Ranger 之java 接口操作

最新推荐文章于 2023-01-02 19:44:48 发布
最新推荐文章于 2023-01-02 19:44:48 发布
阅读量5.6k 收藏 15
点赞数 2
分类专栏: Java HDP 平台的运用 文章标签: java Ranger
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/u013850277/article/details/76651242
版权

简单粗暴直接上代码

1. Ranger 接口类

package com.bms.service;

import com.bms.entity.CreatePoliceReq;
import com.bms.entity.UpdatePoliceReq;

/**
 * @author YeChunBo
 * @time 2017年7月24日
 *
 * 类说明:Ranger 接口
 */

public interface Ranger {
	
	/**
	 * 获取所有有效的策略
	 * @return
	 */
	public String getAllValidPolice();
	
	/**
	 * 创建策略
	 * @param policeUser 策略对应的用户
	 * @param dbName :数据库,多个数据库用逗号分割(英文符)
	 * @param tableName :表,多个用逗号分割
	 * @param permissionsType 表,所对应的权限,多个用逗号分割,eg :drop, all, select, update, create, index, lock, alter
	 * @return
	 */
	public boolean createPolice(CreatePoliceReq createRequest);
	
	/**
	 * 通过策略名称获取策略
	 * @param policyName
	 * @param policyType 策略类型:hive或hdfs/hbase
	 * @return
	 */
	public String getPolicyByName(String policyName, String policyType);

	/**
	 * 通过policeName 删除策略
	 * @param policeName
	 * @return
	 */
	public boolean deletePoliceByPoliceName(String policeName);
    
	/**
	 * 通过policeId 删除策略
	 * @param policeId
	 * @return
	 */
	public boolean deletePoliceByPoliceId(String policeId);
	
	/**
	 * 修改策略
	 * @param updatePoliceReq
	 * @return
	 */
	public boolean updatePolicyById(UpdatePoliceReq updatePoliceReq);
	
	/**
	 * 根据用户名,获取该用户对数据库的访问记录
	 * @param userName
	 * @param startDate
	 * @return
	 */
	public String getUserVisitInfo(String userName, String startDate);
}

2. RangerImpl 接口实现类

package com.bms.service.rangerimpl;

import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.util.RangerRESTUtils;
import org.apache.ranger.plugin.util.ServicePolicies;
import org.jboss.logging.Logger;

import com.bms.entity.CreatePoliceReq;
import com.bms.entity.UpdatePoliceReq;
import com.bms.service.Ranger;
import com.bms.utils.PropertyUtil;
import com.google.gson.Gson;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;

/**
 * @author YeChunBo
 * @time 2017年7月24日
 *
 * 类说明:Ranger rest api 操作实现类
 */

public class RangerImpl implements Ranger {

	private static Logger log = Logger.getLogger(RangerImpl.class);

	private static final String EXPECTED_MIME_TYPE = PropertyUtil.getProperty("expected_mime_type");
	private static String rangerBaseUrl = PropertyUtil.getProperty("rangerBaseUrl");
	private static String service = PropertyUtil.getProperty("service"); // hive 的服务名
	private static String adminUser = PropertyUtil.getProperty("adminUser");
	private static String adminPwd = PropertyUtil.getProperty("adminPwd");   // ranger自己的登录密码(不是通过单点登录的密码)

	public String getAllValidPolice() {
		
		String url = rangerBaseUrl + "/service/plugins/policies/download/" + service;

		log.info("getAllValidPolice, reqUrl=" + url);
		
		ClientResponse response = null;
		Client client = null;
		String allPolice = null;
		try {
			client = Client.create();
			WebResource webResource = client.resource(url)
					.queryParam(RangerRESTUtils.REST_PARAM_LAST_KNOWN_POLICY_VERSION, Long.toString(68));
			response = webResource.accept(RangerRESTUtils.REST_MIME_TYPE_JSON).get(ClientResponse.class);

			if (response != null && response.getStatus() == 200) {
				ServicePolicies ret = response.getEntity(ServicePolicies.class);

				Gson gson = new Gson();
				allPolice = gson.toJson(ret);
				log.info("getAllValidPolice is success , the resp=" + gson.toJson(ret));

