ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-13791. Rename existing permissions to prepare for new roles (rlevas)
Date Thu, 12 Nov 2015 17:44:04 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 0d203448b -> 2ce7b6357


AMBARI-13791. Rename existing permissions to prepare for new roles (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2ce7b635
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2ce7b635
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2ce7b635

Branch: refs/heads/trunk
Commit: 2ce7b6357b898f5fa3c5432d5efa9d95ca4d6fdc
Parents: 0d20344
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Thu Nov 12 12:43:36 2015 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Thu Nov 12 12:43:58 2015 -0500

----------------------------------------------------------------------
 .../ui/admin-web/app/scripts/i18n.config.js     |  6 +--
 ambari-server/docs/api/v1/permission-get.md     |  2 +-
 .../AmbariManagementControllerImpl.java         |  2 +-
 .../ClusterPrivilegeResourceProvider.java       | 12 +++---
 .../internal/ViewPrivilegeResourceProvider.java |  6 +--
 .../internal/WidgetResourceProvider.java        |  4 +-
 .../ambari/server/orm/dao/PermissionDAO.java    | 20 +++++-----
 .../server/orm/entities/PermissionEntity.java   | 16 ++++----
 .../AmbariAuthorizationFilter.java              | 18 ++++-----
 .../server/security/authorization/User.java     |  2 +-
 .../server/security/authorization/Users.java    | 10 ++---
 .../internal/InternalAuthenticationToken.java   |  4 +-
 .../server/state/cluster/ClusterImpl.java       |  6 +--
 .../server/state/cluster/ClustersImpl.java      |  2 +-
 .../server/upgrade/UpgradeCatalog220.java       | 39 ++++++++++++++-----
 .../apache/ambari/server/view/ViewRegistry.java |  6 +--
 .../main/resources/Ambari-DDL-MySQL-CREATE.sql  |  8 ++--
 .../main/resources/Ambari-DDL-Oracle-CREATE.sql |  8 ++--
 .../resources/Ambari-DDL-Postgres-CREATE.sql    |  8 ++--
 .../Ambari-DDL-Postgres-EMBEDDED-CREATE.sql     |  8 ++--
 .../resources/Ambari-DDL-SQLAnywhere-CREATE.sql |  8 ++--
 .../resources/Ambari-DDL-SQLServer-CREATE.sql   |  8 ++--
 .../AmbariPrivilegeResourceProviderTest.java    | 16 ++++----
 .../ClusterPrivilegeResourceProviderTest.java   |  6 +--
 .../PermissionResourceProviderTest.java         |  4 +-
 .../internal/UserResourceProviderTest.java      |  6 +--
 .../ViewPrivilegeResourceProviderTest.java      |  6 +--
 .../AmbariAuthorizationFilterTest.java          | 20 +++++-----
 .../authorization/AuthorizationHelperTest.java  |  8 ++--
 .../security/authorization/TestUsers.java       |  4 +-
 .../server/upgrade/UpgradeCatalog220Test.java   | 40 ++++++++++++++++----
 .../ambari/server/view/ViewRegistryTest.java    |  4 +-
 ambari-views/docs/index.md                      |  2 +-
 .../app/assets/data/users/privileges.json       |  2 +-
 .../app/assets/data/users/privileges_admin.json |  2 +-
 .../app/assets/data/users/user_admin.json       |  2 +-
 ambari-web/app/mappers/users_mapper.js          |  4 +-
 ambari-web/app/models/user.js                   |  8 ++--
 ambari-web/app/router.js                        |  6 +--
 ambari-web/test/mappers/users_mapper_test.js    |  8 ++--
 ambari-web/test/router_test.js                  |  8 ++--
 .../capacityscheduler/ConfigurationService.java |  6 +--
 42 files changed, 204 insertions(+), 161 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js
----------------------------------------------------------------------
diff --git a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js
index d9f5eb5..a2ead48 100644
--- a/ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js
+++ b/ambari-admin/src/main/resources/ui/admin-web/app/scripts/i18n.config.js
@@ -20,9 +20,9 @@
 angular.module('ambariAdminConsole')
 .config(['$translateProvider', function($translateProvider) {
   $translateProvider.translations('en',{
-    'CLUSTER.OPERATE': 'Operator',
-    'CLUSTER.READ': 'Read-Only',
-    'VIEW.USE': 'Use'
+    'CLUSTER.ADMINISTRATOR': 'Operator',
+    'CLUSTER.USER': 'Read-Only',
+    'VIEW.USER': 'Use'
   });
 
   $translateProvider.preferredLanguage('en');

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/docs/api/v1/permission-get.md
----------------------------------------------------------------------
diff --git a/ambari-server/docs/api/v1/permission-get.md b/ambari-server/docs/api/v1/permission-get.md
index 0781fbd..d949344 100644
--- a/ambari-server/docs/api/v1/permission-get.md
+++ b/ambari-server/docs/api/v1/permission-get.md
@@ -71,7 +71,7 @@ Get the permission with the permission_id of 1.
       "href" : "http://your.ambari.server/api/v1/permissions/1",
       "PermissionInfo" : {
         "permission_id" : 1,
-        "permission_name" : "AMBARI.ADMIN",
+        "permission_name" : "AMBARI.ADMINISTRATOR",
         "permission_label" : "Administrator",
         "resource_name" : "AMBARI"
       }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
index 8dd7a04..2001a7d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
@@ -4419,7 +4419,7 @@ public class AmbariManagementControllerImpl implements AmbariManagementControlle
         PrivilegeEntity privilegeEntity = authority.getPrivilegeEntity();
         Integer permissionId = privilegeEntity.getPermission().getId();
 
-        if (permissionId.equals(PermissionEntity.AMBARI_ADMIN_PERMISSION)) {
+        if (permissionId.equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)) {
           isAuthorized = true;
           break;
         }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProvider.java
index c9e2a83..b2d8018 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProvider.java
@@ -73,12 +73,12 @@ public class ClusterPrivilegeResourceProvider extends PrivilegeResourceProvider<
   }
 
   /**
-   * The built-in VIEW.USE permission.
+   * The built-in VIEW.USER permission.
    */
   private final PermissionEntity clusterReadPermission;
 
   /**
-   * The built-in VIEW.USE permission.
+   * The built-in VIEW.USER permission.
    */
   private final PermissionEntity clusterOperatePermission;
 
@@ -90,8 +90,8 @@ public class ClusterPrivilegeResourceProvider extends PrivilegeResourceProvider<
    */
   public ClusterPrivilegeResourceProvider() {
     super(propertyIds, keyPropertyIds, Resource.Type.ClusterPrivilege);
-    clusterReadPermission = permissionDAO.findById(PermissionEntity.CLUSTER_READ_PERMISSION);
-    clusterOperatePermission = permissionDAO.findById(PermissionEntity.CLUSTER_OPERATE_PERMISSION);
+    clusterReadPermission = permissionDAO.findById(PermissionEntity.CLUSTER_USER_PERMISSION);
+    clusterOperatePermission = permissionDAO.findById(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION);
   }
 
 
@@ -163,8 +163,8 @@ public class ClusterPrivilegeResourceProvider extends PrivilegeResourceProvider<
 
   @Override
   protected PermissionEntity getPermission(String permissionName, ResourceEntity resourceEntity) throws AmbariException {
-    return (permissionName.equals(PermissionEntity.CLUSTER_READ_PERMISSION_NAME)) ? clusterReadPermission :
-        permissionName.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION_NAME) ? clusterOperatePermission :
+    return (permissionName.equals(PermissionEntity.CLUSTER_USER_PERMISSION_NAME)) ? clusterReadPermission :
+        permissionName.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION_NAME) ? clusterOperatePermission :
         super.getPermission(permissionName, resourceEntity);
   }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProvider.java
index 2c016e4..090805e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProvider.java
@@ -74,7 +74,7 @@ public class ViewPrivilegeResourceProvider extends PrivilegeResourceProvider<Vie
   }
 
