ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jonathanhur...@apache.org
Subject [04/50] [abbrv] ambari git commit: AMBARI-14980. Provide explicit ordering for roles (rlevas)
Date Tue, 16 Feb 2016 18:30:09 GMT
AMBARI-14980. Provide explicit ordering for roles (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2871d674
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2871d674
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2871d674

Branch: refs/heads/branch-dev-patch-upgrade
Commit: 2871d674f57f46220c2448c6e5dbcb456f04878f
Parents: e049216
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Thu Feb 11 12:59:00 2016 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Thu Feb 11 12:59:04 2016 -0500

----------------------------------------------------------------------
 .../internal/PermissionResourceProvider.java    |  3 ++
 .../server/orm/entities/PermissionEntity.java   | 35 +++++++++++-
 .../server/upgrade/UpgradeCatalog240.java       | 32 ++++++++++-
 .../main/resources/Ambari-DDL-Derby-CREATE.sql  | 17 +++---
 .../main/resources/Ambari-DDL-MySQL-CREATE.sql  | 17 +++---
 .../main/resources/Ambari-DDL-Oracle-CREATE.sql | 19 +++----
 .../resources/Ambari-DDL-Postgres-CREATE.sql    | 17 +++---
 .../Ambari-DDL-Postgres-EMBEDDED-CREATE.sql     | 17 +++---
 .../resources/Ambari-DDL-SQLAnywhere-CREATE.sql | 17 +++---
 .../resources/Ambari-DDL-SQLServer-CREATE.sql   | 17 +++---
 .../PermissionResourceProviderTest.java         |  2 +
 .../server/upgrade/UpgradeCatalog240Test.java   | 57 ++++++++++++++++++--
 12 files changed, 187 insertions(+), 63 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java
index 640123e..86f8321 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PermissionResourceProvider.java
@@ -52,6 +52,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider
{
   public static final String PERMISSION_NAME_PROPERTY_ID = "PermissionInfo/permission_name";
   public static final String PERMISSION_LABEL_PROPERTY_ID = "PermissionInfo/permission_label";
   public static final String RESOURCE_NAME_PROPERTY_ID   = "PermissionInfo/resource_name";
+  public static final String SORT_ORDER_PROPERTY_ID   = "PermissionInfo/sort_order";
 
 
   /**
@@ -71,6 +72,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider
{
     propertyIds.add(PERMISSION_NAME_PROPERTY_ID);
     propertyIds.add(PERMISSION_LABEL_PROPERTY_ID);
     propertyIds.add(RESOURCE_NAME_PROPERTY_ID);
+    propertyIds.add(SORT_ORDER_PROPERTY_ID);
   }
 
 
@@ -156,6 +158,7 @@ public class PermissionResourceProvider extends AbstractResourceProvider
{
     setResourceProperty(resource, PERMISSION_NAME_PROPERTY_ID, entity.getPermissionName(),
requestedIds);
     setResourceProperty(resource, PERMISSION_LABEL_PROPERTY_ID, entity.getPermissionLabel(),
requestedIds);
     setResourceProperty(resource, RESOURCE_NAME_PROPERTY_ID, entity.getResourceType().getName(),
requestedIds);
+    setResourceProperty(resource, SORT_ORDER_PROPERTY_ID, entity.getSortOrder(), requestedIds);
 
     return resource;
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
index a692730..43fd71b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
@@ -57,8 +57,11 @@ public class PermissionEntity {
    * Admin permission name constants.
    */
   public static final String AMBARI_ADMINISTRATOR_PERMISSION_NAME = "AMBARI.ADMINISTRATOR";
-  public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER";
   public static final String CLUSTER_ADMINISTRATOR_PERMISSION_NAME = "CLUSTER.ADMINISTRATOR";
+  public static final String CLUSTER_OPERATOR_PERMISSION_NAME = "CLUSTER.OPERATOR";
+  public static final String SERVICE_ADMINISTRATOR_PERMISSION_NAME = "SERVICE.ADMINISTRATOR";
+  public static final String SERVICE_OPERATOR_PERMISSION_NAME = "SERVICE.OPERATOR";
+  public static final String CLUSTER_USER_PERMISSION_NAME = "CLUSTER.USER";
   public static final String VIEW_USER_PERMISSION_NAME = "VIEW.USER";
 
