You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2014/08/13 22:01:12 UTC
[2/6] git commit: AMBARI-6849 Admin: remove "roles" prop from users.
(Buzhor Denys via ababiichuk)
AMBARI-6849 Admin: remove "roles" prop from users. (Buzhor Denys via ababiichuk)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/efc6eee8
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/efc6eee8
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/efc6eee8
Branch: refs/heads/branch-alerts-dev
Commit: efc6eee8d9f272ad389924584abb8f21073ecd15
Parents: 1eaf6a9
Author: aBabiichuk <ab...@cybervisiontech.com>
Authored: Wed Aug 13 19:01:59 2014 +0300
Committer: aBabiichuk <ab...@cybervisiontech.com>
Committed: Wed Aug 13 19:02:17 2014 +0300
----------------------------------------------------------------------
.../app/assets/data/users/privileges.json | 14 ++++
.../app/assets/data/users/privileges_admin.json | 14 ++++
.../controllers/global/cluster_controller.js | 48 +++++++++--
ambari-web/app/mappers/users_mapper.js | 20 +++--
ambari-web/app/models/user.js | 17 ++--
ambari-web/app/router.js | 87 ++++++++++++--------
ambari-web/app/utils/ajax/ajax.js | 12 +++
ambari-web/app/views/main/admin/user/create.js | 15 +---
ambari-web/app/views/main/admin/user/edit.js | 15 +---
ambari-web/test/mappers/users_mapper_test.js | 7 +-
.../test/views/main/admin/user/create_test.js | 25 ------
.../test/views/main/admin/user/edit_test.js | 25 ------
12 files changed, 167 insertions(+), 132 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/assets/data/users/privileges.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/users/privileges.json b/ambari-web/app/assets/data/users/privileges.json
new file mode 100644
index 0000000..a461206
--- /dev/null
+++ b/ambari-web/app/assets/data/users/privileges.json
@@ -0,0 +1,14 @@
+{
+ "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges?PrivilegeInfo/principal_name=admin&fields=PrivilegeInfo/*",
+ "items" : [
+ {
+ "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges/1",
+ "PrivilegeInfo" : {
+ "permission_name" : "AMBARI.ADMIN",
+ "principal_name" : "admin",
+ "principal_type" : "USER",
+ "privilege_id" : 1
+ }
+ }
+ ]
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/assets/data/users/privileges_admin.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/users/privileges_admin.json b/ambari-web/app/assets/data/users/privileges_admin.json
new file mode 100644
index 0000000..a461206
--- /dev/null
+++ b/ambari-web/app/assets/data/users/privileges_admin.json
@@ -0,0 +1,14 @@
+{
+ "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges?PrivilegeInfo/principal_name=admin&fields=PrivilegeInfo/*",
+ "items" : [
+ {
+ "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges/1",
+ "PrivilegeInfo" : {
+ "permission_name" : "AMBARI.ADMIN",
+ "principal_name" : "admin",
+ "principal_type" : "USER",
+ "privilege_id" : 1
+ }
+ }
+ ]
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/controllers/global/cluster_controller.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/controllers/global/cluster_controller.js b/ambari-web/app/controllers/global/cluster_controller.js
index 77bcccd..ba1006c 100644
--- a/ambari-web/app/controllers/global/cluster_controller.js
+++ b/ambari-web/app/controllers/global/cluster_controller.js
@@ -259,7 +259,6 @@ App.ClusterController = Em.Controller.extend({
return;
}
var clusterUrl = this.getUrl('/data/clusters/cluster.json', '?fields=Clusters');
- var usersUrl = App.get('testMode') ? '/data/users/users.json' : App.get('apiPrefix') + '/users/?fields=*';
var racksUrl = "/data/racks/racks.json";
@@ -292,13 +291,7 @@ App.ClusterController = Em.Controller.extend({
});
}
- App.HttpClient.get(usersUrl, App.usersMapper, {
- complete: function (jqXHR, textStatus) {
- self.updateLoadStatus('users');
- }
- }, function (jqXHR, textStatus) {
- self.updateLoadStatus('users');
- });
+ this.loadUsersInfo();
/**
* Order of loading:
@@ -433,6 +426,45 @@ App.ClusterController = Em.Controller.extend({
console.warn('can\'t get ambari properties');
},
+ /**
+ * Load info about users.