   /**
-   * The built-in VIEW.USE permission.
+   * The built-in VIEW.USER permission.
    */
   private final PermissionEntity viewUsePermission;
 
@@ -86,7 +86,7 @@ public class ViewPrivilegeResourceProvider extends PrivilegeResourceProvider<Vie
    */
   public ViewPrivilegeResourceProvider() {
     super(propertyIds, keyPropertyIds, Resource.Type.ViewPrivilege);
-    viewUsePermission = permissionDAO.findById(PermissionEntity.VIEW_USE_PERMISSION);
+    viewUsePermission = permissionDAO.findById(PermissionEntity.VIEW_USER_PERMISSION);
   }
 
 
@@ -202,7 +202,7 @@ public class ViewPrivilegeResourceProvider extends PrivilegeResourceProvider<Vie
 
   @Override
   protected PermissionEntity getPermission(String permissionName, ResourceEntity resourceEntity) throws AmbariException {
-    return (permissionName.equals(PermissionEntity.VIEW_USE_PERMISSION_NAME)) ?
+    return (permissionName.equals(PermissionEntity.VIEW_USER_PERMISSION_NAME)) ?
         viewUsePermission : super.getPermission(permissionName, resourceEntity);
   }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/WidgetResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/WidgetResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/WidgetResourceProvider.java
index 5fc20fb..e6953a9 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/WidgetResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/WidgetResourceProvider.java
@@ -382,9 +382,9 @@ public class WidgetResourceProvider extends AbstractControllerResourceProvider {
     boolean hasPermissionForClusterScope = false;
     for (GrantedAuthority grantedAuthority : securityContext.getAuthentication().getAuthorities()) {
       if (((AmbariGrantedAuthority) grantedAuthority).getPrivilegeEntity().getPermission().getId()
-              == PermissionEntity.AMBARI_ADMIN_PERMISSION ||
+              == PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION ||
               ((AmbariGrantedAuthority) grantedAuthority).getPrivilegeEntity().getPermission().getId()
-                      == PermissionEntity.CLUSTER_OPERATE_PERMISSION) {
+                      == PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION) {
         hasPermissionForClusterScope = true;
       }
     }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java
index bf6ec3a..5d1a04a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java
@@ -90,8 +90,8 @@ public class PermissionDAO {
    */
   @RequiresSession
   public PermissionEntity findPermissionByNameAndType(String name, ResourceTypeEntity resourceType) {
-    if (name.equals(PermissionEntity.VIEW_USE_PERMISSION_NAME)) {
-      // VIEW.USE permission should be available for any type of views
+    if (name.equals(PermissionEntity.VIEW_USER_PERMISSION_NAME)) {
+      // VIEW.USER permission should be available for any type of views
       return findViewUsePermission();
     }
     TypedQuery<PermissionEntity> query = entityManagerProvider.get().createQuery("SELECT p FROM PermissionEntity p WHERE p.permissionName=:permissionname AND p.resourceType=:resourcetype", PermissionEntity.class);
@@ -101,42 +101,42 @@ public class PermissionDAO {
   }
 
   /**
-   * Find AMBARI.ADMIN permission.
+   * Find AMBARI.ADMINISTRATOR permission.
    *
    * @return a matching permission entity or null
    */
   @RequiresSession
   public PermissionEntity findAmbariAdminPermission() {
-    return findById(PermissionEntity.AMBARI_ADMIN_PERMISSION);
+    return findById(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
   }
 
   /**
-   * Find VIEW.USE permission.
+   * Find VIEW.USER permission.
    *
    * @return a matching permission entity or null
    */
   @RequiresSession
   public PermissionEntity findViewUsePermission() {
-    return findById(PermissionEntity.VIEW_USE_PERMISSION);
+    return findById(PermissionEntity.VIEW_USER_PERMISSION);
   }
 
   /**
-   * Find CLUSTER.OPERATE permission.
+   * Find CLUSTER.ADMINISTRATOR permission.
    *
    * @return a matching permission entity or null
    */
   @RequiresSession
   public PermissionEntity findClusterOperatePermission() {
-    return findById(PermissionEntity.CLUSTER_OPERATE_PERMISSION);
+    return findById(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION);
   }
 
   /**
-   * Find CLUSTER.READ permission.
+   * Find CLUSTER.USER permission.
    *
    * @return a matching permission entity or null
    */
   @RequiresSession
   public PermissionEntity findClusterReadPermission() {
-    return findById(PermissionEntity.CLUSTER_READ_PERMISSION);
+    return findById(PermissionEntity.CLUSTER_USER_PERMISSION);
   }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
index 650b0db..976aecc 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
@@ -45,18 +45,18 @@ public class PermissionEntity {
   /**
    * Admin permission id constants.
    */
-  public static final int AMBARI_ADMIN_PERMISSION    = 1;
-  public static final int CLUSTER_READ_PERMISSION    = 2;
-  public static final int CLUSTER_OPERATE_PERMISSION = 3;
-  public static final int VIEW_USE_PERMISSION        = 4;
+  public static final int AMBARI_ADMINISTRATOR_PERMISSION = 1;
+  public static final int CLUSTER_USER_PERMISSION = 2;
+  public static final int CLUSTER_ADMINISTRATOR_PERMISSION = 3;
+  public static final int VIEW_USER_PERMISSION = 4;
 
   /**
    * Admin permission name constants.
    */
-  public static final String AMBARI_ADMIN_PERMISSION_NAME    = "AMBARI.ADMIN";
-  public static final String CLUSTER_READ_PERMISSION_NAME    = "CLUSTER.READ";
-  public static final String CLUSTER_OPERATE_PERMISSION_NAME = "CLUSTER.OPERATE";
-  public static final String VIEW_USE_PERMISSION_NAME        = "VIEW.USE";
+  public static final String AMBARI_ADMINISTRATOR_PERMISSION_NAME = "AMBARI.ADMINISTRATOR";
+  public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER";
+  public static final String CLUSTER_ADMINISTRATOR_PERMISSION_NAME = "CLUSTER.ADMINISTRATOR";
+  public static final String VIEW_USER_PERMISSION_NAME = "VIEW.USER";
 
   /**
    * The permission id.