			} else {
				RESTResponse resp = RESTResponse.fromClientResponse(response);
				log.warn("getAllValidPolice is fail," + resp.toString());
			}
		
		} catch (Exception e) {
			
			log.error("getAllValidPolice is fail, errMassge=" + e.getMessage());
		} finally {
			
			if (response != null) {
				response.close();
			}
			
			if (client != null) {
				client.destroy();
			}
		}
		return allPolice;
	}

	public String getPolicyByName(String policyName) {
		
		String url = rangerBaseUrl + "/service/public/v2/api/service/" + service + "/policy/" + policyName;
		
		log.info("getPolicyByName, reqUrl=" + url);
		
		Client client = null;
		ClientResponse response = null;
		String jsonString = null;

		try {
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));
			WebResource webResource = client.resource(url);
			response = webResource.accept(EXPECTED_MIME_TYPE).get(ClientResponse.class);

			if (response.getStatus() == 200) {
				
				jsonString = response.getEntity(String.class);
				log.info("getPolicyByName is success, the response message is :" + jsonString);
			
			} else {
				
				RESTResponse resp = RESTResponse.fromClientResponse(response);
				jsonString = resp.toJson();
				log.warn("getPolicyByName is fail, the response message is :" + resp.toString());
			}

		} catch (Exception e) {
			
			RESTResponse resp = RESTResponse.fromClientResponse(response);
			jsonString = resp.toJson();
			log.error("getPolicyByName is fail, the error message is :" + e.getMessage()
					+ " and the response message is : " + jsonString);
		} finally {
			
			if (response != null) {
				response.close();
			}
			
			if (client != null) {
				client.destroy();
			}
		}
		return jsonString;
	}

	public boolean createPolice(CreatePoliceReq req) {
		
		boolean flag = false;
		String url = rangerBaseUrl + "/service/public/v2/api/policy";
		
		log.info("CreatePolice of reqUrl=" + url);

		// 添加多个用户时将分割符逗号替换成下划线,用来生成新的策略名称
		String newPoliceUser = req.getPoliceUser();
		if (req.getPoliceUser().contains(",")) {
			newPoliceUser = req.getPoliceUser().replace(",", "_");
		}
		
		String PoliceName = newPoliceUser + "_police";

		ClientResponse response = null;
		Client client = null;
		
		try {
			
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));
			WebResource webResource = client.resource(url);
			Gson gson = new Gson();

			RangerPolicy createOfPolicy = SupportRangerImpl.createOfPolicy(PoliceName, req.getPoliceUser(),
					req.getDbName(), req.getTableName(), req.getPermissionsType());

			response = webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
					.type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
					.post(ClientResponse.class, gson.toJson(createOfPolicy));

			if (response != null && response.getStatus() == 200) {
				
				RangerPolicy rangerPolicy = response.getEntity(RangerPolicy.class);
				log.info("Create Police is success, the police message is=" + rangerPolicy);
				flag = true;
				
			} else {
				log.warn("Create Police is fail, the warn message is=" + response.toString());
			}
			
		} catch (Exception e) {
			
			log.error("Create Police is fail, the error message is=" + e.getMessage());
			flag = false;
			
		} finally {
			
			if (response != null) {
				response.close();
			}
			
			if (client != null) {
				client.destroy();
			}
		}
		return flag;
	}

	public boolean deletePoliceByPoliceName(String policeName) {

		boolean flag = false;
		String url = rangerBaseUrl + "/service/public/v2/api/policy?servicename=" + service + "&policyname="
				+ policeName;
		log.info("DeletePoliceByPoliceName of requrl " + url);

		ClientResponse response = null;
		Client client = null;
		
		try {
			
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));

			WebResource webResource = client.resource(url);
			webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).delete();
			flag = true;
			log.info("DeletePoliceByPoliceName is success.");
		
		} catch (Exception e) {
			
			log.error("DeletePoliceByPoliceName is fail. the errMassage is " + e.getMessage());
			flag = false;
		} finally {
			
			if (response != null) {
				response.close();
			}
			
			if (client != null) {
				client.destroy();
			}
		}
		return flag;
	}

	public boolean updatePolicyById(UpdatePoliceReq req) {
        
		boolean flag = false;
		
