-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/
-----------------------------------------------------------
(Updated April 21, 2017, 8:15 a.m.)
Review request for Ambari, Attila Doroszlai, Balázs Bence Sári, Robert Levas,
and Sebastian Toader.
Changes
-------
added license
Bugs: AMBARI-20771
https://issues.apache.org/jira/browse/AMBARI-20771
Repository: ambari
Description
-------
Characters used in usernames should be constrained such that they cannot
contain the following characters:
Less than symbols ( < )
Greater than symbols ( > )
Ampersand ( & )
Back slashes ( \ )
Backtick ( ` )
Pipe ( | )
Diffs (updated)
-----
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
576ca97
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java
PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
4ed777b
ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java
fdc19d1
ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java
bb0b0cf
ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java
d69d49a
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
6b98a5b
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
9ff381f
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java
6541a59
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java
f426c85
ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java
e5e36f3
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
e31a428
Diff: https://reviews.apache.org/r/58574/diff/3/
Changes: https://reviews.apache.org/r/58574/diff/2-3/
Testing
-------
Added new unittest, tested manually at end to end level using curl.
[root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type:
application/json" -u admin:admin -d
'{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}'
http://c6401.ambari.apache.org:8080/api/v1/users
{
"status" : 400,
"message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
}
Existing tests: PENDING
Thanks,
Attila Magyar