in security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java [2164:2374]
public void importPoliciesFromFile(@Context HttpServletRequest request, @FormDataParam("servicesMapJson") InputStream serviceMapStream, @FormDataParam("zoneMapJson") InputStream zoneMapStream, @FormDataParam("file") InputStream uploadedInputStream, @FormDataParam("file") FormDataContentDisposition fileDetail, @QueryParam("isOverride") Boolean isOverride, @QueryParam("importType") String importType) {
LOG.debug("==> ServiceREST.importPoliciesFromFile()");
RangerContextHolder.getOrCreateOpContext().setBulkModeContext(true);
RangerPerfTracer perf = null;
String metaDataInfo = null;
request.setAttribute(PARAM_IMPORT_IN_PROGRESS, true);
try {
if (RangerPerfTracer.isPerfTraceEnabled(PERF_LOG)) {
perf = RangerPerfTracer.getPerfTracer(PERF_LOG, "ServiceREST.importPoliciesFromFile()");
}
policyService.createTransactionLog(new XXTrxLogV2(AppConstants.CLASS_TYPE_RANGER_POLICY, null, null, "IMPORT START"), "Import", "IMPORT START", null);
if (isOverride == null) {
isOverride = false;
}
List<String> serviceNameList = new ArrayList<>();
getServiceNameList(request, serviceNameList);
Map<String, String> servicesMappingMap = new LinkedHashMap<>();
List<String> sourceServices = new ArrayList<>();
List<String> destinationServices = new ArrayList<>();
Map<String, String> zoneMappingMap = new LinkedHashMap<>();
List<String> sourceZones = new ArrayList<>();
List<String> destinationZones = new ArrayList<>();
if (zoneMapStream != null) {
zoneMappingMap = svcStore.getMapFromInputStream(zoneMapStream);
processZoneMapping(zoneMappingMap, sourceZones, destinationZones);
}
if (serviceMapStream != null) {
servicesMappingMap = svcStore.getMapFromInputStream(serviceMapStream);
processServiceMapping(servicesMappingMap, sourceServices, destinationServices);
}
String fileName = fileDetail.getFileName();
int totalPolicyCreate = 0;
String zoneNameInJson = null;
Map<String, RangerPolicy> policiesMap = new LinkedHashMap<>();
List<String> dataFileSourceServices = new ArrayList<>();
if (fileName.endsWith("json")) {
try {
RangerExportPolicyList rangerExportPolicyList = processPolicyInputJsonForMetaData(uploadedInputStream, null);
if (rangerExportPolicyList != null && !CollectionUtils.sizeIsEmpty(rangerExportPolicyList.getMetaDataInfo())) {
metaDataInfo = JsonUtilsV2.mapToJson(rangerExportPolicyList.getMetaDataInfo());
} else {
LOG.info("metadata info is not provided!!");
}
List<RangerPolicy> policies = getPoliciesFromProvidedJson(rangerExportPolicyList);
int i = 0;
if (CollectionUtils.sizeIsEmpty(servicesMappingMap) && isOverride) {
if (policies != null && !CollectionUtils.sizeIsEmpty(policies)) {
for (RangerPolicy policyInJson : policies) {
if (policyInJson != null) {
if (i == 0 && StringUtils.isNotBlank(policyInJson.getZoneName())) {
zoneNameInJson = policyInJson.getZoneName().trim();
}
if (StringUtils.isNotEmpty(policyInJson.getService().trim())) {
String serviceName = policyInJson.getService().trim();
if (CollectionUtils.isNotEmpty(serviceNameList) && serviceNameList.contains(serviceName) && !sourceServices.contains(serviceName) && !destinationServices.contains(serviceName)) {
sourceServices.add(serviceName);
destinationServices.add(serviceName);
} else if (CollectionUtils.isEmpty(serviceNameList) && !sourceServices.contains(serviceName) && !destinationServices.contains(serviceName)) {
sourceServices.add(serviceName);
destinationServices.add(serviceName);
}
} else {
LOG.error("Service Name or Policy Name is not provided!!");
throw restErrorUtil.createRESTException("Service Name or Policy Name is not provided!!");
}
}
i++;
}
}
} else if (!CollectionUtils.sizeIsEmpty(servicesMappingMap)) {
if (policies != null && !CollectionUtils.sizeIsEmpty(policies)) {
i = 0;
for (RangerPolicy policyInJson : policies) {
if (policyInJson != null) {
if (i == 0 && StringUtils.isNotBlank(policyInJson.getZoneName())) {
zoneNameInJson = policyInJson.getZoneName().trim();
}
if (StringUtils.isNotEmpty(policyInJson.getService().trim())) {
dataFileSourceServices.add(policyInJson.getService().trim());
} else {
LOG.error("Service Name or Policy Name is not provided!!");
throw restErrorUtil.createRESTException("Service Name or Policy Name is not provided!!");
