Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
A
atlas
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
dataplatform
atlas
Commits
02ec8b99
Commit
02ec8b99
authored
6 years ago
by
nixonrodrigues
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ATLAS-2821:- Update old atlas-simple-authz-policy.json file with relationship permission attributes
parent
5332f2e5
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
191 additions
and
0 deletions
+191
-0
AtlasSimpleAuthzUpdateTool.java
...he/atlas/authorize/simple/AtlasSimpleAuthzUpdateTool.java
+151
-0
atlas_update_simple_auth_json.py
distro/src/bin/atlas_update_simple_auth_json.py
+40
-0
No files found.
authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasSimpleAuthzUpdateTool.java
0 → 100644
View file @
02ec8b99
/** Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org
.
apache
.
atlas
.
authorize
.
simple
;
import
java.io.IOException
;
import
java.io.File
;
import
java.nio.file.Files
;
import
java.nio.file.Paths
;
import
java.util.ArrayList
;
import
java.util.List
;
import
com.fasterxml.jackson.databind.ObjectMapper
;
import
com.fasterxml.jackson.databind.*
;
import
com.fasterxml.jackson.databind.SerializationFeature
;
public
class
AtlasSimpleAuthzUpdateTool
{
public
static
void
main
(
String
[]
args
)
{
if
(
args
!=
null
&
args
.
length
>
0
)
{
updateSimpleAuthzJsonWithRelationshipPermissions
(
args
[
0
]);
}
else
{
System
.
out
.
println
(
"Provide Atlas conf path"
);
}
}
public
static
void
updateSimpleAuthzJsonWithRelationshipPermissions
(
String
jsonConfPath
)
{
List
<
String
>
wildCard
=
new
ArrayList
<
String
>();
wildCard
.
add
(
".*"
);
try
{
ObjectMapper
mapper
=
new
ObjectMapper
();
AtlasSimpleAuthzPolicy
authzPolicy
=
mapper
.
readValue
(
new
File
(
jsonConfPath
+
"/atlas-simple-authz-policy.json"
),
AtlasSimpleAuthzPolicy
.
class
);
AtlasSimpleAuthzPolicy
.
AtlasAuthzRole
dataAdmin
=
authzPolicy
.
getRoles
().
get
(
"ROLE_ADMIN"
);
boolean
permissionUpdated
=
false
;
if
(
dataAdmin
!=
null
&&
dataAdmin
.
getRelationshipPermissions
()
==
null
)
{
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
relationshipPermissions
=
new
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
();
relationshipPermissions
.
setPrivileges
(
wildCard
);
relationshipPermissions
.
setRelationshipTypes
(
wildCard
);
relationshipPermissions
.
setEnd1EntityClassification
(
wildCard
);
relationshipPermissions
.
setEnd1EntityId
(
wildCard
);
relationshipPermissions
.
setEnd1EntityType
(
wildCard
);
relationshipPermissions
.
setEnd2EntityClassification
(
wildCard
);
relationshipPermissions
.
setEnd2EntityId
(
wildCard
);
relationshipPermissions
.
setEnd2EntityType
(
wildCard
);
List
<
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
>
relationshipPermissionsList
=
new
ArrayList
<
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
>();
relationshipPermissionsList
.
add
(
relationshipPermissions
);
dataAdmin
.
setRelationshipPermissions
(
relationshipPermissionsList
);
permissionUpdated
=
true
;
}
AtlasSimpleAuthzPolicy
.
AtlasAuthzRole
dataSteward
=
authzPolicy
.
getRoles
().
get
(
"DATA_STEWARD"
);
List
<
String
>
permissiondataSteward
=
new
ArrayList
<
String
>();
permissiondataSteward
.
add
(
"add-relationship"
);
permissiondataSteward
.
add
(
"update-relationship"
);
permissiondataSteward
.
add
(
"remove-relationship"
);
if
(
dataSteward
!=
null
&&
dataSteward
.
getRelationshipPermissions
()
==
null
)
{
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
relationshipPermissions
=
new
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
();
relationshipPermissions
.
setPrivileges
(
permissiondataSteward
);
relationshipPermissions
.
setRelationshipTypes
(
wildCard
);
relationshipPermissions
.
setEnd1EntityClassification
(
wildCard
);
relationshipPermissions
.
setEnd1EntityId
(
wildCard
);
relationshipPermissions
.
setEnd1EntityType
(
wildCard
);
relationshipPermissions
.
setEnd2EntityClassification
(
wildCard
);
relationshipPermissions
.
setEnd2EntityId
(
wildCard
);
relationshipPermissions
.
setEnd2EntityType
(
wildCard
);
List
<
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
>
relationshipPermissionsList
=
new
ArrayList
<
AtlasSimpleAuthzPolicy
.
AtlasRelationshipPermission
>();
relationshipPermissionsList
.
add
(
relationshipPermissions
);
dataSteward
.
setRelationshipPermissions
(
relationshipPermissionsList
);
permissionUpdated
=
true
;
}
if
(
permissionUpdated
)
{
writeUsingFiles
(
jsonConfPath
+
"/atlas-simple-authz-policy.json"
,
toJson
(
authzPolicy
,
mapper
));
}
}
catch
(
Exception
e
)
{
System
.
err
.
println
(
" Error while updating JSON "
+
e
.
getMessage
());
}
}
public
static
String
toJson
(
Object
obj
,
ObjectMapper
mapper
)
{
mapper
.
enable
(
SerializationFeature
.
INDENT_OUTPUT
);
// to beautify json
String
ret
;
try
{
if
(
obj
instanceof
JsonNode
&&
((
JsonNode
)
obj
).
isTextual
())
{
ret
=
((
JsonNode
)
obj
).
textValue
();
}
else
{
ret
=
mapper
.
writeValueAsString
(
obj
);
}
}
catch
(
IOException
e
)
{
ret
=
null
;
}
return
ret
;
}
private
static
void
writeUsingFiles
(
String
file
,
String
data
)
{
try
{
Files
.
write
(
Paths
.
get
(
file
),
data
.
getBytes
());
}
catch
(
IOException
e
)
{
System
.
err
.
println
(
" Error while writeUsingFiles JSON "
+
e
.
getMessage
());
}
}
}
\ No newline at end of file
This diff is collapsed.
Click to expand it.
distro/src/bin/atlas_update_simple_auth_json.py
0 → 100755
View file @
02ec8b99
#!/usr/bin/env python
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import
os
import
sys
import
atlas_config
as
mc
import
atlas_client_cmdline
as
cmdline
def
main
():
conf_dir
=
cmdline
.
setup_conf_dir
()
jvm_opts_list
=
cmdline
.
setup_jvm_opts_list
(
conf_dir
,
'atlas_admin.log'
)
atlas_classpath
=
cmdline
.
get_atlas_classpath
(
conf_dir
)
process
=
mc
.
java
(
"org.apache.atlas.authorize.simple.AtlasSimpleAuthzUpdateTool"
,
sys
.
argv
[
1
:],
atlas_classpath
,
jvm_opts_list
)
return
process
.
wait
()
if
__name__
==
'__main__'
:
try
:
returncode
=
main
()
except
Exception
as
e
:
print
"Exception:
%
s "
%
str
(
e
)
returncode
=
-
1
sys
.
exit
(
returncode
)
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment