org.apache.hadoop.yarn.api.records.ApplicationAccessType Java Examples

@SuppressWarnings("unchecked")
private void initApp(final ApplicationId appId, String user,
    Credentials credentials, ContainerLogsRetentionPolicy logRetentionPolicy,
    Map<ApplicationAccessType, String> appAcls,
    LogAggregationContext logAggregationContext) {
  ApplicationEvent eventResponse;
  try {
    verifyAndCreateRemoteLogDir(getConfig());
    initAppAggregator(appId, user, credentials, logRetentionPolicy, appAcls,
        logAggregationContext);
    eventResponse = new ApplicationEvent(appId,
        ApplicationEventType.APPLICATION_LOG_HANDLING_INITED);
  } catch (YarnRuntimeException e) {
    LOG.warn("Application failed to init aggregation", e);
    eventResponse = new ApplicationEvent(appId,
        ApplicationEventType.APPLICATION_LOG_HANDLING_FAILED);
  }
  this.dispatcher.getEventHandler().handle(eventResponse);
}
 

private static void uploadEmptyContainerLogIntoRemoteDir(UserGroupInformation ugi,
    Configuration configuration, List<String> rootLogDirs, NodeId nodeId,
    ContainerId containerId, Path appDir, FileSystem fs) throws Exception {
  Path path =
      new Path(appDir, LogAggregationUtils.getNodeString(nodeId)
          + System.currentTimeMillis());
  AggregatedLogFormat.LogWriter writer =
      new AggregatedLogFormat.LogWriter(configuration, path, ugi);
  writer.writeApplicationOwner(ugi.getUserName());

  Map<ApplicationAccessType, String> appAcls =
      new HashMap<ApplicationAccessType, String>();
  appAcls.put(ApplicationAccessType.VIEW_APP, ugi.getUserName());
  writer.writeApplicationACLs(appAcls);
  DataOutputStream out = writer.getWriter().prepareAppendKey(-1);
  new AggregatedLogFormat.LogKey(containerId).write(out);
  out.close();
  out = writer.getWriter().prepareAppendValue(-1);
  new AggregatedLogFormat.LogValue(rootLogDirs, containerId,
    UserGroupInformation.getCurrentUser().getShortUserName()).write(out,
    new HashSet<File>());
  out.close();
  writer.close();
}
 

/**
 * Get the single timeline entity that the given user has access to. The
 * meaning of each argument has been documented with
 * {@link TimelineReader#getEntity}.
 * 
 * @see TimelineReader#getEntity
 */
public TimelineEntity getEntity(
    String entityType,
    String entityId,
    EnumSet<Field> fields,
    UserGroupInformation callerUGI) throws YarnException, IOException {
  TimelineEntity entity = null;
  entity =
      store.getEntity(entityId, entityType, fields);
  if (entity != null) {
    addDefaultDomainIdIfAbsent(entity);
    // check ACLs
    if (!timelineACLsManager.checkAccess(
        callerUGI, ApplicationAccessType.VIEW_APP, entity)) {
      entity = null;
    }
  }
  return entity;
}
 

@SuppressWarnings("unchecked")
private void initApp(final ApplicationId appId, String user,
    Credentials credentials, ContainerLogsRetentionPolicy logRetentionPolicy,
    Map<ApplicationAccessType, String> appAcls,
    LogAggregationContext logAggregationContext) {
  ApplicationEvent eventResponse;
  try {
    verifyAndCreateRemoteLogDir(getConfig());
    initAppAggregator(appId, user, credentials, logRetentionPolicy, appAcls,
        logAggregationContext);
    eventResponse = new ApplicationEvent(appId,
        ApplicationEventType.APPLICATION_LOG_HANDLING_INITED);
  } catch (YarnRuntimeException e) {
    LOG.warn("Application failed to init aggregation", e);
    eventResponse = new ApplicationEvent(appId,
        ApplicationEventType.APPLICATION_LOG_HANDLING_FAILED);
  }
  this.dispatcher.getEventHandler().handle(eventResponse);
}
 

private void checkAppQueue(MockRM resourceManager, String user,
    String submissionQueue, String expected)
    throws Exception {
  RMApp app = resourceManager.submitApp(200, "name", user,
      new HashMap<ApplicationAccessType, String>(), false, submissionQueue, -1,
      null, "MAPREDUCE", false);
  RMAppState expectedState = expected.isEmpty() ? RMAppState.FAILED
      : RMAppState.ACCEPTED;
  resourceManager.waitForState(app.getApplicationId(), expectedState);
  // get scheduler app
  CapacityScheduler cs = (CapacityScheduler)
      resourceManager.getResourceScheduler();
  SchedulerApplication schedulerApp =
      cs.getSchedulerApplications().get(app.getApplicationId());
  String queue = "";
  if (schedulerApp != null) {
    queue = schedulerApp.getQueue().getQueueName();
  }
  Assert.assertTrue("expected " + expected + " actual " + queue,
      expected.equals(queue));
  Assert.assertEquals(expected, app.getQueue());
}
 

private void checkAccess(ApplicationReportExt app)
        throws YarnException, IOException {
  if (app.appViewACLs != null) {
    aclsManager.addApplication(
        app.appReport.getApplicationId(), app.appViewACLs);
    try {
      if (!aclsManager.checkAccess(UserGroupInformation.getCurrentUser(),
          ApplicationAccessType.VIEW_APP, app.appReport.getUser(),
          app.appReport.getApplicationId())) {
        throw new AuthorizationException("User "
            + UserGroupInformation.getCurrentUser().getShortUserName()
            + " does not have privilage to see this application "
            + app.appReport.getApplicationId());
      }
    } finally {
      aclsManager.removeApplication(app.appReport.getApplicationId());
    }
  }
}
 

private Map<ApplicationAccessType, String> createACLs(String submitter,
    boolean setupACLs) {
  AccessControlList viewACL = new AccessControlList("");
  AccessControlList modifyACL = new AccessControlList("");
  if (setupACLs) {
    viewACL.addUser(submitter);
    viewACL.addUser(COMMON_USER);
    modifyACL.addUser(submitter);
    modifyACL.addUser(COMMON_USER);
  }
  Map<ApplicationAccessType, String> acls =
      new HashMap<ApplicationAccessType, String>();
  acls.put(ApplicationAccessType.VIEW_APP, viewACL.getAclString());
  acls.put(ApplicationAccessType.MODIFY_APP, modifyACL.getAclString());
  return acls;
}
 

private ApplicationId submitAppAndGetAppId(String submitter,
    String queueName, boolean setupACLs) throws Exception {

  GetNewApplicationRequest newAppRequest =
      GetNewApplicationRequest.newInstance();

  ApplicationClientProtocol submitterClient = getRMClientForUser(submitter);
  ApplicationId applicationId =
      submitterClient.getNewApplication(newAppRequest).getApplicationId();

  Resource resource = BuilderUtils.newResource(1024, 1);
  Map<ApplicationAccessType, String> acls = createACLs(submitter, setupACLs);
  ContainerLaunchContext amContainerSpec =
      ContainerLaunchContext.newInstance(null, null, null, null, null, acls);

  ApplicationSubmissionContext appSubmissionContext =
      ApplicationSubmissionContext.newInstance(applicationId,
        "applicationName", queueName, null, amContainerSpec, false, true, 1,
        resource, "applicationType");
  appSubmissionContext.setApplicationId(applicationId);
  appSubmissionContext.setQueue(queueName);

  SubmitApplicationRequest submitRequest =
      SubmitApplicationRequest.newInstance(appSubmissionContext);
  submitterClient.submitApplication(submitRequest);
  resourceManager.waitForState(applicationId, RMAppState.ACCEPTED);
  return applicationId;
}
 

/**
 * check if the calling user has the access to application information.
 * @param callerUGI
 * @param owner
 * @param operationPerformed
 * @param application
 * @return
 */
private boolean checkAccess(UserGroupInformation callerUGI, String owner,
    ApplicationAccessType operationPerformed,
    RMApp application) {
  return applicationsACLsManager.checkAccess(callerUGI, operationPerformed,
      owner, application.getApplicationId())
      || queueACLsManager.checkAccess(callerUGI, QueueACL.ADMINISTER_QUEUE,
          application.getQueue());
}
 

@Test(timeout = 30000)
public void testApplicationType() throws Exception {
  Logger rootLogger = LogManager.getRootLogger();
  rootLogger.setLevel(Level.DEBUG);
  MockRM rm = new MockRM();
  rm.start();
  RMApp app = rm.submitApp(2000);
  RMApp app1 =
      rm.submitApp(200, "name", "user",
        new HashMap<ApplicationAccessType, String>(), false, "default", -1,
        null, "MAPREDUCE");
  Assert.assertEquals("YARN", app.getApplicationType());
  Assert.assertEquals("MAPREDUCE", app1.getApplicationType());
  rm.stop();
}
 

