http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql index f1fb358..32fd2a6 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql @@ -1060,7 +1060,7 @@ INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'SERVICE.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'SERVICE.VIEW_CONFIGS', 'View configurations' UNION ALL SELECT 'SERVICE.COMPARE_CONFIGS', 'Compare configurations' UNION ALL - SELECT 'SERVICE.VIEW_ALERTS', 'View service alerts' UNION ALL + SELECT 'SERVICE.VIEW_ALERTS', 'View service-level alerts' UNION ALL SELECT 'SERVICE.START_STOP', 'Start/Stop/Restart Service' UNION ALL SELECT 'SERVICE.DECOMMISSION_RECOMMISSION', 'Decommission/recommission' UNION ALL SELECT 'SERVICE.RUN_SERVICE_CHECK', 'Run service checks' UNION ALL @@ -1068,9 +1068,10 @@ INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'SERVICE.RUN_CUSTOM_COMMAND', 'Perform service-specific tasks' UNION ALL SELECT 'SERVICE.MODIFY_CONFIGS', 'Modify configurations' UNION ALL SELECT 'SERVICE.MANAGE_CONFIG_GROUPS', 'Manage configuration groups' UNION ALL + SELECT 'SERVICE.MANAGE_ALERTS', 'Manage service-level alerts' UNION ALL SELECT 'SERVICE.MOVE', 'Move to another host' UNION ALL SELECT 'SERVICE.ENABLE_HA', 'Enable HA' UNION ALL - SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service alerts' UNION ALL + SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service-level alerts' UNION ALL SELECT 'SERVICE.ADD_DELETE_SERVICES', 'Add Service to cluster' UNION ALL SELECT 'HOST.VIEW_METRICS', 'View metrics' UNION ALL SELECT 'HOST.VIEW_STATUS_INFO', 'View status information' UNION ALL @@ -1082,11 +1083,12 @@ INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'CLUSTER.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'CLUSTER.VIEW_CONFIGS', 'View configuration' UNION ALL SELECT 'CLUSTER.VIEW_STACK_DETAILS', 'View stack version details' UNION ALL - SELECT 'CLUSTER.VIEW_ALERTS', 'View alerts' UNION ALL + SELECT 'CLUSTER.VIEW_ALERTS', 'View cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CREDENTIALS', 'Manage external credentials' UNION ALL SELECT 'CLUSTER.MODIFY_CONFIGS', 'Modify cluster configurations' UNION ALL SELECT 'CLUSTER.MANAGE_CONFIG_GROUPS', 'Manage cluster config groups' UNION ALL - SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable alerts' UNION ALL + SELECT 'CLUSTER.MANAGE_ALERTS', 'Manage cluster-level alerts' UNION ALL + SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable cluster-level alerts' UNION ALL SELECT 'CLUSTER.TOGGLE_KERBEROS', 'Enable/disable Kerberos' UNION ALL SELECT 'CLUSTER.UPGRADE_DOWNGRADE_STACK', 'Upgrade/downgrade stack' UNION ALL SELECT 'AMBARI.ADD_DELETE_CLUSTERS', 'Create new clusters' UNION ALL @@ -1154,6 +1156,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL @@ -1181,6 +1184,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL @@ -1211,6 +1215,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1228,6 +1233,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1248,6 +1254,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL @@ -1266,6 +1273,7 @@ INSERT INTO permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.UPGRADE_DOWNGRADE_STACK' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL
http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql index 1d9cc71..7894c43 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql @@ -1158,7 +1158,7 @@ INSERT INTO ambari.roleauthorization(authorization_id, authorization_name) SELECT 'SERVICE.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'SERVICE.VIEW_CONFIGS', 'View configurations' UNION ALL SELECT 'SERVICE.COMPARE_CONFIGS', 'Compare configurations' UNION ALL - SELECT 'SERVICE.VIEW_ALERTS', 'View service alerts' UNION ALL + SELECT 'SERVICE.VIEW_ALERTS', 'View service-level alerts' UNION ALL SELECT 'SERVICE.START_STOP', 'Start/Stop/Restart Service' UNION ALL SELECT 'SERVICE.DECOMMISSION_RECOMMISSION', 'Decommission/recommission' UNION ALL SELECT 'SERVICE.RUN_SERVICE_CHECK', 'Run service checks' UNION ALL @@ -1166,9 +1166,10 @@ INSERT INTO ambari.roleauthorization(authorization_id, authorization_name) SELECT 'SERVICE.RUN_CUSTOM_COMMAND', 'Perform service-specific tasks' UNION ALL SELECT 'SERVICE.MODIFY_CONFIGS', 'Modify configurations' UNION ALL SELECT 'SERVICE.MANAGE_CONFIG_GROUPS', 'Manage configuration groups' UNION ALL + SELECT 'SERVICE.MANAGE_ALERTS', 'Manage service-level alerts' UNION ALL SELECT 'SERVICE.MOVE', 'Move to another host' UNION ALL SELECT 'SERVICE.ENABLE_HA', 'Enable HA' UNION ALL - SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service alerts' UNION ALL + SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service-level alerts' UNION ALL SELECT 'SERVICE.ADD_DELETE_SERVICES', 'Add Service to cluster' UNION ALL SELECT 'HOST.VIEW_METRICS', 'View metrics' UNION ALL SELECT 'HOST.VIEW_STATUS_INFO', 'View status information' UNION ALL @@ -1180,11 +1181,12 @@ INSERT INTO ambari.roleauthorization(authorization_id, authorization_name) SELECT 'CLUSTER.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'CLUSTER.VIEW_CONFIGS', 'View configuration' UNION ALL SELECT 'CLUSTER.VIEW_STACK_DETAILS', 'View stack version details' UNION ALL - SELECT 'CLUSTER.VIEW_ALERTS', 'View alerts' UNION ALL + SELECT 'CLUSTER.VIEW_ALERTS', 'View cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CREDENTIALS', 'Manage external credentials' UNION ALL SELECT 'CLUSTER.MODIFY_CONFIGS', 'Modify cluster configurations' UNION ALL + SELECT 'CLUSTER.MANAGE_ALERTS', 'Manage cluster-level alerts' UNION ALL + SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CONFIG_GROUPS', 'Manage cluster config groups' UNION ALL - SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable alerts' UNION ALL SELECT 'CLUSTER.TOGGLE_KERBEROS', 'Enable/disable Kerberos' UNION ALL SELECT 'CLUSTER.UPGRADE_DOWNGRADE_STACK', 'Upgrade/downgrade stack' UNION ALL SELECT 'AMBARI.ADD_DELETE_CLUSTERS', 'Create new clusters' UNION ALL @@ -1252,6 +1254,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL @@ -1279,6 +1282,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL @@ -1309,6 +1313,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1327,6 +1332,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.UPGRADE_DOWNGRADE_STACK' FROM ambari.adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR'; @@ -1346,6 +1352,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL @@ -1363,6 +1370,7 @@ INSERT INTO ambari.permission_roleauthorization(permission_id, authorization_id) SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM ambari.adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql index 55846c0..6df1569 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql @@ -1012,7 +1012,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT 'SERVICE.