This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch RANGER-3923
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/RANGER-3923 by this push:
new 37606e29e RANGER:4397: updated dataShare retrieval API to support
excludeDatasetId flag
37606e29e is described below
commit 37606e29ede711d4c801c60d937928fbdf98bcc5
Author: prashant <[email protected]>
AuthorDate: Thu Nov 9 12:57:15 2023 -0800
RANGER:4397: updated dataShare retrieval API to support excludeDatasetId
flag
Signed-off-by: Madhan Neethiraj <[email protected]>
---
.../apache/ranger/plugin/util/SearchFilter.java | 1 +
.../java/org/apache/ranger/biz/GdsDBStore.java | 24 ++++++++++++++++++++--
.../org/apache/ranger/common/RangerSearchUtil.java | 1 +
.../ranger/db/XXGdsDataShareInDatasetDao.java | 18 ++++++++++++++++
.../main/resources/META-INF/jpa_named_queries.xml | 4 ++++
5 files changed, 46 insertions(+), 2 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
index e64a7395b..60df0c52b 100755
---
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
@@ -108,6 +108,7 @@ public class SearchFilter {
public static final String DATA_SHARE_NAME = "dataShareName";
// search, sort
public static final String DATA_SHARE_NAME_PARTIAL =
"dataShareNamePartial"; // search, sort
public static final String DATA_SHARE_ID = "dataShareId";
// search, sort
+ public static final String EXCLUDE_DATASET_ID =
"excludeDatasetId"; // search
public static final String SHARED_RESOURCE_NAME =
"sharedResourceName"; // search, sort
public static final String SHARED_RESOURCE_NAME_PARTIAL =
"sharedResourceNamePartial"; // search, sort
public static final String RESOURCE_CONTAINS =
"resourceContains"; // search
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
index f58943617..6390f0547 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
@@ -66,6 +66,8 @@ public class GdsDBStore extends AbstractGdsStore {
public static final String NOT_AUTHORIZED_FOR_PROJECT_POLICIES = "User
is not authorized to manage policies for this dataset";
public static final String NOT_AUTHORIZED_TO_VIEW_PROJECT_POLICIES = "User
is not authorized to view policies for this dataset";
+ private static final Set<Integer> SHARE_STATUS_AGR = new
HashSet<>(Arrays.asList(GdsShareStatus.ACTIVE.ordinal(),
GdsShareStatus.GRANTED.ordinal(), GdsShareStatus.REQUESTED.ordinal()));
+
@Autowired
RangerGdsValidator validator;
@@ -818,7 +820,7 @@ public class GdsDBStore extends AbstractGdsStore {
if (gdsPermission.equals(GdsPermission.LIST)) {
scrubDataShareForListing(dataShare);
}
- }
+ }
LOG.debug("<== searchDataShares({}): ret={}", filter, ret);
@@ -1383,6 +1385,7 @@ public class GdsDBStore extends AbstractGdsStore {
int startIndex = filter.getStartIndex();
filter.setParam(SearchFilter.RETRIEVE_ALL_PAGES, "true");
+
GdsPermission gdsPermission = getGdsPermissionFromFilter(filter);
RangerDatasetList result =
datasetService.searchDatasets(filter);
List<RangerDataset> datasets = new ArrayList<>();
@@ -1402,6 +1405,21 @@ public class GdsDBStore extends AbstractGdsStore {
int startIndex = filter.getStartIndex();
filter.setParam(SearchFilter.RETRIEVE_ALL_PAGES, "true");
+
+ String datasetId =
filter.getParam(SearchFilter.DATASET_ID);
+ boolean excludeDatasetId =
Boolean.parseBoolean(filter.getParam(SearchFilter.EXCLUDE_DATASET_ID));
+ List<Long> dataSharesToExclude = null;
+
+ if (excludeDatasetId) {
+ filter.removeParam(SearchFilter.DATASET_ID);
+
+ dataSharesToExclude =
daoMgr.getXXGdsDataShareInDataset().findDataShareIdsInStatuses(Long.parseLong(datasetId),
