This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 9dad22998 RANGER-4533: added REST API /public/v2/api/service-headers
9dad22998 is described below
commit 9dad2299801465646036c4afd4bd24f948150fff
Author: Madhan Neethiraj <[email protected]>
AuthorDate: Thu Nov 16 21:59:45 2023 -0800
RANGER-4533: added REST API /public/v2/api/service-headers
---
.../plugin/model/RangerServiceHeaderInfo.java | 29 +++++++++
.../apache/ranger/plugin/util/SearchFilter.java | 4 +-
.../org/apache/ranger/biz/SecurityZoneDBStore.java | 74 ++++++++++++++++++----
.../org/apache/ranger/common/RangerSearchUtil.java | 3 +
.../ranger/db/XXSecurityZoneRefServiceDao.java | 15 +++--
.../ranger/db/XXSecurityZoneRefTagServiceDao.java | 15 +++--
.../java/org/apache/ranger/db/XXServiceDao.java | 20 ++++++
.../java/org/apache/ranger/rest/PublicAPIsv2.java | 26 +++++---
.../org/apache/ranger/rest/SecurityZoneREST.java | 12 ++--
.../java/org/apache/ranger/rest/ServiceREST.java | 46 ++++++++------
.../main/resources/META-INF/jpa_named_queries.xml | 15 ++++-
.../org/apache/ranger/rest/TestPublicAPIsv2.java | 35 +++++-----
12 files changed, 218 insertions(+), 76 deletions(-)
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceHeaderInfo.java
b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceHeaderInfo.java
index b9ea28b43..e5b2bf4c2 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceHeaderInfo.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/model/RangerServiceHeaderInfo.java
@@ -21,12 +21,16 @@ import org.codehaus.jackson.annotate.JsonAutoDetect;
import org.codehaus.jackson.annotate.JsonAutoDetect.Visibility;
import org.codehaus.jackson.map.annotate.JsonSerialize;
+import static
org.apache.ranger.plugin.store.EmbeddedServiceDefsUtil.EMBEDDED_SERVICEDEF_TAG_NAME;
+
@JsonAutoDetect(getterVisibility = Visibility.NONE, setterVisibility =
Visibility.NONE, fieldVisibility = Visibility.ANY)
@JsonSerialize(include = JsonSerialize.Inclusion.NON_EMPTY)
public class RangerServiceHeaderInfo extends RangerBaseModelObject implements
java.io.Serializable {
private static final long serialVersionUID = 1L;
private String name;
+ private String displayName;
+ private String type;
private Boolean isTagService;
public RangerServiceHeaderInfo() {
@@ -43,6 +47,15 @@ public class RangerServiceHeaderInfo extends
RangerBaseModelObject implements ja
setIsTagService(isTagService);
}
+ public RangerServiceHeaderInfo(Long id, String name, String displayName,
String type) {
+ super();
+ setId(id);
+ setName(name);
+ setDisplayName(displayName);
+ setType(type);
+ setIsTagService(EMBEDDED_SERVICEDEF_TAG_NAME.equals(type));
+ }
+
public String getName() {
return name;
}
@@ -51,6 +64,22 @@ public class RangerServiceHeaderInfo extends
RangerBaseModelObject implements ja
this.name = name;
}
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public void setDisplayName(String displayName) {
+ this.displayName = displayName;
+ }
+
+ public String getType() {
+ return type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
public Boolean getIsTagService() {
return isTagService;
}
diff --git
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
index 61f879894..451b13afe 100644
---
a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
+++
b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
@@ -65,8 +65,10 @@ public class SearchFilter {
public static final String GROUP_NAME = "groupName"; //
search, sort
public static final String USER_NAME = "userName"; //
search, sort
public static final String ROLE_NAME_PARTIAL = "roleNamePartial";
// search
- public static final String GROUP_NAME_PARTIAL = "groupNamePartial";
// search
+ public static final String GROUP_NAME_PARTIAL = "groupNamePartial";
// search
public static final String USER_NAME_PARTIAL = "userNamePartial";
// search