		String url = rangerBaseUrl + "/service/public/v2/api/policy/" + req.getPoliceId();
        log.info("UpdatePolicyById of reqUrl=" + url);
        
		RangerPolicy rangerPolicy = SupportRangerImpl.updateOfPolicy(req.getPoliceName(), req.getDbName(),
				req.getTableName(), req.getPermissionsType(), req.getPoliceUser(), req.getColPermissionsType(),
				req.getPoliceIsEnabled());

		ClientResponse response = null;
		Client client = null;
		
		try {
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));

			WebResource webResource = client.resource(url);

			Gson gson = new Gson();

			response = webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
					.type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).put(ClientResponse.class, gson.toJson(rangerPolicy));

			if (response != null && response.getStatus() == 200) {
				
				RangerPolicy policy = response.getEntity(RangerPolicy.class);
				flag = true;
				log.info("UpdatePolicyById is success, the police message is=" + policy);
			
			} else {
				log.warn("UpdatePolicyById is fail, the fail message is=" + response.toString());
			}
		
		} catch (Exception e) {
			
			log.error("UpdatePolicyById is fail, the error message is=" + e.getMessage());
			flag = false;
		} finally {
			
			if (response != null) {
				response.close();
			}
			
			if (client != null) {
				client.destroy();
			}
		}
		return flag;
	}

	public boolean deletePoliceByPoliceId(String policeId) {

		boolean flag = false;
		String url = rangerBaseUrl + "/service/public/v2/api/policy/" + policeId;
		log.info("DeletePoliceByPoliceId of reqUrl=" + url);

		ClientResponse response = null;
		Client client = null;
		
		try {
		
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));

			WebResource webResource = client.resource(url);

			webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).delete();
			flag = true;
		
		} catch (Exception e) {
			
			log.error("DeletePoliceByPoliceId is fail, the error Massage is=" + e.getMessage());
			flag = false;
		} finally {
			
			if (response != null) {
				response.close();
			}
		
			if (client != null) {
				client.destroy();
			}
		}
		return flag;
	}

	/**
	 * 这里的删除只是把用户设为不可见,不可见之后在配置策略时,这个用户就变成不可选,但是原先这个用户所拥有的策略还是存在的。真正删除这个用户后,其所拥有的策略才不存在。
	 * @param UserName
	 * @return
	 */
	public boolean deleteUserByUserName(String UserName) {

		boolean flag = false;
		String url = rangerBaseUrl + "/service/xusers/users/userName/" + UserName;
		//service/xusers/secure/users/delete?forceDelete=true&
		log.info("deleteUserByUserName of reqUrl=" + url);

		ClientResponse response = null;
		Client client = null;
		
		try {
		
			client = Client.create();
			client.addFilter(new HTTPBasicAuthFilter(adminUser, adminPwd));

			WebResource webResource = client.resource(url);

			webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).delete();
			flag = true;
		
		} catch (Exception e) {
			
			log.error("DeletePoliceByPoliceId is fail, the error Massage is=" + e.getMessage());
			flag = false;
		} finally {
			
			if (response != null) {
				response.close();
			}
		
			if (client != null) {
				client.destroy();
			}
		}
		return flag;
	}
	
	public static void main(String[] args) {
		RangerImpl rangerImpl = new RangerImpl();

		// 获取所有有效的策略
		 String allValidPolice = rangerImpl.getAllValidPolice();
		 System.out.println("system out: " + allValidPolice);

		// 根据策略名获取
//		 String response = rangerImpl.getPolicyByName("test");
//		 System.out.println(response);

		// 删除策略(根据策略名称)
//		 boolean flag = rangerImpl.deletePoliceByPoliceName("test");
//		 System.out.println(flag);

		// 删除策略(根据策略ID)
//		 boolean flag = rangerImpl.deletePoliceByPoliceId("28");
//		 System.out.println(flag);

