def verify_Policy_Exists_after_replication(
cls,
servicetype,
verify_from_cluster=source_weburl,
custer_to_verify=target_weburl,
database=None,
path=None,
NoPolicyInTarget=False,
expectedDesc="created by beacon while importing from " +
primaryCluster,
preDenyPolicyStr=primaryCluster + "_beacon deny policy for "):
if Xa.isArgusInstalled() is True:
serviceName = "hadoop" if servicetype == "hdfs" else servicetype
serviceNameOfverify_from_cluster = \
Xa.findRepositories(nameRegex="^.*_" + serviceName + "$", type=servicetype, status=True,
ambariWeburl=verify_from_cluster)[0]['name']
serviceNameOfverify_to_cluster = \
Xa.findRepositories(nameRegex="^.*_" + serviceName + "$", type=servicetype, status=True,
ambariWeburl=custer_to_verify)[0]['name']
logger.info("verifying if policy exist in target cluster")
policies_in_source_Cluster = Xa.getPoliciesForResources(
servicetype,
serviceName=serviceNameOfverify_from_cluster,
ambariWeburl=verify_from_cluster,
database=database,
path=path)
policies_in_target_Cluster = Xa.getPoliciesForResources(
servicetype,
serviceName=serviceNameOfverify_to_cluster,
ambariWeburl=custer_to_verify,
database=database,
path=path)
if NoPolicyInTarget == False:
assert len(policies_in_target_Cluster
) != 0, "make sure policies were imported"
BeaconRanger.setIdOfAllPolicyToZero(
policies_in_source_Cluster, policies_in_target_Cluster,
expectedDesc)
logger.info("set of policies in target cluster: " +
str(policies_in_target_Cluster["policies"]))
for policy in policies_in_source_Cluster["policies"]:
logger.info("policy is " + str(policy))
assert policy in policies_in_target_Cluster["policies"]
logger.info(
"all policies are verified!! now will check for deny policy if it is true"
)
isDenyPolicyTrue = Ambari.getConfig(
'beacon-security-site',
webURL=source_weburl)['beacon.ranger.plugin.create.denypolicy']
all_policies_in_target_Cluster = Xa.getPolicy_api_v2(
servicetype, weburl=target_weburl)
if isDenyPolicyTrue == 'true':
dataset = path if servicetype == "hdfs" else database
BeaconRanger.denyPolicyValidation(
servicetype, dataset, all_policies_in_target_Cluster,
preDenyPolicyStr)
else:
assert len(policies_in_target_Cluster) == len(
policies_in_source_Cluster)
def deleteRangerPolicyBasedOndDatabase(cls,
serviceType,
db,
serviceName=None,
weburl=None,
deleteOnlyDenyPolicies=False):
if serviceName is None:
repos = Xa.findRepositories(nameRegex="^.*_" + serviceType + "$",
type=serviceType,
status=True,
ambariWeburl=weburl)
serviceName = repos[0]['name']
policies_to_delete = Xa.getPoliciesForResources(serviceType,
serviceName,
database=db,
ambariWeburl=weburl)
if policies_to_delete is not None:
for policy in policies_to_delete["policies"]:
if deleteOnlyDenyPolicies == True:
if primaryCluster + "_beacon deny policy for " + db == policy[
"name"]:
Xa.deletePolicy_by_id_api_v2(policy["id"],
weburl=weburl)
break
else:
Xa.deletePolicy_by_id_api_v2(policy["id"], weburl=weburl)
#waiting for policy refresh after policies deletion
time.sleep(30)
