Skip to content

Commit

Permalink
RANGER-4471: generate trxLog for dataset, project, dataShare, sharedR…
Browse files Browse the repository at this point in the history 
…esource
  • Loading branch information
@mneethiraj
mneethiraj committed Oct 11, 2023
1 parent 5103c4d commit 5aecd13
Show file tree
Hide file tree
Showing 17 changed files with 1,552 additions and 27 deletions.
38 changes: 19 additions & 19 deletions security-admin/src/main/java/org/apache/ranger/biz/GdsDBStore.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ public RangerDataset createDataset(RangerDataset dataset) {

RangerDataset ret = datasetService.create(dataset);

datasetService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
datasetService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATASET);

Expand All @@ -220,7 +220,7 @@ public RangerDataset updateDataset(RangerDataset dataset) {

RangerDataset ret = datasetService.update(dataset);

datasetService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
datasetService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATASET);

Expand Down Expand Up @@ -252,7 +252,7 @@ public void deleteDataset(Long datasetId, boolean forceDelete) throws Exception
deleteDatasetPolicies(existing);
datasetService.delete(existing);

datasetService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
datasetService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATASET);
}
Expand Down Expand Up @@ -486,7 +486,7 @@ public RangerProject createProject(RangerProject project) {

RangerProject ret = projectService.create(project);

projectService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
projectService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_PROJECT);

Expand All @@ -511,7 +511,7 @@ public RangerProject updateProject(RangerProject project) {

RangerProject ret = projectService.update(project);

projectService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
projectService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_PROJECT);

Expand All @@ -538,7 +538,7 @@ public void deleteProject(Long projectId) throws Exception {
deleteProjectPolicies(existing);
projectService.delete(existing);

projectService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
projectService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_PROJECT);
}
Expand Down Expand Up @@ -782,7 +782,7 @@ public RangerDataShare createDataShare(RangerDataShare dataShare) {

RangerDataShare ret = dataShareService.create(dataShare);

dataShareService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
dataShareService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATA_SHARE);

Expand All @@ -807,7 +807,7 @@ public RangerDataShare updateDataShare(RangerDataShare dataShare) {

RangerDataShare ret = dataShareService.update(dataShare);

dataShareService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
dataShareService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATA_SHARE);

Expand Down Expand Up @@ -838,7 +838,7 @@ public void deleteDataShare(Long dataShareId, boolean forceDelete) {
if (existing != null) {
dataShareService.delete(existing);

dataShareService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
dataShareService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);

updateGlobalVersion(RANGER_GLOBAL_STATE_NAME_DATA_SHARE);
}
Expand Down Expand Up @@ -890,7 +890,7 @@ public RangerSharedResource addSharedResource(RangerSharedResource resource) {

RangerSharedResource ret = sharedResourceService.create(resource);

sharedResourceService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
sharedResourceService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

LOG.debug("<== addSharedResource({}): ret={}", resource, ret);

Expand All @@ -913,7 +913,7 @@ public RangerSharedResource updateSharedResource(RangerSharedResource resource)

RangerSharedResource ret = sharedResourceService.update(resource);

sharedResourceService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
sharedResourceService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

LOG.debug("<== updateSharedResource({}): ret={}", resource, ret);

Expand All @@ -938,7 +938,7 @@ public void removeSharedResource(Long sharedResourceId) {
if (existing != null) {
sharedResourceService.delete(existing);

sharedResourceService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
sharedResourceService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
}

LOG.debug("<== removeSharedResource({})", sharedResourceId);
Expand Down Expand Up @@ -997,7 +997,7 @@ public PList<RangerSharedResource> searchSharedResources(SearchFilter filter) {
}

if (includeResource) {
sharedResources.add(sharedResource);;
sharedResources.add(sharedResource);
}
}

Expand Down Expand Up @@ -1039,7 +1039,7 @@ public RangerDataShareInDataset addDataShareInDataset(RangerDataShareInDataset d

RangerDataShareInDataset ret = dataShareInDatasetService.create(dataShareInDataset);

dataShareInDatasetService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
dataShareInDatasetService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

LOG.debug("<== addDataShareInDataset({}): ret={}", dataShareInDataset, ret);

Expand All @@ -1058,7 +1058,7 @@ public RangerDataShareInDataset updateDataShareInDataset(RangerDataShareInDatase

RangerDataShareInDataset ret = dataShareInDatasetService.update(dataShareInDataset);

dataShareInDatasetService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
dataShareInDatasetService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

LOG.debug("<== updateDataShareInDataset({}): ret={}", dataShareInDataset, ret);

