apache
/
ambari
зеркало из https://gitee.com/freeshow_me/ambari


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237
							/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

var App = require('app');
var stringUtils = require('utils/string_utils');

App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
  name: 'mainAdminSecurityAddStep3Controller',
  hostComponents: [],
  doDownloadCsv: function () {
    if ($.browser.msie && $.browser.version < 10) {
      this.openInfoInNewTab();
    } else {
      try {
        var blob = new Blob([stringUtils.arrayToCSV(this.get('hostComponents'))], {type: "text/csv;charset=utf-8;"});
        saveAs(blob, "host-principal-keytab-list.csv");
      } catch(e) {
         this.openInfoInNewTab();
      }
    }
  },
  openInfoInNewTab: function () {
    var newWindow = window.open('');
    var newDocument = newWindow.document;
    newDocument.write(stringUtils.arrayToCSV(this.get('hostComponents')));
    newWindow.focus();
  },
  loadStep: function(){
    var configs = this.get('content.serviceConfigProperties');
    var hosts = App.Host.find();
    var result = [];
    var componentsToDisplay = ['NAMENODE', 'SECONDARY_NAMENODE', 'DATANODE', 'JOBTRACKER', 'ZOOKEEPER_SERVER', 'HIVE_SERVER', 'TASKTRACKER',
      'OOZIE_SERVER', 'NAGIOS_SERVER', 'HBASE_MASTER', 'HBASE_REGIONSERVER'];
    var securityUsers = [];
    if (!securityUsers || securityUsers.length < 1) { // Page could be refreshed in middle
      securityUsers = this.getSecurityUsers();
    }
    var isHbaseInstalled = App.Service.find().findProperty('serviceName', 'HBASE');
    var generalConfigs = configs.filterProperty('serviceName', 'GENERAL');
    var hdfsConfigs = configs.filterProperty('serviceName', 'HDFS');
    var realm = generalConfigs.findProperty('name', 'kerberos_domain').value;
    var smokeUserId = securityUsers.findProperty('name', 'smokeuser').value;
    var hdfsUserId = securityUsers.findProperty('name', 'hdfs_user').value;
    var hbaseUserId = securityUsers.findProperty('name', 'hbase_user').value;
    var mapredUserId = securityUsers.findProperty('name', 'mapred_user').value;
    var hiveUserId = securityUsers.findProperty('name', 'hive_user').value;
    var zkUserId = securityUsers.findProperty('name', 'zk_user').value;
    var oozieUserId = securityUsers.findProperty('name', 'oozie_user').value;
    var nagiosUserId = securityUsers.findProperty('name', 'nagios_user').value;
    var hadoopGroupId = securityUsers.findProperty('name', 'user_group').value;

    var smokeUser = smokeUserId + '@' + realm;
    var hdfsUser = hdfsUserId + '@' + realm;
    var hbaseUser = hbaseUserId + '@' + realm;
    var smokeUserKeytabPath = generalConfigs.findProperty('name', 'smokeuser_keytab').value;
    var hdfsUserKeytabPath = generalConfigs.findProperty('name', 'hdfs_user_keytab').value;
    var hbaseUserKeytabPath = generalConfigs.findProperty('name', 'hbase_user_keytab').value;
    var hadoopHttpPrincipal = hdfsConfigs.findProperty('name', 'hadoop_http_principal_name');
    var hadoopHttpKeytabPath = hdfsConfigs.findProperty('name', 'hadoop_http_keytab').value;
    var componentToOwnerMap = {
      'NAMENODE': hdfsUserId,
      'SECONDARY_NAMENODE': hdfsUserId,
      'DATANODE': hdfsUserId,
      'TASKTRACKER': mapredUserId,
      'JOBTRACKER': mapredUserId,
      'ZOOKEEPER_SERVER': zkUserId,
      'HIVE_SERVER': hiveUserId,
      'OOZIE_SERVER': oozieUserId,
      'NAGIOS_SERVER': nagiosUserId,
      'HBASE_MASTER': hbaseUserId,
      'HBASE_REGIONSERVER': hbaseUserId
    };

    var addedPrincipalsHost = {}; //Keys = host_principal, Value = 'true'

