[ambari] Diff for: [GitHub] smolnar82 merged pull request #2763: AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for se
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
index 11e9da8a081..1c20bfd1f41 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
@@ -40,6 +40,7 @@
import org.apache.ambari.server.controller.utilities.PredicateHelper;
import org.apache.ambari.server.controller.utilities.PropertyHelper;
import org.apache.ambari.server.security.authorization.RoleAuthorization;
+import org.apache.ambari.server.utils.SecretReference;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
@@ -210,7 +211,7 @@ private Resource toResource(String serviceName, String
componentName, String cat
setResourceProperty(resource, CONFIGURATION_SERVICE_NAME_PROPERTY_ID,
serviceName, requestedIds);
setResourceProperty(resource, CONFIGURATION_COMPONENT_NAME_PROPERTY_ID,
componentName, requestedIds);
setResourceProperty(resource, CONFIGURATION_CATEGORY_PROPERTY_ID,
categoryName, requestedIds);
-setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID,
properties, requestedIds);
+setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID,
SecretReference.maskPasswordInPropertyMap(properties), requestedIds);
setResourceProperty(resource, CONFIGURATION_PROPERTY_TYPES_PROPERTY_ID,
propertyTypes, requestedIds);
return resource;
}
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
index dfd925dd02a..7d556c11e45 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
@@ -94,17 +94,32 @@ public static String generateStub(String configType, Long
configVersion, String
* @return New string with the passwords masked, or null if the property map
is null.
*/
public static String maskPasswordInPropertyMap(String propertyMap) {
-if (null == propertyMap) return null;
-Map maskedMap = new HashMap<>();
-Map map = gson.fromJson(propertyMap, new
TypeToken>() {}.getType());
-for (Map.Entry e : map.entrySet()) {
- String value = e.getValue();
- if (e.getKey().toLowerCase().contains(PASSWORD_TEXT) ||
e.getKey().toLowerCase().contains(PASSWD_TEXT)) {
-value = secretPrefix;
- }
- maskedMap.put(e.getKey(), value);
+if (null == propertyMap) {
+ return null;
+}
+final Map map = gson.fromJson(propertyMap, new
TypeToken>() {}.getType());
+return gson.toJson(maskPasswordInPropertyMap(map));
+ }
+
+ /**
+ * Helper function to mask a string of properties that may contain a
property with a password.
+ * @param propertyMap Property map to mask by replacing any passwords with
the text "SECRET"
+ * @return a new map with the passwords masked, or null if the
propertyMap is null.
+ */
+ public static Map maskPasswordInPropertyMap(Map propertyMap) {
+if (null == propertyMap) {
+ return null;
+}
+final Map maskedMap = new HashMap<>();
+for (Map.Entry property : propertyMap.entrySet()) {
+ String value = isPassword(property.getKey()) ? secretPrefix :
property.getValue();
+ maskedMap.put(property.getKey(), value);
}
-return gson.toJson(maskedMap);
+return maskedMap;
+ }
+
+ private final static boolean isPassword(String propertyName) {
+return propertyName.toLowerCase().contains(PASSWORD_TEXT) ||
propertyName.toLowerCase().contains(PASSWD_TEXT);
}
/**
With regards,
Apache Git Services
[ambari] branch trunk updated (a6aefd1 -> 8245597)
This is an automated email from the ASF dual-hosted git repository. rlevas pushed a change to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git. from a6aefd1 AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763) add 8245597 AMBARI-25065 - Unable to add user in views 'grant permissions' No new revisions were added by this update. Summary of changes: .../src/main/resources/ui/admin-web/app/scripts/services/User.js| 1 - .../resources/ui/admin-web/test/unit/directives/editablelist_test.js| 2 +- 2 files changed, 1 insertion(+), 2 deletions(-)
[ambari] Diff for: [GitHub] rlevas merged pull request #2744: AMBARI-25065 - Unable to add user in views 'grant permissions' (asnaik)
diff --git
a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js
b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js
index e9e52e5093d..2077185fd40 100644
--- a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js
+++ b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js
@@ -40,7 +40,6 @@ angular.module('ambariAdminConsole')
return $http.get(
Settings.baseUrl + '/users?'
