[jira] [Commented] (AMBARI-17292) Operations during upgrade are permitted by all roles

Wed, 22 Jun 2016 04:08:18 -0700 

    [ 
https://issues.apache.org/jira/browse/AMBARI-17292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15344126#comment-15344126
 ] 

Hudson commented on AMBARI-17292:
---------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #5130 (See 
[https://builds.apache.org/job/Ambari-trunk-Commit/5130/])
AMBARI-17292. Operations during upgrade are permitted by all roles (aonishuk: 
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=fad241161603b87f0b2669870e8ec2effb841c60])
* 
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeItemResourceProvider.java
* 
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
* 
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/UpgradeResourceProvider.java
* 
ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UpgradeResourceProviderTest.java
* ambari-server/pom.xml
* 
ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UpgradeResourceProviderHDP22Test.java


> Operations during upgrade are permitted by all roles
> ----------------------------------------------------
>
>                 Key: AMBARI-17292
>                 URL: https://issues.apache.org/jira/browse/AMBARI-17292
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Andrew Onischuk
>            Assignee: Andrew Onischuk
>             Fix For: 2.4.0
>
>         Attachments: AMBARI-17292.patch
>
>
> ambari-server --hash  
> 9a2943ba77371f1c20b4f3da900abb7c2e89d22b  
> Build# ambari-server-2.4.0.0-591.x86_64
> **Steps**
>   1. Create user with different roles like Cluster user, Service 
> Administrator etc.
>   2. Login as Ambari admin user and start Express Upgrade (register version, 
> install packages and start EU)
>   3. Pause the Upgrade at any step that requires manual intervention (like 
> stop YARN queue or backup DB or even at Finalize step)
>   4. Logout and login as cluster user
> **Result**:  
> The logged in user has complete access to Upgrade Wizard and can resume
> upgrade  
> Also do actions like Downgrade, 'Ignore and Proceed', 'Retry'
> The same is true for other roles like service administrator too, both during
> upgrade and downgrade
> **Expected Result:** Only Ambari Admin and Cluster Admin should be permitted 
> to perform actions during cluster upgrade
> Screenshots attached for reference while logged in as cluster user role
> (cluser)
> Another observation: While upgrade is in progress, login in a different
> session as cluster user - the cluster user can view the upgrade wizard in
> exact same way as admin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to