Skip to content

Commit

Permalink
ATLAS-4961: checkstyle compliance updates - atlas-authorization module (
Browse files Browse the repository at this point in the history 
apache#286)
  • Loading branch information
@mneethiraj
mneethiraj authored Feb 13, 2025
1 parent 391ddba commit 7058cb9
Show file tree
Hide file tree
Showing 18 changed files with 389 additions and 446 deletions.
5 changes: 5 additions & 0 deletions authorization/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@

<name>Apache Atlas Authorization</name>

<properties>
<checkstyle.failOnViolation>true</checkstyle.failOnViolation>
<checkstyle.skip>false</checkstyle.skip>
</properties>

<dependencies>

<dependency>
Expand Down
45 changes: 19 additions & 26 deletions authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Expand All @@ -24,8 +24,6 @@
import org.apache.atlas.type.AtlasStructType.AtlasAttribute;
import org.apache.atlas.type.AtlasTypeRegistry;
import org.apache.commons.collections.MapUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.Collections;
import java.util.Date;
Expand All @@ -35,19 +33,16 @@
import java.util.Set;

public class AtlasAccessRequest {
private static Logger LOG = LoggerFactory.getLogger(AtlasAccessRequest.class);

private static final String DEFAULT_ENTITY_ID_ATTRIBUTE = "qualifiedName";

private final AtlasPrivilege action;
private final Date accessTime;
private String user = null;
private Set<String> userGroups = null;
private String clientIPAddress = null;
private String user;
private Set<String> userGroups;
private String clientIPAddress;
private List<String> forwardedAddresses;
private String remoteIPAddress;


protected AtlasAccessRequest(AtlasPrivilege action) {
this(action, null, null, new Date(), null);
}
Expand All @@ -56,11 +51,11 @@ protected AtlasAccessRequest(AtlasPrivilege action, String user, Set<String> use
this(action, user, userGroups, new Date(), null, null, null);
}

protected AtlasAccessRequest(AtlasPrivilege action, String user, Set<String> userGroups, Date accessTime,
String clientIPAddress, List<String> forwardedAddresses, String remoteIPAddress) {
protected AtlasAccessRequest(AtlasPrivilege action, String user, Set<String> userGroups, Date accessTime, String clientIPAddress, List<String> forwardedAddresses, String remoteIPAddress) {
this(action, user, userGroups, accessTime, clientIPAddress);
this.forwardedAddresses = forwardedAddresses;
this.remoteIPAddress = remoteIPAddress;

this.forwardedAddresses = forwardedAddresses;
this.remoteIPAddress = remoteIPAddress;
}

protected AtlasAccessRequest(AtlasPrivilege action, String user, Set<String> userGroups, Date accessTime, String clientIPAddress) {
Expand Down Expand Up @@ -96,22 +91,22 @@ public List<String> getForwardedAddresses() {
return forwardedAddresses;
}

public String getRemoteIPAddress() {
return remoteIPAddress;
}

public String getClientIPAddress() {
return clientIPAddress;
}

public void setForwardedAddresses(List<String> forwardedAddresses) {
this.forwardedAddresses = forwardedAddresses;
}

public String getRemoteIPAddress() {
return remoteIPAddress;
}

public void setRemoteIPAddress(String remoteIPAddress) {
this.remoteIPAddress = remoteIPAddress;
}

public String getClientIPAddress() {
return clientIPAddress;
}

public void setClientIPAddress(String clientIPAddress) {
this.clientIPAddress = clientIPAddress;
}
Expand Down Expand Up @@ -169,7 +164,6 @@ public String getEntityId(AtlasEntityHeader entity, AtlasTypeRegistry typeRegist
break;
}
}

}
}

Expand All @@ -194,10 +188,9 @@ public Set<String> getClassificationNames(AtlasEntityHeader entity) {

