Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Laszlo Puskas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177984
---


Ship it!




Ship It!

- Laszlo Puskas


On June 14, 2017, 9:22 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 14, 2017, 9:22 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  8d262e269b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  37d5d49c37 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
>  373552e6e1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthorizationFilter.java
>  95e90b3e49 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
>  64d5e6124f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
>  bff1fd2a16 
>   
> ambari-ser

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Laszlo Puskas]

> On June 12, 2017, 2:06 p.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)
> 
> Robert Levas wrote:
> Cascade seems to be used a few lines up in this file...
> ```
>   @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
>   private Set memberEntities = new HashSet<>();
> ```
> 
> Other than that, a quick search in the source code reveals 72 occurances 
> of this, 42 instances are of `CascadeType.ALL`.
> 
> So far my tests seem to work ok.
> 
> Sebastian Toader wrote:
> There was already an attempt to remove the Cascadings. I guess these are 
> left overs.
> 
> Robert Levas wrote:
> What is the alternative to cascading?  If I remove a user, I will need to 
> add code in the DAO to first remove the user authentication records?
> 
> Jonathan Hurley wrote:
> I don't have problems with cascading as long as the entity relationships 
> are setup correctly for it. In many places, they are not and we need to rely 
> on the DAO to do the work. Maintaining these methods seems to be a source of 
> bugs, so if the entities here can be cascaded correctly, then I don't see why 
> it would be a problem.
> 
> Robert Levas wrote:
> The entity relationship is set up properly:
> 
> ```
> CONSTRAINT FK_user_authentication_users FOREIGN KEY (user_id) REFERENCES 
> users(user_id)
> ```
> 
> So how do we want to proceed?  Laszlo?

I am not against cascading; not using them may be a convention so that all 
operations are explicitly done in the code (its easier to follow what's going 
on, cascading induces some kind of "side effect"). But I am with Jonathan let's 
keep the cascading here.


- Laszlo


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 14, 2017, 9:22 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 14, 2017, 9:22 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  8d262e269b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PR

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Jonathan Hurley]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177964
---


Ship it!




Ship It!

- Jonathan Hurley


On June 14, 2017, 5:22 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 14, 2017, 5:22 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  8d262e269b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  37d5d49c37 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
>  373552e6e1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthorizationFilter.java
>  95e90b3e49 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
>  64d5e6124f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
>  bff1fd2a16 
>   
> ambari-s

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 12, 2017, 10:06 a.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)
> 
> Robert Levas wrote:
> Cascade seems to be used a few lines up in this file...
> ```
>   @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
>   private Set memberEntities = new HashSet<>();
> ```
> 
> Other than that, a quick search in the source code reveals 72 occurances 
> of this, 42 instances are of `CascadeType.ALL`.
> 
> So far my tests seem to work ok.
> 
> Sebastian Toader wrote:
> There was already an attempt to remove the Cascadings. I guess these are 
> left overs.
> 
> Robert Levas wrote:
> What is the alternative to cascading?  If I remove a user, I will need to 
> add code in the DAO to first remove the user authentication records?
> 
> Jonathan Hurley wrote:
> I don't have problems with cascading as long as the entity relationships 
> are setup correctly for it. In many places, they are not and we need to rely 
> on the DAO to do the work. Maintaining these methods seems to be a source of 
> bugs, so if the entities here can be cascaded correctly, then I don't see why 
> it would be a problem.

The entity relationship is set up properly:

```
CONSTRAINT FK_user_authentication_users FOREIGN KEY (user_id) REFERENCES 
users(user_id)
```

So how do we want to proceed?  Laszlo?


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 14, 2017, 5:22 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 14, 2017, 5:22 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  8d262e269b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/
---

(Updated June 14, 2017, 5:22 p.m.)


Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, 
Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.


Bugs: AMBARI-21147
https://issues.apache.org/jira/browse/AMBARI-21147


Repository: ambari


Description
---

Update Database Access Layer to Support New Database Schema for Improved User 
Account Management.  

* Update `org.apache.ambari.server.orm.entities.UserEntity`
* Update `org.apache.ambari.server.orm.dao.UserDAO`
* Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
* Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`

Note: Some changes will be revisited when updating the different authentication 
processes to work with the improved user account management code.