}
i++;
}
}
if (!dataFileSourceServices.containsAll(sourceServices)) {
LOG.error("Json File does not contain specified source service name.");
throw restErrorUtil.createRESTException("Json File does not contain specified source service name.");
}
}
}
boolean deleteIfExists = "true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_DELETE_IF_EXISTS)));
boolean updateIfExists = "true".equalsIgnoreCase(StringUtils.trimToEmpty(request.getParameter(PARAM_UPDATE_IF_EXISTS)));
String polResource = request.getParameter(SearchFilter.POL_RESOURCE);
if (updateIfExists) {
isOverride = false;
}
String destinationZoneName = getDestinationZoneName(destinationZones, zoneNameInJson);
if (isOverride && !updateIfExists && StringUtils.isEmpty(polResource)) {
LOG.debug("Deleting Policy from provided services in servicesMapJson file...");
if (CollectionUtils.isNotEmpty(sourceServices) && CollectionUtils.isNotEmpty(destinationServices)) {
deletePoliciesProvidedInServiceMap(sourceServices, destinationServices, destinationZoneName); //In order to delete Zone specific policies from service
}
} else if (updateIfExists && StringUtils.isNotEmpty(polResource)) {
LOG.debug("Deleting Policy from provided services in servicesMapJson file for specific resource...");
if (CollectionUtils.isNotEmpty(sourceServices) && CollectionUtils.isNotEmpty(destinationServices)) {
deletePoliciesForResource(sourceServices, destinationServices, request, policies, destinationZoneName); //In order to delete Zone specific policies from service
}
}
if (policies != null && !CollectionUtils.sizeIsEmpty(policies)) {
for (RangerPolicy policyInJson : policies) {
if (policyInJson != null) {
if (StringUtils.isNotBlank(destinationZoneName)) {
boolean isZoneServiceExistAtDestination = validateDestZoneServiceMapping(destinationZoneName, policyInJson, servicesMappingMap);
if (!isZoneServiceExistAtDestination) {
LOG.warn("provided service of policy in File is not associated with zone");
continue;
}
}
policiesMap = svcStore.createPolicyMap(zoneMappingMap, sourceZones, destinationZoneName, servicesMappingMap, sourceServices, destinationServices, policyInJson, policiesMap); // zone Info is also sent for creating policy map
}
}
if (deleteIfExists) {
//deleting target policies if already exist
deleteExactMatchPolicyForResource(policies, request.getRemoteUser(), destinationZoneName);
}
}
totalPolicyCreate = createPolicesBasedOnPolicyMap(request, policiesMap, serviceNameList, updateIfExists, totalPolicyCreate);
if (!(totalPolicyCreate > 0)) {
LOG.error("zero policy is created from provided data file!!");
throw restErrorUtil.createRESTException("zero policy is created from provided data file!!");
}
} catch (IOException e) {
LOG.error(e.getMessage());
throw restErrorUtil.createRESTException(e.getMessage());
}
} else {
LOG.error("Provided file format is not supported!!");
throw restErrorUtil.createRESTException("Provided file format is not supported!!");
}
} catch (JsonSyntaxException ex) {
LOG.error("Provided json file is not valid!!", ex);
policyService.createTransactionLog(new XXTrxLogV2(AppConstants.CLASS_TYPE_RANGER_POLICY, null, null, "IMPORT ERROR"), "Import failed", StringUtils.isNotEmpty(metaDataInfo) ? metaDataInfo : null, null);
throw restErrorUtil.createRESTException(ex.getMessage());
} catch (WebApplicationException excp) {
LOG.error("Error while importing policy from file!!", excp);
policyService.createTransactionLog(new XXTrxLogV2(AppConstants.CLASS_TYPE_RANGER_POLICY, null, null, "IMPORT ERROR"), "Import failed", StringUtils.isNotEmpty(metaDataInfo) ? metaDataInfo : null, null);
throw excp;
} catch (Throwable excp) {
LOG.error("Error while importing policy from file!!", excp);
policyService.createTransactionLog(new XXTrxLogV2(AppConstants.CLASS_TYPE_RANGER_POLICY, null, null, "IMPORT ERROR"), "Import failed", StringUtils.isNotEmpty(metaDataInfo) ? metaDataInfo : null, null);
throw restErrorUtil.createRESTException(excp.getMessage());
} finally {
RangerPerfTracer.log(perf);
policyService.createTransactionLog(new XXTrxLogV2(AppConstants.CLASS_TYPE_RANGER_POLICY, null, null, "IMPORT END"), "IMPORT END", StringUtils.isNotEmpty(metaDataInfo) ? metaDataInfo : null, null);
LOG.debug("<== ServiceREST.importPoliciesFromFile()");
}
}