PatchPersmissionModel_J10003.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.ranger.patch;

import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXPortalUser;
import org.apache.ranger.service.XPortalUserService;
import org.apache.ranger.biz.XUserMgr;
import org.apache.ranger.common.RangerConstants;
import org.apache.ranger.util.CLIUtil;
import org.apache.ranger.view.VXPortalUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

@Component
public class PatchPersmissionModel_J10003 extends BaseLoader {
	private static final Logger logger = Logger
			.getLogger(PatchPersmissionModel_J10003.class);

	@Autowired
	XUserMgr xUserMgr;

	@Autowired
	XPortalUserService xPortalUserService;

	@Autowired
	RangerDaoManager daoManager;

	private static boolean grantAllUsers=false;
	private static String usersListFileName=null;
	private final static Charset ENCODING = StandardCharsets.UTF_8;
	public static void main(String[] args) {
		logger.info("main()");
		try {
			if(args!=null && args.length>0){
				if(StringUtils.equalsIgnoreCase("ALL", args[0])){
					grantAllUsers=true;
				}else if(!StringUtils.isEmpty(args[0])){
					usersListFileName=args[0];
				}
			}
			PatchPersmissionModel_J10003 loader = (PatchPersmissionModel_J10003) CLIUtil
					.getBean(PatchPersmissionModel_J10003.class);

			loader.init();
			while (loader.isMoreToProcess()) {
				loader.load();
			}
			logger.info("Load complete. Exiting!!!");
			System.exit(0);
		} catch (Exception e) {
			logger.error("Error loading", e);
			System.exit(1);
		}
	}

	@Override
	public void init() throws Exception {
		// Do Nothing
	}

	@Override
	public void execLoad() {
		logger.info("==> PermissionPatch.execLoad()");
		assignPermissionToExistingUsers();
		logger.info("<== PermissionPatch.execLoad()");
	}

	public void assignPermissionToExistingUsers() {
		int countUserPermissionUpdated = 0;
		Long userCount=daoManager.getXXPortalUser().getAllCount();
		List<XXPortalUser> xXPortalUsers=null;
		Long patchModeMaxLimit=Long.valueOf(500L);
		try{
			if (userCount!=null && userCount>0){
				List<String> loginIdList=readUserNamesFromFile(usersListFileName);
				if(!CollectionUtils.isEmpty(loginIdList)){
					xXPortalUsers=new ArrayList<XXPortalUser>();
					XXPortalUser xXPortalUser=null;
					for(String loginId:loginIdList){
						try{
							xXPortalUser=daoManager.getXXPortalUser().findByLoginId(loginId);
							if(xXPortalUser!=null){
								xXPortalUsers.add(xXPortalUser);
							}else{
								logger.info("User "+loginId+" doesn't exist!");
							}
						}catch(Exception ex){
						}
					}
					countUserPermissionUpdated=assignPermissions(xXPortalUsers);
					logger.info("Permissions assigned to "+countUserPermissionUpdated + " of "+loginIdList.size());
				}else if(userCount.compareTo(Long.valueOf(patchModeMaxLimit))<0 || grantAllUsers){
					xXPortalUsers=daoManager.getXXPortalUser().findAllXPortalUser();
					if(!CollectionUtils.isEmpty(xXPortalUsers)){
						countUserPermissionUpdated=assignPermissions(xXPortalUsers);
						logger.info("Permissions assigned to "+countUserPermissionUpdated + " of "+xXPortalUsers.size());
					}
				}else{
					//if total no. of users are more than 500 then process ADMIN and KEY_ADMIN users only to avoid timeout
					xXPortalUsers=daoManager.getXXPortalUser().findByRole(RangerConstants.ROLE_SYS_ADMIN);
					if(!CollectionUtils.isEmpty(xXPortalUsers)){
						countUserPermissionUpdated=assignPermissions(xXPortalUsers);
						logger.info("Permissions assigned to users having role:"+RangerConstants.ROLE_SYS_ADMIN+". Processed:"+countUserPermissionUpdated + " of total "+xXPortalUsers.size());
					}
					xXPortalUsers=daoManager.getXXPortalUser().findByRole(RangerConstants.ROLE_KEY_ADMIN);
					if(!CollectionUtils.isEmpty(xXPortalUsers)){
						countUserPermissionUpdated=assignPermissions(xXPortalUsers);
						logger.info("Permissions assigned to users having role:"+RangerConstants.ROLE_KEY_ADMIN+". Processed:"+countUserPermissionUpdated + " of total "+xXPortalUsers.size());
					}
					logger.info("Please execute this patch separately with argument 'ALL' to assign permission to remaining users ");
	                System.out.println("Please execute this patch separately with argument 'ALL' to assign module permissions to remaining users!!");
				}
			}
		}catch(Exception ex){
		}
	}

	@Override
	public void printStats() {
	}

	private int assignPermissions(List<XXPortalUser> xXPortalUsers){
		int countUserPermissionUpdated = 0;
		if(!CollectionUtils.isEmpty(xXPortalUsers)){
			for (XXPortalUser xPortalUser : xXPortalUsers) {
				try{
					if(xPortalUser!=null){
						VXPortalUser vPortalUser = xPortalUserService.populateViewBean(xPortalUser);
						if(vPortalUser!=null){
							vPortalUser.setUserRoleList(daoManager.getXXPortalUserRole().findXPortalUserRolebyXPortalUserId(vPortalUser.getId()));
							xUserMgr.assignPermissionToUser(vPortalUser, false);
							countUserPermissionUpdated += 1;
							logger.info("Permissions assigned/updated on base of User's Role, UserId [" + xPortalUser.getId() + "]");
						}
					}
				}catch(Exception ex){
				}
			}
		}
		return countUserPermissionUpdated;
	}

	private List<String> readUserNamesFromFile(String aFileName) throws IOException {
		List<String> userNames=new ArrayList<String>();
		if(!StringUtils.isEmpty(aFileName)){
			Path path = Paths.get(aFileName);
			if (Files.exists(path) && Files.isRegularFile(path)) {
				List<String> fileContents=Files.readAllLines(path, ENCODING);
				if(fileContents!=null && !fileContents.isEmpty()){
					for(String line:fileContents){
						if(!StringUtils.isEmpty(line) && !userNames.contains(line)){
							try{
								userNames.add(line.trim());
							}catch(Exception ex){
							}
						}
					}
				}
			}
		}
	   return userNames;
	}
}