src/test/feature/Ranger/rangerpolicy.py - hawq - Git at Google

 """
 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements.  See the NOTICE file
 distributed with this work for additional information
 regarding copyright ownership.  The ASF licenses this file
 to you under the Apache License, Version 2.0 (the
 "License"); you may not use this file except in compliance
 with the License.  You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 """

 import sys
 import urllib2, base64
 import json

 from optparse import OptionParser
 from rangerrest import RangerRestHelper


 def foo_callback(option, opt, value, parser):
   setattr(parser.values, option.dest, value.split(','))

 def option_parser():
     '''option parser'''
     parser = OptionParser()
     parser.remove_option('-h')
     parser.add_option('-?', '--help', action='help')
     parser.add_option('-h', '--host', dest="host", help='host of the ranger server', \
                       default='localhost')
     parser.add_option('-p', '--port', dest="port", \
                       help='port of the ranger server', type='int', default=6080)
     parser.add_option('-U', '--rangeruser', dest="rangerusername", default='admin', \
                       help='ranger username')
     parser.add_option('-w', '--rangerpassword', dest="rangerpassword", \
                       default='admin', help='ranger password')
     parser.add_option('-d', '--detelepolicy', dest="deletedpolicyname",\
                       default= '', help='delete a policy in ranger')
     parser.add_option('-a', '--addpolicy', dest="newpolicyfilename", \
                       default = '', help='add a policy in ranger by json file')
     return parser

 def create_policy(policy_json_file_name, rangerhelper):
     if policy_json_file_name != '':
         jsonfile = open(policy_json_file_name, "r")
         json_decode=json.load(jsonfile)
         policyname = json_decode['name']
         #print json_decode
         response, is_success = rangerhelper.create_policy(json.dumps(json_decode))

         # is there is a duplicate policy error, we try to update policy.
         if is_success == False:
             #get duplicate policy name
             policy_start_pos = response.find("policy-name=[")
             response = response[policy_start_pos+13:]
             policy_end_pos = response.find("], service=[")
             dup_policy_name = response[0:policy_end_pos]

             #get duplicate policy and add privilege item.
             service_name = 'hawq'
             print "find duplicate policy, try to update [%s]" % (dup_policy_name)
             response, is_success = rangerhelper.get_policy(service_name, dup_policy_name)
             if is_success:
                 response_dict = json.load(response)
                 for new_policy_item in json_decode['policyItems']:
                     response_dict["policyItems"].append(new_policy_item)
                 for new_policy_item in json_decode['denyPolicyItems']:
                     response_dict["denyPolicyItems"].append(new_policy_item)
                 for new_policy_item in json_decode['allowExceptions']:
                     response_dict["allowExceptions"].append(new_policy_item)
                 for new_policy_item in json_decode['denyExceptions']:
                     response_dict["denyExceptions"].append(new_policy_item)
                 response, is_success = rangerhelper.update_policy(service_name, dup_policy_name, \
                     json.dumps(response_dict))
             else:
                 return policyname, False

         return policyname, is_success

 def delete_policy(delete_policy_name, rangerhelper):
     response, is_success = rangerhelper.delete_policy("hawq", delete_policy_name)
     return is_success


 if __name__ == '__main__':
     #parse argument
     parser = option_parser()
     (options, args) = parser.parse_args()
     rangeruser = options.rangerusername
     rangerpasswd= options.rangerpassword
     host = options.host
     port = str(options.port)
     new_policy_json_file_name = options.newpolicyfilename
     delete_policy_name = options.deletedpolicyname

