[jira] [Commented] (YARN-3267) Timelineserver applies the ACL rules after applying the limit on the number of records

Wed, 11 Mar 2015 14:29:55 -0700 

    [ 
https://issues.apache.org/jira/browse/YARN-3267?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14357644#comment-14357644
 ] 

Jonathan Eagles commented on YARN-3267:
---------------------------------------

[~lichangleo], Couple more minor things with this patch

* LeveldbTimelineStore, MemoryTimelineStore, and TimelineReader all have extra 
UserGroupInformation import
* Spacing issues
** 'Check{' should be written as 'Check {'
** 'ugi=callerUGI;' should be written as 'ugi = callerUGI;'
** 'throws IOException{' should be written as 'throws IOException {'
* check logic simplification

{code}
      try {
        if (!timelineACLsManager.checkAccess(
          ugi, ApplicationAccessType.VIEW_APP, entity)) {
          return false;
        }
      }
{code}

might be simpler as

{code}
      try {
          return timelineACLsManager.checkAccess(
              ugi, ApplicationAccessType.VIEW_APP, entity);
      } 
{code}

* reduce logging level

{code}
      } catch (YarnException e) {
        LOG.error("Error when verifying access for user " + ugi
          + " on the events of the timeline entity "
          + new EntityIdentifier(entity.getEntityId(),
          entity.getEntityType()), e);
        return false;
      }
{code}

this might be better suited as info level since any missing domain can trying 
this scenario.

> Timelineserver applies the ACL rules after applying the limit on the number 
> of records
> --------------------------------------------------------------------------------------
>
>                 Key: YARN-3267
>                 URL: https://issues.apache.org/jira/browse/YARN-3267
>             Project: Hadoop YARN
>          Issue Type: Bug
>    Affects Versions: 2.6.0
>            Reporter: Prakash Ramachandran
>            Assignee: Chang Li
>         Attachments: YARN-3267.3.patch, YARN_3267_V1.patch, 
> YARN_3267_V2.patch, YARN_3267_WIP.patch, YARN_3267_WIP1.patch, 
> YARN_3267_WIP2.patch, YARN_3267_WIP3.patch
>
>
> While fetching the entities from timelineserver, the limit is applied on the 
> entities to be fetched from leveldb, the ACL filters are applied after this 
> (TimelineDataManager.java::getEntities). 
> this could mean that even if there are entities available which match the 
> query criteria, we could end up not getting any results.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to