-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/60861/#review181054
-----------------------------------------------------------


Ship it!




Ship It!

- Sebastian Toader


On July 17, 2017, 1:44 p.m., Attila Magyar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/60861/
> -----------------------------------------------------------
> 
> (Updated July 17, 2017, 1:44 p.m.)
> 
> 
> Review request for Ambari, Laszlo Puskas, Robert Levas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-21418
>     https://issues.apache.org/jira/browse/AMBARI-21418
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> When auth to local rules are rebuilt (add new service to kerberized cluster, 
> regenerate keytab, enable kerberos) ambari strips down the /L suffix from the 
> rules that were added by the user.
> 
> The desired behaviour is the following:
>  1. Ambari shouldn't touch the custom rules that were added by the user
>  2. Ambari is allowed to regenerate and modify the ambari managed rule based 
> on the case_insensitive_username_rules
> 
> 
> Diffs
> -----
> 
>   
> ambari-server/src/main/java/org/apache/ambari/server/controller/AuthToLocalBuilder.java
>  1d4abdd 
>   
> ambari-server/src/test/java/org/apache/ambari/server/controller/AuthToLocalBuilderTest.java
>  c08247d 
> 
> 
> Diff: https://reviews.apache.org/r/60861/diff/1/
> 
> 
> Testing
> -------
> 
> Tested the following scenarios:
> 1.
>  - added a custom rule with /L flag: 
> RULE:\[1:$1@$0\]\(.*@HDP01.LOCAL\)s/.\*/ambari-qa//L
>  - rebuilt auth to local rules
>  - check that the custom rule is still there and it still has the /L suffix, 
> and no other rules are changed
> 2.
>  - set case_insensitive_username_rules = false
>  - added a /L suffix to an ambari managed rule
>  - rebuilt auth to local rules
>  - checked that the ambari managed rule has no /L suffix
> 3.
>  - set case_insensitive_username_rules = true
>  - removed the /L suffix from the ambari managed rule
>  - rebuilt auth to local rules
>  - checked that the ambari managed rule has the /L suffix
> 4.
>  - set case_insensitive_username_rules = false
>  - rebuilt auth to local rules
>  - set case_insensitive_username_rules = true
>  - rebuilt auth to local rules
>  - checked that /L suffix was added to the ambari managed rule
> 
> existing tests: 
> 
> Results :
> Tests run: 4813, Failures: 0, Errors: 0, Skipped: 35
> ----------------------------------------------------------------------
> Total run:1145
> Total errors:0
> Total failures:0
> OK
> 
> 
> Thanks,
> 
> Attila Magyar
> 
>

Reply via email to