You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by tb...@apache.org on 2014/07/20 13:49:58 UTC
[2/3] AMBARI-6543 - Views : Admin - Add Privilege Resource
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
new file mode 100644
index 0000000..a770f1d
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
@@ -0,0 +1,155 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinColumns;
+import javax.persistence.ManyToOne;
+import javax.persistence.NamedQueries;
+import javax.persistence.NamedQuery;
+import javax.persistence.Table;
+import javax.persistence.TableGenerator;
+
+/**
+ * Represents an admin permission.
+ */
+@Table(name = "adminpermission")
+@Entity
+@TableGenerator(name = "permission_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "permission_id_seq"
+ , initialValue = 5
+ , allocationSize = 1
+)
+
+@NamedQueries({
+ @NamedQuery(name = "permissionByName", query = "SELECT permission_entity FROM PermissionEntity permission_entity where permission_entity.permissionName=:permissionname")
+})
+public class PermissionEntity {
+
+ /**
+ * The permission id.
+ */
+ @Id
+ @Column(name = "permission_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "permission_id_generator")
+ private Integer id;
+
+
+ /**
+ * The permission name.
+ */
+ @Column(name = "permission_name")
+ private String permissionName;
+
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "resource_type_id", referencedColumnName = "resource_type_id", nullable = false),
+ })
+ private ResourceTypeEntity resourceType;
+
+
+ // ----- PermissionEntity ---------------------------------------------------
+
+ /**
+ * Get the permission id.
+ *
+ * @return the permission id.
+ */
+ public Integer getId() {
+ return id;
+ }
+
+ /**
+ * Set the permission id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Integer id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the permission name.
+ *
+ * @return the permission name
+ */
+ public String getPermissionName() {
+ return permissionName;
+ }
+
+ /**
+ * Set the permission name.
+ *
+ * @param permissionName the permission name
+ */
+ public void setPermissionName(String permissionName) {
+ this.permissionName = permissionName;
+ }
+
+ /**
+ * Get the resource type entity.
+ *
+ * @return the resource type entity
+ */
+ public ResourceTypeEntity getResourceType() {
+ return resourceType;
+ }
+
+ /**
+ * Set the resource type entity.
+ *
+ * @param resourceType the resource type entity
+ */
+ public void setResourceType(ResourceTypeEntity resourceType) {
+ this.resourceType = resourceType;
+ }
+
+
+ // ----- Object overrides --------------------------------------------------
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ PermissionEntity that = (PermissionEntity) o;
+
+ if (!id.equals(that.id)) return false;
+ if (permissionName != null ? !permissionName.equals(that.permissionName) : that.permissionName != null)
+ return false;
+ if (resourceType != null ? !resourceType.equals(that.resourceType) : that.resourceType != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = id.hashCode();
+ result = 31 * result + (permissionName != null ? permissionName.hashCode() : 0);
+ result = 31 * result + (resourceType != null ? resourceType.hashCode() : 0);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalEntity.java
new file mode 100644
index 0000000..611ed7a
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalEntity.java
@@ -0,0 +1,109 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+import javax.persistence.*;
+
+/**
+ * Represents an admin principal.
+ */
+@Table(name = "adminprincipal")
+@Entity
+@TableGenerator(name = "principal_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "principal_id_seq"
+ , initialValue = 2
+ , allocationSize = 1
+)
+public class PrincipalEntity {
+
+ /**
+ * The type id.
+ */
+ @Id
+ @Column(name = "principal_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "principal_id_generator")
+ private Long id;
+
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "principal_type_id", referencedColumnName = "principal_type_id", nullable = false)
+ })
+ private PrincipalTypeEntity principalType;
+
+
+ // ----- PrincipalEntity ---------------------------------------------------
+
+ /**
+ * Get the principal type id.
+ *
+ * @return the principal type id.
+ */
+ public Long getId() {
+ return id;
+ }
+
+ /**
+ * Set the principal id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the principal type entity.
+ *
+ * @return the principal type entity
+ */
+ public PrincipalTypeEntity getPrincipalType() {
+ return principalType;
+ }
+
+ /**
+ * Set the principal type entity.
+ *
+ * @param principalType the principal type entity
+ */
+ public void setPrincipalType(PrincipalTypeEntity principalType) {
+ this.principalType = principalType;
+ }
+
+
+ // ----- Object overrides --------------------------------------------------
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ PrincipalEntity that = (PrincipalEntity) o;
+
+ return id.equals(that.id) && !(principalType != null ?
+ !principalType.equals(that.principalType) : that.principalType != null);
+ }
+
+ @Override
+ public int hashCode() {
+ int result = id.hashCode();
+ result = 31 * result + (principalType != null ? principalType.hashCode() : 0);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalTypeEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalTypeEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalTypeEntity.java
new file mode 100644
index 0000000..2f37592
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrincipalTypeEntity.java
@@ -0,0 +1,120 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+import javax.persistence.*;
+
+/**
+ * Represents a principal type.
+ */
+@Table(name = "adminprincipaltype")
+@Entity
+@TableGenerator(name = "principal_type_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "principal_type_id_seq"
+ , initialValue = 3
+ , allocationSize = 1
+)
+public class PrincipalTypeEntity {
+
+ /**
+ * Principal type constants.
+ */
+ public static final int USER_PRINCIPAL_TYPE = 1;
+ public static final int GROUP_PRINCIPAL_TYPE = 2;
+
+ public static final String USER_PRINCIPAL_TYPE_NAME = "USER";
+ public static final String GROUP_PRINCIPAL_TYPE_NAME = "GROUP";
+
+ /**
+ * The type id.
+ */
+ @Id
+ @Column(name = "principal_type_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "principal_type_id_generator")
+ private Integer id;
+
+ /**
+ * The type name.
+ */
+ @Column(name = "principal_type_name")
+ private String name;
+
+
+ // ----- PrincipalTypeEntity -----------------------------------------------
+
+ /**
+ * Get the principal type id.
+ *
+ * @return the principal type id.
+ */
+ public Integer getId() {
+ return id;
+ }
+
+ /**
+ * Set the principal type id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Integer id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the principal type name.
+ *
+ * @return the principal type name;
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Set the principal type name.
+ *
+ * @param name the principal type name.
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+
+ // ------ Object overrides -------------------------------------------------
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ PrincipalTypeEntity that = (PrincipalTypeEntity) o;
+
+ if (!id.equals(that.id)) return false;
+ if (name != null ? !name.equals(that.name) : that.name != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = id.hashCode();
+ result = 31 * result + (name != null ? name.hashCode() : 0);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrivilegeEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrivilegeEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrivilegeEntity.java
new file mode 100644
index 0000000..26802e6
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PrivilegeEntity.java
@@ -0,0 +1,182 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing privileges and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinColumns;
+import javax.persistence.ManyToOne;
+import javax.persistence.Table;
+import javax.persistence.TableGenerator;
+
+/**
+ * Represents an admin privilege.
+ */
+@Table(name = "adminprivilege")
+@Entity
+@TableGenerator(name = "privilege_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "privilege_id_seq"
+ , initialValue = 1
+ , allocationSize = 1
+)
+public class PrivilegeEntity {
+
+ /**
+ * The privilege id.
+ */
+ @Id
+ @Column(name = "privilege_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "privilege_id_generator")
+ private Integer id;
+
+ /**
+ * The permission.
+ */
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "permission_id", referencedColumnName = "permission_id", nullable = false),
+ })
+ private PermissionEntity permission;
+
+ /**
+ * The resource.
+ */
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "resource_id", referencedColumnName = "resource_id", nullable = false),
+ })
+ private ResourceEntity resource;
+
+ /**
+ * The principal.
+ */
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "principal_id", referencedColumnName = "principal_id", nullable = false),
+ })
+ private PrincipalEntity principal;
+
+
+ // ----- PrivilegeEntity ---------------------------------------------------
+
+ /**
+ * Get the privilege id.
+ *
+ * @return the privilege id.
+ */
+ public Integer getId() {
+ return id;
+ }
+
+ /**
+ * Set the privilege id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Integer id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the associated permission entity.
+ *
+ * @return the permission entity
+ */
+ public PermissionEntity getPermission() {
+ return permission;
+ }
+
+ /**
+ * Set the permission entity.
