----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/26519/#review56136 -----------------------------------------------------------
Ship it! Ship It! - Jonathan Hurley On Oct. 9, 2014, 6:34 p.m., Alejandro Fernandez wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/26519/ > ----------------------------------------------------------- > > (Updated Oct. 9, 2014, 6:34 p.m.) > > > Review request for Ambari, Jonathan Hurley, Srimanth Gunturi, Sid Wagle, and > Tom Beerbower. > > > Bugs: AMBARI-7717 > https://issues.apache.org/jira/browse/AMBARI-7717 > > > Repository: ambari > > > Description > ------- > > During upgrade to Ambari 1.7.0, local users and admins get migrated fine, > however, Ambari is explicitly giving CLUSTER.READ to admins. > The admins really don't need this READ, they just need CLUSTER.OPERATE (which > they already have). > > This is inteded for both trunk and release candidate branch 1.7.0, so it > needs two +1s. > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java > f5f6297 > > ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog170Test.java > 0c92f44 > > Diff: https://reviews.apache.org/r/26519/diff/ > > > Testing > ------- > > Installed a cluster with Ambari 1.6.1. > An admin had roles of both admin and user. > > $ psql -U ambari -d ambari > ambari=> select u.user_id, u.user_name, ur.role_name from users as u join > user_roles as ur on u.user_id = ur.user_id ORDER BY u.user_id; > user_id | user_name | role_name > ---------+-----------+----------- > 1 | admin | admin > 3 | admin1 | user > 3 | admin1 | admin > 4 | admin2 | user > 4 | admin2 | admin > 5 | user1 | user > 6 | user2 | user > (7 rows) > > After the upgrade, > > ambari=> select u.user_name, u.principal_id, priv.permission_id, > permission_name, t.resource_type_name from adminprivilege as priv join users > as u on u.principal_id = priv.principal_id join adminpermission as perm on > priv.permission_id = perm.permission_id join adminresourcetype as t on > perm.resource_type_id = t.resource_type_id WHERE t.resource_type_name IN > ('CLUSTER', 'AMBARI') ORDER BY u.user_name asc; > user_name | principal_id | permission_id | permission_name | > resource_type_name > -----------+--------------+---------------+-----------------+-------------------- > admin | 3 | 3 | CLUSTER.OPERATE | CLUSTER > admin | 3 | 1 | AMBARI.ADMIN | AMBARI > admin1 | 4 | 3 | CLUSTER.OPERATE | CLUSTER > admin1 | 4 | 1 | AMBARI.ADMIN | AMBARI > admin2 | 5 | 3 | CLUSTER.OPERATE | CLUSTER > admin2 | 5 | 1 | AMBARI.ADMIN | AMBARI > user1 | 6 | 2 | CLUSTER.READ | CLUSTER > user2 | 7 | 2 | CLUSTER.READ | CLUSTER > > > Also, ran unit tests. > ---------------------------------------------------------------------- > Total run:641 > Total errors:0 > Total failures:0 > OK > ... > [INFO] > ------------------------------------------------------------------------ > [INFO] BUILD SUCCESS > [INFO] > ------------------------------------------------------------------------ > [INFO] Total time: 28:41.374s > [INFO] Finished at: Thu Oct 09 14:13:30 PDT 2014 > [INFO] Final Memory: 62M/1564M > [INFO] > ------------------------------------------------------------------------ > > > > Thanks, > > Alejandro Fernandez > >
