You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sqoop.apache.org by richard zhou <ri...@intel.com> on 2015/03/24 04:25:29 UTC

Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/
-----------------------------------------------------------

Review request for Sqoop.


Repository: sqoop-sqoop2


Description
-------

When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.


Diffs
-----

  security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
  server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
  server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 70108f64b12ef3068e746a61dc53f5fd06f99f23 
  server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 

Diff: https://reviews.apache.org/r/32427/diff/


Testing
-------

manual


Thanks,

richard zhou

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by richard zhou <ri...@intel.com>.


> On March 25, 2015, 10:19 p.m., Abraham Elmahrek wrote:
> > server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java, line 87
> > <https://reviews.apache.org/r/32427/diff/2/?file=905125#file905125line87>
> >
> >     This can return null?

This is thrown Exception before connector is used.
configParamBundles.put(cId, ConnectorManager.getInstance().getResourceBundle(cId, locale));

If there is no connector with this cId, there will throw exception in getResourceBundle. So this connector, which is null, will never be used.


> On March 25, 2015, 10:19 p.m., Abraham Elmahrek wrote:
> > server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java, line 314
> > <https://reviews.apache.org/r/32427/diff/2/?file=905126#file905126line314>
> >
> >     Watch NPE

Similar, the job could never be null.
MJob job = repository.findJob(jobId);
In function findJob:
  @Override
  public MJob findJob(long jobId, Connection conn) {
    PreparedStatement stmt = null;
    try {
      stmt = conn.prepareStatement(crudQueries.getStmtSelectJobSingleById());
      stmt.setLong(1, jobId);

      List<MJob> jobs = loadJobs(stmt, conn);

      if (jobs.size() != 1) {
        throw new SqoopException(CommonRepositoryError.COMMON_0027, "Couldn't find"
            + " job with id " + jobId);
      }

      // Return the first and only one link object
      return jobs.get(0);

    } catch (SQLException ex) {
      logException(ex, jobId);
      throw new SqoopException(CommonRepositoryError.COMMON_0028, ex);
    } finally {
      closeStatements(stmt);
    }
  }
  
If the job is null, "Couldn't find job" exception will be throw when getting this job.


- richard


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/#review77811
-----------------------------------------------------------


On March 25, 2015, 7:17 a.m., richard zhou wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/32427/
> -----------------------------------------------------------
> 
> (Updated March 25, 2015, 7:17 a.m.)
> 
> 
> Review request for Sqoop.
> 
> 
> Repository: sqoop-sqoop2
> 
> 
> Description
> -------
> 
> When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
> When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.
> 
> 
> Diffs
> -----
> 
>   security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
>   server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
>   server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 0c5f1f216e9e6a42bd24c226dbca18cacd4f5c55 
>   server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 
> 
> Diff: https://reviews.apache.org/r/32427/diff/
> 
> 
> Testing
> -------
> 
> manual
> 
> 
> Thanks,
> 
> richard zhou
> 
>

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by Abraham Elmahrek <ab...@cloudera.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/#review77811
-----------------------------------------------------------

Ship it!


Looks good except for NPE


server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
<https://reviews.apache.org/r/32427/#comment126102>

    This can return null?



server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
<https://reviews.apache.org/r/32427/#comment126103>

    NPE is possible with out check.



server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
<https://reviews.apache.org/r/32427/#comment126104>

    Watch NPE



server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
<https://reviews.apache.org/r/32427/#comment126105>

    Watch NPE


- Abraham Elmahrek


On March 25, 2015, 7:17 a.m., richard zhou wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/32427/
> -----------------------------------------------------------
> 
> (Updated March 25, 2015, 7:17 a.m.)
> 
> 
> Review request for Sqoop.
> 
> 
> Repository: sqoop-sqoop2
> 
> 
> Description
> -------
> 
> When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
> When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.
> 
> 
> Diffs
> -----
> 
>   security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
>   server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
>   server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 0c5f1f216e9e6a42bd24c226dbca18cacd4f5c55 
>   server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 
> 
> Diff: https://reviews.apache.org/r/32427/diff/
> 
> 
> Testing
> -------
> 
> manual
> 
> 
> Thanks,
> 
> richard zhou
> 
>

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by richard zhou <ri...@intel.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/
-----------------------------------------------------------

(Updated March 26, 2015, 2:18 a.m.)


Review request for Sqoop.


Changes
-------

Removed some function by mistake


Repository: sqoop-sqoop2


Description
-------

When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.


Diffs (updated)
-----

  common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java 7db31ddbe7332ac4053495328dc7e932e2dad66c 
  core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java 0b150468ee10b7b455238b9e1972cb635ef7d6f2 
  security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
  server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
  server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 0c5f1f216e9e6a42bd24c226dbca18cacd4f5c55 
  server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 

Diff: https://reviews.apache.org/r/32427/diff/


Testing
-------

manual


Thanks,

richard zhou

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by richard zhou <ri...@intel.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/
-----------------------------------------------------------

(Updated March 26, 2015, 2:04 a.m.)


Review request for Sqoop.


Repository: sqoop-sqoop2


Description
-------

When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.


Diffs (updated)
-----

  common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java 7db31ddbe7332ac4053495328dc7e932e2dad66c 
  core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java 0b150468ee10b7b455238b9e1972cb635ef7d6f2 
  server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
  server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 0c5f1f216e9e6a42bd24c226dbca18cacd4f5c55 
  server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 

Diff: https://reviews.apache.org/r/32427/diff/


Testing
-------

manual


Thanks,

richard zhou

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by richard zhou <ri...@intel.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/
-----------------------------------------------------------

(Updated March 25, 2015, 7:17 a.m.)


Review request for Sqoop.


Repository: sqoop-sqoop2


Description
-------

When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.


Diffs (updated)
-----

  security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
  server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
  server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 0c5f1f216e9e6a42bd24c226dbca18cacd4f5c55 
  server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 

Diff: https://reviews.apache.org/r/32427/diff/


Testing
-------

manual


Thanks,

richard zhou

Re: Review Request 32427: SQOOP-2255: Throw Exception when no permission to the resource

Posted by Qian Xu <qi...@intel.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/32427/#review77521
-----------------------------------------------------------



server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
<https://reviews.apache.org/r/32427/#comment125611>

    It looks a bit tricky. If you are confident that there are at most one connector to check, then leave a comment here.



server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
<https://reviews.apache.org/r/32427/#comment125612>

    dito (Why `size==1`)



server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
<https://reviews.apache.org/r/32427/#comment125613>

    dito (Why `size==1`)


- Qian Xu


On March 24, 2015, 11:25 a.m., richard zhou wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/32427/
> -----------------------------------------------------------
> 
> (Updated March 24, 2015, 11:25 a.m.)
> 
> 
> Review request for Sqoop.
> 
> 
> Repository: sqoop-sqoop2
> 
> 
> Description
> -------
> 
> When getting multi-connectors/links/jobs, AuthorizationEngine.filterResource is used to filter resources according to the permissions.
> When getting one specific connector/link/job via id, this resource should be checked permission, and throw exception if no privilege.
> 
> 
> Diffs
> -----
> 
>   security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java d261027ff5aefa728c5f761534f4439264b4ae45 
>   server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java 2305a51472a0201771fe493e8364f7db62ee79a2 
>   server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java 70108f64b12ef3068e746a61dc53f5fd06f99f23 
>   server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java 3187bcf00b51533cc33513a315dd9f1296e58c6d 
> 
> Diff: https://reviews.apache.org/r/32427/diff/
> 
> 
> Testing
> -------
> 
> manual
> 
> 
> Thanks,
> 
> richard zhou
> 
>