+ **/
+ loadUsersInfo: function() {
+ return App.ajax.send({
+ name: 'users.all',
+ sender: this,
+ success: 'loadUsersSuccess',
+ error: 'loadUsersError'
+ });
+ },
+
+ loadUsersSuccess: function(data) {
+ App.ajax.send({
+ name: 'users.privileges',
+ sender: this,
+ data: {
+ users: data
+ },
+ success: 'loadUsersPrivilegesSuccess'
+ });
+ },
+
+ loadUsersError: function() {
+ this.updateLoadStatus('users');
+ },
+ /**
+ * Load privileges, check relations between user and privilege,
+ * map users using <code>App.usersMappper</code>.
+ **/
+ loadUsersPrivilegesSuccess: function(data, opt, params) {
+ params.users.items.forEach(function(user) {
+ user.privileges = {};
+ user.privileges.items = data.items.filterProperty('PrivilegeInfo.principal_name', user.Users.user_name);
+ });
+ App.usersMapper.map(params.users);
+ this.updateLoadStatus('users');
+ },
+
updateClusterData: function () {
var testUrl = App.get('isHadoop2Stack') ? '/data/clusters/HDP2/cluster.json' : '/data/clusters/cluster.json';
var clusterUrl = this.getUrl(testUrl, '?fields=Clusters');
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/mappers/users_mapper.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/mappers/users_mapper.js b/ambari-web/app/mappers/users_mapper.js
index f85f682..19b3098 100644
--- a/ambari-web/app/mappers/users_mapper.js
+++ b/ambari-web/app/mappers/users_mapper.js
@@ -23,22 +23,32 @@ App.usersMapper = App.QuickDataMapper.create({
config : {
id : 'Users.user_name',
user_name : 'Users.user_name',
- roles : 'Users.roles',
is_ldap: 'Users.ldap_user',
- admin: 'Users.admin'
+ admin: 'Users.admin',
+ permissions: 'permissions'
},
map: function (json) {
var self = this;
json.items.forEach(function (item) {
var result= [];
if(!App.User.find().someProperty("userName", item.Users.user_name)) {
- item.Users.admin = self.isAdmin(item.Users.roles);
+ item.permissions = [];
+ if (!!Em.get(item.privileges, 'items.length')) {
+ item.permissions = item.privileges.items.mapProperty('PrivilegeInfo.permission_name');
+ }
+ item.Users.admin = self.isAdmin(item.permissions);
result.push(self.parseIt(item, self.config));
App.store.loadMany(self.get('model'), result);
}
});
},
- isAdmin: function(roles) {
- return (roles.indexOf("admin") >= 0);
+
+ /**
+ * Check if user is admin.
+ * @param {Array} permissionList
+ * @return {Boolean}
+ **/
+ isAdmin: function(permissionList) {
+ return permissionList.indexOf('AMBARI.ADMIN') > -1 || permissionList.indexOf('CLUSTER.OPERATOR') > -1;
}
});
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/models/user.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/models/user.js b/ambari-web/app/models/user.js
index d1f1b9a..d8729e2 100644
--- a/ambari-web/app/models/user.js
+++ b/ambari-web/app/models/user.js
@@ -24,7 +24,6 @@ App.User = DS.Model.extend({
id:function(){
return this.get('userName');
}.property('userName'),
- roles:DS.attr('string'),
isLdap:DS.attr('boolean'),
type: function(){
if(this.get('isLdap')){
@@ -33,7 +32,17 @@ App.User = DS.Model.extend({
return 'Local';
}.property('isLdap'),
auditItems:DS.hasMany('App.ServiceAudit'),
- admin: DS.attr('boolean')
+ admin: DS.attr('boolean'),
+ /**
+ * List of permissions assigned to user
+ * Available permissions:
+ * AMBARI.ADMIN
+ * CLUSTER.READ
+ * CLUSTER.OPERATE
+ * VIEW.USE
+ * @property {Array} permissions
+ **/
+ permissions: DS.attr('array')
});
App.EditUserForm = App.Form.extend({
@@ -48,7 +57,6 @@ App.EditUserForm = App.Form.extend({
{ name:"new_password", displayName:"New Password", displayType:"password", isRequired: false },
{ name:"new_passwordRetype", displayName:"Retype New Password", displayType:"password", isRequired: false },
