You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2015/12/10 23:19:30 UTC
[2/2] ambari git commit: AMBARI-14298. Change authorization resource
Id to be adminresource id (rlevas)
AMBARI-14298. Change authorization resource Id to be adminresource id (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f790baac
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f790baac
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f790baac
Branch: refs/heads/trunk
Commit: f790baac485ef60bc3fde92b6c558f8d4af97de8
Parents: ccc3d2d
Author: Robert Levas <rl...@hortonworks.com>
Authored: Thu Dec 10 17:19:20 2015 -0500
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Thu Dec 10 17:19:20 2015 -0500
----------------------------------------------------------------------
.../ambari/server/api/services/BaseRequest.java | 1 +
.../AmbariManagementControllerImpl.java | 28 ++++----
.../AbstractControllerResourceProvider.java | 8 +--
.../internal/ComponentResourceProvider.java | 6 +-
.../internal/HostComponentResourceProvider.java | 4 +-
.../internal/HostResourceProvider.java | 13 ++--
.../RepositoryVersionResourceProvider.java | 2 +-
.../internal/RequestResourceProvider.java | 6 +-
.../internal/ServiceResourceProvider.java | 9 ++-
.../authorization/AuthorizationHelper.java | 72 ++++++--------------
.../org/apache/ambari/server/state/Cluster.java | 5 ++
.../server/state/cluster/ClusterImpl.java | 12 ++++
.../apache/ambari/server/view/ViewRegistry.java | 15 +---
.../AmbariManagementControllerImplTest.java | 2 +-
.../ActiveWidgetLayoutResourceProviderTest.java | 17 ++---
.../AmbariPrivilegeResourceProviderTest.java | 14 ++--
.../ClusterPrivilegeResourceProviderTest.java | 14 ++--
...leRepositoryVersionResourceProviderTest.java | 2 +-
.../CredentialResourceProviderTest.java | 32 ++++-----
.../internal/GroupResourceProviderTest.java | 8 +--
.../internal/HostResourceProviderTest.java | 2 +
.../internal/MemberResourceProviderTest.java | 8 +--
.../RepositoryVersionResourceProviderTest.java | 16 ++---
.../internal/RequestResourceProviderTest.java | 4 ++
.../UserAuthorizationResourceProviderTest.java | 10 +--
.../UserPrivilegeResourceProviderTest.java | 10 +--
.../internal/UserResourceProviderTest.java | 24 +++----
.../security/TestAuthenticationFactory.java | 66 +++++++++---------
.../ambari/server/view/ViewRegistryTest.java | 7 +-
29 files changed, 203 insertions(+), 214 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseRequest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseRequest.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseRequest.java
index 5a3ffb6..a33e8a7 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseRequest.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/BaseRequest.java
@@ -18,6 +18,7 @@
package org.apache.ambari.server.api.services;
+import com.sun.jersey.spi.container.ContainerRequest;
import org.apache.ambari.server.api.handlers.RequestHandler;
import org.apache.ambari.server.api.predicate.InvalidQueryException;
import org.apache.ambari.server.api.predicate.PredicateCompiler;
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
index 3c66127..2616315 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
@@ -450,7 +450,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
"Attempted to add a host_component to a cluster which doesn't exist: ", e);
}
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(),
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(),
EnumSet.of(RoleAuthorization.SERVICE_ADD_DELETE_SERVICES,RoleAuthorization.HOST_ADD_DELETE_COMPONENTS))) {
throw new AuthorizationException("The authenticated user is not authorized to install service components on to hosts");
}
@@ -961,9 +961,9 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
cr.setDesiredServiceConfigVersions(singleCluster.getActiveServiceConfigVersions());
cr.setCredentialStoreServiceProperties(getCredentialStoreServiceProperties());
- // If the user is authorized to view information about this cluster, add it to the respons
+ // If the user is authorized to view information about this cluster, add it to the response
// TODO: Uncomment this when the UI doesn't require view access for View-only users.
-// if (AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cr.getClusterId(),
+// if (AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cr.getResourceId(),
// RoleAuthorization.AUTHORIZATIONS_VIEW_CLUSTER)) {
response.add(cr);
// }
@@ -989,7 +989,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
// TODO: Uncomment this when the UI doesn't require view access for View-only users.
