You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@ambari.apache.org by Attila Magyar <am...@hortonworks.com> on 2017/04/20 14:28:57 UTC
Review Request 58574: BE: Characters used in usernames should be
constrained
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/
-----------------------------------------------------------
Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
Bugs: AMBARI-20771
https://issues.apache.org/jira/browse/AMBARI-20771
Repository: ambari
Description
-------
Characters used in usernames should be constrained such that they cannot contain the following characters:
Less than symbols ( < )
Greater than symbols ( > )
Ampersand ( & )
Back slashes ( \ )
Backtick ( ` )
Pipe ( | )
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
Diff: https://reviews.apache.org/r/58574/diff/1/
Testing
-------
Added new unittest, tested manually at end to end level using curl.
[root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
{
"status" : 400,
"message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
}
Existing tests: PENDING
Thanks,
Attila Magyar
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Balázs Bence Sári <bs...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/#review172614
-----------------------------------------------------------
Ship it!
Ship It!
- Bal�zs Bence S�ri
On April 21, 2017, 8:15 a.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58574/
> -----------------------------------------------------------
>
> (Updated April 21, 2017, 8:15 a.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20771
> https://issues.apache.org/jira/browse/AMBARI-20771
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Characters used in usernames should be constrained such that they cannot contain the following characters:
> Less than symbols ( < )
> Greater than symbols ( > )
> Ampersand ( & )
> Back slashes ( \ )
> Backtick ( ` )
> Pipe ( | )
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
> ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
> ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
> ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
>
>
> Diff: https://reviews.apache.org/r/58574/diff/3/
>
>
> Testing
> -------
>
> Added new unittest, tested manually at end to end level using curl.
>
>
> [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
> {
> "status" : 400,
> "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
> }
>
> Existing tests: PENDING
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Attila Magyar <am...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/
-----------------------------------------------------------
(Updated April 21, 2017, 8:15 a.m.)
Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
Changes
-------
added license
Bugs: AMBARI-20771
https://issues.apache.org/jira/browse/AMBARI-20771
Repository: ambari
Description
-------
Characters used in usernames should be constrained such that they cannot contain the following characters:
Less than symbols ( < )
Greater than symbols ( > )
Ampersand ( & )
Back slashes ( \ )
Backtick ( ` )
Pipe ( | )
Diffs (updated)
-----
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
Diff: https://reviews.apache.org/r/58574/diff/3/
Changes: https://reviews.apache.org/r/58574/diff/2-3/
Testing
-------
Added new unittest, tested manually at end to end level using curl.
[root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
{
"status" : 400,
"message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
}
Existing tests: PENDING
Thanks,
Attila Magyar
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Attila Doroszlai <ad...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/#review172521
-----------------------------------------------------------
Fix it, then Ship it!
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java
Lines 1 (patched)
<https://reviews.apache.org/r/58574/#comment245631>
Missing license
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java
Lines 1 (patched)
<https://reviews.apache.org/r/58574/#comment245630>
Missing license
- Attila Doroszlai
On April 20, 2017, 5:51 p.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58574/
> -----------------------------------------------------------
>
> (Updated April 20, 2017, 5:51 p.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20771
> https://issues.apache.org/jira/browse/AMBARI-20771
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Characters used in usernames should be constrained such that they cannot contain the following characters:
> Less than symbols ( < )
> Greater than symbols ( > )
> Ampersand ( & )
> Back slashes ( \ )
> Backtick ( ` )
> Pipe ( | )
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
> ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
> ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
> ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
>
>
> Diff: https://reviews.apache.org/r/58574/diff/2/
>
>
> Testing
> -------
>
> Added new unittest, tested manually at end to end level using curl.
>
>
> [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
> {
> "status" : 400,
> "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
> }
>
> Existing tests: PENDING
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Sebastian Toader <st...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/#review172500
-----------------------------------------------------------
Ship it!
Ship It!
- Sebastian Toader
On April 20, 2017, 5:51 p.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58574/
> -----------------------------------------------------------
>
> (Updated April 20, 2017, 5:51 p.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20771
> https://issues.apache.org/jira/browse/AMBARI-20771
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Characters used in usernames should be constrained such that they cannot contain the following characters:
> Less than symbols ( < )
> Greater than symbols ( > )
> Ampersand ( & )
> Back slashes ( \ )
> Backtick ( ` )
> Pipe ( | )
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
> ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
> ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
> ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
>
>
> Diff: https://reviews.apache.org/r/58574/diff/2/
>
>
> Testing
> -------
>
> Added new unittest, tested manually at end to end level using curl.
