Re: Review Request 40437: Add authorizations to permissions so that the definition of a permission (or role) is explicit

Nate Cole Wed, 18 Nov 2015 06:01:22 -0800

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40437/#review107026
-----------------------------------------------------------




ambari-server/src/main/java/org/apache/ambari/server/orm/dao/RoleAuthorizationDAO.java
 (lines 64 - 65)
<https://reviews.apache.org/r/40437/#comment165922>

    If this is going to happen frequently, then a Named Query is appropriate.



ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
 (lines 94 - 95)
<https://reviews.apache.org/r/40437/#comment165924>

    Is this really an entity relationship?  RoleAuthorizationEntity looks like 
a collection table (but could be reading it wrong).  If it is a collection 
table, we could use a @ElementCollection and @CollectionTable.



ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql (lines 526 - 531)
<https://reviews.apache.org/r/40437/#comment165923>

    Oracle tables don't get a schema name.


- Nate Cole


On Nov. 18, 2015, 6:49 a.m., Robert Levas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/40437/
> -----------------------------------------------------------
> 
> (Updated Nov. 18, 2015, 6:49 a.m.)
> 
> 
> Review request for Ambari, Jonathan Hurley, Nate Cole, Robert Nettleton, and 
> Sid Wagle.
> 
> 
> Bugs: AMBARI-13865
>     https://issues.apache.org/jira/browse/AMBARI-13865
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> Add authorizations to permissions so that the definition of a permission (or 
> role) is explicit.
> 
> A new table needs to be created to store the _authorizations_:
> ```
> TABLE roleauthorization (
>   authorization_id VARCHAR(100) NOT NULL,
>   authorization_name VARCHAR(255) NOT NULL,
>   resource_type_id INTEGER NOT NULL,
>   PRIMARY KEY(authorization_id)
> )
> ```
> 
> A new table needs to be added to map _authorizations_ to _permissions_
> ```
> TABLE permission_roleauthorization (
>   permission_id BIGINT NOT NULL,
>   authorization_id VARCHAR(100) NOT NULL,
>   PRIMARY KEY(permission_id, authorization_id)
> );
> ```
> 
> A new Entity needs to be created to hold the authorization record data 
> (`org.apache.ambari.server.orm.entities.AuthorizationEntity`).
> 
> The existing PermissionEntity 
> `org.apache.ambari.server.orm.entities.PermissionEntity` needs to be updated 
> to include AuthorizationEntities.
> 
> 
> Diffs
> -----
> 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RoleAuthorizationResourceProvider.java
>  82981a9 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProvider.java
>  ec686e5 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/dao/RoleAuthorizationDAO.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
>  976aecc 
>   
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/RoleAuthorizationEntity.java
>  PRE-CREATION 
>   
> ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java
>  4251111 
>   ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql 65dacd1 
>   ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql 626b47a 
>   ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql d42fc9f 
>   ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql 
> 3981ab2 
>   ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql 1e64394 
>   ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql 9cde02c 
>   ambari-server/src/main/resources/META-INF/persistence.xml 3357f21 
>   
> ambari-server/src/test/java/org/apache/ambari/server/api/services/RoleAuthorizationServiceTest.java
>  PRE-CREATION 
>   
> ambari-server/src/test/java/org/apache/ambari/server/api/services/UserAuthorizationServiceTest.java
>  PRE-CREATION 
>   
> ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RoleAuthorizationResourceProviderTest.java
>  PRE-CREATION 
>   
> ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java
>  PRE-CREATION 
>   
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java
>  87dbe03 
> 
> Diff: https://reviews.apache.org/r/40437/diff/
> 
> 
> Testing
> -------
> 
> Manually tested
> 
> #Local test results: PASSED
> 
> #Jenkins test results: PENDING
> 
> 
> Thanks,
> 
> Robert Levas
> 
>

Re: Review Request 40437: Add authorizations to permissions so that the definition of a permission (or role) is explicit

Reply via email to