@Test(timeout=20000)
public void testAppSubmissionWithInvalidDelegationToken() throws Exception {
  Configuration conf = new Configuration();
  conf.set(
      CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
      "kerberos");
  UserGroupInformation.setConfiguration(conf);
  MockRM rm = new MockRM(conf) {
    @Override
    protected void doSecureLogin() throws IOException {
      // Skip the login.
    }
  };
  ByteBuffer tokens = ByteBuffer.wrap("BOGUS".getBytes()); 
  ContainerLaunchContext amContainer =
      ContainerLaunchContext.newInstance(
          new HashMap<String, LocalResource>(), new HashMap<String, String>(),
          new ArrayList<String>(), new HashMap<String, ByteBuffer>(), tokens,
          new HashMap<ApplicationAccessType, String>());
  ApplicationSubmissionContext appSubContext =
      ApplicationSubmissionContext.newInstance(
          ApplicationId.newInstance(1234121, 0),
          "BOGUS", "default", Priority.UNDEFINED, amContainer, false,
          true, 1, Resource.newInstance(1024, 1), "BOGUS");
  SubmitApplicationRequest request =
      SubmitApplicationRequest.newInstance(appSubContext);
  try {
    rm.getClientRMService().submitApplication(request);
    fail("Error was excepted.");
  } catch (YarnException e) {
    Assert.assertTrue(e.getMessage().contains(
        "Bad header found in token storage"));
  }
}
 

@Override
public void setApplicationRegistrationData(Resource maxContainerCapability,
                                           Map<ApplicationAccessType, String> appAcls,
                                           ByteBuffer clientAMSecretKey,
                                           String queueName) {
  taskSchedulerManager.setApplicationRegistrationData(schedulerId, maxContainerCapability,
      appAcls, clientAMSecretKey, queueName);
}
 

@Test
public void testGetApplicationReport() throws Exception {
  YarnScheduler yarnScheduler = mock(YarnScheduler.class);
  RMContext rmContext = mock(RMContext.class);
  mockRMContext(yarnScheduler, rmContext);

  ApplicationId appId1 = getApplicationId(1);

  ApplicationACLsManager mockAclsManager = mock(ApplicationACLsManager.class);
  when(
      mockAclsManager.checkAccess(UserGroupInformation.getCurrentUser(),
          ApplicationAccessType.VIEW_APP, null, appId1)).thenReturn(true);

  ClientRMService rmService = new ClientRMService(rmContext, yarnScheduler,
      null, mockAclsManager, null, null);
  try {
    RecordFactory recordFactory = RecordFactoryProvider.getRecordFactory(null);
    GetApplicationReportRequest request = recordFactory
        .newRecordInstance(GetApplicationReportRequest.class);
    request.setApplicationId(appId1);
    GetApplicationReportResponse response = 
        rmService.getApplicationReport(request);
    ApplicationReport report = response.getApplicationReport();
    ApplicationResourceUsageReport usageReport = 
        report.getApplicationResourceUsageReport();
    Assert.assertEquals(10, usageReport.getMemorySeconds());
    Assert.assertEquals(3, usageReport.getVcoreSeconds());
    Assert.assertEquals(3, usageReport.getGcoreSeconds());
  } finally {
    rmService.close();
  }
}
 

@Test
public void testGetApplicationReport() throws Exception {
  YarnScheduler yarnScheduler = mock(YarnScheduler.class);
  RMContext rmContext = mock(RMContext.class);
  mockRMContext(yarnScheduler, rmContext);

  ApplicationId appId1 = getApplicationId(1);

  ApplicationACLsManager mockAclsManager = mock(ApplicationACLsManager.class);
  when(
      mockAclsManager.checkAccess(UserGroupInformation.getCurrentUser(),
          ApplicationAccessType.VIEW_APP, null, appId1)).thenReturn(true);

  ClientRMService rmService = new ClientRMService(rmContext, yarnScheduler,
      null, mockAclsManager, null, null);
  try {
    RecordFactory recordFactory = RecordFactoryProvider.getRecordFactory(null);
    GetApplicationReportRequest request = recordFactory
        .newRecordInstance(GetApplicationReportRequest.class);
    request.setApplicationId(appId1);
    GetApplicationReportResponse response = 
        rmService.getApplicationReport(request);
    ApplicationReport report = response.getApplicationReport();
    ApplicationResourceUsageReport usageReport = 
        report.getApplicationResourceUsageReport();
    Assert.assertEquals(10, usageReport.getMemorySeconds());
    Assert.assertEquals(3, usageReport.getVcoreSeconds());
  } finally {
    rmService.close();
  }
}
 

