[jira] [Commented] (AMBARI-21120) Roles below Cluster Administrator should not be allowed to edit repositories and install stack versions

[Hadoop QA (JIRA)]

    [ 
https://issues.apache.org/jira/browse/AMBARI-21120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16024104#comment-16024104
 ] 

Hadoop QA commented on AMBARI-21120:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest 
attachment 
  http://issues.apache.org/jira/secure/attachment/12869782/AMBARI-21120.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author 
tags.

    {color:red}-1 tests included{color}.  The patch doesn't appear to include 
any new or modified tests.
                        Please justify why no new tests are needed for this 
patch.
                        Also please list what manual steps were performed to 
verify this patch.

    {color:green}+1 release audit{color}.  The applied patch does not increase 
the total number of release audit warnings.

    {color:green}+1 javac{color}.  The applied patch does not increase the 
total number of javac compiler warnings.

    {color:red}-1 core tests{color}.  The test build failed in 
[ambari-web|https://builds.apache.org/job/Ambari-trunk-test-patch/11612//artifact/patch-work/testrun_ambari-web.txt]
 

Console output: 
https://builds.apache.org/job/Ambari-trunk-test-patch/11612//console

This message is automatically generated.

> Roles below Cluster Administrator should not be allowed to edit repositories 
> and install stack versions
> -------------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-21120
>                 URL: https://issues.apache.org/jira/browse/AMBARI-21120
>             Project: Ambari
>          Issue Type: Bug
>    Affects Versions: trunk
>            Reporter: Sangeeta Ravindran
>            Assignee: Sangeeta Ravindran
>            Priority: Minor
>             Fix For: trunk
>
>         Attachments: AMBARI-21120.patch
>
>
> Login as a user with a role below Cluster Administrator. For e.g. Service 
> Admnistrator.
> Click on Stack and Versions.
> 1. Try to edit a stack version that is not yet installed on the cluster.
> Click on Save. The UI reloads and returns to Services Dashboard.
> On the browser console, you can see a HTTP 403 because the user does not have 
> the privilege to edit stack versions. 
> 2. Click on Install. When you click on on the popup confirming that the 
> packages will be installed on all hosts, you get a popup with an error 
> "Packages could not be installed. You do not have permissions to access this 
> resource".
>  



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)