+ *
+ * @param permission the permission entity
+ */
+ public void setPermission(PermissionEntity permission) {
+ this.permission = permission;
+ }
+
+ /**
+ * Get the associated resource entity.
+ *
+ * @return the resource entity
+ */
+ public ResourceEntity getResource() {
+ return resource;
+ }
+
+ /**
+ * Set the resource entity.
+ *
+ * @param resource the resource entity
+ */
+ public void setResource(ResourceEntity resource) {
+ this.resource = resource;
+ }
+
+ /**
+ * Get the associated principal entity.
+ *
+ * @return the principal entity
+ */
+ public PrincipalEntity getPrincipal() {
+ return principal;
+ }
+
+ /**
+ * Set the principal entity.
+ *
+ * @param principal the principal entity
+ */
+ public void setPrincipal(PrincipalEntity principal) {
+ this.principal = principal;
+ }
+
+
+ // ----- Object overrides --------------------------------------------------
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ PrivilegeEntity that = (PrivilegeEntity) o;
+
+ if (!id.equals(that.id)) return false;
+ if (permission != null ? !permission.equals(that.permission) : that.permission != null) return false;
+ if (principal != null ? !principal.equals(that.principal) : that.principal != null) return false;
+ if (resource != null ? !resource.equals(that.resource) : that.resource != null) return false;
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ int result = id.hashCode();
+ result = 31 * result + (permission != null ? permission.hashCode() : 0);
+ result = 31 * result + (resource != null ? resource.hashCode() : 0);
+ result = 31 * result + (principal != null ? principal.hashCode() : 0);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
new file mode 100644
index 0000000..7a8eab4
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
@@ -0,0 +1,115 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+import javax.persistence.*;
+
+/**
+ * Represents a resource.
+ */
+@Table(name = "adminresource")
+@Entity
+@TableGenerator(name = "resource_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "resource_id_seq"
+ , initialValue = 2
+ , allocationSize = 1
+)
+public class ResourceEntity {
+
+ /**
+ * The Ambari admin resource ID.
+ */
+ public final static long AMBARI_RESOURCE_ID = 1L;
+
+ /**
+ * The type id.
+ */
+ @Id
+ @Column(name = "resource_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "resource_id_generator")
+ private Long id;
+
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "resource_type_id", referencedColumnName = "resource_type_id", nullable = false)
+ })
+ private ResourceTypeEntity resourceType;
+
+
+ // ----- ResourceEntity ---------------------------------------------------
+
+ /**
+ * Get the resource type id.
+ *
+ * @return the resource type id.
+ */
+ public Long getId() {
+ return id;
+ }
+
+ /**
+ * Set the resource id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the resource type entity.
+ *
+ * @return the resource type entity
+ */
+ public ResourceTypeEntity getResourceType() {
+ return resourceType;
+ }
+
+ /**
+ * Set the resource type entity.
+ *
+ * @param resourceType the resource type entity
+ */
+ public void setResourceType(ResourceTypeEntity resourceType) {
+ this.resourceType = resourceType;
+ }
+
+
+ // ----- Object overrides --------------------------------------------------
+
+ @Override
+ public boolean equals(Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ ResourceEntity that = (ResourceEntity) o;
+
+ return id.equals(that.id) && !(resourceType != null ?
+ !resourceType.equals(that.resourceType) : that.resourceType != null);
+
+ }
+
+ @Override
+ public int hashCode() {
+ int result = id.hashCode();
+ result = 31 * result + (resourceType != null ? resourceType.hashCode() : 0);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceTypeEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceTypeEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceTypeEntity.java
new file mode 100644
index 0000000..9842a6a
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceTypeEntity.java
@@ -0,0 +1,103 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.orm.entities;
+
+import javax.persistence.*;
+
+/**
+ * Represents a resource type.
+ */
+@Table(name = "adminresourcetype")
+@Entity
+@TableGenerator(name = "resource_type_id_generator",
+ table = "ambari_sequences", pkColumnName = "sequence_name", valueColumnName = "value"
+ , pkColumnValue = "resource_type_id_seq"
+ , initialValue = 4
+ , allocationSize = 1
+)
+public class ResourceTypeEntity {
+
+ /**
+ * Admin resource type id constants.
+ */
+ public static final int AMBARI_RESOURCE_TYPE = 1;
+ public static final int CLUSTER_RESOURCE_TYPE = 2;
+ public static final int VIEW_RESOURCE_TYPE = 3;
+
+ /**
+ * Admin resource type name constants.
+ */
+ public static final String AMBARI_RESOURCE_TYPE_NAME = "AMBARI";
+ public static final String CLUSTER_RESOURCE_TYPE_NAME = "CLUSTER";
+ public static final String VIEW_RESOURCE_TYPE_NAME = "VIEW";
+
+ /**
+ * The type id.
+ */
+ @Id
+ @Column(name = "resource_type_id")
+ @GeneratedValue(strategy = GenerationType.TABLE, generator = "resource_type_id_generator")
+ private Integer id;
+
+ /**
+ * The type name.
+ */
+ @Column(name = "resource_type_name")
+ private String name;
+
+
+ // ----- ResourceTypeEntity -----------------------------------------------
+
+ /**
+ * Get the resource type id.
+ *
+ * @return the resource type id.
+ */
+ public Integer getId() {
+ return id;
+ }
+
+ /**
+ * Set the resource type id.
+ *
+ * @param id the type id.
+ */
+ public void setId(Integer id) {
+ this.id = id;
+ }
+
+ /**
+ * Get the resource type name.
+ *
+ * @return the resource type name;
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Set the resource type name.
+ *
+ * @param name the resource type name.
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
index 1d38a4a..90410be 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java
@@ -65,6 +65,15 @@ public class UserEntity {
@OneToMany(mappedBy = "user", cascade = CascadeType.ALL)
private Set<MemberEntity> memberEntities;
+ @OneToOne
+ @JoinColumns({
+ @JoinColumn(name = "principal_id", referencedColumnName = "principal_id", nullable = false),
+ })
+ private PrincipalEntity principal;
+
+
+ // ----- UserEntity --------------------------------------------------------
+
public Integer getUserId() {
return userId;
}
@@ -137,6 +146,27 @@ public class UserEntity {
}
}
+ /**
+ * Get the admin principal entity.
+ *
+ * @return the principal entity
+ */
+ public PrincipalEntity getPrincipal() {
+ return principal;
+ }
+
+ /**
+ * Set the admin principal entity.
+ *
+ * @param principal the principal entity
+ */
+ public void setPrincipal(PrincipalEntity principal) {
+ this.principal = principal;
+ }
+
+
+ // ----- Object overrides --------------------------------------------------
+
@Override
public boolean equals(Object o) {
if (this == o) return true;
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java
index a26e5e7..59d87aa 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java
@@ -32,6 +32,9 @@ import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinColumns;
+import javax.persistence.ManyToOne;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
@@ -118,6 +121,11 @@ public class ViewEntity implements ViewDefinition {
@OneToMany(cascade = CascadeType.ALL, mappedBy = "view")
private Collection<ViewInstanceEntity> instances = new HashSet<ViewInstanceEntity>();
+ @ManyToOne
+ @JoinColumns({
+ @JoinColumn(name = "resource_type_id", referencedColumnName = "resource_type_id", nullable = false),
+ })
+ private ResourceTypeEntity resourceType;
// ----- Transient data ----------------------------------------------------
@@ -607,8 +615,26 @@ public class ViewEntity implements ViewDefinition {
return mask;
}
+ /**
+ * Get the admin resource type entity.
+ *
+ * @return the resource type entity
+ */
+ public ResourceTypeEntity getResourceType() {
+ return resourceType;
+ }
+
+ /**
+ * Set the admin resource type entity.
+ *
+ * @param resourceType the resource type entity
+ */
+ public void setResourceType(ResourceTypeEntity resourceType) {
+ this.resourceType = resourceType;
+ }
+
- // ----- helper methods ----------------------------------------------------
+// ----- helper methods ----------------------------------------------------
/**
* Get the internal view name from the given common name and version.