@Test
public void testCheckAccessWithNullACLS() {
  Configuration conf = new Configuration();
  conf.setBoolean(YarnConfiguration.YARN_ACL_ENABLE,
      true);
  conf.set(YarnConfiguration.YARN_ADMIN_ACL,
      ADMIN_USER);
  ApplicationACLsManager aclManager = new ApplicationACLsManager(conf);
  UserGroupInformation appOwner = UserGroupInformation
      .createRemoteUser(APP_OWNER);
  ApplicationId appId = ApplicationId.newInstance(1, 1);
  //Application ACL is not added

  //Application Owner should have all access even if Application ACL is not added
  assertTrue(aclManager.checkAccess(appOwner, ApplicationAccessType.MODIFY_APP, 
      APP_OWNER, appId));
  assertTrue(aclManager.checkAccess(appOwner, ApplicationAccessType.VIEW_APP, 
      APP_OWNER, appId));

  //Admin should have all access
  UserGroupInformation adminUser = UserGroupInformation
      .createRemoteUser(ADMIN_USER);
  assertTrue(aclManager.checkAccess(adminUser, ApplicationAccessType.VIEW_APP, 
      APP_OWNER, appId));
  assertTrue(aclManager.checkAccess(adminUser, ApplicationAccessType.MODIFY_APP, 
      APP_OWNER, appId));

  // A regular user should Not have access
  UserGroupInformation testUser1 = UserGroupInformation
      .createRemoteUser(TESTUSER1);
  assertFalse(aclManager.checkAccess(testUser1, ApplicationAccessType.VIEW_APP, 
      APP_OWNER, appId));
  assertFalse(aclManager.checkAccess(testUser1, ApplicationAccessType.MODIFY_APP, 
      APP_OWNER, appId));
}
 

public static ContainerLaunchContext newContainerLaunchContext(
    Map<String, LocalResource> localResources,
    Map<String, String> environment, List<String> commands,
    Map<String, ByteBuffer> serviceData, ByteBuffer tokens,
    Map<ApplicationAccessType, String> acls) {
  ContainerLaunchContext container = recordFactory
      .newRecordInstance(ContainerLaunchContext.class);
  container.setLocalResources(localResources);
  container.setEnvironment(environment);
  container.setCommands(commands);
  container.setServiceData(serviceData);
  container.setTokens(tokens);
  container.setApplicationACLs(acls);
  return container;
}
 

@Override
public void setApplicationACLs(
    final Map<ApplicationAccessType, String> appACLs) {
  if (appACLs == null)
    return;
  initApplicationACLs();
  this.applicationACLS.clear();
  this.applicationACLS.putAll(appACLs);
}
 

@Test(timeout=20000)
public void testAppSubmissionWithInvalidDelegationToken() throws Exception {
  Configuration conf = new Configuration();
  conf.set(
      CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
      "kerberos");
  UserGroupInformation.setConfiguration(conf);
  MockRM rm = new MockRM(conf) {
    @Override
    protected void doSecureLogin() throws IOException {
      // Skip the login.
    }
  };
  ByteBuffer tokens = ByteBuffer.wrap("BOGUS".getBytes()); 
  ContainerLaunchContext amContainer =
      ContainerLaunchContext.newInstance(
          new HashMap<String, LocalResource>(), new HashMap<String, String>(),
          new ArrayList<String>(), new HashMap<String, ByteBuffer>(), tokens,
          new HashMap<ApplicationAccessType, String>());
  ApplicationSubmissionContext appSubContext =
      ApplicationSubmissionContext.newInstance(
          ApplicationId.newInstance(1234121, 0),
          "BOGUS", "default", Priority.UNDEFINED, amContainer, false,
          true, 1, Resource.newInstance(1024, 1, 1), "BOGUS");
  SubmitApplicationRequest request =
      SubmitApplicationRequest.newInstance(appSubContext);
  try {
    rm.getClientRMService().submitApplication(request);
    fail("Error was excepted.");
  } catch (YarnException e) {
    Assert.assertTrue(e.getMessage().contains(
        "Bad header found in token storage"));
  }
}
 