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'SERVICE.VIEW_CONFIGS', 'View configurations' UNION ALL SELECT 'SERVICE.COMPARE_CONFIGS', 'Compare configurations' UNION ALL - SELECT 'SERVICE.VIEW_ALERTS', 'View service alerts' UNION ALL + SELECT 'SERVICE.VIEW_ALERTS', 'View service-level alerts' UNION ALL SELECT 'SERVICE.START_STOP', 'Start/Stop/Restart Service' UNION ALL SELECT 'SERVICE.DECOMMISSION_RECOMMISSION', 'Decommission/recommission' UNION ALL SELECT 'SERVICE.RUN_SERVICE_CHECK', 'Run service checks' UNION ALL @@ -1020,9 +1020,10 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT 'SERVICE.RUN_CUSTOM_COMMAND', 'Perform service-specific tasks' UNION ALL SELECT 'SERVICE.MODIFY_CONFIGS', 'Modify configurations' UNION ALL SELECT 'SERVICE.MANAGE_CONFIG_GROUPS', 'Manage configuration groups' UNION ALL + SELECT 'SERVICE.MANAGE_ALERTS', 'Manage service-level alerts' UNION ALL SELECT 'SERVICE.MOVE', 'Move to another host' UNION ALL SELECT 'SERVICE.ENABLE_HA', 'Enable HA' UNION ALL - SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service alerts' UNION ALL + SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service-level alerts' UNION ALL SELECT 'SERVICE.ADD_DELETE_SERVICES', 'Add Service to cluster' UNION ALL SELECT 'HOST.VIEW_METRICS', 'View metrics' UNION ALL SELECT 'HOST.VIEW_STATUS_INFO', 'View status information' UNION ALL @@ -1034,11 +1035,12 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT 'CLUSTER.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'CLUSTER.VIEW_CONFIGS', 'View configuration' UNION ALL SELECT 'CLUSTER.VIEW_STACK_DETAILS', 'View stack version details' UNION ALL - SELECT 'CLUSTER.VIEW_ALERTS', 'View alerts' UNION ALL + SELECT 'CLUSTER.VIEW_ALERTS', 'View cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CREDENTIALS', 'Manage external credentials' UNION ALL SELECT 'CLUSTER.MODIFY_CONFIGS', 'Modify cluster configurations' UNION ALL + SELECT 'CLUSTER.MANAGE_ALERTS', 'Manage cluster-level alerts' UNION ALL + SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CONFIG_GROUPS', 'Manage cluster config groups' UNION ALL - SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable alerts' UNION ALL SELECT 'CLUSTER.TOGGLE_KERBEROS', 'Enable/disable Kerberos' UNION ALL SELECT 'CLUSTER.UPGRADE_DOWNGRADE_STACK', 'Upgrade/downgrade stack' UNION ALL SELECT 'AMBARI.ADD_DELETE_CLUSTERS', 'Create new clusters' UNION ALL @@ -1106,6 +1108,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL @@ -1133,6 +1136,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL @@ -1163,6 +1167,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1180,6 +1185,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1200,6 +1206,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL @@ -1217,6 +1224,7 @@ insert into adminpermission(permission_id, permission_name, resource_type_id, pe SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql index 9f289bc..83b2a7e 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql @@ -1121,17 +1121,18 @@ BEGIN TRANSACTION SELECT 'SERVICE.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'SERVICE.VIEW_CONFIGS', 'View configurations' UNION ALL SELECT 'SERVICE.COMPARE_CONFIGS', 'Compare configurations' UNION ALL - SELECT 'SERVICE.VIEW_ALERTS', 'View service alerts' UNION ALL + SELECT 'SERVICE.VIEW_ALERTS', 'View service-level alerts' UNION ALL SELECT 'SERVICE.START_STOP', 'Start/Stop/Restart Service' UNION ALL SELECT 'SERVICE.DECOMMISSION_RECOMMISSION', 'Decommission/recommission' UNION ALL SELECT 'SERVICE.RUN_SERVICE_CHECK', 'Run service checks' UNION ALL SELECT 'SERVICE.TOGGLE_MAINTENANCE', 'Turn on/off maintenance mode' UNION ALL SELECT 'SERVICE.RUN_CUSTOM_COMMAND', 'Perform service-specific tasks' UNION ALL SELECT 'SERVICE.MODIFY_CONFIGS', 'Modify configurations' UNION ALL + SELECT 'SERVICE.MANAGE_ALERTS', 'Manage service-level alerts' UNION ALL SELECT 'SERVICE.MANAGE_CONFIG_GROUPS', 'Manage configuration groups' UNION ALL SELECT 'SERVICE.MOVE', 'Move service to another host' UNION ALL SELECT 'SERVICE.ENABLE_HA', 'Enable HA' UNION ALL - SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service alerts' UNION ALL + SELECT 'SERVICE.TOGGLE_ALERTS', 'Enable/disable service-level alerts' UNION ALL SELECT 'SERVICE.ADD_DELETE_SERVICES', 'Add Service to cluster' UNION ALL SELECT 'HOST.VIEW_METRICS', 'View metrics' UNION ALL SELECT 'HOST.VIEW_STATUS_INFO', 'View status information' UNION ALL @@ -1143,11 +1144,12 @@ BEGIN TRANSACTION SELECT 'CLUSTER.VIEW_STATUS_INFO', 'View status information' UNION ALL SELECT 'CLUSTER.VIEW_CONFIGS', 'View configuration' UNION ALL SELECT 'CLUSTER.VIEW_STACK_DETAILS', 'View stack version details' UNION ALL - SELECT 'CLUSTER.VIEW_ALERTS', 'View alerts' UNION ALL + SELECT 'CLUSTER.VIEW_ALERTS', 'View cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CREDENTIALS', 'Manage external credentials' UNION ALL SELECT 'CLUSTER.MODIFY_CONFIGS', 'Modify cluster configurations' UNION ALL + SELECT 'CLUSTER.MANAGE_ALERTS', 'Manage cluster-level alerts' UNION ALL + SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable cluster-level alerts' UNION ALL SELECT 'CLUSTER.MANAGE_CONFIG_GROUPS', 'Manage cluster config groups' UNION ALL - SELECT 'CLUSTER.TOGGLE_ALERTS', 'Enable/disable alerts' UNION ALL SELECT 'CLUSTER.TOGGLE_KERBEROS', 'Enable/disable Kerberos' UNION ALL SELECT 'CLUSTER.UPGRADE_DOWNGRADE_STACK', 'Upgrade/downgrade stack' UNION ALL SELECT 'AMBARI.ADD_DELETE_CLUSTERS', 'Create new clusters' UNION ALL @@ -1215,6 +1217,7 @@ BEGIN TRANSACTION SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='SERVICE.ADMINISTRATOR' UNION ALL @@ -1242,6 +1245,7 @@ BEGIN TRANSACTION SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.OPERATOR' UNION ALL @@ -1272,6 +1276,7 @@ BEGIN TRANSACTION SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1289,6 +1294,7 @@ BEGIN TRANSACTION SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='CLUSTER.ADMINISTRATOR' UNION ALL @@ -1309,6 +1315,7 @@ BEGIN TRANSACTION SELECT permission_id, 'SERVICE.RUN_CUSTOM_COMMAND' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'SERVICE.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.MOVE' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.ENABLE_HA' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'SERVICE.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL @@ -1326,6 +1333,7 @@ BEGIN TRANSACTION SELECT permission_id, 'CLUSTER.VIEW_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CREDENTIALS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MODIFY_CONFIGS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL + SELECT permission_id, 'CLUSTER.MANAGE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.MANAGE_CONFIG_GROUPS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_ALERTS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL SELECT permission_id, 'CLUSTER.TOGGLE_KERBEROS' FROM adminpermission WHERE permission_name='AMBARI.ADMINISTRATOR' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertDefinitionResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertDefinitionResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertDefinitionResourceProviderTest.java index e589537..d44b7c8 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertDefinitionResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertDefinitionResourceProviderTest.java @@ -50,6 +50,10 @@ import org.apache.ambari.server.metadata.ActionMetadata; import org.apache.ambari.server.orm.InMemoryDefaultTestModule; import org.apache.ambari.server.orm.dao.AlertDefinitionDAO; import org.apache.ambari.server.orm.entities.AlertDefinitionEntity; +import org.apache.ambari.server.orm.entities.ClusterEntity; +import org.apache.ambari.server.orm.entities.ResourceEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.alert.AlertDefinition; @@ -61,6 +65,7 @@ import org.apache.ambari.server.state.alert.Source; import org.apache.ambari.server.state.alert.SourceType; import org.easymock.Capture; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -71,6 +76,8 @@ import com.google.inject.Guice; import com.google.inject.Injector; import com.google.inject.Module; import com.google.inject.util.Modules; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; /** * AlertDefinition tests @@ -95,6 +102,11 @@ public class AlertDefinitionResourceProviderTest { m_injector.injectMembers(m_factory); } + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } + /** * @throws Exception */ @@ -110,11 +122,35 @@ public class AlertDefinitionResourceProviderTest { assertEquals(0, results.size()); } + @Test + public void testGetResourcesClusterPredicateAsAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsServiceAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createServiceAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterUser(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsViewUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createViewUser(99L), false); + } + /** * @throws Exception */ - @Test - public void testGetResourcesClusterPredicate() throws Exception { + private void testGetResourcesClusterPredicate(Authentication authentication, boolean expectResults) throws Exception { Request request = PropertyHelper.getReadRequest( AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME, AlertDefinitionResourceProvider.ALERT_DEF_ID, @@ -126,7 +162,8 @@ public class AlertDefinitionResourceProviderTest { Cluster cluster = createMock(Cluster.class); expect(amc.getClusters()).andReturn(clusters).atLeastOnce(); expect(clusters.getCluster((String) anyObject())).andReturn(cluster).atLeastOnce(); - expect(cluster.getClusterId()).andReturn(Long.valueOf(1)).anyTimes(); + expect(cluster.getClusterId()).andReturn(1L).anyTimes(); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); Predicate predicate = new PredicateBuilder().property( AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME).equals("c1").toPredicate(); @@ -135,26 +172,54 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertDefinitionResourceProvider provider = createProvider(amc); Set<Resource> results = provider.getResources(request, predicate); - assertEquals(1, results.size()); + assertEquals(expectResults ? 1 : 0, results.size()); - Resource r = results.iterator().next(); + if(expectResults) { + Resource r = results.iterator().next(); - Assert.assertEquals("my_def", r.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); + Assert.assertEquals("my_def", r.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); - Assert.assertEquals("Mock Label", - r.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_LABEL)); + Assert.assertEquals("Mock Label", + r.