+ 'Users/user_name.matches(.*'+name+'.*)'
-+ '=0_size=20'
);
},
getWithRoles: function(userId) {
diff --git
a/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js
b/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js
index e55630087f9..0e654fd065a 100644
---
a/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js
+++
b/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js
@@ -30,7 +30,7 @@ describe('#Editablelist directive', function () {
$modal = _$modal_;
$httpBackend = _$httpBackend_;
$httpBackend.expectGET('views/clusters/clusterInformation.html').respond(200);
-
$httpBackend.whenGET(/\/api\/v1\/users\?Users\/user_name\.matches\(\.\*\.\*\)=0_size=20&_=\d+/).respond(200,
{
+
$httpBackend.whenGET(/\/api\/v1\/users\?Users\/user_name\.matches\(\.\*\.\*\)&_=\d+/).respond(200,
{
items: [
{
Users: {
With regards,
Apache Git Services
[ambari] branch trunk updated: AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763)
This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new a6aefd1 AMBARI-25043. Make sure we mask password properties when
fetching sensitive Ambari configuration via the API (just like we do it for
service configs) (#2763)
a6aefd1 is described below
commit a6aefd1cc942096aa6d212d598618563f6025457
Author: Sandor Molnar
AuthorDate: Mon Jan 14 17:08:08 2019 +0100
AMBARI-25043. Make sure we mask password properties when fetching sensitive
Ambari configuration via the API (just like we do it for service configs)
(#2763)
---
...viceComponentConfigurationResourceProvider.java | 3 +-
.../ambari/server/utils/SecretReference.java | 35 +++---
2 files changed, 27 insertions(+), 11 deletions(-)
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
index 11e9da8..1c20bfd 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
@@ -40,6 +40,7 @@ import
org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
import org.apache.ambari.server.controller.utilities.PredicateHelper;
import org.apache.ambari.server.controller.utilities.PropertyHelper;
import org.apache.ambari.server.security.authorization.RoleAuthorization;
+import org.apache.ambari.server.utils.SecretReference;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
@@ -210,7 +211,7 @@ public class
RootServiceComponentConfigurationResourceProvider extends AbstractA
setResourceProperty(resource, CONFIGURATION_SERVICE_NAME_PROPERTY_ID,
serviceName, requestedIds);
setResourceProperty(resource, CONFIGURATION_COMPONENT_NAME_PROPERTY_ID,
componentName, requestedIds);
setResourceProperty(resource, CONFIGURATION_CATEGORY_PROPERTY_ID,
categoryName, requestedIds);
-setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID,
properties, requestedIds);
+setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID,
SecretReference.maskPasswordInPropertyMap(properties), requestedIds);
setResourceProperty(resource, CONFIGURATION_PROPERTY_TYPES_PROPERTY_ID,
propertyTypes, requestedIds);
return resource;
}
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
index dfd925d..7d556c1 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java
@@ -94,17 +94,32 @@ public class SecretReference {
* @return New string with the passwords masked, or null if the property map
is null.
*/
public static String maskPasswordInPropertyMap(String propertyMap) {
-if (null == propertyMap) return null;
-Map maskedMap = new HashMap<>();
-Map map = gson.fromJson(propertyMap, new
TypeToken>() {}.getType());
-for (Map.Entry e : map.entrySet()) {
- String value = e.getValue();
- if (e.getKey().toLowerCase().contains(PASSWORD_TEXT) ||
e.getKey().toLowerCase().contains(PASSWD_TEXT)) {
-value = secretPrefix;
- }
- maskedMap.put(e.getKey(), value);
+if (null == propertyMap) {
+ return null;
+}
+final Map map = gson.fromJson(propertyMap, new
TypeToken>() {}.getType());
+return gson.toJson(maskPasswordInPropertyMap(map));
+ }
+
+ /**
+ * Helper function to mask a string of properties that may contain a
property with a password.
+ * @param propertyMap Property map to mask by replacing any passwords with
the text "SECRET"
+ * @return a new map with the passwords masked, or null if the
propertyMap is null.
+ */
+ public static Map maskPasswordInPropertyMap(Map propertyMap) {
+if (null == propertyMap) {
+ return null;
+}
+final Map maskedMap = new HashMap<>();
+for (Map.Entry property : propertyMap.entrySet()) {
+ String value = isPassword(property.getKey()) ? secretPrefix :
property.getValue();
+ maskedMap.put(property.getKey(), value);
}
-return gson.toJson(maskedMap);
+return maskedMap;
+ }
+
+ private final static boolean isPassword(String propertyName) {
+return propertyName.toLowerCase().contains(PASSWORD_TEXT) ||
propertyName.toLowerCase().contains(PASSWD_TEXT);
}
/**
[ambari] branch trunk updated: AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username.