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewInstanceEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewInstanceEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewInstanceEntity.java
index 2c48d9f..efb3815 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewInstanceEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewInstanceEntity.java
@@ -32,9 +32,11 @@ import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
+import javax.persistence.JoinColumns;
import javax.persistence.ManyToOne;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
+import javax.persistence.OneToOne;
import javax.persistence.Table;
import javax.persistence.TableGenerator;
import javax.persistence.Transient;
@@ -144,6 +146,12 @@ public class ViewInstanceEntity implements ViewInstanceDefinition {
@JoinColumn(name = "view_name", referencedColumnName = "view_name", nullable = false)
private ViewEntity view;
+ @OneToOne
+ @JoinColumns({
+ @JoinColumn(name = "resource_id", referencedColumnName = "resource_id", nullable = false),
+ })
+ private ResourceEntity resource;
+
// ----- transient data ----------------------------------------------------
@@ -643,6 +651,24 @@ public class ViewInstanceEntity implements ViewInstanceDefinition {
}
/**
+ * Get the admin resource entity.
+ *
+ * @return the resource entity
+ */
+ public ResourceEntity getResource() {
+ return resource;
+ }
+
+ /**
+ * Set the admin resource entity.
+ *
+ * @param resource the resource entity
+ */
+ public void setResource(ResourceEntity resource) {
+ this.resource = resource;
+ }
+
+ /**
* Validate the state of the instance.
*
* @param viewEntity the view entity to which this instance will be bound
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
index fe6d571..c609d04 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
@@ -19,10 +19,13 @@ package org.apache.ambari.server.security.authorization;
import com.google.inject.Inject;
import com.google.inject.persist.Transactional;
-import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.configuration.Configuration;
+import org.apache.ambari.server.orm.dao.PrincipalDAO;
+import org.apache.ambari.server.orm.dao.PrincipalTypeDAO;
import org.apache.ambari.server.orm.dao.RoleDAO;
import org.apache.ambari.server.orm.dao.UserDAO;
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
import org.apache.ambari.server.orm.entities.RoleEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.slf4j.Logger;
@@ -43,16 +46,21 @@ public class AmbariLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
private AuthorizationHelper authorizationHelper;
UserDAO userDAO;
RoleDAO roleDAO;
+ PrincipalDAO principalDAO;
+ PrincipalTypeDAO principalTypeDAO;
private static final String AMBARI_ADMIN_LDAP_ATTRIBUTE_KEY = "ambari_admin";
@Inject
public AmbariLdapAuthoritiesPopulator(Configuration configuration, AuthorizationHelper authorizationHelper,
- UserDAO userDAO, RoleDAO roleDAO) {
+ UserDAO userDAO, RoleDAO roleDAO,
+ PrincipalDAO principalDAO, PrincipalTypeDAO principalTypeDAO) {
this.configuration = configuration;
this.authorizationHelper = authorizationHelper;
this.userDAO = userDAO;
this.roleDAO = roleDAO;
+ this.principalDAO = principalDAO;
+ this.principalTypeDAO = principalTypeDAO;
}
@Override
@@ -95,9 +103,22 @@ public class AmbariLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
*/
@Transactional
void createLdapUser(String username) {
+ // create an admin principal to represent this user
+ PrincipalTypeEntity principalTypeEntity = principalTypeDAO.findById(PrincipalTypeEntity.USER_PRINCIPAL_TYPE);
+ if (principalTypeEntity == null) {
+ principalTypeEntity = new PrincipalTypeEntity();
+ principalTypeEntity.setId(PrincipalTypeEntity.USER_PRINCIPAL_TYPE);
+ principalTypeEntity.setName(PrincipalTypeEntity.USER_PRINCIPAL_TYPE_NAME);
+ principalTypeDAO.create(principalTypeEntity);
+ }
+ PrincipalEntity principalEntity = new PrincipalEntity();
+ principalEntity.setPrincipalType(principalTypeEntity);
+ principalDAO.create(principalEntity);
+
UserEntity newUser = new UserEntity();
newUser.setLdapUser(true);
newUser.setUserName(username);
+ newUser.setPrincipal(principalEntity);
userDAO.create(newUser);
@@ -143,8 +164,9 @@ public class AmbariLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
/**
* Remove role "roleName" from user "user"
- * @param user
- * @param roleName
+ *
+ * @param user the user entity
+ * @param roleName the role name
*/
@Transactional
void removeRole(UserEntity user, String roleName) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
index a94adaf..e2eb7b1 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
@@ -27,10 +27,14 @@ import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.orm.dao.GroupDAO;
import org.apache.ambari.server.orm.dao.MemberDAO;
+import org.apache.ambari.server.orm.dao.PrincipalDAO;
+import org.apache.ambari.server.orm.dao.PrincipalTypeDAO;
import org.apache.ambari.server.orm.dao.RoleDAO;
import org.apache.ambari.server.orm.dao.UserDAO;
import org.apache.ambari.server.orm.entities.GroupEntity;
import org.apache.ambari.server.orm.entities.MemberEntity;
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
import org.apache.ambari.server.orm.entities.RoleEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.slf4j.Logger;
@@ -62,6 +66,10 @@ public class Users {
@Inject
protected MemberDAO memberDAO;
@Inject
+ protected PrincipalDAO principalDAO;
+ @Inject
+ protected PrincipalTypeDAO principalTypeDAO;
+ @Inject
protected PasswordEncoder passwordEncoder;
@Inject
protected Configuration configuration;
@@ -181,10 +189,24 @@ public class Users {
*/
@Transactional
public synchronized void createUser(String userName, String password) {
+
+ // create an admin principal to represent this user
+ PrincipalTypeEntity principalTypeEntity = principalTypeDAO.findById(PrincipalTypeEntity.USER_PRINCIPAL_TYPE);
+ if (principalTypeEntity == null) {
+ principalTypeEntity = new PrincipalTypeEntity();
+ principalTypeEntity.setId(PrincipalTypeEntity.USER_PRINCIPAL_TYPE);
+ principalTypeEntity.setName(PrincipalTypeEntity.USER_PRINCIPAL_TYPE_NAME);
+ principalTypeDAO.create(principalTypeEntity);
+ }
+ PrincipalEntity principalEntity = new PrincipalEntity();
+ principalEntity.setPrincipalType(principalTypeEntity);
+ principalDAO.create(principalEntity);
+
UserEntity userEntity = new UserEntity();
userEntity.setUserName(userName);
userEntity.setUserPassword(passwordEncoder.encode(password));
userEntity.setRoleEntities(new HashSet<RoleEntity>());
+ userEntity.setPrincipal(principalEntity);
RoleEntity roleEntity = roleDAO.findByName(getUserRole());
if (roleEntity == null) {
@@ -248,8 +270,22 @@ public class Users {
*/
@Transactional
public synchronized void createGroup(String groupName) {
+ // create an admin principal to represent this group
+ PrincipalTypeEntity principalTypeEntity = principalTypeDAO.findById(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE);
+ if (principalTypeEntity == null) {
+ principalTypeEntity = new PrincipalTypeEntity();
+ principalTypeEntity.setId(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE);
+ principalTypeEntity.setName(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE_NAME);
+ principalTypeDAO.create(principalTypeEntity);
+ }
+ PrincipalEntity principalEntity = new PrincipalEntity();
+ principalEntity.setPrincipalType(principalTypeEntity);
+ principalDAO.create(principalEntity);
+
final GroupEntity groupEntity = new GroupEntity();
groupEntity.setGroupName(groupName);
+ groupEntity.setPrincipal(principalEntity);
+
groupDAO.create(groupEntity);
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java
index d75ef85..684d46c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog170.java
@@ -19,6 +19,8 @@
package org.apache.ambari.server.upgrade;
import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.orm.DBAccessor;
@@ -62,6 +64,80 @@ public class UpgradeCatalog170 extends AbstractUpgradeCatalog {
@Override
protected void executeDDLUpdates() throws AmbariException, SQLException {
+
+ List<DBAccessor.DBColumnInfo> columns;
+
+ // add admin tables and initial values prior to adding referencing columns on existing tables
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("principal_type_id", Integer.class, 1, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("principal_type_name", String.class, null, null, false));
+
+ dbAccessor.createTable("adminprincipaltype", columns, "principal_type_id");
+
+ dbAccessor.executeQuery("insert into adminprincipaltype (principal_type_id, principal_type_name)\n" +
+ " select 1, 'USER'\n" +
+ " union all\n" +
+ " select 2, 'GROUP'", true);
+
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("principal_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("principal_type_id", Integer.class, 1, null, false));
