K0K0V0K opened a new pull request, #7013:
URL: https://github.com/apache/hadoop/pull/7013
### Description of PR
- following rest apis did not have authorization
- - /ws/v1/history/containerlogs/{containerid}/{filename}
- - /ws/v1/history/containers/{containerid}/logs
- after this fix it has acl authorization
### How was this patch tested?
Setup:
- mapreduce.cluster.acls.enabled = true on history server
- submit example pi job with user1 (called job1)
- - pi -Dmapreduce.job.queuename=root.default -Dmapreduce.job.acl-view-job=*
10 100
- submit example pi job with user1 (called job2)
- - pi -Dmapreduce.job.queuename=root.default -Dmapreduce.job.acl-view-job='
' 10 100
Before this commit
- Some other user (aka user2) can see job1 and job2 logs via problematic apis
After this commit
- Some user2 can not see job2 logs
### For code changes:
- [ ] Does the title or this PR starts with the corresponding JIRA issue id
(e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the
endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`,
`NOTICE-binary` files?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
