This is an automated email from the ASF dual-hosted git repository.
kishor pushed a commit to branch ranger-2.7
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.7 by this push:
new ecbf09b39 RANGER-4721: Ranger Admin server is not sending
DataMasklabel for masking policy audit logs
ecbf09b39 is described below
commit ecbf09b397e33bc76b16dfc5f95302f5a023479c
Author: Rakesh Gupta <[email protected]>
AuthorDate: Fri Jan 31 12:57:07 2025 +0530
RANGER-4721: Ranger Admin server is not sending DataMasklabel for masking
policy audit logs
Signed-off-by: Kishor Gollapalliwar <[email protected]>
---
.../ranger/service/RangerAuditedModelService.java | 33 ++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git
a/security-admin/src/main/java/org/apache/ranger/service/RangerAuditedModelService.java
b/security-admin/src/main/java/org/apache/ranger/service/RangerAuditedModelService.java
index dfecf720f..a949f3a3b 100755
---
a/security-admin/src/main/java/org/apache/ranger/service/RangerAuditedModelService.java
+++
b/security-admin/src/main/java/org/apache/ranger/service/RangerAuditedModelService.java
@@ -17,12 +17,16 @@
package org.apache.ranger.service;
+import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.entity.XXDBBase;
+import org.apache.ranger.entity.XXDataMaskTypeDef;
import org.apache.ranger.entity.XXTrxLogV2;
import org.apache.ranger.plugin.model.RangerBaseModelObject;
+import org.apache.ranger.plugin.model.RangerPolicy;
+import org.apache.ranger.plugin.model.RangerPolicy.RangerDataMaskPolicyItem;
import org.apache.ranger.plugin.util.JsonUtilsV2;
import org.apache.ranger.util.RangerEnumUtil;
import org.apache.ranger.view.VXTrxLogV2.ObjectChangeInfo;
@@ -190,6 +194,10 @@ private void processFieldToCreateTrxLog(VTrxLogAttr
trxLogAttr, V obj, V oldObj,
String value = getTrxLogAttrValue(obj, trxLogAttr);
+ if ("dataMaskPolicyItems".equals(trxLogAttr.getAttribName())) {
+ value = addLabelToDataMaskTxnPolicy(obj, value);
+ }
+
if ((action == OPERATION_CREATE_CONTEXT || action ==
OPERATION_DELETE_CONTEXT) && StringUtils.isBlank(value)) {
return;
}
@@ -224,6 +232,31 @@ private void processFieldToCreateTrxLog(VTrxLogAttr
trxLogAttr, V obj, V oldObj,
objChangeInfo.addAttribute(trxLogAttr.getAttribUserFriendlyName(), prevValue,
newValue);
}
+ public String addLabelToDataMaskTxnPolicy(V obj, String value) {
+ if (obj instanceof RangerPolicy && ((RangerPolicy)
obj).getDataMaskPolicyItems() != null) {
+ for (RangerDataMaskPolicyItem policyItem :
((RangerPolicy) obj).getDataMaskPolicyItems()) {
+ if (policyItem.getDataMaskInfo() != null &&
policyItem.getDataMaskInfo().getDataMaskType() != null) {
+ String dataMaskType =
policyItem.getDataMaskInfo().getDataMaskType();
+ List<XXDataMaskTypeDef> dataMaskDefs =
daoMgr.getXXDataMaskTypeDef().getAll();
+ if
(CollectionUtils.isNotEmpty(dataMaskDefs)) {
+ for (XXDataMaskTypeDef
dataMaskTypeDef : dataMaskDefs) {
+ if
(dataMaskTypeDef.getName().equalsIgnoreCase(dataMaskType)) {
+ String label =
dataMaskTypeDef.getLabel();
+ StringBuilder
sbValue = new StringBuilder(value);
+ label =
",\"DataMasklabel\":\"" + label + "\"";
+ int
sbValueIndex = sbValue.lastIndexOf("}]");
+
sbValue.insert(sbValueIndex, label);
+ value =
sbValue.toString();
+ break;
+ }
+ }
+ }
+ }
+ }
+ }
+ return value;
+ }
+
private String toActionString(int action) {
switch (action) {
case OPERATION_CREATE_CONTEXT:
