subject:"Review Request 46808\: Role selection in List view of Manage Ambari page does not work correctly"

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-16 Thread Keta Patel



> On May 13, 2016, 10:24 p.m., Richard Zang wrote:
> > Ship It!
> 
> Keta Patel wrote:
> Thank you Richard!
> Could you please help me push in the changes.

Thank you Richard!

Committed to
Trunk:
https://github.com/apache/ambari/commit/e306c393d05ea3d6c28f004a4528f522b5e771cf

Ambari-2.4:
https://github.com/apache/ambari/commit/dfac1a7e00c326d284f1865d9ac1fe6bb9952498

Closing the Review Board request.


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review133219
---


On May 13, 2016, 5:29 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 13, 2016, 5:29 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-13 Thread Keta Patel



> On May 13, 2016, 10:24 p.m., Richard Zang wrote:
> > Ship It!

Thank you Richard!
Could you please help me push in the changes.


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review133219
---


On May 13, 2016, 5:29 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 13, 2016, 5:29 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what is happening 
> with the user's privileges and why. (addressing 1.2 and 2.3)
> 
> 
> Diffs
> -
> 
>   
> ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
>  11a73f6 
>

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-13 Thread Richard Zang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review133219
---


Ship it!




Ship It!

- Richard Zang


On May 13, 2016, 5:29 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 13, 2016, 5:29 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what is happening 
> with the user's privileges and why. (addressing 1.2 and 2.3)
> 
> 
> Diffs
> -
> 
>   
> ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
>  11a73f6 
>   ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js 
> 2321f5e 
>   
>

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-13 Thread Keta Patel



> On May 12, 2016, 9:33 p.m., Richard Zang wrote:
> > ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js,
> >  line 189
> > 
> >
> > Please move hard-coded texts like this to i18n.config.js

Hello Richard,
I have separated the text to i18n.config.js file for 2 of the Alerts used in 
save() and addPrivilege().
Please find all the changes in the new patch "AMBARI-15552-May-13.patch".

Thank you!


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132985
---


On May 13, 2016, 5:29 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 13, 2016, 5:29 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-13 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 13, 2016, 5:29 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

Reproduction Steps:
1. Go to Admin->Manage Ambari
2. Create a group with a few users belonging to it.
(I have created "mygroup" with "user1", "user2", "user3")
(attachments "user1.tiff", "mygroup.tiff" shows samples)
3. Go to Clusters->Roles on the left navigation menu.
4. The default view is the "Block" view for the roles. Assign "mygroup" a role,
say "Cluster User".
(attachment "block_view_original.tiff")
5. Click on "List" view, it will show Users by default. It correctly shows the
role "Cluster User" for each user in "mygroup".
(attachment "list_view_users.tiff")
6. Now, try adding a new Role, say "Service Operator", to one of the users, say
"user3".
(attachments "list_view_add_role_to_user_step1.tiff",
"list_view_add_role_to_user_step2.tiff")
7. After making this change, the role gets added for that user (in our case
"user3"), but the roles from other users in its group gets removed. Also, the
previous role for the user ("user3") is replaced by the new Role.
(attachment "list_view_add_role_to_user_step3.tiff")
8. You can confirm this from the the "Block" view.
(attachment "block_view_after_step3.tiff")

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

CASE-1: The displayed role (effective privilege) comes from an explicitly
assigned role to the user.
1.1) The new selected role correctly replaces the existing privilege that was
explicitly assigned to the user.
1.2) But if the user was assigned multiple roles explicilty (before the fix for
AMBARI-16102 got pushed in), then all the other roles, which are of lower
privilege than the role that got replaced, are still displayed in the Block
view (because those roles are still in the database). So, if the new selected
role happened to be of a lower privilege than and existing role of the user,
then even though the user sees a success Alert message, the effective privileg
he sees is different. For the Ambari user, this behavior is not easily
understandable.

CASE-2: The displayed role (effective privilege) comes from a group the user
belongs to.
2.1) If the new selected privilege is higher than the effective privilege
coming from the user's group(s), then the newly selected role replaces this
"group" privilege in the database, insetad of creating a new entry.
2.2) As a result of losing the group privilege, all the group members also lose
their privileges and they show "None" as their effective privilege.
2.3) If the newly selected privilege is lower than effective group privilege,
the Alert message shows a success of role change but the effective privilge is
still not the one that the Ambari user selected.