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
index 46b751d..81794d8 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
@@ -118,7 +118,7 @@ public class AmbariAuthorizationFilter implements Filter {
           Integer permissionId = privilegeEntity.getPermission().getId();
 
           // admin has full access
-          if (permissionId.equals(PermissionEntity.AMBARI_ADMIN_PERMISSION)) {
+          if (permissionId.equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)) {
             authorized = true;
             break;
           }
@@ -126,36 +126,36 @@ public class AmbariAuthorizationFilter implements Filter {
           // clusters require permission
           if (!"GET".equalsIgnoreCase(httpRequest.getMethod()) && requestURI.matches(API_CREDENTIALS_AMBARI_PATTERN)) {
             // Only the administrator can operate on credentials where the alias starts with "ambari."
-            if (permissionId.equals(PermissionEntity.AMBARI_ADMIN_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)) {
               authorized = true;
               break;
             }
           } else if (requestURI.matches(API_CREDENTIALS_ALL_PATTERN)) {
-            if (permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
               authorized = true;
               break;
             }
           } else if (requestURI.matches(API_CLUSTERS_ALL_PATTERN)) {
-            if (permissionId.equals(PermissionEntity.CLUSTER_READ_PERMISSION) ||
-              permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.CLUSTER_USER_PERMISSION) ||
+              permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
               authorized = true;
               break;
             }
           } else if (STACK_ADVISOR_REGEX.matcher(requestURI).matches()) {
             //TODO permissions model doesn't manage stacks api, but we need access to stack advisor to save configs
-            if (permissionId.equals(PermissionEntity.CLUSTER_READ_PERMISSION) ||
-                permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.CLUSTER_USER_PERMISSION) ||
+                permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
               authorized = true;
               break;
             }
           } else if (requestURI.matches(API_VIEWS_ALL_PATTERN)) {
             // views require permission
-            if (permissionId.equals(PermissionEntity.VIEW_USE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.VIEW_USER_PERMISSION)) {
               authorized = true;
               break;
             }
           } else if (requestURI.matches(API_PERSIST_ALL_PATTERN)) {
-            if (permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
               authorized = true;
               break;
             }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
index ab48ddd..720918b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/User.java
@@ -53,7 +53,7 @@ public class User {
       groups.add(memberEntity.getGroup().getGroupName());
     }
     for (PrivilegeEntity privilegeEntity: userEntity.getPrincipal().getPrivileges()) {
-      if (privilegeEntity.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMIN_PERMISSION_NAME)) {
+      if (privilegeEntity.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME)) {
         admin = true;
         break;
       }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
index 29b9ec3..de4a0d0 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
@@ -138,7 +138,7 @@ public class Users {
 
     boolean isCurrentUserAdmin = false;
     for (PrivilegeEntity privilegeEntity: currentUserEntity.getPrincipal().getPrivileges()) {
-      if (privilegeEntity.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMIN_PERMISSION_NAME)) {
+      if (privilegeEntity.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME)) {
         isCurrentUserAdmin = true;
         break;
       }
@@ -424,7 +424,7 @@ public class Users {
   }
 
   /**
-   * Grants AMBARI.ADMIN privilege to provided user.
+   * Grants AMBARI.ADMINISTRATOR privilege to provided user.
    *
    * @param user user
    */
@@ -443,14 +443,14 @@ public class Users {
   }
 
   /**
-   * Revokes AMBARI.ADMIN privilege from provided user.
+   * Revokes AMBARI.ADMINISTRATOR privilege from provided user.
    *
    * @param user user
    */
   public synchronized void revokeAdminPrivilege(Integer userId) {
     final UserEntity user = userDAO.findByPK(userId);
     for (PrivilegeEntity privilege: user.getPrincipal().getPrivileges()) {
-      if (privilege.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMIN_PERMISSION_NAME)) {
+      if (privilege.getPermission().getPermissionName().equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME)) {
         user.getPrincipal().getPrivileges().remove(privilege);
         principalDAO.merge(user.getPrincipal()); //explicit merge for Derby support
         userDAO.merge(user);
@@ -528,7 +528,7 @@ public class Users {
    * @return true if user can be removed
    */
   public synchronized boolean isUserCanBeRemoved(UserEntity userEntity){
-    List<PrincipalEntity> adminPrincipals = principalDAO.findByPermissionId(PermissionEntity.AMBARI_ADMIN_PERMISSION);
+    List<PrincipalEntity> adminPrincipals = principalDAO.findByPermissionId(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
     Set<UserEntity> userEntitysSet = new HashSet<UserEntity>(userDAO.findUsersByPrincipal(adminPrincipals));
     return (userEntitysSet.contains(userEntity) && userEntitysSet.size() < 2) ? false : true;
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
index 4494697..6d7a573 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java
@@ -50,8 +50,8 @@ public class InternalAuthenticationToken implements Authentication {
 
   private static void createAdminPrivilegeEntity(PrivilegeEntity entity) {
     PermissionEntity pe = new PermissionEntity();
-    pe.setId(PermissionEntity.AMBARI_ADMIN_PERMISSION);
-    pe.setPermissionName(PermissionEntity.AMBARI_ADMIN_PERMISSION_NAME);
+    pe.setId(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
+    pe.setPermissionName(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME);
     
     entity.setPermission(pe);
     

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
index c9ffee0..24c7bce 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClusterImpl.java
@@ -2840,10 +2840,10 @@ public class ClusterImpl implements Cluster {
     ResourceEntity resourceEntity = clusterEntity.getResource();
     if (resourceEntity != null) {
       Integer permissionId = privilegeEntity.getPermission().getId();
-      // CLUSTER.READ or CLUSTER.OPERATE for the given cluster resource.
+      // CLUSTER.USER or CLUSTER.ADMINISTRATOR for the given cluster resource.
       if (privilegeEntity.getResource().equals(resourceEntity)) {
-        if ((readOnly && permissionId.equals(PermissionEntity.CLUSTER_READ_PERMISSION)) ||
-            permissionId.equals(PermissionEntity.CLUSTER_OPERATE_PERMISSION)) {
+        if ((readOnly && permissionId.equals(PermissionEntity.CLUSTER_USER_PERMISSION)) ||
+            permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
           return true;
         }
       }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
index 9ea9581..310de34 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
@@ -930,7 +930,7 @@ public class ClustersImpl implements Clusters {
         Integer                permissionId    = privilegeEntity.getPermission().getId();
 
         // admin has full access
-        if (permissionId.equals(PermissionEntity.AMBARI_ADMIN_PERMISSION)) {
+        if (permissionId.equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)) {
           return true;
         }
         if (cluster != null) {

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java
index 30cb1ca..4251111 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog220.java
@@ -20,18 +20,16 @@ package org.apache.ambari.server.upgrade;
 
 import java.sql.SQLException;
 
-import com.google.inject.Provider;
 import org.apache.ambari.server.AmbariException;
 import org.apache.ambari.server.orm.DBAccessor.DBColumnInfo;
 import org.apache.ambari.server.orm.dao.DaoUtils;
+import org.apache.ambari.server.orm.entities.PermissionEntity;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import com.google.inject.Inject;
 import com.google.inject.Injector;
 
-import javax.persistence.EntityManager;
-
 
 /**
  * Upgrade catalog for version 2.2.0.
@@ -44,6 +42,8 @@ public class UpgradeCatalog220 extends AbstractUpgradeCatalog {
   private static final String USER_TYPE_COL = "user_type";
 
   private static final String ADMIN_PERMISSION_TABLE = "adminpermission";
+  private static final String PERMISSION_ID_COL = "permission_id";
+  private static final String PERMISSION_NAME_COL = "permission_name";
   private static final String PERMISSION_LABEL_COL = "permission_label";
 
   @Inject
@@ -111,6 +111,7 @@ public class UpgradeCatalog220 extends AbstractUpgradeCatalog {
   @Override
   protected void executeDMLUpdates() throws AmbariException, SQLException {
     setPermissionLabels();
+    updatePermissionNames();
   }
 