   /**
@@ -102,6 +105,11 @@ public class PermissionEntity {
   )
   private Collection<RoleAuthorizationEntity> authorizations;
 
+  /**
+   * The permission's explicit sort order
+   */
+  @Column(name = "sort_order", nullable = false)
+  private Integer sortOrder = 1;
 
   // ----- PermissionEntity ---------------------------------------------------
 
@@ -195,7 +203,28 @@ public class PermissionEntity {
     this.authorizations = authorizations;
   }
 
-// ----- Object overrides --------------------------------------------------
+  /**
+   * Gets the explicit sort order value for this PermissionEntity
+   * <p/>
+   * This value is used to help explicitly order permission entities. For example, order
from most
+   * permissive to least permissive.
+   *
+   * @return the explict sorting order value
+   */
+  public Integer getSortOrder() {
+    return sortOrder;
+  }
+
+  /**
+   * Sets the explicit sort order value for this PermissionEntity
+   *
+   * @param sortOrder a sorting order value
+   */
+  public void setSortOrder(Integer sortOrder) {
+    this.sortOrder = sortOrder;
+  }
+
+  // ----- Object overrides --------------------------------------------------
 
   @Override
   public boolean equals(Object o) {
@@ -208,6 +237,7 @@ public class PermissionEntity {
         !(permissionName != null ? !permissionName.equals(that.permissionName) : that.permissionName
!= null) &&
         !(permissionLabel != null ? !permissionLabel.equals(that.permissionLabel) : that.permissionLabel
!= null) &&
         !(resourceType != null ? !resourceType.equals(that.resourceType) : that.resourceType
!= null) &&
+        !(sortOrder != null ? !sortOrder.equals(that.sortOrder) : that.sortOrder != null)
&&
         !(authorizations != null ? !authorizations.equals(that.authorizations) : that.authorizations
!= null);
   }
 
@@ -217,6 +247,7 @@ public class PermissionEntity {
     result = 31 * result + (permissionName != null ? permissionName.hashCode() : 0);
     result = 31 * result + (permissionLabel != null ? permissionLabel.hashCode() : 0);
     result = 31 * result + (resourceType != null ? resourceType.hashCode() : 0);
+    result = 31 * result + (sortOrder != null ? sortOrder.hashCode() : 0);
     result = 31 * result + (authorizations != null ? authorizations.hashCode() : 0);
     return result;
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
index 3414388..2ea326a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog240.java
@@ -27,9 +27,11 @@ import com.google.inject.Inject;
 import com.google.inject.Injector;
 import org.apache.ambari.server.AmbariException;
 import org.apache.ambari.server.controller.AmbariManagementController;
+import org.apache.ambari.server.orm.DBAccessor;
 import org.apache.ambari.server.orm.dao.AlertDefinitionDAO;
 import org.apache.ambari.server.orm.dao.DaoUtils;
 import org.apache.ambari.server.orm.entities.AlertDefinitionEntity;
+import org.apache.ambari.server.orm.entities.PermissionEntity;
 import org.apache.ambari.server.state.Cluster;
 import org.apache.ambari.server.state.Clusters;
 import org.slf4j.Logger;
@@ -49,6 +51,10 @@ import java.util.UUID;
  */
 public class UpgradeCatalog240 extends AbstractUpgradeCatalog {
 
+  protected static final String ADMIN_PERMISSION_TABLE = "adminpermission";
+  protected static final String PERMISSION_ID_COL = "permission_name";
+  protected static final String SORT_ORDER_COL = "sort_order";
+
   @Inject
   DaoUtils daoUtils;
 
@@ -96,7 +102,7 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog {
 
   @Override
   protected void executeDDLUpdates() throws AmbariException, SQLException {
-    //To change body of implemented methods use File | Settings | File Templates.
+    updateAdminPermissionTable();
   }
 
   @Override
@@ -108,6 +114,7 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog {
   protected void executeDMLUpdates() throws AmbariException, SQLException {
     addNewConfigurationsFromXml();
     updateAlerts();
+    setRoleSortOrder();
 
