Documentation
¶
Overview ¶
Package ranger @author: Violet-Eva @date : 2024/11/25 @notes :
Package ranger @author: Violet-Eva @date : 2024/11/25 @notes :
Package ranger @author: Violet-Eva @date : 2024/11/22 @notes :
Index ¶
- func GetXUsersId(userName string) int
- type Accesses
- type AllowExceptions
- type Authorize
- type BucketResource
- type ColumnResource
- type Conditions
- type DataMaskInfo
- type DataMaskPolicyItems
- type DatabaseResource
- type DenyExceptions
- type DenyPolicyItems
- type GlobalResource
- type HiveServiceResource
- type KeyNameResource
- type MountPointResource
- type ObjectType
- type PathResource
- type PluginsDefinitions
- type PolicyBody
- type PolicyItems
- type QueueResource
- type Ranger
- func (r *Ranger) AccessParse(st ServiceType, filters ...func([]Authorize) []Authorize) ([]Authorize, error)
- func (r *Ranger) AccessParseByPolicyBody(policyBodies []PolicyBody, filters ...func([]Authorize) []Authorize) ([]Authorize, error)
- func (r *Ranger) ChangePassword(userId int, newPassword string) (vxUser VXUser, err error)
- func (r *Ranger) GetPolicy(serviceTypeNames ...string) error
- func (r *Ranger) GetPolicyById(ids ...int) (pbs []PolicyBody, err error)
- func (r *Ranger) GetServiceDefs() error
- func (r *Ranger) GetXUsers() error
- func (r *Ranger) Request(method string, Api string, body []byte) (*http.Response, error)
- func (r *Ranger) RequestToStruct(method string, Api string, body []byte, data any) error
- type Resource
- type RowFilterPolicyItems
- type ServiceDef
- type ServiceType
- type ServiceTypeId
- type TableResource
- type UDFResource
- type URLResource
- type VXUser
- type ValiditySchedules
- type XUsers
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetXUsersId ¶
Types ¶
type AllowExceptions ¶
type AllowExceptions struct {
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
AllowExceptions @Description: 除外授权
type Authorize ¶
type Authorize struct {
PolicyId int `json:"policy_id"`
PolicyName string `json:"policy_name"`
PermissionType string `json:"permission_type"`
Permission []string `json:"permission"`
ObjectType string `json:"object_type"`
ObjectName string `json:"object_name"`
ObjectDBName string `json:"object_db_name"`
ObjectTBLName string `json:"object_tbl_name"`
ObjectColumnName []string `json:"object_column"`
ObjectRestriction []string `json:"object_restriction"`
GranteeType string `json:"grantee_type"`
Grantee string `json:"grantee"`
IsEnable bool `json:"is_enable"`
IsOverride bool `json:"is_override"`
// ValiditySchedules
// @Description: startTime~endTime~timeZone 2006-01-02 15:04:05~2006-01-03 15:04:05~Asia/Shanghai
ValiditySchedules []string `json:"validity_schedules"`
Status bool `json:"status"`
}
type BucketResource ¶
type ColumnResource ¶
type Conditions ¶
Conditions @Description: 用户自定义限制规则
type DataMaskInfo ¶
type DataMaskInfo struct {
ConditionExpr string `json:"conditionExpr"`
DataMaskType string `json:"dataMaskType"`
ValueExpr string `json:"valueExpr"`
}
DataMaskInfo @Description: 加密解密相关权限
type DataMaskPolicyItems ¶
type DataMaskPolicyItems struct {
DataMaskInfo DataMaskInfo `json:"dataMaskInfo"`
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
DataMaskPolicyItems @Description: 加密 & 授予解密权限
type DatabaseResource ¶
type DenyExceptions ¶
type DenyExceptions struct {
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
DenyExceptions @Description: 除外回收权限
type DenyPolicyItems ¶
type DenyPolicyItems struct {
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
DenyPolicyItems @Description: 回收权限
type GlobalResource ¶
type HiveServiceResource ¶
type KeyNameResource ¶
type MountPointResource ¶
type ObjectType ¶
type ObjectType int