Diffs (updated)
-

  ambari-server/docs/api/generated/index.html 7ea4297b99 
  ambari-server/docs/api/generated/swagger.json d7d54a510f 
  
ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
 fb06e6d8a5 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
 807bded873 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
 8d262e269b 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
 aeba739a6d 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
 f3c2ec871b 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
 391213858e 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
 40818c8f48 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
 5afacb70ef 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
 b35b2a8612 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
 389f0b2bf2 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
 614f7abda1 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
 c5c36e9942 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
 PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
ce47c4c38c 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
 PRE-CREATION 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
 9011eaecec 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
 195c55afa5 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
 PRE-CREATION 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
 1e4f6ead08 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
 09422e51e3 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
 ce9a79023d 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
 b7ff297ce5 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
 d38d44c16f 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
 37d5d49c37 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
 373552e6e1 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthorizationFilter.java
 95e90b3e49 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
 64d5e6124f 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
 bff1fd2a16 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserType.java
 aabd368aeb 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
 9cdde8fe4d 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
 383e8fac87 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/jwt/AuthenticationJwtUserNotFoundException.java
 f18af101a2 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/jwt/Jwt

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Sebastian Toader]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177947
---


Ship it!




Ship It!

- Sebastian Toader


On June 12, 2017, 7:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 7:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  37d5d49c37 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
>  373552e6e1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthorizationFilter.java
>  95e90b3e49 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
>  64d5e6124f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
>  bff1fd2a16 
>   
> ambari-

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 13, 2017, 9:11 a.m., Attila Magyar wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 98 (patched)
> > 
> >
> > Can't we just initialize Collections like this to empty collections 
> > (instead of null)? This would make most of the null checks unnecessary.

Fixing.


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177734
---


On June 12, 2017, 1:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 1:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  37d5d49c37 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
>  373552e6e1 

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
> > Lines 43 (patched)
> > 
> >
> > Should this PK be a Long?

Probably... copy/paste issue from UserEntity...

``` 
  @RequiresSession
  public UserEntity findByPK(Integer userPK) {
return entityManagerProvider.get().find(UserEntity.class, userPK);
  }
```

Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
> > Lines 49 (patched)
> > 
> >
> > Can you make this a NamedQuery in the UserAuthenticationEntity?

Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
> > Lines 79 (patched)
> > 
> >
> > remove(merge()) ? Is this necessary? Seems like the merge would only 
> > keep entities consistent before the removal if you did something like 
> > change a collection. I wouldn't think you'd need to do this.

Another copy/paste issue

```
  @Transactional
  public void remove(UserEntity user) {
entityManagerProvider.get().remove(merge(user));
entityManagerProvider.get().getEntityManagerFactory().getCache().evictAll();
  }
```

Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
> > Lines 80 (patched)
> > 
> >
> > Why do you need to evict from the cache here? Since you're going 
> > through the entity for this, JPA should know to clean the shared caches 
> > correctly. I only would think this is necessary if you use JPQL to remove 
> > entities.

Seems like there may have been caching issues... but maybe only related to 
views?  See [AMBARI-7152](https://issues.apache.org/jira/browse/AMBARI-7152). 
Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java
> > Lines 118 (patched)
> > 
> >
> > Can you do the lowercase() in the entity instead? This way you don't 
> > need to remember to do it.

Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
> > Lines 73-76 (patched)
> > 
> >
> > Always initialized, but not enforced to be non-null.

Fixing...  Seems like there is no real need to set update and create time.  I 
will remove those.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
> > Lines 142-156 (patched)
> > 
> >
> > Any reason you didn't use EqualsBuilder here instead?

`EqualsBuilder` is new to me.  Fixing.


> On June 14, 2017, 11:46 a.m., Jonathan Hurley wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 76-83 (patched)
> > 
> >
> > Are these all nullable? The default when not specified is true.

`consecutive_failures` is not nullable, but the others are.  Fixing.


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177909
---


On June 12, 2017, 1:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 1:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some cha

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Jonathan Hurley]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177909
---




ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
Lines 43 (patched)


Should this PK be a Long?



ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
Lines 49 (patched)


Can you make this a NamedQuery in the UserAuthenticationEntity?



ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
Lines 79 (patched)


remove(merge()) ? Is this necessary? Seems like the merge would only keep 
entities consistent before the removal if you did something like change a 
collection. I wouldn't think you'd need to do this.



ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
Lines 80 (patched)


Why do you need to evict from the cache here? Since you're going through 
the entity for this, JPA should know to clean the shared caches correctly. I 
only would think this is necessary if you use JPQL to remove entities.



ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java
Lines 118 (patched)


Can you do the lowercase() in the entity instead? This way you don't need 
to remember to do it.



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
Lines 73-76 (patched)


Always initialized, but not enforced to be non-null.



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
Lines 142-156 (patched)


Any reason you didn't use EqualsBuilder here instead?



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
Lines 76-83 (patched)


Are these all nullable? The default when not specified is true.