This is an automated email from the ASF dual-hosted git repository.
atkach pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new 5cd1e7b1 AMBARI-25102 Dasboard metrics will not load for ambari user
which has dot in their username.
5cd1e7b1 is described below
commit 5cd1e7b17e31a10dc8cee29d52c89388001d68ec
Author: Andrii Tkach
AuthorDate: Mon Jan 14 16:26:34 2019 +0200
AMBARI-25102 Dasboard metrics will not load for ambari user which has dot
in their username.
---
ambari-web/app/utils/db.js | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/ambari-web/app/utils/db.js b/ambari-web/app/utils/db.js
index 2faffb4..78bc99a 100644
--- a/ambari-web/app/utils/db.js
+++ b/ambari-web/app/utils/db.js
@@ -139,6 +139,10 @@ App.db.get = function (namespace, key) {
App.db.data = localStorage.getObject('ambari');
Em.assert('`namespace` should be defined', !!namespace);
checkNamespace(namespace);
+ if (key.contains('user-pref')) {
+// username may contain "." which is the part of "user-pref-*" key so
Em.set should be avoided
+return Em.get(App.db.data, namespace)[key];
+ }
return Em.get(Em.get(App.db.data, namespace), key);
};
@@ -165,7 +169,12 @@ App.db.set = function (namespace, key, value) {
App.db.data = localStorage.getObject('ambari');
Em.assert('`namespace` should be defined', !!namespace);
checkNamespace(namespace);
- Em.set(Em.get(App.db.data, namespace), key, value);
+ if (key.contains('user-pref')) {
+// username may contain "." which is the part of "user-pref-*" key so
Em.set should be avoided
+Em.get(App.db.data, namespace)[key] = value;
+ } else {
+Em.set(Em.get(App.db.data, namespace), key, value);
+ }
localStorage.setObject('ambari', App.db.data);
};
[ambari] Diff for: [GitHub] atkach merged pull request #2764: AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username.
diff --git a/ambari-web/app/utils/db.js b/ambari-web/app/utils/db.js
index 2faffb4a7db..78bc99af57d 100644
--- a/ambari-web/app/utils/db.js
+++ b/ambari-web/app/utils/db.js
@@ -139,6 +139,10 @@ App.db.get = function (namespace, key) {
App.db.data = localStorage.getObject('ambari');
Em.assert('`namespace` should be defined', !!namespace);
checkNamespace(namespace);
+ if (key.contains('user-pref')) {
+// username may contain "." which is the part of "user-pref-*" key so
Em.set should be avoided
+return Em.get(App.db.data, namespace)[key];
+ }
return Em.get(Em.get(App.db.data, namespace), key);
};
@@ -165,7 +169,12 @@ App.db.set = function (namespace, key, value) {
App.db.data = localStorage.getObject('ambari');
Em.assert('`namespace` should be defined', !!namespace);
checkNamespace(namespace);
- Em.set(Em.get(App.db.data, namespace), key, value);
+ if (key.contains('user-pref')) {
+// username may contain "." which is the part of "user-pref-*" key so
Em.set should be avoided
+Em.get(App.db.data, namespace)[key] = value;
+ } else {
+Em.set(Em.get(App.db.data, namespace), key, value);
+ }
localStorage.setObject('ambari', App.db.data);
};
With regards,
Apache Git Services
[ambari-logsearch] branch master updated: [AMBARI-25099] [Log Search UI] two timezones with the same ID (#71)
This is an automated email from the ASF dual-hosted git repository.
