You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@storm.apache.org by ki...@apache.org on 2015/11/18 21:51:44 UTC

[1/3] storm git commit: Fixing attempt to access to directory before checking user authorization and avoid dumps listing error

Repository: storm
Updated Branches:
  refs/heads/master 6d7b6da40 -> 1c07f1d99


Fixing attempt to access to directory before checking user authorization and avoid dumps listing error


Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/8cf59329
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/8cf59329
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/8cf59329

Branch: refs/heads/master
Commit: 8cf5932958954fc591146f5119da78b8e0ef7307
Parents: 5a79ba5
Author: Kishor Patil <kp...@yahoo-inc.com>
Authored: Fri Nov 13 18:46:55 2015 +0000
Committer: Kishor Patil <kp...@yahoo-inc.com>
Committed: Sat Nov 14 19:28:18 2015 +0000

----------------------------------------------------------------------
 .../src/clj/backtype/storm/daemon/logviewer.clj | 60 +++++++++++++-------
 1 file changed, 40 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/storm/blob/8cf59329/storm-core/src/clj/backtype/storm/daemon/logviewer.clj
----------------------------------------------------------------------
diff --git a/storm-core/src/clj/backtype/storm/daemon/logviewer.clj b/storm-core/src/clj/backtype/storm/daemon/logviewer.clj
index 16d2fe7..80ee01a 100644
--- a/storm-core/src/clj/backtype/storm/daemon/logviewer.clj
+++ b/storm-core/src/clj/backtype/storm/daemon/logviewer.clj
@@ -950,6 +950,17 @@
       :headers {"Access-Control-Allow-Origin" origin
                 "Access-Control-Allow-Credentials" "true"})))
 
+(defn get-profiler-dump-files
+  [dir]
+  (filter (comp not nil?)
+        (for [f (.listFiles dir)]
+          (let [name (.getName f)]
+            (if (or
+                  (.endsWith name ".txt")
+                  (.endsWith name ".jfr")
+                  (.endsWith name ".bin"))
+              (.getName f))))))
+
 (defroutes log-routes
   (GET "/log" [:as req & m]
     (try
@@ -967,15 +978,30 @@
         (ring-response-from-exception ex))))
   (GET "/dumps/:topo-id/:host-port/:filename"
        [:as {:keys [servlet-request servlet-response log-root]} topo-id host-port filename &m]
-     (let [port (second (split host-port #":"))]
-       (-> (resp/response (File. (str log-root
-                                      file-path-separator
-                                      topo-id
-                                      file-path-separator
-                                      port
-                                      file-path-separator
-                                      filename)))
-           (resp/content-type "application/octet-stream"))))
+     (let [user (.getUserName http-creds-handler servlet-request)
+           port (second (split host-port #":"))
+           dir (File. (str log-root
+                           file-path-separator
+                           topo-id
+                           file-path-separator
+                           port))
+           file (File. (str log-root
+                            file-path-separator
+                            topo-id
+                            file-path-separator
+                            port
+                            file-path-separator
+                            filename))]
+       (if (and (.exists dir) (.exists file))
+         (if (or (blank? (*STORM-CONF* UI-FILTER))
+               (authorized-log-user? user 
+                                     (str topo-id file-path-separator port file-path-separator "worker.log")
+                                     *STORM-CONF*))
+           (-> (resp/response file)
+               (resp/content-type "application/octet-stream"))
+           (unauthorized-user-html user))
+         (-> (resp/response "Page not found")
+           (resp/status 404)))))
   (GET "/dumps/:topo-id/:host-port"
        [:as {:keys [servlet-request servlet-response log-root]} topo-id host-port &m]
      (let [user (.getUserName http-creds-handler servlet-request)
@@ -984,18 +1010,12 @@
                            file-path-separator
                            topo-id
                            file-path-separator
-                           port))
-           files (filter (comp not nil?)
-                         (for [f (.listFiles dir)]
-                           (let [name (.getName f)]
-                             (if (or
-                                  (.endsWith name ".txt")
-                                  (.endsWith name ".jfr")
-                                  (.endsWith name ".bin"))
-                               (.getName f)))))]
+                           port))]
        (if (.exists dir)
          (if (or (blank? (*STORM-CONF* UI-FILTER))
-               (authorized-log-user? user "worker.log" *STORM-CONF*))
+               (authorized-log-user? user 
+                                     (str topo-id file-path-separator port file-path-separator "worker.log")
+                                     *STORM-CONF*))
            (html4
              [:head
               [:title "File Dumps - Storm Log Viewer"]
@@ -1004,7 +1024,7 @@
               (include-css "/css/style.css")]
              [:body
               [:ul
-               (for [file files]
+               (for [file (get-profiler-dump-files dir)]
                  [:li
                   [:a {:href (str "/dumps/" topo-id "/" host-port "/" file)} file ]])]])
            (unauthorized-user-html user))

[3/3] storm git commit: Added STORM-1204 to Changelog

Posted by ki...@apache.org.

Added STORM-1204 to Changelog


Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/1c07f1d9
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/1c07f1d9
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/1c07f1d9

Branch: refs/heads/master
Commit: 1c07f1d9906628413464ee1ac2d33bcd7251c4c9
Parents: 3612307
Author: Kishor Patil <kp...@yahoo-inc.com>
Authored: Wed Nov 18 20:43:40 2015 +0000
Committer: Kishor Patil <kp...@yahoo-inc.com>
Committed: Wed Nov 18 20:43:40 2015 +0000

----------------------------------------------------------------------
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/storm/blob/1c07f1d9/CHANGELOG.md
----------------------------------------------------------------------
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 63bb652..d58b54a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,5 @@
 ## 0.11.0
+ * STORM-1204: Logviewer should graceful report page-not-found instead of 500 for bad topo-id etc
  * STORM-831: Add BugTracker and Central Logging URL to UI
  * STORM-1208: UI: NPE seen when aggregating bolt streams stats
  * STORM-1016: Generate trident bolt ids with sorted group names

[2/3] storm git commit: Merge branch 'STORM-1204' of https://github.com/kishorvpatil/incubator-storm

Posted by ki...@apache.org.

Merge branch 'STORM-1204' of https://github.com/kishorvpatil/incubator-storm


Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/3612307c
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/3612307c
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/3612307c

Branch: refs/heads/master
Commit: 3612307c365682008546fa4b347c241525841484
Parents: 6d7b6da 8cf5932
Author: Kishor Patil <kp...@yahoo-inc.com>
Authored: Wed Nov 18 20:42:51 2015 +0000
Committer: Kishor Patil <kp...@yahoo-inc.com>
Committed: Wed Nov 18 20:42:51 2015 +0000

----------------------------------------------------------------------
 .../src/clj/backtype/storm/daemon/logviewer.clj | 60 +++++++++++++-------
 1 file changed, 40 insertions(+), 20 deletions(-)
----------------------------------------------------------------------