 
@@ -122,14 +123,32 @@ public class UpgradeCatalog220 extends AbstractUpgradeCatalog {
   }
 
   private void setPermissionLabels() throws SQLException {
-    String updateStatement = "UPDATE " + ADMIN_PERMISSION_TABLE + " SET " + PERMISSION_LABEL_COL + "='%s' WHERE permission_id=%d";
-
-    dbAccessor.executeUpdate(String.format(updateStatement, "Administrator", 1));
-    dbAccessor.executeUpdate(String.format(updateStatement, "Read-Only", 2));
-    dbAccessor.executeUpdate(String.format(updateStatement, "Operator", 3));
-    dbAccessor.executeUpdate(String.format(updateStatement, "Use View", 4));
+    String updateStatement = "UPDATE " + ADMIN_PERMISSION_TABLE + " SET " + PERMISSION_LABEL_COL + "='%s' WHERE " + PERMISSION_ID_COL + "=%d";
+
+    LOG.info("Setting permission labels");
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        "Administrator", PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        "Cluster User", PermissionEntity.CLUSTER_USER_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        "Cluster Administrator", PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        "View User", PermissionEntity.VIEW_USER_PERMISSION));
   }
 
-
+  private void updatePermissionNames() throws SQLException {
+    String updateStatement = "UPDATE " + ADMIN_PERMISSION_TABLE + " SET " + PERMISSION_NAME_COL + "='%s' WHERE " + PERMISSION_ID_COL + "=%d";
+
+    // Update permissions names
+    LOG.info("Updating permission names");
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME, PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        PermissionEntity.CLUSTER_USER_PERMISSION_NAME, PermissionEntity.CLUSTER_USER_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION_NAME, PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        PermissionEntity.VIEW_USER_PERMISSION_NAME, PermissionEntity.VIEW_USER_PERMISSION));
+  }
 
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
index 1cf4323..c1c554c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
@@ -1391,13 +1391,13 @@ public class ViewRegistry {
         Integer                permissionId    = privilegeEntity.getPermission().getId();
 
         // admin has full access
-        if (permissionId.equals(PermissionEntity.AMBARI_ADMIN_PERMISSION)) {
+        if (permissionId.equals(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)) {
           return true;
         }
         if (resourceEntity != null) {
-          // VIEW.USE for the given view instance resource.
+          // VIEW.USER for the given view instance resource.
           if (privilegeEntity.getResource().equals(resourceEntity)) {
-            if (permissionId.equals(PermissionEntity.VIEW_USE_PERMISSION)) {
+            if (permissionId.equals(PermissionEntity.VIEW_USER_PERMISSION)) {
               return true;
             }
           }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
index fb2f568..65dacd1 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
@@ -992,13 +992,13 @@ insert into users(user_id, principal_id, user_name, user_password)
   select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
 insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMIN', 1, 'Administrator'
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
   union all
-  select 2, 'CLUSTER.READ', 2, 'Read-Only'
+  select 2, 'CLUSTER.USER', 2, 'Cluster User'
   union all
-  select 3, 'CLUSTER.OPERATE', 2, 'Operator'
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
   union all
-  select 4, 'VIEW.USE', 3, 'Use View';
+  select 4, 'VIEW.USER', 3, 'View User';
 
 insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
   select 1, 1, 1, 1;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
index 162ef33..626b47a 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
@@ -984,13 +984,13 @@ insert into users(user_id, principal_id, user_name, user_password)
 select 1,1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00' from dual;
 
 insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMIN', 1, 'Administrator' from dual
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' from dual
   union all
-  select 2, 'CLUSTER.READ', 2, 'Read-Only' from dual
+  select 2, 'CLUSTER.USER', 2, 'Cluster User' from dual
   union all
-  select 3, 'CLUSTER.OPERATE', 2, 'Operator' from dual
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' from dual
   union all
-  select 4, 'VIEW.USE', 3, 'Use View' from dual;
+  select 4, 'VIEW.USER', 3, 'View User' from dual;
 
 insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
   select 1, 1, 1, 1 from dual;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
index fe58235..d42fc9f 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
@@ -1028,13 +1028,13 @@ INSERT INTO Users (user_id, principal_id, user_name, user_password)
   SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
 insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  SELECT 1, 'AMBARI.ADMIN', 1, 'Administrator'
+  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
   UNION ALL
-  SELECT 2, 'CLUSTER.READ', 2, 'Read-Only'
+  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User'
   UNION ALL
-  SELECT 3, 'CLUSTER.OPERATE', 2, 'Operator'
+  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
   UNION ALL
-  SELECT 4, 'VIEW.USE', 3, 'Use View';
+  SELECT 4, 'VIEW.USER', 3, 'View User';
 
 INSERT INTO adminprivilege (privilege_id, permission_id, resource_id, principal_id)
   SELECT 1, 1, 1, 1;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
index 7e145c4..3981ab2 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
@@ -1124,13 +1124,13 @@ INSERT INTO ambari.Users (user_id, principal_id, user_name, user_password)
   SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
 insert into ambari.adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  SELECT 1, 'AMBARI.ADMIN', 1, 'Administrator'
+  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
   UNION ALL
-  SELECT 2, 'CLUSTER.READ', 2, 'Read-Only'
+  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User'
   UNION ALL
-  SELECT 3, 'CLUSTER.OPERATE', 2, 'Operator'
+  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
   UNION ALL
-  SELECT 4, 'VIEW.USE', 3, 'Use View';
+  SELECT 4, 'VIEW.USER', 3, 'View User';
 
 INSERT INTO ambari.adminprivilege (privilege_id, permission_id, resource_id, principal_id)
   SELECT 1, 1, 1, 1;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
index 0080e46..1e64394 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
@@ -980,13 +980,13 @@ insert into users(user_id, principal_id, user_name, user_password)
   select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
 insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMIN', 1, 'Administrator'
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
   union all
-  select 2, 'CLUSTER.READ', 2, 'Read-Only'
+  select 2, 'CLUSTER.USER', 2, 'Cluster User'
   union all
-  select 3, 'CLUSTER.OPERATE', 2, 'Operator'
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
   union all
-  select 4, 'VIEW.USE', 3, 'Use View';
+  select 4, 'VIEW.USER', 3, 'View User';
 
 insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
   select 1, 1, 1, 1;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
index 6bfe344..9cde02c 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
@@ -1097,10 +1097,10 @@ BEGIN TRANSACTION
 
   insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
   values
-    (1, 'AMBARI.ADMIN', 1, 'Administrator'),
-    (2, 'CLUSTER.READ', 2, 'Read-Only'),
-    (3, 'CLUSTER.OPERATE', 2, 'Operator'),
-    (4, 'VIEW.USE', 3, 'Use View');
+    (1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'),
+    (2, 'CLUSTER.USER', 2, 'Cluster User'),
+    (3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'),
+    (4, 'VIEW.USER', 3, 'View User');
 
   insert into adminprivilege (privilege_id, permission_id, resource_id, principal_id)
     select 1, 1, 1, 1;

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
index a6536c7..6286aea 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/AmbariPrivilegeResourceProviderTest.java
@@ -133,7 +133,7 @@ public class AmbariPrivilegeResourceProviderTest {
     expect(principalEntity.getId()).andReturn(1L).anyTimes();
     expect(userEntity.getPrincipal()).andReturn(principalEntity).anyTimes();
     expect(userEntity.getUserName()).andReturn("joe").anyTimes();
-    expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMIN").anyTimes();
+    expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMINISTRATOR").anyTimes();
     expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).anyTimes();
     expect(principalTypeEntity.getName()).andReturn("USER").anyTimes();
 
@@ -152,7 +152,7 @@ public class AmbariPrivilegeResourceProviderTest {
 
     Resource resource = resources.iterator().next();
 
-    Assert.assertEquals("AMBARI.ADMIN", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("AMBARI.ADMINISTRATOR", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("joe", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
 
