/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.ranger.service;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.ranger.authorization.hadoop.constants.RangerHadoopConstants;
import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.SearchField;
import org.apache.ranger.common.SearchField.DATA_TYPE;
import org.apache.ranger.common.SearchField.SEARCH_TYPE;
import org.apache.ranger.common.SortField;
import org.apache.ranger.common.SortField.SORT_ORDER;
import org.apache.ranger.db.RangerDaoManager;
import org.apache.ranger.entity.XXAccessAudit;
import org.apache.ranger.entity.XXService;
import org.apache.ranger.entity.XXServiceDef;
import org.apache.ranger.view.VXAccessAudit;
import org.apache.ranger.view.VXAccessAuditList;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
@Service
@Scope("singleton")
public class XAccessAuditService extends XAccessAuditServiceBase<XXAccessAudit, VXAccessAudit>{
public static final String NAME = "XAccessAudit";
@Autowired
RangerDaoManager appDaoMgr;
protected final String distinctCountQueryStr;
protected final String distinctQueryStr;
public XAccessAuditService() {
countQueryStr = "SELECT COUNT(obj) FROM XXAccessAudit obj ";
queryStr = "SELECT obj FROM XXAccessAudit obj ";
distinctCountQueryStr = "SELECT COUNT(distinct obj.id) FROM XXAccessAudit obj ";
distinctQueryStr = "SELECT distinct obj FROM XXAccessAudit obj ";
searchFields.add(new SearchField("accessType", "obj.accessType",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("aclEnforcer", "obj.aclEnforcer",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("agentId", "obj.agentId",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("repoName", "obj.repoName",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("sessionId", "obj.sessionId",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("requestUser", "obj.requestUser",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("requestData", "obj.requestData",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("resourcePath", "obj.resourcePath",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("clientIP", "obj.clientIP",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("auditType", "obj.auditType",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField("accessResult", "obj.accessResult",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField("assetId", "obj.assetId",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField("policyId", "obj.policyId",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField("repoType", "obj.repoType",
SearchField.DATA_TYPE.INTEGER, SearchField.SEARCH_TYPE.FULL));
searchFields.add(new SearchField("startDate", "obj.eventTime",
DATA_TYPE.DATE, SEARCH_TYPE.GREATER_EQUAL_THAN));
searchFields.add(new SearchField("endDate", "obj.eventTime",
DATA_TYPE.DATE, SEARCH_TYPE.LESS_EQUAL_THAN));
searchFields.add(new SearchField("tags", "obj.tags", DATA_TYPE.STRING, SEARCH_TYPE.PARTIAL));
searchFields.add(new SearchField("cluster", "obj.cluster",
SearchField.DATA_TYPE.STRING, SearchField.SEARCH_TYPE.FULL));
sortFields.add(new SortField("eventTime", "obj.eventTime", true, SORT_ORDER.DESC));
}
protected XXAccessAudit mapViewToEntityBean(VXAccessAudit vObj, XXAccessAudit mObj, int OPERATION_CONTEXT) {
mObj.setId(vObj.getId());
mObj.setAuditType( vObj.getAuditType());
mObj.setAccessResult( vObj.getAccessResult());
mObj.setAccessType( vObj.getAccessType());
mObj.setAclEnforcer( vObj.getAclEnforcer());
mObj.setAgentId( vObj.getAgentId());
mObj.setPolicyId( vObj.getPolicyId());
mObj.setRepoName( vObj.getRepoName());
mObj.setRepoType( vObj.getRepoType());
mObj.setResultReason( vObj.getResultReason());
mObj.setSessionId( vObj.getSessionId());
mObj.setEventTime( vObj.getEventTime());
mObj.setRequestUser( vObj.getRequestUser());
mObj.setRequestData( vObj.getRequestData());
mObj.setResourcePath( vObj.getResourcePath());
mObj.setResourceType(vObj.getResourceType());
mObj.setClientIP(vObj.getClientIP());
mObj.setClientType(vObj.getClientType());
mObj.setSequenceNumber( vObj.getSequenceNumber());
mObj.setEventCount( vObj.getEventCount());
mObj.setEventDuration( vObj.getEventDuration());
mObj.setTags(vObj.getTags());
return mObj;
}
protected VXAccessAudit mapEntityToViewBean(VXAccessAudit vObj, XXAccessAudit mObj) {
vObj.setAuditType( mObj.getAuditType());
vObj.setAccessResult( mObj.getAccessResult());
vObj.setAccessType( mObj.getAccessType());
vObj.setAclEnforcer( mObj.getAclEnforcer());
vObj.setAgentId( mObj.getAgentId());
vObj.setPolicyId( mObj.getPolicyId());
vObj.setRepoName( mObj.getRepoName());
vObj.setRepoType( mObj.getRepoType());
