You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by Dmitro Lisnichenko <dl...@hortonworks.com> on 2016/03/04 14:52:55 UTC

Review Request 44389: Absent validation of of stack_version id during API request to deeper entities

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44389/
-----------------------------------------------------------

Review request for Ambari and Dmytro Sen.


Bugs: AMBARI-15299
    https://issues.apache.org/jira/browse/AMBARI-15299


Repository: ambari


Description
-------

Request:
{code}
http://server:8080/api/v1/clusters/cl1/stack_versions
{code}
returns:
{code}
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions",
"items" : [
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/1",
"ClusterStackVersions" : {
"cluster_name" : "cl1",
"id" : 1,
"repository_version" : 1,
"stack" : "HDP",
"version" : "2.3"
}
}
]
}
{code}

But we can sent request to not available stack_versions:
{code}
http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3
{code}
returns:
{code}
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3",
"Repositories" : {
"base_url" : "http://s3.amazonaws.com/hortonworks.com/HDP/debian7/2.x/BUILDS/2.3.4.0-3335",
"default_base_url" : "",
"latest_base_url" : "",
"mirrors_list" : "",
"os_type" : "debian7",
"repo_id" : "HDP-2.3",
"repo_name" : "HDP",
"repository_version_id" : 1,
"stack_name" : "HDP",
"stack_version" : "2.3"
}
}
{code}

There should be some type of validation of used stack_versio.


Diffs
-----

  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java cf22368 

Diff: https://reviews.apache.org/r/44389/diff/


Testing
-------

mvn clean test


Thanks,

Dmitro Lisnichenko

Re: Review Request 44389: Absent validation of of stack_version id during API request to deeper entities

Posted by Dmytro Sen <ds...@hortonworks.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44389/#review122074
-----------------------------------------------------------


Ship it!




Ship It!

- Dmytro Sen


On Март 4, 2016, 1:52 п.п., Dmitro Lisnichenko wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/44389/
> -----------------------------------------------------------
> 
> (Updated Март 4, 2016, 1:52 п.п.)
> 
> 
> Review request for Ambari and Dmytro Sen.
> 
> 
> Bugs: AMBARI-15299
>     https://issues.apache.org/jira/browse/AMBARI-15299
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> Request:
> {code}
> http://server:8080/api/v1/clusters/cl1/stack_versions
> {code}
> returns:
> {code}
> {
> "href" : "http://server:8080/api/v1/clusters/cl1/stack_versions",
> "items" : [
> {
> "href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/1",
> "ClusterStackVersions" : {
> "cluster_name" : "cl1",
> "id" : 1,
> "repository_version" : 1,
> "stack" : "HDP",
> "version" : "2.3"
> }
> }
> ]
> }
> {code}
> 
> But we can sent request to not available stack_versions:
> {code}
> http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3
> {code}
> returns:
> {code}
> {
> "href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3",
> "Repositories" : {
> "base_url" : "http://s3.amazonaws.com/hortonworks.com/HDP/debian7/2.x/BUILDS/2.3.4.0-3335",
> "default_base_url" : "",
> "latest_base_url" : "",
> "mirrors_list" : "",
> "os_type" : "debian7",
> "repo_id" : "HDP-2.3",
> "repo_name" : "HDP",
> "repository_version_id" : 1,
> "stack_name" : "HDP",
> "stack_version" : "2.3"
> }
> }
> {code}
> 
> There should be some type of validation of used stack_versio.
> 
> 
> Diffs
> -----
> 
>   ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java cf22368 
> 
> Diff: https://reviews.apache.org/r/44389/diff/
> 
> 
> Testing
> -------
> 
> mvn clean test
> 
> 
> Thanks,
> 
> Dmitro Lisnichenko
> 
>