> On Feb. 18, 2016, 7:06 p.m., DIPAYAN BHOWMICK wrote:
> > contrib/views/files/src/main/java/org/apache/ambari/view/filebrowser/DownloadService.java,
> > line 88
> > <https://reviews.apache.org/r/43508/diff/1/?file=1240500#file1240500line88>
> >
> > The reason checkperm was introduced so that the file content is
> > prevented from getting returned to the frontend when the permission check
> > call is made. So, in this case the first call will be a xhr request and the
> > response of it will be the content of the whole file. I ran this patch in
> > my machine and verified this behavior. This is not desirable as then
> > effectively we will be downloading the file twice and will be problematic
> > in case of big files.
Hello Dipayan,
yes, the response returned will have the file content but the download happens
only once. Please correct my understanding on this.
For the case of big files to be handled gracefully, do you propose we add the
"checkperm" condition even in the other 2 APIs with @Path("/zip") and
@Path("/concat") because these 2 APIs still return the actual file content in
the response. By adding the "checkperm" clause, we would make the behavior of
these 2 APIs similar to the API with @Path("/browse") and would be returning
"allowed=true" in the 1st server call.
- Keta
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43508/#review119680
-----------------------------------------------------------
On Feb. 17, 2016, 7:22 p.m., Keta Patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43508/
> -----------------------------------------------------------
>
> (Updated Feb. 17, 2016, 7:22 p.m.)
>
>
> Review request for Ambari, Di Li, DIPAYAN BHOWMICK, Jaimin Jetly, Pallav
> Kulshreshtha, and Srimanth Gunturi.
>
>
> Bugs: AMBARI-14932
> https://issues.apache.org/jira/browse/AMBARI-14932
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Steps to Reproduce:
> 1. go to "View" - "FILES" - " Create Instance"
> 2. go to hdfs file view
> 3. click "download zip" icon
> The click doesn't download any file. The REST call returns 200 OK status.
>
> Detailed steps on configuring Views can be found in the link below:
> http://docs.hortonworks.com/HDPDocuments/Ambari-2.1.0.0/bk_ambari_views_guide/bk_ambari_views_guide-20150721.pdf
>
>
> Diffs
> -----
>
>
> contrib/views/files/src/main/java/org/apache/ambari/view/filebrowser/DownloadService.java
> 749174a
> contrib/views/files/src/main/resources/ui/app/controllers/file.js 88fa5fb
>
> Diff: https://reviews.apache.org/r/43508/diff/
>
>
> Testing
> -------
>
> FIX:
> The check for "allowed" in the controller, from the response of
> zipByRequestId() ("/zip" API call for downloading zip file) resulted in no
> action after clicking the download zip button. This was because there was no
> "allowed" paramter in the response of zip download. This "allowed" property
> was added in the response of browse() ("/browse" API call for downloading
> individual file) to check if the user had permissions for the file or not.
> This was verified by opening the file. If that operation didn't throw an
> error, then it would mean that the user had the required permissions to
> download the individual file. But the fact that the point of execution
> reaches past the statement of opening the file verifies that the user has the
> permission. The check with "checkperm" and setting the response with
> "allowed" attribute in the response is not necessary.
> So, for the fix I simply removed the check for "allowed" from the controller
> and also removed the check for "checkperm" which sets the "allowed" attribute
> in the response.
>
> TESTS:
> There are already exisitng tests for DownloadService, so I haven't added any
> new ones.
>
>
> Thanks,
>
> Keta Patel
>
>
