hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Eagles (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-3267) Timelineserver applies the ACL rules after applying the limit on the number of records
Date Wed, 11 Mar 2015 21:28:39 GMT

    [ https://issues.apache.org/jira/browse/YARN-3267?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14357644#comment-14357644

Jonathan Eagles commented on YARN-3267:

[~lichangleo], Couple more minor things with this patch

* LeveldbTimelineStore, MemoryTimelineStore, and TimelineReader all have extra UserGroupInformation
* Spacing issues
** 'Check{' should be written as 'Check {'
** 'ugi=callerUGI;' should be written as 'ugi = callerUGI;'
** 'throws IOException{' should be written as 'throws IOException {'
* check logic simplification

      try {
        if (!timelineACLsManager.checkAccess(
          ugi, ApplicationAccessType.VIEW_APP, entity)) {
          return false;

might be simpler as

      try {
          return timelineACLsManager.checkAccess(
              ugi, ApplicationAccessType.VIEW_APP, entity);

* reduce logging level

      } catch (YarnException e) {
        LOG.error("Error when verifying access for user " + ugi
          + " on the events of the timeline entity "
          + new EntityIdentifier(entity.getEntityId(),
          entity.getEntityType()), e);
        return false;

this might be better suited as info level since any missing domain can trying this scenario.

> Timelineserver applies the ACL rules after applying the limit on the number of records
> --------------------------------------------------------------------------------------
>                 Key: YARN-3267
>                 URL: https://issues.apache.org/jira/browse/YARN-3267
>             Project: Hadoop YARN
>          Issue Type: Bug
>    Affects Versions: 2.6.0
>            Reporter: Prakash Ramachandran
>            Assignee: Chang Li
>         Attachments: YARN-3267.3.patch, YARN_3267_V1.patch, YARN_3267_V2.patch, YARN_3267_WIP.patch,
YARN_3267_WIP1.patch, YARN_3267_WIP2.patch, YARN_3267_WIP3.patch
> While fetching the entities from timelineserver, the limit is applied on the entities
to be fetched from leveldb, the ACL filters are applied after this (TimelineDataManager.java::getEntities).

> this could mean that even if there are entities available which match the query criteria,
we could end up not getting any results.

This message was sent by Atlassian JIRA

View raw message