FALCON-2035 Entity list operation without type parameter doesn't work…

… when authorization is enabled

Test entity list operation without type parameter works when authorization is enabled.

Author: yzheng-hortonworks <yzheng@hortonworks.com>

Reviewers: @pallavi-rao, @bvellanki

Closes #189 from yzheng-hortonworks/FALCON-2035 and squashes the following commits:

0cbd7a4 [yzheng-hortonworks] review by pallavi
4f7c4a4 [yzheng-hortonworks] review by balu
7aa034b [yzheng-hortonworks] FALCON-2035 Entity list operation without type parameter doesn't work when authorization is enabled

(cherry picked from commit aaf3326)
Signed-off-by: Pallavi Rao <pallavi.rao@inmobi.com>

common/src/main/java/org/apache/falcon/security/DefaultAuthorizationProvider.java

@@ -59,6 +59,7 @@ public class DefaultAuthorizationProvider implements AuthorizationProvider {
 
     private static final Set<String> RESOURCES = new HashSet<String>(
             Arrays.asList(new String[]{"admin", "entities", "instance", "metadata", "extension", }));
+    private static final String LIST_OPERATION = "list";
 
     /**
      * Constant for the configuration property that indicates the prefix.
@@ -170,7 +171,11 @@ public void authorizeResource(String resource, String action,
                     authorizeAdminResource(authenticatedUGI, action);
                 }
             } else if ("entities".equals(resource) || "instance".equals(resource)) {
-                authorizeEntityResource(authenticatedUGI, entityName, entityType, action);
+                if ("entities".equals(resource) && LIST_OPERATION.equals(action)) {
+                    LOG.info("Skipping authorization for entity list operations");
+                } else {
+                    authorizeEntityResource(authenticatedUGI, entityName, entityType, action);
+                }
             } else if ("metadata".equals(resource)) {
                 authorizeMetadataResource(authenticatedUGI, action);
             }
@@ -296,7 +301,6 @@ protected void authorizeEntityResource(UserGroupInformation authenticatedUGI,
                                            String entityName, String entityType,
                                            String action)
         throws AuthorizationException, EntityNotRegisteredException {
-
         Validate.notEmpty(entityType, "Entity type cannot be empty or null");
         LOG.debug("Authorizing authenticatedUser={} against entity/instance action={}, "
                 + "entity name={}, entity type={}",

common/src/test/java/org/apache/falcon/security/DefaultAuthorizationProviderTest.java

@@ -315,7 +315,7 @@ public void testAuthorizeNullEntityType() throws Exception {
                 "admin", realUser, new String[]{"admin", });
 
         DefaultAuthorizationProvider provider = new DefaultAuthorizationProvider();
-        provider.authorizeResource("entities", "list", null, "primary-cluster", proxyUgi);
+        provider.authorizeResource("instance", "list", null, "sample-process", proxyUgi);
         Assert.fail("Bad entity type");
     }
 
@@ -328,7 +328,7 @@ public void testAuthorizeBadEntityType() throws Exception {
                 "admin", realUser, new String[]{"admin", });
 
         DefaultAuthorizationProvider provider = new DefaultAuthorizationProvider();
-        provider.authorizeResource("entities", "list", "clusterz", "primary-cluster", proxyUgi);
+        provider.authorizeResource("instance", "list", "processz", "sample-process", proxyUgi);
         Assert.fail("Bad entity type");
     }