You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by wu...@apache.org on 2022/10/17 07:12:21 UTC
[ambari] branch trunk updated: AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)
This is an automated email from the ASF dual-hosted git repository.
wuzhiguo pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new fe97683527 AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)
fe97683527 is described below
commit fe97683527d29992e88bd41204144ef0714ca1b3
Author: Vishal Suvagia <vi...@users.noreply.github.com>
AuthorDate: Mon Oct 17 12:42:14 2022 +0530
AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)
---
.../api/services/persistence/PersistenceManagerImpl.java | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
index d04a9484f4..50f65d480c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
@@ -104,6 +104,12 @@ public class PersistenceManagerImpl implements PersistenceManager {
public RequestStatus update(ResourceInstance resource, RequestBody requestBody)
throws UnsupportedPropertyException, SystemException, NoSuchParentResourceException, NoSuchResourceException {
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+ EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) {
+ throw new AuthorizationException("The authenticated user does not have authorization " +
+ "to update/store user persisted data.");
+ }
+
Map<Resource.Type, String> mapResourceIds = resource.getKeyValueMap();
Resource.Type type = resource.getResourceDefinition().getType();
Schema schema = m_controller.getSchema(type);
@@ -129,6 +135,12 @@ public class PersistenceManagerImpl implements PersistenceManager {
public RequestStatus delete(ResourceInstance resource, RequestBody requestBody)
throws UnsupportedPropertyException, SystemException, NoSuchParentResourceException, NoSuchResourceException {
//todo: need to account for multiple resources and user predicate
+ if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+ EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) {
+ throw new AuthorizationException("The authenticated user does not have authorization " +
+ "to delete/store user persisted data.");
+ }
+
return m_controller.deleteResources(resource.getResourceDefinition().getType(),
createControllerRequest(requestBody), resource.getQuery().getPredicate());
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@ambari.apache.org
For additional commands, e-mail: commits-help@ambari.apache.org