From 88af0324ff36f4caf1806dc30a569b073d4690e9 Mon Sep 17 00:00:00 2001 From: Xun Date: Tue, 29 Oct 2024 16:58:04 +0800 Subject: [PATCH] remove invalid code --- .../ranger/RangerAuthorizationPlugin.java | 122 ++++-------------- 1 file changed, 25 insertions(+), 97 deletions(-) diff --git a/authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java b/authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java index 5f8d40cf8b..18d10d1a46 100644 --- a/authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java +++ b/authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java @@ -723,8 +723,8 @@ private void doRemoveMetadataObject(RangerMetadataObject rangerMetadataObject) { } /** - * Remove the SCHEMA, Need to rename these the relevant policies, `{schema}`, `{schema}.*`, - * `{schema}.*.*`
+ * Remove the SCHEMA, Need to remove these the relevant policies, `{schema}`, `{schema}.*`, + * `{schema}.*.*` permissions. */ private void doRemoveSchemaMetadataObject(RangerMetadataObject rangerMetadataObject) { Preconditions.checkArgument( @@ -769,8 +769,8 @@ private void doRemoveSchemaMetadataObject(RangerMetadataObject rangerMetadataObj } /** - * Remove the TABLE, Need to rename these the relevant policies, `*.{table}`, `*.{table}.{column}` - *
+ * Remove the TABLE, Need to remove these the relevant policies, `*.{table}`, `*.{table}.{column}` + * permissions. */ private void doRemoveTableMetadataObject(RangerMetadataObject rangerMetadataObject) { List> loop = @@ -821,23 +821,16 @@ private void doRenameSchemaMetadataObject( RangerMetadataObject rangerMetadataObject, RangerMetadataObject newRangerMetadataObject) { List oldMetadataNames = new ArrayList<>(); List newMetadataNames = new ArrayList<>(); - List> loop = + List> loop = ImmutableList.of( - ImmutableMap.of(rangerMetadataObject.names().get(0), MetadataObject.Type.SCHEMA), - ImmutableMap.of(RangerHelper.RESOURCE_ALL, MetadataObject.Type.TABLE), - ImmutableMap.of(RangerHelper.RESOURCE_ALL, MetadataObject.Type.COLUMN)); - for (Map nameAndType : loop) { - oldMetadataNames.add(nameAndType.keySet().stream().findFirst().get()); - if (nameAndType.containsValue(MetadataObject.Type.SCHEMA)) { - newMetadataNames.add(newRangerMetadataObject.names().get(0)); - } else { - newMetadataNames.add(RangerHelper.RESOURCE_ALL); - } - updatePolicyByMetadataObject( - MetadataObject.Type.SCHEMA, - oldMetadataNames, - newMetadataNames, - nameAndType.values().stream().findFirst().get()); + ImmutableMap.of( + rangerMetadataObject.names().get(0), newRangerMetadataObject.names().get(0)), + ImmutableMap.of(RangerHelper.RESOURCE_ALL, RangerHelper.RESOURCE_ALL), + ImmutableMap.of(RangerHelper.RESOURCE_ALL, RangerHelper.RESOURCE_ALL)); + for (Map mapName : loop) { + oldMetadataNames.add(mapName.keySet().stream().findFirst().get()); + newMetadataNames.add(mapName.values().stream().findFirst().get()); + updatePolicyByMetadataObject(MetadataObject.Type.SCHEMA, oldMetadataNames, newMetadataNames); } } @@ -856,7 +849,6 @@ private void doRenameTableMetadataObject( ImmutableMap.of(RangerHelper.RESOURCE_ALL, MetadataObject.Type.COLUMN)); for (Map nameAndType : loop) { oldMetadataNames.add(nameAndType.keySet().stream().findFirst().get()); - if (nameAndType.containsValue(MetadataObject.Type.SCHEMA)) { newMetadataNames.add(newRangerMetadataObject.names().get(0)); // Skip update the schema name operation @@ -866,11 +858,7 @@ private void doRenameTableMetadataObject( } else if (nameAndType.containsValue(MetadataObject.Type.COLUMN)) { newMetadataNames.add(RangerHelper.RESOURCE_ALL); } - updatePolicyByMetadataObject( - MetadataObject.Type.TABLE, - oldMetadataNames, - newMetadataNames, - nameAndType.values().stream().findFirst().get()); + updatePolicyByMetadataObject(MetadataObject.Type.TABLE, oldMetadataNames, newMetadataNames); } } @@ -881,12 +869,11 @@ private void doRenameColumnMetadataObject( List newMetadataNames = new ArrayList<>(); List> loop = ImmutableList.of( - ImmutableMap.of(RangerHelper.RESOURCE_ALL, MetadataObject.Type.SCHEMA), - ImmutableMap.of(RangerHelper.RESOURCE_ALL, MetadataObject.Type.TABLE), + ImmutableMap.of(rangerMetadataObject.names().get(0), MetadataObject.Type.SCHEMA), + ImmutableMap.of(rangerMetadataObject.names().get(1), MetadataObject.Type.TABLE), ImmutableMap.of(rangerMetadataObject.names().get(2), MetadataObject.Type.COLUMN)); for (Map nameAndType : loop) { oldMetadataNames.add(nameAndType.keySet().stream().findFirst().get()); - if (nameAndType.containsValue(MetadataObject.Type.SCHEMA)) { newMetadataNames.add(newRangerMetadataObject.names().get(0)); // Skip update the schema name operation @@ -898,16 +885,12 @@ private void doRenameColumnMetadataObject( } else if (nameAndType.containsValue(MetadataObject.Type.COLUMN)) { newMetadataNames.add(newRangerMetadataObject.names().get(2)); } - updatePolicyByMetadataObject( - MetadataObject.Type.COLUMN, - oldMetadataNames, - newMetadataNames, - nameAndType.values().stream().findFirst().get()); + updatePolicyByMetadataObject(MetadataObject.Type.COLUMN, oldMetadataNames, newMetadataNames); } } /** - * Remove the policy by the metadata object.