   }
 
@@ -303,6 +310,29 @@ public class UpgradeCatalog240 extends AbstractUpgradeCatalog {
     return sourceJson.toString();
   }
 
+  protected void updateAdminPermissionTable() throws SQLException {
+    // Add the sort_order column to the adminpermission table
+    dbAccessor.addColumn(ADMIN_PERMISSION_TABLE, new DBAccessor.DBColumnInfo(SORT_ORDER_COL,
Short.class, null, 1, false));
+  }
 
+  protected void setRoleSortOrder() throws SQLException {
+    String updateStatement = "UPDATE " + ADMIN_PERMISSION_TABLE + " SET " + SORT_ORDER_COL
+ "=%d WHERE " + PERMISSION_ID_COL + "='%s'";
+
+    LOG.info("Setting permission labels");
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        1, PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        2, PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        3, PermissionEntity.CLUSTER_OPERATOR_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        4, PermissionEntity.SERVICE_ADMINISTRATOR_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        5, PermissionEntity.SERVICE_OPERATOR_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        6, PermissionEntity.CLUSTER_USER_PERMISSION_NAME));
+    dbAccessor.executeUpdate(String.format(updateStatement,
+        7, PermissionEntity.VIEW_USER_PERMISSION_NAME));
+  }
 
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql
index 0fdfd2b..8aee031 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Derby-CREATE.sql
@@ -525,6 +525,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE roleauthorization (
@@ -1058,20 +1059,20 @@ INSERT INTO adminprincipal (principal_id, principal_type_id)
 INSERT INTO Users (user_id, principal_id, user_name, user_password)
   SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'
FROM SYSIBM.SYSDUMMY1;
 
-insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' FROM SYSIBM.SYSDUMMY1
+insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User' FROM SYSIBM.SYSDUMMY1
+  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' FROM SYSIBM.SYSDUMMY1
+  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 4, 'VIEW.USER', 3, 'View User' FROM SYSIBM.SYSDUMMY1
+  SELECT 4, 'VIEW.USER', 3, 'View User', 7 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' FROM SYSIBM.SYSDUMMY1
+  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' FROM SYSIBM.SYSDUMMY1
+  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 FROM SYSIBM.SYSDUMMY1
   UNION ALL
-  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator' FROM SYSIBM.SYSDUMMY1;
+  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5 FROM SYSIBM.SYSDUMMY1;
 
 INSERT INTO roleauthorization(authorization_id, authorization_name)
   SELECT 'VIEW.USE', 'Use View' FROM SYSIBM.SYSDUMMY1 UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
index 11e43c2..73b172a 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql
@@ -533,6 +533,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE roleauthorization (
@@ -1021,20 +1022,20 @@ insert into adminprincipal (principal_id, principal_type_id)
 insert into users(user_id, principal_id, user_name, user_password)
   select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
-insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
+insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1
   union all
-  select 2, 'CLUSTER.USER', 2, 'Cluster User'
+  select 2, 'CLUSTER.USER', 2, 'Cluster User', 6
   union all
-  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2
   union all
-  select 4, 'VIEW.USER', 3, 'View User'
+  select 4, 'VIEW.USER', 3, 'View User', 7
   union all
-  select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'
+select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3
   union all
-  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'
+  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4
   union all
-  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator';
+  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5;
 
 INSERT INTO roleauthorization(authorization_id, authorization_name)
   SELECT 'VIEW.USE', 'Use View' UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
index 8d4ba28..1df396d 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql
@@ -522,6 +522,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id NUMBER(10) NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT DEFAULT 1 NOT NULL,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE roleauthorization (
@@ -656,7 +657,7 @@ CREATE TABLE setting (
   name VARCHAR(255) NOT NULL UNIQUE,
   setting_type VARCHAR(255) NOT NULL,
   content CLOB NOT NULL,
-  updated_by VARCHAR(255) NOT NULL DEFAULT '_db',
+  updated_by VARCHAR(255) DEFAULT '_db' NOT NULL,
   update_timestamp NUMBER(19) NOT NULL,
   PRIMARY KEY (id)
 );
@@ -1013,20 +1014,20 @@ insert into adminprincipal (principal_id, principal_type_id)
 insert into users(user_id, principal_id, user_name, user_password)
 select 1,1,'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00'
from dual;
 
-insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator' from dual
+insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1 from dual
   union all
-  select 2, 'CLUSTER.USER', 2, 'Cluster User' from dual
+  select 2, 'CLUSTER.USER', 2, 'Cluster User', 6 from dual
   union all
-  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator' from dual
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2 from dual
   union all
-  select 4, 'VIEW.USER', 3, 'View User' from dual
+  select 4, 'VIEW.USER', 3, 'View User', 7 from dual
   union all
-  select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator' from dual
+  select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3 from dual
   union all
-  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator' from dual
+  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4 from dual
   union all
-  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator' from dual;
+  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5 from dual;
 
 INSERT INTO roleauthorization(authorization_id, authorization_name)
   SELECT 'VIEW.USE', 'Use View' FROM dual UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
index c762ac4..d948b3b 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql
@@ -525,6 +525,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE roleauthorization (
@@ -1058,20 +1059,20 @@ INSERT INTO adminprincipal (principal_id, principal_type_id)
 INSERT INTO Users (user_id, principal_id, user_name, user_password)
   SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
-insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
+insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1
   UNION ALL
-  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User'
+  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6
   UNION ALL
-  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
+  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2
   UNION ALL
-  SELECT 4, 'VIEW.USER', 3, 'View User'
+  SELECT 4, 'VIEW.USER', 3, 'View User', 7
   UNION ALL
-  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'
+  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3
   UNION ALL
-  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'
+  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4
   UNION ALL
-  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator';
+  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5;
 
 INSERT INTO roleauthorization(authorization_id, authorization_name)
   SELECT 'VIEW.USE', 'Use View' UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
index 81b41fe..5fe742c 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql
@@ -586,6 +586,7 @@ CREATE TABLE ambari.adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE ambari.roleauthorization (
@@ -1157,20 +1158,20 @@ INSERT INTO ambari.adminprincipal (principal_id, principal_type_id)
 INSERT INTO ambari.Users (user_id, principal_id, user_name, user_password)
   SELECT 1, 1, 'admin', '538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
-insert into ambari.adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
+insert into ambari.adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  SELECT 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1
   UNION ALL
-  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User'
+  SELECT 2, 'CLUSTER.USER', 2, 'Cluster User', 6
   UNION ALL
-  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
+  SELECT 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2
   UNION ALL
-  SELECT 4, 'VIEW.USER', 3, 'View User'
+  SELECT 4, 'VIEW.USER', 3, 'View User', 7
   UNION ALL
-  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'
+  SELECT 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3
   UNION ALL
-  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'
+  SELECT 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4
   UNION ALL
-  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator';
+  SELECT 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5;
 
 INSERT INTO ambari.roleauthorization(authorization_id, authorization_name)
   SELECT 'VIEW.USE', 'Use View' UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
index f8c9b8d..fe1e505 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-SQLAnywhere-CREATE.sql
@@ -522,6 +522,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY(permission_id));
 
 CREATE TABLE roleauthorization (
@@ -1008,20 +1009,20 @@ insert into adminprincipal (principal_id, principal_type_id)
 insert into users(user_id, principal_id, user_name, user_password)
   select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
-insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
-  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'
+insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
+  select 1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1
   union all
-  select 2, 'CLUSTER.USER', 2, 'Cluster User'
+  select 2, 'CLUSTER.USER', 2, 'Cluster User', 6
   union all
-  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'
+  select 3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2
   union all
-  select 4, 'VIEW.USER', 3, 'View User'
+  select 4, 'VIEW.USER', 3, 'View User'. 7
   union all
-  select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'
+  select 5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3
   union all
-  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'
+  select 6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4
   union all
-  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator';
+  select 7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5;
 