vObj.setResultReason( mObj.getResultReason());
vObj.setSessionId( mObj.getSessionId());
vObj.setEventTime( mObj.getEventTime());
vObj.setRequestUser( mObj.getRequestUser());
vObj.setRequestData( mObj.getRequestData());
vObj.setResourcePath( mObj.getResourcePath());
vObj.setResourceType( mObj.getResourceType());
vObj.setClientIP( mObj.getClientIP());
vObj.setClientType( mObj.getClientType());
vObj.setSequenceNumber( mObj.getSequenceNumber());
vObj.setEventCount( mObj.getEventCount());
vObj.setEventDuration( mObj.getEventDuration());
vObj.setTags(mObj.getTags());
XXService xService = daoManager.getXXService().findByName(mObj.getRepoName());
if (xService != null) {
XXServiceDef xServiceDef = daoManager.getXXServiceDef().getById(xService.getType());
vObj.setServiceType(xServiceDef.getName());
}
return vObj;
}
/**
* @param searchCriteria
* @return
*/
public VXAccessAuditList searchXAccessAudits(SearchCriteria searchCriteria) {
VXAccessAuditList returnList = new VXAccessAuditList();
List<VXAccessAudit> xAccessAuditList = new ArrayList<VXAccessAudit>();
List<XXAccessAudit> resultList = (List<XXAccessAudit>) searchResources(searchCriteria,
searchFields, sortFields, returnList);
// Iterate over the result list and create the return list
for (XXAccessAudit gjXAccessAudit : resultList) {
VXAccessAudit vXAccessAudit = populateViewBean(gjXAccessAudit);
if(vXAccessAudit != null) {
if(StringUtils.equalsIgnoreCase(vXAccessAudit.getAclEnforcer(), RangerHadoopConstants.DEFAULT_XASECURE_MODULE_ACL_NAME)) {
vXAccessAudit.setAclEnforcer(RangerHadoopConstants.DEFAULT_RANGER_MODULE_ACL_NAME);
}
xAccessAuditList.add(vXAccessAudit);
}
}
returnList.setVXAccessAudits(xAccessAuditList);
return returnList;
}
public VXAccessAudit populateViewBean(XXAccessAudit gjXAccessAudit) {
VXAccessAudit vXAccessAudit = new VXAccessAudit();
return mapEntityToViewBean(vXAccessAudit, gjXAccessAudit);
}
/*
protected List<XXAccessAudit> searchResources(SearchCriteria searchCriteria,
List<SearchField> searchFieldList, List<SortField> sortFieldList,
VList vList) {
// Get total count of the rows which meet the search criteria
long count = -1;
if (searchCriteria.isGetCount()) {
count = getCountForSearchQuery(searchCriteria, searchFieldList);
if (count == 0) {
return Collections.emptyList();
}
}
// construct the sort clause
String sortClause = searchUtil.constructSortClause(searchCriteria,
sortFieldList);
String q=queryStr;
if(searchCriteria.isDistinct()){
q=distinctQueryStr;
}
// construct the query object for retrieving the data
Query query = createQuery(q, sortClause, searchCriteria,
searchFieldList, false);
List<XXAccessAudit> resultList = appDaoMgr.getXXAccessAudit().executeQueryInSecurityContext(
XXAccessAudit.class, query);
if (vList != null) {
// Set the meta values for the query result
vList.setPageSize(query.getMaxResults());
vList.setSortBy(searchCriteria.getSortBy());
vList.setSortType(searchCriteria.getSortType());
vList.setStartIndex(query.getFirstResult());
vList.setTotalCount(count);
vList.setResultSize(resultList.size());
}
return resultList;
}
public VXLong getSearchCount(SearchCriteria searchCriteria,
List<SearchField> searchFieldList) {
long count = getCountForSearchQuery(searchCriteria, searchFieldList);
VXLong vXLong = new VXLong();
vXLong.setValue(count);
return vXLong;
}
protected long getCountForSearchQuery(SearchCriteria searchCriteria,
List<SearchField> searchFieldList) {
String q = countQueryStr;
// Get total count of the rows which meet the search criteria
if( searchCriteria.isDistinct()) {
q = distinctCountQueryStr;
}
// Get total count of the rows which meet the search criteria
Query query = createQuery(q, null, searchCriteria,
searchFieldList, true);
// Make the database call to get the total count
Long count = appDaoMgr.getXXAccessAudit().executeCountQueryInSecurityContext(XXAccessAudit.class,
query);
if (count == null) {
// If no data that meets the criteria, return 0
return 0;
}
return count.longValue();
}
// protected Query createQuery(String searchString, String sortString,
// SearchCriteria searchCriteria, List<SearchField> searchFieldList,
// boolean isCountQuery) {
// Query query = searchUtil.createSearchQuery(appDaoMgr.getXXAccessAudit().getEntityManager(), searchString, sortString,
// searchCriteria, searchFieldList, isCountQuery);
// return query;
// }
*/
@Override
protected void validateForCreate(VXAccessAudit viewBaseBean) {
// TODO Auto-generated method stub
}
@Override
protected void validateForUpdate(VXAccessAudit viewBaseBean, XXAccessAudit t) {
// TODO Auto-generated method stub
}
}