def setupOpenRangerHivePolicy(cls): logger.info( "============================== %s.%s =============================" % (__name__, sys._getframe().f_code.co_name)) logger.info("setupOpenRangerHivePolicy: Begin") repos = Xa.findRepositories(nameRegex="^.*_hive$", type="Hive", status=True) if len(repos) == 0: repo = {} repo['repositoryType'] = 'Hive' repo['name'] = "%s%d" % ('knox_test_hive_repo_', time.time()) repo['description'] = 'Knox Test Hive Repo' repo['version'] = '0.4.0.2.2.2.0-2509' repo['isActive'] = True config = {} config['username'] = '******' config['password'] = '******' config['jdbc.driverClassName'] = 'org.apache.hive.jdbc.HiveDriver' config[ 'jdbc.url'] = 'jdbc:hive2://ip-172-31-37-219.ec2.internal:10000/default;principal=hive/[email protected]' config['commonNameForCertificate'] = '' config['isencrypted'] = True repo = Xa.createPolicyRepository(repo, config) else: assert len( repos ) == 1, "Found wrong number of Hive Ranger policy repos. Expected 1, found %d." % len( repos) repo = repos[0] #print "REPO=" + jsonlib.dumps(repo,indent=4) t = time.time() policy = {} policy['repositoryName'] = repo['name'] policy['repositoryType'] = repo['repositoryType'] policy['policyName'] = "%s%s%d" % (repo['name'], '_open_public_test_policy_', t) policy['description'] = 'Open Knox Public Test Policy' policy['databases'] = '*, default' policy['tables'] = "*,%d" % t policy['columns'] = "*,%d" % t policy['isEnabled'] = True policy['isAuditEnabled'] = True policy['tableType'] = 'Inclusion' policy['columnType'] = 'Inclusion' policy['permMapList'] = { 'groupList': ['public'], 'permList': [ 'select', 'update', 'create', 'drop', 'alter', 'index', 'lock', 'all', 'admin' ] }, #print "CREATE=" + jsonlib.dumps(policy) result = Xa.createPolicy(policy) logger.info("setupOpenRangerHivePolicy: %s" % jsonlib.dumps(result)) return result
def setupOpenRangerKnoxPolicy(cls): logger.info( "============================== %s.%s =============================" % (__name__, sys._getframe().f_code.co_name)) logger.info("setupOpenRangerKnoxPolicy: Begin") repos = Xa.findRepositories(nameRegex="^.*_knox$", type="Knox", status=True) if len(repos) == 0: repo = {} repo['repositoryType'] = 'Knox' repo['name'] = "%s%d" % ('knox_test_knox_repo_', time.time()) repo['description'] = 'Knox Test Knox Repo' repo['version'] = '0.1.0' repo['isActive'] = True config = {} config['username'] = Knox.getAdminUsername() config['password'] = Knox.getAdminPassword() config[ 'knox.url'] = 'https://%KNOX_HOST%:8443/gateway/admin/api/v1/topologies' config['commonNameForCertificate'] = '' repo = Xa.createPolicyRepository(repo, config) else: assert len( repos ) == 1, "Found wrong number of Knox Ranger policy repos. Expected 1, found %d." % len( repos) repo = repos[0] t = time.time() policy = {} policy['repositoryName'] = repo['name'] policy['repositoryType'] = repo['repositoryType'] policy['policyName'] = "%s%s%d" % (repo['name'], '_open_public_test_policy_', t) policy['description'] = 'Knox Open Public Test Policy' policy['topologies'] = "*,%d" % t policy['services'] = "*,%d" % t policy['isEnabled'] = True policy['isRecursive'] = True policy['isAuditEnabled'] = True policy['permMapList'] = [{ 'groupList': ['public'], 'permList': ['allow'] }] #print "CREATE=" + jsonlib.dumps(policy) result = Xa.createPolicy(policy) #print "CREATED=" + jsonlib.dumps(result) logger.info("setupOpenRangerKnoxProxy: %s" % jsonlib.dumps(result)) return result