@@ -179,7 +179,7 @@ public class AmbariPrivilegeResourceProviderTest {
     expect(ambariPrincipalEntity.getId()).andReturn(1L).anyTimes();
     expect(ambariUserEntity.getPrincipal()).andReturn(ambariPrincipalEntity).anyTimes();
     expect(ambariUserEntity.getUserName()).andReturn("joe").anyTimes();
-    expect(ambariPermissionEntity.getPermissionName()).andReturn("AMBARI.ADMIN").anyTimes();
+    expect(ambariPermissionEntity.getPermissionName()).andReturn("AMBARI.ADMINISTRATOR").anyTimes();
     expect(ambariPrincipalEntity.getPrincipalType()).andReturn(ambariPrincipalTypeEntity).anyTimes();
     expect(ambariPrincipalTypeEntity.getName()).andReturn("USER").anyTimes();
 
@@ -208,7 +208,7 @@ public class AmbariPrivilegeResourceProviderTest {
     expect(viewInstanceEntity.getResource()).andReturn(viewResourceEntity).anyTimes();
     expect(viewUserEntity.getPrincipal()).andReturn(viewPrincipalEntity).anyTimes();
     expect(viewUserEntity.getUserName()).andReturn("bob").anyTimes();
-    expect(viewPermissionEntity.getPermissionName()).andReturn("VIEW.USE").anyTimes();
+    expect(viewPermissionEntity.getPermissionName()).andReturn("VIEW.USER").anyTimes();
     expect(viewPrincipalEntity.getPrincipalType()).andReturn(viewPrincipalTypeEntity).anyTimes();
     expect(viewPrincipalTypeEntity.getName()).andReturn("USER").anyTimes();
 
@@ -230,7 +230,7 @@ public class AmbariPrivilegeResourceProviderTest {
     expect(clusterPrincipalEntity.getId()).andReturn(8L).anyTimes();
     expect(clusterUserEntity.getPrincipal()).andReturn(clusterPrincipalEntity).anyTimes();
     expect(clusterUserEntity.getUserName()).andReturn("jeff").anyTimes();
-    expect(clusterPermissionEntity.getPermissionName()).andReturn("CLUSTER.READ").anyTimes();
+    expect(clusterPermissionEntity.getPermissionName()).andReturn("CLUSTER.USER").anyTimes();
     expect(clusterPrincipalEntity.getPrincipalType()).andReturn(clusterPrincipalTypeEntity).anyTimes();
     expect(clusterPrincipalTypeEntity.getName()).andReturn("USER").anyTimes();
     expect(clusterEntity.getResource()).andReturn(clusterResourceEntity).anyTimes();
@@ -275,7 +275,7 @@ public class AmbariPrivilegeResourceProviderTest {
     Resource resource1 = resourceMap.get(31);
 
     Assert.assertEquals(5, resource1.getPropertiesMap().get("PrivilegeInfo").size());
-    Assert.assertEquals("AMBARI.ADMIN", resource1.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("AMBARI.ADMINISTRATOR", resource1.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("joe", resource1.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource1.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
     Assert.assertEquals(31, resource1.getPropertyValue(AmbariPrivilegeResourceProvider.PRIVILEGE_ID_PROPERTY_ID));
@@ -284,7 +284,7 @@ public class AmbariPrivilegeResourceProviderTest {
     Resource resource2 = resourceMap.get(32);
 
     Assert.assertEquals(6, resource2.getPropertiesMap().get("PrivilegeInfo").size());
-    Assert.assertEquals("CLUSTER.READ", resource2.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("CLUSTER.USER", resource2.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("jeff", resource2.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource2.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
     Assert.assertEquals(32, resource2.getPropertyValue(AmbariPrivilegeResourceProvider.PRIVILEGE_ID_PROPERTY_ID));
@@ -294,7 +294,7 @@ public class AmbariPrivilegeResourceProviderTest {
     Resource resource3 = resourceMap.get(33);
 
     Assert.assertEquals(8, resource3.getPropertiesMap().get("PrivilegeInfo").size());
-    Assert.assertEquals("VIEW.USE", resource3.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("VIEW.USER", resource3.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("bob", resource3.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource3.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
     Assert.assertEquals(33, resource3.getPropertyValue(AmbariPrivilegeResourceProvider.PRIVILEGE_ID_PROPERTY_ID));

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
index 148c139..62ff60d 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ClusterPrivilegeResourceProviderTest.java
@@ -105,7 +105,7 @@ public class ClusterPrivilegeResourceProviderTest {
     expect(principalEntity.getId()).andReturn(20L).anyTimes();
     expect(userEntity.getPrincipal()).andReturn(principalEntity).anyTimes();
     expect(userEntity.getUserName()).andReturn("joe").anyTimes();
-    expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.OPERATE").anyTimes();
+    expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.ADMINISTRATOR").anyTimes();
     expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).anyTimes();
     expect(principalTypeEntity.getName()).andReturn("USER").anyTimes();
     expect(clusterEntity.getResource()).andReturn(resourceEntity);
@@ -131,7 +131,7 @@ public class ClusterPrivilegeResourceProviderTest {
 
     Resource resource = resources.iterator().next();
 
-    Assert.assertEquals("CLUSTER.OPERATE", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("CLUSTER.ADMINISTRATOR", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("joe", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
 
@@ -145,7 +145,7 @@ public class ClusterPrivilegeResourceProviderTest {
     PermissionEntity permissionEntity = createNiceMock(PermissionEntity.class);
     Request request = createNiceMock(Request.class);
 
-    expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.OPERATE").anyTimes();
+    expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.ADMINISTRATOR").anyTimes();
     expect(permissionDAO.findById(2)).andReturn(permissionEntity);
     expect(permissionDAO.findById(3)).andReturn(permissionEntity);
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
index 5737b7c..7658c0f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
@@ -82,7 +82,7 @@ public class PermissionResourceProviderTest {
 
     expect(dao.findAll()).andReturn(permissionEntities);
     expect(permissionEntity.getId()).andReturn(99);
-    expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMIN");
+    expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMINISTRATOR");
     expect(permissionEntity.getPermissionLabel()).andReturn("Administrator");
     expect(permissionEntity.getResourceType()).andReturn(resourceTypeEntity);
     expect(resourceTypeEntity.getName()).andReturn("AMBARI");
@@ -95,7 +95,7 @@ public class PermissionResourceProviderTest {
     Resource resource = resources.iterator().next();
 
     Assert.assertEquals(99, resource.getPropertyValue(PermissionResourceProvider.PERMISSION_ID_PROPERTY_ID));
-    Assert.assertEquals("AMBARI.ADMIN", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("AMBARI.ADMINISTRATOR", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("Administrator", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_LABEL_PROPERTY_ID));
     Assert.assertEquals("AMBARI", resource.getPropertyValue(PermissionResourceProvider.RESOURCE_NAME_PROPERTY_ID));
     verify(dao, permissionEntity, resourceTypeEntity);

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
index a84cc3f..94f6fd7 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
@@ -189,7 +189,7 @@ public class UserResourceProviderTest {
     expect(user.getUserId()).andReturn(1000).once();
 
     expect(privilegeEntity.getPermission()).andReturn(permissionEntity).once();
-    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMIN_PERMISSION).once();
+    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION).once();
 
     securityHelper.getCurrentAuthorities();
     expectLastCall().andReturn(currentAuthorities).once();
@@ -293,7 +293,7 @@ public class UserResourceProviderTest {
     expect(user.getUserName()).andReturn("User100").once();
 
     expect(privilegeEntity.getPermission()).andReturn(permissionEntity).once();
-    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMIN_PERMISSION).once();
+    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION).once();
 
     securityHelper.getCurrentAuthorities();
     expectLastCall().andReturn(currentAuthorities).once();
@@ -397,7 +397,7 @@ public class UserResourceProviderTest {
     expect(user.getUserName()).andReturn("User100").once();
 
     expect(privilegeEntity.getPermission()).andReturn(permissionEntity).anyTimes();
-    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMIN_PERMISSION).anyTimes();
+    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION).anyTimes();
 
     securityHelper.getCurrentAuthorities();
     expectLastCall().andReturn(currentAuthorities).anyTimes();

