|
|
@@ -405,22 +405,11 @@ public class ClientRMService extends AbstractService implements
|
|
|
throw new ApplicationNotFoundException("Invalid application id: null");
|
|
|
}
|
|
|
|
|
|
- UserGroupInformation callerUGI;
|
|
|
- try {
|
|
|
- callerUGI = UserGroupInformation.getCurrentUser();
|
|
|
- } catch (IOException ie) {
|
|
|
- LOG.info("Error getting UGI ", ie);
|
|
|
- throw RPCUtil.getRemoteException(ie);
|
|
|
- }
|
|
|
+ UserGroupInformation callerUGI = getCallerUgi(applicationId,
|
|
|
+ AuditConstants.GET_APP_REPORT);
|
|
|
|
|
|
- RMApp application = this.rmContext.getRMApps().get(applicationId);
|
|
|
- if (application == null) {
|
|
|
- // If the RM doesn't have the application, throw
|
|
|
- // ApplicationNotFoundException and let client to handle.
|
|
|
- throw new ApplicationNotFoundException("Application with id '"
|
|
|
- + applicationId + "' doesn't exist in RM. Please check "
|
|
|
- + "that the job submission was successful.");
|
|
|
- }
|
|
|
+ RMApp application = verifyUserAccessForRMApp(applicationId, callerUGI,
|
|
|
+ AuditConstants.GET_APP_REPORT, ApplicationAccessType.VIEW_APP, false);
|
|
|
|
|
|
boolean allowAccess = checkAccess(callerUGI, application.getUser(),
|
|
|
ApplicationAccessType.VIEW_APP, application);
|
|
|
@@ -880,13 +869,8 @@ public class ClientRMService extends AbstractService implements
|
|
|
@Override
|
|
|
public GetApplicationsResponse getApplications(GetApplicationsRequest request)
|
|
|
throws YarnException {
|
|
|
- UserGroupInformation callerUGI;
|
|
|
- try {
|
|
|
- callerUGI = UserGroupInformation.getCurrentUser();
|
|
|
- } catch (IOException ie) {
|
|
|
- LOG.info("Error getting UGI ", ie);
|
|
|
- throw RPCUtil.getRemoteException(ie);
|
|
|
- }
|
|
|
+ UserGroupInformation callerUGI = getCallerUgi(null,
|
|
|
+ AuditConstants.GET_APPLICATIONS_REQUEST);
|
|
|
|
|
|
Set<String> applicationTypes = getLowerCasedAppTypes(request);
|
|
|
EnumSet<YarnApplicationState> applicationStates =
|
|
|
@@ -1048,13 +1032,8 @@ public class ClientRMService extends AbstractService implements
|
|
|
@Override
|
|
|
public GetQueueInfoResponse getQueueInfo(GetQueueInfoRequest request)
|
|
|
throws YarnException {
|
|
|
- UserGroupInformation callerUGI;
|
|
|
- try {
|
|
|
- callerUGI = UserGroupInformation.getCurrentUser();
|
|
|
- } catch (IOException ie) {
|
|
|
- LOG.info("Error getting UGI ", ie);
|
|
|
- throw RPCUtil.getRemoteException(ie);
|
|
|
- }
|
|
|
+ UserGroupInformation callerUGI = getCallerUgi(null,
|
|
|
+ AuditConstants.GET_QUEUE_INFO_REQUEST);
|
|
|
|
|
|
GetQueueInfoResponse response =
|
|
|
recordFactory.newRecordInstance(GetQueueInfoResponse.class);
|
|
|
@@ -1720,16 +1699,10 @@ public class ClientRMService extends AbstractService implements
|
|
|
SignalContainerRequest request) throws YarnException, IOException {
|
|
|
ContainerId containerId = request.getContainerId();
|
|
|
|
|
|
- UserGroupInformation callerUGI;
|
|
|
- try {
|
|
|
- callerUGI = UserGroupInformation.getCurrentUser();
|
|
|
- } catch (IOException ie) {
|
|
|
- LOG.info("Error getting UGI ", ie);
|
|
|
- throw RPCUtil.getRemoteException(ie);
|
|
|
- }
|
|
|
-
|
|
|
ApplicationId applicationId = containerId.getApplicationAttemptId().
|
|
|
getApplicationId();
|
|
|
+ UserGroupInformation callerUGI = getCallerUgi(applicationId,
|
|
|
+ AuditConstants.SIGNAL_CONTAINER);
|
|
|
RMApp application = this.rmContext.getRMApps().get(applicationId);
|
|
|
if (application == null) {
|
|
|
RMAuditLogger.logFailure(callerUGI.getUserName(),
|
curie71