   INSERT INTO roleauthorization(authorization_id, authorization_name)
     SELECT 'VIEW.USE', 'Use View' UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
index 324c24d..41dac77 100644
--- a/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
+++ b/ambari-server/src/main/resources/Ambari-DDL-SQLServer-CREATE.sql
@@ -617,6 +617,7 @@ CREATE TABLE adminpermission (
   permission_name VARCHAR(255) NOT NULL,
   resource_type_id INTEGER NOT NULL,
   permission_label VARCHAR(255),
+  sort_order SMALLINT NOT NULL DEFAULT 1,
   PRIMARY KEY CLUSTERED (permission_id)
   );
 
@@ -1123,15 +1124,15 @@ BEGIN TRANSACTION
   insert into users(user_id, principal_id, user_name, user_password)
     select 1, 1, 'admin','538916f8943ec225d97a9a86a2c6ec0818c1cd400e09e03b660fdaaec4af29ddbb6f2b1033b81b00';
 
-  insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label)
+  insert into adminpermission(permission_id, permission_name, resource_type_id, permission_label,
sort_order)
   values
-    (1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator'),
-    (2, 'CLUSTER.USER', 2, 'Cluster User'),
-    (3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator'),
-    (4, 'VIEW.USER', 3, 'View User'),
-    (5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator'),
-    (6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator'),
-    (7, 'SERVICE.OPERATOR', 2, 'Service Operator');
+    (1, 'AMBARI.ADMINISTRATOR', 1, 'Administrator', 1),
+    (2, 'CLUSTER.USER', 2, 'Cluster User', 6),
+    (3, 'CLUSTER.ADMINISTRATOR', 2, 'Cluster Administrator', 2),
+    (4, 'VIEW.USER', 3, 'View User', 7),
+    (5, 'CLUSTER.OPERATOR', 2, 'Cluster Operator', 3),
+    (6, 'SERVICE.ADMINISTRATOR', 2, 'Service Administrator', 4),
+    (7, 'SERVICE.OPERATOR', 2, 'Service Operator', 5);
 
   INSERT INTO roleauthorization(authorization_id, authorization_name)
     SELECT 'VIEW.USE', 'Use View' UNION ALL

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
index 7658c0f..fb4454e 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/PermissionResourceProviderTest.java
@@ -84,6 +84,7 @@ public class PermissionResourceProviderTest {
     expect(permissionEntity.getId()).andReturn(99);
     expect(permissionEntity.getPermissionName()).andReturn("AMBARI.ADMINISTRATOR");
     expect(permissionEntity.getPermissionLabel()).andReturn("Administrator");
+    expect(permissionEntity.getSortOrder()).andReturn(1);
     expect(permissionEntity.getResourceType()).andReturn(resourceTypeEntity);
     expect(resourceTypeEntity.getName()).andReturn("AMBARI");
 
@@ -98,6 +99,7 @@ public class PermissionResourceProviderTest {
     Assert.assertEquals("AMBARI.ADMINISTRATOR", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_NAME_PROPERTY_ID));
     Assert.assertEquals("Administrator", resource.getPropertyValue(PermissionResourceProvider.PERMISSION_LABEL_PROPERTY_ID));
     Assert.assertEquals("AMBARI", resource.getPropertyValue(PermissionResourceProvider.RESOURCE_NAME_PROPERTY_ID));
+    Assert.assertEquals(1, resource.getPropertyValue(PermissionResourceProvider.SORT_ORDER_PROPERTY_ID));
     verify(dao, permissionEntity, resourceTypeEntity);
   }
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/2871d674/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
index d1d68f2..608a348 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog240Test.java
@@ -25,25 +25,32 @@ import com.google.inject.Provider;
 import com.google.inject.persist.PersistService;
 import junit.framework.Assert;
 import org.apache.ambari.server.api.services.AmbariMetaInfo;
+import org.apache.ambari.server.orm.DBAccessor;
 import org.apache.ambari.server.orm.GuiceJpaInitializer;
 import org.apache.ambari.server.orm.InMemoryDefaultTestModule;
 import org.apache.ambari.server.orm.dao.StackDAO;
 import org.apache.ambari.server.orm.entities.StackEntity;
+import org.easymock.Capture;
+import org.easymock.CaptureType;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 
 import javax.persistence.EntityManager;
+import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import static org.easymock.EasyMock.capture;
 import static org.easymock.EasyMock.createMockBuilder;
 import static org.easymock.EasyMock.createNiceMock;
 import static org.easymock.EasyMock.createStrictMock;
+import static org.easymock.EasyMock.eq;
 import static org.easymock.EasyMock.expect;
 import static org.easymock.EasyMock.expectLastCall;
+import static org.easymock.EasyMock.newCapture;
 import static org.easymock.EasyMock.replay;
 import static org.easymock.EasyMock.reset;
 import static org.easymock.EasyMock.verify;
@@ -79,28 +86,72 @@ public class UpgradeCatalog240Test {
   }
 
