hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suma Shivaprasad (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (YARN-8415) TimelineWebServices.getEntity should throw a ForbiddenException(403) instead of 404 when ACL checks fail
Date Tue, 12 Jun 2018 00:56:00 GMT

     [ https://issues.apache.org/jira/browse/YARN-8415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Suma Shivaprasad updated YARN-8415:
-----------------------------------
    Description: 
{noformat}
private TimelineEntity doGetEntity(
      String entityType,
      String entityId,
      EnumSet<Field> fields,
      UserGroupInformation callerUGI) throws YarnException, IOException {
    TimelineEntity entity = null;
    entity =
        store.getEntity(entityId, entityType, fields);
    if (entity != null) {
      addDefaultDomainIdIfAbsent(entity);
      // check ACLs
      if (!timelineACLsManager.checkAccess(
          callerUGI, ApplicationAccessType.VIEW_APP, entity)) {
          *entity = null;*   //Should differentiate from an entity get failure vs ACL check
failure here by throwing an Exception.
      }
    }
    return entity;
  }
{noformat}

  was:
{noformat}
private TimelineEntity doGetEntity(
      String entityType,
      String entityId,
      EnumSet<Field> fields,
      UserGroupInformation callerUGI) throws YarnException, IOException {
    TimelineEntity entity = null;
    entity =
        store.getEntity(entityId, entityType, fields);
    if (entity != null) {
      addDefaultDomainIdIfAbsent(entity);
      // check ACLs
      if (!timelineACLsManager.checkAccess(
          callerUGI, ApplicationAccessType.VIEW_APP, entity)) {
*        entity = null;*   //Should differentiate from an entity get failure vs ACL check
failure here by throwing an Exception.
      }
    }
    return entity;
  }
{noformat}


> TimelineWebServices.getEntity should throw a ForbiddenException(403) instead of 404 when
ACL checks fail
> --------------------------------------------------------------------------------------------------------
>
>                 Key: YARN-8415
>                 URL: https://issues.apache.org/jira/browse/YARN-8415
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Suma Shivaprasad
>            Assignee: Suma Shivaprasad
>            Priority: Major
>
> {noformat}
> private TimelineEntity doGetEntity(
>       String entityType,
>       String entityId,
>       EnumSet<Field> fields,
>       UserGroupInformation callerUGI) throws YarnException, IOException {
>     TimelineEntity entity = null;
>     entity =
>         store.getEntity(entityId, entityType, fields);
>     if (entity != null) {
>       addDefaultDomainIdIfAbsent(entity);
>       // check ACLs
>       if (!timelineACLsManager.checkAccess(
>           callerUGI, ApplicationAccessType.VIEW_APP, entity)) {
>           *entity = null;*   //Should differentiate from an entity get failure vs ACL
check failure here by throwing an Exception.
>       }
>     }
>     return entity;
>   }
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message