in security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java [4770:5004]
private void writeCSVForPolicyItems(Map<String, String> svcNameToSvcType, RangerPolicy policy, RangerPolicyItem policyItem, RangerDataMaskPolicyItem dataMaskPolicyItem, RangerRowFilterPolicyItem rowFilterPolicyItem, StringBuilder csvBuffer, String policyConditionType) {
LOG.debug("policyConditionType:[{}]", policyConditionType);
List<String> roles = new ArrayList<>();
List<String> groups = new ArrayList<>();
List<String> users = new ArrayList<>();
String roleNames = "";
String groupNames = "";
String userNames = "";
String policyLabelName = "";
String accessType = "";
Boolean delegateAdmin = false;
String isExcludesValue = "";
String maskingInfo = "";
List<RangerPolicyItemAccess> accesses = new ArrayList<>();
List<RangerPolicyItemCondition> conditionsList = new ArrayList<>();
String conditionKeyValue = "";
String resourceKeyVal = "";
String isRecursiveValue = "";
String serviceType = "";
String filterExpr = "";
String policyConditionTypeValue = "";
String serviceName = policy.getService();
String description = policy.getDescription();
Boolean isAuditEnabled = policy.getIsAuditEnabled();
List<String> policyLabels = policy.getPolicyLabels();
StringBuilder sb = new StringBuilder();
StringBuilder sbIsRecursive = new StringBuilder();
StringBuilder sbIsExcludes = new StringBuilder();
Map<String, RangerPolicyResource> resources = policy.getResources();
String policyName = policy.getName();
policyName = policyName.replace("|", "");
if (resources != null) {
for (Entry<String, RangerPolicyResource> resource : resources.entrySet()) {
String resKey = resource.getKey();
RangerPolicyResource policyResource = resource.getValue();
List<String> resvalueList = policyResource.getValues();
String isExcludes = policyResource.getIsExcludes().toString();
String isRecursive = policyResource.getIsRecursive().toString();
String resValue = resvalueList.toString();
sb.append(resourceKeyVal).append(" ").append(resKey).append("=").append(resValue);
sbIsExcludes.append(resourceKeyVal).append(" ").append(resKey).append("=[").append(isExcludes).append("]");
sbIsRecursive.append(resourceKeyVal).append(" ").append(resKey).append("=[").append(isRecursive).append("]");
}
isExcludesValue = sbIsExcludes.toString();
isExcludesValue = isExcludesValue.substring(1);
isRecursiveValue = sbIsRecursive.toString();
isRecursiveValue = isRecursiveValue.substring(1);
resourceKeyVal = sb.toString();
resourceKeyVal = resourceKeyVal.substring(1);
if (policyItem != null && dataMaskPolicyItem == null && rowFilterPolicyItem == null) {
roles = policyItem.getRoles();
groups = policyItem.getGroups();
users = policyItem.getUsers();
accesses = policyItem.getAccesses();
delegateAdmin = policyItem.getDelegateAdmin();
conditionsList = policyItem.getConditions();
} else if (dataMaskPolicyItem != null && policyItem == null && rowFilterPolicyItem == null) {
roles = dataMaskPolicyItem.getRoles();
groups = dataMaskPolicyItem.getGroups();
users = dataMaskPolicyItem.getUsers();
accesses = dataMaskPolicyItem.getAccesses();
delegateAdmin = dataMaskPolicyItem.getDelegateAdmin();
conditionsList = dataMaskPolicyItem.getConditions();
RangerPolicy.RangerPolicyItemDataMaskInfo dataMaskInfo = dataMaskPolicyItem.getDataMaskInfo();
String dataMaskType = dataMaskInfo.getDataMaskType();
String conditionExpr = dataMaskInfo.getConditionExpr();
String valueExpr = dataMaskInfo.getValueExpr();
maskingInfo = "dataMasktype=[" + dataMaskType + "]";
if (conditionExpr != null && !conditionExpr.isEmpty() && valueExpr != null && !valueExpr.isEmpty()) {
maskingInfo = maskingInfo + "; conditionExpr=[" + conditionExpr + "]";
}
} else if (rowFilterPolicyItem != null && policyItem == null && dataMaskPolicyItem == null) {
roles = rowFilterPolicyItem.getRoles();
groups = rowFilterPolicyItem.getGroups();
users = rowFilterPolicyItem.getUsers();
accesses = rowFilterPolicyItem.getAccesses();
delegateAdmin = rowFilterPolicyItem.getDelegateAdmin();
conditionsList = rowFilterPolicyItem.getConditions();
