Repository: ambari Updated Branches: refs/heads/branch-2.4 4d0b1bc17 -> 268a87eb5
AMBARI-16866. View Config-Non remote user able to edit queue settings in remote capacity schedular view.(Gaurav Nagar via pallavkul) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/268a87eb Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/268a87eb Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/268a87eb Branch: refs/heads/branch-2.4 Commit: 268a87eb52f12bdbef1430b31636832087246f98 Parents: 4d0b1bc Author: Pallav Kulshreshtha <[email protected]> Authored: Fri May 27 17:34:02 2016 +0530 Committer: Pallav Kulshreshtha <[email protected]> Committed: Fri May 27 17:36:04 2016 +0530 ---------------------------------------------------------------------- .../capacityscheduler/ConfigurationService.java | 41 ++++++++++---------- .../ambari/view/utils/ambari/AmbariApi.java | 5 +-- 2 files changed, 23 insertions(+), 23 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/268a87eb/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java ---------------------------------------------------------------------- diff --git a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java index 41f27c7..42076fe 100644 --- a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java +++ b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java @@ -18,6 +18,7 @@ package org.apache.ambari.view.capacityscheduler; +import org.apache.ambari.view.AmbariHttpException; import org.apache.ambari.view.ViewContext; import org.apache.ambari.view.capacityscheduler.utils.MisconfigurationFormattedException; import org.apache.ambari.view.capacityscheduler.utils.ServiceFormattedException; @@ -105,8 +106,8 @@ public class ConfigurationService { // Privilege Reading // ================================================================================ - private static final String CLUSTER_OPERATOR_PRIVILEGE_URL = "?privileges/PrivilegeInfo/permission_name=CLUSTER.ADMINISTRATOR&privileges/PrivilegeInfo/principal_name=%s"; - private static final String AMBARI_ADMIN_PRIVILEGE_URL = "/api/v1/users/%s?Users/admin=true"; + private static final String AMBARI_OR_CLUSTER_ADMIN_PRIVILEGE_URL = "/api/v1/users/%s?privileges/PrivilegeInfo/permission_name=AMBARI.ADMINISTRATOR|" + + "(privileges/PrivilegeInfo/permission_name.in(CLUSTER.ADMINISTRATOR,CLUSTER.OPERATOR)&privileges/PrivilegeInfo/cluster_name=%s)"; /** * Gets capacity scheduler configuration. @@ -256,26 +257,26 @@ public class ConfigurationService { * * @return if <code>true</code>, the user is an operator; otherwise <code>false</code> */ - private boolean isOperator() { - - // first check if the user is an CLUSTER.ADMINISTRATOR - String url = String.format(CLUSTER_OPERATOR_PRIVILEGE_URL, context.getUsername()); - JSONObject json = readFromCluster(url); - - if (json == null || json.size() <= 0) { - // user is not a CLUSTER.ADMINISTRATOR but might be an AMBARI.ADMINISTRATOR - url = String.format(AMBARI_ADMIN_PRIVILEGE_URL, context.getUsername()); - String response = ambariApi.readFromAmbari(url, "GET", null, null); - if (response == null || response.isEmpty()) { - return false; - } - json = getJsonObject(response); - if (json == null || json.size() <= 0) { - return false; + private boolean isOperator() { + + String url = String.format(AMBARI_OR_CLUSTER_ADMIN_PRIVILEGE_URL, context.getUsername(), context.getCluster().getName()); + + try { + String response = ambariApi.readFromAmbari(url, "GET", null, null); + + if(response != null && !response.isEmpty()){ + JSONObject json = (JSONObject) JSONValue.parse(response); + if (json.containsKey("privileges")) { + JSONArray privileges = (JSONArray) json.get("privileges"); + if(privileges.size() > 0) return true; } } - - return true; + + } catch (AmbariHttpException e) { + LOG.info("Got Error response from url : {}. Response : {}", url, e.getMessage()); + } + + return false; } private JSONObject readFromCluster(String url) { http://git-wip-us.apache.org/repos/asf/ambari/blob/268a87eb/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java ---------------------------------------------------------------------- diff --git a/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java b/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java index c2367ef..86d8434 100644 --- a/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java +++ b/contrib/views/utils/src/main/java/org/apache/ambari/view/utils/ambari/AmbariApi.java @@ -119,7 +119,7 @@ public class AmbariApi { * @return response * @throws AmbariApiException IO error or not associated with cluster */ - public String readFromAmbari(String path, String method, String data, Map<String, String> headers) throws AmbariApiException { + public String readFromAmbari(String path, String method, String data, Map<String, String> headers) throws AmbariApiException, AmbariHttpException { String response; try { @@ -133,9 +133,8 @@ public class AmbariApi { response = IOUtils.toString(inputStream); } catch (IOException e) { throw new AmbariApiException("RA050 I/O error while requesting Ambari", e); - } catch (AmbariHttpException e) { - throw new AmbariApiException("RA040 Request to Ambari is unsuccessful with response code "+e.getResponseCode(), e); } + return response; }