+ public static final String SERVICE_NAME_PREFIX = "serviceNamePrefix";
// search
+ public static final String ZONE_NAME_PREFIX = "zoneNamePrefix";
// search
public static final String TAG_DEF_ID = "tagDefId";
// search
public static final String TAG_DEF_GUID = "tagDefGuid";
// search
diff --git
a/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java
b/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java
index 2228b89c5..6c6ddc49f 100755
---
a/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java
+++
b/security-admin/src/main/java/org/apache/ranger/biz/SecurityZoneDBStore.java
@@ -18,13 +18,10 @@
package org.apache.ranger.biz;
import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
import javax.annotation.PostConstruct;
+import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
@@ -32,6 +29,7 @@ import org.apache.commons.lang.StringUtils;
import org.apache.ranger.authorization.utils.StringUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.RESTErrorUtil;
+import org.apache.ranger.common.RangerSearchUtil;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXSecurityZone;
import org.apache.ranger.entity.XXService;
@@ -83,6 +81,9 @@ public class SecurityZoneDBStore implements SecurityZoneStore
{
@Autowired
ServiceMgr serviceMgr;
+ @Autowired
+ RangerSearchUtil searchUtil;
+
public void init() throws Exception {}
@PostConstruct
@@ -246,23 +247,70 @@ public class SecurityZoneDBStore implements
SecurityZoneStore {
return ret;
}
- public List<RangerSecurityZoneHeaderInfo> getSecurityZoneHeaderInfoList() {
- return daoMgr.getXXSecurityZoneDao().findAllZoneHeaderInfos();
+ public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoList(HttpServletRequest request) {
+ String namePrefix =
request.getParameter(SearchFilter.ZONE_NAME_PREFIX);
+ boolean filterByNamePrefix = StringUtils.isNotBlank(namePrefix);
+
+ List<RangerSecurityZoneHeaderInfo> ret =
daoMgr.getXXSecurityZoneDao().findAllZoneHeaderInfos();
+
+ if (!ret.isEmpty() && filterByNamePrefix) {
+ for (ListIterator<RangerSecurityZoneHeaderInfo> iter =
ret.listIterator(); iter.hasNext(); ) {
+ RangerSecurityZoneHeaderInfo zoneHeader = iter.next();
+
+ if (!StringUtils.startsWithIgnoreCase(zoneHeader.getName(),
namePrefix)) {
+ iter.remove();
+ }
+ }
+ }
+
+ return ret;
}
- public List<RangerServiceHeaderInfo> getServiceHeaderInfoListByZoneId(Long
zoneId) {
+ public List<RangerServiceHeaderInfo> getServiceHeaderInfoListByZoneId(Long
zoneId, HttpServletRequest request) {
+ String namePrefix =
request.getParameter(SearchFilter.SERVICE_NAME_PREFIX);
+ boolean filterByNamePrefix = StringUtils.isNotBlank(namePrefix);
+
List<RangerServiceHeaderInfo> services =
daoMgr.getXXSecurityZoneRefService().findServiceHeaderInfosByZoneId(zoneId);
List<RangerServiceHeaderInfo> tagServices =
daoMgr.getXXSecurityZoneRefTagService().findServiceHeaderInfosByZoneId(zoneId);
- services.addAll(tagServices);
+ List<RangerServiceHeaderInfo> ret = new
ArrayList<>(services.size() + tagServices.size());
- return services;
+ ret.addAll(services);
+ ret.addAll(tagServices);
+
+ if (!ret.isEmpty() && filterByNamePrefix) {
+ for (ListIterator<RangerServiceHeaderInfo> iter =
ret.listIterator(); iter.hasNext(); ) {
+ RangerServiceHeaderInfo serviceHeader = iter.next();
+
+ if (!StringUtils.startsWithIgnoreCase(serviceHeader.getName(),
namePrefix)) {
+ iter.remove();
+ }
+ }
+ }
+
+ return ret;
}
- public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId(Long serviceId, Boolean isTagService )
{
- if(serviceId == null){
+ public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId(Long serviceId, Boolean isTagService,
HttpServletRequest request) {
+ if (serviceId == null){
throw restErrorUtil.createRESTException("Invalid value for
serviceId", MessageEnums.INVALID_INPUT_DATA);
}
- return
daoMgr.getXXSecurityZoneDao().findAllZoneHeaderInfosByServiceId(serviceId,isTagService);