Expected results:
1. Updating a Role of a user must replace any/all of the explicit roles it has
been assigned through the Block View. (this addresses 1.2)
Note: Even though AMBARI-16102 has attempted to fix the Block view by allowing
only a user to have just one role assigned to it, there could be cases where
the earlier version of Block view has already allowed users to have multiple
roles. So, taking this into consideration, the fix must address removing any or
all of the roles the user was assigned explicitly.
2. Adding a Role to a user must not affect the Roles of other users in its
group. (addressing 2.1 and 2.2)
3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to
None". This may not reflect the correct privilege status as the user might
have some effective privilege coming from its group(s). In the fix, the Alert
must show the relevant message.
4. Alert messages must show more informative messages of what is happening with
the user's privileges and why. (addressing 1.2 and 2.3)

Diffs (updated)
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
11a73f6
ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js
2321f5e
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-12 Thread Richard Zang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132985
---




ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
 (line 188)


Please move hard-coded texts like this to i18n.config.js


- Richard Zang


On May 12, 2016, 7:57 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 12, 2016, 7:57 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what is happening 
> with the user's privileges and why. (addressing 1.2 and 2.3)
> 
> 
> Diffs
> -
> 
>   
>

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-12 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 12, 2016, 7:57 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs (updated)
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
11a73f6
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-12 Thread Keta Patel



> On May 10, 2016, 10:28 p.m., Richard Zang wrote:
> > ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js,
> >  line 181
> > 
> >
> > loadUser() needs to be called strictly after delete/add operation to 
> > have the up-to-date roles loaded. It's better to put it in the then block. 
> > This can be tested in the case I mentioned earlier: mygroup has "cluster 
> > user" role and aaa bbb ccc are in mygroup. Change aaa to "cluster 
> > administrator", confirm, then change aaa back to None, aaa stays at 
> > "cluster administrator" because loadUser() happens before delete finishes.
> 
> Keta Patel wrote:
> As per your suggestion, I have added "addPrivilege(user)" to the then 
> clause of the deletePrivilege calls. Since I use individual delete calls for 
> the various privilege IDs, I make use of "Prromise.all().then()" to ensure 
> that addPrivilege() gets called only after all the delete calls are complete. 
> The patch "AMBARI-15552-May-11.patch" contains these changes.
> I couldn't figure out using "deletePrivileges()" to delete a set of 
> privileges and so made use of these individual calls. If you think using the 
> individual "deletePrivileges()" call is workable in this case, could you 
> please provide me with the information on the valid attributes for the body.
> 
> Thank you!
> 
> Richard Zang wrote:
> Please try DELETE 
> http://c6401.ambari.apache.org:8080/api/v1/clusters/c1/privileges?PrivilegeInfo/privilege_id.in(12,13)

Hello Richard,
Thank you providing the information on using the deleting multiple Privileges 
API.
I have updated the patch to use this API now. This will save making multiple 
calls to delete the different privileges.
Please find the updated patch named "AMBARI-15552-May-12.patch" with all the 
relevant changes for this Jira.

Keta


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132555
---


On May 11, 2016, 10:08 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 11, 2016, 10:08 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-11 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 11, 2016, 10:08 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
32f46c1
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following the server

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-11 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 11, 2016, 10:08 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs (updated)
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
11a73f6
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-11 Thread Keta Patel



> On May 10, 2016, 10:28 p.m., Richard Zang wrote:
> > ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js,
> >  line 162
> > 
> >
> > effectivePrivilegeFromGroups has been calculated on line 152 already.

Hello Richard,
Thank you for pointing this out. It was a redundant call. I have removed this 
statement in the new patch "AMBARI-15552-May-11.patch".


> On May 10, 2016, 10:28 p.m., Richard Zang wrote:
> > ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js,
> >  line 181
> > 
> >
> > loadUser() needs to be called strictly after delete/add operation to 
> > have the up-to-date roles loaded. It's better to put it in the then block. 
> > This can be tested in the case I mentioned earlier: mygroup has "cluster 
> > user" role and aaa bbb ccc are in mygroup. Change aaa to "cluster 
> > administrator", confirm, then change aaa back to None, aaa stays at 
> > "cluster administrator" because loadUser() happens before delete finishes.

