Repository: ambari Updated Branches: refs/heads/branch-2.4 d8355e62f -> 1c8b14604
AMBARI-17014. Service admin and cluster operator can't modify service configs through API (rlevas) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1c8b1460 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1c8b1460 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1c8b1460 Branch: refs/heads/branch-2.4 Commit: 1c8b146040c277ff2cda26c36ce146b3b01dc07f Parents: d8355e6 Author: Robert Levas <[email protected]> Authored: Fri Jun 3 09:48:05 2016 -0400 Committer: Robert Levas <[email protected]> Committed: Fri Jun 3 09:48:05 2016 -0400 ---------------------------------------------------------------------- .../AmbariAuthorizationFilter.java | 2 ++ .../AmbariAuthorizationFilterTest.java | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/1c8b1460/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java index eeb1a8b..2b9f304 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java @@ -78,6 +78,7 @@ public class AmbariAuthorizationFilter implements Filter { private static final String API_CLUSTER_SERVICES_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/services.*"; private static final String API_CLUSTER_ALERT_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/alert.*"; private static final String API_CLUSTER_HOSTS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/hosts.*"; + private static final String API_CLUSTER_CONFIGURATIONS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/configurations.*"; private static final String API_CLUSTER_HOST_COMPONENTS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/host_components.*"; private static final String API_STACK_VERSIONS_PATTERN = API_VERSION_PREFIX + "/stacks/.*?/versions/.*"; private static final String API_HOSTS_ALL_PATTERN = API_VERSION_PREFIX + "/hosts.*"; @@ -307,6 +308,7 @@ public class AmbariAuthorizationFilter implements Filter { requestURI.matches(VIEWS_CONTEXT_PATH_PATTERN) || requestURI.matches(API_WIDGET_LAYOUTS_PATTERN) || requestURI.matches(API_CLUSTER_HOSTS_ALL_PATTERN) || + requestURI.matches(API_CLUSTER_CONFIGURATIONS_ALL_PATTERN) || requestURI.matches(API_CLUSTER_HOST_COMPONENTS_ALL_PATTERN) || requestURI.matches(API_HOSTS_ALL_PATTERN) || requestURI.matches(API_ALERT_TARGETS_ALL_PATTERN) || http://git-wip-us.apache.org/repos/asf/ambari/blob/1c8b1460/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java index ff47ac2..96b2cfb 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java @@ -79,6 +79,10 @@ public class AmbariAuthorizationFilterTest { urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true); + urlTests.put("/api/v1/clusters/c1/configurations", "GET", true); + urlTests.put("/api/v1/clusters/c1/configurations", "PUT", true); + urlTests.put("/api/v1/clusters/c1/configurations", "POST", true); + urlTests.put("/api/v1/clusters/c1/configurations", "DELETE", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true); urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true); @@ -112,6 +116,10 @@ public class AmbariAuthorizationFilterTest { urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true); + urlTests.put("/api/v1/clusters/c1/configurations", "GET", true); + urlTests.put("/api/v1/clusters/c1/configurations", "PUT", true); + urlTests.put("/api/v1/clusters/c1/configurations", "POST", true); + urlTests.put("/api/v1/clusters/c1/configurations", "DELETE", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true); urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true); @@ -145,6 +153,10 @@ public class AmbariAuthorizationFilterTest { urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true); + urlTests.put("/api/v1/clusters/c1/configurations", "GET", true); + urlTests.put("/api/v1/clusters/c1/configurations", "PUT", true); + urlTests.put("/api/v1/clusters/c1/configurations", "POST", true); + urlTests.put("/api/v1/clusters/c1/configurations", "DELETE", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true); urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true); @@ -178,6 +190,10 @@ public class AmbariAuthorizationFilterTest { urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true); + urlTests.put("/api/v1/clusters/c1/configurations", "GET", true); + urlTests.put("/api/v1/clusters/c1/configurations", "PUT", true); + urlTests.put("/api/v1/clusters/c1/configurations", "POST", true); + urlTests.put("/api/v1/clusters/c1/configurations", "DELETE", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true); urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true); @@ -211,6 +227,10 @@ public class AmbariAuthorizationFilterTest { urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true); urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true); + urlTests.put("/api/v1/clusters/c1/configurations", "GET", true); + urlTests.put("/api/v1/clusters/c1/configurations", "PUT", true); + urlTests.put("/api/v1/clusters/c1/configurations", "POST", true); + urlTests.put("/api/v1/clusters/c1/configurations", "DELETE", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true); urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true); urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true);
