This is an automated email from the ASF dual-hosted git repository. madhan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 73083dd0e81d2c996c50c070431d18f184d56fc2 Author: Anand Nadar <[email protected]> AuthorDate: Wed Apr 3 15:48:39 2024 -0700 RANGER-4764: update name of dataset/project policies when a dataset/project is renamed Signed-off-by: Madhan Neethiraj <[email protected]> --- .../java/org/apache/ranger/biz/GdsDBStore.java | 45 ++++++++++++++++++++-- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java index a1a2f9920..4b13cf9d3 100755 --- a/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java @@ -67,6 +67,7 @@ public class GdsDBStore extends AbstractGdsStore { public static final String NOT_AUTHORIZED_TO_VIEW_DATASET_POLICIES = "User is not authorized to view policies for this dataset"; public static final String NOT_AUTHORIZED_FOR_PROJECT_POLICIES = "User is not authorized to manage policies for this dataset"; public static final String NOT_AUTHORIZED_TO_VIEW_PROJECT_POLICIES = "User is not authorized to view policies for this dataset"; + public static final String GDS_POLICY_NAME_TIMESTAMP_SEP = "@"; private static final Set<Integer> SHARE_STATUS_AGR = new HashSet<>(Arrays.asList(GdsShareStatus.ACTIVE.ordinal(), GdsShareStatus.GRANTED.ordinal(), GdsShareStatus.REQUESTED.ordinal())); @@ -159,7 +160,7 @@ public class GdsDBStore extends AbstractGdsStore { } @Override - public RangerDataset updateDataset(RangerDataset dataset) { + public RangerDataset updateDataset(RangerDataset dataset) throws Exception { LOG.debug("==> updateDataset({})", dataset); RangerDataset existing = null; @@ -180,6 +181,16 @@ public class GdsDBStore extends AbstractGdsStore { datasetService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); + if (existing != null && !StringUtils.equals(dataset.getName(), existing.getName())) { + List<RangerPolicy> policyList = getDatasetPolicies(dataset.getId()); + + for (RangerPolicy policy : policyList) { + updateDatasetNameInPolicy(dataset, policy); + + svcStore.updatePolicy(policy); + } + } + updateGdsVersionForDataset(ret.getId()); LOG.debug("<== updateDataset({}): ret={}", dataset, ret); @@ -456,7 +467,7 @@ public class GdsDBStore extends AbstractGdsStore { } @Override - public RangerProject updateProject(RangerProject project) { + public RangerProject updateProject(RangerProject project) throws Exception { LOG.debug("==> updateProject({})", project); RangerProject existing = null; @@ -477,6 +488,16 @@ public class GdsDBStore extends AbstractGdsStore { projectService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT); + if (existing != null && !StringUtils.equals(project.getName(), existing.getName())) { + List<RangerPolicy> policyList = getProjectPolicies(project.getId()); + + for (RangerPolicy policy : policyList) { + updateProjectNameInPolicy(project, policy); + + svcStore.updatePolicy(policy); + } + } + updateGdsVersionForProject(ret.getId()); LOG.debug("<== updateProject({}): ret={}", project, ret); @@ -1795,7 +1816,7 @@ public class GdsDBStore extends AbstractGdsStore { } private void prepareDatasetPolicy(RangerDataset dataset, RangerPolicy policy) { - policy.setName("DATASET: " + dataset.getName() + "@" + System.currentTimeMillis()); + policy.setName("DATASET: " + dataset.getName() + GDS_POLICY_NAME_TIMESTAMP_SEP + System.currentTimeMillis()); policy.setDescription("Policy for dataset: " + dataset.getName()); policy.setServiceType(EMBEDDED_SERVICEDEF_GDS_NAME); policy.setService(ServiceDBStore.GDS_SERVICE_NAME); @@ -1812,7 +1833,7 @@ public class GdsDBStore extends AbstractGdsStore { } private void prepareProjectPolicy(RangerProject project, RangerPolicy policy) { - policy.setName("PROJECT: " + project.getName() + "@" + System.currentTimeMillis()); + policy.setName("PROJECT: " + project.getName() + GDS_POLICY_NAME_TIMESTAMP_SEP + System.currentTimeMillis()); policy.setDescription("Policy for project: " + project.getName()); policy.setServiceType(EMBEDDED_SERVICEDEF_GDS_NAME); policy.setService(ServiceDBStore.GDS_SERVICE_NAME); @@ -1828,6 +1849,22 @@ public class GdsDBStore extends AbstractGdsStore { policy.setIsDenyAllElse(Boolean.FALSE); } + private void updateDatasetNameInPolicy(RangerDataset dataset, RangerPolicy policy) { + int sepPos = StringUtils.indexOf(policy.getName(), GDS_POLICY_NAME_TIMESTAMP_SEP); + String suffix = sepPos != -1 ? policy.getName().substring(sepPos) : (GDS_POLICY_NAME_TIMESTAMP_SEP + System.currentTimeMillis()); + + policy.setName("DATASET: " + dataset.getName() + suffix); + policy.setDescription("Policy for dataset: " + dataset.getName()); + } + + private void updateProjectNameInPolicy(RangerProject project, RangerPolicy policy) { + int sepPos = StringUtils.indexOf(policy.getName(), GDS_POLICY_NAME_TIMESTAMP_SEP); + String suffix = sepPos != -1 ? policy.getName().substring(sepPos) : (GDS_POLICY_NAME_TIMESTAMP_SEP + System.currentTimeMillis()); + + policy.setName("PROJECT: " + project.getName() + suffix); + policy.setDescription("Policy for project: " + project.getName()); + } + private void deleteDatasetPolicies(RangerDataset dataset) throws Exception { if (!validator.hasPermission(dataset.getAcl(), GdsPermission.POLICY_ADMIN)) { throw restErrorUtil.create403RESTException(NOT_AUTHORIZED_FOR_DATASET_POLICIES);