		// 创建策略
//		CreatePoliceReq createPoliceReq = new CreatePoliceReq();
//		createPoliceReq.setPoliceUser("hive,hbase");
//		createPoliceReq.setDbName("test1");
//		//createPoliceReq.setTableName("test2");
//		createPoliceReq.setPermissionsType("select,update");
//		boolean createPoliceFlag = rangerImpl.createPolice(createPoliceReq);
//		System.out.println(createPoliceFlag);

		// 更新策略
//		UpdatePoliceReq updatePoliceReq = new UpdatePoliceReq();
//		updatePoliceReq.setPoliceName("12tUpdate13");
//		updatePoliceReq.setPoliceId("36");
//		updatePoliceReq.setDbName("test1");
//	    updatePoliceReq.setTableName("test,test2");
//		updatePoliceReq.setPoliceUser("hive,hbase");
//		updatePoliceReq.setPermissionsType("update");
//		updatePoliceReq.setPoliceIsEnabled("0");
//	    boolean flag = rangerImpl.updatePolicyById(updatePoliceReq);
//		 System.out.println(flag);
		 
		 boolean deleteFlag = rangerImpl.deleteUserByUserName("bmsoft_test");
		 System.out.println(deleteFlag);
	}
}

3. Ranger 接口辅助类

package com.bms.service.rangerimpl;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.apache.ranger.plugin.model.RangerPolicy;

import com.bms.utils.PropertyUtil;

/**
* @author YeChunBo
* @time 2017年7月25日 
*
* 类说明 :Ranger 接口辅助类
*/

public class SupportRangerImpl {

	private static String service = PropertyUtil.getProperty("service");// hive 的服务名
	
	public static RangerPolicy updateOfPolicy(String policeName, String dbName, String tableName, String operatePermissionsType,
			String policeUser, String colPermissionsType, String policeIsEnabled) {

		RangerPolicy rangerPolicy = new RangerPolicy();
		if (StringUtils.isNotBlank(policeName))
			rangerPolicy.setName(policeName);

		if (StringUtils.isBlank(policeIsEnabled) || "1".equals(policeIsEnabled))
			rangerPolicy.setIsEnabled(true);
		else if ("0".equals(policeIsEnabled))
			rangerPolicy.setIsEnabled(false);

		rangerPolicy.setService(service);
		rangerPolicy.setIsAuditEnabled(true);

		Map<String, RangerPolicy.RangerPolicyResource> resources = new HashMap<String, RangerPolicy.RangerPolicyResource>();

		RangerPolicy.RangerPolicyResource dbRangerPolicyResource = new RangerPolicy.RangerPolicyResource();
		RangerPolicy.RangerPolicyResource tablerRangerPolicyResource = new RangerPolicy.RangerPolicyResource();
		RangerPolicy.RangerPolicyResource columRangerPolicyResource = new RangerPolicy.RangerPolicyResource();

		dbRangerPolicyResource.setValue(dbName + ",policeUser_test");
		dbRangerPolicyResource.setIsExcludes(false);
		dbRangerPolicyResource.setIsRecursive(false);

		tablerRangerPolicyResource.setValue(tableName);
		if (StringUtils.isBlank(colPermissionsType))
			columRangerPolicyResource.setValue("*");
		else
			columRangerPolicyResource.setValue(colPermissionsType);

		resources.put("database", dbRangerPolicyResource);
		resources.put("table", tablerRangerPolicyResource);
		resources.put("column", columRangerPolicyResource);

		List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();

		RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
		List<String> users = new ArrayList<String>();
		if(StringUtils.isNotBlank(policeUser)){
			String[] policeUserArr = policeUser.split("\\,");
			if (policeUserArr.length > 0){
				for (int i = 0; i < policeUserArr.length; i++) {
					users.add(policeUserArr[i]);
				}
			}
			rangerPolicyItem.setUsers(users);
		}

