Repository: ambari Updated Branches: refs/heads/branch-2.5 5b6312671 -> dd9904d7e
AMBARI-19363. Log Search: external authentication roles are hard coded (oleewere) Change-Id: I52e4672de69935b9461bfe4c2fa0a01299e6abd5 Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/dd9904d7 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/dd9904d7 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/dd9904d7 Branch: refs/heads/branch-2.5 Commit: dd9904d7ed0cc04ee94bdd685aeea16a387a15ab Parents: 5b63126 Author: oleewere <[email protected]> Authored: Wed Jan 4 20:21:50 2017 +0100 Committer: oleewere <[email protected]> Committed: Thu Jan 5 13:19:31 2017 +0100 ---------------------------------------------------------------------- .../configuration/logsearch-properties.xml | 7 +++++++ .../LOGSEARCH/0.5.0/package/scripts/params.py | 1 - .../stacks/2.4/LOGSEARCH/test_logsearch.py | 2 +- .../test/python/stacks/2.4/configs/default.json | 3 ++- ambari-web/app/data/HDP2/site_properties.js | 21 +++++++++++++------- 5 files changed, 24 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/dd9904d7/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-properties.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-properties.xml b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-properties.xml index 8fc71d5..47872ee 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-properties.xml +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-properties.xml @@ -174,6 +174,13 @@ <on-ambari-upgrade add="true"/> </property> <property> + <name>logsearch.roles.allowed</name> + <value>AMBARI.ADMINISTRATOR,CLUSTER.ADMINISTRATOR</value> + <display-name>Roles allowed</display-name> + <description>Comma separated roles for external authentication</description> + <on-ambari-upgrade add="true"/> + </property> + <property> <name>logsearch.auth.jwt.enabled</name> <value>false</value> <display-name>JWT authentication enabled</display-name> http://git-wip-us.apache.org/repos/asf/ambari/blob/dd9904d7/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py index 811b3ea..5ffd5e6 100644 --- a/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/package/scripts/params.py @@ -218,7 +218,6 @@ logsearch_properties['logsearch.login.credentials.file'] = logsearch_admin_crede logsearch_properties['logsearch.auth.file.enabled'] = 'true' logsearch_properties['logsearch.auth.ldap.enabled'] = 'false' logsearch_properties['logsearch.auth.simple.enabled'] = 'false' -logsearch_properties['logsearch.roles.allowed'] = 'AMBARI.ADMINISTRATOR' logsearch_properties['logsearch.protocol'] = logsearch_ui_protocol http://git-wip-us.apache.org/repos/asf/ambari/blob/dd9904d7/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py index 00dd641..33ac715 100644 --- a/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py +++ b/ambari-server/src/test/python/stacks/2.4/LOGSEARCH/test_logsearch.py @@ -105,7 +105,7 @@ class TestLogSearch(RMFTestCase): 'logsearch.collection.service.logs.replication.factor': '1', 'logsearch.login.credentials.file': 'logsearch-admin.json', 'logsearch.protocol': 'http', - 'logsearch.roles.allowed': 'AMBARI.ADMINISTRATOR', + 'logsearch.roles.allowed': 'AMBARI.ADMINISTRATOR,CLUSTER.ADMINISTRATOR', 'logsearch.service.logs.split.interval.mins': '1', 'logsearch.solr.audit.logs.zk_connect_string': 'c6401.ambari.apache.org:2181/infra-solr', 'logsearch.solr.collection.audit.logs': 'audit_logs', http://git-wip-us.apache.org/repos/asf/ambari/blob/dd9904d7/ambari-server/src/test/python/stacks/2.4/configs/default.json ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/stacks/2.4/configs/default.json b/ambari-server/src/test/python/stacks/2.4/configs/default.json index a601f0b..30e12e9 100644 --- a/ambari-server/src/test/python/stacks/2.4/configs/default.json +++ b/ambari-server/src/test/python/stacks/2.4/configs/default.json @@ -302,7 +302,8 @@ "logsearch.solr.metrics.collector.hosts" : "{metrics_collector_hosts}", "logsearch.auth.external_auth.enabled" : "false", "logsearch.auth.external_auth.host_url" : "{ambari_server_auth_host_url}", - "logsearch.auth.external_auth.login_url" : "/api/v1/users/$USERNAME/privileges?fields=*" + "logsearch.auth.external_auth.login_url" : "/api/v1/users/$USERNAME/privileges?fields=*", + "logsearch.roles.allowed": "AMBARI.ADMINISTRATOR,CLUSTER.ADMINISTRATOR" }, "logfeeder-properties": { "logfeeder.checkpoint.folder" : "/etc/ambari-logsearch-logfeeder/conf/checkpoints", http://git-wip-us.apache.org/repos/asf/ambari/blob/dd9904d7/ambari-web/app/data/HDP2/site_properties.js ---------------------------------------------------------------------- diff --git a/ambari-web/app/data/HDP2/site_properties.js b/ambari-web/app/data/HDP2/site_properties.js index e2a4d4e..abe900f 100644 --- a/ambari-web/app/data/HDP2/site_properties.js +++ b/ambari-web/app/data/HDP2/site_properties.js @@ -2251,54 +2251,61 @@ var hdp2properties = [ "index": 11 }, { - "name": "logsearch.auth.jwt.audiances", + "name": "logsearch.roles.allowed", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 12 }, { - "name": "logsearch.auth.jwt.cookie.name", + "name": "logsearch.auth.jwt.audiances", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 13 }, { - "name": "logsearch.auth.jwt.query.param.original_url", + "name": "logsearch.auth.jwt.cookie.name", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 14 }, { - "name": "logsearch.spnego.kerberos.enabled", + "name": "logsearch.auth.jwt.query.param.original_url", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 15 }, { - "name": "logsearch.spnego.kerberos.keytab", + "name": "logsearch.spnego.kerberos.enabled", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 16 }, { - "name": "logsearch.spnego.kerberos.principal", + "name": "logsearch.spnego.kerberos.keytab", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 17 }, { - "name": "logsearch.spnego.kerberos.host", + "name": "logsearch.spnego.kerberos.principal", "serviceName": "LOGSEARCH", "filename": "logsearch-properties.xml", "category": "Advanced logsearch-properties", "index": 18 }, + { + "name": "logsearch.spnego.kerberos.host", + "serviceName": "LOGSEARCH", + "filename": "logsearch-properties.xml", + "category": "Advanced logsearch-properties", + "index": 19 + }, /*infra-solr-client-log4j*/ { "name": "infra_solr_client_log_dir",