@Override
public String toString() {
return "AtlasAccessRequest[" + "action=" + action + ", accessTime=" + accessTime +", user='" + user + '\'' +
return "AtlasAccessRequest[" + "action=" + action + ", accessTime=" + accessTime + ", user='" + user + '\'' +
", userGroups=" + userGroups + ", clientIPAddress='" + clientIPAddress + '\'' +
", forwardedAddresses=" + forwardedAddresses + ", remoteIPAddress='" + remoteIPAddress + '\'' +
']';

}
}
10 changes: 4 additions & 6 deletions authorization/src/main/java/org/apache/atlas/authorize/AtlasAdminAccessRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Expand All @@ -17,11 +17,9 @@
*/
package org.apache.atlas.authorize;


import java.util.Set;

public class AtlasAdminAccessRequest extends AtlasAccessRequest {

public AtlasAdminAccessRequest(AtlasPrivilege action) {
super(action);
}
Expand All @@ -33,7 +31,7 @@ public AtlasAdminAccessRequest(AtlasPrivilege action, String userName, Set<Strin
@Override
public String toString() {
return "AtlasAdminAccessRequest[action=" + getAction() + ", accessTime=" + getAccessTime() + ", user=" + getUser() +
", userGroups=" + getUserGroups() + ", clientIPAddress=" + getClientIPAddress() +
", userGroups=" + getUserGroups() + ", clientIPAddress=" + getClientIPAddress() +
", forwardedAddresses=" + getForwardedAddresses() + ", remoteIPAddress=" + getRemoteIPAddress() + "]";
}
}
9 changes: 4 additions & 5 deletions authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationException.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Expand All @@ -29,8 +29,7 @@ public AtlasAuthorizationException(String message, Throwable exception) {
super(message, exception);
}

public AtlasAuthorizationException(String message, Throwable exception, boolean enableSuppression,
boolean writableStackTrace) {
public AtlasAuthorizationException(String message, Throwable exception, boolean enableSuppression, boolean writableStackTrace) {
super(message, exception, enableSuppression, writableStackTrace);
}

Expand Down
45 changes: 27 additions & 18 deletions authorization/src/main/java/org/apache/atlas/authorize/AtlasAuthorizationUtils.java
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
/**
/**
* /**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Expand All @@ -31,34 +31,39 @@
import org.springframework.security.core.context.SecurityContextHolder;

import javax.servlet.http.HttpServletRequest;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.List;
import java.util.Arrays;
import java.util.Set;

public class AtlasAuthorizationUtils {
private static final Logger LOG = LoggerFactory.getLogger(AtlasAuthorizationUtils.class);

private AtlasAuthorizationUtils() {
// to block instantiation
}

public static void verifyAccess(AtlasAdminAccessRequest request, Object... errorMsgParams) throws AtlasBaseException {
if (! isAccessAllowed(request)) {
if (!isAccessAllowed(request)) {
String message = (errorMsgParams != null && errorMsgParams.length > 0) ? StringUtils.join(errorMsgParams) : "";

throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, request.getUser(), message);
}
}

public static void verifyAccess(AtlasTypeAccessRequest request, Object... errorMsgParams) throws AtlasBaseException {
if (! isAccessAllowed(request)) {
if (!isAccessAllowed(request)) {
String message = (errorMsgParams != null && errorMsgParams.length > 0) ? StringUtils.join(errorMsgParams) : "";

throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, request.getUser(), message);
}
}

public static void verifyAccess(AtlasEntityAccessRequest request, Object... errorMsgParams) throws AtlasBaseException {
if (! isAccessAllowed(request)) {
if (!isAccessAllowed(request)) {
String message = (errorMsgParams != null && errorMsgParams.length > 0) ? StringUtils.join(errorMsgParams) : "";

throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, request.getUser(), message);
Expand All @@ -68,11 +73,12 @@ public static void verifyAccess(AtlasEntityAccessRequest request, Object... erro
public static void verifyAccess(AtlasRelationshipAccessRequest request, Object... errorMsgParams) throws AtlasBaseException {
if (!isAccessAllowed(request)) {
String message = (errorMsgParams != null && errorMsgParams.length > 0) ? StringUtils.join(errorMsgParams) : "";