const ( HiveService ObjectType = iota Url GlobalUdf Udf Database Table Column Masking RowFilter Hdfs Yarn Cos Chdfs )
func (ObjectType) String ¶
func (ot ObjectType) String() string
type PathResource ¶
type PluginsDefinitions ¶
type PolicyBody ¶
type PolicyBody struct {
Id int `json:"id"`
Guid string `json:"guid"`
IsEnabled bool `json:"isEnabled"`
Version int `json:"version"`
Service string `json:"service"`
Name string `json:"name"`
PolicyType int `json:"policyType"`
// PolicyPriority
// @Description: 0 normal 1 overrides
PolicyPriority int `json:"policyPriority"`
Description string `json:"description"`
IsAuditEnabled bool `json:"isAuditEnabled"`
Resources Resource `json:"resources"`
PolicyItems []PolicyItems `json:"policyItems,omitempty"`
DenyPolicyItems []DenyPolicyItems `json:"denyPolicyItems,omitempty"`
// IsDenyAllElse
// @Description: 拒绝所有其他访问
IsDenyAllElse bool `json:"isDenyAllElse"`
AllowExceptions []AllowExceptions `json:"allowExceptions,omitempty"`
DenyExceptions []DenyExceptions `json:"denyExceptions,omitempty"`
// DataMaskPolicyItems
// @Description: 加密解密时单独使用
DataMaskPolicyItems []DataMaskPolicyItems `json:"dataMaskPolicyItems,omitempty"`
// RowFilterPolicyItems
// @Description: 行加密单独使用
RowFilterPolicyItems []RowFilterPolicyItems `json:"rowFilterPolicyItems,omitempty"`
ServiceType string `json:"serviceType"`
Options struct {
// PolicyValiditySchedules
// @Description: 根据有效时间自动生成
PolicyValiditySchedules string `json:"POLICY_VALIDITY_SCHEDULES,omitempty"`
} `json:"options"`
ValiditySchedules []ValiditySchedules `json:"validitySchedules,omitempty"`
PolicyLabels []string `json:"policyLabels"`
ZoneName string `json:"zoneName"`
}
PolicyBody @Description: ranger policy 和 hdfs hive yarn cos service 相关的 body
type PolicyItems ¶
type PolicyItems struct {
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
PolicyItems @Description: 授权
type QueueResource ¶
type Ranger ¶
type Ranger struct {
Host string `json:"host"`
Port int `json:"port"`
ApiPath string `json:"apiPath"`
Proxy string `json:"proxy"`
UserName string `json:"userName"`
PassWord string `json:"password"`
Headers map[string]string `json:"headers"`
ServiceTypeIds []ServiceTypeId `json:"serviceTypeIds"`
ServiceDefs []ServiceDef `json:"serviceDefs"`
ServicePolicyBodies map[string][]PolicyBody `json:"service_policy_bodies"`
VXUsers []VXUser `json:"users"`
}
func NewRangerAll ¶
func (*Ranger) AccessParse ¶
func (*Ranger) AccessParseByPolicyBody ¶
func (*Ranger) ChangePassword ¶
func (*Ranger) GetPolicyById ¶
func (r *Ranger) GetPolicyById(ids ...int) (pbs []PolicyBody, err error)
func (*Ranger) GetServiceDefs ¶
type Resource ¶
type Resource struct {
// hive service 相关
Database DatabaseResource `json:"database,omitempty"`
Table TableResource `json:"table,omitempty"`
Column ColumnResource `json:"column,omitempty"`
Global GlobalResource `json:"global,omitempty"`
HiveService HiveServiceResource `json:"hiveservice,omitempty"`
Udf UDFResource `json:"udf,omitempty"`
Url URLResource `json:"url,omitempty"`
// cos & hdfs & chdfs service 相关
Bucket BucketResource `json:"bucket,omitempty"`
MountPoint MountPointResource `json:"mountpoint,omitempty"`
Path PathResource `json:"path,omitempty"`
// yarn service 相关
Queue QueueResource `json:"queue,omitempty"`
// kms service 相关
KeyName KeyNameResource `json:"keyname,omitempty"`
}
type RowFilterPolicyItems ¶
type RowFilterPolicyItems struct {
RowFilterInfo struct {
FilterExpr string `json:"filterExpr"`
} `json:"rowFilterInfo"`
Users []string `json:"users"`
Accesses []Accesses `json:"accesses"`
Groups []string `json:"groups"`
Roles []string `json:"roles"`
Conditions []Conditions `json:"conditions"`
DelegateAdmin bool `json:"delegateAdmin"`
