ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dmitro Lisnichenko <dlysniche...@hortonworks.com>
Subject Review Request 44389: Absent validation of of stack_version id during API request to deeper entities
Date Fri, 04 Mar 2016 13:52:55 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/44389/
-----------------------------------------------------------

Review request for Ambari and Dmytro Sen.


Bugs: AMBARI-15299
    https://issues.apache.org/jira/browse/AMBARI-15299


Repository: ambari


Description
-------

Request:
{code}
http://server:8080/api/v1/clusters/cl1/stack_versions
{code}
returns:
{code}
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions",
"items" : [
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/1",
"ClusterStackVersions" : {
"cluster_name" : "cl1",
"id" : 1,
"repository_version" : 1,
"stack" : "HDP",
"version" : "2.3"
}
}
]
}
{code}

But we can sent request to not available stack_versions:
{code}
http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3
{code}
returns:
{code}
{
"href" : "http://server:8080/api/v1/clusters/cl1/stack_versions/34343rfff4/repository_versions/1/operating_systems/debian7/repositories/HDP-2.3",
"Repositories" : {
"base_url" : "http://s3.amazonaws.com/hortonworks.com/HDP/debian7/2.x/BUILDS/2.3.4.0-3335",
"default_base_url" : "",
"latest_base_url" : "",
"mirrors_list" : "",
"os_type" : "debian7",
"repo_id" : "HDP-2.3",
"repo_name" : "HDP",
"repository_version_id" : 1,
"stack_name" : "HDP",
"stack_version" : "2.3"
}
}
{code}

There should be some type of validation of used stack_versio.


Diffs
-----

  ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RepositoryResourceProvider.java
cf22368 

Diff: https://reviews.apache.org/r/44389/diff/


Testing
-------

mvn clean test


Thanks,

Dmitro Lisnichenko


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message