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java
index ed8aed0..c156a38 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ViewPrivilegeResourceProviderTest.java
@@ -136,11 +136,11 @@ public class ViewPrivilegeResourceProviderTest {
     expect(principalEntity.getId()).andReturn(20L).anyTimes();
     expect(userEntity.getPrincipal()).andReturn(principalEntity).anyTimes();
     expect(userEntity.getUserName()).andReturn("joe").anyTimes();
-    expect(permissionEntity.getPermissionName()).andReturn("VIEW.USE").anyTimes();
+    expect(permissionEntity.getPermissionName()).andReturn("VIEW.USER").anyTimes();
     expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).anyTimes();
     expect(principalTypeEntity.getName()).andReturn("USER").anyTimes();
 
-    expect(permissionDAO.findById(PermissionEntity.VIEW_USE_PERMISSION)).andReturn(permissionEntity);
+    expect(permissionDAO.findById(PermissionEntity.VIEW_USER_PERMISSION)).andReturn(permissionEntity);
 
     expect(userDAO.findUsersByPrincipal(principalEntities)).andReturn(userEntities);
     expect(groupDAO.findGroupsByPrincipal(principalEntities)).andReturn(Collections.<GroupEntity>emptyList());
@@ -155,7 +155,7 @@ public class ViewPrivilegeResourceProviderTest {
 
     Resource resource = resources.iterator().next();
 
-    Assert.assertEquals("VIEW.USE", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
+    Assert.assertEquals("VIEW.USER", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("joe", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID));
     Assert.assertEquals("USER", resource.getPropertyValue(AmbariPrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID));
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
index 251692f..2efab89 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
@@ -96,7 +96,7 @@ public class AmbariAuthorizationFilterTest {
       }
     });
 
-    expect(permission.getId()).andReturn(PermissionEntity.CLUSTER_OPERATE_PERMISSION);
+    expect(permission.getId()).andReturn(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION);
 
     // expect continue filtering
     chain.doFilter(request, response);
@@ -137,7 +137,7 @@ public class AmbariAuthorizationFilterTest {
 
 
     expect(request.getMethod()).andReturn("POST").anyTimes();
-    expect(permission.getId()).andReturn(PermissionEntity.VIEW_USE_PERMISSION);
+    expect(permission.getId()).andReturn(PermissionEntity.VIEW_USER_PERMISSION);
 
     // expect permission denial
     response.setHeader("WWW-Authenticate", "Basic realm=\"AuthFilter\"");
@@ -184,7 +184,7 @@ public class AmbariAuthorizationFilterTest {
     urlTests.put("/any/other/URL", "GET", true);
     urlTests.put("/any/other/URL", "POST", true);
 
-    performGeneralDoFilterTest("admin", new int[] {PermissionEntity.AMBARI_ADMIN_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("admin", new int[] {PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION}, urlTests, false);
   }
 
   @Test
@@ -217,7 +217,7 @@ public class AmbariAuthorizationFilterTest {
     urlTests.put("/any/other/URL", "GET", true);
     urlTests.put("/any/other/URL", "POST", false);
 
-    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.CLUSTER_READ_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.CLUSTER_USER_PERMISSION}, urlTests, false);
   }
 
   @Test
@@ -250,7 +250,7 @@ public class AmbariAuthorizationFilterTest {
     urlTests.put("/any/other/URL", "GET", true);
     urlTests.put("/any/other/URL", "POST", false);
 
-    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.CLUSTER_OPERATE_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION}, urlTests, false);
   }
 
   @Test
@@ -283,7 +283,7 @@ public class AmbariAuthorizationFilterTest {
     urlTests.put("/any/other/URL", "GET", true);
     urlTests.put("/any/other/URL", "POST", false);
 
-    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.VIEW_USE_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("user1", new int[] {PermissionEntity.VIEW_USER_PERMISSION}, urlTests, false);
   }
 
   @Test
@@ -331,9 +331,9 @@ public class AmbariAuthorizationFilterTest {
     final Table<String, String, Boolean> urlTests = HashBasedTable.create();
     urlTests.put("/api/v1/stacks/HDP/versions/2.3/validations", "POST", true);
     urlTests.put("/api/v1/stacks/HDP/versions/2.3/recommendations", "POST", true);
-    performGeneralDoFilterTest("user1", new int[] { PermissionEntity.CLUSTER_OPERATE_PERMISSION }, urlTests, false);
-    performGeneralDoFilterTest("user2", new int[] { PermissionEntity.CLUSTER_READ_PERMISSION }, urlTests, false);
-    performGeneralDoFilterTest("admin", new int[] { PermissionEntity.AMBARI_ADMIN_PERMISSION }, urlTests, false);
+    performGeneralDoFilterTest("user1", new int[] { PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("user2", new int[] { PermissionEntity.CLUSTER_USER_PERMISSION}, urlTests, false);
+    performGeneralDoFilterTest("admin", new int[] { PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION}, urlTests, false);
   }
 
   /**
@@ -382,7 +382,7 @@ public class AmbariAuthorizationFilterTest {
       @Override
       public Boolean answer() throws Throwable {
         for (int permissionGranted: permissionsGranted) {
-          if (permissionGranted == PermissionEntity.VIEW_USE_PERMISSION) {
+          if (permissionGranted == PermissionEntity.VIEW_USER_PERMISSION) {
             return true;
           }
         }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java
index 6858d8d..c094934 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java
@@ -63,13 +63,13 @@ public class AuthorizationHelperTest {
     permissionEntity1.setPermissionName("Permission1");
     permissionEntity1.setResourceType(resourceTypeEntity);
     permissionEntity1.setId(2);
-    permissionEntity1.setPermissionName("CLUSTER.READ");
+    permissionEntity1.setPermissionName("CLUSTER.USER");
 
     PermissionEntity permissionEntity2 = new PermissionEntity();
     permissionEntity2.setPermissionName("Permission1");
     permissionEntity2.setResourceType(resourceTypeEntity);
     permissionEntity2.setId(3);
-    permissionEntity2.setPermissionName("CLUSTER.OPERATE");
+    permissionEntity2.setPermissionName("CLUSTER.ADMINISTRATOR");
 
     PrivilegeEntity privilegeEntity1 = new PrivilegeEntity();
     privilegeEntity1.setId(1);
@@ -95,8 +95,8 @@ public class AuthorizationHelperTest {
     for (GrantedAuthority authority : authorities) {
       authorityNames.add(authority.getAuthority());
     }
-    Assert.assertTrue(authorityNames.contains("CLUSTER.READ@1"));
-    Assert.assertTrue(authorityNames.contains("CLUSTER.OPERATE@1"));
+    Assert.assertTrue(authorityNames.contains("CLUSTER.USER@1"));
+    Assert.assertTrue(authorityNames.contains("CLUSTER.ADMINISTRATOR@1"));
   }
 
   @Test

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java
index d3eb071..a2a94ed 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/TestUsers.java
@@ -109,8 +109,8 @@ public class TestUsers {
     resourceDAO.create(resourceEntity);
 
