----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58574/#review172614 -----------------------------------------------------------
Ship it! Ship It! - Balázs Bence Sári On April 21, 2017, 8:15 a.m., Attila Magyar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58574/ > ----------------------------------------------------------- > > (Updated April 21, 2017, 8:15 a.m.) > > > Review request for Ambari, Attila Doroszlai, Balázs Bence Sári, Robert Levas, > and Sebastian Toader. > > > Bugs: AMBARI-20771 > https://issues.apache.org/jira/browse/AMBARI-20771 > > > Repository: ambari > > > Description > ------- > > Characters used in usernames should be constrained such that they cannot > contain the following characters: > Less than symbols ( < ) > Greater than symbols ( > ) > Ampersand ( & ) > Back slashes ( \ ) > Backtick ( ` ) > Pipe ( | ) > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java > 576ca97 > > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java > 4ed777b > ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java > fdc19d1 > > ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java > bb0b0cf > > ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java > d69d49a > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java > 6b98a5b > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java > 9ff381f > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java > 6541a59 > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java > f426c85 > > ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java > e5e36f3 > > ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java > e31a428 > > > Diff: https://reviews.apache.org/r/58574/diff/3/ > > > Testing > ------- > > Added new unittest, tested manually at end to end level using curl. > > > [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: > application/json" -u admin:admin -d > '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' > http://c6401.ambari.apache.org:8080/api/v1/users > { > "status" : 400, > "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]" > } > > Existing tests: PENDING > > > Thanks, > > Attila Magyar > >