// If the user is authorized to view information about this cluster, add it to the response
-// if (AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, c.getClusterId(),
+// if (AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, c.getResourceId(),
// RoleAuthorization.AUTHORIZATIONS_VIEW_CLUSTER)) {
response.add(c.convertToResponse());
// }
@@ -1394,6 +1394,10 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
} else {
cluster = clusters.getClusterById(request.getClusterId());
}
+
+ // Ensure the user has access to update this cluster
+ AuthorizationHelper.verifyAuthorization(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.AUTHORIZATIONS_UPDATE_CLUSTER);
+
//save data to return configurations created
List<ConfigurationResponse> configurationResponses =
new LinkedList<ConfigurationResponse>();
@@ -1505,12 +1509,12 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
}
if(StringUtils.isEmpty(service)) {
- if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.CLUSTER_MODIFY_CONFIGS))) {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.CLUSTER_MODIFY_CONFIGS))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify cluster configurations");
}
}
else {
- if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify service configurations");
}
}
@@ -1559,7 +1563,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
// Set the current version value if its not already set
if (currentVersion == null) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.CLUSTER_UPGRADE_DOWNGRADE_STACK))) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.CLUSTER_UPGRADE_DOWNGRADE_STACK))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify stack version");
}
@@ -1615,7 +1619,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
}
if (null != request.getServiceConfigVersionRequest()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify service configurations");
}
@@ -1658,7 +1662,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
// if any custom operations are valid and requested, the process of executing them should be initiated,
// most of the validation logic will be left to the KerberosHelper to avoid polluting the controller
if (kerberosHelper.shouldExecuteCustomOperations(securityType, requestProperties)) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.CLUSTER_TOGGLE_KERBEROS))) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.CLUSTER_TOGGLE_KERBEROS))) {
throw new AuthorizationException("The authenticated user does not have authorization to perform Kerberos-specific operations");
}
@@ -1673,7 +1677,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
cluster.getSecurityType().name(), securityType.name());
if ((securityType == SecurityType.KERBEROS) || (securityType == SecurityType.NONE)) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.CLUSTER_TOGGLE_KERBEROS))) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.CLUSTER_TOGGLE_KERBEROS))) {
throw new AuthorizationException("The authenticated user does not have authorization to enable or disable Kerberos");
}
@@ -2952,7 +2956,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
}
Cluster cluster = clusters.getCluster(request.getClusterName());
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(),
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(),
EnumSet.of(RoleAuthorization.SERVICE_ADD_DELETE_SERVICES,RoleAuthorization.HOST_ADD_DELETE_COMPONENTS))) {
throw new AuthorizationException("The authenticated user is not authorized to delete service components from hosts");
}
@@ -4547,7 +4551,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
// If the authenticated user is not authorized to set service users or groups, make sure the
// relevant properties are not changed. However, if the user is authorized to set service
// users and groups, there is nothing to check.
- if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(),
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(),
RoleAuthorization.AMBARI_SET_SERVICE_USERS_GROUPS)) {
Map<String, String> requestProperties = request.getProperties();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
index fdee605..d47d8d3 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AbstractControllerResourceProvider.java
@@ -77,15 +77,15 @@ public abstract class AbstractControllerResourceProvider extends AbstractAuthori
// ----- utility methods ---------------------------------------------------
/**
- * Gets the cluster id for the named cluster
+ * Gets the resource id for the named cluster
*
* @param clusterName the name of the relevant cluster
- * @return the cluster id or null if not found
+ * @return the resource id or null if not found
* @throws AmbariException if the named cluster does not exist
*/
- protected Long getClusterId(String clusterName) throws AmbariException {
+ protected Long getClusterResourceId(String clusterName) throws AmbariException {
Cluster cluster = managementController.getClusters().getCluster(clusterName);
- return (cluster == null) ? null : cluster.getClusterId();
+ return (cluster == null) ? null : cluster.getResourceId();
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ComponentResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ComponentResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ComponentResourceProvider.java
index b45ef72..ddbf60a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ComponentResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ComponentResourceProvider.java
@@ -296,7 +296,7 @@ public class ComponentResourceProvider extends AbstractControllerResourceProvide
"Attempted to add a component to a cluster which doesn't exist:", e);
}
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
throw new AuthorizationException("The user is not authorized to create components");
}
@@ -741,7 +741,7 @@ public class ComponentResourceProvider extends AbstractControllerResourceProvide
if (newState != oldScState) {
// The if user is trying to start or stop the component, ensure authorization
if (((newState == State.INSTALLED) || (newState == State.STARTED)) &&
- !AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_START_STOP)) {
+ !AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_START_STOP)) {
throw new AuthorizationException("The authenticated user is not authorized to start or stop components of services");
}
@@ -882,7 +882,7 @@ public class ComponentResourceProvider extends AbstractControllerResourceProvide
"Attempted to add a component to a cluster which doesn't exist:", e);
}
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
throw new AuthorizationException("The user is not authorized to delete components");
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostComponentResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostComponentResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostComponentResourceProvider.java
index 760dcbc..44b9a15 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostComponentResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostComponentResourceProvider.java
@@ -480,7 +480,7 @@ public class HostComponentResourceProvider extends AbstractControllerResourcePro
Cluster cluster = clusters.getCluster(request.getClusterName());
if(runSmokeTest) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_RUN_SERVICE_CHECK)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_RUN_SERVICE_CHECK)) {
throw new AuthorizationException("The authenticated user is not authorized to run service checks");
}
}
@@ -567,7 +567,7 @@ public class HostComponentResourceProvider extends AbstractControllerResourcePro
continue;
}
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(),
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(),
EnumSet.of(RoleAuthorization.SERVICE_START_STOP, RoleAuthorization.SERVICE_ADD_DELETE_SERVICES,
RoleAuthorization.HOST_ADD_DELETE_COMPONENTS, RoleAuthorization.HOST_ADD_DELETE_HOSTS))) {
throw new AuthorizationException("The authenticated user is not authorized to change the state of service components");
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostResourceProvider.java
index 8f00321..f0d9fde 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostResourceProvider.java
@@ -686,6 +686,7 @@ public class HostResourceProvider extends AbstractControllerResourceProvider {
String clusterName = request.getClusterName();
Cluster cluster = clusters.getCluster(clusterName);
