This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 9e92583d3 RANGER-4648: updated GDS validation for name length
9e92583d3 is described below
commit 9e92583d331a7c1358e0e57588cc27fbc16c55c9
Author: princeap173 <princeap...@gmail.com>
AuthorDate: Sun Jan 14 13:53:37 2024 +0530
RANGER-4648: updated GDS validation for name length
Signed-off-by: Madhan Neethiraj <mad...@apache.org>
---
.../ranger/plugin/errors/ValidationErrorCode.java | 5 +++-
.../ranger/validation/RangerGdsValidator.java | 26 ++++++++++++++++++
.../views/GovernedData/Dataset/AddDatasetView.jsx | 5 ++++
.../GovernedData/Dataset/DatasetDetailLayout.jsx | 31 +++++++++++++++-------
.../GovernedData/Datashare/AddDatashareView.jsx | 4 +++
.../Datashare/DatashareDetailLayout.jsx | 6 +++++
6 files changed, 66 insertions(+), 11 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
index 38b302ee9..dccd8f4f5 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
@@ -66,7 +66,7 @@ public enum ValidationErrorCode {
SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_INVALID_DEFAULT_INDEX(2019, "default
index[{0}] for enum [{1}] is invalid"),
SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_ENUM_ELEMENT(2020, "An enum
element in enum element collection of enum [{0}] is null"),
SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_RESOURCE_LEVELS(2021,
"Resource-def levels are not in increasing order in an hierarchy"),
- SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid
resource name. Resource name should consist of only lowercase, hyphen or
underscore characters"),
+ SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid
resource name. Resource name should consist of only lowercase, hyphen or
underscore characters"),
SERVICE_DEF_VALIDATION_ERR_INVALID_MANADORY_VALUE_FOR_SERVICE_RESOURCE(2023,
"{0} cannot be mandatory because {1}(parent) is not mandatory"),
// POLICY VALIDATION
@@ -164,6 +164,9 @@ public enum ValidationErrorCode {
GDS_VALIDATION_ERR_UPDATE_IMMUTABLE_FIELD(4126, "[{0}] can't be updated"),
GDS_VALIDATION_ERR_DATASET_IN_PROJECT_ID_NOT_FOUND(4127,
"Dataset-in-project with ID [{0}] does not exist"),
GDS_VALIDATION_ERR_SHARED_RESOURCE_CONFLICT(4128, "Shared resource with
resources [{0}] already exists for data share [{1}]"),
+ GDS_DATASET_NAME_TOO_LONG(4129, "Invalid dataset name=[{0}]. Dataset name
should not be longer than 512 characters"),
+ GDS_DATASHARE_NAME_TOO_LONG(4130, "Invalid datashare name=[{0}]. Datashare
name should not be longer than 512 characters"),
+ GDS_PROJECT_NAME_TOO_LONG(4131, "Invalid project name=[{0}]. Project name
should not be longer than 512 characters"),
;
diff --git
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
index 27e7cc143..6efe9f420 100755
---
a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
+++
b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
@@ -53,6 +53,8 @@ public class RangerGdsValidator {
private final RangerGdsValidationDataProvider dataProvider;
+ public static final Integer GDS_ENTITIES_NAME_MAX_LENGTH = 512;
+
@Autowired
RESTErrorUtil restErrorUtil;
@@ -70,6 +72,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT,
"name", dataset.getName(), existing));
}
+ if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name",
dataset.getName()));
+ }
+
validateAcl(dataset.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -98,6 +104,10 @@ public class RangerGdsValidator {
if (existingDatasetNameId != null) {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT,
"name", dataset.getName(), existingDatasetNameId));
}
+
+ if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH)
{
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name",
dataset.getName()));
+ }
}
}
@@ -136,6 +146,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT,
"name", project.getName(), existing));
}
+ if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name",
project.getName()));
+ }
+
validateAcl(project.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -164,6 +178,10 @@ public class RangerGdsValidator {
if (existingProjectNameId != null) {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT,
"name", project.getName(), existingProjectNameId));
}
+
+ if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH)
{
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name",
project.getName()));
+ }
}
}
@@ -202,6 +220,10 @@ public class RangerGdsValidator {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT,
"name", dataShare.getName(), existing));
}
+ if (dataShare.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG,
"name", dataShare.getName()));
+ }
+
validateServiceZoneAdmin(dataShare.getService(), dataShare.getZone(),
result);
validateAcl(dataShare.getAcl(), "acl", result);
@@ -236,6 +258,10 @@ public class RangerGdsValidator {
if (existingDataShareNameId != null) {
result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT,
"name", dataShare.getName(), existingDataShareNameId));
}
+
+ if (dataShare.getName().length() >
GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new
ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG,
"name", dataShare.getName()));
+ }
}
}
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
index 6f15af0b4..7851e7c26 100755
---
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
@@ -149,6 +149,11 @@ const AddDatasetView = () => {
toast.error("Dataset name cannot be empty!!");
return;
}
+ else if (datasetName.length>512)
+ {
+ toast.error("Dataset name must not exceed 512 characters!!");
+ return;
+ }
setSaveButtonText("Continue");
setStep(step + 1);
}
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
index cba038c8b..a8857e0eb 100755
---
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
@@ -1500,16 +1500,27 @@ const DatasetDetailLayout = () => {
</Button>
<Button
variant="primary"
- onClick={
- activeKey == "accessGrants" &&
- accessGrantFormValues != undefined &&
- datasetNameEditable
- ? updateDatasetAndAccessGrant
- : activeKey != "accessGrants" ||
- (activeKey == "accessGrants" && datasetNameEditable)
- ? updateDatasetDetails
- : updateDatasetAccessGrant
- }
+ onClick={() => {
+ if(datasetName.length > 512) {
+ toast.error('Dataset name must be 512 characters or less');
+ }
+ else {
+ if (
+ activeKey === 'accessGrants' &&
+ accessGrantFormValues !== undefined &&
+ datasetNameEditable
+ ) {
+ updateDatasetAndAccessGrant();
+ } else if (
+ activeKey !== 'accessGrants' ||
+ (activeKey === 'accessGrants' && datasetNameEditable)
+ ) {
+ updateDatasetDetails();
+ } else {
+ updateDatasetAccessGrant();
+ }
+ }
+ }}
size="sm"
data-id="save"
data-cy="save"
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
index 4306864cb..4a835c5b3 100755
---
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
@@ -177,6 +177,10 @@ const AddDatashareView = () => {
if (datashareName == undefined) {
toast.error("Please add Datashare Name");
return;
+ } else if (datashareName.length>512)
+ {
+ toast.error("DataShare Name must not exceed 512 characters");
+ return;
} else if (selectedService == undefined) {
toast.error("Please add Service Name");
return;
diff --git
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
index dfa3d4027..b6c83c9cd 100755
---
a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
+++
b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
@@ -553,6 +553,12 @@ const DatashareDetailLayout = () => {
datashareInfo.conditionExpr = datashareConditionExpr;
datashareInfo.defaultAccessTypes = [];
+ if(datashareName.length>512)
+ {
+ toast.error("Datashare name must be 512 characters or less!");
+ return;
+ }
+
accessType?.forEach((access) =>
datashareInfo.defaultAccessTypes.push(access.value)
);
