You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oozie.apache.org by ro...@apache.org on 2016/09/19 17:13:20 UTC

oozie git commit: OOZIE-2491 oozie acl cannot specify group, it does not work (abhishekbafna via rohini)

Repository: oozie
Updated Branches:
  refs/heads/master 0cdce5a16 -> 3bd45e924


OOZIE-2491 oozie acl cannot specify group,it does not work (abhishekbafna via rohini)


Project: http://git-wip-us.apache.org/repos/asf/oozie/repo
Commit: http://git-wip-us.apache.org/repos/asf/oozie/commit/3bd45e92
Tree: http://git-wip-us.apache.org/repos/asf/oozie/tree/3bd45e92
Diff: http://git-wip-us.apache.org/repos/asf/oozie/diff/3bd45e92

Branch: refs/heads/master
Commit: 3bd45e92475ef7b983176b1c52c1bceb20de6e49
Parents: 0cdce5a
Author: Rohini Palaniswamy <ro...@apache.org>
Authored: Mon Sep 19 10:13:25 2016 -0700
Committer: Rohini Palaniswamy <ro...@apache.org>
Committed: Mon Sep 19 10:13:25 2016 -0700

----------------------------------------------------------------------
 .../java/org/apache/oozie/service/AuthorizationService.java    | 6 +++---
 .../org/apache/oozie/service/TestAuthorizationService.java     | 5 ++++-
 release-log.txt                                                | 1 +
 3 files changed, 8 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/oozie/blob/3bd45e92/core/src/main/java/org/apache/oozie/service/AuthorizationService.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/oozie/service/AuthorizationService.java b/core/src/main/java/org/apache/oozie/service/AuthorizationService.java
index f281873..4e4ab17 100644
--- a/core/src/main/java/org/apache/oozie/service/AuthorizationService.java
+++ b/core/src/main/java/org/apache/oozie/service/AuthorizationService.java
@@ -295,7 +295,7 @@ public class AuthorizationService implements Service {
      *
      * @param user user name.
      * @param write indicates if the check is for read or write admin tasks (in this implementation this is ignored)
-     * @throws AuthorizationException thrown if user does not have admin priviledges.
+     * @throws AuthorizationException thrown if user does not have admin privileges.
      */
     public void authorizeForAdmin(String user, boolean write) throws AuthorizationException {
         if (authorizationEnabled && write && !isAdmin(user)) {
@@ -417,7 +417,7 @@ public class AuthorizationService implements Service {
             String[] acl = aclStr.split(",");
             for (int i = 0; !userInAcl && i < acl.length; i++) {
                 String aclItem = acl[i].trim();
-                userInAcl = aclItem.equals(user) || groupsService.getGroups(user).equals(aclItem);
+                userInAcl = aclItem.equals(user) || groupsService.getGroups(user).contains(aclItem);
             }
         }
         return userInAcl;
@@ -515,7 +515,7 @@ public class AuthorizationService implements Service {
      * @param user user name.
      * @param filter filter used to select jobs
      * @param start starting index of the jobs in DB
-     * @param len maximum amount of jbos to select
+     * @param len maximum amount of jobs to select
      * @param write indicates if the check is for read or write job tasks.
      * @throws AuthorizationException thrown if the user is not authorized for the job.
      */

http://git-wip-us.apache.org/repos/asf/oozie/blob/3bd45e92/core/src/test/java/org/apache/oozie/service/TestAuthorizationService.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/oozie/service/TestAuthorizationService.java b/core/src/test/java/org/apache/oozie/service/TestAuthorizationService.java
index ce461c1..b5e527e 100644
--- a/core/src/test/java/org/apache/oozie/service/TestAuthorizationService.java
+++ b/core/src/test/java/org/apache/oozie/service/TestAuthorizationService.java
@@ -64,6 +64,9 @@ public class TestAuthorizationService extends XDataTestCase {
             if (getTestUser().equals(user)) {
                 return Arrays.asList("users", getTestGroup());
             }
+            if ("foo".equals(user)) {
+                return Arrays.asList("users", "foogrp");
+            }
             else {
                 return Arrays.asList("users");
             }
@@ -129,7 +132,7 @@ public class TestAuthorizationService extends XDataTestCase {
             jobConf.set(OozieClient.GROUP_NAME, getTestGroup());
         }
         else {
-            jobConf.set(OozieClient.GROUP_NAME, getTestGroup() + ",foo");
+            jobConf.set(OozieClient.GROUP_NAME, getTestGroup() + ",foogrp");
         }
 
         jobConf.set(OozieClient.LOG_TOKEN, "t");

http://git-wip-us.apache.org/repos/asf/oozie/blob/3bd45e92/release-log.txt
----------------------------------------------------------------------
diff --git a/release-log.txt b/release-log.txt
index 7851e81..a8afcf4 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
 -- Oozie 4.3.0 release (trunk - unreleased)
 
+OOZIE-2491 oozie acl cannot specify group,it does`t work (abhishekbafna via rohini)
 OOZIE-2569 Adding yarn-site, core-site, hdfs-site and mapred-site into spark launcher (abhishekbafna via rohini)
 OOZIE-2675 Drop support for hadoop 0.23 (abhishekbafna via rohini)
 OOZIE-2588 Support getting credentials for same cluster hcat when credentials config is empty (satishsaley via rohini)