> On March 1, 2017, 6:57 p.m., Alejandro Fernandez wrote: > > ambari-server/src/main/java/org/apache/ambari/server/controller/RootServiceResponseFactory.java > > Lines 164 (patched) > > <https://reviews.apache.org/r/57168/diff/2/?file=1652019#file1652019line164> > > > > Is this because of some sort of security concern? > > Why hide properties from the API? > > > > If you do want to hide props, perhaps it's best added as a new > > [blacklisted] section to the current file so that both files can be kept > > in-sync. > > Anita Jebaraj wrote: > Hi Alejandro, hiding the properties from the API would help the users to > remove the properties which has information such as database name, database > user name etc, that are not used in the ambari-web, but exposed in the API. > > I would like to follow the approach suggested by Di to create a property > in ambari.properties which would point to the file containing the list that > needs to blacklisted. Eventually if there are many properties that are > blacklisted, adding a section [blacklisted] would cause the ambari.properties > file to grow and make it difficult to maintain. Once the jira is accepted I > can write a wiki about how to use this feature.
I'm ok with this approach. Thank you for explaining - Alejandro ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57168/#review167543 ----------------------------------------------------------- On March 2, 2017, 1:05 a.m., Anita Jebaraj wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57168/ > ----------------------------------------------------------- > > (Updated March 2, 2017, 1:05 a.m.) > > > Review request for Ambari, Di Li, Oleksandr Diachenko, Sangeeta Ravindran, > and Vitalyi Brodetskyi. > > > Bugs: AMBARI-20243 > https://issues.apache.org/jira/browse/AMBARI-20243 > > > Repository: ambari > > > Description > ------- > > Currently all the details from the ambari.properties file is being returned > by the API call. > > Some of those information may not be utilized and hence an option can be > provided to filter the properties > > A ambari-blacklist.properties file can be created, the properties that are > entered in the file, will be removed from the api call that returns the > ambari.properties. > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > eaecf35 > > ambari-server/src/main/java/org/apache/ambari/server/controller/RootServiceResponseFactory.java > dadcf09 > > ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java > 51114f8 > > > Diff: https://reviews.apache.org/r/57168/diff/3/ > > > Testing > ------- > > Added 1 test case > Ran mvn test > > > Thanks, > > Anita Jebaraj > >