     PermissionEntity adminPermissionEntity = new PermissionEntity();
-    adminPermissionEntity.setId(PermissionEntity.AMBARI_ADMIN_PERMISSION);
-    adminPermissionEntity.setPermissionName(PermissionEntity.AMBARI_ADMIN_PERMISSION_NAME);
+    adminPermissionEntity.setId(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
+    adminPermissionEntity.setPermissionName(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME);
     adminPermissionEntity.setResourceType(resourceTypeEntity);
     permissionDAO.create(adminPermissionEntity);
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java
index 44ad1a6..87dbe03 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog220Test.java
@@ -31,6 +31,7 @@ import java.lang.reflect.Field;
 
 import org.apache.ambari.server.configuration.Configuration;
 import org.apache.ambari.server.orm.DBAccessor;
+import org.apache.ambari.server.orm.entities.PermissionEntity;
 import org.apache.ambari.server.state.stack.OsFamily;
 import org.easymock.Capture;
 import org.easymock.EasyMock;
@@ -87,14 +88,37 @@ public class UpgradeCatalog220Test {
     final DBAccessor dbAccessor     = createNiceMock(DBAccessor.class);
     UpgradeCatalog220 upgradeCatalog = (UpgradeCatalog220) getUpgradeCatalog(dbAccessor);
 
-    expect(dbAccessor.executeUpdate("UPDATE adminpermission SET permission_label='Administrator' WHERE permission_id=1"))
-    .andReturn(1).once();
-    expect(dbAccessor.executeUpdate("UPDATE adminpermission SET permission_label='Read-Only' WHERE permission_id=2"))
-    .andReturn(1).once();
-    expect(dbAccessor.executeUpdate("UPDATE adminpermission SET permission_label='Operator' WHERE permission_id=3"))
-    .andReturn(1).once();
-    expect(dbAccessor.executeUpdate("UPDATE adminpermission SET permission_label='Use View' WHERE permission_id=4"))
-    .andReturn(1).once();
+    String updateQueryPattern;
+
+    // Set permission labels
+    updateQueryPattern = "UPDATE adminpermission SET permission_label='%s' WHERE permission_id=%d";
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        "Administrator", PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)))
+        .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        "Cluster User", PermissionEntity.CLUSTER_USER_PERMISSION)))
+            .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        "Cluster Administrator", PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)))
+        .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        "View User", PermissionEntity.VIEW_USER_PERMISSION)))
+        .andReturn(1).once();
+
+    // Update permissions names
+    updateQueryPattern = "UPDATE adminpermission SET permission_name='%s' WHERE permission_id=%d";
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME, PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION)))
+        .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        PermissionEntity.CLUSTER_USER_PERMISSION_NAME, PermissionEntity.CLUSTER_USER_PERMISSION)))
+        .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION_NAME, PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)))
+        .andReturn(1).once();
+    expect(dbAccessor.executeUpdate(String.format(updateQueryPattern,
+        PermissionEntity.VIEW_USER_PERMISSION_NAME, PermissionEntity.VIEW_USER_PERMISSION)))
+        .andReturn(1).once();
 
     replay(dbAccessor);
     upgradeCatalog.executeDMLUpdates();

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
index f9dadcd..bac556e 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
@@ -1247,7 +1247,7 @@ public class ViewRegistryTest {
     EasyMock.expectLastCall().andReturn(authorities);
     expect(adminAuthority.getPrivilegeEntity()).andReturn(privilegeEntity);
     expect(privilegeEntity.getPermission()).andReturn(permissionEntity);
-    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMIN_PERMISSION);
+    expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
 
     expect(configuration.getApiAuthentication()).andReturn(true);
     replay(securityHelper, adminAuthority, privilegeEntity, permissionEntity, configuration);
@@ -1299,7 +1299,7 @@ public class ViewRegistryTest {
     expect(viewUseAuthority.getPrivilegeEntity()).andReturn(privilegeEntity).anyTimes();
     expect(privilegeEntity.getPermission()).andReturn(permissionEntity).anyTimes();
     expect(privilegeEntity.getResource()).andReturn(resourceEntity).anyTimes();
-    expect(permissionEntity.getId()).andReturn(PermissionEntity.VIEW_USE_PERMISSION).anyTimes();
+    expect(permissionEntity.getId()).andReturn(PermissionEntity.VIEW_USER_PERMISSION).anyTimes();
     securityHelper.getCurrentAuthorities();
     EasyMock.expectLastCall().andReturn(authorities).anyTimes();
     expect(configuration.getApiAuthentication()).andReturn(true);

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-views/docs/index.md
----------------------------------------------------------------------
diff --git a/ambari-views/docs/index.md b/ambari-views/docs/index.md
index 18f1fb3..302d6a7 100644
--- a/ambari-views/docs/index.md
+++ b/ambari-views/docs/index.md
@@ -376,7 +376,7 @@ For example …
       }
 
 ###Permissions
-The permission VIEW.USE can be granted on any view instance by an administrator.  A user that has VIEW.USE privilege on a view instance will be able to access the view instance.  See [API](#api).
+The permission VIEW.USER can be granted on any view instance by an administrator.  A user that has VIEW.USER privilege on a view instance will be able to access the view instance.  See [API](#api).
   
 ###Custom Permissions
 A view can define permissions in the view.xml descriptor. 

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/assets/data/users/privileges.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/users/privileges.json b/ambari-web/app/assets/data/users/privileges.json
index a461206..3c60252 100644
--- a/ambari-web/app/assets/data/users/privileges.json
+++ b/ambari-web/app/assets/data/users/privileges.json
@@ -4,7 +4,7 @@
     {
       "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges/1",
       "PrivilegeInfo" : {
-        "permission_name" : "AMBARI.ADMIN",
+        "permission_name" : "AMBARI.ADMINISTRATOR",
         "principal_name" : "admin",
         "principal_type" : "USER",
         "privilege_id" : 1

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/assets/data/users/privileges_admin.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/users/privileges_admin.json b/ambari-web/app/assets/data/users/privileges_admin.json
index a461206..3c60252 100644
--- a/ambari-web/app/assets/data/users/privileges_admin.json
+++ b/ambari-web/app/assets/data/users/privileges_admin.json
@@ -4,7 +4,7 @@
     {
       "href" : "http://c6401.ambari.apache.org:8080/api/v1/privileges/1",
       "PrivilegeInfo" : {
-        "permission_name" : "AMBARI.ADMIN",
+        "permission_name" : "AMBARI.ADMINISTRATOR",
         "principal_name" : "admin",
         "principal_type" : "USER",
         "privilege_id" : 1

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/assets/data/users/user_admin.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/users/user_admin.json b/ambari-web/app/assets/data/users/user_admin.json
index 72cd945..b85ce6d 100644
--- a/ambari-web/app/assets/data/users/user_admin.json
+++ b/ambari-web/app/assets/data/users/user_admin.json
@@ -9,7 +9,7 @@
   "privileges" : [
     {
       "PrivilegeInfo" : {
-        "permission_name" : "AMBARI.ADMIN",
+        "permission_name" : "AMBARI.ADMINISTRATOR",
         "privilege_id" : 1,
         "user_name" : "admin"
       }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/mappers/users_mapper.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/mappers/users_mapper.js b/ambari-web/app/mappers/users_mapper.js
index cdc8022..4f8cd06 100644
--- a/ambari-web/app/mappers/users_mapper.js
+++ b/ambari-web/app/mappers/users_mapper.js
@@ -53,7 +53,7 @@ App.usersMapper = App.QuickDataMapper.create({
    **/
   isAdmin: function(permissionList) {
     //TODO: Separate cluster operator from admin
-    return permissionList.indexOf('AMBARI.ADMIN') > -1 || permissionList.indexOf('CLUSTER.OPERATE') > -1;
+    return permissionList.indexOf('AMBARI.ADMINISTRATOR') > -1 || permissionList.indexOf('CLUSTER.ADMINISTRATOR') > -1;
   },
 
