AMBARI-14980. Provide explicit ordering for roles (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2871d674 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2871d674 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2871d674 Branch: refs/heads/branch-dev-patch-upgrade Commit: 2871d674f57f46220c2448c6e5dbcb456f04878f Parents: e049216 Author: Robert Levas <[email protected]> Authored: Thu Feb 11 12:59:00 2016 -0500 Committer: Robert Levas <[email protected]> Committed: Thu Feb 11 12:59:04 2016 -0500 ---------------------------------------------------------------------- .../internal/PermissionResourceProvider.java | 3 ++ .../server/orm/entities/PermissionEntity.java | 35 +++++++++++- .../server/upgrade/UpgradeCatalog240.java | 32 ++++++++++- .../main/resources/Ambari-DDL-Derby-CREATE.sql | 17 +++--- .../main/resources/Ambari-DDL-MySQL-CREATE.sql | 17 +++--- .../main/resources/Ambari-DDL-Oracle-CREATE.sql | 19 +++---- .../resources/Ambari-DDL-Postgres-CREATE.sql | 17 +++--- .../Ambari-DDL-Postgres-EMBEDDED-CREATE.sql | 17 +++--- .../resources/Ambari-DDL-SQLAnywhere-CREATE.sql | 17 +++--- .../resources/Ambari-DDL-SQLServer-CREATE.sql | 17 +++--- .../PermissionResourceProviderTest.java | 2 + .../server/upgrade/UpgradeCatalog240Test.java | 57 ++++++++++++++++++-- 12 files changed, 187 insertions(+), 63 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java index 640123e..86f8321 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java @@ -52,6 +52,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider { public static final String PERMISSION_NAME_PROPERTY_ID = "PermissionInfo/permission_name"; public static final String PERMISSION_LABEL_PROPERTY_ID = "PermissionInfo/permission_label"; public static final String RESOURCE_NAME_PROPERTY_ID = "PermissionInfo/resource_name"; + public static final String SORT_ORDER_PROPERTY_ID = "PermissionInfo/sort_order"; /** @@ -71,6 +72,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider { propertyIds.add(PERMISSION_NAME_PROPERTY_ID); propertyIds.add(PERMISSION_LABEL_PROPERTY_ID); propertyIds.add(RESOURCE_NAME_PROPERTY_ID); + propertyIds.add(SORT_ORDER_PROPERTY_ID); } @@ -156,6 +158,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider { setResourceProperty(resource, PERMISSION_NAME_PROPERTY_ID, entity.getPermissionName(), requestedIds); setResourceProperty(resource, PERMISSION_LABEL_PROPERTY_ID, entity.getPermissionLabel(), requestedIds); setResourceProperty(resource, RESOURCE_NAME_PROPERTY_ID, entity.getResourceType().getName(), requestedIds); + setResourceProperty(resource, SORT_ORDER_PROPERTY_ID, entity.getSortOrder(), requestedIds); return resource; } http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java index a692730..43fd71b 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java @@ -57,8 +57,11 @@ public class PermissionEntity { * Admin permission name constants. */ public static final String AMBARI_ADMINISTRATOR_PERMISSION_NAME = "AMBARI.ADMINISTRATOR"; - public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER"; public static final String CLUSTER_ADMINISTRATOR_PERMISSION_NAME = "CLUSTER.ADMINISTRATOR"; + public static final String CLUSTER_OPERATOR_PERMISSION_NAME = "CLUSTER.OPERATOR"; + public static final String SERVICE_ADMINISTRATOR_PERMISSION_NAME = "SERVICE.ADMINISTRATOR"; + public static final String SERVICE_OPERATOR_PERMISSION_NAME = "SERVICE.OPERATOR"; + public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER"; public static final String VIEW_USER_PERMISSION_NAME = "VIEW.USER"; /** @@ -102,6 +105,11 @@ public class PermissionEntity { ) private Collection<RoleAuthorizationEntity> authorizations; + /** + * The permission's explicit sort order + */ + @Column(name = "sort_order", nullable = false) + private Integer sortOrder = 1; // ----- PermissionEntity --------------------------------------------------- @@ -195,7 +203,28 @@ public class PermissionEntity { this.authorizations = authorizations; } -// ----- Object overrides -------------------------------------------------- + /** + * Gets the explicit sort order value for this PermissionEntity + * <p/> + * This value is used to help explicitly order permission entities. For example, order from most + * permissive to least permissive. + * + * @return the explict sorting order value + */ + public Integer getSortOrder() { + return sortOrder; + } + + /** + * Sets the explicit sort order value for this PermissionEntity + * + * @param sortOrder a sorting order value + */ + public void setSortOrder(Integer sortOrder) { + this.sortOrder = sortOrder; + } + + // ----- Object overrides -------------------------------------------------- @Override public boolean equals(Object o) { @@ -208,6 +237,7 @@ public class PermissionEntity { !(permissionName != null ? !permissionName.equals(that.permissionName) : that.permissionName != null) && !(permissionLabel != null ? !permissionLabel.equals(that.permissionLabel) : that.permissionLabel != null) && !