[ambari] Diff for: [GitHub] smolnar82 merged pull request #2763: AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for se
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java index 11e9da8a081..1c20bfd1f41 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java @@ -40,6 +40,7 @@ import org.apache.ambari.server.controller.utilities.PredicateHelper; import org.apache.ambari.server.controller.utilities.PropertyHelper; import org.apache.ambari.server.security.authorization.RoleAuthorization; +import org.apache.ambari.server.utils.SecretReference; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; @@ -210,7 +211,7 @@ private Resource toResource(String serviceName, String componentName, String cat setResourceProperty(resource, CONFIGURATION_SERVICE_NAME_PROPERTY_ID, serviceName, requestedIds); setResourceProperty(resource, CONFIGURATION_COMPONENT_NAME_PROPERTY_ID, componentName, requestedIds); setResourceProperty(resource, CONFIGURATION_CATEGORY_PROPERTY_ID, categoryName, requestedIds); -setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID, properties, requestedIds); +setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID, SecretReference.maskPasswordInPropertyMap(properties), requestedIds); setResourceProperty(resource, CONFIGURATION_PROPERTY_TYPES_PROPERTY_ID, propertyTypes, requestedIds); return resource; } diff --git a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java index dfd925dd02a..7d556c11e45 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java @@ -94,17 +94,32 @@ public static String generateStub(String configType, Long configVersion, String * @return New string with the passwords masked, or null if the property map is null. */ public static String maskPasswordInPropertyMap(String propertyMap) { -if (null == propertyMap) return null; -Map maskedMap = new HashMap<>(); -Map map = gson.fromJson(propertyMap, new TypeToken>() {}.getType()); -for (Map.Entry e : map.entrySet()) { - String value = e.getValue(); - if (e.getKey().toLowerCase().contains(PASSWORD_TEXT) || e.getKey().toLowerCase().contains(PASSWD_TEXT)) { -value = secretPrefix; - } - maskedMap.put(e.getKey(), value); +if (null == propertyMap) { + return null; +} +final Map map = gson.fromJson(propertyMap, new TypeToken>() {}.getType()); +return gson.toJson(maskPasswordInPropertyMap(map)); + } + + /** + * Helper function to mask a string of properties that may contain a property with a password. + * @param propertyMap Property map to mask by replacing any passwords with the text "SECRET" + * @return a new map with the passwords masked, or null if the propertyMap is null. + */ + public static Map maskPasswordInPropertyMap(Map propertyMap) { +if (null == propertyMap) { + return null; +} +final Map maskedMap = new HashMap<>(); +for (Map.Entry property : propertyMap.entrySet()) { + String value = isPassword(property.getKey()) ? secretPrefix : property.getValue(); + maskedMap.put(property.getKey(), value); } -return gson.toJson(maskedMap); +return maskedMap; + } + + private final static boolean isPassword(String propertyName) { +return propertyName.toLowerCase().contains(PASSWORD_TEXT) || propertyName.toLowerCase().contains(PASSWD_TEXT); } /** With regards, Apache Git Services
[ambari] branch trunk updated (a6aefd1 -> 8245597)
This is an automated email from the ASF dual-hosted git repository. rlevas pushed a change to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git. from a6aefd1 AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763) add 8245597 AMBARI-25065 - Unable to add user in views 'grant permissions' No new revisions were added by this update. Summary of changes: .../src/main/resources/ui/admin-web/app/scripts/services/User.js| 1 - .../resources/ui/admin-web/test/unit/directives/editablelist_test.js| 2 +- 2 files changed, 1 insertion(+), 2 deletions(-)
[ambari] Diff for: [GitHub] rlevas merged pull request #2744: AMBARI-25065 - Unable to add user in views 'grant permissions' (asnaik)
diff --git a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js index e9e52e5093d..2077185fd40 100644 --- a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js +++ b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/User.js @@ -40,7 +40,6 @@ angular.module('ambariAdminConsole') return $http.get( Settings.baseUrl + '/users?' + 'Users/user_name.matches(.*'+name+'.*)' -+ '=0_size=20' ); }, getWithRoles: function(userId) { diff --git a/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js b/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js index e55630087f9..0e654fd065a 100644 --- a/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js +++ b/ambari-admin/src/main/resources/ui/admin-web/test/unit/directives/editablelist_test.js @@ -30,7 +30,7 @@ describe('#Editablelist directive', function () { $modal = _$modal_; $httpBackend = _$httpBackend_; $httpBackend.expectGET('views/clusters/clusterInformation.html').respond(200); - $httpBackend.whenGET(/\/api\/v1\/users\?Users\/user_name\.matches\(\.\*\.\*\)=0_size=20&_=\d+/).respond(200, { + $httpBackend.whenGET(/\/api\/v1\/users\?Users\/user_name\.matches\(\.\*\.\*\)&_=\d+/).respond(200, { items: [ { Users: { With regards, Apache Git Services