{ name:"admin", displayName:"Admin", displayType:"checkbox", isRequired:false },
- { name:"roles", displayName:"Role", isRequired:false, isHidden:true },
{ name:"isLdap", displayName:"Type", isRequired:false, isHidden:true }
],
fields:[],
@@ -116,8 +124,7 @@ App.CreateUserForm = App.Form.extend({
{ name:"userName", displayName:"Username", toLowerCase: function(){var v = this.get('value'); this.set('value', v.toLowerCase())}.observes('value') },
{ name:"password", displayName:"Password", displayType:"password", isRequired: true },
{ name:"passwordRetype", displayName:"Retype Password", displayType:"password", validator:"passwordRetype", isRequired: true },
- { name:"admin", displayName:"Admin", displayType:"checkbox", isRequired:false, defaultValue: true},
- { name:"roles", displayName:"Role", isRequired:false, isHidden:true }
+ { name:"admin", displayName:"Admin", displayType:"checkbox", isRequired:false, defaultValue: true}
],
fields:[],
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/router.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/router.js b/ambari-web/app/router.js
index 505b760..8bc0cf3 100644
--- a/ambari-web/app/router.js
+++ b/ambari-web/app/router.js
@@ -155,6 +155,37 @@ App.Router = Em.Router.extend({
return App.db.getUser();
},
+ /**
+ * Get user privileges.
+ *
+ * @param {String} userName
+ * @returns {$.Deferred}
+ **/
+ getUserPrivileges: function(userName) {
+ return App.ajax.send({
+ name: 'router.user.privileges',
+ sender: this,
+ data: {
+ userName: userName
+ },
+ success: 'getUserPrivilegesSuccess'
+ });
+ },
+
+ getUserPrivilegesSuccess: function() {},
+
+ setUserLoggedIn: function(userName) {
+ var controller = this.get('loginController'),
+ self = this;
+ this.setAuthenticated(true);
+ this.setLoginName(userName);
+ this.setUser(App.User.find().findProperty('id', userName));
+ this.getSection(function(route){
+ self.transitionTo(route);
+ controller.postLogin(true,true);
+ });
+ },
+
login: function () {
var controller = this.get('loginController');
var loginName = controller.get('loginName').toLowerCase();
@@ -191,33 +222,30 @@ App.Router = Em.Router.extend({
loginSuccessCallback: function(data, opt, params) {
console.log('login success');
- var d = data;
- var isAdmin = data.Users.roles.indexOf('admin') >= 0;
+ var isAdmin = false;
var self = this;
- if (isAdmin) {
- App.set('isAdmin', true);
- var controller = this.get('loginController');
- this.setAuthenticated(true);
- this.setLoginName(params.loginName);
+ this.getUserPrivileges(data.Users.user_name).done(function(privileges) {
+ data.privileges = privileges;
App.usersMapper.map({"items": [data]});
- this.setUser(App.User.find().findProperty('id', params.loginName));
- this.getSection(function(route){
- self.transitionTo(route);
- controller.postLogin(true,true);
- });
- }
- else {
- App.ajax.send({
- name: 'router.login2',
- sender: this,
- data: {
- loginName: params.loginName,
- loginData: data
- },
- success: 'login2SuccessCallback',
- error: 'login2ErrorCallback'
- });
- }
+ isAdmin = App.usersMapper.isAdmin(privileges.items.mapProperty('PrivilegeInfo.permission_name'));
+ if (isAdmin) {
+ App.set('isAdmin', true);
+ self.setUserLoggedIn(params.loginName);
+ return true;
+ }
+ else {
+ return App.ajax.send({
+ name: 'router.login2',
+ sender: self,
+ data: {
+ loginName: params.loginName,
+ loginData: data
+ },
+ success: 'login2SuccessCallback',
+ error: 'login2ErrorCallback'
+ });
+ }
+ });
},
loginErrorCallback: function(request, ajaxOptions, error, opt) {
@@ -234,16 +262,9 @@ App.Router = Em.Router.extend({
login2SuccessCallback: function (clusterResp, opt, params) {
var controller = this.get('loginController');