throw new AtlasBaseException(AtlasErrorCode.UNAUTHORIZED_ACCESS, request.getUser(), message);
}
}

public static void scrubSearchResults(AtlasSearchResultScrubRequest request) throws AtlasBaseException {
public static void scrubSearchResults(AtlasSearchResultScrubRequest request) {
String userName = getCurrentUserName();

if (StringUtils.isNotEmpty(userName)) {
Expand Down Expand Up @@ -105,6 +111,7 @@ public static boolean isAccessAllowed(AtlasAdminAccessRequest request) {
request.setClientIPAddress(RequestContext.get().getClientIPAddress());
request.setForwardedAddresses(RequestContext.get().getForwardedAddresses());
request.setRemoteIPAddress(RequestContext.get().getClientIPAddress());

ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
Expand Down Expand Up @@ -132,6 +139,7 @@ public static boolean isAccessAllowed(AtlasEntityAccessRequest request) {
request.setClientIPAddress(RequestContext.get().getClientIPAddress());
request.setForwardedAddresses(RequestContext.get().getForwardedAddresses());
request.setRemoteIPAddress(RequestContext.get().getClientIPAddress());

ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
Expand Down Expand Up @@ -159,6 +167,7 @@ public static boolean isAccessAllowed(AtlasTypeAccessRequest request) {
request.setClientIPAddress(RequestContext.get().getClientIPAddress());
request.setForwardedAddresses(RequestContext.get().getForwardedAddresses());
request.setRemoteIPAddress(RequestContext.get().getClientIPAddress());

ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
Expand Down Expand Up @@ -186,6 +195,7 @@ public static boolean isAccessAllowed(AtlasRelationshipAccessRequest request) {
request.setClientIPAddress(RequestContext.get().getClientIPAddress());
request.setForwardedAddresses(RequestContext.get().getForwardedAddresses());
request.setRemoteIPAddress(RequestContext.get().getClientIPAddress());

ret = authorizer.isAccessAllowed(request);
} catch (AtlasAuthorizationException e) {
LOG.error("Unable to obtain AtlasAuthorizer", e);
Expand All @@ -200,8 +210,8 @@ public static boolean isAccessAllowed(AtlasRelationshipAccessRequest request) {
}

public static void filterTypesDef(AtlasTypesDefFilterRequest request) {
MetricRecorder metric = RequestContext.get().startMetricRecord("filterTypesDef");
String userName = getCurrentUserName();
MetricRecorder metric = RequestContext.get().startMetricRecord("filterTypesDef");
String userName = getCurrentUserName();

if (StringUtils.isNotEmpty(userName) && !RequestContext.get().isImportInProgress()) {
try {
Expand All @@ -221,13 +231,14 @@ public static void filterTypesDef(AtlasTypesDefFilterRequest request) {
RequestContext.get().endMetricRecord(metric);
}

public static List<String> getForwardedAddressesFromRequest(HttpServletRequest httpServletRequest){
String ipAddress = httpServletRequest.getHeader("X-FORWARDED-FOR");
String[] forwardedAddresses = null ;
public static List<String> getForwardedAddressesFromRequest(HttpServletRequest httpServletRequest) {
String ipAddress = httpServletRequest.getHeader("X-FORWARDED-FOR");
String[] forwardedAddresses = null;

if(!StringUtils.isEmpty(ipAddress)){
if (!StringUtils.isEmpty(ipAddress)) {
forwardedAddresses = ipAddress.split(",");
}

return forwardedAddresses != null ? Arrays.asList(forwardedAddresses) : null;
}

Expand All @@ -245,8 +256,6 @@ public static String getRequestIpAddress(HttpServletRequest httpServletRequest)
return ret;
}



public static String getCurrentUserName() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();

Expand Down
Loading

0 comments on commit 7058cb9

Please sign in to comment.