   /**
@@ -62,6 +62,6 @@ App.usersMapper = App.QuickDataMapper.create({
    * @return {Boolean}
    **/
   isOperator: function(permissionList) {
-    return permissionList.indexOf('CLUSTER.OPERATE') > -1 && !(permissionList.indexOf('AMBARI.ADMIN') > -1);
+    return permissionList.indexOf('CLUSTER.ADMINISTRATOR') > -1 && !(permissionList.indexOf('AMBARI.ADMINISTRATOR') > -1);
   }
 });

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/models/user.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/models/user.js b/ambari-web/app/models/user.js
index 8e73bcb..1b8359a 100644
--- a/ambari-web/app/models/user.js
+++ b/ambari-web/app/models/user.js
@@ -31,10 +31,10 @@ App.User = DS.Model.extend({
   /**
    * List of permissions assigned to user
    *  Available permissions:
-   *    AMBARI.ADMIN
-   *    CLUSTER.READ
-   *    CLUSTER.OPERATE
-   *    VIEW.USE
+   *    AMBARI.ADMINISTRATOR
+   *    CLUSTER.USER
+   *    CLUSTER.ADMINISTRATOR
+   *    VIEW.USER
    * @property {Array} permissions
    **/
   permissions: DS.attr('array'),

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/app/router.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/router.js b/ambari-web/app/router.js
index d3343c8..ae7ae6a 100644
--- a/ambari-web/app/router.js
+++ b/ambari-web/app/router.js
@@ -331,7 +331,7 @@ App.Router = Em.Router.extend({
   loginGetClustersSuccessCallback: function (clustersData, opt, params) {
     var privileges = params.loginData.privileges || [];
     var router = this;
-    var isAdmin = privileges.mapProperty('PrivilegeInfo.permission_name').contains('AMBARI.ADMIN');
+    var isAdmin = privileges.mapProperty('PrivilegeInfo.permission_name').contains('AMBARI.ADMINISTRATOR');
 
     App.set('isAdmin', isAdmin);
 
@@ -342,13 +342,13 @@ App.Router = Em.Router.extend({
 
       //cluster installed
       router.setClusterInstalled(clustersData);
-      if (clusterPermissions.contains('CLUSTER.OPERATE')) {
+      if (clusterPermissions.contains('CLUSTER.ADMINISTRATOR')) {
         App.setProperties({
           isAdmin: true,
           isOperator: true
         });
       }
-      if (isAdmin || clusterPermissions.contains('CLUSTER.READ') || clusterPermissions.contains('CLUSTER.OPERATE')) {
+      if (isAdmin || clusterPermissions.contains('CLUSTER.USER') || clusterPermissions.contains('CLUSTER.ADMINISTRATOR')) {
         router.transitionToApp();
       } else {
         router.transitionToViews();

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/test/mappers/users_mapper_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/mappers/users_mapper_test.js b/ambari-web/test/mappers/users_mapper_test.js
index 767a002..2ff0cd7 100644
--- a/ambari-web/test/mappers/users_mapper_test.js
+++ b/ambari-web/test/mappers/users_mapper_test.js
@@ -26,10 +26,10 @@ describe('App.usersMapper', function () {
 
   describe('#isAdmin', function() {
     var tests = [
-      {i:["AMBARI.ADMIN"],e:true,m:'has admin role'},
-      {i:["CLUSTER.READ", "AMBARI.ADMIN"],e:true,m:'has admin role'},
-      {i:["VIEW.USE"],e:false,m:'doesn\'t have admin role'},
-      {i:["CLUSTER.OPERATE"],e:true,m:'has admin role'}
+      {i:["AMBARI.ADMINISTRATOR"],e:true,m:'has admin role'},
+      {i:["CLUSTER.USER", "AMBARI.ADMINISTRATOR"],e:true,m:'has admin role'},
+      {i:["VIEW.USER"],e:false,m:'doesn\'t have admin role'},
+      {i:["CLUSTER.ADMINISTRATOR"],e:true,m:'has admin role'}
     ];
     tests.forEach(function(test) {
       it(test.m, function() {

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/ambari-web/test/router_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/router_test.js b/ambari-web/test/router_test.js
index cbdf4ea..2beb51e 100644
--- a/ambari-web/test/router_test.js
+++ b/ambari-web/test/router_test.js
@@ -245,7 +245,7 @@ describe('App.Router', function () {
           privileges: [{
             PrivilegeInfo: {
               cluster_name: 'c1',
-              permission_name: 'CLUSTER.OPERATE'
+              permission_name: 'CLUSTER.ADMINISTRATOR'
             }
           }]
         }
@@ -271,7 +271,7 @@ describe('App.Router', function () {
           privileges: [{
             PrivilegeInfo: {
               cluster_name: 'c1',
-              permission_name: 'CLUSTER.READ'
+              permission_name: 'CLUSTER.USER'
             }
           }]
         }
@@ -297,7 +297,7 @@ describe('App.Router', function () {
           privileges: [{
             PrivilegeInfo: {
               cluster_name: 'c1',
-              permission_name: 'AMBARI.ADMIN'
+              permission_name: 'AMBARI.ADMINISTRATOR'
             }
           }]
         }
@@ -340,7 +340,7 @@ describe('App.Router', function () {
           privileges: [{
             PrivilegeInfo: {
               cluster_name: 'c1',
-              permission_name: 'AMBARI.ADMIN'
+              permission_name: 'AMBARI.ADMINISTRATOR'
             }
           }]
         }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2ce7b635/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java
----------------------------------------------------------------------
diff --git a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java
index 2769931..7f1d489 100644
--- a/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java
+++ b/contrib/views/capacity-scheduler/src/main/java/org/apache/ambari/view/capacityscheduler/ConfigurationService.java
@@ -105,7 +105,7 @@ public class ConfigurationService {
   // Privilege Reading
   // ================================================================================
 
-  private static final String CLUSTER_OPERATOR_PRIVILEGE_URL = "?privileges/PrivilegeInfo/permission_name=CLUSTER.OPERATE&privileges/PrivilegeInfo/principal_name=%s";
+  private static final String CLUSTER_OPERATOR_PRIVILEGE_URL = "?privileges/PrivilegeInfo/permission_name=CLUSTER.ADMINISTRATOR&privileges/PrivilegeInfo/principal_name=%s";
   private static final String AMBARI_ADMIN_PRIVILEGE_URL = "/api/v1/users/%s?Users/admin=true";
 
   /**
@@ -267,12 +267,12 @@ public class ConfigurationService {
   private   boolean isOperator() {
       validateViewConfiguration();
             
-      // first check if the user is an CLUSTER.OPERATOR
+      // first check if the user is an CLUSTER.ADMINISTRATOR
       String url = String.format(CLUSTER_OPERATOR_PRIVILEGE_URL, context.getUsername());
       JSONObject json = readFromCluster(url);
 
       if (json == null || json.size() <= 0) {
-        // user is not a CLUSTER.OPERATOR but might be an AMBARI.ADMIN
+        // user is not a CLUSTER.ADMINISTRATOR but might be an AMBARI.ADMINISTRATOR
         url = String.format(AMBARI_ADMIN_PRIVILEGE_URL, context.getUsername());
         String response = ambariApi.readFromAmbari(url, "GET", null, null);
         if (response == null || response.isEmpty()) {


Mime
View raw message