		List<RangerPolicy.RangerPolicyItemAccess> rangerPolicyItemAccesses = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();
		
		if(StringUtils.isNotBlank(operatePermissionsType)){
			String[] operatePermArr = operatePermissionsType.split("\\,");
			RangerPolicy.RangerPolicyItemAccess rangerPolicyItemAccess;
			if (operatePermArr.length > 0){
				for (int i = 0; i < operatePermArr.length; i++) {
					rangerPolicyItemAccess = new RangerPolicy.RangerPolicyItemAccess();
					rangerPolicyItemAccess.setType(operatePermArr[i]);
					rangerPolicyItemAccess.setIsAllowed(Boolean.TRUE);
					rangerPolicyItemAccesses.add(rangerPolicyItemAccess);
				}
			} 
		}

		rangerPolicyItem.setAccesses(rangerPolicyItemAccesses);

		policyItems.add(rangerPolicyItem);

		rangerPolicy.setPolicyItems(policyItems);
		rangerPolicy.setResources(resources);
		return rangerPolicy;
	}
	
	/**
	 * 为创建策略而创建的策略对象
	 * 
	 * @param PoliceName
	 * @param policeUser
	 * @param dbName
	 * @param tableName
	 * @param operatePermissionsType
	 * @return
	 */
	public static RangerPolicy createOfPolicy(String PoliceName, String policeUser, String dbName, String tableName,
			String operatePermissionsType) {
		RangerPolicy rangerPolicy = new RangerPolicy();
		rangerPolicy.setService(service);
		rangerPolicy.setName(PoliceName);
		rangerPolicy.setIsAuditEnabled(true);

		Map<String, RangerPolicy.RangerPolicyResource> resources = new HashMap<String, RangerPolicy.RangerPolicyResource>();

		RangerPolicy.RangerPolicyResource dbRangerPolicyResource = new RangerPolicy.RangerPolicyResource();
		RangerPolicy.RangerPolicyResource tablerRangerPolicyResource = new RangerPolicy.RangerPolicyResource();
		RangerPolicy.RangerPolicyResource columRangerPolicyResource = new RangerPolicy.RangerPolicyResource();

		String newPoliceUser = policeUser;
		if (policeUser.contains(",")) {
			newPoliceUser = policeUser.replace(",", "_");
		}
		ArrayList<String> dbList = new ArrayList<String>();
		
		if (dbName.contains(",")) {
			String[] dbArr = dbName.split(",");
			for (String dbNameS : dbArr) {
				dbList.add(dbNameS);
			}
		} else {
			dbList.add(dbName);
		}
		
		dbList.add(newPoliceUser + "_autoCreateDb");// 默认为每个策略添加一个唯一的库,以区分创建了权限相同的策略
		dbRangerPolicyResource.setValues(dbList);

		tablerRangerPolicyResource.setValue(tableName);
		columRangerPolicyResource.setValue("*");
		resources.put("database", dbRangerPolicyResource);
		resources.put("table", tablerRangerPolicyResource);
		resources.put("column", columRangerPolicyResource);

		List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<RangerPolicy.RangerPolicyItem>();

		RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
		List<String> users = new ArrayList<String>();
		String[] policeUserArr = policeUser.split("\\,");
		if (policeUserArr.length > 0){
			for (int i = 0; i < policeUserArr.length; i++) {
				users.add(policeUserArr[i]);
			}
		}
		rangerPolicyItem.setUsers(users);

		List<RangerPolicy.RangerPolicyItemAccess> rangerPolicyItemAccesses = new ArrayList<RangerPolicy.RangerPolicyItemAccess>();

		String[] operatePermArr = operatePermissionsType.split("\\,");
		RangerPolicy.RangerPolicyItemAccess rangerPolicyItemAccess;
		if (operatePermArr.length > 0){
			for (int i = 0; i < operatePermArr.length; i++) {
				rangerPolicyItemAccess = new RangerPolicy.RangerPolicyItemAccess();
				rangerPolicyItemAccess.setType(operatePermArr[i]);
				rangerPolicyItemAccess.setIsAllowed(Boolean.TRUE);
				rangerPolicyItemAccesses.add(rangerPolicyItemAccess);
			}
		}

		rangerPolicyItem.setAccesses(rangerPolicyItemAccesses);

		policyItems.add(rangerPolicyItem);

		rangerPolicy.setPolicyItems(policyItems);
		rangerPolicy.setResources(resources);
		return rangerPolicy;
	}

}

4. 实体类 CreatePoliceReq

package com.bms.entity;