(resourceType != null ? !resourceType.equals(that.resourceType) : that.resourceType != null) && + !(sortOrder != null ? !sortOrder.equals(that.sortOrder) : that.sortOrder != null) && !(authorizations != null ? !authorizations.equals(that.authorizations) : that.authorizations != null); } @@ -217,6 +247,7 @@ public class PermissionEntity { result = 31 * result + (permissionName != null ? permissionName.hashCode() : 0); result = 31 * result + (permissionLabel != null ? permissionLabel.hashCode() : 0); result = 31 * result + (resourceType != null ? resourceType.hashCode() : 0); + result = 31 * result + (sortOrder != null ? sortOrder.hashCode() : 0); result = 31 * result + (authorizations != null ? authorizations.hashCode() : 0); return result; } http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java index 3414388..2ea326a 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java @@ -27,9 +27,11 @@ import com.google.inject.Inject; import com.google.inject.Injector; import org.apache.ambari.server.AmbariException; import org.apache.ambari.server.controller.AmbariManagementController; +import org.apache.ambari.server.orm.DBAccessor; import org.apache.ambari.server.orm.dao.AlertDefinitionDAO; import org.apache.ambari.server.orm.dao.DaoUtils; import org.apache.ambari.server.orm.entities.AlertDefinitionEntity; +import org.apache.ambari.server.orm.entities.PermissionEntity; import org.apache.ambari.server.state.Cluster; import org.apache.ambari.server.state.Clusters; import org.slf4j.Logger; @@ -49,6 +51,10 @@ import java.util.UUID; */ public class UpgradeCatalog240 extends AbstractUpgradeCatalog { + protected static final String ADMIN_PERMISSION_TABLE = "adminpermission"; + protected static final String PERMISSION_ID_COL = "permission_name"; + protected static final String SORT_ORDER_COL = "sort_order"; + @Inject DaoUtils daoUtils; @@ -96,7 +102,7 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog { @Override protected void executeDDLUpdates() throws AmbariException, SQLException { - //To change body of implemented methods use File | Settings | File Templates. + updateAdminPermissionTable(); } @Override @@ -108,6 +114,7 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog { protected void executeDMLUpdates() throws AmbariException, SQLException { addNewConfigurationsFromXml(); updateAlerts(); + setRoleSortOrder(); } @@ -303,6 +310,29 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog { return sourceJson.toString(); } + protected void updateAdminPermissionTable() throws SQLException { + // Add the sort_order column to the adminpermission table + dbAccessor.addColumn(ADMIN_PERMISSION_TABLE, new DBAccessor.DBColumnInfo(SORT_ORDER_COL, Short.class, null, 1, false)); + } + protected void setRoleSortOrder() throws SQLException { + String updateStatement = "UPDATE " + ADMIN_PERMISSION_TABLE + " SET " + SORT_ORDER_COL + "=%d WHERE " + PERMISSION_ID_COL + "='%s'"; + + LOG.info("Setting permission labels"); + dbAccessor.executeUpdate(String.format(updateStatement, + 1, PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 2, PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 3, PermissionEntity.CLUSTER_OPERATOR_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 4, PermissionEntity.SERVICE_ADMINISTRATOR_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 5, PermissionEntity.SERVICE_OPERATOR_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 6, PermissionEntity.CLUSTER_USER_PERMISSION_NAME)); + dbAccessor.executeUpdate(String.format(updateStatement, + 7, PermissionEntity.VIEW_USER_PERMISSION_NAME)); + } } http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql index 0fdfd2b..8aee031 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql @@ -525,6 +525,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY(permission_id)); CREATE TABLE roleauthorization ( @@ -1058,20 +1059,20 @@ INSERT INTO adminprincipal (principal_id, principal_type_id) INSERT INTO Users (user_id, principal_id, user_name, user_password) SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00' FROM SYSIBM.SYSDUMMY1; -insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) - SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' FROM SYSIBM.SYSDUMMY1 +insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 2, 'CLUSTER.USER', 2, 'Cluster User' FROM SYSIBM.SYSDUMMY1 + SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' FROM SYSIBM.SYSDUMMY1 + SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 4, 'VIEW.USER', 3, 'View User' FROM SYSIBM.SYSDUMMY1 + SELECT 4, 'VIEW.USER', 3, 'View User', 7 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' FROM SYSIBM.SYSDUMMY1 + SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' FROM SYSIBM.SYSDUMMY1 + SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 FROM SYSIBM.SYSDUMMY1 UNION ALL - SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator' FROM SYSIBM.SYSDUMMY1; + SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5 FROM