ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-17292) Operations during upgrade are permitted by all roles
Date Fri, 17 Jun 2016 13:45:05 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-17292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15336110#comment-15336110
] 

Hadoop QA commented on AMBARI-17292:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12811338/AMBARI-17292.patch
  against trunk revision .

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+1 tests included{color}.  The patch appears to include 2 new or modified
test files.

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase the total number
of release audit warnings.

    {color:red}-1 core tests{color}.  The test build failed in ambari-server 

Test results: https://builds.apache.org/job/Ambari-trunk-test-patch/7402//testReport/
Console output: https://builds.apache.org/job/Ambari-trunk-test-patch/7402//console

This message is automatically generated.

> Operations during upgrade are permitted by all roles
> ----------------------------------------------------
>
>                 Key: AMBARI-17292
>                 URL: https://issues.apache.org/jira/browse/AMBARI-17292
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Andrew Onischuk
>            Assignee: Andrew Onischuk
>             Fix For: 2.4.0
>
>         Attachments: AMBARI-17292.patch
>
>
> ambari-server --hash  
> 9a2943ba77371f1c20b4f3da900abb7c2e89d22b  
> Build# ambari-server-2.4.0.0-591.x86_64
> **Steps**
>   1. Create user with different roles like Cluster user, Service Administrator etc.
>   2. Login as Ambari admin user and start Express Upgrade (register version, install
packages and start EU)
>   3. Pause the Upgrade at any step that requires manual intervention (like stop YARN
queue or backup DB or even at Finalize step)
>   4. Logout and login as cluster user
> **Result**:  
> The logged in user has complete access to Upgrade Wizard and can resume
> upgrade  
> Also do actions like Downgrade, 'Ignore and Proceed', 'Retry'
> The same is true for other roles like service administrator too, both during
> upgrade and downgrade
> **Expected Result:** Only Ambari Admin and Cluster Admin should be permitted to perform
actions during cluster upgrade
> Screenshots attached for reference while logged in as cluster user role
> (cluser)
> Another observation: While upgrade is in progress, login in a different
> session as cluster user - the cluster user can view the upgrade wizard in
> exact same way as admin



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message