+
+ String namePrefix =
request.getParameter(SearchFilter.ZONE_NAME_PREFIX);
+ boolean filterByNamePrefix = StringUtils.isNotBlank(namePrefix);
+
+ List<RangerSecurityZoneHeaderInfo> ret =
daoMgr.getXXSecurityZoneDao().findAllZoneHeaderInfosByServiceId(serviceId,
isTagService);
+
+ if (!ret.isEmpty() && filterByNamePrefix) {
+ for (ListIterator<RangerSecurityZoneHeaderInfo> iter =
ret.listIterator(); iter.hasNext(); ) {
+ RangerSecurityZoneHeaderInfo zoneHeader = iter.next();
+
+ if (!StringUtils.startsWithIgnoreCase(zoneHeader.getName(),
namePrefix)) {
+ iter.remove();
+ }
+ }
+ }
+
+ return ret;
}
public PList<SecurityZoneSummary> getZonesSummary(SearchFilter filter)
throws Exception {
diff --git
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
index 62ff8e135..de72ff140 100644
---
a/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
+++
b/security-admin/src/main/java/org/apache/ranger/common/RangerSearchUtil.java
@@ -88,6 +88,9 @@ public class RangerSearchUtil extends SearchUtil {
ret.setParam(SearchFilter.CLUSTER_NAME,
request.getParameter(SearchFilter.CLUSTER_NAME));
ret.setParam(SearchFilter.FETCH_ZONE_UNZONE_POLICIES,
request.getParameter(SearchFilter.FETCH_ZONE_UNZONE_POLICIES));
ret.setParam(SearchFilter.FETCH_TAG_POLICIES,
request.getParameter(SearchFilter.FETCH_TAG_POLICIES));
+ ret.setParam(SearchFilter.SERVICE_NAME_PREFIX,
request.getParameter(SearchFilter.SERVICE_NAME_PREFIX));
+ ret.setParam(SearchFilter.ZONE_NAME_PREFIX,
request.getParameter(SearchFilter.ZONE_NAME_PREFIX));
+
for (Map.Entry<String, String[]> e :
request.getParameterMap().entrySet()) {
String name = e.getKey();
String[] values = e.getValue();
diff --git
a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefServiceDao.java
b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefServiceDao.java
index c6a801191..a7726d780 100644
---
a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefServiceDao.java
+++
b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefServiceDao.java
@@ -88,20 +88,21 @@ public class XXSecurityZoneRefServiceDao extends
BaseDao<XXSecurityZoneRefServic
}
public List<RangerServiceHeaderInfo> findServiceHeaderInfosByZoneId(Long
zoneId) {
- List<RangerServiceHeaderInfo> serviceHeaderInfos = null;
+ List<RangerServiceHeaderInfo> ret;
if (zoneId != null && zoneId >
RangerSecurityZone.RANGER_UNZONED_SECURITY_ZONE_ID) {
- @SuppressWarnings("unchecked")
- List<Object[]> results =
getEntityManager().createNamedQuery("XXSecurityZoneRefService.findServiceHeaderInfosByZoneId").setParameter("zoneId",
zoneId).getResultList();
+ List<Object[]> results =
getEntityManager().createNamedQuery("XXSecurityZoneRefService.findServiceHeaderInfosByZoneId",
Object[].class)
+
.setParameter("zoneId", zoneId).getResultList();
+
+ ret = new ArrayList<>(results.size());
- serviceHeaderInfos = new
ArrayList<RangerServiceHeaderInfo>(results.size());
for (Object[] result : results) {
- serviceHeaderInfos.add(new RangerServiceHeaderInfo((Long)
result[0], (String) result[1], false));
+ ret.add(new RangerServiceHeaderInfo((Long) result[0], (String)
result[1], (String) result[2], (String) result[3]));
}
} else {
- serviceHeaderInfos = Collections.emptyList();
+ ret = Collections.emptyList();
}
- return serviceHeaderInfos;
+ return ret;
}
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefTagServiceDao.java
b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefTagServiceDao.java
index 1eaf0dec3..9e1fb13ef 100644
---
a/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefTagServiceDao.java
+++
b/security-admin/src/main/java/org/apache/ranger/db/XXSecurityZoneRefTagServiceDao.java
@@ -63,20 +63,21 @@ public class XXSecurityZoneRefTagServiceDao extends
BaseDao<XXSecurityZoneRefTag
}
public List<RangerServiceHeaderInfo> findServiceHeaderInfosByZoneId(Long
