You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Brahma Reddy Battula (Jira)" <ji...@apache.org> on 2022/10/23 19:22:00 UTC
[jira] [Commented] (AMBARI-25734) CLUSTER.USER is able to perform actions on service through API calls

    [ https://issues.apache.org/jira/browse/AMBARI-25734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17622868#comment-17622868 ] 

Brahma Reddy Battula commented on AMBARI-25734:
-----------------------------------------------

Cherry-picked to branch-2.7. thanks [~vishalsuvagia]  for your contribution and [~satheeshakuthota] thanks for nice catch.

> CLUSTER.USER is able to perform actions on service through API calls
> --------------------------------------------------------------------
>
>                 Key: AMBARI-25734
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25734
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.7.6
>            Reporter: Satheesh Akuthota
>            Assignee: Vishal Suvagia
>            Priority: Major
>             Fix For: 2.8.0
>
>         Attachments: Screenshot 2022-09-15 at 3.48.19 PM.png
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Hi Team ,
> CLUSTER.USER is able to perform actions on services (eg . maintenance off/on on ambari_mertrics)
>  
> [http://abcserver:8080/api/v1/clusters/CERTIFICATION/services/AMBARI_METRICS]
> request: 
> {code:java}
> {
>     "ServiceInfo" : {
>         "maintenance_state" : "OFF"
>     }
> } 
> {code}
> user previlege details : 
> {code:java}
> {
>   "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/",
>   "Users" : {
>     "active" : true,
>     "admin" : false,
>     "consecutive_failures" : 0,
>     "created" : 1663235359782,
>     "display_name" : "svcambaritest4",
>     "groups" : [ ],
>     "ldap_user" : false,
>     "local_user_name" : "svcambaritest4",
>     "user_name" : "svcambaritest4",
>     "user_type" : "LOCAL"
>   },
>   "widget_layouts" : [ ],
>   "privileges" : [
>     {
>       "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/privileges/4",
>       "PrivilegeInfo" : {
>         "privilege_id" : 4,
>         "user_name" : "svcambaritest4"
>       }
>     }
>   ],
>   "sources" : [
>     {
>       "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/sources/4",
>       "AuthenticationSourceInfo" : {
>         "source_id" : 4,
>         "user_name" : "svcambaritest4"
>       }
>     }
>   ]
> } 
> {code}
> {code:java}
> {
>   "href" : "http://sserverhostname:8080/api/v1/users/svcambaritest4/privileges/4",
>   "PrivilegeInfo" : {
>     "cluster_name" : "CLUSTERNAME",
>     "permission_label" : "Cluster User",
>     "permission_name" : "CLUSTER.USER",
>     "principal_name" : "svcambaritest4",
>     "principal_type" : "USER",
>     "privilege_id" : 4,
>     "type" : "CLUSTER",
>     "user_name" : "svcambaritest4"
>   }
> }
> {code}
> Note : From UI we are not able to do this action
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ambari.apache.org
For additional commands, e-mail: issues-help@ambari.apache.org