[ambari] branch trunk updated: AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)

Mon, 17 Oct 2022 00:12:25 -0700 

This is an automated email from the ASF dual-hosted git repository.

wuzhiguo pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new fe97683527 AMBARI-25734 :: CLUSTER.USER is able to perform actions 
through api calls (#3388)
fe97683527 is described below

commit fe97683527d29992e88bd41204144ef0714ca1b3
Author: Vishal Suvagia <vishalsuva...@users.noreply.github.com>
AuthorDate: Mon Oct 17 12:42:14 2022 +0530

    AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls 
(#3388)
---
 .../api/services/persistence/PersistenceManagerImpl.java     | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
index d04a9484f4..50f65d480c 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
@@ -104,6 +104,12 @@ public class PersistenceManagerImpl implements 
PersistenceManager {
   public RequestStatus update(ResourceInstance resource, RequestBody 
requestBody)
       throws UnsupportedPropertyException, SystemException, 
NoSuchParentResourceException, NoSuchResourceException {
 
+    if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+            EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) 
{
+      throw new AuthorizationException("The authenticated user does not have 
authorization " +
+              "to update/store user persisted data.");
+    }
+
     Map<Resource.Type, String> mapResourceIds = resource.getKeyValueMap();
     Resource.Type type = resource.getResourceDefinition().getType();
     Schema schema = m_controller.getSchema(type);
@@ -129,6 +135,12 @@ public class PersistenceManagerImpl implements 
PersistenceManager {
   public RequestStatus delete(ResourceInstance resource, RequestBody 
requestBody)
       throws UnsupportedPropertyException, SystemException, 
NoSuchParentResourceException, NoSuchResourceException {
     //todo: need to account for multiple resources and user predicate
+    if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+            EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) 
{
+      throw new AuthorizationException("The authenticated user does not have 
authorization " +
+              "to delete/store user persisted data.");
+    }
+
     return 
m_controller.deleteResources(resource.getResourceDefinition().getType(),
         createControllerRequest(requestBody), 
resource.getQuery().getPredicate());
 


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@ambari.apache.org
For additional commands, e-mail: commits-h...@ambari.apache.org

Reply via email to