+
+ dbAccessor.createTable("adminprincipal", columns, "principal_id");
+
+ dbAccessor.executeQuery("insert into adminprincipal (principal_id, principal_type_id)\n" +
+ " select 1, 1", true);
+
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("resource_type_id", Integer.class, 1, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("resource_type_name", String.class, null, null, false));
+
+ dbAccessor.createTable("adminresourcetype", columns, "resource_type_id");
+
+ dbAccessor.executeQuery("insert into adminresourcetype (resource_type_id, resource_type_name)\n" +
+ " select 1, 'AMBARI'\n" +
+ " union all\n" +
+ " select 2, 'CLUSTER'\n" +
+ " union all\n" +
+ " select 3, 'VIEW'", true);
+
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("resource_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("resource_type_id", Integer.class, 1, null, false));
+
+ dbAccessor.createTable("adminresource", columns, "resource_id");
+
+ dbAccessor.executeQuery("insert into adminresource (resource_id, resource_type_id)\n" +
+ " select 1, 1", true);
+
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("permission_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("permission_name", String.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("resource_type_id", Integer.class, 1, null, false));
+
+ dbAccessor.createTable("adminpermission", columns, "permission_id");
+
+ dbAccessor.executeQuery("insert into adminpermission(permission_id, permission_name, resource_type_id)\n" +
+ " select 1, 'AMBARI.ADMIN', 1\n" +
+ " union all\n" +
+ " select 2, 'CLUSTER.READ', 2\n" +
+ " union all\n" +
+ " select 3, 'CLUSTER.OPERATE', 2\n" +
+ " union all\n" +
+ " select 4, 'VIEW.USE', 3", true);
+
+ columns = new ArrayList<DBAccessor.DBColumnInfo>();
+ columns.add(new DBAccessor.DBColumnInfo("privilege_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("permission_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("resource_id", Long.class, null, null, false));
+ columns.add(new DBAccessor.DBColumnInfo("principal_id", Long.class, null, null, false));
+
+ dbAccessor.createTable("adminprivilege", columns, "privilege_id");
+
+ dbAccessor.executeQuery("insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)\n" +
+ " select 1, 1, 1, 1", true);
+
+
DBAccessor.DBColumnInfo clusterConfigAttributesColumn = new DBAccessor.DBColumnInfo(
"config_attributes", String.class, 32000, null, true);
dbAccessor.addColumn("clusterconfig", clusterConfigAttributesColumn);
@@ -72,15 +148,21 @@ public class UpgradeCatalog170 extends AbstractUpgradeCatalog {
dbAccessor.addColumn("viewparameter", new DBAccessor.DBColumnInfo("masked",
Character.class, 1, null, true));
dbAccessor.addColumn("users", new DBAccessor.DBColumnInfo("active",
- Integer.class, 1, 1, false));
+ Integer.class, 1, 1, false));
+ dbAccessor.addColumn("users", new DBAccessor.DBColumnInfo("principal_id",
+ Long.class, 1, 1, false));
+ dbAccessor.addColumn("viewmain", new DBAccessor.DBColumnInfo("resource_type_id",
+ Integer.class, 1, 1, false));
+ dbAccessor.addColumn("viewinstance", new DBAccessor.DBColumnInfo("resource_id",
+ Long.class, 1, 1, false));
}
// ----- UpgradeCatalog ----------------------------------------------------
@Override
- protected void executeDMLUpdates() throws AmbariException, SQLException {}
-
- protected void addMissingConfigs() throws AmbariException {}
-
+ protected void executeDMLUpdates() throws AmbariException, SQLException {
+ // TODO : create admin principals for existing users and groups.
+ // TODO : create admin resources for existing clusters and view instances
+ }
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
index 849da64..4859836 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
@@ -29,8 +29,12 @@ import org.apache.ambari.server.api.services.ViewExternalSubResourceService;
import org.apache.ambari.server.api.services.ViewSubResourceService;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.controller.spi.Resource;
+import org.apache.ambari.server.orm.dao.ResourceDAO;
+import org.apache.ambari.server.orm.dao.ResourceTypeDAO;
import org.apache.ambari.server.orm.dao.ViewDAO;
import org.apache.ambari.server.orm.dao.ViewInstanceDAO;
+import org.apache.ambari.server.orm.entities.ResourceEntity;
+import org.apache.ambari.server.orm.entities.ResourceTypeEntity;
import org.apache.ambari.server.orm.entities.ViewEntity;
import org.apache.ambari.server.orm.entities.ViewEntityEntity;
import org.apache.ambari.server.orm.entities.ViewInstanceDataEntity;
@@ -108,6 +112,12 @@ public class ViewRegistry {
new HashMap<ViewEntity, Map<String, ViewInstanceEntity>>();
/**
+ * Mapping of view instances keyed by resource id.
+ */
+ private Map<Long, ViewInstanceEntity> viewInstances =
+ new HashMap<Long, ViewInstanceEntity>();
+
+ /**
* Mapping of view names to sub-resources.
*/
private final Map<String, Set<SubResourceDefinition>> subResourceDefinitionsMap =
@@ -144,6 +154,16 @@ public class ViewRegistry {
*/
private static ViewInstanceDAO instanceDAO;
+ /**
+ * Admin resource data access object.
+ */
+ private static ResourceDAO resourceDAO;
+
+ /**
+ * Admin resource type data access object.
+ */
+ private static ResourceTypeDAO resourceTypeDAO;
+
// ----- Constructors ------------------------------------------------------
@@ -208,14 +228,25 @@ public class ViewRegistry {
}
/**
- * Get the instance definition for the given view name and instance name.
+ * Get the instance definition for the given resource id.
*
- * @param viewName the view name
- * @param version the version
- * @param instanceName the instance name
+ * @param resourceId the resource id.
*
- * @return the view instance definition for the given view and instance name
+ * @return the view instance for the given resource id
*/
+ public ViewInstanceEntity getInstanceDefinition(Long resourceId) {
+ return viewInstances.get(resourceId);
+ }
+
+ /**
+ * Get the instance definition for the given view name and instance name.
+ *
+ * @param viewName the view name
+ * @param version the version
+ * @param instanceName the instance name
+ *
+ * @return the view instance definition for the given view and instance name
+ */
public ViewInstanceEntity getInstanceDefinition(String viewName, String version, String instanceName) {
Map<String, ViewInstanceEntity> viewInstanceDefinitionMap =
viewInstanceDefinitions.get(getDefinition(viewName, version));
@@ -241,6 +272,7 @@ public class ViewRegistry {
view.onCreate(instanceDefinition);
}
instanceDefinitions.put(instanceDefinition.getName(), instanceDefinition);
+ viewInstances.put(instanceDefinition.getResource().getId(), instanceDefinition);
}
/**
@@ -260,6 +292,7 @@ public class ViewRegistry {
view.onDestroy(instanceDefinition);
}
instanceDefinitions.remove(instanceName);
+ viewInstances.remove(instanceDefinition.getResource().getId());
}
}
}
@@ -399,6 +432,14 @@ public class ViewRegistry {
version + "/" + instanceName);
}
instanceEntity.validate(viewEntity);
+
+ // create an admin resource to represent this view instance
+ ResourceEntity resourceEntity = new ResourceEntity();
+ resourceEntity.setResourceType(viewEntity.getResourceType());
+ resourceDAO.create(resourceEntity);
+
+ instanceEntity.setResource(resourceEntity);
+
instanceDAO.merge(instanceEntity);
ViewInstanceEntity persistedInstance = instanceDAO.findByName(ViewEntity.getViewName(viewName, version), instanceName);
@@ -844,6 +885,25 @@ public class ViewRegistry {
if (LOG.isDebugEnabled()) {
LOG.debug("Creating View " + viewName + ".");
}
+ // get or create an admin resource type to represent this view
+ ResourceTypeEntity resourceTypeEntity = resourceTypeDAO.findByName(viewName);
+ if (resourceTypeEntity == null) {
+ resourceTypeEntity = new ResourceTypeEntity();
+ resourceTypeEntity.setName(view.getName());
+ resourceTypeDAO.create(resourceTypeEntity);
+ }
+
+ view.setResourceType(resourceTypeEntity);
+
+ for( ViewInstanceEntity instance : view.getInstances()) {
+
+ // create an admin resource to represent this view instance
+ ResourceEntity resourceEntity = new ResourceEntity();
+ resourceEntity.setResourceType(resourceTypeEntity);
+ resourceDAO.create(resourceEntity);
+
+ instance.setResource(resourceEntity);
+ }
// ... merge it
viewDAO.merge(view);
@@ -886,6 +946,10 @@ public class ViewRegistry {
instance.setData(persistedInstance.getData());
instance.setProperties(persistedInstance.getProperties());
instance.setEntities(persistedInstance.getEntities());
+
+ if (instance.getResource() == null) {
+ instance.setResource(persistedInstance.getResource());
+ }
}
// these instances appear in the archive but have been deleted
@@ -1010,12 +1074,16 @@ public class ViewRegistry {
/**
* Static initialization of DAO.