}
RowFilterPolicyItems @Description: 行级过滤限制
type ServiceDef ¶
type ServiceDef struct {
Id int `json:"id"`
Guid string `json:"guid"`
IsEnabled bool `json:"isEnabled"`
CreateTime int64 `json:"createTime"`
UpdateTime int64 `json:"updateTime"`
Version int `json:"version"`
Name string `json:"name"`
DisplayName string `json:"displayName"`
ImplClass string `json:"implClass"`
Label string `json:"label"`
Description string `json:"description"`
Options struct {
EnableDenyAndExceptionsInPolicies string `json:"enableDenyAndExceptionsInPolicies"`
UiPages string `json:"ui.pages,omitempty"`
} `json:"options"`
Configs []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Type string `json:"type"`
SubType string `json:"subType,omitempty"`
Mandatory bool `json:"mandatory"`
ValidationRegEx string `json:"validationRegEx,omitempty"`
ValidationMessage string `json:"validationMessage,omitempty"`
UiHint string `json:"uiHint,omitempty"`
Label string `json:"label,omitempty"`
DefaultValue string `json:"defaultValue,omitempty"`
} `json:"configs"`
Resources []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Type string `json:"type"`
Level int `json:"level"`
Mandatory bool `json:"mandatory"`
LookupSupported bool `json:"lookupSupported"`
RecursiveSupported bool `json:"recursiveSupported"`
ExcludesSupported bool `json:"excludesSupported"`
Matcher string `json:"matcher,omitempty"`
MatcherOptions struct {
WildCard string `json:"wildCard,omitempty"`
IgnoreCase string `json:"ignoreCase,omitempty"`
PathSeparatorChar string `json:"pathSeparatorChar,omitempty"`
} `json:"matcherOptions"`
ValidationRegEx string `json:"validationRegEx,omitempty"`
ValidationMessage string `json:"validationMessage,omitempty"`
UiHint string `json:"uiHint,omitempty"`
Label string `json:"label"`
Description string `json:"description"`
AccessTypeRestrictions []string `json:"accessTypeRestrictions"`
IsValidLeaf bool `json:"isValidLeaf"`
Parent string `json:"parent,omitempty"`
} `json:"resources"`
AccessTypes []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Label string `json:"label"`
ImpliedGrants []string `json:"impliedGrants"`
} `json:"accessTypes"`
PolicyConditions []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Evaluator string `json:"evaluator"`
EvaluatorOptions struct {
ScriptTemplate string `json:"scriptTemplate,omitempty"`
EngineName string `json:"engineName,omitempty"`
UiIsMultiline string `json:"ui.isMultiline,omitempty"`
} `json:"evaluatorOptions"`
ValidationRegEx string `json:"validationRegEx,omitempty"`
ValidationMessage string `json:"validationMessage,omitempty"`
UiHint string `json:"uiHint,omitempty"`
Label string `json:"label"`
Description string `json:"description"`
} `json:"policyConditions"`
ContextEnrichers []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Enricher string `json:"enricher"`
EnricherOptions struct {
TagRetrieverClassName string `json:"tagRetrieverClassName"`
TagRefresherPollingInterval string `json:"tagRefresherPollingInterval"`
} `json:"enricherOptions"`
} `json:"contextEnrichers"`
Enums []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Elements []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Label string `json:"label"`
} `json:"elements"`
DefaultIndex int `json:"defaultIndex"`
} `json:"enums"`
DataMaskDef struct {
MaskTypes []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Label string `json:"label"`
Description string `json:"description"`
Transformer string `json:"transformer,omitempty"`
DataMaskOptions struct {
} `json:"dataMaskOptions"`
} `json:"maskTypes"`
AccessTypes []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Label string `json:"label"`
ImpliedGrants []interface{} `json:"impliedGrants"`
