You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by al...@apache.org on 2016/04/13 14:48:41 UTC
[2/3] ambari git commit: AMBARI-15838. Kerberos : Referencing an
identity across service's kerberos files is not honored and hangs at
'configure identities'. (alexantonenko)
AMBARI-15838. Kerberos : Referencing an identity across service's kerberos files is not honored and hangs at 'configure identities'. (alexantonenko)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/9f803fe9
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/9f803fe9
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/9f803fe9
Branch: refs/heads/trunk
Commit: 9f803fe9aca0c5817179f8f5a0bffc5ea1723d12
Parents: b3a9a7c
Author: Alex Antonenko <hi...@gmail.com>
Authored: Tue Apr 12 18:18:17 2016 +0300
Committer: Alex Antonenko <hi...@gmail.com>
Committed: Wed Apr 13 15:48:35 2016 +0300
----------------------------------------------------------------------
.../app/mixins/wizard/addSecurityConfigs.js | 53 +++++++++++++++++---
.../mixins/wizard/addSeccurityConfigs_test.js | 18 +++++--
2 files changed, 61 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/9f803fe9/ambari-web/app/mixins/wizard/addSecurityConfigs.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/mixins/wizard/addSecurityConfigs.js b/ambari-web/app/mixins/wizard/addSecurityConfigs.js
index a829cb6..09fa561 100644
--- a/ambari-web/app/mixins/wizard/addSecurityConfigs.js
+++ b/ambari-web/app/mixins/wizard/addSecurityConfigs.js
@@ -245,13 +245,49 @@ App.AddSecurityConfigs = Em.Mixin.create({
*/
processConfigReferences: function (kerberosDescriptor, configs) {
var identities = kerberosDescriptor.identities;
- identities = identities.concat(kerberosDescriptor.services.map(function (service) {
- if (service.components && !!service.components.length) {
- identities = identities.concat(service.components.mapProperty('identities').reduce(function (p, c) {
- return p.concat(c);
- }, []));
- return identities;
+
+ /**
+ * Returns indentity object with additional attribute `referencePath`.
+ * Reference path depends on how deep identity is. Each level separated by `/` sign.
+ *
+ * @param {object} identity
+ * @param {string} [prefix=false] prefix to append e.g. 'SERVICE_NAME'
+ * @returns {object} identity object
+ */
+ var setReferencePath = function(identity, prefix) {
+ var name = Em.getWithDefault(identity, 'name', false);
+ if (name) {
+ if (prefix) {
+ name = prefix + '/' + name;
+ }
+ identity.referencePath = name;
}
+ return identity;
+ };
+
+ // map all identities and add attribute `referencePath`
+ // `referencePath` is a path to identity it can be 1-3 levels
+ // 1 for "/global" identity e.g. `/spnego`
+ // 2 for "/SERVICE/identity"
+ // 3 for "/SERVICE/COMPONENT/identity"
+ identities = identities.map(function(i) {
+ return setReferencePath(i);
+ })
+ .concat(kerberosDescriptor.services.map(function (service) {
+ var serviceName = Em.getWithDefault(service, 'name', false);
+ var serviceIdentities = Em.getWithDefault(service, 'identities', []).map(function(i) {
+ return setReferencePath(i, serviceName);
+ });
+ var componentIdentities = Em.getWithDefault(service || {}, 'components', []).map(function(i) {
+ var componentName = Em.getWithDefault(i, 'name', false);
+ return Em.getWithDefault(i, 'identities', []).map(function(componentIdentity) {
+ return setReferencePath(componentIdentity, serviceName + '/' + componentName);
+ });
+ }).reduce(function(p, c) {
+ return p.concat(c);
+ }, []);
+ serviceIdentities.pushObjects(componentIdentities);
+ return serviceIdentities;
}).reduce(function (p, c) {
return p.concat(c);
}, []));
@@ -260,7 +296,10 @@ App.AddSecurityConfigs = Em.Mixin.create({
configs.forEach(function (item) {
var reference = item.get('referenceProperty');
if (!!reference) {
- var identity = identities.findProperty('name', reference.split(':')[0])[reference.split(':')[1]];
+ // first find identity by `name`
+ // if not found try to find by `referencePath`
+ var identity = Em.getWithDefault(identities.findProperty('name', reference.split(':')[0]) || {}, reference.split(':')[1], false) ||
+ Em.getWithDefault(identities.findProperty('referencePath', reference.split(':')[0]) || {}, reference.split(':')[1], false);
if (identity && !!identity.configuration) {
item.set('observesValueFrom', identity.configuration.split('/')[1]);
} else {
http://git-wip-us.apache.org/repos/asf/ambari/blob/9f803fe9/ambari-web/test/mixins/wizard/addSeccurityConfigs_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/mixins/wizard/addSeccurityConfigs_test.js b/ambari-web/test/mixins/wizard/addSeccurityConfigs_test.js
index e923144..ea44dcf 100644
--- a/ambari-web/test/mixins/wizard/addSeccurityConfigs_test.js
+++ b/ambari-web/test/mixins/wizard/addSeccurityConfigs_test.js
@@ -222,7 +222,12 @@ describe('App.AddSecurityConfigs', function () {
name: 'SERVICE',
identities: [
{ name: '/spnego' },
- { name: '/hdfs' }
+ { name: '/hdfs' },
+ {
+ name: 'service_identity',
+ keytab: { configuration: 'service-site/service.keytab' },
+ principal: { configuration: 'service-site/service.principal' }
+ }
]
},
{
@@ -247,6 +252,7 @@ describe('App.AddSecurityConfigs', function () {
}
]
};
+
var configs = Em.A([
generateProperty('spnego_inherited_keytab', 'spnego:keytab'),
generateProperty('spnego_inherited_principal', 'spnego:principal'),
@@ -255,8 +261,12 @@ describe('App.AddSecurityConfigs', function () {
generateProperty('component_prop1_inherited_principal', 'component_prop1:principal'),
generateProperty('component_prop1_inherited_keytab', 'component_prop1:keytab'),
generateProperty('component_prop2_inherited_keytab', 'component_prop2:keytab'),
- generateProperty('component_prop2_inherited_principal', 'component_prop2:principal')
+ generateProperty('component_prop2_inherited_principal', 'component_prop2:principal'),
+ generateProperty('component_prop2_inherited_principal', 'component_prop2:principal'),
+ generateProperty('component_prop3_inherited_principal', 'SERVICE2/COMPONENT/component_prop2:principal'),
+ generateProperty('service_prop1_inherited_principal', 'SERVICE/service_identity:principal')
]);
+
var tests = [
{ name: 'spnego_inherited_keytab', e: 'spnego_keytab' },
{ name: 'spnego_inherited_principal', e: 'spnego_principal' },
@@ -265,7 +275,9 @@ describe('App.AddSecurityConfigs', function () {
{ name: 'component_prop1_inherited_keytab', e: 'component.keytab' },
{ name: 'component_prop1_inherited_principal', e: 'component_prop1_principal' },
{ name: 'component_prop2_inherited_keytab', e: 'component2.keytab' },
- { name: 'component_prop2_inherited_principal', e: 'component2.principal' }
+ { name: 'component_prop2_inherited_principal', e: 'component2.principal' },
+ { name: 'component_prop3_inherited_principal', e: 'component2.principal' },
+ { name: 'service_prop1_inherited_principal', e: 'service.principal' }
];
before(function() {
controller.processConfigReferences(descriptor, configs);