You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2014/08/13 21:44:04 UTC

git commit: AMBARI-6852. Views: views list from API is not respecting privileges.

Repository: ambari
Updated Branches:
  refs/heads/trunk 2a617da83 -> f3bd5cc8c


AMBARI-6852. Views: views list from API is not respecting privileges.


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f3bd5cc8
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f3bd5cc8
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f3bd5cc8

Branch: refs/heads/trunk
Commit: f3bd5cc8cec545b3513c8442d42957b5fea71cd3
Parents: 2a617da
Author: Siddharth Wagle <sw...@hortonworks.com>
Authored: Wed Aug 13 12:42:32 2014 -0700
Committer: Siddharth Wagle <sw...@hortonworks.com>
Committed: Wed Aug 13 12:43:32 2014 -0700

----------------------------------------------------------------------
 .../internal/ViewResourceProvider.java          | 41 ++++++++++++++++----
 1 file changed, 33 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/f3bd5cc8/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
index b76c8e0..6a83793 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewResourceProvider.java
@@ -28,6 +28,7 @@ import org.apache.ambari.server.controller.spi.ResourceAlreadyExistsException;
 import org.apache.ambari.server.controller.spi.SystemException;
 import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
 import org.apache.ambari.server.orm.entities.ViewEntity;
+import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
 import org.apache.ambari.server.view.ViewRegistry;
 
 import java.util.Collections;
@@ -63,7 +64,7 @@ public class ViewResourceProvider extends AbstractResourceProvider {
     propertyIds.add(VIEW_NAME_PROPERTY_ID);
   }
 
-  
+
   // ----- Constructors ------------------------------------------------------
 
   /**
@@ -73,12 +74,12 @@ public class ViewResourceProvider extends AbstractResourceProvider {
     super(propertyIds, keyPropertyIds);
   }
 
-  
+
   // ----- ResourceProvider --------------------------------------------------
 
   @Override
-  public RequestStatus createResources(Request request) 
-      throws SystemException, UnsupportedPropertyException, 
+  public RequestStatus createResources(Request request)
+      throws SystemException, UnsupportedPropertyException,
              ResourceAlreadyExistsException, NoSuchParentResourceException {
     throw new UnsupportedOperationException("Not yet supported.");
   }
@@ -102,11 +103,13 @@ public class ViewResourceProvider extends AbstractResourceProvider {
 
       for (ViewEntity viewDefinition : viewRegistry.getDefinitions()){
         if (viewName == null || viewName.equals(viewDefinition.getCommonName())) {
-          Resource resource = new ResourceImpl(Resource.Type.View);
+          if (includeDefinition(viewDefinition, true)) {
+            Resource resource = new ResourceImpl(Resource.Type.View);
 
-          setResourceProperty(resource, VIEW_NAME_PROPERTY_ID, viewDefinition.getCommonName(), requestedIds);
+            setResourceProperty(resource, VIEW_NAME_PROPERTY_ID, viewDefinition.getCommonName(), requestedIds);
 
-          resources.add(resource);
+            resources.add(resource);
+          }
         }
       }
     }
@@ -130,7 +133,29 @@ public class ViewResourceProvider extends AbstractResourceProvider {
     return keyPropertyIds;
   }
 
-  
+  /**
+   * Determine whether or not the given view definition resource should be included
+   * based on the permissions granted to the current user.
+   *
+   * @param definitionEntity  the view definition entity
+   * @param readOnly        indicate whether or not this is for a read only operation
+   *
+   * @return true if the view instance should be included based on the permissions of the current user
+   */
+  private boolean includeDefinition(ViewEntity definitionEntity, boolean readOnly) {
+
+    ViewRegistry viewRegistry = ViewRegistry.getInstance();
+
+    boolean allowed = false;
+
+    for (ViewInstanceEntity instanceEntity: definitionEntity.getInstances()) {
+      allowed |= viewRegistry.checkPermission(instanceEntity, readOnly);
+    }
+
+    return allowed;
+  }
+
+
   // ----- AbstractResourceProvider ------------------------------------------
 
   @Override