SHARE_STATUS_AGR);
+ }
+
+ if (dataSharesToExclude == null) {
+ dataSharesToExclude = Collections.emptyList();
+ }
+
GdsPermission gdsPermission =
getGdsPermissionFromFilter(filter);
RangerDataShareList result =
dataShareService.searchDataShares(filter);
List<RangerDataShare> dataShares = new ArrayList<>();
@@ -1409,7 +1427,9 @@ public class GdsDBStore extends AbstractGdsStore {
for (RangerDataShare dataShare : result.getList()) {
if (dataShare != null &&
validator.hasPermission(dataShare.getAcl(), gdsPermission)) {
- dataShares.add(dataShare);
+ if (!dataSharesToExclude.contains(dataShare.getId())) {
+ dataShares.add(dataShare);
+ }
}
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index f769d2ed0..ab5f69b5a 100755
---
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -110,6 +110,7 @@ public class RangerSearchUtil extends SearchUtil {
ret.setParam(SearchFilter.DATA_SHARE_NAME,
request.getParameter(SearchFilter.DATA_SHARE_NAME));
ret.setParam(SearchFilter.DATA_SHARE_NAME_PARTIAL,
request.getParameter(SearchFilter.DATA_SHARE_NAME_PARTIAL));
ret.setParam(SearchFilter.DATA_SHARE_ID,
request.getParameter(SearchFilter.DATA_SHARE_ID));
+ ret.setParam(SearchFilter.EXCLUDE_DATASET_ID,
request.getParameter(SearchFilter.EXCLUDE_DATASET_ID));
ret.setParam(SearchFilter.SHARED_RESOURCE_ID,
request.getParameter(SearchFilter.SHARED_RESOURCE_ID));
ret.setParam(SearchFilter.SHARED_RESOURCE_NAME,
request.getParameter(SearchFilter.SHARED_RESOURCE_NAME));
ret.setParam(SearchFilter.SHARED_RESOURCE_NAME_PARTIAL,
request.getParameter(SearchFilter.SHARED_RESOURCE_NAME_PARTIAL));
diff --git
a/security-admin/src/main/java/org/apache/ranger/db/XXGdsDataShareInDatasetDao.java
b/security-admin/src/main/java/org/apache/ranger/db/XXGdsDataShareInDatasetDao.java
index 7637b275d..130a260cc 100755
---
a/security-admin/src/main/java/org/apache/ranger/db/XXGdsDataShareInDatasetDao.java
+++
b/security-admin/src/main/java/org/apache/ranger/db/XXGdsDataShareInDatasetDao.java
@@ -32,6 +32,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
+import java.util.Set;
@Service
public class XXGdsDataShareInDatasetDao extends
BaseDao<XXGdsDataShareInDataset> {
@@ -125,4 +126,21 @@ public class XXGdsDataShareInDatasetDao extends
BaseDao<XXGdsDataShareInDataset>
return ret;
}
+
+ public List<Long> findDataShareIdsInStatuses(Long datasetId,
Set<Integer> statuses) {
+ List<Long> ret = null;
+
+ if (datasetId != null) {
+ try {
+ ret =
getEntityManager().createNamedQuery("XXGdsDataShareInDataset.findDataShareIdsInStatuses",
Long.class)
+
.setParameter("datasetId", datasetId)
+
.setParameter("statuses", statuses)
+ .getResultList();
+ } catch (NoResultException e) {
+ LOG.debug("XXGdsDataShareInDataset({}, {}): ",
datasetId, statuses, e);
+ }
+ }
+
+ return ret != null ? ret : Collections.emptyList();
+ }
}
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 32b573054..69095b837 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -2265,6 +2265,10 @@
<query>select obj from XXGdsDataShareInDataset obj where
obj.datasetId = :datasetId</query>
</named-query>
+ <named-query name="XXGdsDataShareInDataset.findDataShareIdsInStatuses">
+ <query>SELECT obj.dataShareId FROM XXGdsDataShareInDataset obj
WHERE obj.datasetId = :datasetId AND obj.status IN :statuses</query>
+ </named-query>
+
<named-query name="XXGdsDatasetInProject.findByGuid">
<query>select obj from XXGdsDatasetInProject obj where obj.guid
= :guid</query>
</named-query>