/**
 * @author YeChunBo
 * @time 2017年7月25日
 *
 * 类说明
 * 
	 * 创建策略
	 * policeUser 策略对应的用户
	 * dbName :数据库,多个数据库用逗号分割
	 * tableName :表,多个用逗号分割, 默认拥有操作对应数据库中所有表
	 * permissionsType 表,所对应的权限,多个用逗号分割, 默认为拥有所有权限, 值为 all
	 * colPermissionsType = "*"; // 默认是所有列都可以访问
 */

public class CreatePoliceReq {

	private String policeUser;
	private String dbName;
	private String tableName = "*";
	private String permissionsType = "all";
	private String colPermissionsType = "*"; // 默认是所有列都可以访问

	public String getPoliceUser() {
		return policeUser;
	}

	public void setPoliceUser(String policeUser) {
		this.policeUser = policeUser;
	}

	public String getDbName() {
		return dbName;
	}

	public void setDbName(String dbName) {
		this.dbName = dbName;
	}

	public String getTableName() {
		return tableName;
	}

	public void setTableName(String tableName) {
		this.tableName = tableName;
	}

	public String getPermissionsType() {
		return permissionsType;
	}

	public void setPermissionsType(String permissionsType) {
		this.permissionsType = permissionsType;
	}

	public String getColPermissionsType() {
		return colPermissionsType;
	}

	public void setColPermissionsType(String colPermissionsType) {
		this.colPermissionsType = colPermissionsType;
	}

	@Override
	public String toString() {
		return "CreatePoliceReq [policeUser=" + policeUser + ", dbName=" + dbName + ", tableName=" + tableName
				+ ", permissionsType=" + permissionsType + ", colPermissionsType=" + colPermissionsType + "]";
	}
	
}

实体类:ResponseResult

package com.bms.entity;

/**
 * @author YeChunBo
 * @time 2017年7月25日
 *
 *       类说明
 */

public class ResponseResult {
	
	private boolean result;
	private String message;

	public boolean isResult() {
		return result;
	}

	public void setResult(boolean result) {
		this.result = result;
	}

	public String getMessage() {
		return message;
	}

	public void setMessage(String message) {
		this.message = message;
	}

	@Override
	public String toString() {
		return "ResponseResult [result=" + result + ", message=" + message + "]";
	}

}

实体类:UpdatePoliceReq

package com.bms.entity;

/**
 * @author YeChunBo
 * @time 2017年7月25日
 *
 *   类说明
	 * 更新策略
	 * policeName
	 * id
	 * dbName
	 * tableName 默认拥有所有表
	 * permissionsType 表的操作权限,eg:select,update...
	 * policeUser
	 * colPermissionsType 列的操作权限,默认拥有所有权限
	 * policeIsEnabled 该策略是否有效,默认有效:1 有效,0 无效
 */

public class UpdatePoliceReq {
	
	private String policeName;
	private String policeId;
	private String dbName;
	private String tableName = "*";
	private String permissionsType;
	private String policeUser;
	private String colPermissionsType = "*";
	private String policeIsEnabled = "1";
	private String service;
	// hfds 相关属性
	private String hdfsResourcePath;

	// hbase 相关属性
	private String hbaseTableName;
	
	public String getService() {
		return service;
	}

	public void setService(String service) {
		this.service = service;
	}

	public String getHdfsResourcePath() {
		return hdfsResourcePath;
	}

	public void setHdfsResourcePath(String hdfsResourcePath) {
		this.hdfsResourcePath = hdfsResourcePath;
	}

	public String getPoliceName() {
		return policeName;
	}

	public void setPoliceName(String policeName) {
		this.policeName = policeName;
	}

	public String getPoliceId() {
		return policeId;
	}

	public void setPoliceId(String policeId) {
		this.policeId = policeId;
	}

	public String getDbName() {
		return dbName;
	}

	public void setDbName(String dbName) {
		this.dbName = dbName;
	}

	public String getTableName() {
		return tableName;
	}

	public void setTableName(String tableName) {
		this.tableName = tableName;
	}

	public String getPermissionsType() {
		return permissionsType;
	}

	public void setPermissionsType(String permissionsType) {
		this.permissionsType = permissionsType;
	}

