[AMBARI-24546] Protect the Request resource so that only authorized users may have read-only access the data - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.0
Fix Version/s: 2.7.3
Component/s: ambari-server
Labels:
- pull-request-available
- rbac

Description

Protect the Request resource so that only authorized users may have read-only access the data.

Users with the following roles should have read-only access:

AMBARI.ADMINISTRATOR
CLUSTER.ADMINISTRATOR
CLUSTER.OPERATOR
SERVICE.ADMINISTRATOR
SERVICE.OPERATOR
CLUSTER.USER

Users with no role related to the cluster may not view the data.

Attachments

Issue Links

links to

GitHub Pull Request #2198

GitHub Pull Request #2219

GitHub Pull Request #2261

GitHub Pull Request #2262

Activity

People

Assignee:: Sandor Molnar

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 27/Aug/18 14:36

Updated:: 26/Oct/18 16:08

Resolved:: 26/Oct/18 16:08

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

4h 50m