[ambari] branch trunk updated: AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763)
This is an automated email from the ASF dual-hosted git repository. smolnar pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git The following commit(s) were added to refs/heads/trunk by this push: new a6aefd1 AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763) a6aefd1 is described below commit a6aefd1cc942096aa6d212d598618563f6025457 Author: Sandor Molnar AuthorDate: Mon Jan 14 17:08:08 2019 +0100 AMBARI-25043. Make sure we mask password properties when fetching sensitive Ambari configuration via the API (just like we do it for service configs) (#2763) --- ...viceComponentConfigurationResourceProvider.java | 3 +- .../ambari/server/utils/SecretReference.java | 35 +++--- 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java index 11e9da8..1c20bfd 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java @@ -40,6 +40,7 @@ import org.apache.ambari.server.controller.spi.UnsupportedPropertyException; import org.apache.ambari.server.controller.utilities.PredicateHelper; import org.apache.ambari.server.controller.utilities.PropertyHelper; import org.apache.ambari.server.security.authorization.RoleAuthorization; +import org.apache.ambari.server.utils.SecretReference; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang.StringUtils; @@ -210,7 +211,7 @@ public class RootServiceComponentConfigurationResourceProvider extends AbstractA setResourceProperty(resource, CONFIGURATION_SERVICE_NAME_PROPERTY_ID, serviceName, requestedIds); setResourceProperty(resource, CONFIGURATION_COMPONENT_NAME_PROPERTY_ID, componentName, requestedIds); setResourceProperty(resource, CONFIGURATION_CATEGORY_PROPERTY_ID, categoryName, requestedIds); -setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID, properties, requestedIds); +setResourceProperty(resource, CONFIGURATION_PROPERTIES_PROPERTY_ID, SecretReference.maskPasswordInPropertyMap(properties), requestedIds); setResourceProperty(resource, CONFIGURATION_PROPERTY_TYPES_PROPERTY_ID, propertyTypes, requestedIds); return resource; } diff --git a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java index dfd925d..7d556c1 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/utils/SecretReference.java @@ -94,17 +94,32 @@ public class SecretReference { * @return New string with the passwords masked, or null if the property map is null. */ public static String maskPasswordInPropertyMap(String propertyMap) { -if (null == propertyMap) return null; -Map maskedMap = new HashMap<>(); -Map map = gson.fromJson(propertyMap, new TypeToken>() {}.getType()); -for (Map.Entry e : map.entrySet()) { - String value = e.getValue(); - if (e.getKey().toLowerCase().contains(PASSWORD_TEXT) || e.getKey().toLowerCase().contains(PASSWD_TEXT)) { -value = secretPrefix; - } - maskedMap.put(e.getKey(), value); +if (null == propertyMap) { + return null; +} +final Map map = gson.fromJson(propertyMap, new TypeToken>() {}.getType()); +return gson.toJson(maskPasswordInPropertyMap(map)); + } + + /** + * Helper function to mask a string of properties that may contain a property with a password. + * @param propertyMap Property map to mask by replacing any passwords with the text "SECRET" + * @return a new map with the passwords masked, or null if the propertyMap is null. + */ + public static Map maskPasswordInPropertyMap(Map propertyMap) { +if (null == propertyMap) { + return null; +} +final Map maskedMap = new HashMap<>(); +for (Map.Entry property : propertyMap.entrySet()) { + String value = isPassword(property.getKey()) ? secretPrefix : property.getValue(); + maskedMap.put(property.getKey(), value); } -return gson.toJson(maskedMap); +return maskedMap; + } + + private final static boolean isPassword(String propertyName) { +return propertyName.toLowerCase().contains(PASSWORD_TEXT) || propertyName.toLowerCase().contains(PASSWD_TEXT); } /**
[ambari] branch trunk updated: AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username.