+ * Remove the policy by the metadata object names.
* * @param metadataNames The metadata object names. */ @@ -946,32 +929,14 @@ private void removePolicyByMetadataObject(List metadataNames) { private void updatePolicyByMetadataObject( MetadataObject.Type operationType, List oldMetadataNames, - List newMetadataNames, - MetadataObject.Type type) { - - RangerMetadataObject oldMetadataObject = - new RangerMetadataObjects.RangerMetadataObjectImpl( - RangerMetadataObjects.getParentFullName(oldMetadataNames), - RangerMetadataObjects.getLastName(oldMetadataNames), - RangerMetadataObject.Type.fromMetadataType(type)); - RangerMetadataObject newMetadataObject = - new RangerMetadataObjects.RangerMetadataObjectImpl( - RangerMetadataObjects.getParentFullName(newMetadataNames), - RangerMetadataObjects.getLastName(newMetadataNames), - RangerMetadataObject.Type.fromMetadataType(type)); - List oldPolicies = rangerHelper.wildcardSearchPolies(oldMetadataObject.names()); - List existNewPolicies = - rangerHelper.wildcardSearchPolies(newMetadataObject.names()); - + List newMetadataNames) { + List oldPolicies = rangerHelper.wildcardSearchPolies(oldMetadataNames); + List existNewPolicies = rangerHelper.wildcardSearchPolies(newMetadataNames); if (oldPolicies.isEmpty()) { - LOG.warn( - "Cannot find the Ranger policy for the metadata object({})!", - oldMetadataObject.fullName()); + LOG.warn("Cannot find the Ranger policy for the metadata object({})!", oldMetadataNames); } if (!existNewPolicies.isEmpty()) { - LOG.warn( - "The Ranger policy for the metadata object({}) already exists!", - newMetadataObject.fullName()); + LOG.warn("The Ranger policy for the metadata object({}) already exists!", newMetadataNames); } Map operationTypeIndex = ImmutableMap.of( @@ -1011,7 +976,7 @@ private void updatePolicyByMetadataObject( if (alreadyExist) { LOG.warn( "The Ranger policy for the metadata object({}) already exists!", - newMetadataObject.fullName()); + newMetadataNames); return; } @@ -1024,47 +989,10 @@ private void updatePolicyByMetadataObject( }); } - /** rename the COLUMN, Only need to rename `{schema}.*.*`
*/ - private boolean doRenameColumnMetadataObject2( - RangerMetadataObject rangerMetadataObject, RangerMetadataObject newRangerMetadataObject) { - RangerPolicy policy = rangerHelper.findManagedPolicy(rangerMetadataObject); - RangerPolicy newPolicy = rangerHelper.findManagedPolicy(newRangerMetadataObject); - if (policy != null && newPolicy == null) { - try { - policy.setName(newRangerMetadataObject.fullName()); - policy.getResources().clear(); - List nsMetadataObject = newRangerMetadataObject.names(); - for (int i = 0; i < nsMetadataObject.size(); i++) { - RangerPolicy.RangerPolicyResource policyResource = - new RangerPolicy.RangerPolicyResource(nsMetadataObject.get(i)); - policy.getResources().put(rangerHelper.policyResourceDefines.get(i), policyResource); - } - rangerClient.updatePolicy(policy.getId(), policy); - } catch (RangerServiceException e) { - LOG.error("Failed to rename the policy {}!", policy); - throw new RuntimeException(e); - } - } else { - if (policy == null) { - LOG.warn( - "Cannot find the Ranger policy for the metadata object({})!", - rangerMetadataObject.fullName()); - } - if (newPolicy != null) { - LOG.warn( - "The Ranger policy for the metadata object({}) already exists!", - newRangerMetadataObject.fullName()); - } - // Don't throw exception or return false, because need support immutable operation. - return true; - } - return true; - } - @Override public void close() throws IOException {} - /** Generate different Ranger securable object */ + /** Generate Ranger securable object */ public RangerSecurableObject generateRangerSecurableObject( List names, RangerMetadataObject.Type type, Set privileges) { validateRangerMetadataObject(names, type);