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT, "name", dataShare.getName(), existingDataShareNameId)); } + + if (dataShare.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) { + result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG, "name", dataShare.getName())); + } } } diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx index 6f15af0b4..7851e7c26 100755 --- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx @@ -149,6 +149,11 @@ const AddDatasetView = () => { toast.error("Dataset name cannot be empty!!"); return; } + else if (datasetName.length>512) + { + toast.error("Dataset name must not exceed 512 characters!!"); + return; + } setSaveButtonText("Continue"); setStep(step + 1); } diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx index cba038c8b..a8857e0eb 100755 --- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx @@ -1500,16 +1500,27 @@ const DatasetDetailLayout = () => { </Button> <Button variant="primary" - onClick={ - activeKey == "accessGrants" && - accessGrantFormValues != undefined && - datasetNameEditable - ? updateDatasetAndAccessGrant - : activeKey != "accessGrants" || - (activeKey == "accessGrants" && datasetNameEditable) - ? updateDatasetDetails - : updateDatasetAccessGrant - } + onClick={() => { + if(datasetName.length > 512) { + toast.error('Dataset name must be 512 characters or less'); + } + else { + if ( + activeKey === 'accessGrants' && + accessGrantFormValues !== undefined && + datasetNameEditable + ) { + updateDatasetAndAccessGrant(); + } else if ( + activeKey !== 'accessGrants' || + (activeKey === 'accessGrants' && datasetNameEditable) + ) { + updateDatasetDetails(); + } else { + updateDatasetAccessGrant(); + } + } + }} size="sm" data-id="save" data-cy="save" diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx index 4306864cb..4a835c5b3 100755 --- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx @@ -177,6 +177,10 @@ const AddDatashareView = () => { if (datashareName == undefined) { toast.error("Please add Datashare Name"); return; + } else if (datashareName.length>512) + { + toast.error("DataShare Name must not exceed 512 characters"); + return; } else if (selectedService == undefined) { toast.error("Please add Service Name"); return; diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx index dfa3d4027..b6c83c9cd 100755 --- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx +++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx @@ -553,6 +553,12 @@ const DatashareDetailLayout = () => { datashareInfo.conditionExpr = datashareConditionExpr; datashareInfo.defaultAccessTypes = []; + if(datashareName.length>512) + { + toast.error("Datashare name must be 512 characters or less!"); + return; + } + accessType?.forEach((access) => datashareInfo.defaultAccessTypes.push(access.value) );