This is an automated email from the ASF dual-hosted git repository. atkach pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ambari.git The following commit(s) were added to refs/heads/trunk by this push: new 5cd1e7b1 AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username. 5cd1e7b1 is described below commit 5cd1e7b17e31a10dc8cee29d52c89388001d68ec Author: Andrii Tkach AuthorDate: Mon Jan 14 16:26:34 2019 +0200 AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username. --- ambari-web/app/utils/db.js | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/ambari-web/app/utils/db.js b/ambari-web/app/utils/db.js index 2faffb4..78bc99a 100644 --- a/ambari-web/app/utils/db.js +++ b/ambari-web/app/utils/db.js @@ -139,6 +139,10 @@ App.db.get = function (namespace, key) { App.db.data = localStorage.getObject('ambari'); Em.assert('`namespace` should be defined', !!namespace); checkNamespace(namespace); + if (key.contains('user-pref')) { +// username may contain "." which is the part of "user-pref-*" key so Em.set should be avoided +return Em.get(App.db.data, namespace)[key]; + } return Em.get(Em.get(App.db.data, namespace), key); }; @@ -165,7 +169,12 @@ App.db.set = function (namespace, key, value) { App.db.data = localStorage.getObject('ambari'); Em.assert('`namespace` should be defined', !!namespace); checkNamespace(namespace); - Em.set(Em.get(App.db.data, namespace), key, value); + if (key.contains('user-pref')) { +// username may contain "." which is the part of "user-pref-*" key so Em.set should be avoided +Em.get(App.db.data, namespace)[key] = value; + } else { +Em.set(Em.get(App.db.data, namespace), key, value); + } localStorage.setObject('ambari', App.db.data); };
[ambari] Diff for: [GitHub] atkach merged pull request #2764: AMBARI-25102 Dasboard metrics will not load for ambari user which has dot in their username.
diff --git a/ambari-web/app/utils/db.js b/ambari-web/app/utils/db.js index 2faffb4a7db..78bc99af57d 100644 --- a/ambari-web/app/utils/db.js +++ b/ambari-web/app/utils/db.js @@ -139,6 +139,10 @@ App.db.get = function (namespace, key) { App.db.data = localStorage.getObject('ambari'); Em.assert('`namespace` should be defined', !!namespace); checkNamespace(namespace); + if (key.contains('user-pref')) { +// username may contain "." which is the part of "user-pref-*" key so Em.set should be avoided +return Em.get(App.db.data, namespace)[key]; + } return Em.get(Em.get(App.db.data, namespace), key); }; @@ -165,7 +169,12 @@ App.db.set = function (namespace, key, value) { App.db.data = localStorage.getObject('ambari'); Em.assert('`namespace` should be defined', !!namespace); checkNamespace(namespace); - Em.set(Em.get(App.db.data, namespace), key, value); + if (key.contains('user-pref')) { +// username may contain "." which is the part of "user-pref-*" key so Em.set should be avoided +Em.get(App.db.data, namespace)[key] = value; + } else { +Em.set(Em.get(App.db.data, namespace), key, value); + } localStorage.setObject('ambari', App.db.data); }; With regards, Apache Git Services
[ambari-logsearch] branch master updated: [AMBARI-25099] [Log Search UI] two timezones with the same ID (#71)
This is an automated email from the ASF dual-hosted git repository. tobiasistvan pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ambari-logsearch.git The following commit(s) were added to refs/heads/master by this push: new 1e939c4 [AMBARI-25099] [Log Search UI] two timezones with the same ID (#71) 1e939c4 is described below commit 1e939c443cb5941682711b3cdf2a785666991693 Author: Istvan Tobias AuthorDate: Tue Jan 15 07:26:46 2019 +0100 [AMBARI-25099] [Log Search UI] two timezones with the same ID (#71) * [AMBARI-25099] [Log Search UI] two timezones with the same ID * [AMBARI-25099] [Log Search UI] two timezones with the same ID - Removing 3rd party js file * [AMBARI-25099] [Log Search UI] two timezones with the same