[jira] [Created] (AMBARI-25734) CLUSTER.USER is able to perform actions on service through API calls

Tue, 20 Sep 2022 02:14:56 -0700 

Satheesh Akuthota created AMBARI-25734:
------------------------------------------

             Summary: CLUSTER.USER is able to perform actions on service 
through API calls
                 Key: AMBARI-25734
                 URL: https://issues.apache.org/jira/browse/AMBARI-25734
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.7.6
            Reporter: Satheesh Akuthota
         Attachments: Screenshot 2022-09-15 at 3.48.19 PM.png

Hi Team ,

CLUSTER.USER is able to perform actions on services (eg . maintenance off/on on 
ambari_mertrics)

 

[http://abcserver:8080/api/v1/clusters/CERTIFICATION/services/AMBARI_METRICS]

request: 

{code:java}
{
    "ServiceInfo" : {
        "maintenance_state" : "OFF"
    }
} 

{code}


user previlege details : 


{code:java}
{
  "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/";,
  "Users" : {
    "active" : true,
    "admin" : false,
    "consecutive_failures" : 0,
    "created" : 1663235359782,
    "display_name" : "svcambaritest4",
    "groups" : [ ],
    "ldap_user" : false,
    "local_user_name" : "svcambaritest4",
    "user_name" : "svcambaritest4",
    "user_type" : "LOCAL"
  },
  "widget_layouts" : [ ],
  "privileges" : [
    {
      "href" : 
"http://hostservername:8080/api/v1/users/svcambaritest4/privileges/4";,
      "PrivilegeInfo" : {
        "privilege_id" : 4,
        "user_name" : "svcambaritest4"
      }
    }
  ],
  "sources" : [
    {
      "href" : 
"http://hostservername:8080/api/v1/users/svcambaritest4/sources/4";,
      "AuthenticationSourceInfo" : {
        "source_id" : 4,
        "user_name" : "svcambaritest4"
      }
    }
  ]
} 
{code}



{code:java}
{
  "href" : 
"http://sserverhostname:8080/api/v1/users/svcambaritest4/privileges/4";,
  "PrivilegeInfo" : {
    "cluster_name" : "CLUSTERNAME",
    "permission_label" : "Cluster User",
    "permission_name" : "CLUSTER.USER",
    "principal_name" : "svcambaritest4",
    "principal_type" : "USER",
    "privilege_id" : 4,
    "type" : "CLUSTER",
    "user_name" : "svcambaritest4"
  }
}
{code}


Note : From UI we are not able to do this action

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to