As per your suggestion, I have added "addPrivilege(user)" to the then clause of 
the deletePrivilege calls. Since I use individual delete calls for the various 
privilege IDs, I make use of "Prromise.all().then()" to ensure that 
addPrivilege() gets called only after all the delete calls are complete. The 
patch "AMBARI-15552-May-11.patch" contains these changes.
I couldn't figure out using "deletePrivileges()" to delete a set of privileges 
and so made use of these individual calls. If you think using the individual 
"deletePrivileges()" call is workable in this case, could you please provide me 
with the information on the valid attributes for the body.

Thank you!


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132555
---


On May 10, 2016, 7:49 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 10, 2016, 7:49 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
>

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-11 Thread Keta Patel



> On May 10, 2016, 10:31 p.m., Richard Zang wrote:
> > ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js,
> >  line 165
> > 
> >
> > if user change permission to None, currentIndex will be -1. I would 
> > recommend creating a function like getRoleRank which will give out a rank 
> > for all roles including None and View User.

I have added a new function $scope.getRoleRank(permission_name) that returns 
the index of the permission. As per your suggestions, I have added VIEW.USER 
and CLUSTER.NONE to the list of OrderedRoles. CLUSTER.NONE is the last in the 
ordered list with an index of '6'.
I have updated the code accordingly in the patch "AMBARI-15552-May-11.patch".


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132558
---


On May 10, 2016, 7:49 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 10, 2016, 7:49 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2.

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-10 Thread Richard Zang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132558
---




ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
 (line 165)


if user change permission to None, currentIndex will be -1. I would 
recommend creating a function like getRoleRank which will give out a rank for 
all roles including None and View User.


- Richard Zang


On May 10, 2016, 7:49 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 10, 2016, 7:49 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-10 Thread Richard Zang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132555
---




ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
 (line 162)


effectivePrivilegeFromGroups has been calculated on line 152 already.



ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
 (line 181)


loadUser() needs to be called strictly after delete/add operation to have 
the up-to-date roles loaded. It's better to put it in the then block. This can 
be tested in the case I mentioned earlier: mygroup has "cluster user" role and 
aaa bbb ccc are in mygroup. Change aaa to "cluster administrator", confirm, 
then change aaa back to None, aaa stays at "cluster administrator" because 
loadUser() happens before delete finishes.


- Richard Zang


On May 10, 2016, 7:49 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 10, 2016, 7:49 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-10 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 10, 2016, 7:49 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs (updated)
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
32f46c1
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-10 Thread Keta Patel



> On May 9, 2016, 9:42 p.m., Richard Zang wrote:
> > File Attachment: AMBARI-15552-May-05.patch - AMBARI-15552-May-05.patch
> > 
> >
> > Coding style needs to be fixed(many places). Also, could you please 
> > attach the latest patch to JIRA after the fix?

Hello Richard,
Thank you for the suggestion. I have updated the patch and attached it as 
"AMBARI-15552-May-10.patch" both on the JIRA and here on the Review Board. The 
changes involve corrections in the white spaces for "if", "for" loops and 
indentation in a few places. Please let me know of further corrections 
necessary.

Thank you,
Keta


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132335
---


On May 10, 2016, 7:48 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 10, 2016, 7:48 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-10 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 10, 2016, 7:48 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
32f46c1
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following the server

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-09 Thread Richard Zang


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review132335
---




File Attachment: AMBARI-15552-May-05.patch - AMBARI-15552-May-05.patch


Coding style needs to be fixed(many places). Also, could you please attach 
the latest patch to JIRA after the fix?


- Richard Zang


On May 5, 2016, 5:59 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 5, 2016, 5:59 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what is happening 
> with the user's privileges and why. (addressing 1.2 and 2.3)
> 
> 
> Diffs
> -
> 
>   
>

