[DATALAB-1772] Adjust permission to Notebook links from DevOps side - ASF JIRA

Resolved

Reopened

Closed

Verified

Blocked

on hold

XML

Word

Printable

JSON

Details

Type: Task
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: DataLab Main
Labels:
- AWS
- AZURE
- Debian
- DevOps
- GCP
- Github_issue
- RedHat

Epic Link:
Common features for all templates

Description

As user I want that another user will not be able to go to my notebook event if he has the link to my Notebook, so that I will be confident that my Notebook data is in security.

If user (Project_admin of another project or not admin) has a notebook link of the other user he can go to this Notebook via his own credentials and view files of the other user on this Notebook.

So we should limit the access to this link from DevOps side (by the level of Keycloak).

Github issue: https://github.com/apache/incubator-dlab/issues/730

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Vira Vitanska

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Apr/20 10:48

Updated:: 15/Jul/22 14:06