private Container createMockedContainer(ApplicationId appId, int containerId) {
  ApplicationAttemptId appAttemptId =
      BuilderUtils.newApplicationAttemptId(appId, 1);
  ContainerId cId = BuilderUtils.newContainerId(appAttemptId, containerId);
  Container c = mock(Container.class);
  when(c.getContainerId()).thenReturn(cId);
  ContainerLaunchContext launchContext = mock(ContainerLaunchContext.class);
  when(c.getLaunchContext()).thenReturn(launchContext);
  when(launchContext.getApplicationACLs()).thenReturn(
      new HashMap<ApplicationAccessType, String>());
  return c;
}
 

public RMApp submitApp(int masterMemory, String name, String user,
    Map<ApplicationAccessType, String> acls, boolean unmanaged, String queue,
    int maxAppAttempts, Credentials ts, String appType,
    boolean waitForAccepted, boolean keepContainers, boolean isAppIdProvided,
    ApplicationId applicationId) throws Exception {
  return submitApp(masterMemory, name, user, acls, unmanaged, queue,
    maxAppAttempts, ts, appType, waitForAccepted, keepContainers,
    isAppIdProvided, applicationId, 0, null, true);
}
 

private static ContainerLaunchContext mockContainerLaunchContext(
    RecordFactory recordFactory) {
  ContainerLaunchContext amContainer = recordFactory.newRecordInstance(
      ContainerLaunchContext.class);
  amContainer.setApplicationACLs(new HashMap<ApplicationAccessType, String>());;
  return amContainer;
}
 

private void writeLog(Configuration configuration, String user)
    throws Exception {
  ApplicationId appId =  ApplicationIdPBImpl.newInstance(0, 1);
  ApplicationAttemptId appAttemptId =  ApplicationAttemptIdPBImpl.newInstance(appId, 1);
  ContainerId containerId = ContainerIdPBImpl.newContainerId(appAttemptId, 1);

  String path = "target/logs/" + user
      + "/logs/application_0_0001/localhost_1234";
  File f = new File(path);
  if (!f.getParentFile().exists()) {
   assertTrue(f.getParentFile().mkdirs());
  }
  List<String> rootLogDirs = Arrays.asList("target/logs/logs");
  UserGroupInformation ugi = UserGroupInformation.getCurrentUser();

  AggregatedLogFormat.LogWriter writer = new AggregatedLogFormat.LogWriter(
      configuration, new Path(path), ugi);
  writer.writeApplicationOwner(ugi.getUserName());

  Map<ApplicationAccessType, String> appAcls = new HashMap<ApplicationAccessType, String>();
  appAcls.put(ApplicationAccessType.VIEW_APP, ugi.getUserName());
  writer.writeApplicationACLs(appAcls);

  writer.append(new AggregatedLogFormat.LogKey("container_0_0001_01_000001"),
      new AggregatedLogFormat.LogValue(rootLogDirs, containerId,UserGroupInformation.getCurrentUser().getShortUserName()));
  writer.close();
}
 

@Override
public GetApplicationAttemptsResponse getApplicationAttempts(
    GetApplicationAttemptsRequest request) throws YarnException, IOException {
  ApplicationId appId = request.getApplicationId();
  UserGroupInformation callerUGI;
  try {
    callerUGI = UserGroupInformation.getCurrentUser();
  } catch (IOException ie) {
    LOG.info("Error getting UGI ", ie);
    throw RPCUtil.getRemoteException(ie);
  }
  RMApp application = this.rmContext.getRMApps().get(appId);
  if (application == null) {
    // If the RM doesn't have the application, throw
    // ApplicationNotFoundException and let client to handle.
    throw new ApplicationNotFoundException("Application with id '" + appId
        + "' doesn't exist in RM.");
  }
  boolean allowAccess = checkAccess(callerUGI, application.getUser(),
      ApplicationAccessType.VIEW_APP, application);
  GetApplicationAttemptsResponse response = null;
  if (allowAccess) {
    Map<ApplicationAttemptId, RMAppAttempt> attempts = application
        .getAppAttempts();
    List<ApplicationAttemptReport> listAttempts = 
      new ArrayList<ApplicationAttemptReport>();
    Iterator<Map.Entry<ApplicationAttemptId, RMAppAttempt>> iter = attempts
        .entrySet().iterator();
    while (iter.hasNext()) {
      listAttempts.add(iter.next().getValue()
          .createApplicationAttemptReport());
    }
    response = GetApplicationAttemptsResponse.newInstance(listAttempts);
  } else {
    throw new YarnException("User " + callerUGI.getShortUserName()
        + " does not have privilage to see this aplication " + appId);
  }
  return response;
}
 

