def setupOpenRangerHivePolicy(cls):
logger.info(
"============================== %s.%s ============================="
% (__name__, sys._getframe().f_code.co_name))
logger.info("setupOpenRangerHivePolicy: Begin")
repos = Xa.findRepositories(nameRegex="^.*_hive$",
type="Hive",
status=True)
if len(repos) == 0:
repo = {}
repo['repositoryType'] = 'Hive'
repo['name'] = "%s%d" % ('knox_test_hive_repo_', time.time())
repo['description'] = 'Knox Test Hive Repo'
repo['version'] = '0.4.0.2.2.2.0-2509'
repo['isActive'] = True
config = {}
config['username'] = '******'
config['password'] = '******'
config['jdbc.driverClassName'] = 'org.apache.hive.jdbc.HiveDriver'
config[
'jdbc.url'] = 'jdbc:hive2://ip-172-31-37-219.ec2.internal:10000/default;principal=hive/[email protected]'
config['commonNameForCertificate'] = ''
config['isencrypted'] = True
repo = Xa.createPolicyRepository(repo, config)
else:
assert len(
repos
) == 1, "Found wrong number of Hive Ranger policy repos. Expected 1, found %d." % len(
repos)
repo = repos[0]
#print "REPO=" + jsonlib.dumps(repo,indent=4)
t = time.time()
policy = {}
policy['repositoryName'] = repo['name']
policy['repositoryType'] = repo['repositoryType']
policy['policyName'] = "%s%s%d" % (repo['name'],
'_open_public_test_policy_', t)
policy['description'] = 'Open Knox Public Test Policy'
policy['databases'] = '*, default'
policy['tables'] = "*,%d" % t
policy['columns'] = "*,%d" % t
policy['isEnabled'] = True
policy['isAuditEnabled'] = True
policy['tableType'] = 'Inclusion'
policy['columnType'] = 'Inclusion'
policy['permMapList'] = {
'groupList': ['public'],
'permList': [
'select', 'update', 'create', 'drop', 'alter', 'index', 'lock',
'all', 'admin'
]
},
#print "CREATE=" + jsonlib.dumps(policy)
result = Xa.createPolicy(policy)
logger.info("setupOpenRangerHivePolicy: %s" % jsonlib.dumps(result))
return result
def setupOpenRangerKnoxPolicy(cls):
logger.info(
"============================== %s.%s ============================="
% (__name__, sys._getframe().f_code.co_name))
logger.info("setupOpenRangerKnoxPolicy: Begin")
repos = Xa.findRepositories(nameRegex="^.*_knox$",
type="Knox",
status=True)
if len(repos) == 0:
repo = {}
repo['repositoryType'] = 'Knox'
repo['name'] = "%s%d" % ('knox_test_knox_repo_', time.time())
repo['description'] = 'Knox Test Knox Repo'
repo['version'] = '0.1.0'
repo['isActive'] = True
config = {}
config['username'] = Knox.getAdminUsername()
config['password'] = Knox.getAdminPassword()
config[
'knox.url'] = 'https://%KNOX_HOST%:8443/gateway/admin/api/v1/topologies'
config['commonNameForCertificate'] = ''
repo = Xa.createPolicyRepository(repo, config)
else:
assert len(
repos
) == 1, "Found wrong number of Knox Ranger policy repos. Expected 1, found %d." % len(
repos)
repo = repos[0]
t = time.time()
policy = {}
policy['repositoryName'] = repo['name']
policy['repositoryType'] = repo['repositoryType']
policy['policyName'] = "%s%s%d" % (repo['name'],
'_open_public_test_policy_', t)
policy['description'] = 'Knox Open Public Test Policy'
policy['topologies'] = "*,%d" % t
policy['services'] = "*,%d" % t
policy['isEnabled'] = True
policy['isRecursive'] = True
policy['isAuditEnabled'] = True
policy['permMapList'] = [{
'groupList': ['public'],
'permList': ['allow']
}]
#print "CREATE=" + jsonlib.dumps(policy)
result = Xa.createPolicy(policy)
#print "CREATED=" + jsonlib.dumps(result)
logger.info("setupOpenRangerKnoxProxy: %s" % jsonlib.dumps(result))
return result