tobiasistvan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ambari-logsearch.git
The following commit(s) were added to refs/heads/master by this push:
new 1e939c4 [AMBARI-25099] [Log Search UI] two timezones with the same ID
(#71)
1e939c4 is described below
commit 1e939c443cb5941682711b3cdf2a785666991693
Author: Istvan Tobias
AuthorDate: Tue Jan 15 07:26:46 2019 +0100
[AMBARI-25099] [Log Search UI] two timezones with the same ID (#71)
* [AMBARI-25099] [Log Search UI] two timezones with the same ID
* [AMBARI-25099] [Log Search UI] two timezones with the same ID - Removing
3rd party js file
* [AMBARI-25099] [Log Search UI] two timezones with the same ID - Fix
labels and title
* [AMBARI-25099] [Log Search UI] two timezones with the same ID - change to
native dropdown
* [AMBARI-25099] [Log Search UI] two timezones with the same ID - removing
outline on focus
---
.../src/app/components/app.component.html |4 +-
.../timezone-picker/timezone-picker.component.html |3 +-
.../timezone-picker/timezone-picker.component.ts | 25 -
.../dropdown-list/dropdown-list.component.less |4 +-
.../time-zone-map-input.component.html | 31 +-
.../time-zone-map-input.component.less | 74 +-
.../time-zone-map-input.component.spec.ts | 23 +-
.../time-zone-map-input.component.ts | 163 +-
.../time-zone-map-input.data.ts| 3810
.../src/app/modules/shared/interfaces/timezone.ts |8 +
.../src/app/modules/shared/shared.module.ts|5 +-
ambari-logsearch-web/src/assets/i18n/en.json |9 +
.../src/vendor/js/WorldMapGenerator.min.js | 11 -
13 files changed, 4053 insertions(+), 117 deletions(-)
diff --git a/ambari-logsearch-web/src/app/components/app.component.html
b/ambari-logsearch-web/src/app/components/app.component.html
index 6079b8c..83f563c 100644
--- a/ambari-logsearch-web/src/app/components/app.component.html
+++ b/ambari-logsearch-web/src/app/components/app.component.html
@@ -28,8 +28,8 @@
-
-
+
+
diff --git
a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html
b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html
index 39d7df9..1973775 100644
---
a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html
+++
b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html
@@ -19,7 +19,8 @@
[showCloseBtn]="true"
(onCloseRequest)="onCloseRequest($event)"
class="time-zone-modal">
-
+ {{'timezoneMapInput.modal.title' | translate}}
+
{{'modal.cancel' | translate}}
diff --git
a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts
b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts
index 0c00761..e4618a4 100644
---
a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts
+++
b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts
@@ -19,7 +19,6 @@
import { Component, Input, OnDestroy } from '@angular/core';
import { Router, ActivatedRoute } from '@angular/router';
-import * as $ from 'jquery';
import * as moment from 'moment-timezone';
import { Observable } from 'rxjs/Observable';
import { Subject } from 'rxjs/Subject';
@@ -29,9 +28,6 @@ import { AppStore } from '@app/classes/models/store';
import { selectTimeZone } from '@app/store/selectors/user-settings.selectors';
import { SetUserSettingsAction } from
'@app/store/actions/user-settings.actions';
-import '@vendor/js/WorldMapGenerator.min';
-import {ServerSettingsService} from '@app/services/server-settings.service';
-
@Component({
selector: 'timezone-picker',
templateUrl: './timezone-picker.component.html',
@@ -53,29 +49,8 @@ export class TimeZonePickerComponent implements OnDestroy {
destroyed$: Subject = new Subject();
- readonly mapElementId = 'timezone-map';
-
- private readonly mapOptions = {
-quickLink: [
- {
-PST: 'PST',
-MST: 'MST',
-CST: 'CST',
-EST: 'EST',
-GMT: 'GMT',
-LONDON: 'Europe/London',
-IST: 'IST'
- }
-]
- };
-
- private mapElement: any;
-
- private timeZoneSelect: JQuery;
-
constructor(
private store: Store,
-private settingsService: ServerSettingsService,
private route: ActivatedRoute,
private router: Router
) {
diff --git
a/ambari-logsearch-web/src/app/modules/shared/components/dropdown-list/dropdown-list.component.less
b/ambari-logsearch-web/src/app/modules/shared/components/dropdown-list/dropdown-list.component.less
index c432a0d..48a104b 100644
---
[GitHub] tobias-istvan merged pull request #71: [AMBARI-25099] [Log Search UI] two timezones with the same ID
tobias-istvan merged pull request #71: [AMBARI-25099] [Log Search UI] two timezones with the same ID URL: https://github.com/apache/ambari-logsearch/pull/71 As this is a foreign pull request (from a fork), the diff has been sent to your commit mailing list, commits@ambari.apache.org This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