Long clusterId = cluster.getClusterId();
+ Long resourceId = cluster.getResourceId();
try {
// The below method call throws an exception when trying to create a duplicate mapping in the clusterhostmapping
@@ -696,7 +697,7 @@ public class HostResourceProvider extends AbstractControllerResourceProvider {
}
if (null != request.getHostAttributes()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, clusterId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, resourceId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
throw new AuthorizationException("The authenticated user is not authorized to update host attributes");
}
host.setHostAttributes(request.getHostAttributes());
@@ -707,21 +708,21 @@ public class HostResourceProvider extends AbstractControllerResourceProvider {
boolean rackChange = requestRackInfo != null && !requestRackInfo.equals(rackInfo);
if (rackChange) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, clusterId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, resourceId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
throw new AuthorizationException("The authenticated user is not authorized to update host rack information");
}
host.setRackInfo(requestRackInfo);
}
if (null != request.getPublicHostName()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, clusterId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, resourceId, RoleAuthorization.HOST_ADD_DELETE_HOSTS)) {
throw new AuthorizationException("The authenticated user is not authorized to update host attributes");
}
host.setPublicHostName(request.getPublicHostName());
}
if (null != clusterName && null != request.getMaintenanceState()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, clusterId, RoleAuthorization.HOST_TOGGLE_MAINTENANCE)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, resourceId, RoleAuthorization.HOST_TOGGLE_MAINTENANCE)) {
throw new AuthorizationException("The authenticated user is not authorized to update host maintenance state");
}
MaintenanceState newState = MaintenanceState.valueOf(request.getMaintenanceState());
@@ -756,12 +757,12 @@ public class HostResourceProvider extends AbstractControllerResourceProvider {
}
if(StringUtils.isEmpty(service)) {
- if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.CLUSTER_MODIFY_CONFIGS))) {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.CLUSTER_MODIFY_CONFIGS))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify cluster configurations");
}
}
else {
- if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), EnumSet.of(RoleAuthorization.SERVICE_MODIFY_CONFIGS))) {
throw new AuthorizationException("The authenticated user does not have authorization to modify service configurations");
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java
index 3782a9f..beaa4fb 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProvider.java
@@ -281,7 +281,7 @@ public class RepositoryVersionResourceProvider extends AbstractAuthorizedResourc
List<OperatingSystemEntity> operatingSystemEntities = null;
if (StringUtils.isNotBlank(ObjectUtils.toString(propertyMap.get(SUBRESOURCE_OPERATING_SYSTEMS_PROPERTY_ID)))) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.AMBARI,null, RoleAuthorization.AMBARI_EDIT_STACK_REPOS)) {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.AMBARI, null, RoleAuthorization.AMBARI_EDIT_STACK_REPOS)) {
throw new AuthorizationException("The authenticated user does not have authorization to modify stack repositories");
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
index a356236..d79fed4 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java
@@ -175,7 +175,7 @@ public class RequestResourceProvider extends AbstractControllerResourceProvider
// TODO: Perform authorization check for this?
}
else if(actionRequest.isCommand()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterId(clusterName), RoleAuthorization.SERVICE_RUN_CUSTOM_COMMAND)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterResourceId(clusterName), RoleAuthorization.SERVICE_RUN_CUSTOM_COMMAND)) {
throw new AuthorizationException("The authenticated user is not authorized to execute custom service commands.");
}
}
@@ -184,12 +184,12 @@ public class RequestResourceProvider extends AbstractControllerResourceProvider
// actionName is expected to not be null since the action request is not a command
if(actionName.contains("SERVICE_CHECK")) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterId(clusterName), RoleAuthorization.SERVICE_RUN_SERVICE_CHECK)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterResourceId(clusterName), RoleAuthorization.SERVICE_RUN_SERVICE_CHECK)) {
throw new AuthorizationException("The authenticated user is not authorized to execute service checks.");
}
}
else if(actionName.equals("DECOMMISSION")) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterId(clusterName), RoleAuthorization.SERVICE_DECOMMISSION_RECOMMISSION)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterResourceId(clusterName), RoleAuthorization.SERVICE_DECOMMISSION_RECOMMISSION)) {
throw new AuthorizationException("The authenticated user is not authorized to decommission services.");
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java
index 28af9cb..7a3d330 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java
@@ -20,7 +20,6 @@ package org.apache.ambari.server.controller.internal;
import com.google.inject.Inject;
import com.google.inject.assistedinject.Assisted;
import com.google.inject.assistedinject.AssistedInject;
-import com.google.inject.persist.Transactional;
import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.ClusterNotFoundException;
import org.apache.ambari.server.DuplicateResourceException;
@@ -375,7 +374,7 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider
+ ", request=" + request);
}
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterId(request.getClusterName()), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterResourceId(request.getClusterName()), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
throw new AuthorizationException("The user is not authorized to create services");
}
@@ -637,7 +636,7 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider
// Setting Maintenance state for service
if (null != request.getMaintenanceState()) {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_TOGGLE_MAINTENANCE)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_TOGGLE_MAINTENANCE)) {
throw new AuthorizationException("The authenticated user is not authorized to toggle the maintainence state of services");
}
@@ -675,7 +674,7 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider
if (newState != oldState) {
// The if user is trying to start or stop the service, ensure authorization
if (((newState == State.INSTALLED) || (newState == State.STARTED)) &&
- !AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getClusterId(), RoleAuthorization.SERVICE_START_STOP)) {
+ !AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, cluster.getResourceId(), RoleAuthorization.SERVICE_START_STOP)) {
throw new AuthorizationException("The authenticated user is not authorized to start or stop services");
}
@@ -884,7 +883,7 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider
throw new AmbariException("invalid arguments");
} else {
- if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterId(serviceRequest.getClusterName()), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
+ if(!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, getClusterResourceId(serviceRequest.getClusterName()), RoleAuthorization.SERVICE_ADD_DELETE_SERVICES)) {
throw new AuthorizationException("The user is not authorized to delete services");
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
index 565c487..0c675b8 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AuthorizationHelper.java
@@ -21,7 +21,6 @@ import com.google.inject.Singleton;
import org.apache.ambari.server.orm.entities.PermissionEntity;
import org.apache.ambari.server.orm.entities.PrivilegeEntity;
import org.apache.ambari.server.orm.entities.ResourceEntity;
-import org.apache.ambari.server.orm.entities.ResourceTypeEntity;
import org.apache.ambari.server.orm.entities.RoleAuthorizationEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -82,12 +81,13 @@ public class AuthorizationHelper {
* authorizations with the one indicated.