*
- * @param viewDAO view data access object
- * @param instanceDAO view instance data access object
+ * @param viewDAO view data access object
+ * @param instanceDAO view instance data access object
+ * @param resourceDAO resource data access object
+ * @param resourceTypeDAO resource type data access object
*/
- public static void init(ViewDAO viewDAO, ViewInstanceDAO instanceDAO) {
+ public static void init(ViewDAO viewDAO, ViewInstanceDAO instanceDAO, ResourceDAO resourceDAO, ResourceTypeDAO resourceTypeDAO) {
setViewDAO(viewDAO);
setInstanceDAO(instanceDAO);
+ setResourceDAO(resourceDAO);
+ setResourceTypeDAO(resourceTypeDAO);
}
/**
@@ -1036,6 +1104,24 @@ public class ViewRegistry {
ViewRegistry.instanceDAO = instanceDAO;
}
+ /**
+ * Set the resource DAO.
+ *
+ * @param resourceDAO the resource DAO
+ */
+ protected static void setResourceDAO(ResourceDAO resourceDAO) {
+ ViewRegistry.resourceDAO = resourceDAO;
+ }
+
+ /**
+ * Set the resource type DAO.
+ *
+ * @param resourceTypeDAO the resource type DAO
+ */
+ protected static void setResourceTypeDAO(ResourceTypeDAO resourceTypeDAO) {
+ ViewRegistry.resourceTypeDAO = resourceTypeDAO;
+ }
+
// ----- inner class : ViewRegistryHelper ----------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
index c1bc0cc..3d70b28 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
@@ -37,8 +37,8 @@ CREATE TABLE hoststate (agent_version VARCHAR(255) NOT NULL, available_mem BIGIN
CREATE TABLE servicecomponentdesiredstate (component_name VARCHAR(255) NOT NULL, cluster_id BIGINT NOT NULL, desired_stack_version VARCHAR(255) NOT NULL, desired_state VARCHAR(255) NOT NULL, service_name VARCHAR(255) NOT NULL, PRIMARY KEY (component_name, cluster_id, service_name));
CREATE TABLE servicedesiredstate (cluster_id BIGINT NOT NULL, desired_host_role_mapping INTEGER NOT NULL, desired_stack_version VARCHAR(255) NOT NULL, desired_state VARCHAR(255) NOT NULL, service_name VARCHAR(255) NOT NULL, maintenance_state VARCHAR(32) NOT NULL DEFAULT 'ACTIVE', PRIMARY KEY (cluster_id, service_name));
CREATE TABLE roles (role_name VARCHAR(255) NOT NULL, PRIMARY KEY (role_name));
-CREATE TABLE users (user_id INTEGER, create_time TIMESTAMP DEFAULT NOW(), ldap_user INTEGER NOT NULL DEFAULT 0, user_name VARCHAR(255) NOT NULL, user_password VARCHAR(255), active INTEGER NOT NULL DEFAULT 1, PRIMARY KEY (user_id));
-CREATE TABLE groups (group_id INTEGER, group_name VARCHAR(255) NOT NULL, ldap_group INTEGER NOT NULL DEFAULT 0, PRIMARY KEY (group_id));
+CREATE TABLE users (user_id INTEGER, principal_id BIGINT NOT NULL, create_time TIMESTAMP DEFAULT NOW(), ldap_user INTEGER NOT NULL DEFAULT 0, user_name VARCHAR(255) NOT NULL, user_password VARCHAR(255), active INTEGER NOT NULL DEFAULT 1, PRIMARY KEY (user_id));
+CREATE TABLE groups (group_id INTEGER, principal_id BIGINT NOT NULL, group_name VARCHAR(255) NOT NULL, ldap_group INTEGER NOT NULL DEFAULT 0, PRIMARY KEY (group_id));
CREATE TABLE members (member_id INTEGER, group_id INTEGER NOT NULL, user_id INTEGER NOT NULL, PRIMARY KEY (member_id));
CREATE TABLE execution_command (task_id BIGINT NOT NULL, command LONGBLOB, PRIMARY KEY (task_id));
CREATE TABLE host_role_command (task_id BIGINT NOT NULL, attempt_count SMALLINT NOT NULL, event LONGTEXT NOT NULL, exitcode INTEGER NOT NULL, host_name VARCHAR(255) NOT NULL, last_attempt_time BIGINT NOT NULL, request_id BIGINT NOT NULL, role VARCHAR(255), role_command VARCHAR(255), stage_id BIGINT NOT NULL, start_time BIGINT NOT NULL, end_time BIGINT, status VARCHAR(255), std_error LONGBLOB, std_out LONGBLOB, structured_out LONGBLOB, command_detail VARCHAR(255), custom_command_name VARCHAR(255), PRIMARY KEY (task_id));
@@ -64,13 +64,19 @@ CREATE TABLE hostgroup (blueprint_name VARCHAR(255) NOT NULL, name VARCHAR(255)
CREATE TABLE hostgroup_component (blueprint_name VARCHAR(255) NOT NULL, hostgroup_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, PRIMARY KEY(blueprint_name, hostgroup_name, name));
CREATE TABLE blueprint_configuration (blueprint_name VARCHAR(255) NOT NULL, type_name VARCHAR(255) NOT NULL, config_data VARCHAR(32000) NOT NULL , PRIMARY KEY(blueprint_name, type_name));
CREATE TABLE hostgroup_configuration (blueprint_name VARCHAR(255) NOT NULL, hostgroup_name VARCHAR(255) NOT NULL, type_name VARCHAR(255) NOT NULL, config_data TEXT NOT NULL, PRIMARY KEY(blueprint_name, hostgroup_name, type_name));
-CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
+CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), resource_type_id INTEGER NOT NULL, icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
CREATE TABLE viewinstancedata (view_instance_id BIGINT, view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, user_name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(VIEW_INSTANCE_ID, NAME, USER_NAME));
-CREATE TABLE viewinstance (view_instance_id BIGINT, view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
+CREATE TABLE viewinstance (view_instance_id BIGINT, resource_id BIGINT NOT NULL, view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
CREATE TABLE viewinstanceproperty (view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(view_name, view_instance_name, name));
CREATE TABLE viewparameter (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, description VARCHAR(255), required CHAR(1), masked CHAR(1), PRIMARY KEY(view_name, name));
CREATE TABLE viewresource (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, plural_name VARCHAR(255), id_property VARCHAR(255), subResource_names VARCHAR(255), provider VARCHAR(255), service VARCHAR(255), resource VARCHAR(255), PRIMARY KEY(view_name, name));
CREATE TABLE viewentity (id BIGINT NOT NULL, view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, class_name VARCHAR(255) NOT NULL, id_property VARCHAR(255), PRIMARY KEY(id));
+CREATE TABLE adminresourcetype (resource_type_id INTEGER NOT NULL, resource_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(resource_type_id));
+CREATE TABLE adminresource (resource_id BIGINT NOT NULL, resource_type_id INTEGER NOT NULL, PRIMARY KEY(resource_id));
+CREATE TABLE adminprincipaltype (principal_type_id INTEGER NOT NULL, principal_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(principal_type_id));
+CREATE TABLE adminprincipal (principal_id BIGINT NOT NULL, principal_type_id INTEGER NOT NULL, PRIMARY KEY(principal_id));
+CREATE TABLE adminpermission (permission_id BIGINT NOT NULL, permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, PRIMARY KEY(permission_id));
+CREATE TABLE adminprivilege (privilege_id BIGINT, permission_id BIGINT NOT NULL, resource_id BIGINT NOT NULL, principal_id BIGINT NOT NULL, PRIMARY KEY(privilege_id));