RangerPolicy.RangerPolicyItemRowFilterInfo filterInfo = rowFilterPolicyItem.getRowFilterInfo();
filterExpr = filterInfo.getFilterExpr();
}
if (CollectionUtils.isNotEmpty(accesses)) {
for (RangerPolicyItemAccess access : accesses) {
if (access != null) {
accessType = accessType + access.getType().replace("#", "").replace("|", "") + "#";
}
}
if (!accessType.isEmpty()) {
accessType = accessType.substring(0, accessType.lastIndexOf("#"));
}
}
if (CollectionUtils.isNotEmpty(roles)) {
for (String role : roles) {
if (StringUtils.isNotBlank(role)) {
role = role.replace("|", "");
role = role.replace("#", "");
roleNames = roleNames + role + "#";
}
}
if (!roleNames.isEmpty()) {
roleNames = roleNames.substring(0, roleNames.lastIndexOf("#"));
}
}
if (CollectionUtils.isNotEmpty(groups)) {
for (String group : groups) {
if (StringUtils.isNotBlank(group)) {
group = group.replace("|", "");
group = group.replace("#", "");
groupNames = groupNames + group + "#";
}
}
if (!groupNames.isEmpty()) {
groupNames = groupNames.substring(0, groupNames.lastIndexOf("#"));
}
}
if (CollectionUtils.isNotEmpty(users)) {
for (String user : users) {
if (StringUtils.isNotBlank(user)) {
user = user.replace("|", "");
user = user.replace("#", "");
userNames = userNames + user + "#";
}
}
if (!userNames.isEmpty()) {
userNames = userNames.substring(0, userNames.lastIndexOf("#"));
}
}
for (RangerPolicyItemCondition conditions : conditionsList) {
String conditionType = conditions.getType();
List<String> conditionList = conditions.getValues();
String conditionValue = conditionList.toString();
conditionKeyValue = conditionType + "=" + conditionValue;
}
serviceType = policy.getServiceType();
if (StringUtils.isBlank(serviceType)) {
serviceType = svcNameToSvcType.get(policy.getService());
if (serviceType == null) {
serviceType = "";
}
}
}
if (policyConditionType != null) {
policyConditionTypeValue = policyConditionType;
}
if (policyConditionType == null && serviceType.equalsIgnoreCase("tag")) {
policyConditionTypeValue = POLICY_ALLOW_INCLUDE;
} else if (policyConditionType == null) {
policyConditionTypeValue = "";
}
if (CollectionUtils.isNotEmpty(policyLabels)) {
for (String policyLabel : policyLabels) {
if (StringUtils.isNotBlank(policyLabel)) {
policyLabel = policyLabel.replace("|", "");
policyLabel = policyLabel.replace("#", "");
policyLabelName = policyLabelName + policyLabel + "#";
}
}
if (!policyLabelName.isEmpty()) {
policyLabelName = policyLabelName.substring(0, policyLabelName.lastIndexOf("#"));
}
}
csvBuffer.append(policy.getId());
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(policyName));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(resourceKeyVal));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(roleNames));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(groupNames));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(userNames));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(accessType.trim());
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(serviceType));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(policy.getIsEnabled() ? "Enabled" : "Disabled");
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(getPolicyTypeString(policy.getPolicyType()));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(delegateAdmin.toString().toUpperCase());
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(isRecursiveValue);
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(isExcludesValue);
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(serviceName));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(description));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(isAuditEnabled.toString().toUpperCase());
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(conditionKeyValue.trim()));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(policyConditionTypeValue));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(maskingInfo));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(filterExpr));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(sanitizeCell(policyLabelName));
csvBuffer.append(COMMA_DELIMITER);
csvBuffer.append(LINE_SEPARATOR);
}