*
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorization the required authorization
* @return true if authorized; otherwise false
* @see #isAuthorized(Authentication, ResourceType, Long, Set)
*/
- public static boolean isAuthorized(ResourceType resourceType, Long resourceId, RoleAuthorization requiredAuthorization) {
+ public static boolean isAuthorized(ResourceType resourceType, Long resourceId,
+ RoleAuthorization requiredAuthorization) {
return isAuthorized(getAuthentication(), resourceType, resourceId, EnumSet.of(requiredAuthorization));
}
@@ -97,12 +97,13 @@ public class AuthorizationHelper {
* authorizations with one from the provided set of authorizations.
*
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorizations a set of requirements for which one match will allow authorization
* @return true if authorized; otherwise false
* @see #isAuthorized(Authentication, ResourceType, Long, Set)
*/
- public static boolean isAuthorized(ResourceType resourceType, Long resourceId, Set<RoleAuthorization> requiredAuthorizations) {
+ public static boolean isAuthorized(ResourceType resourceType, Long resourceId,
+ Set<RoleAuthorization> requiredAuthorizations) {
return isAuthorized(getAuthentication(), resourceType, resourceId, requiredAuthorizations);
}
@@ -110,15 +111,15 @@ public class AuthorizationHelper {
* Determines if the specified authenticated user is authorized to perform an operation on the
* specific resource by matching the authenticated user's authorizations with the one indicated.
*
- * @param authentication the authenticated user and associated access privileges
+ * @param authentication the authenticated user and associated access privileges
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorization the required authorization
* @return true if authorized; otherwise false
* @see #isAuthorized(Authentication, ResourceType, Long, Set)
*/
- public static boolean isAuthorized(Authentication authentication, ResourceType resourceType, Long resourceId,
- RoleAuthorization requiredAuthorization) {
+ public static boolean isAuthorized(Authentication authentication, ResourceType resourceType,
+ Long resourceId, RoleAuthorization requiredAuthorization) {
return isAuthorized(authentication, resourceType, resourceId, EnumSet.of(requiredAuthorization));
}
@@ -130,16 +131,14 @@ public class AuthorizationHelper {
* The specified resource type is a high-level resource such as {@link ResourceType#AMBARI Ambari},
* a {@link ResourceType#CLUSTER cluster}, or a {@link ResourceType#VIEW view}.
* <p/>
- * The specified resource id is the identifier of the relevant resource of the given resource type.
- * If the resource is {@link ResourceType#AMBARI Ambari}, the identifier should be <code>null</code>,
- * else for a {@link ResourceType#CLUSTER cluster} or a {@link ResourceType#VIEW view} the resource
- * id should be a valid resource id or <code>null</code> to indicate any resource of the given type.
+ * The specified resource id is the (admin)resource id referenced by a specific resource instance
+ * such as a cluster or view.
*
* @param authentication the authenticated user and associated access privileges
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorizations a set of requirements for which one match will allow authorization
- * @return true if authorized; otherwize false
+ * @return true if authorized; otherwise false
*/
public static boolean isAuthorized(Authentication authentication, ResourceType resourceType,
Long resourceId, Set<RoleAuthorization> requiredAuthorizations) {
@@ -158,25 +157,12 @@ public class AuthorizationHelper {
ResourceType privilegeResourceType = ResourceType.translate(privilegeResource.getResourceType().getName());
boolean resourceOK;
- if ((resourceType == null) || (privilegeResourceType == null)){
- resourceOK = true;
- } else if (ResourceType.AMBARI == privilegeResourceType) {
+ if (ResourceType.AMBARI == privilegeResourceType) {
// This resource type indicates administrative access
resourceOK = true;
- } else if (resourceType == privilegeResourceType) {
- if(resourceId == null) {
- resourceOK = true;
- }
- else {
- // Note: This will be an issue for multiple clusters. Apparently we assume only one cluster
- // and it's resource id is 2.
- // TODO: Change adminresource to include a reference to the resource instance, not just the type
- ResourceTypeEntity privilegeResourceResourceType = privilegeResource.getResourceType();
- Integer privilegeResourceId = privilegeResourceResourceType.getId();
- resourceOK = resourceId.equals(privilegeResourceId.longValue());
- }
+ } else if ((resourceType == null) || (resourceType == privilegeResourceType)) {
+ resourceOK = (resourceId == null) || resourceId.equals(privilegeResource.getId());
} else {
- // This is not an expected resource type, so skip this authority
resourceOK = false;
}
@@ -214,27 +200,7 @@ public class AuthorizationHelper {
* If not authorized, an {@link AuthorizationException} will be thrown.
