AMBARI-21272. LDAP sync requires user to be root (echekanskiy)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/8e9df940 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/8e9df940 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/8e9df940 Branch: refs/heads/branch-feature-AMBARI-20859 Commit: 8e9df940fcc045c7b22cc571cd58d0a1e82dd530 Parents: b5e40f9 Author: Eugene Chekanskiy <[email protected]> Authored: Mon Jul 3 13:15:56 2017 +0300 Committer: Eugene Chekanskiy <[email protected]> Committed: Mon Jul 3 13:15:56 2017 +0300 ---------------------------------------------------------------------- .../src/main/python/ambari_server/setupSecurity.py | 4 ---- ambari-server/src/test/python/TestAmbariServer.py | 13 +------------ 2 files changed, 1 insertion(+), 16 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/8e9df940/ambari-server/src/main/python/ambari_server/setupSecurity.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/python/ambari_server/setupSecurity.py b/ambari-server/src/main/python/ambari_server/setupSecurity.py index 1508d27..17d1025 100644 --- a/ambari-server/src/main/python/ambari_server/setupSecurity.py +++ b/ambari-server/src/main/python/ambari_server/setupSecurity.py @@ -270,10 +270,6 @@ class LdapSyncOptions: # def sync_ldap(options): logger.info("Sync users and groups with configured LDAP.") - if not is_root(): - err = 'Ambari-server sync-ldap should be run with ' \ - 'root-level privileges' - raise FatalException(4, err) properties = get_ambari_properties() http://git-wip-us.apache.org/repos/asf/ambari/blob/8e9df940/ambari-server/src/test/python/TestAmbariServer.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/TestAmbariServer.py b/ambari-server/src/test/python/TestAmbariServer.py index c511237..1c4ebaf 100644 --- a/ambari-server/src/test/python/TestAmbariServer.py +++ b/ambari-server/src/test/python/TestAmbariServer.py @@ -7675,13 +7675,12 @@ class TestAmbariServer(TestCase): @patch("urllib2.urlopen") @patch("urllib2.Request") @patch("base64.encodestring") - @patch("ambari_server.setupSecurity.is_root") @patch("ambari_server.setupSecurity.is_server_runing") @patch("ambari_server.setupSecurity.get_ambari_properties") @patch("ambari_server.setupSecurity.get_validated_string_input") @patch("ambari_server.setupSecurity.logger") def test_sync_ldap_forbidden(self, logger_mock, get_validated_string_input_method, get_ambari_properties_method, - is_server_runing_method, is_root_method, + is_server_runing_method, encodestring_method, request_constructor, urlopen_method): options = self._create_empty_options_mock() @@ -7690,16 +7689,6 @@ class TestAmbariServer(TestCase): options.ldap_sync_users = None options.ldap_sync_groups = None - is_root_method.return_value = False - try: - sync_ldap(options) - self.fail("Should throw exception if not root") - except FatalException as fe: - # Expected - self.assertTrue("root-level" in fe.reason) - pass - is_root_method.return_value = True - is_server_runing_method.return_value = (None, None) try: sync_ldap(options)