>
>
> [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
> {
> "status" : 400,
> "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
> }
>
> Existing tests: PENDING
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Attila Magyar <am...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/
-----------------------------------------------------------
(Updated April 20, 2017, 3:51 p.m.)
Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
Changes
-------
extract constant
Bugs: AMBARI-20771
https://issues.apache.org/jira/browse/AMBARI-20771
Repository: ambari
Description
-------
Characters used in usernames should be constrained such that they cannot contain the following characters:
Less than symbols ( < )
Greater than symbols ( > )
Ampersand ( & )
Back slashes ( \ )
Backtick ( ` )
Pipe ( | )
Diffs (updated)
-----
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
Diff: https://reviews.apache.org/r/58574/diff/2/
Changes: https://reviews.apache.org/r/58574/diff/1-2/
Testing
-------
Added new unittest, tested manually at end to end level using curl.
[root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
{
"status" : 400,
"message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
}
Existing tests: PENDING
Thanks,
Attila Magyar
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Sebastian Toader <st...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/#review172497
-----------------------------------------------------------
ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java
Lines 24 (patched)
<https://reviews.apache.org/r/58574/#comment245593>
The list of forbidden chars should be stored as a constant (or as a compiled regexp)
- Sebastian Toader
On April 20, 2017, 4:28 p.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58574/
> -----------------------------------------------------------
>
> (Updated April 20, 2017, 4:28 p.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20771
> https://issues.apache.org/jira/browse/AMBARI-20771
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Characters used in usernames should be constrained such that they cannot contain the following characters:
> Less than symbols ( < )
> Greater than symbols ( > )
> Ampersand ( & )
> Back slashes ( \ )
> Backtick ( ` )
> Pipe ( | )
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
> ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
> ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
> ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
>
>
> Diff: https://reviews.apache.org/r/58574/diff/1/
>
>
> Testing
> -------
>
> Added new unittest, tested manually at end to end level using curl.
>
>
> [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
> {
> "status" : 400,
> "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
> }
>
> Existing tests: PENDING
>
>
> Thanks,
>
> Attila Magyar
>
>
Re: Review Request 58574: BE: Characters used in usernames should be
constrained
Posted by Robert Levas <rl...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58574/#review172491
-----------------------------------------------------------
Ship it!
Ship It!
- Robert Levas
On April 20, 2017, 10:28 a.m., Attila Magyar wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/58574/
> -----------------------------------------------------------
>
> (Updated April 20, 2017, 10:28 a.m.)
>
>
> Review request for Ambari, Attila Doroszlai, Bal�zs Bence S�ri, Robert Levas, and Sebastian Toader.
>
>
> Bugs: AMBARI-20771
> https://issues.apache.org/jira/browse/AMBARI-20771
>
>
> Repository: ambari
>
>
> Description
> -------
>
> Characters used in usernames should be constrained such that they cannot contain the following characters:
> Less than symbols ( < )
> Greater than symbols ( > )
> Ampersand ( & )
> Back slashes ( \ )
> Backtick ( ` )
> Pipe ( | )
>
>
> Diffs
> -----
>
> ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserEntity.java 576ca97
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/UserName.java PRE-CREATION
> ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java 4ed777b
> ambari-server/src/test/java/org/apache/ambari/server/orm/OrmTestHelper.java fdc19d1
> ambari-server/src/test/java/org/apache/ambari/server/orm/dao/UserDAOTest.java bb0b0cf
> ambari-server/src/test/java/org/apache/ambari/server/security/SecurityHelperImplTest.java d69d49a
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java 6b98a5b
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java 9ff381f
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariUserAuthenticationFilterTest.java 6541a59
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UserNameTest.java PRE-CREATION
> ambari-server/src/test/java/org/apache/ambari/server/security/authorization/UsersTest.java f426c85
> ambari-server/src/test/java/org/apache/ambari/server/security/ldap/AmbariLdapDataPopulatorTest.java e5e36f3
> ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java e31a428
>
>
> Diff: https://reviews.apache.org/r/58574/diff/1/
>
>
> Testing
> -------
>
> Added new unittest, tested manually at end to end level using curl.
>
>
> [root@c6401 vagrant]# curl -H "X-Requested-By: Ambari" -H "Content-Type: application/json" -u admin:admin -d '{"Users/user_name":"admin34`","Users/password":"admin","Users/active":true,"Users/admin":false}' http://c6401.ambari.apache.org:8080/api/v1/users
> {
> "status" : 400,
> "message" : "Invalid username: admin34` Avoid characters [<, >, &, |, \, `]"
> }
>
> Existing tests: PENDING
>
>
> Thanks,
>
> Attila Magyar
>
>