*
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
- * @param requiredAuthorization the required authorization
- * @throws AuthorizationException if authorization is not granted
- * @see #isAuthorized(ResourceType, Long, Set)
- */
- public static void verifyAuthorization(ResourceType resourceType,
- Long resourceId,
- RoleAuthorization requiredAuthorization)
- throws AuthorizationException {
- verifyAuthorization(resourceType, resourceId, EnumSet.of(requiredAuthorization));
- }
-
- /**
- * Determines if the authenticated user (from application's security context) is authorized to
- * perform an operation on the the specific resource by matching the authenticated user's
- * authorizations with one from the provided set of authorizations.
- * <p/>
- * If not authorized, an {@link AuthorizationException} will be thrown.
- *
- * @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorizations a set of requirements for which one match will allow authorization
* @throws AuthorizationException if authorization is not granted
* @see #isAuthorized(ResourceType, Long, Set)
@@ -257,7 +223,7 @@ public class AuthorizationHelper {
*
* @param authentication the authenticated user and associated access privileges
* @param resourceType a resource type being acted upon
- * @param resourceId the resource id (relative to the resource type) being acted upon
+ * @param resourceId the privilege resource id (or adminresource.id) of the relevant resource
* @param requiredAuthorizations a set of requirements for which one match will allow authorization
* @throws AuthorizationException if authorization is not granted
* @see #isAuthorized(Authentication, ResourceType, Long, Set)
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/state/Cluster.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/Cluster.java b/ambari-server/src/main/java/org/apache/ambari/server/state/Cluster.java
index 2c5c5af..17fc741 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/Cluster.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/Cluster.java
@@ -55,6 +55,11 @@ public interface Cluster {
void setClusterName(String clusterName);
/**
+ * Gets the Cluster's resource ID
+ */
+ Long getResourceId();
+
+ /**
* Add a service to a cluster
* @param service
*/
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
index 911d8d7..9820da4 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
@@ -640,6 +640,18 @@ public class ClusterImpl implements Cluster {
}
@Override
+ public Long getResourceId() {
+ ResourceEntity resourceEntity = clusterEntity.getResource();
+ if (resourceEntity == null) {
+ LOG.warn("There is no resource associated with this cluster:\n\tCluster Name: {}\n\tCluster ID: {}",
+ getClusterName(), getClusterId());
+ return null;
+ } else {
+ return resourceEntity.getId();
+ }
+ }
+
+ @Override
public void addServiceComponentHosts(Collection<ServiceComponentHost> serviceComponentHosts) throws AmbariException {
clusterGlobalLock.writeLock().lock();
try {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
index 8c6c2a7..7e232f1 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
@@ -1395,20 +1395,7 @@ public class ViewRegistry {
// check that the current user is authorized to access the given view instance resource
private boolean checkAuthorization(ResourceEntity resourceEntity) {
- Long resourceId = null;
-
- // Get the relevant resource id from the ResourceEntity. Essentially, this will need to be
- // the resource's Id, but for now it needs to be the resource type Id due to the existing architecture
- // of the authorization (admin*) tables.
- if(resourceEntity != null) {
- ResourceTypeEntity resourceType = resourceEntity.getResourceType();
-
- if(resourceType != null) {
- Integer resourceTypeId = resourceType.getId();
- if (resourceTypeId != null)
- resourceId = resourceTypeId.longValue();
- }
- }
+ Long resourceId = (resourceEntity == null) ? null : resourceEntity.getId();
return (resourceId == null)
? AuthorizationHelper.isAuthorized(ResourceType.AMBARI, null, RoleAuthorization.AMBARI_MANAGE_VIEWS)
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
index 6d6cea6..33d1c29 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
@@ -896,7 +896,7 @@ public class AmbariManagementControllerImplTest {
expect(clusterRequest.getClusterId()).andReturn(1L).times(6);
expect(clusterRequest.getSecurityType()).andReturn(SecurityType.NONE).anyTimes();
expect(clusters.getClusterById(1L)).andReturn(cluster).times(2);
- expect(cluster.getClusterId()).andReturn(1L).times(2);
+ expect(cluster.getResourceId()).andReturn(1L).times(3);
expect(cluster.getClusterName()).andReturn("cluster").times(2);
expect(cluster.getSecurityType()).andReturn(SecurityType.KERBEROS).anyTimes();
expect(cluster.getCurrentClusterVersion()).andReturn(null).anyTimes();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProviderTest.java
index 9b47bf7..e9abfb3 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ActiveWidgetLayoutResourceProviderTest.java
@@ -103,12 +103,12 @@ public class ActiveWidgetLayoutResourceProviderTest extends EasyMockSupport {
@Test
public void testGetResources_NonAdministrator_Self() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testGetResources_NonAdministrator_Other() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test(expected = SystemException.class)
@@ -118,12 +118,12 @@ public class ActiveWidgetLayoutResourceProviderTest extends EasyMockSupport {
@Test(expected = SystemException.class)
public void testCreateResources_NonAdministrator_Self() throws Exception {
- createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = SystemException.class)
public void testCreateResources_NonAdministrator_Other() throws Exception {
- createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test
@@ -133,12 +133,12 @@ public class ActiveWidgetLayoutResourceProviderTest extends EasyMockSupport {
@Test
public void testUpdateResources_NonAdministrator_Self() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testUpdateResources_NonAdministrator_Other() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test(expected = SystemException.class)
@@ -148,12 +148,12 @@ public class ActiveWidgetLayoutResourceProviderTest extends EasyMockSupport {
@Test(expected = SystemException.class)
public void testDeleteResources_NonAdministrator_Self() throws Exception {
- deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = SystemException.class)
public void testDeleteResources_NonAdministrator_Other() throws Exception {
- deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
private void getResourcesTest(Authentication authentication, String requestedUsername) throws Exception {
@@ -170,6 +170,7 @@ public class ActiveWidgetLayoutResourceProviderTest extends EasyMockSupport {
Cluster cluster = createNiceMock(Cluster.class);
expect(cluster.getClusterName()).andReturn("c1").atLeastOnce();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
