-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50822/
-----------------------------------------------------------

Review request for Ambari, Alejandro Fernandez, Jonathan Hurley, Miklos 
Gergely, Nate Cole, Oliver Szabo, and Robert Nettleton.


Bugs: AMBARI-18023
    https://issues.apache.org/jira/browse/AMBARI-18023


Repository: ambari


Description
-------

Enforce granular role-based access control for log search functions.

Users must have the SERVICE.VIEW_OPERATIONAL_LOGS authorization in order to 
perform log search functions.

The following REST API entry points are affected:

# `GET /api/v1/clusters/:CLUSTER_NAME/host_components`
- The LogSearch-related data is to be filtered out if the user does not have 
authorization to view it

# `GET /api/v1/clusters/:CLUSTER_NAME/logging/searchEngine`
- Access is to be denied if the user does does not have authorization to view 
LogSearch-related data


Diffs
-----

  
ambari-server/src/main/java/org/apache/ambari/server/api/services/LoggingService.java
 91123b5 
  
ambari-server/src/main/java/org/apache/ambari/server/controller/logging/LoggingSearchPropertyProvider.java
 f496d32 
  
ambari-server/src/test/java/org/apache/ambari/server/api/services/LoggingServiceTest.java
 28aca49 
  
ambari-server/src/test/java/org/apache/ambari/server/controller/logging/LoggingSearchPropertyProviderTest.java
 af0c7df 
  
ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java
 80ec449 

Diff: https://reviews.apache.org/r/50822/diff/


Testing
-------

Manually tested

# Local test results:

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1:21:08.016s
[INFO] Finished at: Thu Aug 04 18:51:15 EDT 2016
[INFO] Final Memory: 59M/1784M
[INFO] ------------------------------------------------------------------------

# Jenkins test results: PENDING


Thanks,

Robert Levas

Reply via email to