Add history ui policy to allow acls to either use application set, hi…

…story server force acls on, or off
KaiXinXiaoLei · Apr 24, 2014 · 0d8333c · 0d8333c
1 parent 65148b5
commit 0d8333c
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 3 deletions.
diff --git a/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala b/core/src/main/scala/org/apache/spark/deploy/history/HistoryServer.scala
@@ -181,10 +181,15 @@ class HistoryServer(
     // Do not call ui.bind() to avoid creating a new server for each application
     replayBus.replay()
     if (appListener.applicationStarted) {
-      // Note this relies on the user setting acls properly. We could also add in a master config
-      // to the history server that admins would set if we don't trust the user.
+      HISTORY_UI_ACLS_POLICY match {
+        case HistoryUIAclPolicy.APPLICATION =>
+          appSecManager.setUIAcls(appListener.enableViewAcls)
+        case HistoryUIAclPolicy.HISTORY_SERVER =>
+          appSecManager.setUIAcls(true)
+        case HistoryUIAclPolicy.OFF =>
+          appSecManager.setUIAcls(false)
+      }
       appSecManager.setViewAcls(appListener.sparkUser, appListener.viewAcls)
-      appSecManager.setUIAcls(appListener.enableViewAcls)
       attachSparkUI(ui)
       val appName = appListener.appName
       val sparkUser = appListener.sparkUser
@@ -240,6 +245,20 @@ class HistoryServer(
   }
 }
 
+/**
+ * This is the policy used by the history server for setting who has view permissions
+ * to the applications.
+ * APPLICATION uses the acl settings set by the user who ran the application. If it had
+ * acls enabled, then it will enforce those acls, otherwise anyone can view the application.
+ * HISTORY_SERVER enables the acls for all applications regardless of the application acl settings.
+ * OFF disables the acls for all applications regardless of the application acl settings.
+ */
+object HistoryUIAclPolicy extends Enumeration {
+
+  type HistoryUIAclPolicy = Value
+  val APPLICATION, HISTORY_SERVER, OFF = Value
+}
+
 /**
  * The recommended way of starting and stopping a HistoryServer is through the scripts
  * start-history-server.sh and stop-history-server.sh. The path to a base log directory
@@ -262,6 +281,10 @@ object HistoryServer {
   // The port to which the web UI is bound
   val WEB_UI_PORT = conf.getInt("spark.history.ui.port", 18080)
 
+  // the ui acl policy to apply to the applications
+  val HISTORY_UI_ACLS_POLICY = HistoryUIAclPolicy.
+    withName(conf.get("spark.history.ui.acls.policy", "APPLICATION"))
+
   val STATIC_RESOURCE_DIR = SparkUI.STATIC_RESOURCE_DIR
 
   def main(argStrings: Array[String]) {

diff --git a/docs/monitoring.md b/docs/monitoring.md
@@ -115,6 +115,18 @@ represents an application's event logs. This creates a web interface at
       Location of the kerberos keytab file for the History Server.
     </td>
   </tr>
+  <tr>
+    <td>spark.history.ui.acls.policy</td>
+    <td>APPLICATION</td>
+    <td>
+      This controls the policy used by the history server for setting who has view permissions
+      to the applications. There are three options: APPLICATION, HISTORY_SERVER, and OFF.
+      APPLICATIONS uses the acl settings set by the user who ran the application. If it had 
+      acls enabled, then it will enforce those acls, otherwise anyone can view the application.  
+      HISTORY_SERVER enables the acls for all applications regardless of the application acl settings. 
+      OFF disables the acls for all applications regardless of the application acl settings. 
+    </td>
+  </tr>
 </table>
 
 Note that in all of these UIs, the tables are sortable by clicking their headers,