ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <>
Subject [jira] [Commented] (AMBARI-14228) Ambari Files View ignores alternate HDFS authorization mechanisms
Date Sat, 05 Dec 2015 22:33:10 GMT


Hudson commented on AMBARI-14228:

ABORTED: Integrated in Ambari-branch-2.2 #15 (See [])
AMBARI-14228. Ambari Files View ignores alternate HDFS authorization (sgunturi: [])
* contrib/views/files/src/main/resources/ui/app/controllers/file.js
* contrib/views/files/src/main/resources/ui/app/components/uploader.js
* contrib/views/files/src/main/resources/ui/app/views/modalPreview.js
* contrib/views/files/src/main/resources/ui/app/controllers/files.js
* contrib/views/files/src/main/java/org/apache/ambari/view/filebrowser/
* contrib/views/files/src/main/resources/ui/app/controllers/previewModal.js
* contrib/views/files/src/test/java/org/apache/ambari/view/filebrowser/
* contrib/views/files/src/main/resources/ui/app/templates/components/contextMenu.hbs
* contrib/views/files/src/main/resources/ui/app/templates/files.hbs
* contrib/views/files/src/main/resources/ui/app/templates/util/fileRow.hbs
* contrib/views/files/src/main/resources/ui/app/components/toggleContext.js
* contrib/views/files/src/main/resources/ui/app/routes/file.js
* contrib/views/files/src/main/resources/ui/app/adapter.js

> Ambari Files View ignores alternate HDFS authorization mechanisms
> -----------------------------------------------------------------
>                 Key: AMBARI-14228
>                 URL:
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-views
>    Affects Versions: 2.1.2
>            Reporter: DIPAYAN BHOWMICK
>            Assignee: DIPAYAN BHOWMICK
>             Fix For: 2.2.0
>         Attachments: AMBARI-14228_branch-2.1.patch
> PROBLEM: In the files view Ambari only seems to be looking at user, group, mode which
comes back from a GETSTATUS call and making the access decision based on that in the client.
> Doing it this way completely ignores alternate authorization mechanisms like HDFS ACLs
and Ranger. Particularly with HDFS' new pluggable interface for authorization in Hadoop 2.7
this problem could get worse down the road.
> Ambari needs to deal with this in a uniform way so the user gets all of the access coming
to them.
> BUSINESS IMPACT: Ambari files view is potentially useless to customers who have built
an authorization model on anything other than user/group/mode, such as Ranger or HDFS ACLs
> EXPECTED RESULTS: The user should see no difference in their privilege level between
Ambari Files View and FSShell.
> ACTUAL RESULTS: Only user/group/mode are considered in files view

This message was sent by Atlassian JIRA

View raw message