Clusters clusters = injector.getInstance(Clusters.class);
expect(clusters.getClusterById(2L)).andReturn(cluster).atLeastOnce();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
index 4357a24..98494d8 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
@@ -102,7 +102,7 @@ public class AmbariPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testCreateResources_NonAdministrator() throws Exception {
- createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
@Test
@@ -112,7 +112,7 @@ public class AmbariPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testGetResources_NonAdministrator() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
@Test
@@ -127,12 +127,12 @@ public class AmbariPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testGetResource_NonAdministrator_Self() throws Exception {
- getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testGetResource_NonAdministrator_Other() throws Exception {
- getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test
@@ -147,12 +147,12 @@ public class AmbariPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testUpdateResources_NonAdministrator_Self() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testUpdateResources_NonAdministrator_Other() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test
@@ -162,7 +162,7 @@ public class AmbariPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testDeleteResources_NonAdministrator() throws Exception {
- deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
@Test
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
index c272f2b..bff15af 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
@@ -94,7 +94,7 @@ public class ClusterPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testCreateResources_NonAdministrator() throws Exception {
- createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ createResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
@Test
@@ -104,7 +104,7 @@ public class ClusterPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testGetResources_NonAdministrator() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
@Test
@@ -119,12 +119,12 @@ public class ClusterPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testGetResource_NonAdministrator_Self() throws Exception {
- getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testGetResource_NonAdministrator_Other() throws Exception {
- getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ getResourceTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test
@@ -139,12 +139,12 @@ public class ClusterPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testUpdateResources_NonAdministrator_Self() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testUpdateResources_NonAdministrator_Other() throws Exception {
- updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ updateResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test
@@ -154,7 +154,7 @@ public class ClusterPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = AuthorizationException.class)
public void testDeleteResources_NonAdministrator() throws Exception {
- deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ deleteResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CompatibleRepositoryVersionResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CompatibleRepositoryVersionResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CompatibleRepositoryVersionResourceProviderTest.java
index dd8efa6..82abdc4 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CompatibleRepositoryVersionResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CompatibleRepositoryVersionResourceProviderTest.java
@@ -231,7 +231,7 @@ public class CompatibleRepositoryVersionResourceProviderTest {
@Test
public void testGetResources() throws Exception {
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("admin"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("admin", 2L));
final ResourceProvider provider = injector.getInstance(ResourceProviderFactory.class).getRepositoryVersionResourceProvider();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
index 7f99bb2..31bf191 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
@@ -111,12 +111,12 @@ public class CredentialResourceProviderTest {
@Test
public void testCreateResourcesAsClusterAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testCreateResources(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testCreateResourcesAsServiceAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testCreateResources(TestAuthenticationFactory.createServiceAdministrator());
}
private void testCreateResources(Authentication authentication) throws Exception {
@@ -315,12 +315,12 @@ public class CredentialResourceProviderTest {
@Test
public void testGetResourcesAsClusterAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResources(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testGetResourcesAsServiceAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testGetResources(TestAuthenticationFactory.createServiceAdministrator());
}
private void testGetResources(Authentication authentication) throws Exception {
@@ -392,12 +392,12 @@ public class CredentialResourceProviderTest {
@Test
public void testGetResourcesWithPredicateAsClusterAdministrator() throws Exception {
- testGetResourcesWithPredicate(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResourcesWithPredicate(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testGetResourcesWithPredicateAsServiceAdministrator() throws Exception {
- testGetResourcesWithPredicate(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testGetResourcesWithPredicate(TestAuthenticationFactory.createServiceAdministrator());
}
private void testGetResourcesWithPredicate(Authentication authentication) throws Exception {
@@ -469,12 +469,12 @@ public class CredentialResourceProviderTest {
@Test
public void testGetResourcesWithPredicateNoResultsAsClusterAdministrator() throws Exception {
- testGetResourcesWithPredicateNoResults(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResourcesWithPredicateNoResults(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testGetResourcesWithPredicateNoResultsAsServiceAdministrator() throws Exception {
- testGetResourcesWithPredicateNoResults(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testGetResourcesWithPredicateNoResults(TestAuthenticationFactory.createServiceAdministrator());
}
private void testGetResourcesWithPredicateNoResults(Authentication authentication) throws Exception {
@@ -538,12 +538,12 @@ public class CredentialResourceProviderTest {
@Test
public void testGetResourcesWithoutPredicateAsClusterAdministrator() throws Exception {
- testGetResourcesWithoutPredicate(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResourcesWithoutPredicate(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testGetResourcesWithoutPredicateAsServiceAdministrator() throws Exception {
