[AMBARI-18023] Enforce granular role-based access control for log search functions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.4.0
Fix Version/s: 2.4.0
Component/s: ambari-server
Labels:
None

Description

Enforce granular role-based access control for log search functions.

Users must have the SERVICE.VIEW_OPERATIONAL_LOGS authorization in order to perform log search functions.

The following REST API entry points are affected:

GET /api/v1/clusters/:CLUSTER_NAME/host_components

The LogSearch-related data is to be filtered out if the user does not have authorization to view it

GET /api/v1/clusters/:CLUSTER_NAME/logging/searchEngine

Access is to be denied if the user does does not have authorization to view LogSearch-related data

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-18023_branch-2.4_01.patch
04/Aug/16 22:58
45 kB
Robert Levas
AMBARI-18023_trunk_01.patch
04/Aug/16 22:58
45 kB
Robert Levas

Issue Links

links to

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Aug/16 14:51

Updated:: 12/Jun/17 20:30

Resolved:: 05/Aug/16 15:15