date:20230908

[ranger] branch master updated: RANGER-4391: updated Ranger plugin to support using user-groups from Ranger admin

2023-09-08 Thread madhan

This is an automated email from the ASF dual-hosted git repository.

madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new 84cb3c465 RANGER-4391: updated Ranger plugin to support using 
user-groups from Ranger admin
84cb3c465 is described below

commit 84cb3c465c5c6dc71e369a9ccdc1594059b626ae
Author: Madhan Neethiraj 
AuthorDate: Thu Aug 31 18:11:59 2023 -0700

RANGER-4391: updated Ranger plugin to support using user-groups from Ranger 
admin
---
 .../hadoop/config/RangerPluginConfig.java  | 29 +++
 .../ranger/plugin/service/RangerAuthContext.java   | 27 +-
 .../ranger/plugin/service/RangerBasePlugin.java| 13 ++-
 .../service/RangerDefaultRequestProcessor.java | 97 --
 .../ranger/plugin/util/RangerUserStoreUtil.java| 82 +-
 .../apache/ranger/plugin/util/ServiceDefUtil.java  |  2 +
 6 files changed, 231 insertions(+), 19 deletions(-)

diff --git 
a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
 
b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
index ad1ce0986..df6307eb2 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerPluginConfig.java
@@ -48,6 +48,10 @@ public class RangerPluginConfig extends RangerConfiguration {
 private final boolean   useForwardedIPAddress;
 private final String[]  trustedProxyAddresses;
 private final StringpropertyPrefix;
+private final boolean   useRangerGroups;
+private final boolean   useOnlyRangerGroups;
+private final boolean   convertEmailToUsername;
+private final boolean   enableImplicitUserStoreEnricher;
 private   boolean   isFallbackSupported;
 private   Set   auditExcludedUsers  = 
Collections.emptySet();
 private   Set   auditExcludedGroups = 
Collections.emptySet();
@@ -116,6 +120,11 @@ public class RangerPluginConfig extends 
RangerConfiguration {
 
 this.policyEngineOptions = policyEngineOptions;
 
+useRangerGroups = this.getBoolean(propertyPrefix + 
".use.rangerGroups", false);
+useOnlyRangerGroups = this.getBoolean(propertyPrefix + 
".use.only.rangerGroups", false);
+convertEmailToUsername  = this.getBoolean(propertyPrefix + 
".convert.emailToUser", false);
+enableImplicitUserStoreEnricher = useRangerGroups || 
convertEmailToUsername || this.getBoolean(propertyPrefix + 
".enable.implicit.userstore.enricher", false);
+
 LOG.info("" + policyEngineOptions);
 }
 
@@ -135,6 +144,10 @@ public class RangerPluginConfig extends 
RangerConfiguration {
 
 this.policyEngineOptions = sourcePluginConfig.getPolicyEngineOptions();
 
+this.useRangerGroups = 
sourcePluginConfig.useRangerGroups;
+this.useOnlyRangerGroups = 
sourcePluginConfig.useOnlyRangerGroups;
+this.convertEmailToUsername  = 
sourcePluginConfig.convertEmailToUsername;
+this.enableImplicitUserStoreEnricher = 
sourcePluginConfig.enableImplicitUserStoreEnricher;
 }
 
 public String getServiceType() {
@@ -169,6 +182,22 @@ public class RangerPluginConfig extends 
RangerConfiguration {
 return propertyPrefix;
 }
 
+public boolean isUseRangerGroups() {
+return useRangerGroups;
+}
+
+public boolean isUseOnlyRangerGroups() {
+return useOnlyRangerGroups;
+}
+
+public boolean isConvertEmailToUsername() {
+return convertEmailToUsername;
+}
+
+public boolean isEnableImplicitUserStoreEnricher() {
+return enableImplicitUserStoreEnricher;
+}
+
 public boolean getIsFallbackSupported() {
 return isFallbackSupported;
 }
diff --git 
a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
 
