You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2014/08/13 21:44:04 UTC
git commit: AMBARI-6852. Views: views list from API is not respecting
privileges.
Repository: ambari
Updated Branches:
refs/heads/trunk 2a617da83 -> f3bd5cc8c
AMBARI-6852. Views: views list from API is not respecting privileges.
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f3bd5cc8
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f3bd5cc8
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f3bd5cc8
Branch: refs/heads/trunk
Commit: f3bd5cc8cec545b3513c8442d42957b5fea71cd3
Parents: 2a617da
Author: Siddharth Wagle <sw...@hortonworks.com>
Authored: Wed Aug 13 12:42:32 2014 -0700
Committer: Siddharth Wagle <sw...@hortonworks.com>
Committed: Wed Aug 13 12:43:32 2014 -0700
----------------------------------------------------------------------
.../internal/ViewResourceProvider.java | 41 ++++++++++++++++----
1 file changed, 33 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/f3bd5cc8/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
index b76c8e0..6a83793 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
@@ -28,6 +28,7 @@ import org.apache.ambari.server.controller.spi.ResourceAlreadyExistsException;
import org.apache.ambari.server.controller.spi.SystemException;
import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
import org.apache.ambari.server.orm.entities.ViewEntity;
+import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
import org.apache.ambari.server.view.ViewRegistry;
import java.util.Collections;
@@ -63,7 +64,7 @@ public class ViewResourceProvider extends AbstractResourceProvider {
propertyIds.add(VIEW_NAME_PROPERTY_ID);
}
-
+
// ----- Constructors ------------------------------------------------------
/**
@@ -73,12 +74,12 @@ public class ViewResourceProvider extends AbstractResourceProvider {
super(propertyIds, keyPropertyIds);
}
-
+
// ----- ResourceProvider --------------------------------------------------
@Override
- public RequestStatus createResources(Request request)
- throws SystemException, UnsupportedPropertyException,
+ public RequestStatus createResources(Request request)
+ throws SystemException, UnsupportedPropertyException,
ResourceAlreadyExistsException, NoSuchParentResourceException {
throw new UnsupportedOperationException("Not yet supported.");
}
@@ -102,11 +103,13 @@ public class ViewResourceProvider extends AbstractResourceProvider {
for (ViewEntity viewDefinition : viewRegistry.getDefinitions()){
if (viewName == null || viewName.equals(viewDefinition.getCommonName())) {
- Resource resource = new ResourceImpl(Resource.Type.View);
+ if (includeDefinition(viewDefinition, true)) {
+ Resource resource = new ResourceImpl(Resource.Type.View);
- setResourceProperty(resource, VIEW_NAME_PROPERTY_ID, viewDefinition.getCommonName(), requestedIds);
+ setResourceProperty(resource, VIEW_NAME_PROPERTY_ID, viewDefinition.getCommonName(), requestedIds);
- resources.add(resource);
+ resources.add(resource);
+ }
}
}
}
@@ -130,7 +133,29 @@ public class ViewResourceProvider extends AbstractResourceProvider {
return keyPropertyIds;
}
-
+ /**
+ * Determine whether or not the given view definition resource should be included
+ * based on the permissions granted to the current user.
+ *
+ * @param definitionEntity the view definition entity
+ * @param readOnly indicate whether or not this is for a read only operation
+ *
+ * @return true if the view instance should be included based on the permissions of the current user
+ */
+ private boolean includeDefinition(ViewEntity definitionEntity, boolean readOnly) {
+
+ ViewRegistry viewRegistry = ViewRegistry.getInstance();
+
+ boolean allowed = false;
+
+ for (ViewInstanceEntity instanceEntity: definitionEntity.getInstances()) {
+ allowed |= viewRegistry.checkPermission(instanceEntity, readOnly);
+ }
+
+ return allowed;
+ }
+
+
// ----- AbstractResourceProvider ------------------------------------------
@Override