secure BrokerQueryResource endpoints (#3506)

2016-09-26 13:27:24 -05:00 · 2016-09-26 13:27:24 -05:00 · 56b0586097
parent 15c9918c65
commit 56b0586097
3 changed files with 7 additions and 1 deletions
--- a/server/src/main/java/io/druid/server/BrokerQueryResource.java
+++ b/server/src/main/java/io/druid/server/BrokerQueryResource.java
@ -23,6 +23,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.jaxrs.smile.SmileMediaTypes;
 import com.google.inject.Inject;
 import com.metamx.emitter.service.ServiceEmitter;
 import com.sun.jersey.spi.container.ResourceFilters;
 import io.druid.client.ServerViewUtil;
 import io.druid.client.TimelineServerView;
 import io.druid.guice.annotations.Json;
@ -30,6 +31,7 @@ import io.druid.guice.annotations.Smile;
 import io.druid.query.Query;
 import io.druid.query.QuerySegmentWalker;
 import io.druid.query.QueryToolChestWarehouse;
 import io.druid.server.http.security.StateResourceFilter;
 import io.druid.server.initialization.ServerConfig;
 import io.druid.server.log.RequestLogger;
 import io.druid.server.security.AuthConfig;
@ -76,6 +78,7 @@ public class BrokerQueryResource extends QueryResource
  @Path("/candidates")
  @Produces({MediaType.APPLICATION_JSON, SmileMediaTypes.APPLICATION_JACKSON_SMILE})
  @Consumes({MediaType.APPLICATION_JSON, SmileMediaTypes.APPLICATION_JACKSON_SMILE, APPLICATION_SMILE})
  @ResourceFilters(StateResourceFilter.class)
  public Response getQueryTargets(
      InputStream in,
      @QueryParam("pretty") String pretty,
--- a/server/src/main/java/io/druid/server/http/security/StateResourceFilter.java
+++ b/server/src/main/java/io/druid/server/http/security/StateResourceFilter.java
@ -92,6 +92,7 @@ public class StateResourceFilter extends AbstractResourceFilter
           requestPath.startsWith("druid/coordinator/v1/tiers") ||
           requestPath.startsWith("druid/worker/v1") ||
           requestPath.startsWith("druid/coordinator/v1/servers") ||
           requestPath.startsWith("druid/v2") ||
           requestPath.startsWith("status");
  }
 }
--- a/server/src/test/java/io/druid/server/http/security/SecurityResourceFilterTest.java
+++ b/server/src/test/java/io/druid/server/http/security/SecurityResourceFilterTest.java
@ -23,6 +23,7 @@ import com.google.common.collect.ImmutableList;
 import com.google.common.collect.Iterables;
 import com.google.inject.Injector;
 import com.sun.jersey.spi.container.ResourceFilter;
 import io.druid.server.BrokerQueryResource;
 import io.druid.server.ClientInfoResource;
 import io.druid.server.QueryResource;
 import io.druid.server.StatusResource;
@ -67,7 +68,8 @@ public class SecurityResourceFilterTest extends ResourceFilterTestHelper
            getRequestPaths(ClientInfoResource.class),
            getRequestPaths(CoordinatorDynamicConfigsResource.class),
            getRequestPaths(QueryResource.class),
-            getRequestPaths(StatusResource.class)
+            getRequestPaths(StatusResource.class),
            getRequestPaths(BrokerQueryResource.class)
        )
    );
  }