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_LABEL)); + } verify(amc, clusters, cluster, dao); } + @Test + public void testGetSingleResourceAsAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetSingleResourceAsServiceAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetSingleResourceAsClusterUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testGetSingleResourceAsViewUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testGetSingleResource() throws Exception { + private void testGetSingleResource(Authentication authentication) throws Exception { Request request = PropertyHelper.getReadRequest( AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME, AlertDefinitionResourceProvider.ALERT_DEF_ID, @@ -180,6 +245,8 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertDefinitionResourceProvider provider = createProvider(amc); Set<Resource> results = provider.getResources(request, predicate); @@ -213,14 +280,38 @@ public class AlertDefinitionResourceProviderTest { Assert.assertNotNull(r.getPropertyValue("AlertDefinition/source/type")); } - /** + @Test + public void testGetResourcesAssertSourceTypeAsAdministrator() throws Exception { + testGetResourcesAssertSourceType(TestAuthenticationFactory.createAdministrator(), true); + } + + @Test + public void testGetResourcesAssertSourceTypeAsClusterAdministrator() throws Exception { + testGetResourcesAssertSourceType(TestAuthenticationFactory.createClusterAdministrator(), true); + } + + @Test + public void testGetResourcesAssertSourceTypeAsServiceAdministrator() throws Exception { + testGetResourcesAssertSourceType(TestAuthenticationFactory.createServiceAdministrator(), true); + } + + @Test + public void testGetResourcesAssertSourceTypeAsClusterUser() throws Exception { + testGetResourcesAssertSourceType(TestAuthenticationFactory.createClusterUser(), true); + } + + @Test + public void testGetResourcesAssertSourceTypeAsViewUser() throws Exception { + testGetResourcesAssertSourceType(TestAuthenticationFactory.createViewUser(99L), false); + } + +/** * Tests that the source structure returned has the entire set of * subproperties on it (such as reporting) * * @throws Exception */ - @Test - public void testGetResourcesAssertSourceType() throws Exception { + private void testGetResourcesAssertSourceType(Authentication authentication, boolean expectResults) throws Exception { Request request = PropertyHelper.getReadRequest( AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME, AlertDefinitionResourceProvider.ALERT_DEF_ID, @@ -234,7 +325,8 @@ public class AlertDefinitionResourceProviderTest { Cluster cluster = createMock(Cluster.class); expect(amc.getClusters()).andReturn(clusters).atLeastOnce(); expect(clusters.getCluster((String) anyObject())).andReturn(cluster).atLeastOnce(); - expect(cluster.getClusterId()).andReturn(Long.valueOf(1)).anyTimes(); + expect(cluster.getClusterId()).andReturn(1L).anyTimes(); + expect(cluster.getResourceId()).andReturn(4L).anyTimes(); Predicate predicate = new PredicateBuilder().property( AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME).equals("c1").toPredicate(); @@ -243,20 +335,24 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertDefinitionResourceProvider provider = createProvider(amc); Set<Resource> results = provider.getResources(request, predicate); - assertEquals(1, results.size()); + assertEquals(expectResults ? 1 : 0, results.size()); - Resource resource = results.iterator().next(); + if(expectResults) { + Resource resource = results.iterator().next(); - Assert.assertEquals("my_def", - resource.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); + Assert.assertEquals("my_def", + resource.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); - Map<String, String> reporting = (Map<String, String>) resource.getPropertyValue("AlertDefinition/source/reporting"); + Map<String, String> reporting = (Map<String, String>) resource.getPropertyValue("AlertDefinition/source/reporting"); - Assert.assertTrue(reporting.containsKey("ok")); - Assert.assertTrue(reporting.containsKey("critical")); + Assert.assertTrue(reporting.containsKey("ok")); + Assert.assertTrue(reporting.containsKey("critical")); + } verify(amc, clusters, cluster, dao); @@ -268,22 +364,49 @@ public class AlertDefinitionResourceProviderTest { AlertDefinitionResourceProvider.ALERT_DEF_NAME); results = provider.getResources(request, predicate); - resource = results.iterator().next(); - Assert.assertEquals( - "my_def", - resource.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); + if(!results.isEmpty()) { + Resource resource = results.iterator().next(); + + Assert.assertEquals( + "my_def", + resource.getPropertyValue(AlertDefinitionResourceProvider.ALERT_DEF_NAME)); + + Map<String, String> reporting = (Map<String, String>) resource.getPropertyValue("AlertDefinition/source/reporting"); + + Assert.assertNull(reporting); + } + } + + @Test + public void testCreateResourcesAsAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsClusterAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsServiceAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createServiceAdministrator()); + } - reporting = (Map<String, String>) resource.getPropertyValue("AlertDefinition/source/reporting"); + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsClusterUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterUser()); + } - Assert.assertNull(reporting); + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsViewUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createViewUser(99L)); } /** * @throws Exception */ - @Test - public void testCreateResources() throws Exception { + public void testCreateResources(Authentication authentication) throws Exception { AmbariManagementController amc = createMock(AmbariManagementController.class); Clusters clusters = createMock(Clusters.class); Cluster cluster = createMock(Cluster.class); @@ -302,6 +425,8 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao, definitionHash); + SecurityContextHolder.getContext().setAuthentication(authentication); + Gson gson = m_factory.getGson(); MetricSource source = (MetricSource)getMockSource(); AlertDefinitionResourceProvider provider = createProvider(amc); @@ -402,11 +527,36 @@ public class AlertDefinitionResourceProviderTest { verify(amc, clusters, cluster, dao); } + @Test + public void testUpdateResourcesAsAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsServiceAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsViewUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createViewUser(99L)); + } + + /** * @throws Exception */ - @Test - public void testUpdateResources() throws Exception { + private void testUpdateResources(Authentication authentication) throws Exception { AmbariManagementController amc = createMock(AmbariManagementController.class); Clusters clusters = createMock(Clusters.class); Cluster cluster = createMock(Cluster.class); @@ -425,6 +575,8 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao, definitionHash); + SecurityContextHolder.getContext().setAuthentication(authentication); + MetricSource source = (MetricSource) getMockSource(); Map<String, Object> requestProps = new HashMap<String, Object>(); @@ -557,6 +709,8 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao, definitionHash); + SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createAdministrator()); + MetricSource source = (MetricSource) getMockSource(); Map<String, Object> requestProps = new HashMap<String, Object>(); requestProps.put(AlertDefinitionResourceProvider.ALERT_DEF_CLUSTER_NAME, "c1"); @@ -592,11 +746,35 @@ public class AlertDefinitionResourceProviderTest { verify(amc, clusters, cluster, dao); } + @Test + public void testDeleteResourcesAsAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsClusterAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsServiceAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsClusterUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsViewUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testDeleteResources() throws Exception { + public void testDeleteResources(Authentication authentication) throws Exception { AmbariManagementController amc = createMock(AmbariManagementController.class); Clusters clusters = createMock(Clusters.class); Cluster cluster = createMock(Cluster.class); @@ -615,6 +793,8 @@ public class AlertDefinitionResourceProviderTest { replay(amc, clusters, cluster, dao, definitionHash); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertDefinitionResourceProvider provider = createProvider(amc); Map<String, Object> requestProps = new HashMap<String, Object>(); @@ -667,6 +847,12 @@ public class AlertDefinitionResourceProviderTest { Source source = getMockSource(); String sourceJson = new Gson().toJson(source); + ResourceEntity clusterResourceEntity = new ResourceEntity(); + clusterResourceEntity.setId(4L); + + ClusterEntity clusterEntity = new ClusterEntity(); + clusterEntity.setResource(clusterResourceEntity); + AlertDefinitionEntity entity = new AlertDefinitionEntity(); entity.setClusterId(Long.valueOf(1L)); entity.setComponentName(null); @@ -680,6 +866,7 @@ public class AlertDefinitionResourceProviderTest { entity.setServiceName(null); entity.setSourceType(SourceType.METRIC); entity.setSource(sourceJson); + entity.setCluster(clusterEntity); return Arrays.asList(entity); } http://git-wip-us.apache.org/repos/asf/ambari/blob/f7ec3bc8/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertGroupResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertGroupResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertGroupResourceProviderTest.java index a41eecf..eaf351d 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertGroupResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AlertGroupResourceProviderTest.java @@ -54,6 +54,8 @@ import org.apache.ambari.server.orm.dao.AlertDispatchDAO; import org.apache.ambari.server.orm.entities.AlertDefinitionEntity; import org.apache.ambari.server.orm.entities.AlertGroupEntity; import org.apache.ambari.server.orm.entities.AlertTargetEntity; +import org.apache.ambari.server.security.TestAuthenticationFactory; +import org.apache.ambari.server.security.authorization.AuthorizationException; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.apache.ambari.server.state.alert.AlertTarget; @@ -61,6 +63,7 @@ import org.apache.ambari.server.state.alert.SourceType; import org.apache.ambari.server.state.alert.TargetType; import org.easymock.Capture; import org.easymock.EasyMock; +import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -69,6 +72,8 @@ import com.google.inject.Guice; import com.google.inject.Injector; import com.google.inject.Module; import com.google.inject.util.Modules; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; /** * {@link AlertGroupResourceProvider} tests. @@ -85,7 +90,7 @@ public class AlertGroupResourceProviderTest { private static final String ALERT_TARGET_DESC = "Admins and Others"; private static final String ALERT_TARGET_TYPE = TargetType.EMAIL.name(); - private static final Long ALERT_DEF_ID = Long.valueOf(10); + private static final Long ALERT_DEF_ID = 10L; private static final String ALERT_DEF_NAME = "Mock Definition"; private static final String ALERT_DEF_LABEL = "Mock Label"; private static final String ALERT_DEF_DESCRIPTION = "Mock Description"; @@ -115,31 +120,88 @@ public class AlertGroupResourceProviderTest { assertNotNull(m_injector); - expect(m_amc.getClusters()).andReturn(m_clusters).atLeastOnce(); - expect(m_clusters.getCluster((String) anyObject())).andReturn(m_cluster).atLeastOnce(); - expect(m_cluster.getClusterId()).andReturn(Long.valueOf(1)).anyTimes(); + expect(m_amc.getClusters()).andReturn(m_clusters).anyTimes(); + expect(m_clusters.getCluster((String) anyObject())).andReturn(m_cluster).anyTimes(); + expect(m_clusters.getClusterById(1L)).andReturn(m_cluster).anyTimes(); + expect(m_cluster.getClusterId()).andReturn(1L).anyTimes(); + expect(m_cluster.getResourceId()).andReturn(4L).anyTimes(); + } + + @After + public void clearAuthentication() { + SecurityContextHolder.getContext().setAuthentication(null); + } + + @Test + public void testGetResourcesNoPredicateAsAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsServiceAdministrator() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test + public void testGetResourcesNoPredicateAsClusterUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createClusterUser()); + } + + @Test + public void testGetResourcesNoPredicateAsViewUser() throws Exception { + testGetResourcesNoPredicate(TestAuthenticationFactory.createViewUser(99L)); } /** * @throws Exception */ - @Test - public void testGetResourcesNoPredicate() throws Exception { - AlertGroupResourceProvider provider = createProvider(null); + private void testGetResourcesNoPredicate(Authentication authentication) throws Exception { + AlertGroupResourceProvider provider = createProvider(m_amc); Request request = PropertyHelper.getReadRequest("AlertGroup/cluster_name", "AlertGroup/id"); + SecurityContextHolder.getContext().setAuthentication(authentication); + Set<Resource> results = provider.getResources(request, null); assertEquals(0, results.size()); } + @Test + public void testGetResourcesClusterPredicateAsAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsServiceAdministrator() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createServiceAdministrator(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsClusterUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createClusterUser(), true); + } + + @Test + public void testGetResourcesClusterPredicateAsViewUser() throws Exception { + testGetResourcesClusterPredicate(TestAuthenticationFactory.createViewUser(99L), false); + } + /** * @throws Exception */ - @Test - public void testGetResourcesClusterPredicate() throws Exception { + private void testGetResourcesClusterPredicate(Authentication authentication, boolean expectResults) throws Exception { Request request = PropertyHelper.getReadRequest( AlertGroupResourceProvider.ALERT_GROUP_ID, AlertGroupResourceProvider.ALERT_GROUP_NAME, @@ -154,36 +216,64 @@ public class AlertGroupResourceProviderTest { replay(m_amc, m_clusters, m_cluster, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertGroupResourceProvider provider = createProvider(m_amc); Set<Resource> results = provider.getResources(request, predicate); - assertEquals(1, results.size()); + assertEquals(expectResults ? 1 : 0, results.size()); - Resource r = results.iterator().next(); + if(expectResults) { + Resource r = results.iterator().next(); - assertEquals(ALERT_GROUP_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); + assertEquals(ALERT_GROUP_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); - assertEquals(ALERT_GROUP_ID, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); + assertEquals(ALERT_GROUP_ID, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); - assertEquals(ALERT_GROUP_CLUSTER_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); + assertEquals(ALERT_GROUP_CLUSTER_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); - // verify definitions do not come back when not requested - assertNull(r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS)); + // verify definitions do not come back when not requested + assertNull(r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS)); - // verify alerts do not come back when not requested - assertNull(r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS)); + // verify alerts do not come back when not requested + assertNull(r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS)); + } verify(m_amc, m_clusters, m_cluster, m_dao); } + @Test + public void testGetResourcesAllPropertiesAsAdministrator() throws Exception { + testGetResourcesAllProperties(TestAuthenticationFactory.createAdministrator(), true); + } + + @Test + public void testGetResourcesAllPropertiesAsClusterAdministrator() throws Exception { + testGetResourcesAllProperties(TestAuthenticationFactory.createClusterAdministrator(), true); + } + + @Test + public void testGetResourcesAllPropertiesAsServiceAdministrator() throws Exception { + testGetResourcesAllProperties(TestAuthenticationFactory.createServiceAdministrator(), true); + } + + @Test + public void testGetResourcesAllPropertiesAsClusterUser() throws Exception { + testGetResourcesAllProperties(TestAuthenticationFactory.createClusterUser(), true); + } + + @Test + public void testGetResourcesAllPropertiesAsViewUser() throws Exception { + testGetResourcesAllProperties(TestAuthenticationFactory.createViewUser(99L), false); + } + /** * @throws Exception */ - @Test - public void testGetResourcesAllProperties() throws Exception { + private void testGetResourcesAllProperties(Authentication authentication, boolean expectResults) throws Exception { Request request = PropertyHelper.getReadRequest(); Predicate predicate = new PredicateBuilder().property( @@ -194,43 +284,70 @@ public class AlertGroupResourceProviderTest { replay(m_amc, m_clusters, m_cluster, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertGroupResourceProvider provider = createProvider(m_amc); Set<Resource> results = provider.getResources(request, predicate); - assertEquals(1, results.size()); + assertEquals(expectResults ? 