[02/16] git commit: AMBARI-7329. Error updating configs with OPERATOR user. (mpapirkovskyy)

Mon, 29 Sep 2014 05:14:44 -0700 

AMBARI-7329. Error updating configs with OPERATOR user. (mpapirkovskyy)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/b098be07
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/b098be07
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/b098be07

Branch: refs/heads/branch-alerts-dev
Commit: b098be07ba5a2e7beecc6f70324ae0ff6e38fe3c
Parents: 94bda46
Author: Myroslav Papirkovskyy <mpapyrkovs...@hortonworks.com>
Authored: Fri Sep 26 19:49:00 2014 +0300
Committer: Myroslav Papirkovskyy <mpapyrkovs...@hortonworks.com>
Committed: Fri Sep 26 19:49:00 2014 +0300

----------------------------------------------------------------------
 .../security/authorization/AmbariAuthorizationFilter.java   | 9 +++++++++
 1 file changed, 9 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/b098be07/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
index aae967d..658fc80 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
@@ -19,6 +19,7 @@
 package org.apache.ambari.server.security.authorization;
 
 import java.io.IOException;
+import java.util.regex.Pattern;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
@@ -47,6 +48,8 @@ public class AmbariAuthorizationFilter implements Filter {
 
   private static final String INTERNAL_TOKEN_HEADER = "X-Internal-Token";
 
+  private static final Pattern STACK_ADVISOR_REGEX = 
Pattern.compile("/api/v[0-9]+/stacks/[^/]+/versions/[^/]+/validations.*");
+
   /**
    * The realm to use for the basic http auth
    */
@@ -96,6 +99,12 @@ public class AmbariAuthorizationFilter implements Filter {
               authorized = true;
               break;
             }
+          } else if (STACK_ADVISOR_REGEX.matcher(requestURI).matches()) {
+            //TODO permissions model doesn't manage stacks api, but we need 
access to stack advisor to save configs
+            if 
(permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+              authorized = true;
+              break;
+            }
           } else if (requestURI.matches("/api/v[0-9]+/views.*")) {
             // views require permission
             if (permissionId.equals(PermissionEntity.VIEW_USE_PERMISSION)) {

Reply via email to