Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files
FALCON-2035 Entity list operation without type parameter doesn't work…
… when authorization is enabled

Test entity list operation without type parameter works when authorization is enabled.

Author: yzheng-hortonworks <yzheng@hortonworks.com>

Reviewers: @pallavi-rao, @bvellanki

Closes #189 from yzheng-hortonworks/FALCON-2035 and squashes the following commits:

0cbd7a4 [yzheng-hortonworks] review by pallavi
4f7c4a4 [yzheng-hortonworks] review by balu
7aa034b [yzheng-hortonworks] FALCON-2035 Entity list operation without type parameter doesn't work when authorization is enabled

(cherry picked from commit aaf3326)
Signed-off-by: Pallavi Rao <pallavi.rao@inmobi.com>
  • Loading branch information
yzheng-hortonworks authored and Pallavi Rao committed Jun 21, 2016
1 parent 8200524 commit 641d57afa68b0d8ae091595f7eca560ec1d13f1b
Showing 2 changed files with 8 additions and 4 deletions.
@@ -59,6 +59,7 @@ public class DefaultAuthorizationProvider implements AuthorizationProvider {

private static final Set<String> RESOURCES = new HashSet<String>(
Arrays.asList(new String[]{"admin", "entities", "instance", "metadata", "extension", }));
private static final String LIST_OPERATION = "list";

/**
* Constant for the configuration property that indicates the prefix.
@@ -170,7 +171,11 @@ public void authorizeResource(String resource, String action,
authorizeAdminResource(authenticatedUGI, action);
}
} else if ("entities".equals(resource) || "instance".equals(resource)) {
authorizeEntityResource(authenticatedUGI, entityName, entityType, action);
if ("entities".equals(resource) && LIST_OPERATION.equals(action)) {
LOG.info("Skipping authorization for entity list operations");
} else {
authorizeEntityResource(authenticatedUGI, entityName, entityType, action);
}
} else if ("metadata".equals(resource)) {
authorizeMetadataResource(authenticatedUGI, action);
}
@@ -296,7 +301,6 @@ protected void authorizeEntityResource(UserGroupInformation authenticatedUGI,
String entityName, String entityType,
String action)
throws AuthorizationException, EntityNotRegisteredException {

Validate.notEmpty(entityType, "Entity type cannot be empty or null");
LOG.debug("Authorizing authenticatedUser={} against entity/instance action={}, "
+ "entity name={}, entity type={}",
@@ -315,7 +315,7 @@ public void testAuthorizeNullEntityType() throws Exception {
"admin", realUser, new String[]{"admin", });

DefaultAuthorizationProvider provider = new DefaultAuthorizationProvider();
provider.authorizeResource("entities", "list", null, "primary-cluster", proxyUgi);
provider.authorizeResource("instance", "list", null, "sample-process", proxyUgi);
Assert.fail("Bad entity type");
}

@@ -328,7 +328,7 @@ public void testAuthorizeBadEntityType() throws Exception {
"admin", realUser, new String[]{"admin", });

DefaultAuthorizationProvider provider = new DefaultAuthorizationProvider();
provider.authorizeResource("entities", "list", "clusterz", "primary-cluster", proxyUgi);
provider.authorizeResource("instance", "list", "processz", "sample-process", proxyUgi);
Assert.fail("Bad entity type");
}

0 comments on commit 641d57a

Please sign in to comment.