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-05 Thread Keta Patel



> On May 5, 2016, 12:57 a.m., Richard Zang wrote:
> > After applying the patch.
> > Created a group "mygroup", assigned role "Cluster User" to this group.
> > Created user "aaa", "bbb", "ccc" and assigned all users to "mygroup"
> > Changed user "aaa"'s role to Cluster Administrator. (Success)
> > Changed user "aaa"'s role back to None. (Failed)
> > Refresh browser aaa's role went back to Cluster User.
> 
> Keta Patel wrote:
> Hello Richard,
> The behavior you see is a little different from the changes in the patch. 
> I receated the same groups and users as in your comment and recreated the 
> sequence of steps with the result as follows:
> 1. Assigned "mygroup" the role "Cluster User". (attached "step1.tiff")
> 2. The 3 users "aaa", "bbb", "ccc" show the "Cluster User" role in the 
> List View. (attached "step2.tiff")
> 3. Changing the role for "aaa" to "Cluster Administrator". (attached 
> "step3.tiff")
> 4. On clicking save button (tick mark) for "aaa", success alert message 
> is displayed and the role seen for "aaa" is "Cluster Administrator". 
> (attached "step4.tiff")
> 5. Changing role for "aaa" to "None". (attached "step5.tiff")
> 6. On clicking save button for "aaa", success message for "None" is seen. 
> Now, the effective privilege of "Cluster User" is seen for "aaa". (attached 
> "step6.tiff")
> 7. On clicking refresh button the roles are still shown as they were in 
> step6. (attached "step7.tiff")
> 
> I have tried the patch on the latest trunk code. For your reference I am 
> attaching the patch here again as "AMBARI-15552-May-05.patch".
> Please let me know if the behavior is still inconsistent.
> 
> Thank you,
> Keta

I am sorry about the images, I didn't realize we could upload only patches on 
Review Board. I have added these images on the Jira AMBARI-15552.


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review131773
---


On May 5, 2016, 5:59 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 5, 2016, 5:59 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-05 Thread Keta Patel



> On May 5, 2016, 12:57 a.m., Richard Zang wrote:
> > After applying the patch.
> > Created a group "mygroup", assigned role "Cluster User" to this group.
> > Created user "aaa", "bbb", "ccc" and assigned all users to "mygroup"
> > Changed user "aaa"'s role to Cluster Administrator. (Success)
> > Changed user "aaa"'s role back to None. (Failed)
> > Refresh browser aaa's role went back to Cluster User.

Hello Richard,
The behavior you see is a little different from the changes in the patch. I 
receated the same groups and users as in your comment and recreated the 
sequence of steps with the result as follows:
1. Assigned "mygroup" the role "Cluster User". (attached "step1.tiff")
2. The 3 users "aaa", "bbb", "ccc" show the "Cluster User" role in the List 
View. (attached "step2.tiff")
3. Changing the role for "aaa" to "Cluster Administrator". (attached 
"step3.tiff")
4. On clicking save button (tick mark) for "aaa", success alert message is 
displayed and the role seen for "aaa" is "Cluster Administrator". (attached 
"step4.tiff")
5. Changing role for "aaa" to "None". (attached "step5.tiff")
6. On clicking save button for "aaa", success message for "None" is seen. Now, 
the effective privilege of "Cluster User" is seen for "aaa". (attached 
"step6.tiff")
7. On clicking refresh button the roles are still shown as they were in step6. 
(attached "step7.tiff")

I have tried the patch on the latest trunk code. For your reference I am 
attaching the patch here again as "AMBARI-15552-May-05.patch".
Please let me know if the behavior is still inconsistent.

Thank you,
Keta


- Keta


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review131773
---


On May 5, 2016, 5:59 p.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated May 5, 2016, 5:59 p.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-05 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

(Updated May 5, 2016, 5:59 p.m.)

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
32f46c1
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following the server

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-05-02 Thread Di Li


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/#review131336
---




ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
 (line 75)


what happens when permission_label is not None?


