You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by aa...@apache.org on 2021/05/17 10:47:35 UTC
[hadoop] branch branch-2.10 updated: YARN-10555. Missing access
check before getAppAttempts (#2608)
This is an automated email from the ASF dual-hosted git repository.
aajisaka pushed a commit to branch branch-2.10
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-2.10 by this push:
new 13a2e75 YARN-10555. Missing access check before getAppAttempts (#2608)
13a2e75 is described below
commit 13a2e751e025da38798f208326ccabda13f84524
Author: lujiefsi <lu...@foxmail.com>
AuthorDate: Sun May 16 23:44:38 2021 -0500
YARN-10555. Missing access check before getAppAttempts (#2608)
Co-authored-by: lujie <lu...@foxmail.com>
Signed-off-by: Akira Ajisaka <aa...@apache.org>
(cherry picked from commit d92a25b790e5ad7d8e21fc3949cdd0f74d496b1b)
---
.../hadoop/yarn/server/resourcemanager/webapp/RMAppBlock.java | 2 +-
.../hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java | 2 +-
.../yarn/server/resourcemanager/webapp/dao/AppAttemptInfo.java | 6 +++---
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMAppBlock.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMAppBlock.java
index bbc35fc..27ee520 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMAppBlock.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMAppBlock.java
@@ -142,7 +142,7 @@ public class RMAppBlock extends AppBlock{
continue;
}
AppAttemptInfo attemptInfo =
- new AppAttemptInfo(this.rm, rmAppAttempt, rmApp.getUser(),
+ new AppAttemptInfo(this.rm, rmAppAttempt, true, rmApp.getUser(),
WebAppUtils.getHttpSchemePrefix(conf));
Set<String> nodes = rmAppAttempt.getBlacklistedNodes();
// nodes which are blacklisted by the application
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java
index 3724469..21b9d80 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/RMWebServices.java
@@ -906,7 +906,7 @@ public class RMWebServices extends WebServices implements RMWebServiceProtocol {
AppAttemptsInfo appAttemptsInfo = new AppAttemptsInfo();
for (RMAppAttempt attempt : app.getAppAttempts().values()) {
AppAttemptInfo attemptInfo = new AppAttemptInfo(rm, attempt,
- app.getUser(), hsr.getScheme() + "://");
+ hasAccess(app, hsr), app.getUser(), hsr.getScheme() + "://");
appAttemptsInfo.add(attemptInfo);
}
diff --git a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/dao/AppAttemptInfo.java b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/dao/AppAttemptInfo.java
index 82a946e..21d19c8 100644
--- a/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/dao/AppAttemptInfo.java
+++ b/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-resourcemanager/src/main/java/org/apache/hadoop/yarn/server/resourcemanager/webapp/dao/AppAttemptInfo.java
@@ -47,8 +47,8 @@ public class AppAttemptInfo {
public AppAttemptInfo() {
}
- public AppAttemptInfo(ResourceManager rm, RMAppAttempt attempt, String user,
- String schemePrefix) {
+ public AppAttemptInfo(ResourceManager rm, RMAppAttempt attempt,
+ Boolean hasAccess, String user, String schemePrefix) {
this.startTime = 0;
this.containerId = "";
this.nodeHttpAddress = "";
@@ -60,7 +60,7 @@ public class AppAttemptInfo {
this.startTime = attempt.getStartTime();
this.finishedTime = attempt.getFinishTime();
Container masterContainer = attempt.getMasterContainer();
- if (masterContainer != null) {
+ if (masterContainer != null && hasAccess) {
this.containerId = masterContainer.getId().toString();
this.nodeHttpAddress = masterContainer.getNodeHttpAddress();
this.nodeId = masterContainer.getNodeId().toString();
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org