b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
index 78bd4232e..56e4d782d 100644
--- 
a/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
+++ 
b/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
@@ -26,6 +26,8 @@ import 
org.apache.ranger.plugin.contextenricher.RangerContextEnricher;
 import org.apache.ranger.plugin.policyengine.RangerPolicyEngine;
 import org.apache.ranger.plugin.util.RangerRoles;
 import org.apache.ranger.plugin.util.RangerRolesUtil;
+import org.apache.ranger.plugin.util.RangerUserStore;
+import org.apache.ranger.plugin.util.RangerUserStoreUtil;
 
 import java.util.HashSet;
 import java.util.M

[ranger] branch master updated: RANGER-4382: Improve exportCSV download time

2023-09-08 Thread pradeep

This is an automated email from the ASF dual-hosted git repository.

pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
 new 80e67e076 RANGER-4382:  Improve exportCSV download time
80e67e076 is described below

commit 80e67e07638ccbe13841c0f8daeff4afbd7f7621
Author: Pradeep Agrawal 
AuthorDate: Fri Sep 8 14:47:35 2023 +0530

RANGER-4382:  Improve exportCSV download time

Change-Id: Iafd2754259a5c158b0faed54a410f659cd9c1f8d
---
 .../java/org/apache/ranger/biz/ServiceDBStore.java | 1028 ++--
 .../java/org/apache/ranger/rest/ServiceREST.java   |   49 +-
 2 files changed, 519 insertions(+), 558 deletions(-)

diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java 
b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 036dbfec6..84b096e9b 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -4080,8 +4080,7 @@ public class ServiceDBStore extends AbstractServiceStore {
return false;
}
 
-private void writeExcel(List policies, String 
excelFileName,
-HttpServletResponse response) throws IOException {
+   private void writeExcel(List policies, String 
excelFileName, HttpServletResponse response) throws IOException {
Workbook workbook = null;
OutputStream outStream = null;
try {
@@ -4090,86 +4089,71 @@ public class ServiceDBStore extends 
AbstractServiceStore {
createHeaderRow(sheet);
int rowCount = 0;
if (!CollectionUtils.isEmpty(policies)) {
+   Map svcNameToSvcType = new 
HashMap<>();
for (RangerPolicy policy : policies) {
 
-List policyItems = 
policy
-.getPolicyItems();
-List 
rowFilterPolicyItems = policy
-
.getRowFilterPolicyItems();
-List 
dataMaskPolicyItems = policy
-
.getDataMaskPolicyItems();
-List allowExceptions 
= policy
-.getAllowExceptions();
-List denyExceptions 
= policy
-.getDenyExceptions();
-List denyPolicyItems 
= policy
-.getDenyPolicyItems();
-XXService xxservice = 
daoMgr.getXXService().findByName(
-policy.getService());
-String serviceType = "";
-if (xxservice != null) {
-Long ServiceId = 
xxservice.getType();
-XXServiceDef xxservDef = 
daoMgr.getXXServiceDef()
-
.getById(ServiceId);
-if (xxservDef != null) {
-serviceType = 
xxservDef.getName();
-}
-}
+   List policyItems = 
policy.getPolicyItems();
+   List 
rowFilterPolicyItems = policy.getRowFilterPolicyItems();
+   List 
dataMaskPolicyItems = policy.getDataMaskPolicyItems();
+   List allowExceptions 
= policy.getAllowExceptions();
+   List denyExceptions = 
policy.getDenyExceptions();
+   List denyPolicyItems 
= policy.getDenyPolicyItems();
+
+   String serviceType = 
policy.getServiceType();
+   if (StringUtils.isBlank(serviceType)) {
+   serviceType = 
svcNameToSvcType.get(policy.getService());
+   if 
(StringUtils.isBlank(serviceType)) {
+   serviceType = 
daoMgr.getXXServiceDef().findServiceDefTypeByServiceName(policy.getService());
+   if 
(StringUtils.isNotBlank(serviceType)) {
+

[ranger] branch master updated: RANGER-4391: updated Ranger plugin to support using user-groups from Ranger admin

[ranger] branch master updated: RANGER-4382: Improve exportCSV download time

2 matches

Site Navigation

Mail list logo

Footer information