ALTER TABLE users ADD CONSTRAINT UNQ_users_0 UNIQUE (user_name, ldap_user);
ALTER TABLE groups ADD CONSTRAINT UNQ_groups_0 UNIQUE (group_name, ldap_group);
@@ -120,6 +126,16 @@ ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinst_view_name FOREIGN KEY (view_
ALTER TABLE viewinstanceproperty ADD CONSTRAINT FK_viewinstprop_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
ALTER TABLE viewinstancedata ADD CONSTRAINT FK_viewinstdata_view_name FOREIGN KEY (view_instance_id, view_name, view_instance_name) REFERENCES viewinstance(view_instance_id, view_name, name);
ALTER TABLE viewentity ADD CONSTRAINT FK_viewentity_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
+ALTER TABLE adminresource ADD CONSTRAINT FK_resource_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprincipal ADD CONSTRAINT FK_principal_principal_type_id FOREIGN KEY (principal_type_id) REFERENCES adminprincipaltype(principal_type_id);
+ALTER TABLE adminpermission ADD CONSTRAINT FK_permission_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_permission_id FOREIGN KEY (permission_id) REFERENCES adminpermission(permission_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE viewmain ADD CONSTRAINT FK_view_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinstance_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE users ADD CONSTRAINT FK_users_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE groups ADD CONSTRAINT FK_groups_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
INSERT INTO ambari_sequences(sequence_name, value) values ('cluster_id_seq', 1);
@@ -133,18 +149,54 @@ INSERT INTO ambari_sequences(sequence_name, value) values ('resourcefilter_id_se
INSERT INTO ambari_sequences(sequence_name, value) values ('viewentity_id_seq', 0);
INSERT INTO ambari_sequences(sequence_name, value) values ('operation_level_id_seq', 1);
INSERT INTO ambari_sequences(sequence_name, value) values ('view_instance_id_seq', 1);
+INSERT INTO ambari_sequences(sequence_name, value) values ('resource_type_id_seq', 4);
+INSERT INTO ambari_sequences(sequence_name, value) values ('resource_id_seq', 2);
+INSERT INTO ambari_sequences(sequence_name, value) values ('principal_type_id_seq', 3);
+INSERT INTO ambari_sequences(sequence_name, value) values ('principal_id_seq', 2);
+INSERT INTO ambari_sequences(sequence_name, value) values ('permission_id_seq', 5);
+INSERT INTO ambari_sequences(sequence_name, value) values ('privilege_id_seq', 1);
+
+insert into adminresourcetype (resource_type_id, resource_type_name)
+ select 1, 'AMBARI'
+ union all
+ select 2, 'CLUSTER'
+ union all
+ select 3, 'VIEW';
+
+insert into adminresource (resource_id, resource_type_id)
+ select 1, 1;
insert into roles(role_name)
select 'admin'
union all
select 'user';
-insert into users(user_id, user_name, user_password)
- select 1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
+insert into adminprincipaltype (principal_type_id, principal_type_name)
+ select 1, 'USER'
+ union all
+ select 2, 'GROUP';
+
+insert into adminprincipal (principal_id, principal_type_id)
+ select 1, 1;
+
+insert into users(user_id, principal_id, user_name, user_password)
+ select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
insert into user_roles(role_name, user_id)
select 'admin',1;
+insert into adminpermission(permission_id, permission_name, resource_type_id)
+ select 1, 'AMBARI.ADMIN', 1
+ union all
+ select 2, 'CLUSTER.READ', 2
+ union all
+ select 3, 'CLUSTER.OPERATE', 2
+ union all
+ select 4, 'VIEW.USE', 3;
+
+insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
+ select 1, 1, 1, 1;
+
insert into metainfo(`metainfo_key`, `metainfo_value`)
select 'version','${ambariVersion}';
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
index 7bfdb29..bf490f0 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
@@ -27,8 +27,8 @@ CREATE TABLE hoststate (agent_version VARCHAR2(255) NULL, available_mem NUMBER(1
CREATE TABLE servicecomponentdesiredstate (component_name VARCHAR2(255) NOT NULL, cluster_id NUMBER(19) NOT NULL, desired_stack_version VARCHAR2(255) NULL, desired_state VARCHAR2(255) NOT NULL, service_name VARCHAR2(255) NOT NULL, PRIMARY KEY (component_name, cluster_id, service_name));
CREATE TABLE servicedesiredstate (cluster_id NUMBER(19) NOT NULL, desired_host_role_mapping NUMBER(10) NOT NULL, desired_stack_version VARCHAR2(255) NULL, desired_state VARCHAR2(255) NOT NULL, service_name VARCHAR2(255) NOT NULL, maintenance_state VARCHAR2(32) NOT NULL, PRIMARY KEY (cluster_id, service_name));
CREATE TABLE roles (role_name VARCHAR2(255) NOT NULL, PRIMARY KEY (role_name));
-CREATE TABLE users (user_id NUMBER(10) NOT NULL, create_time TIMESTAMP NULL, ldap_user NUMBER(10) DEFAULT 0, user_name VARCHAR2(255) NULL, user_password VARCHAR2(255) NULL, active INTEGER NOT NULL DEFAULT 1, PRIMARY KEY (user_id));
-CREATE TABLE groups (group_id NUMBER(10) NOT NULL, group_name VARCHAR2(255) NOT NULL, ldap_group NUMBER(10) DEFAULT 0, PRIMARY KEY (group_id));
+CREATE TABLE users (user_id NUMBER(10) NOT NULL, principal_id NUMBER(19) NOT NULL, create_time TIMESTAMP NULL, ldap_user NUMBER(10) DEFAULT 0, user_name VARCHAR2(255) NULL, user_password VARCHAR2(255) NULL, active INTEGER NOT NULL DEFAULT 1, PRIMARY KEY (user_id));
+CREATE TABLE groups (group_id NUMBER(10) NOT NULL, principal_id NUMBER(19) NOT NULL, group_name VARCHAR2(255) NOT NULL, ldap_group NUMBER(10) DEFAULT 0, PRIMARY KEY (group_id));
CREATE TABLE members (member_id NUMBER(10), group_id NUMBER(10) NOT NULL, user_id NUMBER(10) NOT NULL, PRIMARY KEY (member_id));
CREATE TABLE execution_command (task_id NUMBER(19) NOT NULL, command BLOB NULL, PRIMARY KEY (task_id));
CREATE TABLE host_role_command (task_id NUMBER(19) NOT NULL, attempt_count NUMBER(5) NOT NULL, event CLOB NULL, exitcode NUMBER(10) NOT NULL, host_name VARCHAR2(255) NOT NULL, last_attempt_time NUMBER(19) NOT NULL, request_id NUMBER(19) NOT NULL, role VARCHAR2(255) NULL, role_command VARCHAR2(255) NULL, stage_id NUMBER(19) NOT NULL, start_time NUMBER(19) NOT NULL, end_time NUMBER(19), status VARCHAR2(255) NULL, std_error BLOB NULL, std_out BLOB NULL, structured_out BLOB NULL, command_detail VARCHAR2(255) NULL, custom_command_name VARCHAR2(255) NULL, PRIMARY KEY (task_id));
@@ -54,13 +54,19 @@ CREATE TABLE hostgroup (blueprint_name VARCHAR2(255) NOT NULL, name VARCHAR2(255
CREATE TABLE hostgroup_component (blueprint_name VARCHAR2(255) NOT NULL, hostgroup_name VARCHAR2(255) NOT NULL, name VARCHAR2(255) NOT NULL, PRIMARY KEY(blueprint_name, hostgroup_name, name));
CREATE TABLE blueprint_configuration (blueprint_name VARCHAR2(255) NOT NULL, type_name VARCHAR2(255) NOT NULL, config_data CLOB NOT NULL , PRIMARY KEY(blueprint_name, type_name));
