ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tom Beerbower" <tbeerbo...@hortonworks.com>
Subject Review Request 23969: Views : Admin - Add custom permissions
Date Sun, 27 Jul 2014 13:38:40 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/23969/
-----------------------------------------------------------

Review request for Ambari, Jonathan Hurley and Nate Cole.


Bugs: AMBARI-6627
    https://issues.apache.org/jira/browse/AMBARI-6627


Repository: ambari


Description
-------

Add support for custom view privileges as described in the Admin doc ...

https://docs.google.com/a/hortonworks.com/document/d/1heCrAA6hNM8qvQ091f8KGICABw2pY6Pt25uyfAvV8SQ/edit?disco=AAAAAJqU6lg#

Custom view permissions must be specified in the view descriptor.  There is no API support
for creating and deleting custom permissions for a view.

For example …

{code}
<view>
 <name>PIG_VIEW</name>
 <label>The Pig View</label>
 <version>1.0.0</version>
 …
 <permission>
   <name>EXECUTE</name>
   <description>
     Enables the grantee to execute a script.
    </description>
 </permission>
 <permission>
   <name>EDIT</name>
   <description>
     Enables the grantee to edit a script.
    </description>
 </permission>
 …
</view>
{code}

The above view.xml would result in the following custom permissions …

*VIEW.PIG_VIEW1.0.0.EXECUTE*
Enables the grantee to execute a script

*VIEW.PIG_VIEW1.0.0.EDIT*
Enables the grantee to edit a script

Custom permissions may only be granted for resource instances of the type that they were defined
for.  For example, you could not grant VIEW.PIG_VIEW1.0.0.EDIT permission to a user on the
FILES_VIEW.FILES_1 view instance.


Diffs
-----

  ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
cdc3cd0 
  ambari-server/src/main/java/org/apache/ambari/server/api/resources/ViewPermissionResourceDefinition.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/api/resources/ViewVersionResourceDefinition.java
e67a50b 
  ambari-server/src/main/java/org/apache/ambari/server/api/services/ViewPermissionService.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/api/services/ViewVersionService.java
0dac300 
  ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java 1ea8311

  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
1d20075 
  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/PrivilegeResourceProvider.java
c7476e5 
  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ViewPermissionResourceProvider.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java 53f8a9c

  ambari-server/src/main/java/org/apache/ambari/server/orm/dao/MemberDAO.java b4e015d 
  ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PermissionDAO.java c00b47a

  ambari-server/src/main/java/org/apache/ambari/server/orm/dao/PrivilegeDAO.java de18031 
  ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java
a770f1d 
  ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceTypeEntity.java
9842a6a 
  ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ViewEntity.java 59d87aa

  ambari-server/src/main/java/org/apache/ambari/server/view/ViewContextImpl.java 6426575 
  ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java 4859836 
  ambari-server/src/main/java/org/apache/ambari/server/view/configuration/PermissionConfig.java
PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/view/configuration/ViewConfig.java
e084918 
  ambari-server/src/main/resources/Ambari-DDL-MySQL-CREATE.sql f3cac2e 
  ambari-server/src/main/resources/Ambari-DDL-Oracle-CREATE.sql 2328ffc 
  ambari-server/src/main/resources/Ambari-DDL-Postgres-CREATE.sql 73bf442 
  ambari-server/src/main/resources/Ambari-DDL-Postgres-EMBEDDED-CREATE.sql f78f07f 
  ambari-server/src/test/java/org/apache/ambari/server/api/resources/ViewPermissionResourceDefinitionTest.java
PRE-CREATION 
  ambari-server/src/test/java/org/apache/ambari/server/api/resources/ViewVersionResourceDefinitionTest.java
32c13b3 
  ambari-server/src/test/java/org/apache/ambari/server/api/services/ViewPermissionServiceTest.java
PRE-CREATION 
  ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java 5bd5c38

  ambari-server/src/test/java/org/apache/ambari/server/view/configuration/PermissionConfigTest.java
PRE-CREATION 
  ambari-views/examples/pom.xml 0951f19 
  ambari-views/examples/restricted-view/docs/index.md PRE-CREATION 
  ambari-views/examples/restricted-view/pom.xml PRE-CREATION 
  ambari-views/examples/restricted-view/src/main/java/org/apache/ambari/view/restricted/RestrictedResource.java
PRE-CREATION 
  ambari-views/examples/restricted-view/src/main/java/org/apache/ambari/view/restricted/UnrestrictedResource.java
PRE-CREATION 
  ambari-views/examples/restricted-view/src/main/resources/view.xml PRE-CREATION 
  ambari-views/src/main/java/org/apache/ambari/view/SecurityException.java PRE-CREATION 
  ambari-views/src/main/java/org/apache/ambari/view/ViewContext.java c83e8eb 

Diff: https://reviews.apache.org/r/23969/diff/


Testing
-------

Manual testing - Added new RESTRICTED example under ambari-views.

Unit testing - Added additional unit tests.

All existing tests pass ...

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 27:13.620s
[INFO] Finished at: Sun Jul 27 08:40:53 EDT 2014
[INFO] Final Memory: 30M/123M
[INFO] ------------------------------------------------------------------------


Thanks,

Tom Beerbower


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message