public ApplicationInitEvent(ApplicationId appId,
    Map<ApplicationAccessType, String> acls,
    LogAggregationContext logAggregationContext) {
  super(appId, ApplicationEventType.INIT_APPLICATION);
  this.applicationACLs = acls;
  this.logAggregationContext = logAggregationContext;
}
 

public static void setupUserACLs(ContainerLaunchContext launchContext, String userName, Configuration conf) throws IOException
{
  logger.debug("Setup login acls {}", userName);
  if (areACLsRequired(conf)) {
    logger.debug("Configuring ACLs for {}", userName);
    Map<ApplicationAccessType, String> acls = Maps.newHashMap();
    acls.put(ApplicationAccessType.VIEW_APP, userName);
    acls.put(ApplicationAccessType.MODIFY_APP, userName);
    launchContext.setApplicationACLs(acls);
  }
}
 

public SetApplicationRegistrationDataCallable(TaskSchedulerContext app,
    Resource maxContainerCapability,
    Map<ApplicationAccessType, String> appAcls,
    ByteBuffer key,
    String queueName) {
  super(app);
  this.maxContainerCapability = maxContainerCapability;
  this.appAcls = appAcls;
  this.key = key;
  this.queueName = queueName;
}
 

public ContainerLaunchContextInfo() {
  local_resources = new HashMap<String, LocalResourceInfo>();
  environment = new HashMap<String, String>();
  commands = new ArrayList<String>();
  servicedata = new HashMap<String, String>();
  credentials = new CredentialsInfo();
  acls = new HashMap<ApplicationAccessType, String>();
}
 

protected Boolean hasAccess(RMApp app, HttpServletRequest hsr) {
  // Check for the authorization.
  UserGroupInformation callerUGI = getCallerUserGroupInformation(hsr, true);
  if (callerUGI != null
      && !(this.rm.getApplicationACLsManager().checkAccess(callerUGI,
            ApplicationAccessType.VIEW_APP, app.getUser(),
            app.getApplicationId()) ||
          this.rm.getQueueACLsManager().checkAccess(callerUGI,
            QueueACL.ADMINISTER_QUEUE, app.getQueue()))) {
    return false;
  }
  return true;
}
 

@Test(timeout = 30000)
public void testApplicationTypeLimit() throws Exception {
  Logger rootLogger = LogManager.getRootLogger();
  rootLogger.setLevel(Level.DEBUG);
  MockRM rm = new MockRM();
  rm.start();
  RMApp app1 =
      rm.submitApp(200, "name", "user",
        new HashMap<ApplicationAccessType, String>(), false, "default", -1,
        null, "MAPREDUCE-LENGTH-IS-20");
  Assert.assertEquals("MAPREDUCE-LENGTH-IS-", app1.getApplicationType());
  rm.stop();
}
 

/**
 * It gives response which includes application report if the application
 * present otherwise throws ApplicationNotFoundException.
 */
@Override
public GetApplicationReportResponse getApplicationReport(
    GetApplicationReportRequest request) throws YarnException {
  ApplicationId applicationId = request.getApplicationId();

  UserGroupInformation callerUGI;
  try {
    callerUGI = UserGroupInformation.getCurrentUser();
  } catch (IOException ie) {
    LOG.info("Error getting UGI ", ie);
    throw RPCUtil.getRemoteException(ie);
  }

  RMApp application = this.rmContext.getRMApps().get(applicationId);
  if (application == null) {
    // If the RM doesn't have the application, throw
    // ApplicationNotFoundException and let client to handle.
    throw new ApplicationNotFoundException("Application with id '"
        + applicationId + "' doesn't exist in RM.");
  }

  boolean allowAccess = checkAccess(callerUGI, application.getUser(),
      ApplicationAccessType.VIEW_APP, application);
  ApplicationReport report =
      application.createAndGetApplicationReport(callerUGI.getUserName(),
          allowAccess);

  GetApplicationReportResponse response = recordFactory
      .newRecordInstance(GetApplicationReportResponse.class);
  response.setApplicationReport(report);
  return response;
}