CREATE TABLE hostgroup_configuration (blueprint_name VARCHAR2(255) NOT NULL, hostgroup_name VARCHAR2(255) NOT NULL, type_name VARCHAR2(255) NOT NULL, config_data CLOB NOT NULL, PRIMARY KEY(blueprint_name, hostgroup_name, type_name));
-CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
+CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), resource_type_id NUMBER(10) NOT NULL, icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
CREATE TABLE viewinstancedata (view_instance_id NUMBER(19), view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, user_name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(view_instance_id, name, user_name));
-CREATE TABLE viewinstance (view_instance_id NUMBER(19), view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
+CREATE TABLE viewinstance (view_instance_id NUMBER(19), resource_id NUMBER(19) NOT NULL, view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
CREATE TABLE viewinstanceproperty (view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(view_name, view_instance_name, name));
CREATE TABLE viewparameter (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, description VARCHAR(255), required CHAR(1), masked CHAR(1), PRIMARY KEY(view_name, name));
CREATE TABLE viewresource (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, plural_name VARCHAR(255), id_property VARCHAR(255), subResource_names VARCHAR(255), provider VARCHAR(255), service VARCHAR(255), "resource" VARCHAR(255), PRIMARY KEY(view_name, name));
CREATE TABLE viewentity (id NUMBER(19) NOT NULL, view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, class_name VARCHAR(255) NOT NULL, id_property VARCHAR(255), PRIMARY KEY(id));
+CREATE TABLE adminresourcetype (resource_type_id NUMBER(10) NOT NULL, resource_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(resource_type_id));
+CREATE TABLE adminresource (resource_id NUMBER(19) NOT NULL, resource_type_id NUMBER(10) NOT NULL, PRIMARY KEY(resource_id));
+CREATE TABLE adminprincipaltype (principal_type_id NUMBER(10) NOT NULL, principal_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(principal_type_id));
+CREATE TABLE adminprincipal (principal_id NUMBER(19) NOT NULL, principal_type_id NUMBER(10) NOT NULL, PRIMARY KEY(principal_id));
+CREATE TABLE adminpermission (permission_id NUMBER(19) NOT NULL, permission_name VARCHAR(255) NOT NULL, resource_type_id NUMBER(10) NOT NULL, PRIMARY KEY(permission_id));
+CREATE TABLE adminprivilege (privilege_id NUMBER(19), permission_id NUMBER(19) NOT NULL, resource_id NUMBER(19) NOT NULL, principal_id NUMBER(19) NOT NULL, PRIMARY KEY(privilege_id));
ALTER TABLE users ADD CONSTRAINT UNQ_users_0 UNIQUE (user_name, ldap_user);
ALTER TABLE groups ADD CONSTRAINT UNQ_groups_0 UNIQUE (group_name, ldap_group);
@@ -110,6 +116,16 @@ ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinst_view_name FOREIGN KEY (view_
ALTER TABLE viewinstanceproperty ADD CONSTRAINT FK_viewinstprop_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
ALTER TABLE viewinstancedata ADD CONSTRAINT FK_viewinstdata_view_name FOREIGN KEY (view_instance_id, view_name, view_instance_name) REFERENCES viewinstance(view_instance_id, view_name, name);
ALTER TABLE viewentity ADD CONSTRAINT FK_viewentity_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
+ALTER TABLE adminresource ADD CONSTRAINT FK_resource_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprincipal ADD CONSTRAINT FK_principal_principal_type_id FOREIGN KEY (principal_type_id) REFERENCES adminprincipaltype(principal_type_id);
+ALTER TABLE adminpermission ADD CONSTRAINT FK_permission_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_permission_id FOREIGN KEY (permission_id) REFERENCES adminpermission(permission_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE viewmain ADD CONSTRAINT FK_view_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinstance_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE users ADD CONSTRAINT FK_users_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE groups ADD CONSTRAINT FK_groups_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
INSERT INTO ambari_sequences(sequence_name, value) values ('host_role_command_id_seq', 0);
INSERT INTO ambari_sequences(sequence_name, value) values ('user_id_seq', 1);
@@ -122,20 +138,55 @@ INSERT INTO ambari_sequences(sequence_name, value) values ('resourcefilter_id_se
INSERT INTO ambari_sequences(sequence_name, value) values ('viewentity_id_seq', 0);
INSERT INTO ambari_sequences(sequence_name, value) values ('operation_level_id_seq', 1);
INSERT INTO ambari_sequences(sequence_name, value) values ('view_instance_id_seq', 1);
+INSERT INTO ambari_sequences(sequence_name, value) values ('resource_type_id_seq', 4);
+INSERT INTO ambari_sequences(sequence_name, value) values ('resource_id_seq', 2);
+INSERT INTO ambari_sequences(sequence_name, value) values ('principal_type_id_seq', 3);
+INSERT INTO ambari_sequences(sequence_name, value) values ('principal_id_seq', 2);
+INSERT INTO ambari_sequences(sequence_name, value) values ('permission_id_seq', 5);
+INSERT INTO ambari_sequences(sequence_name, value) values ('privilege_id_seq', 1);
+
INSERT INTO metainfo("metainfo_key", "metainfo_value") values ('version', '${ambariVersion}');
+insert into adminresourcetype (resource_type_id, resource_type_name)
+ select 1, 'AMBARI'
+ union all
+ select 2, 'CLUSTER'
+ union all
+ select 3, 'VIEW';
+
+insert into adminresource (resource_id, resource_type_id)
+ select 1, 1;
+
insert into Roles(role_name)
select 'admin' from dual
union all
select 'user' from dual;
-insert into Users(user_id, user_name, user_password)
-select 1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00' from dual;
+insert into adminprincipaltype (principal_type_id, principal_type_name)
+ select 1, 'USER'
+ union all
+ select 2, 'GROUP';
+
+insert into adminprincipal (principal_id, principal_type_id)
+ select 1, 1;
+
+insert into Users(user_id, principal_id, user_name, user_password)
+select 1,1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00' from dual;
insert into user_roles(role_name, user_id)
select 'admin',1 from dual;
+insert into adminpermission(permission_id, permission_name, resource_type_id)
+ select 1, 'AMBARI.ADMIN', 1
+ union all
+ select 2, 'CLUSTER.READ', 2
+ union all
+ select 3, 'CLUSTER.OPERATE', 2
+ union all
+ select 4, 'VIEW.USE', 3;
+insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
+ select 1, 1, 1, 1;
commit;
http://git-wip-us.apache.org/repos/asf/ambari/blob/e19a719b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
index 09cb052..8875de7 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
@@ -16,7 +16,7 @@
-- limitations under the License.