SYSIBM.SYSDUMMY1; INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' FROM SYSIBM.SYSDUMMY1 UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql index 11e43c2..73b172a 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql @@ -533,6 +533,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY(permission_id)); CREATE TABLE roleauthorization ( @@ -1021,20 +1022,20 @@ insert into adminprincipal (principal_id, principal_type_id) insert into users(user_id, principal_id, user_name, user_password) select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'; -insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) - select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' +insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 union all - select 2, 'CLUSTER.USER', 2, 'Cluster User' + select 2, 'CLUSTER.USER', 2, 'Cluster User', 6 union all - select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' + select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 union all - select 4, 'VIEW.USER', 3, 'View User' + select 4, 'VIEW.USER', 3, 'View User', 7 union all - select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' +select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 union all - select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' + select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 union all - select 7, 'SERVICE.OPERATOR', 2, 'Service Operator'; + select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5; INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql index 8d4ba28..1df396d 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql @@ -522,6 +522,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id NUMBER(10) NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT DEFAULT 1 NOT NULL, PRIMARY KEY(permission_id)); CREATE TABLE roleauthorization ( @@ -656,7 +657,7 @@ CREATE TABLE setting ( name VARCHAR(255) NOT NULL UNIQUE, setting_type VARCHAR(255) NOT NULL, content CLOB NOT NULL, - updated_by VARCHAR(255) NOT NULL DEFAULT '_db', + updated_by VARCHAR(255) DEFAULT '_db' NOT NULL, update_timestamp NUMBER(19) NOT NULL, PRIMARY KEY (id) ); @@ -1013,20 +1014,20 @@ insert into adminprincipal (principal_id, principal_type_id) insert into users(user_id, principal_id, user_name, user_password) select 1,1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00' from dual; -insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) - select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' from dual +insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 from dual union all - select 2, 'CLUSTER.USER', 2, 'Cluster User' from dual + select 2, 'CLUSTER.USER', 2, 'Cluster User', 6 from dual union all - select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' from dual + select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 from dual union all - select 4, 'VIEW.USER', 3, 'View User' from dual + select 4, 'VIEW.USER', 3, 'View User', 7 from dual union all - select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' from dual + select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 from dual union all - select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' from dual + select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 from dual union all - select 7, 'SERVICE.OPERATOR', 2, 'Service Operator' from dual; + select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5 from dual; INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' FROM dual UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql index c762ac4..d948b3b 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql @@ -525,6 +525,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY(permission_id)); CREATE TABLE roleauthorization ( @@ -1058,20 +1059,20 @@ INSERT INTO adminprincipal (principal_id, principal_type_id) INSERT INTO Users (user_id, principal_id, user_name, user_password) SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'; -insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) - SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' +insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 UNION ALL - SELECT 2, 'CLUSTER.USER', 2, 'Cluster User' + SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6 UNION ALL - SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' + SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 UNION ALL - SELECT 4, 'VIEW.USER', 3, 'View User' + SELECT 4, 'VIEW.USER', 3, 'View User', 7 UNION ALL - SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' + SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 UNION ALL - SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' + SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 UNION ALL - SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator'; + SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5; INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql index 81b41fe..5fe742c 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql @@ -586,6 +586,7 @@ CREATE TABLE ambari.adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY(permission_id)); CREATE TABLE ambari.roleauthorization ( @@ -1157,20 +1158,20 @@ INSERT INTO ambari.adminprincipal (principal_id, principal_type_id) INSERT INTO ambari.Users (user_id, principal_id, user_name, user_password) SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'; -insert into ambari.adminpermission(permission_id, permission_name, resource_type_id, permission_label) - SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' +insert into ambari.adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 UNION ALL - SELECT 2, 'CLUSTER.USER', 2, 'Cluster User' + SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6 UNION ALL - SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' + SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 UNION ALL - SELECT 4, 'VIEW.USER', 3, 'View User' + SELECT 4, 'VIEW.USER', 3, 'View User', 7 UNION ALL - SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' + SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 UNION ALL - SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' + SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 UNION ALL - SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator'; + SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5; INSERT INTO ambari.roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql index f8c9b8d..fe1e505 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql @@ -522,6 +522,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY(permission_id)); CREATE TABLE roleauthorization ( @@ -1008,20 +1009,20 @@ insert into adminprincipal (principal_id, principal_type_id) insert into users(user_id, principal_id, user_name, user_password) select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'; -insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) - select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' +insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) + select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 union all - select 2, 'CLUSTER.USER', 2, 'Cluster User' + select 2, 'CLUSTER.USER', 2, 'Cluster User', 6 union all - select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' + select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 union all - select 4, 'VIEW.USER', 3, 'View User' + select 4, 'VIEW.USER', 3, 'View User'. 7 union all - select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' + select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 union all - select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' + select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 union all - select 7, 'SERVICE.OPERATOR', 2, 'Service Operator'; + select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5; INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql index 324c24d..41dac77 100644 --- a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql +++ b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql @@ -617,6 +617,7 @@ CREATE TABLE adminpermission ( permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, permission_label VARCHAR(255), + sort_order SMALLINT NOT NULL DEFAULT 1, PRIMARY KEY CLUSTERED (permission_id) ); @@ -1123,15 +1124,15 @@ BEGIN TRANSACTION insert into users(user_id, principal_id, user_name, user_password) select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'; - insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label) + insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label, sort_order) values - (1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'), - (2, 'CLUSTER.USER', 2, 'Cluster User'), - (3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'), - (4, 'VIEW.USER', 3, 'View User'), - (5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'), - (6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'), - (7, 'SERVICE.OPERATOR', 2, 'Service Operator'); + (1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1), + (2, 'CLUSTER.USER', 2, 'Cluster User', 6), + (3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2), + (4, 'VIEW.USER', 3, 'View User', 7), + (5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3), + (6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4), + (7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5); INSERT INTO roleauthorization(authorization_id, authorization_name) SELECT 'VIEW.USE', 'Use View' UNION ALL http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java index 7658c0f..fb4454e 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java @@ -84,6 +84,7 @@ public class PermissionResourceProviderTest { expect(permissionEntity.getId()).andReturn(99); expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMINISTRATOR"); expect(permissionEntity.getPermissionLabel()).andReturn("Administrator"); + expect(permissionEntity.getSortOrder()).andReturn(1); expect(permissionEntity.getResourceType()).andReturn(resourceTypeEntity); expect(resourceTypeEntity.getName()).andReturn("AMBARI"); @@ -98,6 +99,7 @@ public class PermissionResourceProviderTest { Assert.assertEquals("AMBARI.ADMINISTRATOR", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_NAME_PROPERTY_ID)); Assert.assertEquals("Administrator", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_LABEL_PROPERTY_ID)); Assert.assertEquals("AMBARI", resource.getPropertyValue(PermissionResourceProvider.RESOURCE_NAME_PROPERTY_ID)); + Assert.assertEquals(1, resource.getPropertyValue(PermissionResourceProvider.SORT_ORDER_PROPERTY_ID)); verify(dao, permissionEntity, resourceTypeEntity); } http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java index d1d68f2..608a348 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java @@ -25,25 +25,32 @@ import com.google.inject.Provider; import com.google.inject.persist.PersistService; import junit.framework.Assert; import org.apache.ambari.server.api.services.AmbariMetaInfo; +import org.apache.ambari.server.orm.DBAccessor; import org.apache.ambari.server.orm.GuiceJpaInitializer; import org.apache.ambari.server.orm.InMemoryDefaultTestModule; import org.apache.ambari.server.orm.dao.StackDAO; import org.apache.ambari.server.orm.entities.StackEntity; +import org.easymock.Capture; +import org.easymock.CaptureType; import org.junit.After; import org.junit.Before; import org.junit.Test; import javax.persistence.EntityManager; +import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import static org.easymock.EasyMock.capture; import static org.easymock.EasyMock.createMockBuilder; import static org.easymock.EasyMock.createNiceMock; import static org.easymock.EasyMock.createStrictMock; +import static org.easymock.EasyMock.eq; import static org.easymock.EasyMock.expect; import static org.easymock.EasyMock.expectLastCall; +import static org.easymock.EasyMock.newCapture; import static org.easymock.EasyMock.replay; import static org.easymock.EasyMock.reset; import static org.easymock.EasyMock.verify; @@ -79,28 +86,72 @@ public class UpgradeCatalog240Test { } @Test + public void testExecuteDDLUpdates() throws Exception { + UpgradeCatalog240 upgradeCatalog240 = injector.getInstance(UpgradeCatalog240.class); + + Capture<DBAccessor.DBColumnInfo> capturedColumnInfo = newCapture(); + + DBAccessor dbAccessor = createStrictMock(DBAccessor.class); + dbAccessor.addColumn(eq("adminpermission"), capture(capturedColumnInfo)); + expectLastCall().once(); + + Field field = AbstractUpgradeCatalog.class.getDeclaredField("dbAccessor"); + field.set(upgradeCatalog240, dbAccessor); + + replay(dbAccessor); + + upgradeCatalog240.executeDDLUpdates(); + + verify(dbAccessor); + + DBAccessor.DBColumnInfo columnInfo = capturedColumnInfo.getValue(); + Assert.assertNotNull(columnInfo); + Assert.assertEquals(UpgradeCatalog240.SORT_ORDER_COL, columnInfo.getName()); + Assert.assertEquals(null, columnInfo.getLength()); + Assert.assertEquals(Short.class, columnInfo.getType()); + Assert.assertEquals(1, columnInfo.getDefaultValue()); + Assert.assertEquals(false, columnInfo.isNullable()); + } + + @Test public void testExecuteDMLUpdates() throws Exception { Method addNewConfigurationsFromXml = AbstractUpgradeCatalog.class.getDeclaredMethod("addNewConfigurationsFromXml"); Method updateAlerts = UpgradeCatalog240.class.getDeclaredMethod("updateAlerts"); + Capture<String> capturedStatements = newCapture(CaptureType.ALL); + DBAccessor dbAccessor = createStrictMock(DBAccessor.class); + expect(dbAccessor.executeUpdate(capture(capturedStatements))).andReturn(1).times(7); UpgradeCatalog240 upgradeCatalog240 = createMockBuilder(UpgradeCatalog240.class) .addMockedMethod(addNewConfigurationsFromXml) .addMockedMethod(updateAlerts) .createMock(); + Field field = AbstractUpgradeCatalog.class.getDeclaredField("dbAccessor"); + field.set(upgradeCatalog240, dbAccessor); + upgradeCatalog240.addNewConfigurationsFromXml(); expectLastCall().once(); upgradeCatalog240.updateAlerts(); expectLastCall().once(); - - replay(upgradeCatalog240); + replay(upgradeCatalog240, dbAccessor); upgradeCatalog240.executeDMLUpdates(); - verify(upgradeCatalog240); + verify(upgradeCatalog240, dbAccessor); + + List<String> statements = capturedStatements.getValues(); + Assert.assertNotNull(statements); + Assert.assertEquals(7, statements.size()); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=1 WHERE permission_name='AMBARI.ADMINISTRATOR'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=2 WHERE permission_name='CLUSTER.ADMINISTRATOR'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=3 WHERE permission_name='CLUSTER.OPERATOR'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=4 WHERE permission_name='SERVICE.ADMINISTRATOR'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=5 WHERE permission_name='SERVICE.OPERATOR'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=6 WHERE permission_name='CLUSTER.USER'")); + Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=7 WHERE permission_name='VIEW.USER'")); } @Test
