Repository: ambari Updated Branches: refs/heads/trunk 37af1f039 -> 82ccf224f
AMBARI-16866. View Config-Non remote user able to edit queue settings in remote capacity schedular view.(Gaurav Nagar via pallavkul) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/82ccf224 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/82ccf224 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/82ccf224 Branch: refs/heads/trunk Commit: 82ccf224f0142b0b63c13e6ac0d58d45f55dd5ab Parents: 37af1f0 Author: Pallav Kulshreshtha <[email protected]> Authored: Fri May 27 17:34:02 2016 +0530 Committer: Pallav Kulshreshtha <[email protected]> Committed: Fri May 27 17:34:02 2016 +0530 ---------------------------------------------------------------------- .../capacityscheduler/ConfigurationService.java | 41 ++++++++++---------- .../ambari/view/utils/ambari/AmbariApi.java | 5 +-- 2 files changed, 23 insertions(+), 23 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/82ccf224/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java ---------------------------------------------------------------------- diff --git a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java index 41f27c7..42076fe 100644 --- a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java +++ b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java @@ -18,6 +18,7 @@ package org.apache.ambari.view.capacityscheduler; +import org.apache.ambari.view.AmbariHttpException; import org.apache.ambari.view.ViewContext; import org.apache.ambari.view.capacityscheduler.utils.MisconfigurationFormattedException; import org.apache.ambari.view.capacityscheduler.utils.ServiceFormattedException; @@ -105,8 +106,8 @@ public class ConfigurationService { // Privilege Reading // ================================================================================ - private static final String CLUSTER_OPERATOR_PRIVILEGE_URL = "?privileges/PrivilegeInfo/permission_name=CLUSTER.ADMINISTRATOR&privileges/PrivilegeInfo/principal_name=%s"; - private static final String AMBARI_ADMIN_PRIVILEGE_URL = "/api/v1/users/%s?Users/admin=true"; + private static final String AMBARI_OR_CLUSTER_ADMIN_PRIVILEGE_URL = "/api/v1/users/%s?privileges/PrivilegeInfo/permission_name=AMBARI.ADMINISTRATOR|" + + "(privileges/PrivilegeInfo/permission_name.in(CLUSTER.ADMINISTRATOR,CLUSTER.OPERATOR)&privileges/PrivilegeInfo/cluster_name=%s)"; /** * Gets capacity scheduler configuration. @@ -256,26 +257,26 @@ public class ConfigurationService { * * @return if <code>true</code>, the user is an operator; otherwise <code>false</code> */ - private boolean isOperator() { - - // first check if the user is an CLUSTER.ADMINISTRATOR - String url = String.format(CLUSTER_OPERATOR_PRIVILEGE_URL, context.getUsername()); - JSONObject json = readFromCluster(url); - - if (json == null || json.size() <= 0) { - // user is not a CLUSTER.ADMINISTRATOR but might be an AMBARI.ADMINISTRATOR - url = String.format(AMBARI_ADMIN_PRIVILEGE_URL, context.getUsername()); - String response = ambariApi.readFromAmbari(url, "GET", null, null); - if (response == null || response.isEmpty()) { - return false; - } - json = getJsonObject(response); - if (json == null || json.size() <= 0) { - return false; + private boolean isOperator() { + + String url = String.format(AMBARI_OR_CLUSTER_ADMIN_PRIVILEGE_URL, context.getUsername(), context.getCluster().getName()); + + try { + String response = ambariApi.readFromAmbari(url, "GET", null, null); + + if(response != null && !response.isEmpty()){ + JSONObject json = (JSONObject) JSONValue.parse(response); + if (json.containsKey("privileges")) { + JSONArray privileges = (JSONArray) json.get("privileges"); + if(privileges.size() > 0) return true; } } - - return true; + + } catch (AmbariHttpException e) { + LOG.info("Got Error response from url : {}. Response : {}", url, e.getMessage()); + } + + return false; } private JSONObject readFromCluster(String url) { http://git-wip-us.apache.org/repos/asf/ambari/blob/82ccf224/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java ---------------------------------------------------------------------- diff --git a/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java b/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java index c2367ef..86d8434 100644 --- a/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java +++ b/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java @@ -119,7 +119,7 @@ public class AmbariApi { * @return response * @throws AmbariApiException IO error or not associated with cluster */ - public String readFromAmbari(String path, String method, String data, Map<String, String> headers) throws AmbariApiException { + public String readFromAmbari(String path, String method, String data, Map<String, String> headers) throws AmbariApiException, AmbariHttpException { String response; try { @@ -133,9 +133,8 @@ public class AmbariApi { response = IOUtils.toString(inputStream); } catch (IOException e) { throw new AmbariApiException("RA050 I/O error while requesting Ambari", e); - } catch (AmbariHttpException e) { - throw new AmbariApiException("RA040 Request to Ambari is unsuccessful with response code "+e.getResponseCode(), e); } + return response; }