   @Test
+  public void testExecuteDDLUpdates() throws Exception {
+    UpgradeCatalog240 upgradeCatalog240 = injector.getInstance(UpgradeCatalog240.class);
+
+    Capture<DBAccessor.DBColumnInfo> capturedColumnInfo = newCapture();
+
+    DBAccessor dbAccessor = createStrictMock(DBAccessor.class);
+    dbAccessor.addColumn(eq("adminpermission"), capture(capturedColumnInfo));
+    expectLastCall().once();
+
+    Field field = AbstractUpgradeCatalog.class.getDeclaredField("dbAccessor");
+    field.set(upgradeCatalog240, dbAccessor);
+
+    replay(dbAccessor);
+
+    upgradeCatalog240.executeDDLUpdates();
+
+    verify(dbAccessor);
+
+    DBAccessor.DBColumnInfo columnInfo = capturedColumnInfo.getValue();
+    Assert.assertNotNull(columnInfo);
+    Assert.assertEquals(UpgradeCatalog240.SORT_ORDER_COL, columnInfo.getName());
+    Assert.assertEquals(null, columnInfo.getLength());
+    Assert.assertEquals(Short.class, columnInfo.getType());
+    Assert.assertEquals(1, columnInfo.getDefaultValue());
+    Assert.assertEquals(false, columnInfo.isNullable());
+  }
+
+  @Test
   public void testExecuteDMLUpdates() throws Exception {
     Method addNewConfigurationsFromXml = AbstractUpgradeCatalog.class.getDeclaredMethod("addNewConfigurationsFromXml");
     Method updateAlerts = UpgradeCatalog240.class.getDeclaredMethod("updateAlerts");
 
+    Capture<String> capturedStatements = newCapture(CaptureType.ALL);
 
+    DBAccessor dbAccessor = createStrictMock(DBAccessor.class);
+    expect(dbAccessor.executeUpdate(capture(capturedStatements))).andReturn(1).times(7);
 
     UpgradeCatalog240 upgradeCatalog240 = createMockBuilder(UpgradeCatalog240.class)
             .addMockedMethod(addNewConfigurationsFromXml)
             .addMockedMethod(updateAlerts)
             .createMock();
 
+    Field field = AbstractUpgradeCatalog.class.getDeclaredField("dbAccessor");
+    field.set(upgradeCatalog240, dbAccessor);
+
     upgradeCatalog240.addNewConfigurationsFromXml();
     expectLastCall().once();
     upgradeCatalog240.updateAlerts();
     expectLastCall().once();
 
-
-    replay(upgradeCatalog240);
+    replay(upgradeCatalog240, dbAccessor);
 
     upgradeCatalog240.executeDMLUpdates();
 
-    verify(upgradeCatalog240);
+    verify(upgradeCatalog240, dbAccessor);
+
+    List<String> statements = capturedStatements.getValues();
+    Assert.assertNotNull(statements);
+    Assert.assertEquals(7, statements.size());
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=1 WHERE
permission_name='AMBARI.ADMINISTRATOR'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=2 WHERE
permission_name='CLUSTER.ADMINISTRATOR'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=3 WHERE
permission_name='CLUSTER.OPERATOR'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=4 WHERE
permission_name='SERVICE.ADMINISTRATOR'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=5 WHERE
permission_name='SERVICE.OPERATOR'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=6 WHERE
permission_name='CLUSTER.USER'"));
+    Assert.assertTrue(statements.contains("UPDATE adminpermission SET sort_order=7 WHERE
permission_name='VIEW.USER'"));
   }
 
   @Test


Mime
View raw message