- Di Li


On April 29, 2016, 12:41 a.m., Keta Patel wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46808/
> ---
> 
> (Updated April 29, 2016, 12:41 a.m.)
> 
> 
> Review request for Ambari, Di Li and Richard Zang.
> 
> 
> Bugs: AMBARI-15552
> https://issues.apache.org/jira/browse/AMBARI-15552
> 
> 
> Repository: ambari
> 
> 
> Description
> ---
> 
> Reproduction Steps:
> 1. Go to Admin->Manage Ambari
> 2. Create a group with a few users belonging to it. 
> (I have created "mygroup" with "user1", "user2", "user3") 
> (attachments "user1.tiff", "mygroup.tiff" shows samples)
> 3. Go to Clusters->Roles on the left navigation menu.
> 4. The default view is the "Block" view for the roles. Assign "mygroup" a 
> role, say "Cluster User". 
> (attachment "block_view_original.tiff")
> 5. Click on "List" view, it will show Users by default. It correctly shows 
> the role "Cluster User" for each user in "mygroup". 
> (attachment "list_view_users.tiff")
> 6. Now, try adding a new Role, say "Service Operator", to one of the users, 
> say "user3". 
> (attachments "list_view_add_role_to_user_step1.tiff", 
> "list_view_add_role_to_user_step2.tiff")
> 7. After making this change, the role gets added for that user (in our case 
> "user3"), but the roles from other users in its group gets removed. Also, the 
> previous role for the user ("user3") is replaced by the new Role.
> (attachment "list_view_add_role_to_user_step3.tiff")
> 8. You can confirm this from the the "Block" view. 
> (attachment "block_view_after_step3.tiff")
> 
> So, the problem here lies with the List view where it is not able to process 
> the changes in the Roles correctly. A change in the Role of a user causes the 
> following:
> 
> CASE-1: The displayed role (effective privilege) comes from an explicitly 
> assigned role to the user.
> 1.1) The new selected role correctly replaces the existing privilege that was 
> explicitly assigned to the user.
> 1.2) But if the user was assigned multiple roles explicilty (before the fix 
> for AMBARI-16102 got pushed in), then all the other roles, which are of lower 
> privilege than the role that got replaced, are still displayed in the Block 
> view (because those roles are still in the database). So, if the new selected 
> role happened to be of a lower privilege than and existing role of the user, 
> then even though the user sees a success Alert message, the effective 
> privileg he sees is different. For the Ambari user, this behavior is not 
> easily understandable.
> 
> CASE-2: The displayed role (effective privilege) comes from a group the user 
> belongs to.
> 2.1) If the new selected privilege is higher than the effective privilege 
> coming from the user's group(s), then the newly selected role replaces this 
> "group" privilege in the database, insetad of creating a new entry.
> 2.2) As a result of losing the group privilege, all the group members also 
> lose their privileges and they show "None" as their effective privilege.
> 2.3) If the newly selected privilege is lower than effective group privilege, 
> the Alert message shows a success of role change but the effective privilge 
> is still not the one that the Ambari user selected.
> 
> 
> Expected results:
> 1. Updating a Role of a user must replace any/all of the explicit roles it 
> has been assigned through the Block View. (this addresses 1.2)
> Note: Even though AMBARI-16102 has attempted to fix the Block view by 
> allowing only a user to have just one role assigned to it, there could be 
> cases where the earlier version of Block view has already allowed users to 
> have multiple roles. So, taking this into consideration, the fix must address 
> removing any or all of the roles the user was assigned explicitly.
> 2. Adding a Role to a user must not affect the Roles of other users in its 
> group. (addressing 2.1 and 2.2)
> 3. Selecting a "NONE" for a user role shows the Alert "User's role chnaged to 
> None". This  may not reflect the correct privilege status as the user might 
> have some effective privilege coming from its group(s). In the fix, the Alert 
> must show the relevant message.
> 4. Alert messages must show more informative messages of what is happening 
> with the user's privileges and why. (addressing 1.2 and 2.3)
> 
> 
> Diffs
> -
> 
>   
>

Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

2016-04-28 Thread Keta Patel

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46808/
---

Review request for Ambari, Di Li and Richard Zang.

Bugs: AMBARI-15552
https://issues.apache.org/jira/browse/AMBARI-15552

Repository: ambari

Description
---

So, the problem here lies with the List view where it is not able to process
the changes in the Roles correctly. A change in the Role of a user causes the
following:

Diffs
-

ambari-admin/src/main/resources/ui/admin-web/app/scripts/controllers/clusters/UserAccessListCtrl.js
32f46c1
ambari-admin/src/main/resources/ui/admin-web/app/scripts/services/Cluster.js
ff388cd

ambari-admin/src/main/resources/ui/admin-web/test/unit/controllers/clusters/UserAccessListCtrl_test.js
edf16be

Diff: https://reviews.apache.org/r/46808/diff/

Testing
---

The testing done mainly checks the logic used to update the privileges of the
user/group which is done after a REST call to retrieve the privileges.

The test cases have mocks setup for server calls. The response from the server
calls are also mocked to work with a particular set of users and groups.

The logic in the .then() clause following the server calls is added in the mock
promises

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Re: Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

Review Request 46808: Role selection in List view of Manage Ambari page does not work correctly

23 matches

Site Navigation

Mail list logo

Footer information