-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/57718/
-----------------------------------------------------------
(Updated March 17, 2017, 2:27 p.m.)
Review request for Ambari, Attila Magyar, Balázs Bence Sári, DIPAYAN BHOWMICK,
Eugene Chekanskiy, Gaurav Nagar, Laszlo Puskas, and Sebastian Toader.
Bugs: AMBARI-20462
https://issues.apache.org/jira/browse/AMBARI-20462
Repository: ambari
Description
-------
When I create a new user from Ambari UI and let’s say give him ‘Cluster User’
role; later go to Users page it shows the permissions as seen in the screenshot
The UI display is fine, however when I make an API call like below
```
/api/v1/users/tom/privileges?fields=*
```
It shows three entries for each auto_<view>_instance privilege. As an example:
for `AUTO_FILES_INSTANCE` I see three entries like:
```
api/v1/users/tom/privileges/6
api/v1/users/tom/privileges/56
api/v1/users/tom/privileges/106
```
and so on, so we have 16 entries (One for Cluster.User + 3 * privileges for
each of five View instances)
The same behavior is seen for groups too like:
/api/v1/groups/gp1/privileges?fields=*
# Example
It is expected that only one of the following rows exists:
```
ambaricustom=> select * from adminprivilege where privilege_id in (6, 56, 106);
privilege_id | permission_id | resource_id | principal_id
--------------+---------------+-------------+--------------
6 | 4 | 54 | 8
56 | 4 | 54 | 8
106 | 4 | 54 | 8
(3 rows)
```
- permission_id (4): VIEW.USER
- resource_id (54): AUTO_FILES_INSTANCE
- principal_id (8): CLUSTER.USER
# Cause
When Ambari server restarts, it installs the automatically created view
instances without first checking to see if they have been previously created.
Each restart of Ambari server will create a new set of duplicated records.
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrivilegeEntity.java
1832acc
ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
81c4734
ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
e777d5c
ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java
9dfe1a2
ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java
39b3d47
ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
132dd7e
Diff: https://reviews.apache.org/r/57718/diff/2/
Testing (updated)
-------
Manually tested
# Local test results:
```
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 24:01.487s
[INFO] Finished at: Thu Mar 16 22:07:20 EDT 2017
[INFO] Final Memory: 72M/570M
[INFO] ------------------------------------------------------------------------
```
# Jenkins test results:
```
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12859272/AMBARI-20462_trunk_02.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 4 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
ambari-server.
Test results:
https://builds.apache.org/job/Ambari-trunk-test-patch/11070//testReport/
Console output:
https://builds.apache.org/job/Ambari-trunk-test-patch/11070//console
```
Thanks,
Robert Levas