- Jonathan Hurley


On June 12, 2017, 1:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 1:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/contro

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Jonathan Hurley]

> On June 12, 2017, 10:06 a.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)
> 
> Robert Levas wrote:
> Cascade seems to be used a few lines up in this file...
> ```
>   @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
>   private Set memberEntities = new HashSet<>();
> ```
> 
> Other than that, a quick search in the source code reveals 72 occurances 
> of this, 42 instances are of `CascadeType.ALL`.
> 
> So far my tests seem to work ok.
> 
> Sebastian Toader wrote:
> There was already an attempt to remove the Cascadings. I guess these are 
> left overs.
> 
> Robert Levas wrote:
> What is the alternative to cascading?  If I remove a user, I will need to 
> add code in the DAO to first remove the user authentication records?

I don't have problems with cascading as long as the entity relationships are 
setup correctly for it. In many places, they are not and we need to rely on the 
DAO to do the work. Maintaining these methods seems to be a source of bugs, so 
if the entities here can be cascaded correctly, then I don't see why it would 
be a problem.


- Jonathan


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 12, 2017, 1:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 1:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/Auth

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Attila Magyar]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177734
---




ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
Lines 98 (patched)


Can't we just initialize Collections like this to empty collections 
(instead of null)? This would make most of the null checks unnecessary.


- Attila Magyar


On June 12, 2017, 5:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 5:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  37d5d49c37 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
>  373552e6e1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthoriz

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Sebastian Toader]

> On June 12, 2017, 4:06 p.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
> > Line 483 (original), 524 (patched)
> > 
> >
> > Should this method be synchronised? (The other   methods need to be 
> > checked as well / i relize this might not relate to the problem this patch 
> > is to address)
> 
> Robert Levas wrote:
> Someone decided that synchronized was needed for some reason.  This was 
> existing code and I am reluctant to change it.

That's how it's done in other places (e.g ClusterImpl.deleteHost - > 
deleteHostEntityRelationships())


- Sebastian


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 12, 2017, 7:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 7:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthorit

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 12, 2017, 10:06 a.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)
> 
> Robert Levas wrote:
> Cascade seems to be used a few lines up in this file...
> ```
>   @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
>   private Set memberEntities = new HashSet<>();
> ```
> 
> Other than that, a quick search in the source code reveals 72 occurances 
> of this, 42 instances are of `CascadeType.ALL`.
> 
> So far my tests seem to work ok.
> 
> Sebastian Toader wrote:
> There was already an attempt to remove the Cascadings. I guess these are 
> left overs.

What is the alternative to cascading?  If I remove a user, I will need to add 
code in the DAO to first remove the user authentication records?


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 12, 2017, 1:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 1:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> a

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Sebastian Toader]

> On June 12, 2017, 4:06 p.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)
> 
> Robert Levas wrote:
> Cascade seems to be used a few lines up in this file...
> ```
>   @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
>   private Set memberEntities = new HashSet<>();
> ```
> 
> Other than that, a quick search in the source code reveals 72 occurances 
> of this, 42 instances are of `CascadeType.ALL`.
> 
> So far my tests seem to work ok.

There was already an attempt to remove the Cascadings. I guess these are left 
overs.


- Sebastian


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 12, 2017, 7:15 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 12, 2017, 7:15 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  eb64030e45 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  aeba739a6d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  f3c2ec871b 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  c5c36e9942 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/serve

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/
---

(Updated June 12, 2017, 1:15 p.m.)


Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, 
Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.


Changes
---

Updates to address review concerns.


Bugs: AMBARI-21147
https://issues.apache.org/jira/browse/AMBARI-21147


Repository: ambari


Description
---

Update Database Access Layer to Support New Database Schema for Improved User 
Account Management.  

* Update `org.apache.ambari.server.orm.entities.UserEntity`
* Update `org.apache.ambari.server.orm.dao.UserDAO`
* Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
* Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`

Note: Some changes will be revisited when updating the different authentication 
processes to work with the improved user account management code.


Diffs (updated)
-

  ambari-server/docs/api/generated/index.html 7ea4297b99 
  ambari-server/docs/api/generated/swagger.json d7d54a510f 
  
ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
 fb06e6d8a5 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
 807bded873 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
 eb64030e45 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
 aeba739a6d 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
 f3c2ec871b 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
 391213858e 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
 40818c8f48 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
 5afacb70ef 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
 b35b2a8612 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
 389f0b2bf2 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
 614f7abda1 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
 c5c36e9942 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
 PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
ce47c4c38c 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
 PRE-CREATION 
  
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
 9011eaecec 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
 195c55afa5 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
 PRE-CREATION 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
 1e4f6ead08 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
 09422e51e3 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
 ce9a79023d 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
 b7ff297ce5 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
 d38d44c16f 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
 37d5d49c37 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
 373552e6e1 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthorizationFilter.java
 95e90b3e49 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
 64d5e6124f 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
 bff1fd2a16 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserType.java
 aabd368aeb 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
 9cdde8fe4d 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
 383e8fac87 
  
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/jwt/AuthenticationJwtUserNotFoundException.java
 f18af101a2 
  
ambari-server/src/main/java/

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 12, 2017, 10:06 a.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
> > Line 483 (original), 524 (patched)
> > 
> >
> > Should this method be synchronised? (The other   methods need to be 
> > checked as well / i relize this might not relate to the problem this patch 
> > is to address)

Someone decided that synchronized was needed for some reason.  This was 
existing code and I am reluctant to change it.


