You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by wu...@apache.org on 2022/10/17 07:12:21 UTC

[ambari] branch trunk updated: AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)

This is an automated email from the ASF dual-hosted git repository.

wuzhiguo pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new fe97683527 AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)
fe97683527 is described below

commit fe97683527d29992e88bd41204144ef0714ca1b3
Author: Vishal Suvagia <vi...@users.noreply.github.com>
AuthorDate: Mon Oct 17 12:42:14 2022 +0530

    AMBARI-25734 :: CLUSTER.USER is able to perform actions through api calls (#3388)
---
 .../api/services/persistence/PersistenceManagerImpl.java     | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
index d04a9484f4..50f65d480c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/persistence/PersistenceManagerImpl.java
@@ -104,6 +104,12 @@ public class PersistenceManagerImpl implements PersistenceManager {
   public RequestStatus update(ResourceInstance resource, RequestBody requestBody)
       throws UnsupportedPropertyException, SystemException, NoSuchParentResourceException, NoSuchResourceException {
 
+    if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+            EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) {
+      throw new AuthorizationException("The authenticated user does not have authorization " +
+              "to update/store user persisted data.");
+    }
+
     Map<Resource.Type, String> mapResourceIds = resource.getKeyValueMap();
     Resource.Type type = resource.getResourceDefinition().getType();
     Schema schema = m_controller.getSchema(type);
@@ -129,6 +135,12 @@ public class PersistenceManagerImpl implements PersistenceManager {
   public RequestStatus delete(ResourceInstance resource, RequestBody requestBody)
       throws UnsupportedPropertyException, SystemException, NoSuchParentResourceException, NoSuchResourceException {
     //todo: need to account for multiple resources and user predicate
+    if (!AuthorizationHelper.isAuthorized(ResourceType.CLUSTER, null,
+            EnumSet.of(RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))) {
+      throw new AuthorizationException("The authenticated user does not have authorization " +
+              "to delete/store user persisted data.");
+    }
+
     return m_controller.deleteResources(resource.getResourceDefinition().getType(),
         createControllerRequest(requestBody), resource.getQuery().getPredicate());
 


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@ambari.apache.org
For additional commands, e-mail: commits-help@ambari.apache.org