oushu1jinliujie1
commented
12 months ago - [ ] 登录ranger
- [x] 在ranger上创建当前hbase的环境
- [ ] 为当前登录用户创建权限策略
- 需要为子用户赋予phoenix系统表的权限
- 需要为子用户创建同名的schema
- 需要为子用户赋予同名schema的权限
Open oushu1jinliujie1 opened 12 months ago
oushu1jinliujie1
commented
12 months ago oushu1jinliujie1
commented
12 months ago oushu1jinliujie1
commented
12 months ago package truck.opensource.HiveApi.src.main.java.com.bfd.hiveapi.test;
import com.google.gson.Gson;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.auth.BasicScheme;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.net.util.Base64;
import org.apache.ranger.admin.client.RangerAdminRESTClient;
import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.plugin.model.RangerPolicy;
import org.apache.ranger.plugin.util.RangerRESTUtils;
import org.apache.ranger.plugin.util.ServicePolicies;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* Created by wenting on 12/2/16.
*/
public class TestRangerAddPolicy {
private static final String EXPECTED_MIME_TYPE = "application/json";
public static void testGetPolicy() {
String url = "http://172.24.5.149:6080/service/public/v2/api/service/hivedev/policy/bfd_hz_for_self";
Client client = null;
ClientResponse response = null;
try {
client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource(url);
response = webResource.accept(EXPECTED_MIME_TYPE).get(ClientResponse.class);
if(response.getStatus() == 200) {
String jsonString = response.getEntity(String.class);
System.out.println(jsonString);
}
} finally {
if(response != null) {
response.close();
}
if(client != null) {
client.destroy();
}
}
}
public static void testDownload() {
String url = "http://172.24.5.149:6080/service/plugins/policies/download/hivedev";
ClientResponse response = null;
Client client = null;
try {
client = Client.create();
WebResource webResource = client.resource(url)
.queryParam(RangerRESTUtils.REST_PARAM_LAST_KNOWN_POLICY_VERSION, Long.toString(68))
.queryParam(RangerRESTUtils.REST_PARAM_PLUGIN_ID, "aaa");
response = webResource.accept(RangerRESTUtils.REST_MIME_TYPE_JSON).get(ClientResponse.class);
if (response != null && response.getStatus() == 200) {
ServicePolicies ret = response.getEntity(ServicePolicies.class);
System.out.println(ret);
} else if (response != null && response.getStatus() == 304) {
// no change
System.out.println("aaaaaaaaa");
} else {
RESTResponse resp = RESTResponse.fromClientResponse(response);
}
} finally {
if(response != null) {
response.close();
}
if(client != null) {
client.destroy();
}
}
}
private static RangerPolicy policy() {
RangerPolicy rangerPolicy = new RangerPolicy();
rangerPolicy.setService("hivedev");
rangerPolicy.setName("restApi");
rangerPolicy.setIsAuditEnabled(true);
Map<String, RangerPolicy.RangerPolicyResource> resources = new HashMap<>();
RangerPolicy.RangerPolicyResource rangerPolicyResource = new RangerPolicy.RangerPolicyResource();
rangerPolicyResource.setIsExcludes(false);
rangerPolicyResource.setIsRecursive(false);
rangerPolicyResource.setValue("*");
resources.put("database", rangerPolicyResource);
resources.put("table", rangerPolicyResource);
resources.put("column", rangerPolicyResource);
List<RangerPolicy.RangerPolicyItem> policyItems = new ArrayList<>();
RangerPolicy.RangerPolicyItem rangerPolicyItem = new RangerPolicy.RangerPolicyItem();
List<String> users = new ArrayList<>();
users.add("dongshen");
rangerPolicyItem.setUsers(users);
List<RangerPolicy.RangerPolicyItemAccess> rangerPolicyItemAccesses = new ArrayList<>();
RangerPolicy.RangerPolicyItemAccess rangerPolicyItemAccess = new RangerPolicy.RangerPolicyItemAccess();
rangerPolicyItemAccess.setType("select");
rangerPolicyItemAccess.setIsAllowed(Boolean.TRUE);
rangerPolicyItemAccesses.add(rangerPolicyItemAccess);
rangerPolicyItem.setAccesses(rangerPolicyItemAccesses);
policyItems.add(rangerPolicyItem);
rangerPolicy.setPolicyItems(policyItems);
rangerPolicy.setResources(resources);
return rangerPolicy;
}
public static void testCreatePolicy() {
String url = "http://172.24.5.149:6080/service/public/v2/api/policy";
ClientResponse response = null;
Client client = null;
try {
client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource(url);
Gson gson = new Gson();
response = webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
.type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
.post(ClientResponse.class, gson.toJson(policy()));
if (response != null && response.getStatus() == 200) {
RangerPolicy ret = response.getEntity(RangerPolicy.class);
System.out.println(ret);
} else {
System.out.println(response.getStatus());
}
} finally {
if(response != null) {
response.close();
}
if(client != null) {
client.destroy();
}
}
}
public static void testUpdatePolicy() {
String url = "http://172.24.5.149:6080/service/public/v2/api/policy/29";
RangerPolicy rangerPolicy = policy();
rangerPolicy.getPolicyItems().get(0).getUsers().add("wenting");
ClientResponse response = null;
Client client = null;
try {
client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource(url);
Gson gson = new Gson();
response = webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
.type(RangerRESTUtils.REST_EXPECTED_MIME_TYPE)
.put(ClientResponse.class, gson.toJson(rangerPolicy));
if (response != null && response.getStatus() == 200) {
RangerPolicy ret = response.getEntity(RangerPolicy.class);
System.out.print(ret.getId());
System.out.println(ret);
} else {
System.out.println(response.getStatus());
}
} finally {
if(response != null) {
response.close();
}
if(client != null) {
client.destroy();
}
}
}
public static void testDeletepolicy() {
String url = "http://172.24.5.149:6080/service/public/v2/api/policy/29";
ClientResponse response = null;
Client client = null;
try {
client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource(url);
webResource.accept(RangerRESTUtils.REST_EXPECTED_MIME_TYPE).delete();
} finally {
if(response != null) {
response.close();
}
if(client != null) {
client.destroy();
}
}
}
public static void main(String[] args) throws Throwable {
//testGetPolicy();
//testDownload();
testCreatePolicy();
//testUpdatePolicy();
//testDeletepolicy();
}
}