zoneId) {
- List<RangerServiceHeaderInfo> serviceHeaderInfos = null;
+ List<RangerServiceHeaderInfo> ret;
if (zoneId != null && zoneId >
RangerSecurityZone.RANGER_UNZONED_SECURITY_ZONE_ID) {
- @SuppressWarnings("unchecked")
- List<Object[]> results =
getEntityManager().createNamedQuery("XXSecurityZoneRefTagService.findServiceHeaderInfosByZoneId").setParameter("zoneId",
zoneId).getResultList();
- serviceHeaderInfos = new
ArrayList<RangerServiceHeaderInfo>(results.size());
+ List<Object[]> results =
getEntityManager().createNamedQuery("XXSecurityZoneRefTagService.findServiceHeaderInfosByZoneId",
Object[].class)
+ .setParameter("zoneId",
zoneId).getResultList();
+
+ ret = new ArrayList<>(results.size());
for (Object[] result : results) {
- serviceHeaderInfos.add(new RangerServiceHeaderInfo((Long)
result[0], (String) result[1], true));
+ ret.add(new RangerServiceHeaderInfo((Long) result[0], (String)
result[1], (String) result[2], (String) result[3]));
}
} else {
- serviceHeaderInfos = Collections.emptyList();
+ ret = Collections.emptyList();
}
- return serviceHeaderInfos;
+ return ret;
}
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
b/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
index ba92c7340..eb7fc05ae 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXServiceDao.java
@@ -18,12 +18,14 @@
package org.apache.ranger.db;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import javax.persistence.NoResultException;
import org.apache.ranger.common.db.BaseDao;
import org.apache.ranger.entity.XXService;
+import org.apache.ranger.plugin.model.RangerServiceHeaderInfo;
import org.springframework.stereotype.Service;
/**
@@ -148,4 +150,22 @@ public class XXServiceDao extends BaseDao<XXService> {
return new ArrayList<>();
}
}
+
+ public List<RangerServiceHeaderInfo> findServiceHeaders() {
+ List<RangerServiceHeaderInfo> ret;
+
+ try {
+ List<Object[]> results =
getEntityManager().createNamedQuery("XXService.getAllServiceHeaders",
Object[].class).getResultList();
+
+ ret = new ArrayList<>(results.size());
+
+ for (Object[] result : results) {
+ ret.add(new RangerServiceHeaderInfo((Long)
result[0], (String) result[1], (String) result[2], (String) result[3]));
+ }
+ } catch (NoResultException excp) {
+ ret = Collections.emptyList();
+ }
+
+ return ret;
+ }
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
index eebab8108..3aeda199a 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
@@ -161,14 +161,14 @@ public class PublicAPIsv2 {
@GET
@Path("/api/zone-headers")
@Produces({ "application/json" })
- public List<RangerSecurityZoneHeaderInfo> getSecurityZoneHeaderInfoList() {
+ public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoList(@Context HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("==> PublicAPIsv2.getSecurityZoneHeaderInfoList()");
}
List<RangerSecurityZoneHeaderInfo> ret;
try {
- ret = securityZoneStore.getSecurityZoneHeaderInfoList();
+ ret = securityZoneStore.getSecurityZoneHeaderInfoList(request);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
@@ -192,10 +192,10 @@ public class PublicAPIsv2 {
@GET
@Path("/api/zones/zone-headers/for-service/{serviceId}")
@Produces({ "application/json" })
- public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId( @PathParam("serviceId") Long serviceId
- , @DefaultValue("false") @QueryParam("isTagService")
Boolean isTagService
- ) {
- return
securityZoneRest.getSecurityZoneHeaderInfoListByServiceId(serviceId,isTagService);
+ public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId(@PathParam("serviceId") Long serviceId,
+
@DefaultValue("false") @QueryParam("isTagService") Boolean
isTagService,
+
@Context HttpServletRequest request) {
+ return
securityZoneRest.getSecurityZoneHeaderInfoListByServiceId(serviceId,isTagService,
request);
}
/**
@@ -207,14 +207,14 @@ public class PublicAPIsv2 {
