private void checkAccess(Job job, JobACL jobOperation) throws IOException { UserGroupInformation callerUGI; callerUGI = UserGroupInformation.getCurrentUser(); if (!job.checkAccess(callerUGI, jobOperation)) { throw new IOException(new AccessControlException("User " + callerUGI.getShortUserName() + " cannot perform operation " + jobOperation.name() + " on " + job.getID())); } }
private boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); if (remoteUser != null) { return job.checkAccess(UserGroupInformation.createRemoteUser(remoteUser), JobACL.VIEW_JOB); } return true; }
Boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
Boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
Boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
private boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); if (remoteUser != null) { return job.checkAccess(UserGroupInformation.createRemoteUser(remoteUser), JobACL.VIEW_JOB); } return true; }
private boolean hasAccess(Job job, HttpServletRequest request) { String remoteUser = request.getRemoteUser(); if (remoteUser != null) { return job.checkAccess(UserGroupInformation.createRemoteUser(remoteUser), JobACL.VIEW_JOB); } return true; }
private Job verifyAndGetJob(JobId jobID, JobACL accessType, boolean exceptionThrow) throws IOException { Job job = appContext.getJob(jobID); if (job == null && exceptionThrow) { throw new IOException("Unknown Job " + jobID); } UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); if (job != null && !job.checkAccess(ugi, accessType)) { throw new AccessControlException("User " + ugi.getShortUserName() + " cannot perform operation " + accessType.name() + " on " + jobID); } return job; }
private Job verifyAndGetJob(JobId jobID, JobACL accessType, boolean exceptionThrow) throws IOException { Job job = appContext.getJob(jobID); if (job == null && exceptionThrow) { throw new IOException("Unknown Job " + jobID); } UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); if (job != null && !job.checkAccess(ugi, accessType)) { throw new AccessControlException("User " + ugi.getShortUserName() + " cannot perform operation " + accessType.name() + " on " + jobID); } return job; }
/** * check for job access. * @param job the job that is being accessed * @return True if the requesting user has permission to view the job */ boolean checkAccess(Job job) { String remoteUser = request().getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
private Job verifyAndGetJob(JobId jobID, JobACL accessType, boolean exceptionThrow) throws IOException { Job job = appContext.getJob(jobID); if (job == null && exceptionThrow) { throw new IOException("Unknown Job " + jobID); } UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); if (job != null && !job.checkAccess(ugi, accessType)) { throw new AccessControlException("User " + ugi.getShortUserName() + " cannot perform operation " + accessType.name() + " on " + jobID); } return job; }
private void checkAccess(Job job, JobACL jobOperation) throws IOException { UserGroupInformation callerUGI; callerUGI = UserGroupInformation.getCurrentUser(); if (!job.checkAccess(callerUGI, jobOperation)) { throw new IOException(new AccessControlException("User " + callerUGI.getShortUserName() + " cannot perform operation " + jobOperation.name() + " on " + job.getID())); } }
private void checkAccess(Job job, JobACL jobOperation) throws IOException { UserGroupInformation callerUGI; callerUGI = UserGroupInformation.getCurrentUser(); if (!job.checkAccess(callerUGI, jobOperation)) { throw new IOException(new AccessControlException("User " + callerUGI.getShortUserName() + " cannot perform operation " + jobOperation.name() + " on " + job.getID())); } }
/** * check for job access. * @param job the job that is being accessed * @return True if the requesting user has permission to view the job */ boolean checkAccess(Job job) { String remoteUser = request().getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
/** * check for job access. * @param job the job that is being accessed * @return True if the requesting user has permission to view the job */ boolean checkAccess(Job job) { String remoteUser = request().getRemoteUser(); UserGroupInformation callerUGI = null; if (remoteUser != null) { callerUGI = UserGroupInformation.createRemoteUser(remoteUser); } if (callerUGI != null && !job.checkAccess(callerUGI, JobACL.VIEW_JOB)) { return false; } return true; }
private void checkAccess(Job job, JobACL jobOperation) throws IOException { UserGroupInformation callerUGI; callerUGI = UserGroupInformation.getCurrentUser(); if (!job.checkAccess(callerUGI, jobOperation)) { throw new IOException(new AccessControlException("User " + callerUGI.getShortUserName() + " cannot perform operation " + jobOperation.name() + " on " + job.getID())); } }
@Before public void setUp() throws IOException { AppContext context = mock(AppContext.class); when(context.getApplicationID()).thenReturn( ApplicationId.newInstance(0, 0)); when(context.getApplicationName()).thenReturn("AppName"); when(context.getUser()).thenReturn("User"); when(context.getStartTime()).thenReturn(System.currentTimeMillis()); job = mock(Job.class); Task task = mock(Task.class); when(job.getTask(any(TaskId.class))).thenReturn(task); when(job.loadConfFile()).thenReturn(new Configuration()); when(job.getConfFile()).thenReturn(new Path("/")); JobId jobID = MRApps.toJobID("job_01_01"); when(context.getJob(jobID)).thenReturn(job); when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(true); App app = new App(context); Configuration configuration = new Configuration(); ctx = mock(RequestContext.class); appController = new AppControllerForTest(app, configuration, ctx); appController.getProperty().put(AMParams.JOB_ID, "job_01_01"); appController.getProperty().put(AMParams.TASK_ID, taskId); }
/** * Test method 'jobCounters'. Should print message about error or set CountersPage class for rendering */ @Test public void testGetJobCounters() { when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(false); appController.jobCounters(); verify(appController.response()).setContentType(MimeType.TEXT); assertEquals( "Access denied: User user does not have permission to view job job_01_01", appController.getData()); when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(true); appController.getProperty().remove(AMParams.JOB_ID); appController.jobCounters(); assertEquals( "Access denied: User user does not have permission to view job job_01_01Bad Request: Missing job ID", appController.getData()); appController.getProperty().put(AMParams.JOB_ID, "job_01_01"); appController.jobCounters(); assertEquals(CountersPage.class, appController.getClazz()); }
/** * Test method 'job'. Should print message about error or set JobPage class for rendering */ @Test public void testGetJob() { when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(false); appController.job(); verify(appController.response()).setContentType(MimeType.TEXT); assertEquals( "Access denied: User user does not have permission to view job job_01_01", appController.getData()); when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(true); appController.getProperty().remove(AMParams.JOB_ID); appController.job(); assertEquals( "Access denied: User user does not have permission to view job job_01_01Bad Request: Missing job ID", appController.getData()); appController.getProperty().put(AMParams.JOB_ID, "job_01_01"); appController.job(); assertEquals(JobPage.class, appController.getClazz()); }
/** * Test method 'taskCounters'. Should print message about error or set CountersPage class for rendering */ @Test public void testGetTaskCounters() { when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(false); appController.taskCounters(); verify(appController.response()).setContentType(MimeType.TEXT); assertEquals( "Access denied: User user does not have permission to view job job_01_01", appController.getData()); when(job.checkAccess(any(UserGroupInformation.class), any(JobACL.class))) .thenReturn(true); appController.getProperty().remove(AMParams.TASK_ID); appController.taskCounters(); assertEquals( "Access denied: User user does not have permission to view job job_01_01missing task ID", appController.getData()); appController.getProperty().put(AMParams.TASK_ID, taskId); appController.taskCounters(); assertEquals(CountersPage.class, appController.getClazz()); } /**