RANGER-4648: updated GDS validation for name length
Signed-off-by: Madhan Neethiraj <madhan@apache.org>
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
index 38b302e..dccd8f4 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/errors/ValidationErrorCode.java
@@ -66,7 +66,7 @@
SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_INVALID_DEFAULT_INDEX(2019, "default index[{0}] for enum [{1}] is invalid"),
SERVICE_DEF_VALIDATION_ERR_ENUM_DEF_NULL_ENUM_ELEMENT(2020, "An enum element in enum element collection of enum [{0}] is null"),
SERVICE_DEF_VALIDATION_ERR_INVALID_SERVICE_RESOURCE_LEVELS(2021, "Resource-def levels are not in increasing order in an hierarchy"),
- SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid resource name. Resource name should consist of only lowercase, hyphen or underscore characters"),
+ SERVICE_DEF_VALIDATION_ERR_NOT_LOWERCASE_NAME(2022, "{0}:[{1}] Invalid resource name. Resource name should consist of only lowercase, hyphen or underscore characters"),
SERVICE_DEF_VALIDATION_ERR_INVALID_MANADORY_VALUE_FOR_SERVICE_RESOURCE(2023, "{0} cannot be mandatory because {1}(parent) is not mandatory"),
// POLICY VALIDATION
@@ -164,6 +164,9 @@
GDS_VALIDATION_ERR_UPDATE_IMMUTABLE_FIELD(4126, "[{0}] can't be updated"),
GDS_VALIDATION_ERR_DATASET_IN_PROJECT_ID_NOT_FOUND(4127, "Dataset-in-project with ID [{0}] does not exist"),
GDS_VALIDATION_ERR_SHARED_RESOURCE_CONFLICT(4128, "Shared resource with resources [{0}] already exists for data share [{1}]"),
+ GDS_DATASET_NAME_TOO_LONG(4129, "Invalid dataset name=[{0}]. Dataset name should not be longer than 512 characters"),
+ GDS_DATASHARE_NAME_TOO_LONG(4130, "Invalid datashare name=[{0}]. Datashare name should not be longer than 512 characters"),
+ GDS_PROJECT_NAME_TOO_LONG(4131, "Invalid project name=[{0}]. Project name should not be longer than 512 characters"),
;
diff --git a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
index 27e7cc1..6efe9f4 100755
--- a/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
+++ b/security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
@@ -53,6 +53,8 @@
private final RangerGdsValidationDataProvider dataProvider;
+ public static final Integer GDS_ENTITIES_NAME_MAX_LENGTH = 512;
+
@Autowired
RESTErrorUtil restErrorUtil;
@@ -70,6 +72,10 @@
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT, "name", dataset.getName(), existing));
}
+ if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name", dataset.getName()));
+ }
+
validateAcl(dataset.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -98,6 +104,10 @@
if (existingDatasetNameId != null) {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATASET_NAME_CONFLICT, "name", dataset.getName(), existingDatasetNameId));
}
+
+ if (dataset.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASET_NAME_TOO_LONG, "name", dataset.getName()));
+ }
}
}
@@ -136,6 +146,10 @@
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT, "name", project.getName(), existing));
}
+ if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name", project.getName()));
+ }
+
validateAcl(project.getAcl(), "acl", result);
if (!result.isSuccess()) {
@@ -164,6 +178,10 @@
if (existingProjectNameId != null) {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_PROJECT_NAME_CONFLICT, "name", project.getName(), existingProjectNameId));
}
+
+ if (project.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_PROJECT_NAME_TOO_LONG, "name", project.getName()));
+ }
}
}
@@ -202,6 +220,10 @@
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT, "name", dataShare.getName(), existing));
}
+ if (dataShare.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG, "name", dataShare.getName()));
+ }
+
validateServiceZoneAdmin(dataShare.getService(), dataShare.getZone(), result);
validateAcl(dataShare.getAcl(), "acl", result);
@@ -236,6 +258,10 @@
if (existingDataShareNameId != null) {
result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_VALIDATION_ERR_DATA_SHARE_NAME_CONFLICT, "name", dataShare.getName(), existingDataShareNameId));
}
+
+ if (dataShare.getName().length() > GDS_ENTITIES_NAME_MAX_LENGTH) {
+ result.addValidationFailure(new ValidationFailureDetails(ValidationErrorCode.GDS_DATASHARE_NAME_TOO_LONG, "name", dataShare.getName()));
+ }
}
}
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
index 6f15af0..7851e7c 100755
--- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/AddDatasetView.jsx
@@ -149,6 +149,11 @@
toast.error("Dataset name cannot be empty!!");
return;
}
+ else if (datasetName.length>512)
+ {
+ toast.error("Dataset name must not exceed 512 characters!!");
+ return;
+ }
setSaveButtonText("Continue");
setStep(step + 1);
}
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
index cba038c..a8857e0 100755
--- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Dataset/DatasetDetailLayout.jsx
@@ -1500,16 +1500,27 @@
</Button>
<Button
variant="primary"
- onClick={
- activeKey == "accessGrants" &&
- accessGrantFormValues != undefined &&
- datasetNameEditable
- ? updateDatasetAndAccessGrant
- : activeKey != "accessGrants" ||
- (activeKey == "accessGrants" && datasetNameEditable)
- ? updateDatasetDetails
- : updateDatasetAccessGrant
- }
+ onClick={() => {
+ if(datasetName.length > 512) {
+ toast.error('Dataset name must be 512 characters or less');
+ }
+ else {
+ if (
+ activeKey === 'accessGrants' &&
+ accessGrantFormValues !== undefined &&
+ datasetNameEditable
+ ) {
+ updateDatasetAndAccessGrant();
+ } else if (
+ activeKey !== 'accessGrants' ||
+ (activeKey === 'accessGrants' && datasetNameEditable)
+ ) {
+ updateDatasetDetails();
+ } else {
+ updateDatasetAccessGrant();
+ }
+ }
+ }}
size="sm"
data-id="save"
data-cy="save"
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
index 4306864..4a835c5 100755
--- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/AddDatashareView.jsx
@@ -177,6 +177,10 @@
if (datashareName == undefined) {
toast.error("Please add Datashare Name");
return;
+ } else if (datashareName.length>512)
+ {
+ toast.error("DataShare Name must not exceed 512 characters");
+ return;
} else if (selectedService == undefined) {
toast.error("Please add Service Name");
return;
diff --git a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
index dfa3d40..b6c83c9 100755
--- a/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
+++ b/security-admin/src/main/webapp/react-webapp/src/views/GovernedData/Datashare/DatashareDetailLayout.jsx
@@ -553,6 +553,12 @@
datashareInfo.conditionExpr = datashareConditionExpr;
datashareInfo.defaultAccessTypes = [];
+ if(datashareName.length>512)
+ {
+ toast.error("Datashare name must be 512 characters or less!");
+ return;
+ }
+
accessType?.forEach((access) =>
datashareInfo.defaultAccessTypes.push(access.value)
);