- var self = this;
if (clusterResp.items.length) {
- this.setAuthenticated(true);
- this.setLoginName(params.loginName);
App.usersMapper.map({"items": [params.loginData]});
- this.setUser(App.User.find().findProperty('id', params.loginName));
- this.getSection(function(route){
- self.transitionTo(route);
- controller.postLogin(true,true);
- });
+ this.setUserLoggedIn(params.loginName);
}
else {
controller.set('errorMessage', Em.I18n.t('router.hadoopClusterNotSetUp'));
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/utils/ajax/ajax.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/ajax/ajax.js b/ambari-web/app/utils/ajax/ajax.js
index 0de25d4..64a3fcc 100644
--- a/ambari-web/app/utils/ajax/ajax.js
+++ b/ambari-web/app/utils/ajax/ajax.js
@@ -1332,6 +1332,18 @@ var urls = {
};
}
},
+ 'users.all': {
+ real: '/users/?fields=*',
+ mock: '/data/users/users.json'
+ },
+ 'users.privileges': {
+ real: '/privileges?fields=*',
+ mock: '/data/users/privileges.json'
+ },
+ 'router.user.privileges': {
+ real: '/privileges?PrivilegeInfo/principal_name={userName}&fields=*',
+ mock: '/data/users/privileges_{userName}.json'
+ },
'router.login2': {
'real': '/clusters',
'mock': '/data/clusters/info.json'
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/views/main/admin/user/create.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/views/main/admin/user/create.js b/ambari-web/app/views/main/admin/user/create.js
index d6f33d9..12d5607 100644
--- a/ambari-web/app/views/main/admin/user/create.js
+++ b/ambari-web/app/views/main/admin/user/create.js
@@ -46,8 +46,6 @@ App.MainAdminUserCreateView = Em.View.extend({
var form = this.get("userForm");
if (!form.isValid()) return false;
- this.identifyRoles(form);
-
return !!App.ajax.send({
name: 'admin.user.create',
sender: this,
@@ -56,8 +54,7 @@ App.MainAdminUserCreateView = Em.View.extend({
form: form,
data: {
Users: {
- password: form.getField("password").get('value'),
- roles: form.getField("roles").get('value')
+ password: form.getField("password").get('value')
}
}
},
@@ -67,16 +64,6 @@ App.MainAdminUserCreateView = Em.View.extend({
},
/**
- * identify roles of user by admin checkbox
- * @param form
- */
- identifyRoles: function (form) {
- var roles = (form.getField("admin").get('value') === true) ? 'admin,user' : 'user';
- form.getField("roles").set("value", roles);
- return roles;
- },
-
- /**
* Success-callback for create user request
* @param {object} data
* @param {object} opts
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/app/views/main/admin/user/edit.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/views/main/admin/user/edit.js b/ambari-web/app/views/main/admin/user/edit.js
index 64211ea..738de30 100644
--- a/ambari-web/app/views/main/admin/user/edit.js
+++ b/ambari-web/app/views/main/admin/user/edit.js
@@ -42,9 +42,7 @@ App.MainAdminUserEditView = Em.View.extend({
var form = this.get("userForm");
if (!form.isValid()) return false;
- var Users = {
- roles: this.identifyRoles(form)
- };
+ var Users = {};
this.setPassword(Users, form);
@@ -79,17 +77,6 @@ App.MainAdminUserEditView = Em.View.extend({
},
/**
- * identify roles of user by admin checkbox
- * @param form
- * @return {String}
- */
- identifyRoles: function (form) {
- var roles = (form.getField("admin").get('value') === true) ? 'admin,user' : 'user';
- form.getField("roles").set("value", roles);
- return roles;
- },
-
- /**
* Success callback for edit user request
* @param {object} data
* @param {object} opt
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/test/mappers/users_mapper_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/mappers/users_mapper_test.js b/ambari-web/test/mappers/users_mapper_test.js