    hosts.forEach(function (host) {
      result.push({
        host: host.get('hostName'),
        component: Em.I18n.t('admin.addSecurity.user.smokeUser'),
        principal: smokeUser,
        keytabFile: stringUtils.getFileFromPath(smokeUserKeytabPath),
        keytab: stringUtils.getPath(smokeUserKeytabPath),
        owner: smokeUserId,
        group: hadoopGroupId,
        acl: '440'
      });
      result.push({
        host: host.get('hostName'),
        component: Em.I18n.t('admin.addSecurity.user.hdfsUser'),
        principal: hdfsUser,
        keytabFile: stringUtils.getFileFromPath(hdfsUserKeytabPath),
        keytab: stringUtils.getPath(hdfsUserKeytabPath),
        owner: hdfsUserId,
        group: hadoopGroupId,
        acl: '440'
      });
      if (isHbaseInstalled) {
        result.push({
          host: host.get('hostName'),
          component: Em.I18n.t('admin.addSecurity.user.hbaseUser'),
          principal: hbaseUser,
          keytabFile: stringUtils.getFileFromPath(hbaseUserKeytabPath),
          keytab: stringUtils.getPath(hbaseUserKeytabPath),
          owner: hbaseUserId,
          group: hadoopGroupId,
          acl: '440'
        });
      }
      if(host.get('hostComponents').someProperty('componentName', 'NAMENODE') ||
        host.get('hostComponents').someProperty('componentName', 'SECONDARY_NAMENODE')){
        result.push({
          host: host.get('hostName'),
          component: Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),
          principal: hadoopHttpPrincipal.value.replace('_HOST', host.get('hostName')) + hadoopHttpPrincipal.unit,
          keytabFile: stringUtils.getFileFromPath(hadoopHttpKeytabPath),
          keytab: stringUtils.getPath(hadoopHttpKeytabPath),
          owner: 'root',
          group: hadoopGroupId,
          acl: '440'
        });
      }
      if (host.get('hostComponents').someProperty('componentName', 'WEBHCAT_SERVER')) {
        var webHcatConfigs = configs.filterProperty('serviceName', 'WEBHCAT');
        var webHCatHttpPrincipal = webHcatConfigs.findProperty('name', 'webHCat_http_principal_name');
        var webHCatHttpKeytabPath = webHcatConfigs.findProperty('name', 'webhcat_http_keytab').value;
        result.push({
          host: host.get('hostName'),
          component: Em.I18n.t('admin.addSecurity.webhcat.user.httpUser'),
          principal: webHCatHttpPrincipal.value.replace('_HOST', host.get('hostName')) + webHCatHttpPrincipal.unit,
          keytabFile: stringUtils.getFileFromPath(webHCatHttpKeytabPath),
          keytab: stringUtils.getPath(webHCatHttpKeytabPath),
          owner: 'root',
          group: hadoopGroupId,
          acl: '440'
        });
      }
      if (host.get('hostComponents').someProperty('componentName', 'OOZIE_SERVER')) {
        var oozieConfigs = configs.filterProperty('serviceName', 'OOZIE');
        var oozieHttpPrincipal = oozieConfigs.findProperty('name', 'oozie_http_principal_name');
        var oozieHttpKeytabPath = oozieConfigs.findProperty('name', 'oozie_http_keytab').value;
        result.push({
          host: host.get('hostName'),
          component: Em.I18n.t('admin.addSecurity.oozie.user.httpUser'),
          principal: oozieHttpPrincipal.value.replace('_HOST', host.get('hostName')) + oozieHttpPrincipal.unit,
          keytabFile: stringUtils.getFileFromPath(oozieHttpKeytabPath),
          keytab: stringUtils.getPath(oozieHttpKeytabPath),
          owner: 'root',
          group: hadoopGroupId,
          acl: '440'
        });
      }
      host.get('hostComponents').forEach(function(hostComponent){
        if(componentsToDisplay.contains(hostComponent.get('componentName'))){
          var serviceConfigs = configs.filterProperty('serviceName', hostComponent.get('service.serviceName'));
          var principal, keytab;
          serviceConfigs.forEach(function (config) {
            if (config.component && config.component === hostComponent.get('componentName')) {
              if (config.name.endsWith('_principal_name')) {
                principal = config.value.replace('_HOST', host.get('hostName')) + config.unit;
              } else if (config.name.endsWith('_keytab') || config.name.endsWith('_keytab_path')) {
                keytab = config.value;
              }
            } else if (config.components && config.components.contains(hostComponent.get('componentName'))) {
              if (config.name.endsWith('_principal_name')) {
                principal = config.value.replace('_HOST', host.get('hostName')) + config.unit;
              } else if (config.name.endsWith('_keytab') || config.name.endsWith('_keytab_path')) {
                keytab = config.value;
              }
            }
          });
          var displayName = this.changeDisplayName(hostComponent.get('displayName'));
          var key = host.get('hostName') + "--" + principal;
          if (!addedPrincipalsHost[key]) {
            var owner = componentToOwnerMap[hostComponent.get('componentName')];
            if(!owner){
              owner = '';
            }
            result.push({
              host: host.get('hostName'),
              component: displayName,
              principal: principal,
              keytabFile: stringUtils.getFileFromPath(keytab),
              keytab: stringUtils.getPath(keytab),
              owner: owner,
              group: hadoopGroupId,
              acl: '400'
            });
            addedPrincipalsHost[key] = true;
          }
        }
      },this);
    },this);
    this.set('hostComponents', result);
  },

  getSecurityUsers: function() {
    var securityUsers = [];
    if (App.testMode) {
      securityUsers.pushObject({id: 'puppet var', name: 'hdfs_user', value: 'hdfs'});
      securityUsers.pushObject({id: 'puppet var', name: 'mapred_user', value: 'mapred'});
      securityUsers.pushObject({id: 'puppet var', name: 'hbase_user', value: 'hbase'});
      securityUsers.pushObject({id: 'puppet var', name: 'hive_user', value: 'hive'});
      securityUsers.pushObject({id: 'puppet var', name: 'smokeuser', value: 'ambari-qa'});
      securityUsers.pushObject({id: 'puppet var', name: 'zk_user', value: 'zookeeper'});
      securityUsers.pushObject({id: 'puppet var', name: 'oozie_user', value: 'oozie'});
      securityUsers.pushObject({id: 'puppet var', name: 'nagios_user', value: 'nagios'});
      securityUsers.pushObject({id: 'puppet var', name: 'user_group', value: 'hadoop'});
    } else {
      App.router.get('mainAdminSecurityController').setSecurityStatus();
      securityUsers = App.router.get('mainAdminSecurityController').get('serviceUsers');
    }
    return securityUsers;
  },

  changeDisplayName: function (name) {
    if (name === 'HiveServer2') {
      return 'Hive Metastore and HiveServer2';
    } else {
      return name;
    }
  }
});