} `json:"accessTypes"`
Resources []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Type string `json:"type"`
Level int `json:"level"`
Mandatory bool `json:"mandatory"`
LookupSupported bool `json:"lookupSupported"`
RecursiveSupported bool `json:"recursiveSupported"`
ExcludesSupported bool `json:"excludesSupported"`
Matcher string `json:"matcher"`
MatcherOptions struct {
WildCard string `json:"wildCard"`
IgnoreCase string `json:"ignoreCase"`
IsValidLeaf string `json:"__isValidLeaf,omitempty"`
AccessTypeRestrictions string `json:"__accessTypeRestrictions,omitempty"`
} `json:"matcherOptions"`
ValidationRegEx string `json:"validationRegEx"`
ValidationMessage string `json:"validationMessage"`
UiHint string `json:"uiHint"`
Label string `json:"label"`
Description string `json:"description"`
AccessTypeRestrictions []string `json:"accessTypeRestrictions"`
IsValidLeaf bool `json:"isValidLeaf"`
Parent string `json:"parent,omitempty"`
} `json:"resources"`
} `json:"dataMaskDef"`
RowFilterDef struct {
AccessTypes []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Label string `json:"label"`
ImpliedGrants []interface{} `json:"impliedGrants"`
} `json:"accessTypes"`
Resources []struct {
ItemId int `json:"itemId"`
Name string `json:"name"`
Type string `json:"type"`
Level int `json:"level"`
Mandatory bool `json:"mandatory"`
LookupSupported bool `json:"lookupSupported"`
RecursiveSupported bool `json:"recursiveSupported"`
ExcludesSupported bool `json:"excludesSupported"`
Matcher string `json:"matcher"`
MatcherOptions struct {
WildCard string `json:"wildCard"`
IgnoreCase string `json:"ignoreCase"`
} `json:"matcherOptions"`
ValidationRegEx string `json:"validationRegEx"`
ValidationMessage string `json:"validationMessage"`
UiHint string `json:"uiHint"`
Label string `json:"label"`
Description string `json:"description"`
AccessTypeRestrictions []string `json:"accessTypeRestrictions"`
IsValidLeaf bool `json:"isValidLeaf"`
Parent string `json:"parent,omitempty"`
} `json:"resources"`
} `json:"rowFilterDef"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
}
type ServiceType ¶
type ServiceType int
const ( HiveServiceType ServiceType = iota HdfsServiceType CosServiceType YarnServiceType ChdfsServiceType )
func (ServiceType) String ¶
func (st ServiceType) String() string
type ServiceTypeId ¶
type ServiceTypeId struct {
ServiceType ServiceType `json:"serviceType"`
ServiceTypeId int `json:"serviceTypeId"`
}
type TableResource ¶
type UDFResource ¶
type URLResource ¶
type VXUser ¶
type VXUser struct {
Id int `json:"id"`
CreateDate time.Time `json:"createDate"`
UpdateDate time.Time `json:"updateDate"`
EmailAddress string `json:"emailAddress,omitempty"`
Owner string `json:"owner,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
Name string `json:"name"`
Password string `json:"password,omitempty"`
Description string `json:"description"`
GroupIdList []int `json:"groupIdList"`
GroupNameList []string `json:"groupNameList"`
Status int `json:"status"`
IsVisible int `json:"isVisible"`
UserSource int `json:"userSource"`
UserRoleList []string `json:"userRoleList"`
OtherAttributes string `json:"otherAttributes,omitempty"`
SyncSource string `json:"syncSource,omitempty"`
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
}
type ValiditySchedules ¶
type ValiditySchedules struct {
StartTime string `json:"startTime"`
EndTime string `json:"endTime"`
TimeZone string `json:"timeZone"`
Recurrences []struct {
Interval struct {
} `json:"interval"`
Schedule struct {
} `json:"schedule"`
} `json:"recurrences"`
}
ValiditySchedules @Description: 有效时间
Source Files
Click to show internal directories.
Click to hide internal directories.