You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Brahma Reddy Battula (Jira)" <ji...@apache.org> on 2022/10/23 19:22:00 UTC
[jira] [Commented] (AMBARI-25734) CLUSTER.USER is able to perform actions on service through API calls
[ https://issues.apache.org/jira/browse/AMBARI-25734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17622868#comment-17622868 ]
Brahma Reddy Battula commented on AMBARI-25734:
-----------------------------------------------
Cherry-picked to branch-2.7. thanks [~vishalsuvagia] for your contribution and [~satheeshakuthota] thanks for nice catch.
> CLUSTER.USER is able to perform actions on service through API calls
> --------------------------------------------------------------------
>
> Key: AMBARI-25734
> URL: https://issues.apache.org/jira/browse/AMBARI-25734
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.7.6
> Reporter: Satheesh Akuthota
> Assignee: Vishal Suvagia
> Priority: Major
> Fix For: 2.8.0
>
> Attachments: Screenshot 2022-09-15 at 3.48.19 PM.png
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Hi Team ,
> CLUSTER.USER is able to perform actions on services (eg . maintenance off/on on ambari_mertrics)
>
> [http://abcserver:8080/api/v1/clusters/CERTIFICATION/services/AMBARI_METRICS]
> request:
> {code:java}
> {
> "ServiceInfo" : {
> "maintenance_state" : "OFF"
> }
> }
> {code}
> user previlege details :
> {code:java}
> {
> "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/",
> "Users" : {
> "active" : true,
> "admin" : false,
> "consecutive_failures" : 0,
> "created" : 1663235359782,
> "display_name" : "svcambaritest4",
> "groups" : [ ],
> "ldap_user" : false,
> "local_user_name" : "svcambaritest4",
> "user_name" : "svcambaritest4",
> "user_type" : "LOCAL"
> },
> "widget_layouts" : [ ],
> "privileges" : [
> {
> "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/privileges/4",
> "PrivilegeInfo" : {
> "privilege_id" : 4,
> "user_name" : "svcambaritest4"
> }
> }
> ],
> "sources" : [
> {
> "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/sources/4",
> "AuthenticationSourceInfo" : {
> "source_id" : 4,
> "user_name" : "svcambaritest4"
> }
> }
> ]
> }
> {code}
> {code:java}
> {
> "href" : "http://sserverhostname:8080/api/v1/users/svcambaritest4/privileges/4",
> "PrivilegeInfo" : {
> "cluster_name" : "CLUSTERNAME",
> "permission_label" : "Cluster User",
> "permission_name" : "CLUSTER.USER",
> "principal_name" : "svcambaritest4",
> "principal_type" : "USER",
> "privilege_id" : 4,
> "type" : "CLUSTER",
> "user_name" : "svcambaritest4"
> }
> }
> {code}
> Note : From UI we are not able to do this action
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ambari.apache.org
For additional commands, e-mail: issues-help@ambari.apache.org