1 : 0, results.size()); - Resource r = results.iterator().next(); + if(expectResults) { + Resource r = results.iterator().next(); - assertEquals(ALERT_GROUP_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); + assertEquals(ALERT_GROUP_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); - assertEquals(ALERT_GROUP_ID, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); + assertEquals(ALERT_GROUP_ID, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); - assertEquals(ALERT_GROUP_CLUSTER_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); + assertEquals(ALERT_GROUP_CLUSTER_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); - // verify definitions and targets come back when requested - List<AlertDefinitionResponse> definitions = (List<AlertDefinitionResponse>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS); - List<AlertTarget> targets = (List<AlertTarget>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS); + // verify definitions and targets come back when requested + List<AlertDefinitionResponse> definitions = (List<AlertDefinitionResponse>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS); + List<AlertTarget> targets = (List<AlertTarget>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS); - assertNotNull(definitions); - assertEquals(1, definitions.size()); - assertEquals(ALERT_DEF_NAME, definitions.get(0).getName()); - assertEquals(SourceType.METRIC, definitions.get(0).getSourceType()); - assertNotNull(targets); - assertEquals(1, targets.size()); + assertNotNull(definitions); + assertEquals(1, definitions.size()); + assertEquals(ALERT_DEF_NAME, definitions.get(0).getName()); + assertEquals(SourceType.METRIC, definitions.get(0).getSourceType()); + assertNotNull(targets); + assertEquals(1, targets.size()); + } verify(m_amc, m_clusters, m_cluster, m_dao); } + @Test + public void testGetSingleResourceAsAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createAdministrator(), true); + } + + @Test + public void testGetSingleResourceAsClusterAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterAdministrator(), true); + } + + @Test + public void testGetSingleResourceAsServiceAdministrator() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createServiceAdministrator(), true); + } + + @Test + public void testGetSingleResourceAsClusterUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createClusterUser(), true); + } + + @Test(expected = AuthorizationException.class) + public void testGetSingleResourceAsViewUser() throws Exception { + testGetSingleResource(TestAuthenticationFactory.createViewUser(99L), false); + } /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testGetSingleResource() throws Exception { + private void testGetSingleResource(Authentication authentication, boolean expectResults) throws Exception { Request request = PropertyHelper.getReadRequest(); AmbariManagementController amc = createMock(AmbariManagementController.class); @@ -244,46 +361,76 @@ public class AlertGroupResourceProviderTest { expect(m_dao.findGroupById(ALERT_GROUP_ID.longValue())).andReturn( getMockEntities().get(0)); - replay(amc, m_dao); + expect(amc.getClusters()).andReturn(m_clusters).atLeastOnce(); + + replay(amc, m_dao, m_clusters, m_cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertGroupResourceProvider provider = createProvider(amc); Set<Resource> results = provider.getResources(request, predicate); - assertEquals(1, results.size()); + assertEquals(expectResults ? 1 : 0, results.size()); - Resource r = results.iterator().next(); + if(expectResults) { + Resource r = results.iterator().next(); - assertEquals(ALERT_GROUP_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); + assertEquals(ALERT_GROUP_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_NAME)); - assertEquals(ALERT_GROUP_ID, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); + assertEquals(ALERT_GROUP_ID, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_ID)); - assertEquals(ALERT_GROUP_CLUSTER_NAME, - r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); + assertEquals(ALERT_GROUP_CLUSTER_NAME, + r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_CLUSTER_NAME)); - // verify definitions and targets are returned on single instances - List<AlertDefinitionResponse> definitions = (List<AlertDefinitionResponse>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS); - List<AlertTarget> targets = (List<AlertTarget>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS); + // verify definitions and targets are returned on single instances + List<AlertDefinitionResponse> definitions = (List<AlertDefinitionResponse>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_DEFINITIONS); + List<AlertTarget> targets = (List<AlertTarget>) r.getPropertyValue(AlertGroupResourceProvider.ALERT_GROUP_TARGETS); - assertNotNull(definitions); - assertNotNull(targets); + assertNotNull(definitions); + assertNotNull(targets); - assertEquals(1, definitions.size()); - assertEquals(ALERT_DEF_NAME, definitions.get(0).getName()); - assertEquals(SourceType.METRIC, definitions.get(0).getSourceType()); + assertEquals(1, definitions.size()); + assertEquals(ALERT_DEF_NAME, definitions.get(0).getName()); + assertEquals(SourceType.METRIC, definitions.get(0).getSourceType()); - assertEquals(1, targets.size()); - assertEquals(ALERT_TARGET_NAME, targets.get(0).getName()); + assertEquals(1, targets.size()); + assertEquals(ALERT_TARGET_NAME, targets.get(0).getName()); + } verify(amc, m_dao); } + @Test + public void testCreateResourcesAsAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testCreateResourcesAsClusterAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsServiceAdministrator() throws Exception { + testCreateResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsClusterUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testCreateResourcesAsViewUser() throws Exception { + testCreateResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testCreateResources() throws Exception { + public void testCreateResources(Authentication authentication) throws Exception { Capture<List<AlertGroupEntity>> listCapture = new Capture<List<AlertGroupEntity>>(); // the definition IDs to associate with the group @@ -316,6 +463,8 @@ public class AlertGroupResourceProviderTest { replay(m_amc, m_clusters, m_cluster, m_dao, m_definitionDao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertGroupResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = new HashMap<String, Object>(); @@ -344,12 +493,36 @@ public class AlertGroupResourceProviderTest { verify(m_amc, m_clusters, m_cluster, m_dao, m_definitionDao); } + @Test + public void testUpdateResourcesAsAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsServiceAdministrator() throws Exception { + testUpdateResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsClusterUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateResourcesAsViewUser() throws Exception { + testUpdateResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testUpdateResources() throws Exception { + public void testUpdateResources(Authentication authentication) throws Exception { Capture<AlertGroupEntity> entityCapture = new Capture<AlertGroupEntity>(); // the definition IDs to associate with the group @@ -387,6 +560,8 @@ public class AlertGroupResourceProviderTest { replay(m_amc, m_clusters, m_cluster, m_dao, m_definitionDao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertGroupResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = new HashMap<String, Object>(); requestProps.put(AlertGroupResourceProvider.ALERT_GROUP_NAME, @@ -430,14 +605,38 @@ public class AlertGroupResourceProviderTest { verify(m_amc, m_clusters, m_cluster, m_dao, m_definitionDao); } + @Test + public void testUpdateDefaultGroupAsAdministrator() throws Exception { + testUpdateDefaultGroup(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testUpdateDefaultGroupAsClusterAdministrator() throws Exception { + testUpdateDefaultGroup(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateDefaultGroupAsServiceAdministrator() throws Exception { + testUpdateDefaultGroup(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateDefaultGroupAsClusterUser() throws Exception { + testUpdateDefaultGroup(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testUpdateDefaultGroupAsViewUser() throws Exception { + testUpdateDefaultGroup(TestAuthenticationFactory.createViewUser(99L)); + } + /** * Tests that updating a default group doesn't change read-only properties * * @throws Exception */ - @Test @SuppressWarnings("unchecked") - public void testUpdateDefaultGroup() throws Exception { + private void testUpdateDefaultGroup(Authentication authentication) throws Exception { Capture<AlertGroupEntity> entityCapture = new Capture<AlertGroupEntity>(); // the definition IDs to associate with the group @@ -464,6 +663,7 @@ public class AlertGroupResourceProviderTest { AlertGroupEntity group = new AlertGroupEntity(); group.setDefault(true); + group.setClusterId(1L); group.setGroupName(ALERT_GROUP_NAME); group.setAlertDefinitions(getMockDefinitions()); group.setAlertTargets(getMockTargets()); @@ -476,7 +676,9 @@ public class AlertGroupResourceProviderTest { expect(m_dao.findTargetsById(EasyMock.eq(newTargets))).andReturn( newTargetEntities).once(); - replay(m_dao, m_definitionDao); + replay(m_dao, m_definitionDao, m_amc, m_clusters, m_cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertGroupResourceProvider provider = createProvider(m_amc); @@ -517,11 +719,35 @@ public class AlertGroupResourceProviderTest { verify(m_dao, m_definitionDao); } + @Test + public void testDeleteResourcesAsAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createAdministrator()); + } + + @Test + public void testDeleteResourcesAsClusterAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsServiceAdministrator() throws Exception { + testDeleteResources(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsClusterUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteResourcesAsViewUser() throws Exception { + testDeleteResources(TestAuthenticationFactory.createViewUser(99L)); + } + /** * @throws Exception */ - @Test - public void testDeleteResources() throws Exception { + private void testDeleteResources(Authentication authentication) throws Exception { Capture<AlertGroupEntity> entityCapture = new Capture<AlertGroupEntity>(); Capture<List<AlertGroupEntity>> listCapture = new Capture<List<AlertGroupEntity>>(); @@ -530,6 +756,8 @@ public class AlertGroupResourceProviderTest { replay(m_amc, m_clusters, m_cluster, m_dao); + SecurityContextHolder.getContext().setAuthentication(authentication); + AlertGroupResourceProvider provider = createProvider(m_amc); Map<String, Object> requestProps = new HashMap<String, Object>(); @@ -569,13 +797,37 @@ public class AlertGroupResourceProviderTest { verify(m_amc, m_clusters, m_cluster, m_dao); } + @Test + public void testDeleteDefaultGroupAsAdministrator() throws Exception { + testDeleteDefaultGroup(TestAuthenticationFactory.createAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteDefaultGroupAsClusterAdministrator() throws Exception { + testDeleteDefaultGroup(TestAuthenticationFactory.createClusterAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteDefaultGroupAsServiceAdministrator() throws Exception { + testDeleteDefaultGroup(TestAuthenticationFactory.createServiceAdministrator()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteDefaultGroupAsClusterUser() throws Exception { + testDeleteDefaultGroup(TestAuthenticationFactory.createClusterUser()); + } + + @Test(expected = AuthorizationException.class) + public void testDeleteDefaultGroupAsViewUser() throws Exception { + testDeleteDefaultGroup(TestAuthenticationFactory.createViewUser(99L)); + } + /** * Tests that a default group cannot be deleted via the resource provider. * * @throws Exception */ - @Test - public void testDeleteDefaultGroup() throws Exception { + private void testDeleteDefaultGroup(Authentication authentication) throws Exception { AlertGroupEntity group = new AlertGroupEntity(); group.setGroupId(ALERT_GROUP_ID); group.setDefault(true); @@ -586,7 +838,9 @@ public class AlertGroupResourceProviderTest { resetToStrict(m_dao); expect(m_dao.findGroupById(ALERT_GROUP_ID)).andReturn(group).anyTimes(); - replay(m_dao); + replay(m_dao, m_amc, m_clusters, m_cluster); + + SecurityContextHolder.getContext().setAuthentication(authentication); AlertGroupResourceProvider provider = createProvider(m_amc); @@ -597,7 +851,7 @@ public class AlertGroupResourceProviderTest { ALERT_GROUP_ID.toString()).toPredicate(); provider.deleteResources(predicate); - verify(m_dao); + verify(m_dao, m_amc); } /**
