> On June 23, 2016, 3:31 a.m., Myroslav Papirkovskyy wrote:
> > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java,
> >  line 49
> > <https://reviews.apache.org/r/49119/diff/1/?file=1428082#file1428082line49>
> >
> >     IMO user name should be stored and returned in original case.
> >     Only comparison should be case insensitive.
> 
> Robert Levas wrote:
>     I agree that the name should be stored lowercase.
> 
> Nahappan Somasundaram wrote:
>     This is required for backward compatibility. If the DB contains user 
> names in uppercase or mixed case, say like ABCD, then querying it will fail:
>     
>     curl -u admin:admin -X GET http://localhost:8080/api/v1/users/abcd

I think both should happen... store usernames as tolower, and maintain a 
lowercase username in the logic to ensure unifirmity.


- Robert


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49119/#review139221
-----------------------------------------------------------


On June 23, 2016, 11:19 p.m., Nahappan Somasundaram wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/49119/
> -----------------------------------------------------------
> 
> (Updated June 23, 2016, 11:19 p.m.)
> 
> 
> Review request for Ambari, Myroslav Papirkovskyy, Robert Levas, and Sumit 
> Mohanty.
> 
> 
> Bugs: AMBARI-17383
>     https://issues.apache.org/jira/browse/AMBARI-17383
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> AMBARI-17383: User names should be case insensitive
> 
> ** Issue: **
> It should not be possible to add user names that differ only by case. 
> 
> ** Fix: **
> 1. Make a case insensitive string comparision against the DB Users table to 
> see if the input user name already exists.
> 2. Added a new UT to test this change.
> 
> 
> Diffs
> -----
> 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
>  9f82a908114a920087524ea9a42628500972c64d 
>   ambari-server/src/main/java/org/apache/ambari/server/orm/dao/UserDAO.java 
> d209cfcfc5ce5a78354220cf084e9a394841af49 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
>  0bf7ec269f00cbe2506eae1e5692a73af74b1d99 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
>  a8c9b19ade9a31a303095527059c03f2b3341913 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
>  720918b646d4a70b9b53a1d2da05dd391adb03e7 
>   
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
>  1a7b58db3759dff876ca0e909ab62170c8f49955 
>   
> ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
>  dc22bb914df36bb9b3fbf27d3c2fbf1251489553 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
>  a509f541438981a5302f6646df387f27f6095d01 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java
>  b20607814f872547d5f03fbd9a76e7c15c328a96 
>   
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java
>  44fb73c2644a75a8165425b97137dac20042972b 
>   
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
>  4ff751dcbad83ca0eeb27a81fd261e51ec0bd975 
> 
> Diff: https://reviews.apache.org/r/49119/diff/
> 
> 
> Testing
> -------
> 
> ** 1. mvn clean install **
> 
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] Reactor Summary:
> [INFO]
> [INFO] Ambari Main ....................................... SUCCESS [5.972s]
> [INFO] Apache Ambari Project POM ......................... SUCCESS [0.038s]
> [INFO] Ambari Web ........................................ SUCCESS [24.668s]
> [INFO] Ambari Views ...................................... SUCCESS [1.161s]
> [INFO] Ambari Admin View ................................. SUCCESS [9.686s]
> [INFO] ambari-metrics .................................... SUCCESS [0.711s]
> [INFO] Ambari Metrics Common ............................. SUCCESS [0.868s]
> [INFO] Ambari Metrics Hadoop Sink ........................ SUCCESS [1.184s]
> [INFO] Ambari Metrics Flume Sink ......................... SUCCESS [0.648s]
> [INFO] Ambari Metrics Kafka Sink ......................... SUCCESS [0.671s]
> [INFO] Ambari Metrics Storm Sink ......................... SUCCESS [1.630s]
> [INFO] Ambari Metrics Collector .......................... SUCCESS [9.722s]
> [INFO] Ambari Metrics Monitor ............................ SUCCESS [2.332s]
> [INFO] Ambari Metrics Grafana ............................ SUCCESS [0.885s]
