Example 1 with BundleJobInfoGetJPAExecutor
use of org.apache.oozie.executor.jpa.BundleJobInfoGetJPAExecutor in project oozie by apache.
the class AuthorizationService method authorizeForJobs.
/**
* Check if the user+group is authorized to operate on the specified jobs. <p> Checks if the user is a super-user or
* the one who started the jobs. <p> Read operations are allowed to all users.
*
* @param user user name.
* @param filter filter used to select jobs
* @param start starting index of the jobs in DB
* @param len maximum amount of jobs to select
* @param write indicates if the check is for read or write job tasks.
* @throws AuthorizationException thrown if the user is not authorized for the job.
*/
public void authorizeForJobs(String user, Map<String, List<String>> filter, String jobType, int start, int len, boolean write) throws AuthorizationException {
if (authorizationEnabled && write && !isAdmin(user)) {
try {
// handle workflow jobs
if (jobType.equals("wf")) {
List<WorkflowJobBean> jobBeans = new ArrayList<WorkflowJobBean>();
JPAService jpaService = Services.get().get(JPAService.class);
if (jpaService != null) {
try {
jobBeans = jpaService.execute(new WorkflowsJobGetJPAExecutor(filter, start, len)).getWorkflows();
} catch (JPAExecutorException je) {
throw new AuthorizationException(je);
}
} else {
throw new AuthorizationException(ErrorCode.E0610);
}
for (WorkflowJobBean jobBean : jobBeans) {
if (jobBean != null && !jobBean.getUser().equals(user)) {
if (!isUserInAcl(user, jobBean.getGroup())) {
incrCounter(INSTR_FAILED_AUTH_COUNTER, 1);
throw new AuthorizationException(ErrorCode.E0508, user, jobBean.getId());
}
}
}
} else // handle bundle jobs
if (jobType.equals("bundle")) {
List<BundleJobBean> jobBeans = new ArrayList<BundleJobBean>();
JPAService jpaService = Services.get().get(JPAService.class);
if (jpaService != null) {
try {
jobBeans = jpaService.execute(new BundleJobInfoGetJPAExecutor(filter, start, len)).getBundleJobs();
} catch (JPAExecutorException je) {
throw new AuthorizationException(je);
}
} else {
throw new AuthorizationException(ErrorCode.E0610);
}
for (BundleJobBean jobBean : jobBeans) {
if (jobBean != null && !jobBean.getUser().equals(user)) {
if (!isUserInAcl(user, jobBean.getGroup())) {
incrCounter(INSTR_FAILED_AUTH_COUNTER, 1);
throw new AuthorizationException(ErrorCode.E0509, user, jobBean.getId());
}
}
}
} else // handle coordinator jobs
{
List<CoordinatorJobBean> jobBeans = new ArrayList<CoordinatorJobBean>();
JPAService jpaService = Services.get().get(JPAService.class);
if (jpaService != null) {
try {
jobBeans = jpaService.execute(new CoordJobInfoGetJPAExecutor(filter, start, len)).getCoordJobs();
} catch (JPAExecutorException je) {
throw new AuthorizationException(je);
}
} else {
throw new AuthorizationException(ErrorCode.E0610);
}
for (CoordinatorJobBean jobBean : jobBeans) {
if (jobBean != null && !jobBean.getUser().equals(user)) {
if (!isUserInAcl(user, jobBean.getGroup())) {
incrCounter(INSTR_FAILED_AUTH_COUNTER, 1);
throw new AuthorizationException(ErrorCode.E0509, user, jobBean.getId());
}
}
}
}
} catch (IOException ex) {
throw new AuthorizationException(ErrorCode.E0501, ex.getMessage(), ex);
}
}
}
Also used :
CoordinatorJobBean(org.apache.oozie.CoordinatorJobBean)
CoordJobInfoGetJPAExecutor(org.apache.oozie.executor.jpa.CoordJobInfoGetJPAExecutor)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
WorkflowJobBean(org.apache.oozie.WorkflowJobBean)
WorkflowsJobGetJPAExecutor(org.apache.oozie.executor.jpa.WorkflowsJobGetJPAExecutor)
JPAExecutorException(org.apache.oozie.executor.jpa.JPAExecutorException)
BundleJobBean(org.apache.oozie.BundleJobBean)
ArrayList(java.util.ArrayList)
List(java.util.List)
BundleJobInfoGetJPAExecutor(org.apache.oozie.executor.jpa.BundleJobInfoGetJPAExecutor)
Example 2 with BundleJobInfoGetJPAExecutor
use of org.apache.oozie.executor.jpa.BundleJobInfoGetJPAExecutor in project oozie by apache.
the class BundleJobsXCommand method execute.
/* (non-Javadoc)
* @see org.apache.oozie.command.XCommand#execute()
*/
@Override
protected BundleJobInfo execute() throws CommandException {
try {
JPAService jpaService = Services.get().get(JPAService.class);
BundleJobInfo bundleInfo = null;
if (jpaService != null) {
bundleInfo = jpaService.execute(new BundleJobInfoGetJPAExecutor(filter, start, len));
} else {
LOG.error(ErrorCode.E0610);
}
return bundleInfo;
} catch (XException ex) {
throw new CommandException(ex);
}
}
Also used :
XException(org.apache.oozie.XException)
BundleJobInfo(org.apache.oozie.BundleJobInfo)
CommandException(org.apache.oozie.command.CommandException)
JPAService(org.apache.oozie.service.JPAService)
BundleJobInfoGetJPAExecutor(org.apache.oozie.executor.jpa.BundleJobInfoGetJPAExecutor)
Aggregations
BundleJobInfoGetJPAExecutor (org.apache.oozie.executor.jpa.BundleJobInfoGetJPAExecutor)2
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
BundleJobBean (org.apache.oozie.BundleJobBean)1
BundleJobInfo (org.apache.oozie.BundleJobInfo)1
CoordinatorJobBean (org.apache.oozie.CoordinatorJobBean)1
WorkflowJobBean (org.apache.oozie.WorkflowJobBean)1
XException (org.apache.oozie.XException)1
CommandException (org.apache.oozie.command.CommandException)1
CoordJobInfoGetJPAExecutor (org.apache.oozie.executor.jpa.CoordJobInfoGetJPAExecutor)1
JPAExecutorException (org.apache.oozie.executor.jpa.JPAExecutorException)1
WorkflowsJobGetJPAExecutor (org.apache.oozie.executor.jpa.WorkflowsJobGetJPAExecutor)1
JPAService (org.apache.oozie.service.JPAService)1
