ATLAS-2587:- Set read ACL for /apache_atlas/active_server_info znode in HA for Knox proxy to read.

b03c2484 · nixonrodrigues · d5540595 · b03c2484 · b03c2484
Commit b03c2484 authored Apr 19, 2018 by nixonrodrigues
Showing with 19 additions and 5 deletions

ActiveInstanceState.java ...ava/org/apache/atlas/web/service/ActiveInstanceState.java +15 -3

ActiveInstanceStateTest.java ...org/apache/atlas/web/service/ActiveInstanceStateTest.java +4 -2

No files found.
--- a/webapp/src/main/java/org/apache/atlas/web/service/ActiveInstanceState.java
+++ b/webapp/src/main/java/org/apache/atlas/web/service/ActiveInstanceState.java
@@ -24,11 +24,13 @@ import org.apache.atlas.AtlasException;
 import org.apache.atlas.exception.AtlasBaseException;
 import org.apache.atlas.ha.HAConfiguration;
 import org.apache.commons.configuration.Configuration;
+import org.apache.commons.lang.StringUtils;
 import org.apache.curator.framework.CuratorFramework;
 import org.apache.curator.framework.recipes.locks.InterProcessReadWriteLock;
 import org.apache.zookeeper.CreateMode;
 import org.apache.zookeeper.ZooDefs;
 import org.apache.zookeeper.data.ACL;
+import org.apache.zookeeper.data.Id;
 import org.apache.zookeeper.data.Stat;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -37,6 +39,7 @@ import org.springframework.stereotype.Component;
 import javax.inject.Inject;
 import java.nio.charset.Charset;
 import java.util.Arrays;
+import java.util.ArrayList;
 import java.util.List;
 /**
@@ -91,9 +94,18 @@ public class ActiveInstanceState {
            HAConfiguration.ZookeeperProperties zookeeperProperties =
                    HAConfiguration.getZookeeperProperties(configuration);
            String atlasServerAddress = HAConfiguration.getBoundAddressForId(configuration, serverId);
-            List<ACL> acls = Arrays.asList(
-                    new ACL[]{AtlasZookeeperSecurityProperties.parseAcl(zookeeperProperties.getAcl(),
+            List<ACL> acls = new ArrayList<ACL>();
-                            ZooDefs.Ids.OPEN_ACL_UNSAFE.get(0))});
+            ACL parsedACL = AtlasZookeeperSecurityProperties.parseAcl(zookeeperProperties.getAcl(),
+                    ZooDefs.Ids.OPEN_ACL_UNSAFE.get(0));
+            acls.add(parsedACL);
+            //adding world read permission
+            if (StringUtils.isNotEmpty(zookeeperProperties.getAcl())) {
+                ACL worldReadPermissionACL = new ACL(ZooDefs.Perms.READ, new Id("world", "anyone"));
+                acls.add(worldReadPermissionACL);
+            }
            Stat serverInfo = client.checkExists().forPath(getZnodePath(zookeeperProperties));
            if (serverInfo == null) {
                client.create().

--- a/webapp/src/test/java/org/apache/atlas/web/service/ActiveInstanceStateTest.java
+++ b/webapp/src/test/java/org/apache/atlas/web/service/ActiveInstanceStateTest.java
@@ -114,9 +114,11 @@ public class ActiveInstanceStateTest {
        CreateBuilder createBuilder = mock(CreateBuilder.class);
        when(curatorFramework.create()).thenReturn(createBuilder);
        when(createBuilder.withMode(CreateMode.EPHEMERAL)).thenReturn(createBuilder);
-        ACL expectedAcl = new ACL(ZooDefs.Perms.ALL, new Id("sasl", "myclient@EXAMPLE.COM"));
+	ACL expectedAcl = new ACL(ZooDefs.Perms.ALL, new Id("sasl", "myclient@EXAMPLE.COM"));
+	ACL expectedAcl1 = new ACL(ZooDefs.Perms.READ, new Id("world", "anyone"));
        when(createBuilder.
-                withACL(Arrays.asList(new ACL[]{expectedAcl}))).thenReturn(createBuilder);
+                withACL(Arrays.asList(new ACL[]{expectedAcl,expectedAcl1}))).thenReturn(createBuilder);
        SetDataBuilder setDataBuilder = mock(SetDataBuilder.class);
        when(curatorFramework.setData()).thenReturn(setDataBuilder);