You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@falcon.apache.org by ve...@apache.org on 2014/10/27 04:55:42 UTC
[3/4] git commit: FALCON-831 Operation on non existing entity throws
internal server error. Contributed by Venkatesh Seetharam
FALCON-831 Operation on non existing entity throws internal server error. Contributed by Venkatesh Seetharam
Project: http://git-wip-us.apache.org/repos/asf/incubator-falcon/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-falcon/commit/03d3531f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-falcon/tree/03d3531f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-falcon/diff/03d3531f
Branch: refs/heads/master
Commit: 03d3531f16c9b2d74dcc30cc01cd9afff11db261
Parents: 73269d2
Author: Venkatesh Seetharam <ve...@apache.org>
Authored: Sun Oct 26 20:31:10 2014 -0700
Committer: Venkatesh Seetharam <ve...@apache.org>
Committed: Sun Oct 26 20:31:10 2014 -0700
----------------------------------------------------------------------
CHANGES.txt | 3 +++
.../security/FalconAuthorizationFilter.java | 13 ++++++++---
.../security/FalconAuthorizationFilterTest.java | 23 ++++++++++++++++++++
3 files changed, 36 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index fdeff18..9261af3 100755
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -122,6 +122,9 @@ Trunk (Unreleased)
OPTIMIZATIONS
BUG FIXES
+ FALCON-831 Operation on non existing entity throws internal server error
+ (Venkatesh Seetharam)
+
FALCON-710 start/end is optional for lifecycle operations (Balu Vellanki
via Venkatesh Seetharam)
http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java b/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
index 3daa419..884bd73 100644
--- a/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
+++ b/prism/src/main/java/org/apache/falcon/security/FalconAuthorizationFilter.java
@@ -19,6 +19,8 @@
package org.apache.falcon.security;
import org.apache.falcon.FalconException;
+import org.apache.falcon.FalconWebException;
+import org.apache.hadoop.security.authorize.AuthorizationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -29,6 +31,7 @@ import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.core.Response;
import java.io.IOException;
import java.util.ArrayList;
@@ -65,9 +68,13 @@ public class FalconAuthorizationFilter implements Filter {
if (isAuthorizationEnabled) {
LOG.info("Authorizing user={} against request={}", CurrentUser.getUser(), requestParts);
- authorizationProvider.authorizeResource(requestParts.getResource(),
- requestParts.getAction(), requestParts.getEntityType(),
- requestParts.getEntityName(), CurrentUser.getProxyUGI());
+ try {
+ authorizationProvider.authorizeResource(requestParts.getResource(),
+ requestParts.getAction(), requestParts.getEntityType(),
+ requestParts.getEntityName(), CurrentUser.getProxyUGI());
+ } catch (AuthorizationException e) {
+ throw FalconWebException.newException(e.getMessage(), Response.Status.UNAUTHORIZED);
+ }
}
filterChain.doFilter(request, response);
http://git-wip-us.apache.org/repos/asf/incubator-falcon/blob/03d3531f/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java b/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
index 289e232..6e4885a 100644
--- a/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
+++ b/prism/src/test/java/org/apache/falcon/security/FalconAuthorizationFilterTest.java
@@ -152,6 +152,29 @@ public class FalconAuthorizationFilterTest {
}
}
+ @Test (expectedExceptions = Exception.class)
+ public void testDoFilterForEntityWithInvalidEntity() throws Exception {
+ CurrentUser.authenticate("falcon");
+ Filter filter = new FalconAuthorizationFilter();
+ synchronized (StartupProperties.get()) {
+ filter.init(mockConfig);
+ }
+
+ try {
+ StartupProperties.get().setProperty("falcon.security.authorization.enabled", "true");
+
+ String uri = "/entities/suspend/process/bad-entity";
+ StringBuffer requestUrl = new StringBuffer("http://localhost" + uri);
+ Mockito.when(mockRequest.getRequestURL()).thenReturn(requestUrl);
+ Mockito.when(mockRequest.getRequestURI()).thenReturn("/api" + uri);
+ Mockito.when(mockRequest.getPathInfo()).thenReturn(uri);
+
+ filter.doFilter(mockRequest, mockResponse, mockChain);
+ } finally {
+ filter.destroy();
+ }
+ }
+
public void addClusterEntity() throws Exception {
clusterEntity = EntityBuilderTestUtil.buildCluster(CLUSTER_ENTITY_NAME);
configStore.publish(EntityType.CLUSTER, clusterEntity);