index 6db6f48..20c6bae 100644
--- a/ambari-web/test/mappers/users_mapper_test.js
+++ b/ambari-web/test/mappers/users_mapper_test.js
@@ -26,9 +26,10 @@ describe('App.usersMapper', function () {
describe('#isAdmin', function() {
var tests = [
- {i:'user,admin',e:true,m:'has admin role'},
- {i:'admin,user',e:true,m:'has admin role'},
- {i:'user',e:false,m:'doesn\'t have admin role'}
+ {i:["AMBARI.ADMIN"],e:true,m:'has admin role'},
+ {i:["CLUSTER.READ", "AMBARI.ADMIN"],e:true,m:'has admin role'},
+ {i:["VIEW.USE"],e:false,m:'doesn\'t have admin role'},
+ {i:["CLUSTER.OPERATOR"],e:true,m:'has admin role'}
];
tests.forEach(function(test) {
it(test.m, function() {
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/test/views/main/admin/user/create_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/views/main/admin/user/create_test.js b/ambari-web/test/views/main/admin/user/create_test.js
index 672e25b..bd5b88c 100644
--- a/ambari-web/test/views/main/admin/user/create_test.js
+++ b/ambari-web/test/views/main/admin/user/create_test.js
@@ -44,40 +44,15 @@ describe('App.MainAdminUserCreateView', function () {
});
it('form is valid', function () {
view.set('userForm.mockIsValid', true);
- sinon.stub(view, 'identifyRoles', Em.K);
sinon.stub(App.ajax, 'send', Em.K);
expect(view.create()).to.be.true;
- expect(view.identifyRoles.calledOnce).to.be.true;
expect(App.ajax.send.calledOnce).to.be.true;
- view.identifyRoles.restore();
App.ajax.send.restore();
});
});
- describe('#identifyRoles()', function () {
- var mock = Em.Object.create();
- var form = Em.Object.create({
- getField: function () {
- return mock;
- }
- });
-
- it('admin is false', function () {
- mock.set('value', false);
-
- expect(view.identifyRoles(form)).to.equal('user');
- expect(mock.get('value')).to.equal('user');
- });
- it('admin is true', function () {
- mock.set('value', true);
-
- expect(view.identifyRoles(form)).to.equal('admin,user');
- expect(mock.get('value')).to.equal('admin,user');
- });
- });
-
describe('#createUserSuccessCallback()', function () {
it('', function () {
http://git-wip-us.apache.org/repos/asf/ambari/blob/efc6eee8/ambari-web/test/views/main/admin/user/edit_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/views/main/admin/user/edit_test.js b/ambari-web/test/views/main/admin/user/edit_test.js
index c82fbc1..21cdb2b 100644
--- a/ambari-web/test/views/main/admin/user/edit_test.js
+++ b/ambari-web/test/views/main/admin/user/edit_test.js
@@ -55,16 +55,13 @@ describe('App.MainAdminUserEditView', function () {
sinon.stub(view.get('userForm'), 'isValid', function () {
return true;
});
- sinon.stub(view, 'identifyRoles', Em.K);
sinon.stub(view, 'setPassword', Em.K);
expect(view.edit()).to.be.true;
expect(App.ajax.send.calledOnce).to.be.true;
- expect(view.identifyRoles.calledOnce).to.be.true;
expect(view.setPassword.calledOnce).to.be.true;
- view.identifyRoles.restore();
view.setPassword.restore();
});
});
@@ -109,28 +106,6 @@ describe('App.MainAdminUserEditView', function () {
});
});
- describe('#identifyRoles()', function () {
- var mock = Em.Object.create();
- var form = Em.Object.create({
- getField: function () {
- return mock;
- }
- });
-
- it('admin is false', function () {
- mock.set('value', false);
-
- expect(view.identifyRoles(form)).to.equal('user');
- expect(mock.get('value')).to.equal('user');
- });
- it('admin is true', function () {
- mock.set('value', true);
-
- expect(view.identifyRoles(form)).to.equal('admin,user');
- expect(mock.get('value')).to.equal('admin,user');
- });
- });
-
describe('#editUserSuccessCallback()', function () {
it('', function () {
var params = {