> On Nov. 18, 2015, 9:01 a.m., Nate Cole wrote: > > ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql, lines 526-531 > > <https://reviews.apache.org/r/40437/diff/1/?file=1129414#file1129414line526> > > > > Oracle tables don't get a schema name.
Nice catch... I thought I fixed all those copy/paste issues. I don't have a way (that I know of) to test the creation of this schema. > On Nov. 18, 2015, 9:01 a.m., Nate Cole wrote: > > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java, > > lines 94-95 > > <https://reviews.apache.org/r/40437/diff/1/?file=1129410#file1129410line94> > > > > Is this really an entity relationship? RoleAuthorizationEntity looks > > like a collection table (but could be reading it wrong). If it is a > > collection table, we could use a @ElementCollection and @CollectionTable. I guess I am not familiar enough with the symantecs of JPA here.. What I have going seems to work fine. RoleAuthorizationEntity is an item from the `roleauthorization` table. The `permssion_roleauthorization` table is the table that maps roleauthentications to permissions. I will need to look into te definitions of ElemenetCollection and CollectionTable. > On Nov. 18, 2015, 9:01 a.m., Nate Cole wrote: > > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/RoleAuthorizationDAO.java, > > lines 64-65 > > <https://reviews.apache.org/r/40437/diff/1/?file=1129409#file1129409line64> > > > > If this is going to happen frequently, then a Named Query is > > appropriate. I don't see this being called all that often, since it is pretty useless information - until we allow uses to build their own roles. But then again that will still be a small set of API calls. In anycase, I will make this change as it seems to make sense. - Robert ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/40437/#review107026 ----------------------------------------------------------- On Nov. 18, 2015, 6:49 a.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/40437/ > ----------------------------------------------------------- > > (Updated Nov. 18, 2015, 6:49 a.m.) > > > Review request for Ambari, Jonathan Hurley, Nate Cole, Robert Nettleton, and > Sid Wagle. > > > Bugs: AMBARI-13865 > https://issues.apache.org/jira/browse/AMBARI-13865 > > > Repository: ambari > > > Description > ------- > > Add authorizations to permissions so that the definition of a permission (or > role) is explicit. > > A new table needs to be created to store the _authorizations_: > ``` > TABLE roleauthorization ( > authorization_id VARCHAR(100) NOT NULL, > authorization_name VARCHAR(255) NOT NULL, > resource_type_id INTEGER NOT NULL, > PRIMARY KEY(authorization_id) > ) > ``` > > A new table needs to be added to map _authorizations_ to _permissions_ > ``` > TABLE permission_roleauthorization ( > permission_id BIGINT NOT NULL, > authorization_id VARCHAR(100) NOT NULL, > PRIMARY KEY(permission_id, authorization_id) > ); > ``` > > A new Entity needs to be created to hold the authorization record data > (`org.apache.ambari.server.orm.entities.AuthorizationEntity`). > > The existing PermissionEntity > `org.apache.ambari.server.orm.entities.PermissionEntity` needs to be updated > to include AuthorizationEntities. > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RoleAuthorizationResourceProvider.java > 82981a9 > > ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProvider.java > ec686e5 > > ambari-server/src/main/java/org/apache/ambari/server/orm/dao/RoleAuthorizationDAO.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java > 976aecc > > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/RoleAuthorizationEntity.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java > 4251111 > ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql 65dacd1 > ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql 626b47a > ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql d42fc9f > ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql > 3981ab2 > ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql 1e64394 > ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql 9cde02c > ambari-server/src/main/resources/META-INF/persistence.xml 3357f21 > > ambari-server/src/test/java/org/apache/ambari/server/api/services/RoleAuthorizationServiceTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/api/services/UserAuthorizationServiceTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RoleAuthorizationResourceProviderTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java > 87dbe03 > > Diff: https://reviews.apache.org/r/40437/diff/ > > > Testing > ------- > > Manually tested > > #Local test results: PASSED > > #Jenkins test results: PENDING > > > Thanks, > > Robert Levas > >