- testGetResourcesWithoutPredicate(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testGetResourcesWithoutPredicate(TestAuthenticationFactory.createServiceAdministrator());
}
private void testGetResourcesWithoutPredicate(Authentication authentication) throws Exception {
@@ -587,12 +587,12 @@ public class CredentialResourceProviderTest {
@Test
public void testUpdateResourcesAsClusterAdministrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testUpdateResources(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testUpdateResourcesAsServiceAdministrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testUpdateResources(TestAuthenticationFactory.createServiceAdministrator());
}
private void testUpdateResources(Authentication authentication) throws Exception {
@@ -681,12 +681,12 @@ public class CredentialResourceProviderTest {
@Test
public void testUpdateResourcesResourceNotFoundAsClusterAdministrator() throws Exception {
- testUpdateResourcesResourceNotFound(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testUpdateResourcesResourceNotFound(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testUpdateResourcesResourceNotFoundAsServiceAdministrator() throws Exception {
- testUpdateResourcesResourceNotFound(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testUpdateResourcesResourceNotFound(TestAuthenticationFactory.createServiceAdministrator());
}
private void testUpdateResourcesResourceNotFound(Authentication authentication) throws Exception {
@@ -752,12 +752,12 @@ public class CredentialResourceProviderTest {
@Test
public void testDeleteResourcesAsClusterAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testDeleteResources(TestAuthenticationFactory.createClusterAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testDeleteResourcesAsServiceAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createServiceAdministrator("User10"));
+ testDeleteResources(TestAuthenticationFactory.createServiceAdministrator());
}
private void testDeleteResources(Authentication authentication) throws Exception {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupResourceProviderTest.java
index 34b674f..7d1bddf 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupResourceProviderTest.java
@@ -65,7 +65,7 @@ public class GroupResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testCreateResources_ClusterAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testCreateResources(Authentication authentication) throws Exception {
@@ -113,7 +113,7 @@ public class GroupResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testGetResources_ClusterAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
public void testGetResources(Authentication authentication) throws Exception {
@@ -165,7 +165,7 @@ public class GroupResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testUpdateResources_ClusterAdminstrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testUpdateResources(Authentication authentication) throws Exception {
@@ -208,7 +208,7 @@ public class GroupResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testDeleteResources_ClusterAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testDeleteResources(Authentication authentication) throws Exception {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostResourceProviderTest.java
index ab41dfe..03ef06d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostResourceProviderTest.java
@@ -902,6 +902,7 @@ public class HostResourceProviderTest extends EasyMockSupport {
cluster.recalculateAllClusterVersionStates();
expectLastCall().anyTimes();
expect(cluster.getClusterId()).andReturn(2L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
expect(hostResponse1.getClusterName()).andReturn("Cluster100").anyTimes();
expect(hostResponse1.getHostname()).andReturn("Host100").anyTimes();
expect(hostResponse1.getHealthStatus()).andReturn(healthStatus).anyTimes();
@@ -995,6 +996,7 @@ public class HostResourceProviderTest extends EasyMockSupport {
cluster.recalculateAllClusterVersionStates();
expectLastCall().anyTimes();
expect(cluster.getClusterId()).andReturn(2L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
expect(hostResponse1.getClusterName()).andReturn("Cluster100").anyTimes();
expect(hostResponse1.getHostname()).andReturn("Host100").anyTimes();
expect(hostResponse1.getHealthStatus()).andReturn(healthStatus).anyTimes();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/MemberResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/MemberResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/MemberResourceProviderTest.java
index b2a084a..26a5cff 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/MemberResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/MemberResourceProviderTest.java
@@ -60,7 +60,7 @@ public class MemberResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testCreateResources_ClusterAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testCreateResources(Authentication authentication) throws Exception {
@@ -116,7 +116,7 @@ public class MemberResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testGetResources_ClusterAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testGetResources(Authentication authentication) throws Exception {
@@ -164,7 +164,7 @@ public class MemberResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testUpdateResources_ClusterAdministrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testUpdateResources(Authentication authentication) throws Exception {
@@ -219,7 +219,7 @@ public class MemberResourceProviderTest {
@Test(expected = AuthorizationException.class)
public void testDeleteResources_ClusterAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1", 2L));
}
private void testDeleteResources(Authentication authentication) throws Exception {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProviderTest.java
index c99f631..7915950 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RepositoryVersionResourceProviderTest.java
@@ -233,12 +233,12 @@ public class RepositoryVersionResourceProviderTest {
@Test
public void testCreateResourcesAsAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createAdministrator("admin"));
+ testCreateResources(TestAuthenticationFactory.createAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testCreateResourcesAsClusterAdministrator() throws Exception {
- testCreateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testCreateResources(TestAuthenticationFactory.createClusterAdministrator());
}
private void testCreateResources(Authentication authentication) throws Exception {
@@ -268,12 +268,12 @@ public class RepositoryVersionResourceProviderTest {
@Test
public void testGetResourcesAsAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createAdministrator("admin"));