ID - Fix labels and title * [AMBARI-25099] [Log Search UI] two timezones with the same ID - change to native dropdown * [AMBARI-25099] [Log Search UI] two timezones with the same ID - removing outline on focus --- .../src/app/components/app.component.html |4 +- .../timezone-picker/timezone-picker.component.html |3 +- .../timezone-picker/timezone-picker.component.ts | 25 - .../dropdown-list/dropdown-list.component.less |4 +- .../time-zone-map-input.component.html | 31 +- .../time-zone-map-input.component.less | 74 +- .../time-zone-map-input.component.spec.ts | 23 +- .../time-zone-map-input.component.ts | 163 +- .../time-zone-map-input.data.ts| 3810 .../src/app/modules/shared/interfaces/timezone.ts |8 + .../src/app/modules/shared/shared.module.ts|5 +- ambari-logsearch-web/src/assets/i18n/en.json |9 + .../src/vendor/js/WorldMapGenerator.min.js | 11 - 13 files changed, 4053 insertions(+), 117 deletions(-) diff --git a/ambari-logsearch-web/src/app/components/app.component.html b/ambari-logsearch-web/src/app/components/app.component.html index 6079b8c..83f563c 100644 --- a/ambari-logsearch-web/src/app/components/app.component.html +++ b/ambari-logsearch-web/src/app/components/app.component.html @@ -28,8 +28,8 @@ - - + + diff --git a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html index 39d7df9..1973775 100644 --- a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html +++ b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.html @@ -19,7 +19,8 @@ [showCloseBtn]="true" (onCloseRequest)="onCloseRequest($event)" class="time-zone-modal"> - + {{'timezoneMapInput.modal.title' | translate}} + {{'modal.cancel' | translate}} diff --git a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts index 0c00761..e4618a4 100644 --- a/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts +++ b/ambari-logsearch-web/src/app/components/timezone-picker/timezone-picker.component.ts @@ -19,7 +19,6 @@ import { Component, Input, OnDestroy } from '@angular/core'; import { Router, ActivatedRoute } from '@angular/router'; -import * as $ from 'jquery'; import * as moment from 'moment-timezone'; import { Observable } from 'rxjs/Observable'; import { Subject } from 'rxjs/Subject'; @@ -29,9 +28,6 @@ import { AppStore } from '@app/classes/models/store'; import { selectTimeZone } from '@app/store/selectors/user-settings.selectors'; import { SetUserSettingsAction } from '@app/store/actions/user-settings.actions'; -import '@vendor/js/WorldMapGenerator.min'; -import {ServerSettingsService} from '@app/services/server-settings.service'; - @Component({ selector: 'timezone-picker', templateUrl: './timezone-picker.component.html', @@ -53,29 +49,8 @@ export class TimeZonePickerComponent implements OnDestroy { destroyed$: Subject = new Subject(); - readonly mapElementId = 'timezone-map'; - - private readonly mapOptions = { -quickLink: [ - { -PST: 'PST', -MST: 'MST', -CST: 'CST', -EST: 'EST', -GMT: 'GMT', -LONDON: 'Europe/London', -IST: 'IST' - } -] - }; - - private mapElement: any; - - private timeZoneSelect: JQuery; - constructor( private store: Store, -private settingsService: ServerSettingsService, private route: ActivatedRoute, private router: Router ) { diff --git a/ambari-logsearch-web/src/app/modules/shared/components/dropdown-list/dropdown-list.component.less b/ambari-logsearch-web/src/app/modules/shared/components/dropdown-list/dropdown-list.component.less index c432a0d..48a104b 100644 ---
[GitHub] tobias-istvan merged pull request #71: [AMBARI-25099] [Log Search UI] two timezones with the same ID
tobias-istvan merged pull request #71: [AMBARI-25099] [Log Search UI] two timezones with the same ID URL: https://github.com/apache/ambari-logsearch/pull/71 As this is a foreign pull request (from a fork), the diff has been sent to your commit mailing list, commits@ambari.apache.org This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services