@GET
@Path("/api/zones/{zoneId}/service-headers")
@Produces({ "application/json" })
- public List<RangerServiceHeaderInfo>
getServiceHeaderInfoListByZoneId(@PathParam("zoneId") Long zoneId) {
+ public List<RangerServiceHeaderInfo>
getServiceHeaderInfoListByZoneId(@PathParam("zoneId") Long zoneId, @Context
HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("==>
PublicAPIsv2.getServiceHeaderInfoListByZoneId({})" + zoneId);
}
List<RangerServiceHeaderInfo> ret;
try {
- ret = securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId);
+ ret = securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId,
request);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
@@ -434,6 +434,14 @@ public class PublicAPIsv2 {
return serviceREST.getServices(request).getServices();
}
+ @GET
+ @Path("/api/service-headers")
+ @Produces({ "application/json" })
+ @PreAuthorize("@rangerPreAuthSecurityHandler.isAPISpnegoAccessible()")
+ public List<RangerServiceHeaderInfo> getServiceHeaders(@Context
HttpServletRequest request) {
+ return serviceREST.getServiceHeaders(request);
+ }
+
@POST
@Path("/api/service/")
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPISpnegoAccessible()")
@@ -460,7 +468,6 @@ public class PublicAPIsv2 {
return serviceREST.updateService(service, request);
}
-
@PUT
@Path("/api/service/name/{name}")
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPISpnegoAccessible()")
@@ -516,6 +523,7 @@ public class PublicAPIsv2 {
serviceREST.deleteService(service.getId());
}
+
/*
* Policy Manipulation APIs
*/
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
index 6513ad6b5..8f87d26fa 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/SecurityZoneREST.java
@@ -400,24 +400,28 @@ public class SecurityZoneREST {
@GET
@Path("/zones/zone-headers/for-service/{serviceId}")
@Produces({ "application/json" })
- public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId( @PathParam("serviceId") Long serviceId
- , @DefaultValue("false") @QueryParam ("isTagService") Boolean
isTagService
- ) {
+ public List<RangerSecurityZoneHeaderInfo>
getSecurityZoneHeaderInfoListByServiceId(@PathParam("serviceId") Long serviceId,
+
@DefaultValue("false") @QueryParam ("isTagService") Boolean
isTagService,
+
@Context HttpServletRequest request) {
if (LOG.isDebugEnabled()) {
LOG.debug("==>
SecurityZoneREST.getSecurityZoneHeaderInfoListByServiceId() serviceId:{},
isTagService:{}",serviceId,isTagService);
}
+
List<RangerSecurityZoneHeaderInfo> ret;
+
try {
- ret =
securityZoneStore.getSecurityZoneHeaderInfoListByServiceId(serviceId,
isTagService);
+ ret =
securityZoneStore.getSecurityZoneHeaderInfoListByServiceId(serviceId,
isTagService, request);
} catch (WebApplicationException excp) {
throw excp;
} catch (Throwable excp) {
LOG.error("SecurityZoneREST.getSecurityZoneHeaderInfoListByServiceId() failed",
excp);
throw restErrorUtil.createRESTException(excp.getMessage());
}
+
if (LOG.isDebugEnabled()) {
LOG.debug("<==
SecurityZoneREST.getSecurityZoneHeaderInfoListByServiceId():" + ret);
}
+
return ret;
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 5aee2a2c0..cffd177be 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -22,19 +22,9 @@ package org.apache.ranger.rest;
import java.io.IOException;
import java.io.InputStream;
import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Comparator;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
import java.util.Map.Entry;
-import java.util.Set;
-import java.util.TreeMap;
import java.util.stream.IntStream;
-import java.util.Objects;
import javax.annotation.Nonnull;
import javax.annotation.PostConstruct;
@@ -98,16 +88,10 @@ import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.entity.XXRole;
-import org.apache.ranger.plugin.model.RangerPluginInfo;
