You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by dm...@apache.org on 2014/08/19 20:15:18 UTC
git commit: AMBARI-6917. DataNode didn't start recommissioning after
decommission, turning on and off Maintenance Mode (dlysnichenko)
Repository: ambari
Updated Branches:
refs/heads/trunk 0c46e95e6 -> 1c5ceb273
AMBARI-6917. DataNode didn't start recommissioning after decommission, turning on and off Maintenance Mode (dlysnichenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/1c5ceb27
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/1c5ceb27
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/1c5ceb27
Branch: refs/heads/trunk
Commit: 1c5ceb273a81b0e553cf3c7585db2c0be670cec0
Parents: 0c46e95
Author: Lisnichenko Dmitro <dl...@hortonworks.com>
Authored: Tue Aug 19 21:13:39 2014 +0300
Committer: Lisnichenko Dmitro <dl...@hortonworks.com>
Committed: Tue Aug 19 21:14:35 2014 +0300
----------------------------------------------------------------------
.../internal/InternalAuthenticationToken.java | 6 +++---
.../apache/ambari/server/state/cluster/ClustersImpl.java | 10 ++++++++++
2 files changed, 13 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/1c5ceb27/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
index 5d865ea..1fc86a2 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
@@ -17,7 +17,6 @@
*/
package org.apache.ambari.server.security.authorization.internal;
-
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -29,14 +28,15 @@ import java.util.Collections;
public class InternalAuthenticationToken implements Authentication {
private static final String INTERNAL_NAME = "internal";
+
+ // used in ClustersImpl, checkPermissions
private static final Collection<? extends GrantedAuthority> AUTHORITIES =
- Collections.singleton(new SimpleGrantedAuthority("ADMIN"));
+ Collections.singleton(new SimpleGrantedAuthority("AMBARI.ADMIN"));
private static final User INTERNAL_USER = new User(INTERNAL_NAME, "empty", AUTHORITIES);
private String token;
private boolean authenticated = false;
-
public InternalAuthenticationToken(String tokenString) {
this.token = tokenString;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/1c5ceb27/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
index e67ea45..c27797e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
@@ -55,6 +55,7 @@ import org.apache.ambari.server.state.host.HostFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import javax.persistence.RollbackException;
import java.util.ArrayList;
@@ -736,6 +737,15 @@ public class ClustersImpl implements Clusters {
}
}
}
+
+ // SimpleGrantedAuthority is required by InternalAuthenticationToken for internal authorization by token
+ if (grantedAuthority instanceof SimpleGrantedAuthority){
+ SimpleGrantedAuthority authority = (SimpleGrantedAuthority) grantedAuthority;
+ if ("AMBARI.ADMIN".equals(authority.getAuthority())) {
+ return true;
+ }
+
+ }
}
// TODO : should we log this?
return false;