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 9, 2017, 5:17 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 9, 2017, 5:17 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  2a9d6c9ee0 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  2f799b70c4 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  4fa236225d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  2ec63dbaeb 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
>  d38d44c16f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

> On June 12, 2017, 10:06 a.m., Laszlo Puskas wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
> > Lines 97 (patched)
> > 
> >
> > I think cascading should be removed here (AFAIK there were some issues 
> > where cascading was interfering with some DAO logic)

Cascade seems to be used a few lines up in this file...
```
  @OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
  private Set memberEntities = new HashSet<>();
```

Other than that, a quick search in the source code reveals 72 occurances of 
this, 42 instances are of `CascadeType.ALL`.

So far my tests seem to work ok.


- Robert


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---


On June 9, 2017, 5:17 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 9, 2017, 5:17 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  2a9d6c9ee0 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  2f799b70c4 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  4fa236225d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  2ec63dbaeb 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
>  195c55afa5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AuthenticationMethodNotAllowedException.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
>  1e4f6ead08 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationProperties.java
>  09422e51e3 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
>  ce9a79023d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  b7ff297ce5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdap

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Laszlo Puskas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177610
---




ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 277 (patched)


Is this method package private by design or should it be public?



ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 308 (patched)


Does this method really need to be synchronized? (I understand this has 
only been moved here but maybe worths a short investigation)



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
Lines 97 (patched)


I think cascading should be removed here (AFAIK there were some issues 
where cascading was interfering with some DAO logic)



ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
Line 349 (original), 345 (patched)


Should this method be synchronized?



ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
Lines 497 (patched)


Should this method be synchronized?



ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
Line 483 (original), 524 (patched)


Should this method be synchronised? (The other   methods need to be checked 
as well / i relize this might not relate to the problem this patch is to 
address)


- Laszlo Puskas


On June 9, 2017, 9:17 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 9, 2017, 9:17 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  2a9d6c9ee0 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  2f799b70c4 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
>  4fa236225d 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/ResourceProviderFactory.java
>  391213858e 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserRequest.java
>  40818c8f48 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/UserResponse.java
>  5afacb70ef 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
>  b35b2a8612 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProvider.java
>  389f0b2bf2 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProvider.java
>  614f7abda1 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
>  2ec63dbaeb 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserAuthenticationDAO.java
>  PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> ce47c4c38c 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
>  9011eaecec 
>   
> ambari-server/src/main/java/org/ap

Re: Review Request 59956: Update Database Access Layer to Support New Database Schema for Improved User Account Management

[Robert Levas]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59956/#review177516
---




ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
Line 128 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
Line 207 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
Line 262 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
Line 313 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
Line 961 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
Line 3439 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
Line 3661 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
Line 3834 (original)


Moved to UserResourceProvider



ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 277 (patched)


Moved from AmbariManagementControllerImpl



ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 308 (patched)


Moved from AmbariManagementControllerImpl



ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 362 (patched)


Moved from AmbariManagementControllerImpl



ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserResourceProvider.java
Lines 385 (patched)


Moved from AmbariManagementControllerImpl



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
Lines 152 (patched)


This will be handled in AMBARI-21216



ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
Line 45 (original), 47 (patched)


This will be revisited in AMBARI-21223


- Robert Levas


On June 9, 2017, 5:17 p.m., Robert Levas wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59956/
> ---
> 
> (Updated June 9, 2017, 5:17 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene 
> Chekanskiy, Jonathan Hurley, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21147
> https://issues.apache.org/jira/browse/AMBARI-21147
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Update Database Access Layer to Support New Database Schema for Improved User 
> Account Management.  
> 
> * Update `org.apache.ambari.server.orm.entities.UserEntity`
> * Update `org.apache.ambari.server.orm.dao.UserDAO`
> * Add `org.apache.ambari.server.orm.entities.UserAuthenticationEntity`
> * Add `org.apache.ambari.server.orm.dao.UserAuthenticationDAO`
> 
> Note: Some changes will be revisited when updating the different 
> authentication processes to work with the improved user account management 
> code.
> 
> 
> Diffs
> -
> 
>   ambari-server/docs/api/generated/index.html 7ea4297b99 
>   ambari-server/docs/api/generated/swagger.json d7d54a510f 
>   
> ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
>  fb06e6d8a5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementController.java
>  807bded873 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  2a9d6c9ee0 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
>  2f799b70c4 
>   
> ambari-serve