Repository: ambari Updated Branches: refs/heads/trunk b7e1bcebf -> 377693013
AMBARI-11628. Ambari operator (non-admin) is not able to view service configs (srimanth) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/37769301 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/37769301 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/37769301 Branch: refs/heads/trunk Commit: 377693013263c03ae31d4fa129652584927b025b Parents: b7e1bce Author: Srimanth Gunturi <[email protected]> Authored: Tue Jun 2 13:52:11 2015 -0700 Committer: Srimanth Gunturi <[email protected]> Committed: Tue Jun 2 21:47:38 2015 -0700 ---------------------------------------------------------------------- .../security/authorization/AmbariAuthorizationFilter.java | 2 +- .../authorization/AmbariAuthorizationFilterTest.java | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/37769301/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java index 9b867c0..d14cc78 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java @@ -50,7 +50,7 @@ public class AmbariAuthorizationFilter implements Filter { private static final String INTERNAL_TOKEN_HEADER = "X-Internal-Token"; - private static final Pattern STACK_ADVISOR_REGEX = Pattern.compile("/api/v[0-9]+/stacks/[^/]+/versions/[^/]+/validations.*"); + private static final Pattern STACK_ADVISOR_REGEX = Pattern.compile("/api/v[0-9]+/stacks/[^/]+/versions/[^/]+/(validations|recommendations).*"); public static final String API_VERSION_PREFIX = "/api/v[0-9]+"; public static final String VIEWS_CONTEXT_PATH_PREFIX = "/views/"; http://git-wip-us.apache.org/repos/asf/ambari/blob/37769301/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java index d974fd8..a5df47f 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java @@ -271,6 +271,15 @@ public class AmbariAuthorizationFilterTest { performGeneralDoFilterTest(null, new int[0], urlTests, true); } + @Test + public void testDoFilter_stackAdvisorCalls() throws Exception { + final Table<String, String, Boolean> urlTests = HashBasedTable.create(); + urlTests.put("/api/v1/stacks/HDP/versions/2.3/validations", "POST", true); + urlTests.put("/api/v1/stacks/HDP/versions/2.3/recommendations", "POST", true); + performGeneralDoFilterTest("user1", new int[] { PermissionEntity.CLUSTER_OPERATE_PERMISSION }, urlTests, false); + performGeneralDoFilterTest("admin", new int[] { PermissionEntity.AMBARI_ADMIN_PERMISSION }, urlTests, false); + } + /** * Creates mocks with given permissions and performs all given url tests. *