Expand All @@ -1075,7 +1075,7 @@ public void removeDataShareInDataset(Long dataShareInDatasetId) {

dataShareInDatasetService.delete(existing);

dataShareInDatasetService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
dataShareInDatasetService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);

LOG.debug("<== removeDataShareInDataset({})", dataShareInDatasetId);
}
Expand Down Expand Up @@ -1135,7 +1135,7 @@ public RangerDatasetInProject addDatasetInProject(RangerDatasetInProject dataset

RangerDatasetInProject ret = datasetInProjectService.create(datasetInProject);

datasetInProjectService.createObjectHistory(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);
datasetInProjectService.onObjectChange(ret, null, RangerServiceService.OPERATION_CREATE_CONTEXT);

LOG.debug("<== addDatasetInProject({}): ret={}", datasetInProject, ret);

Expand All @@ -1154,7 +1154,7 @@ public RangerDatasetInProject updateDatasetInProject(RangerDatasetInProject data

RangerDatasetInProject ret = datasetInProjectService.update(datasetInProject);

datasetInProjectService.createObjectHistory(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);
datasetInProjectService.onObjectChange(ret, existing, RangerServiceService.OPERATION_UPDATE_CONTEXT);

LOG.debug("<== updateDatasetInProject({}): ret={}", datasetInProject, ret);

Expand All @@ -1171,7 +1171,7 @@ public void removeDatasetInProject(Long datasetInProjectId) {

datasetInProjectService.delete(existing);

datasetInProjectService.createObjectHistory(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);
datasetInProjectService.onObjectChange(null, existing, RangerServiceService.OPERATION_DELETE_CONTEXT);

LOG.debug("<== removeDatasetInProject({})", datasetInProjectId);
}
Expand Down
148 changes: 146 additions & 2 deletions security-admin/src/main/java/org/apache/ranger/service/RangerGdsBaseModelService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,20 +17,48 @@

package org.apache.ranger.service;

import org.apache.commons.lang3.StringUtils;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.entity.XXDBBase;
import org.apache.ranger.entity.XXTrxLog;
import org.apache.ranger.plugin.model.RangerGds.GdsShareStatus;
import org.apache.ranger.plugin.model.RangerGds.RangerGdsBaseModelObject;
import org.apache.ranger.plugin.util.JsonUtilsV2;
import org.apache.ranger.view.VXMessage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.io.Serializable;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;

public abstract class RangerGdsBaseModelService<T extends XXDBBase, V extends RangerGdsBaseModelObject> extends RangerBaseModelService<T, V> {
private static final Logger LOG = LoggerFactory.getLogger(RangerGdsBaseModelService.class);

@Autowired
RangerDataHistService dataHistService;

public void createObjectHistory(V current, V former, int action) {
@Autowired
RangerBizUtil bizUtil;

protected final Map<String, VTrxLogAttr> trxLogAttrs = new HashMap<>();
private final int classType;

protected RangerGdsBaseModelService(int classType) {
this.classType = classType;

trxLogAttrs.put("description", new VTrxLogAttr("description", "Description", false));
trxLogAttrs.put("options", new VTrxLogAttr("options", "Options", false));
trxLogAttrs.put("additionalInfo", new VTrxLogAttr("additionalInfo", "Additional info", false));
}

public void onObjectChange(V current, V former, int action) {
switch (action) {
case RangerServiceService.OPERATION_CREATE_CONTEXT:
dataHistService.createObjectDataHistory(current, RangerDataHistService.ACTION_CREATE);
Expand All @@ -41,9 +69,17 @@ public void createObjectHistory(V current, V former, int action) {
break;

case RangerServiceService.OPERATION_DELETE_CONTEXT:
dataHistService.createObjectDataHistory(current == null ? former : current, RangerDataHistService.ACTION_DELETE);
if (current == null) {
current = former;
}

dataHistService.createObjectDataHistory(current, RangerDataHistService.ACTION_DELETE);
break;
}

if (current != null && (former != null || action != OPERATION_UPDATE_CONTEXT) && action != 0) {
createTransactionLog(current, former, action);
}
}

public static List<VXMessage> getOrCreateMessageList(List<VXMessage> msgList) {
Expand All @@ -67,4 +103,112 @@ public static GdsShareStatus toShareStatus(short ordinal) {

return ret;
}

private void createTransactionLog(V obj, V oldObj, int action) {
List<XXTrxLog> trxLogs = new ArrayList<>();
String objName = getObjectName(obj);

for (Field field : obj.getClass().getDeclaredFields()) {
if (!trxLogAttrs.containsKey(field.getName())) {
continue;
}

XXTrxLog xTrxLog = processFieldToCreateTrxLog(field, objName, obj, oldObj, action);

if (xTrxLog != null) {
trxLogs.add(xTrxLog);
}
}

for (Field field : obj.getClass().getSuperclass().getDeclaredFields()) {
if (!trxLogAttrs.containsKey(field.getName())) {
continue;
}

