Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-25734

CLUSTER.USER is able to perform actions on service through API calls

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.7.6
    • 2.8.0, 2.7.7
    • ambari-server
    • None

    Description

      Hi Team ,

      CLUSTER.USER is able to perform actions on services (eg . maintenance off/on on ambari_mertrics)

       

      http://abcserver:8080/api/v1/clusters/CERTIFICATION/services/AMBARI_METRICS

      request: 

      {
    "ServiceInfo" : {
        "maintenance_state" : "OFF"
    }
}

      user previlege details : 

      {
  "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/",
  "Users" : {
    "active" : true,
    "admin" : false,
    "consecutive_failures" : 0,
    "created" : 1663235359782,
    "display_name" : "svcambaritest4",
    "groups" : [ ],
    "ldap_user" : false,
    "local_user_name" : "svcambaritest4",
    "user_name" : "svcambaritest4",
    "user_type" : "LOCAL"
  },
  "widget_layouts" : [ ],
  "privileges" : [
    {
      "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/privileges/4",
      "PrivilegeInfo" : {
        "privilege_id" : 4,
        "user_name" : "svcambaritest4"
      }
    }
  ],
  "sources" : [
    {
      "href" : "http://hostservername:8080/api/v1/users/svcambaritest4/sources/4",
      "AuthenticationSourceInfo" : {
        "source_id" : 4,
        "user_name" : "svcambaritest4"
      }
    }
  ]
} 

      {
  "href" : "http://sserverhostname:8080/api/v1/users/svcambaritest4/privileges/4",
  "PrivilegeInfo" : {
    "cluster_name" : "CLUSTERNAME",
    "permission_label" : "Cluster User",
    "permission_name" : "CLUSTER.USER",
    "principal_name" : "svcambaritest4",
    "principal_type" : "USER",
    "privilege_id" : 4,
    "type" : "CLUSTER",
    "user_name" : "svcambaritest4"
  }
}

      Note : From UI we are not able to do this action

       

      Attachments

        1. Screenshot 2022-09-15 at 3.48.19 PM.png
          653 kB
          Satheesh Akuthota

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. AMBARI-15213 RBAC : For "Service Operator/Administrator and Cluster Operator" role, the "Background jobs" dialog box doesn't open up (come to foreground) when a background job is triggered.

          • Major - Major loss of function.
          • Resolved
          links to

          GitHub PR#3388 GitHub PR#3388

          Activity

            People

              vishalsuvagia Vishal Suvagia
              satheeshakuthota Satheesh Akuthota
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 40m
                  40m