> [INFO] Ambari Metrics Assembly ........................... SUCCESS [1:34.064s]
> [INFO] Ambari Server ..................................... SUCCESS [3:11.990s]
> [INFO] Ambari Functional Tests ........................... SUCCESS [1.250s]
> [INFO] Ambari Agent ...................................... SUCCESS [26.046s]
> [INFO] Ambari Client ..................................... SUCCESS [0.053s]
> [INFO] Ambari Python Client .............................. SUCCESS [0.975s]
> [INFO] Ambari Groovy Client .............................. SUCCESS [2.234s]
> [INFO] Ambari Shell ...................................... SUCCESS [0.047s]
> [INFO] Ambari Python Shell ............................... SUCCESS [0.721s]
> [INFO] Ambari Groovy Shell ............................... SUCCESS [1.045s]
> [INFO] ambari-logsearch .................................. SUCCESS [0.262s]
> [INFO] Ambari Logsearch Appender ......................... SUCCESS [0.397s]
> [INFO] Ambari Logsearch Solr Client ...................... SUCCESS [1.177s]
> [INFO] Ambari Logsearch Portal ........................... SUCCESS [6.714s]
> [INFO] Ambari Logsearch Log Feeder ....................... SUCCESS [3.364s]
> [INFO] Ambari Logsearch Assembly ......................... SUCCESS [0.087s]
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] BUILD SUCCESS
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] Total time: 6:31.357s
> [INFO] Finished at: Wed Jun 22 17:10:48 PDT 2016
> [INFO] Final Memory: 327M/1373M
> [INFO] 
> ------------------------------------------------------------------------
> 
> ** 2. mvn test -DskipPythonTests -Dtest=User*Test **
> 
> Results :
> 
> Tests run: 62, Failures: 0, Errors: 0, Skipped: 0
> 
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] BUILD SUCCESS
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] Total time: 53.870s
> [INFO] Finished at: Wed Jun 22 17:12:06 PDT 2016
> [INFO] Final Memory: 56M/933M
> [INFO] 
> ------------------------------------------------------------------------
> 
> ** 3. mvn test -DskipSurefireTests **
> 
> ----------------------------------------------------------------------
> Ran 261 tests in 6.729s
> 
> OK
> ----------------------------------------------------------------------
> Total run:1072
> Total errors:0
> Total failures:0
> OK
> INFO: AMBARI_SERVER_LIB is not set, using default /usr/lib/ambari-server
> INFO: Return code from stack upgrade command, retcode = 0
> StackAdvisor implementation for stack HDP1, version 2.0.6 was not found
> Returning DefaultStackAdvisor implementation
> StackAdvisor implementation for stack XYZ, version 1.0.0 was loaded
> StackAdvisor implementation for stack XYZ, version 1.0.1 was loaded
> Returning XYZ101StackAdvisor implementation
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] BUILD SUCCESS
> [INFO] 
> ------------------------------------------------------------------------
> [INFO] Total time: 1:08.421s
> [INFO] Finished at: Wed Jun 22 17:14:12 PDT 2016
> [INFO] Final Memory: 54M/920M
> [INFO] 
> ------------------------------------------------------------------------
> 
> ** 4. Manual tests **
> 
> Set up a one node cluster with the latest build from trunk and replaced 
> ambari-server JAR with the one from the local build.
> 1. Create a user ABCD. Was able to create the user successfully.
> 2. Create a user abcd. Unable to create the user.
> 3. curl -u admin:admin -H "X-Requested-By: ambari" -X GET 
> http://localhost:8080/api/v1/users/abcd
> 
> {
>   "href" : "http://localhost:8080/api/v1/users/smnaha";,
>   "Users" : {
>     "active" : true,
>     "admin" : false,
>     "groups" : [ ],
>     "ldap_user" : false,
>     "user_name" : "abcd",
>     "user_type" : "LOCAL"
>   },
>   "privileges" : [ ],
>   "widget_layouts" : [ ]
> }
> 
> 4. 3. curl -u admin:admin -H "X-Requested-By: ambari" -X GET 
> http://localhost:8080/api/v1/users/ABCD
> 
> {
>   "href" : "http://localhost:8080/api/v1/users/smnaha";,
>   "Users" : {
>     "active" : true,
>     "admin" : false,
>     "groups" : [ ],
>     "ldap_user" : false,
>     "user_name" : "abcd",
>     "user_type" : "LOCAL"
>   },
>   "privileges" : [ ],
>   "widget_layouts" : [ ]
> }
> 
> 
> Thanks,
> 
> Nahappan Somasundaram
> 
>

Reply via email to