Repository: storm Updated Branches: refs/heads/master 3ee5543f0 -> 0b4741c5a
[STORM-2815] UI HTTP server should return 403 if the user is unauthorized * also dealing with http status code in exceptionToJson function This closes #2421 Project: http://git-wip-us.apache.org/repos/asf/storm/repo Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/f9637c6e Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/f9637c6e Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/f9637c6e Branch: refs/heads/master Commit: f9637c6e680eca1577df795afc1e3e5add6cb44f Parents: 3ee5543 Author: Ethan Li <[email protected]> Authored: Tue Nov 14 14:53:25 2017 -0600 Committer: Jungtaek Lim <[email protected]> Committed: Thu Nov 16 08:21:53 2017 +0900 ---------------------------------------------------------------------- storm-core/src/clj/org/apache/storm/ui/core.clj | 3 ++- storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java | 5 +++-- .../storm/daemon/logviewer/utils/LogviewerResponseBuilder.java | 5 +++-- .../apache/storm/daemon/logviewer/webapp/LogviewerResource.java | 5 +++-- 4 files changed, 11 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/storm/blob/f9637c6e/storm-core/src/clj/org/apache/storm/ui/core.clj ---------------------------------------------------------------------- diff --git a/storm-core/src/clj/org/apache/storm/ui/core.clj b/storm-core/src/clj/org/apache/storm/ui/core.clj index d12ff74..8db46e8 100644 --- a/storm-core/src/clj/org/apache/storm/ui/core.clj +++ b/storm-core/src/clj/org/apache/storm/ui/core.clj @@ -1586,7 +1586,8 @@ (try (handler request) (catch Exception ex - (json-response (UIHelpers/exceptionToJson ex) ((:query-params request) "callback") :status 500))))) + (let [status-code (if (instance? AuthorizationException ex) 403 500)] + (json-response (UIHelpers/exceptionToJson ex status-code) ((:query-params request) "callback") :status status-code)))))) (def app (handler/site (-> main-routes http://git-wip-us.apache.org/repos/asf/storm/blob/f9637c6e/storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java ---------------------------------------------------------------------- diff --git a/storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java b/storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java index 7555998..f29c1f6 100644 --- a/storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java +++ b/storm-core/src/jvm/org/apache/storm/ui/UIHelpers.java @@ -32,6 +32,7 @@ import javax.servlet.Servlet; import org.apache.storm.generated.ExecutorInfo; import org.apache.storm.logging.filters.AccessLoggingFilter; import org.apache.storm.utils.ObjectReader; +import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.HttpConnectionFactory; @@ -292,9 +293,9 @@ public class UIHelpers { return callback != null ? wrapJsonInCallback(callback, serializedData) : serializedData; } - public static Map exceptionToJson(Exception ex) { + public static Map exceptionToJson(Exception ex, int statusCode) { StringWriter sw = new StringWriter(); ex.printStackTrace(new PrintWriter(sw)); - return ImmutableMap.of("error", "Internal Server Error", "errorMessage", sw.toString()); + return ImmutableMap.of("error", statusCode + " " + HttpStatus.getMessage(statusCode), "errorMessage", sw.toString()); } } http://git-wip-us.apache.org/repos/asf/storm/blob/f9637c6e/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/utils/LogviewerResponseBuilder.java ---------------------------------------------------------------------- diff --git a/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/utils/LogviewerResponseBuilder.java b/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/utils/LogviewerResponseBuilder.java index 59570ee..74d70a0 100644 --- a/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/utils/LogviewerResponseBuilder.java +++ b/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/utils/LogviewerResponseBuilder.java @@ -125,8 +125,9 @@ public class LogviewerResponseBuilder { * @param callback callback for JSONP */ public static Response buildExceptionJsonResponse(Exception ex, String callback) { - return new JsonResponseBuilder().setData(UIHelpers.exceptionToJson(ex)) - .setCallback(callback).setStatus(500).build(); + int statusCode = 500; + return new JsonResponseBuilder().setData(UIHelpers.exceptionToJson(ex, statusCode)) + .setCallback(callback).setStatus(statusCode).build(); } private static Map<String, Object> getHeadersForSuccessResponse(String origin) { http://git-wip-us.apache.org/repos/asf/storm/blob/f9637c6e/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/webapp/LogviewerResource.java ---------------------------------------------------------------------- diff --git a/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/webapp/LogviewerResource.java b/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/webapp/LogviewerResource.java index 6478ca6..2e63013 100644 --- a/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/webapp/LogviewerResource.java +++ b/storm-webapp/src/main/java/org/apache/storm/daemon/logviewer/webapp/LogviewerResource.java @@ -231,8 +231,9 @@ public class LogviewerResource { startByteOffset, callback, origin); } catch (InvalidRequestException e) { LOG.error(e.getMessage(), e); - return new JsonResponseBuilder().setData(UIHelpers.exceptionToJson(e)).setCallback(callback) - .setStatus(400).build(); + int statusCode = 400; + return new JsonResponseBuilder().setData(UIHelpers.exceptionToJson(e, statusCode)).setCallback(callback) + .setStatus(statusCode).build(); } }
