You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@falcon.apache.org by ve...@apache.org on 2014/10/27 04:55:42 UTC
[3/4] git commit: FALCON-831 Operation on non existing entity throws internal server error. Contributed by Venkatesh Seetharam

FALCON-831 Operation on non existing entity throws internal server error. Contributed by Venkatesh Seetharam


Project: http://git-wip-us.apache.org/repos/asf/incubator-falcon/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-falcon/commit/03d3531f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-falcon/tree/03d3531f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-falcon/diff/03d3531f

Branch: refs/heads/master
Commit: 03d3531f16c9b2d74dcc30cc01cd9afff11db261
Parents: 73269d2
Author: Venkatesh Seetharam <ve...@apache.org>
Authored: Sun Oct 26 20:31:10 2014 -0700
Committer: Venkatesh Seetharam <ve...@apache.org>
Committed: Sun Oct 26 20:31:10 2014 -0700

----------------------------------------------------------------------
 CHANGES.txt                                     |  3 +++
 .../security/FalconAuthorizationFilter.java     | 13 ++++++++---
 .../security/FalconAuthorizationFilterTest.java | 23 ++++++++++++++++++++
 3 files changed, 36 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index fdeff18..9261af3 100755
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -122,6 +122,9 @@ Trunk (Unreleased)
   OPTIMIZATIONS
 
   BUG FIXES
+   FALCON-831 Operation on non existing entity throws internal server error
+   (Venkatesh Seetharam)
+
    FALCON-710 start/end is optional for lifecycle operations (Balu Vellanki
    via Venkatesh Seetharam)
 

http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java b/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
index 3daa419..884bd73 100644
--- a/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
+++ b/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
@@ -19,6 +19,8 @@
 package org.apache.falcon.security;
 
 import org.apache.falcon.FalconException;
+import org.apache.falcon.FalconWebException;
+import org.apache.hadoop.security.authorize.AuthorizationException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -29,6 +31,7 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.core.Response;
 import java.io.IOException;
 import java.util.ArrayList;
 
@@ -65,9 +68,13 @@ public class FalconAuthorizationFilter implements Filter {
 
         if (isAuthorizationEnabled) {
             LOG.info("Authorizing user={} against request={}", CurrentUser.getUser(), requestParts);
-            authorizationProvider.authorizeResource(requestParts.getResource(),
-                    requestParts.getAction(), requestParts.getEntityType(),
-                    requestParts.getEntityName(), CurrentUser.getProxyUGI());
+            try {
+                authorizationProvider.authorizeResource(requestParts.getResource(),
+                        requestParts.getAction(), requestParts.getEntityType(),
+                        requestParts.getEntityName(), CurrentUser.getProxyUGI());
+            } catch (AuthorizationException e) {
+                throw FalconWebException.newException(e.getMessage(), Response.Status.UNAUTHORIZED);
+            }
         }
 
         filterChain.doFilter(request, response);

http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java b/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
index 289e232..6e4885a 100644
--- a/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
+++ b/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
@@ -152,6 +152,29 @@ public class FalconAuthorizationFilterTest {
         }
     }
 
+    @Test (expectedExceptions = Exception.class)
+    public void testDoFilterForEntityWithInvalidEntity() throws Exception {
+        CurrentUser.authenticate("falcon");
+        Filter filter = new FalconAuthorizationFilter();
+        synchronized (StartupProperties.get()) {
+            filter.init(mockConfig);
+        }
+
+        try {
+            StartupProperties.get().setProperty("falcon.security.authorization.enabled", "true");
+
+            String uri = "/entities/suspend/process/bad-entity";
+            StringBuffer requestUrl = new StringBuffer("http://localhost" + uri);
+            Mockito.when(mockRequest.getRequestURL()).thenReturn(requestUrl);
+            Mockito.when(mockRequest.getRequestURI()).thenReturn("/api" + uri);
+            Mockito.when(mockRequest.getPathInfo()).thenReturn(uri);
+
+            filter.doFilter(mockRequest, mockResponse, mockChain);
+        } finally {
+            filter.destroy();
+        }
+    }
+
     public void addClusterEntity() throws Exception {
         clusterEntity = EntityBuilderTestUtil.buildCluster(CLUSTER_ENTITY_NAME);
         configStore.publish(EntityType.CLUSTER, clusterEntity);