-import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.*;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItem;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyItemAccess;
import org.apache.ranger.plugin.model.RangerPolicy.RangerPolicyResource;
-import org.apache.ranger.plugin.model.RangerPolicyDelta;
-import org.apache.ranger.plugin.model.RangerPolicyResourceSignature;
-import org.apache.ranger.plugin.model.RangerService;
-import org.apache.ranger.plugin.model.RangerServiceDef;
-import org.apache.ranger.plugin.model.ServiceDeleteResponse;
import org.apache.ranger.plugin.model.validation.RangerPolicyValidator;
import org.apache.ranger.plugin.model.validation.RangerServiceDefHelper;
import org.apache.ranger.plugin.model.validation.RangerServiceDefValidator;
@@ -1109,6 +1093,32 @@ public class ServiceREST {
return ret;
}
+ public List<RangerServiceHeaderInfo> getServiceHeaders(@Context
HttpServletRequest request) {
+ LOG.debug("==> ServiceREST.getServiceHeaders()");
+
+ String namePrefix =
request.getParameter(SearchFilter.SERVICE_NAME_PREFIX);
+ String svcType =
request.getParameter(SearchFilter.SERVICE_TYPE);
+ boolean filterByNamePrefix = StringUtils.isNotBlank(namePrefix);
+ boolean filterByType = StringUtils.isNotBlank(svcType);
+
+ List<RangerServiceHeaderInfo> ret =
daoManager.getXXService().findServiceHeaders();
+
+ if (!ret.isEmpty() && (filterByNamePrefix || filterByType)) {
+ for (ListIterator<RangerServiceHeaderInfo> iter =
ret.listIterator(); iter.hasNext(); ) {
+ RangerServiceHeaderInfo serviceHeader =
iter.next();
+
+ if (filterByNamePrefix &&
!StringUtils.startsWithIgnoreCase(serviceHeader.getName(), namePrefix)) {
+ iter.remove();
+ } else if (filterByType &&
!StringUtils.equals(serviceHeader.getType(), svcType)) {
+ iter.remove();
+ }
+ }
+ }
+
+ LOG.debug("<== ServiceREST.getServiceHeaders(namePrefix={},
svcType={}): ret={}", namePrefix, svcType, ret);
+
+ return ret;
+ }
@GET
@Path("/services/count")
diff --git a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
index 33172ce85..113bc457f 100755
--- a/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
+++ b/security-admin/src/main/resources/META-INF/jpa_named_queries.xml
@@ -687,6 +687,13 @@
<query>select obj.id from XXService obj</query>
</named-query>
+ <named-query name="XXService.getAllServiceHeaders">
+ <query>
+ SELECT obj.id, obj.name, obj.displayName, svcDef.name
FROM XXService obj
+ LEFT OUTER JOIN XXServiceDef svcDef ON obj.type =
svcDef.id
+ </query>
+ </named-query>
+
<!-- XXServiceVersionInfo -->
<named-query name="XXServiceVersionInfo.findByServiceName">
<query>
@@ -1728,7 +1735,9 @@
<named-query
name="XXSecurityZoneRefService.findServiceHeaderInfosByZoneId">
<query>
- SELECT obj.serviceId, obj.serviceName FROM
XXSecurityZoneRefService obj WHERE obj.zoneId = :zoneId
+ SELECT obj.id, obj.name, obj.displayName, svcDef.name
FROM XXService obj
+ LEFT OUTER JOIN XXServiceDef svcDef ON obj.type =
svcDef.id
+ WHERE obj.id IN (SELECT ref.serviceId FROM
XXSecurityZoneRefService ref WHERE ref.zoneId = :zoneId)
</query>
</named-query>
@@ -1746,7 +1755,9 @@
<named-query
name="XXSecurityZoneRefTagService.findServiceHeaderInfosByZoneId">
<query>
- SELECT obj.tagServiceId, obj.tagServiceName FROM
XXSecurityZoneRefTagService obj WHERE obj.zoneId = :zoneId
+ SELECT obj.id, obj.name, obj.displayName, svcDef.name
FROM XXService obj
+ LEFT OUTER JOIN XXServiceDef svcDef ON obj.type =
svcDef.id
+ WHERE obj.id IN (SELECT ref.tagServiceId FROM
XXSecurityZoneRefTagService ref WHERE ref.zoneId = :zoneId)
</query>
</named-query>
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
index 73a593e9f..0fba41ee7 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
@@ -612,15 +612,18 @@ public class TestPublicAPIsv2 {
@Test
public void testGetAllZoneNames() throws Exception {
+ HttpServletRequest request =
Mockito.mock(HttpServletRequest.class);