--
-------create tables and grant privileges to db user---------
+------create tables ang grant privileges to db user---------
CREATE TABLE clusters (cluster_id BIGINT NOT NULL, cluster_info VARCHAR(255) NOT NULL, cluster_name VARCHAR(100) NOT NULL UNIQUE, provisioning_state VARCHAR(255) NOT NULL DEFAULT 'INIT', desired_cluster_state VARCHAR(255) NOT NULL, desired_stack_version VARCHAR(255) NOT NULL, PRIMARY KEY (cluster_id));
CREATE TABLE clusterconfig (version_tag VARCHAR(255) NOT NULL, type_name VARCHAR(255) NOT NULL, cluster_id BIGINT NOT NULL, config_data VARCHAR(32000) NOT NULL, config_attributes VARCHAR(32000), create_timestamp BIGINT NOT NULL, PRIMARY KEY (cluster_id, type_name, version_tag));
@@ -41,9 +41,9 @@ CREATE TABLE servicedesiredstate (cluster_id BIGINT NOT NULL, desired_host_role_
CREATE TABLE roles (role_name VARCHAR(255) NOT NULL, PRIMARY KEY (role_name));
-CREATE TABLE users (user_id INTEGER, ldap_user INTEGER NOT NULL DEFAULT 0, user_name VARCHAR(255) NOT NULL, create_time TIMESTAMP DEFAULT NOW(), user_password VARCHAR(255), PRIMARY KEY (user_id), active INTEGER NOT NULL DEFAULT 1, UNIQUE (ldap_user, user_name));
+CREATE TABLE users (user_id INTEGER, principal_id BIGINT NOT NULL, ldap_user INTEGER NOT NULL DEFAULT 0, user_name VARCHAR(255) NOT NULL, create_time TIMESTAMP DEFAULT NOW(), user_password VARCHAR(255), PRIMARY KEY (user_id), active INTEGER NOT NULL DEFAULT 1, UNIQUE (ldap_user, user_name));
-CREATE TABLE groups (group_id INTEGER, group_name VARCHAR(255) NOT NULL, ldap_group INTEGER NOT NULL DEFAULT 0, PRIMARY KEY (group_id), UNIQUE (ldap_group, group_name));
+CREATE TABLE groups (group_id INTEGER, principal_id BIGINT NOT NULL, group_name VARCHAR(255) NOT NULL, ldap_group INTEGER NOT NULL DEFAULT 0, PRIMARY KEY (group_id), UNIQUE (ldap_group, group_name));
CREATE TABLE members (member_id INTEGER, group_id INTEGER NOT NULL, user_id INTEGER NOT NULL, PRIMARY KEY (member_id), UNIQUE(group_id, user_id));
@@ -89,14 +89,21 @@ CREATE TABLE hostgroup_component (blueprint_name VARCHAR(255) NOT NULL, hostgrou
CREATE TABLE blueprint_configuration (blueprint_name varchar(255) NOT NULL, type_name varchar(255) NOT NULL, config_data varchar(32000) NOT NULL , PRIMARY KEY(blueprint_name, type_name));
CREATE TABLE hostgroup_configuration (blueprint_name VARCHAR(255) NOT NULL, hostgroup_name VARCHAR(255) NOT NULL, type_name VARCHAR(255) NOT NULL, config_data TEXT NOT NULL, PRIMARY KEY(blueprint_name, hostgroup_name, type_name));
-CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
+CREATE TABLE viewmain (view_name VARCHAR(255) NOT NULL, label VARCHAR(255), version VARCHAR(255), resource_type_id INTEGER NOT NULL, icon VARCHAR(255), icon64 VARCHAR(255), archive VARCHAR(255), mask VARCHAR(255), PRIMARY KEY(view_name));
CREATE TABLE viewinstancedata (view_instance_id BIGINT, view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, user_name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(view_instance_id, name, user_name));
-CREATE TABLE viewinstance (view_instance_id BIGINT, view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
+CREATE TABLE viewinstance (view_instance_id BIGINT, resource_id BIGINT NOT NULL, view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, label VARCHAR(255), description VARCHAR(255), visible CHAR(1), icon VARCHAR(255), icon64 VARCHAR(255), PRIMARY KEY(view_instance_id));
CREATE TABLE viewinstanceproperty (view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, value VARCHAR(2000) NOT NULL, PRIMARY KEY(view_name, view_instance_name, name));
CREATE TABLE viewparameter (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, description VARCHAR(255), required CHAR(1), masked CHAR(1), PRIMARY KEY(view_name, name));
CREATE TABLE viewresource (view_name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL, plural_name VARCHAR(255), id_property VARCHAR(255), subResource_names VARCHAR(255), provider VARCHAR(255), service VARCHAR(255), resource VARCHAR(255), PRIMARY KEY(view_name, name));
CREATE TABLE viewentity (id BIGINT NOT NULL, view_name VARCHAR(255) NOT NULL, view_instance_name VARCHAR(255) NOT NULL, class_name VARCHAR(255) NOT NULL, id_property VARCHAR(255), PRIMARY KEY(id));
+CREATE TABLE adminresourcetype (resource_type_id INTEGER NOT NULL, resource_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(resource_type_id));
+CREATE TABLE adminresource (resource_id BIGINT NOT NULL, resource_type_id INTEGER NOT NULL, PRIMARY KEY(resource_id));
+CREATE TABLE adminprincipaltype (principal_type_id INTEGER NOT NULL, principal_type_name VARCHAR(255) NOT NULL, PRIMARY KEY(principal_type_id));
+CREATE TABLE adminprincipal (principal_id BIGINT NOT NULL, principal_type_id INTEGER NOT NULL, PRIMARY KEY(principal_id));
+CREATE TABLE adminpermission (permission_id BIGINT NOT NULL, permission_name VARCHAR(255) NOT NULL, resource_type_id INTEGER NOT NULL, PRIMARY KEY(permission_id));
+CREATE TABLE adminprivilege (privilege_id BIGINT, permission_id BIGINT NOT NULL, resource_id BIGINT NOT NULL, principal_id BIGINT NOT NULL, PRIMARY KEY(privilege_id));
+
--------altering tables by creating foreign keys----------
ALTER TABLE members ADD CONSTRAINT FK_members_group_id FOREIGN KEY (group_id) REFERENCES groups (group_id);
ALTER TABLE members ADD CONSTRAINT FK_members_user_id FOREIGN KEY (user_id) REFERENCES users (user_id);
@@ -142,6 +149,16 @@ ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinst_view_name FOREIGN KEY (view_
ALTER TABLE viewinstanceproperty ADD CONSTRAINT FK_viewinstprop_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
ALTER TABLE viewinstancedata ADD CONSTRAINT FK_viewinstdata_view_name FOREIGN KEY (view_instance_id, view_name, view_instance_name) REFERENCES viewinstance(view_instance_id, view_name, name);
ALTER TABLE viewentity ADD CONSTRAINT FK_viewentity_view_name FOREIGN KEY (view_name, view_instance_name) REFERENCES viewinstance(view_name, name);
+ALTER TABLE adminresource ADD CONSTRAINT FK_resource_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprincipal ADD CONSTRAINT FK_principal_principal_type_id FOREIGN KEY (principal_type_id) REFERENCES adminprincipaltype(principal_type_id);
+ALTER TABLE adminpermission ADD CONSTRAINT FK_permission_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_permission_id FOREIGN KEY (permission_id) REFERENCES adminpermission(permission_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE viewmain ADD CONSTRAINT FK_view_resource_type_id FOREIGN KEY (resource_type_id) REFERENCES adminresourcetype(resource_type_id);
+ALTER TABLE viewinstance ADD CONSTRAINT FK_viewinstance_resource_id FOREIGN KEY (resource_id) REFERENCES adminresource(resource_id);
+ALTER TABLE adminprivilege ADD CONSTRAINT FK_privilege_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE users ADD CONSTRAINT FK_users_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
+ALTER TABLE groups ADD CONSTRAINT FK_groups_principal_id FOREIGN KEY (principal_id) REFERENCES adminprincipal(principal_id);
-- Alerting Framework
CREATE TABLE alert_definition (
@@ -258,19 +275,61 @@ BEGIN;
union all
select 'operation_level_id_seq', 1
union all
- select 'view_instance_id_seq', 1;
+ select 'view_instance_id_seq', 1
+ union all
+ select 'resource_type_id_seq', 4
+ union all
+ select 'resource_id_seq', 2
+ union all
+ select 'principal_type_id_seq', 3
+ union all
+ select 'principal_id_seq', 2
+ union all
+ select 'permission_id_seq', 5
+ union all
+ select 'privilege_id_seq', 1;
+
+ INSERT INTO adminresourcetype (resource_type_id, resource_type_name)
+ SELECT 1, 'AMBARI'
+ UNION ALL
+ SELECT 2, 'CLUSTER'
+ UNION ALL
+ SELECT 3, 'VIEW';
+
+ INSERT INTO adminresource (resource_id, resource_type_id)
+ SELECT 1, 1;
INSERT INTO Roles (role_name)
SELECT 'admin'
UNION ALL
SELECT 'user';
- INSERT INTO Users (user_id, user_name, user_password)
- SELECT 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
+ INSERT INTO adminprincipaltype (principal_type_id, principal_type_name)
+ SELECT 1, 'USER'
+ UNION ALL
+ SELECT 2, 'GROUP';
+
+ INSERT INTO adminprincipal (principal_id, principal_type_id)
+ SELECT 1, 1;
+
+ INSERT INTO Users (user_id, principal_id, user_name, user_password)
+ SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
INSERT INTO user_roles (role_name, user_id)
SELECT 'admin', 1;
+ INSERT INTO adminpermission(permission_id, permission_name, resource_type_id)
+ SELECT 1, 'AMBARI.ADMIN', 1
+ UNION ALL
+ SELECT 2, 'CLUSTER.READ', 2
+ UNION ALL
+ SELECT 3, CLUSTER.OPERATE'', 2
+ UNION ALL
+ SELECT 4, 'VIEW.USE', 3;
+
+ INSERT INTO adminprivilege (privilege_id, permission_id, resource_id, principal_id)
+ SELECT 1, 1, 1, 1;
+
INSERT INTO metainfo (metainfo_key, metainfo_value)
SELECT 'version', '${ambariVersion}';
COMMIT;