	public String getPoliceUser() {
		return policeUser;
	}

	public void setPoliceUser(String policeUser) {
		this.policeUser = policeUser;
	}

	public String getColPermissionsType() {
		return colPermissionsType;
	}

	public void setColPermissionsType(String colPermissionsType) {
		this.colPermissionsType = colPermissionsType;
	}

	public String getPoliceIsEnabled() {
		return policeIsEnabled;
	}

	public void setPoliceIsEnabled(String policeIsEnabled) {
		this.policeIsEnabled = policeIsEnabled;
	}

	public String getHbaseTableName() {
		return hbaseTableName;
	}

	public void setHbaseTableName(String hbaseTableName) {
		this.hbaseTableName = hbaseTableName;
	}

	@Override
	public String toString() {
		return "UpdatePoliceReq [policeName=" + policeName + ", policeId=" + policeId + ", dbName=" + dbName
				+ ", tableName=" + tableName + ", permissionsType=" + permissionsType + ", policeUser=" + policeUser
				+ ", colPermissionsType=" + colPermissionsType + ", policeIsEnabled=" + policeIsEnabled + ", service="
				+ service + ", hdfsResourcePath=" + hdfsResourcePath + ", hbaseTableName=" + hbaseTableName + "]";
	}

}

5. pom.xml 文件

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<groupId>Ranger</groupId>
	<artifactId>Ranger</artifactId>
	<version>0.0.1-SNAPSHOT</version>

	<dependencies>

	    <dependency>
			<groupId>com.google.code.gson</groupId>
			<artifactId>gson</artifactId>
			<version>2.2.4</version>
		</dependency>

		<dependency>
			<groupId>org.apache.ranger</groupId>
			<artifactId>ranger-plugins-common</artifactId>
			<version>0.6.0</version>
		</dependency>

		<dependency>
			<groupId>jdk.tools</groupId>
			<artifactId>jdk.tools</artifactId>
			<version>1.8</version>
			<scope>system</scope>
			<systemPath>${JAVA_HOME}/lib/tools.jar</systemPath>
		</dependency>

		<dependency>
			<groupId>log4j</groupId>
			<artifactId>log4j</artifactId>
			<version>1.2.17</version>
			<type>jar</type>
		</dependency>
	</dependencies>

</project>

参考文档
源码:https://github.com/yechunbo/RangerALdapApi.git
https://cwiki.apache.org/confluence/display/RANGER/Apache+Ranger+0.6±+REST+APIs+for+Service+Definition%2C+Service+and+Policy+Management#ApacheRanger0.6-RESTAPIsforServiceDefinition,ServiceandPolicyManagement-UpdatePolicybyid