XXTrxLog xTrx = processFieldToCreateTrxLog(field, objName, obj, oldObj, action);

if (xTrx != null) {
trxLogs.add(xTrx);
}
}

bizUtil.createTrxLog(trxLogs);
}

private String getObjectName(V obj) {
try {
Field nameField = obj.getClass().getDeclaredField("name");

nameField.setAccessible(true);

return Objects.toString(nameField.get(obj));
} catch (NoSuchFieldException | IllegalAccessException excp) {
// ignore
return null;
}
}

private XXTrxLog processFieldToCreateTrxLog(Field field, String objName, V obj, V oldObj, int action) {
field.setAccessible(true);

String actionString = "";
String attrName = null;
String prevValue = null;
String newValue = null;
String fieldName = field.getName();

try {
VTrxLogAttr vTrxLogAttr = trxLogAttrs.get(fieldName);
String value = toString(field.get(obj));

attrName = vTrxLogAttr.getAttribUserFriendlyName();

if (action == OPERATION_CREATE_CONTEXT) {
actionString = "create";

if (StringUtils.isNotBlank(value)) {
newValue = value;
}
} else if (action == OPERATION_DELETE_CONTEXT) {
actionString = "delete";
prevValue = value;
} else if (action == OPERATION_UPDATE_CONTEXT) {
actionString = "update";
prevValue = toString(field.get(oldObj));
newValue = value;
}
} catch (IllegalArgumentException | IllegalAccessException e) {
LOG.error("Process field to create trx log failure.", e);
}

XXTrxLog ret = null;

if (!StringUtils.equals(prevValue, newValue)) {
ret = new XXTrxLog();

ret.setAction(actionString);
ret.setAttributeName(attrName);
ret.setPreviousValue(prevValue);
ret.setNewValue(newValue);
ret.setObjectClassType(classType);
ret.setObjectId(obj.getId());
ret.setObjectName(objName);
}

return ret;
}

private String toString(Object obj) {
if (obj instanceof String) {
return (String) obj;
} else if (obj instanceof Serializable) {
try {
return JsonUtilsV2.objToJson((Serializable) obj);
} catch (Exception excp) {
// ignore
}
}

return Objects.toString(obj);
}
}
11 changes: 10 additions & 1 deletion ...ity-admin/src/main/java/org/apache/ranger/service/RangerGdsDataShareInDatasetService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,12 @@
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.authorization.utils.JsonUtils;
import org.apache.ranger.common.AppConstants;
import org.apache.ranger.common.GUIDUtil;
import org.apache.ranger.common.MessageEnums;
import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SortField;
import org.apache.ranger.common.view.VTrxLogAttr;
import org.apache.ranger.db.XXPortalUserDao;
import org.apache.ranger.entity.XXGdsDataShare;
import org.apache.ranger.entity.XXGdsDataShareInDataset;
Expand Down Expand Up @@ -57,7 +59,7 @@ public class RangerGdsDataShareInDatasetService extends RangerGdsBaseModelServic
XXPortalUserDao xxPortalUserDao;

public RangerGdsDataShareInDatasetService() {
super();
super(AppConstants.CLASS_TYPE_GDS_DATA_SHARE_IN_DATASET);

searchFields.add(new SearchField(SearchFilter.DATA_SHARE_IN_DATASET_ID, "obj.id", SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField(SearchFilter.GUID , "obj.guid", SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
Expand All @@ -70,6 +72,13 @@ public RangerGdsDataShareInDatasetService() {
sortFields.add(new SortField(SearchFilter.CREATE_TIME, "obj.createTime"));
sortFields.add(new SortField(SearchFilter.UPDATE_TIME, "obj.updateTime"));
sortFields.add(new SortField(SearchFilter.DATA_SHARE_IN_DATASET_ID, "obj.id", true, SortField.SORT_ORDER.ASC));

trxLogAttrs.put("dataShareId", new VTrxLogAttr("dataShareId", "DataShare ID", false));
trxLogAttrs.put("datasetId", new VTrxLogAttr("datasetId", "Dataset ID", false));
trxLogAttrs.put("status", new VTrxLogAttr("status", "Status", true));
trxLogAttrs.put("validitySchedule", new VTrxLogAttr("validitySchedule", "Validity Schedule", false));
trxLogAttrs.put("profiles", new VTrxLogAttr("profiles", "Profiles", false));
trxLogAttrs.put("approver", new VTrxLogAttr("approver", "Approver", false));
}

@Override
Expand Down
Loading

0 comments on commit 5aecd13

Please sign in to comment.