List<RangerSecurityZoneHeaderInfo> zoneHeaderInfoList = new
ArrayList<>();
+
zoneHeaderInfoList.add(new RangerSecurityZoneHeaderInfo(2L, "zone-1"));
zoneHeaderInfoList.add(new RangerSecurityZoneHeaderInfo(3L, "zone-2"));
-
Mockito.when(securityZoneStore.getSecurityZoneHeaderInfoList()).thenReturn(zoneHeaderInfoList);
+
Mockito.when(securityZoneStore.getSecurityZoneHeaderInfoList(request)).thenReturn(zoneHeaderInfoList);
+
+ List<RangerSecurityZoneHeaderInfo> returnedZoneHeaderInfoList =
publicAPIsv2.getSecurityZoneHeaderInfoList(request);
- List<RangerSecurityZoneHeaderInfo> returnedZoneHeaderInfoList =
publicAPIsv2.getSecurityZoneHeaderInfoList();
Assert.assertEquals(returnedZoneHeaderInfoList.size(),
zoneHeaderInfoList.size());
- Mockito.verify(securityZoneStore,
Mockito.times(1)).getSecurityZoneHeaderInfoList();
+ Mockito.verify(securityZoneStore,
Mockito.times(1)).getSecurityZoneHeaderInfoList(request);
}
@Test
@@ -639,33 +642,35 @@ public class TestPublicAPIsv2 {
rangerServiceList2.add(new RangerServiceHeaderInfo(5L, "yarn_1",
false));
-
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(null)).thenReturn(Collections.emptyList());
-
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId1)).thenReturn(rangerServiceList1);
-
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId2)).thenReturn(rangerServiceList2);
-
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(nonExistingZondId)).thenReturn(Collections.emptyList());
+ HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
+
+ Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(null,
request)).thenReturn(Collections.emptyList());
+
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId1,
request)).thenReturn(rangerServiceList1);
+
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(zoneId2,
request)).thenReturn(rangerServiceList2);
+
Mockito.when(securityZoneStore.getServiceHeaderInfoListByZoneId(nonExistingZondId,
request)).thenReturn(Collections.emptyList());
// Null
- List<RangerServiceHeaderInfo> returnedServicesNull =
publicAPIsv2.getServiceHeaderInfoListByZoneId(null);
+ List<RangerServiceHeaderInfo> returnedServicesNull =
publicAPIsv2.getServiceHeaderInfoListByZoneId(null, request);
- Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(null);
+ Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(null, request);
Assert.assertEquals(returnedServicesNull.size(), 0);
// Non existing zoneId
- List<RangerServiceHeaderInfo> returnedServicesNonExisting =
publicAPIsv2.getServiceHeaderInfoListByZoneId(nonExistingZondId);
+ List<RangerServiceHeaderInfo> returnedServicesNonExisting =
publicAPIsv2.getServiceHeaderInfoListByZoneId(nonExistingZondId, request);
- Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(null);
+ Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(null, request);
Assert.assertEquals(returnedServicesNonExisting.size(), 0);
// zoneId1
- List<RangerServiceHeaderInfo> returnedServicesZone1 =
publicAPIsv2.getServiceHeaderInfoListByZoneId(zoneId1);
+ List<RangerServiceHeaderInfo> returnedServicesZone1 =
publicAPIsv2.getServiceHeaderInfoListByZoneId(zoneId1, request);
- Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(zoneId1);
+ Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(zoneId1, request);
Assert.assertEquals(returnedServicesZone1.size(),
rangerServiceList1.size());
// zoneId2
- List<RangerServiceHeaderInfo> returnedServicesZone2 =
publicAPIsv2.getServiceHeaderInfoListByZoneId(zoneId2);
+ List<RangerServiceHeaderInfo> returnedServicesZone2 =
publicAPIsv2.getServiceHeaderInfoListByZoneId(zoneId2, request);
- Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(zoneId2);
+ Mockito.verify(securityZoneStore,
Mockito.times(1)).getServiceHeaderInfoListByZoneId(zoneId2, request);
Assert.assertEquals(returnedServicesZone2.size(),
rangerServiceList2.size());
}