在屋顶听歌
关注
  • 2
    点赞
  • 15
    收藏
    觉得还不错? 一键收藏
  • 13
    评论
专栏目录
ranger配置文件的
06-27
ranger配置文件的
Apache Ranger Public REST APIs-User-Group使用Postman测试
TT-Learning
12-24 1503
文章目录用户管理API(User APIs)创建用户根据id删除用户根据username删除用户获取全部用户信息获取用户总数根据id获取用户信息根据username获取用户信息根据username获取role信息用户组管理API(Group APIs)创建用户组根据id删除用户组根据groupname删除用户组获取全部用户组信息获取用户组总数根据id获取用户组信息根据groupname获取用户组信...
Apache ranger 简介、原理、安装部署
热门推荐
关注微信公众号「Coding我不配」
08-06 3万+
Apache Ranger提供一个集中式安全管理框架, 并解决授权和审计。它可以对Hadoop生态的组件如HDFS、Yarn、Hive、Hbase等进行细粒度的数据访问控制。通过操作Ranger控制台,管理员可以轻松的通过配置策略来控制用户访问权限。Ranger支持服务或组件Ranger支持的服务有HDFS、Hbase、Hive、Yarn、Strom、Kafka、Knox、Solr 等组件。
使用java操作ranger,hdfs ranger授权操作,hive ranger授权操作
涂作权的博客
10-03 1948
1 创建以下内容 2 AbstractConfig package com.tianque.datamanagement.dataauthorization.beans; import org.codehaus.jackson.annotate.JsonProperty; import java.io.Serializable; import java.util.List; /** * @author tuzuoquan * @version 1.0 * @ClassName Abstract
高层iOS HTTP API
lipeiran1987的专栏
06-04 951
NSURL *url = [NSURL urlWithString:mysteryString];NSData *data = [NSData dataWithContentsOfURL:url]; mysteryString的值可以引用文件或网络资源,而代码行为是一样的。主要的差别在于加载mysteryString所引用资源的时间上。如果URL引用的是网络资源,就会在后台线程中执行代码,这样在
ranger api 大全
03-08
ranger api 大全
hadoop+kerberos+ranger Api整理(六)
weixin_40496191的博客
01-02 1186
hadoop相关组件api
【企业实践案例】- B站基于Apache Ranger的大数据权限服务的技术演进
Pushkin.的博客
07-24 384
大数据权限服务 大数据鉴权 apache ranger实践案例
APACHE RANGER 调研----4 .ranger rest api 分析
wangwenting2016的博客
12-24 9474
1.官方文档 官方针对 Service Definition APIs          Service APIs      Policy APIs  提供专门的api, 对应ranger 源码中的PublicAPIsv2 4 .ranger rest api 分析 > image2016-12-8 19:21:13.png" height="250" src="h
Ranger Restful API操作用户user和群组group接口
周源的专栏
11-23 6037
1、创建用户 curl -u admin:admin -v -i -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" http://:6080/service/xusers/secure/users -d @userfile.json 注明:@userfile.json文件也可以用json格
cdh6.3.2编译的ranger版本
最新发布
08-03
此软件可以直接适用于cdh6.3.2的安装和应用,ranger我们都知道,是一个权限管理工具,可以做到精细化权限管理,编译ranger的cdh6.3.2,会出现各种报错,这里提供编译好的包
Ranger学习——基础概念
02-23
ApacheRanger作为标准化的访问控制层,引入统一的权限模型与管理界面,极大地简化了数据权限的管理,统一的权限管理降低了学习成本,非常易于使用。ApacheRanger:一个用于在整个Hadoop平台上使用,用来监视和管理...
ranger-2.2.0-plugin.zip
04-22
ranger-2.2.0-plugin编译集合包,其他包可搜ranger-2.2.0相关信息
apache-ranger-2.1.0
09-02
编译后可直接部署的包
CDH 6.3.1 ranger ranger-2.1.0-admin.tar.gz
11-04
CDH 6.3.1 ranger admin模块; 需要剩下的 编译包请留言。已经完全解决所有版本的编译。
Ranger学习—— 基础概念
01-26
大数据最基本就是数据以及用于计算的资源,需要将相应的数据和资源开放给对应的用户使用,以防被窃取、被破坏造成损失,这个就涉及大数据安全。 主流的大数据安全组件Kerberos由于使用临时的用户验证机制不适用...
apache-ranger编译安装必须pentaho-aggdesigner-algorithm-5.1.5-jhyde.jar
05-12
apache-ranger编译安装必须包pentaho-aggdesigner-algorithm-5.1.5-jhyde.jar
ApacheRanger原理与应用实践
02-24
目前我们大数据集群的现状是处于裸奔状态,只要可以登录linux机器即可对集群继续相关操作所以集群安全对于我们来说迫在眉睫,主要需求有以下几个方面:支持多组件,最好能支持当前公司技术栈的主要组件,HDFS、HBASE...
Apache Ranger原理与应用实践
01-26
大数据集群最基本的就是数据以及用于计算的资源,是一个公司的宝贵财富,我们需要将它们很好管理起来,将相应的数据和资源开放给对应的用户使用,防止被窃取、被破坏等,这就涉及到大数据安全。
ranger-usersync LdapDeltaUserGroupBuilder.java是做什么的
07-15
ranger-usersync LdapDeltaUserGroupBuilder.java 是 Apache Ranger 中的一个类,用于处理 LDAP 用户和组的增量同步。具体来说,它负责从 LDAP 目录服务中获取用户和组的变更,并将这些变更应用到 Apache Ranger 的用户和组管理模块中。这个类主要用于保持 Apache Ranger 中的用户和组信息与 LDAP 同步并保持一致。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 13
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值