+ testGetResources(TestAuthenticationFactory.createAdministrator());
}
@Test
public void testGetResourcesAsClusterAdministrator() throws Exception {
- testGetResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testGetResources(TestAuthenticationFactory.createClusterAdministrator());
}
private void testGetResources(Authentication authentication) throws Exception {
@@ -376,12 +376,12 @@ public class RepositoryVersionResourceProviderTest {
@Test
public void testDeleteResourcesAsAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createAdministrator("admin"));
+ testDeleteResources(TestAuthenticationFactory.createAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testDeleteResourcesAsClusterAdministrator() throws Exception {
- testDeleteResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testDeleteResources(TestAuthenticationFactory.createClusterAdministrator());
}
private void testDeleteResources(Authentication authentication) throws Exception {
@@ -416,12 +416,12 @@ public class RepositoryVersionResourceProviderTest {
@Test
public void testUpdateResourcesAsAdministrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createAdministrator("admin"));
+ testUpdateResources(TestAuthenticationFactory.createAdministrator());
}
@Test(expected = AuthorizationException.class)
public void testUpdateResourcesAsClusterAdministrator() throws Exception {
- testUpdateResources(TestAuthenticationFactory.createClusterAdministrator("User1"));
+ testUpdateResources(TestAuthenticationFactory.createClusterAdministrator());
}
private void testUpdateResources(Authentication authentication) throws Exception {
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
index b3168f2..9377493 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java
@@ -174,6 +174,7 @@ public class RequestResourceProviderTest {
Cluster cluster = createNiceMock(Cluster.class);
expect(cluster.getClusterId()).andReturn(1L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
Clusters clusters = createNiceMock(Clusters.class);
expect(clusters.getCluster("foo_cluster")).andReturn(cluster).anyTimes();
@@ -913,6 +914,7 @@ public class RequestResourceProviderTest {
Cluster cluster = createMock(Cluster.class);
expect(cluster.getClusterId()).andReturn(2L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
Clusters clusters = createMock(Clusters.class);
expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes();
@@ -1009,6 +1011,7 @@ public class RequestResourceProviderTest {
Cluster cluster = createMock(Cluster.class);
expect(cluster.getClusterId()).andReturn(2L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
Clusters clusters = createMock(Clusters.class);
expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes();
@@ -1129,6 +1132,7 @@ public class RequestResourceProviderTest {
Cluster cluster = createMock(Cluster.class);
expect(cluster.getClusterId()).andReturn(2L).anyTimes();
+ expect(cluster.getResourceId()).andReturn(4L).anyTimes();
Clusters clusters = createMock(Clusters.class);
expect(clusters.getCluster("c1")).andReturn(cluster).anyTimes();
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java
index 1b1bdc3..c19e5ad 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserAuthorizationResourceProviderTest.java
@@ -103,12 +103,12 @@ public class UserAuthorizationResourceProviderTest extends EasyMockSupport {
@Test
public void testGetResources_NonAdministrator_Self() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testGetResources_NonAdministrator_Other() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test(expected = SystemException.class)
@@ -117,7 +117,7 @@ public class UserAuthorizationResourceProviderTest extends EasyMockSupport {
replayAll();
// Set the authenticated user to a non-administrator
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
AmbariManagementController managementController = injector.getInstance(AmbariManagementController.class);
UserAuthorizationResourceProvider provider = new UserAuthorizationResourceProvider(managementController);
provider.createResources(createNiceMock(Request.class));
@@ -130,7 +130,7 @@ public class UserAuthorizationResourceProviderTest extends EasyMockSupport {
replayAll();
// Set the authenticated user to a non-administrator
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
AmbariManagementController managementController = injector.getInstance(AmbariManagementController.class);
UserAuthorizationResourceProvider provider = new UserAuthorizationResourceProvider(managementController);
provider.updateResources(createNiceMock(Request.class), null);
@@ -143,7 +143,7 @@ public class UserAuthorizationResourceProviderTest extends EasyMockSupport {
replayAll();
// Set the authenticated user to a non-administrator
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
AmbariManagementController managementController = injector.getInstance(AmbariManagementController.class);
UserAuthorizationResourceProvider provider = new UserAuthorizationResourceProvider(managementController);
provider.deleteResources(null);
http://git-wip-us.apache.org/repos/asf/ambari/blob/f790baac/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProviderTest.java
index fdcfbce..28a061c 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserPrivilegeResourceProviderTest.java
@@ -63,7 +63,7 @@ public class UserPrivilegeResourceProviderTest extends EasyMockSupport {
@Test(expected = SystemException.class)
public void testCreateResources() throws Exception {
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
UserPrivilegeResourceProvider resourceProvider = new UserPrivilegeResourceProvider();
resourceProvider.createResources(createNiceMock(Request.class));
}
@@ -75,24 +75,24 @@ public class UserPrivilegeResourceProviderTest extends EasyMockSupport {
@Test
public void testGetResources_NonAdministrator_Self() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User1");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User1");
}
@Test(expected = AuthorizationException.class)
public void testGetResources_NonAdministrator_Other() throws Exception {
- getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1"), "User10");
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("User1", 2L), "User10");
}
@Test(expected = SystemException.class)
public void testUpdateResources() throws Exception {
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
UserPrivilegeResourceProvider resourceProvider = new UserPrivilegeResourceProvider();
resourceProvider.updateResources(createNiceMock(Request.class), createNiceMock(Predicate.class));
}
@Test(expected = SystemException.class)
public void testDeleteResources() throws Exception {
- SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1"));
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
UserPrivilegeResourceProvider resourceProvider = new UserPrivilegeResourceProvider();
resourceProvider.deleteResources(createNiceMock(Predicate.class));
}