[35/50] [abbrv] ambari git commit: AMBARI-21687. User can't add node via Ambari UI when being part of both "cluster user" and "cluster admin" roles (echekanskiy)

Tue, 05 Sep 2017 02:41:59 -0700 

AMBARI-21687. User can't add node via Ambari UI when being part of both 
"cluster user" and "cluster admin" roles (echekanskiy)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/c51540de
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/c51540de
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/c51540de

Branch: refs/heads/feature-branch-AMBARI-21307
Commit: c51540dee89d90bb488c2b1a1269ae7d40d5d509
Parents: 18a16cb
Author: Eugene Chekanskiy <echekans...@apache.org>
Authored: Mon Sep 4 14:53:51 2017 +0300
Committer: Eugene Chekanskiy <echekans...@apache.org>
Committed: Mon Sep 4 14:53:51 2017 +0300

----------------------------------------------------------------------
 .../server/controller/internal/RequestResourceProvider.java  | 8 +++++++-
 .../controller/internal/RequestResourceProviderTest.java     | 2 --
 2 files changed, 7 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/c51540de/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
index 355e572..81f283c 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
@@ -251,7 +251,13 @@ public class RequestResourceProvider extends 
AbstractControllerResourceProvider
                 ? null
                 : actionDefinition.getPermissions();
 
-            if (!AuthorizationHelper.isAuthorized(resourceType, resourceId, 
permissions)) {
+            // here goes ResourceType handling for some specific custom actions
+            ResourceType customActionResourceType = resourceType;
+            if (actionName.contains("check_host")) { // check_host custom 
action
+              customActionResourceType = ResourceType.CLUSTER;
+            }
+
+            if (!AuthorizationHelper.isAuthorized(customActionResourceType, 
resourceId, permissions)) {
               throw new AuthorizationException(String.format("The 
authenticated user is not authorized to execute the action %s.", actionName));
             }
           }

http://git-wip-us.apache.org/repos/asf/ambari/blob/c51540de/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
 
b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
index b2e9472..c0695b1 100644
--- 
a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
+++ 
b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
@@ -1358,13 +1358,11 @@ public class RequestResourceProviderTest {
         EnumSet.of(RoleAuthorization.HOST_ADD_DELETE_HOSTS));
   }
 
-  @Test(expected = AuthorizationException.class)
   public void 
testCreateResourcesCheckHostForNonClusterAsClusterAdministrator() throws 
Exception {
     
testCreateResources(TestAuthenticationFactory.createClusterAdministrator(), 
null, null, "check_host",
         EnumSet.of(RoleAuthorization.HOST_ADD_DELETE_HOSTS));
   }
 
-  @Test(expected = AuthorizationException.class)
   public void testCreateResourcesCheckHostForNonClusterAsClusterOperator() 
throws Exception {
     testCreateResources(TestAuthenticationFactory.createClusterOperator(), 
null, null, "check_host",
         EnumSet.of(RoleAuthorization.HOST_ADD_DELETE_HOSTS));

Reply via email to