     #init rangerresthelper
     helper = RangerRestHelper(host, port, rangeruser, rangerpasswd)

     if new_policy_json_file_name != "":
         policyname, is_success = create_policy(new_policy_json_file_name, helper)
         if is_success:
             print "policy {} created".format(policyname)
         else:
             print "policy {} create failed".format(policyname)
             sys.exit(-1)

     if delete_policy_name != "":
         is_success = delete_policy(delete_policy_name, helper)
         if is_success:
             print "policy {} deleted".format(delete_policy_name)
         else:
             print "policy {} delete failed".format(delete_policy_name)
             sys.exit(-1)

     sys.exit(0)
	"""
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	"""

	import sys
	import urllib2, base64
	import json

	from optparse import OptionParser
	from rangerrest import RangerRestHelper


	def foo_callback(option, opt, value, parser):
	setattr(parser.values, option.dest, value.split(','))

	def option_parser():
	'''option parser'''
	parser = OptionParser()
	parser.remove_option('-h')
	parser.add_option('-?', '--help', action='help')
	parser.add_option('-h', '--host', dest="host", help='host of the ranger server', \
	default='localhost')
	parser.add_option('-p', '--port', dest="port", \
	help='port of the ranger server', type='int', default=6080)
	parser.add_option('-U', '--rangeruser', dest="rangerusername", default='admin', \
	help='ranger username')
	parser.add_option('-w', '--rangerpassword', dest="rangerpassword", \
	default='admin', help='ranger password')
	parser.add_option('-d', '--detelepolicy', dest="deletedpolicyname",\
	default= '', help='delete a policy in ranger')
	parser.add_option('-a', '--addpolicy', dest="newpolicyfilename", \
	default = '', help='add a policy in ranger by json file')
	return parser

	def create_policy(policy_json_file_name, rangerhelper):
	if policy_json_file_name != '':
	jsonfile = open(policy_json_file_name, "r")
	json_decode=json.load(jsonfile)
	policyname = json_decode['name']
	#print json_decode
	response, is_success = rangerhelper.create_policy(json.dumps(json_decode))

	# is there is a duplicate policy error, we try to update policy.
	if is_success == False:
	#get duplicate policy name
	policy_start_pos = response.find("policy-name=[")
	response = response[policy_start_pos+13:]
	policy_end_pos = response.find("], service=[")
	dup_policy_name = response[0:policy_end_pos]

	#get duplicate policy and add privilege item.
	service_name = 'hawq'
	print "find duplicate policy, try to update [%s]" % (dup_policy_name)
	response, is_success = rangerhelper.get_policy(service_name, dup_policy_name)
	if is_success:
	response_dict = json.load(response)
	for new_policy_item in json_decode['policyItems']:
	response_dict["policyItems"].append(new_policy_item)
	for new_policy_item in json_decode['denyPolicyItems']:
	response_dict["denyPolicyItems"].append(new_policy_item)
	for new_policy_item in json_decode['allowExceptions']:
	response_dict["allowExceptions"].append(new_policy_item)
	for new_policy_item in json_decode['denyExceptions']:
	response_dict["denyExceptions"].append(new_policy_item)
	response, is_success = rangerhelper.update_policy(service_name, dup_policy_name, \
	json.dumps(response_dict))
	else:
	return policyname, False

	return policyname, is_success

	def delete_policy(delete_policy_name, rangerhelper):
	response, is_success = rangerhelper.delete_policy("hawq", delete_policy_name)
	return is_success


	if __name__ == '__main__':
	#parse argument
	parser = option_parser()
	(options, args) = parser.parse_args()
	rangeruser = options.rangerusername
	rangerpasswd= options.rangerpassword
	host = options.host
	port = str(options.port)
	new_policy_json_file_name = options.newpolicyfilename
	delete_policy_name = options.deletedpolicyname

	#init rangerresthelper
	helper = RangerRestHelper(host, port, rangeruser, rangerpasswd)

	if new_policy_json_file_name != "":
	policyname, is_success = create_policy(new_policy_json_file_name, helper)
	if is_success:
	print "policy {} created".format(policyname)
	else:
	print "policy {} create failed".format(policyname)
	sys.exit(-1)

	if delete_policy_name != "":
	is_success = delete_policy(delete_policy_name, helper)
	if is_success:
	print "policy {} deleted".format(delete_policy_name)
	else:
	print "policy {} delete failed".format(delete_policy_name)
	sys.exit(-1)

	sys.exit(0)