Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-12851

Inconsistent CACHE_CREATE/DESTROY authorization logic API IgniteClient and REST

    XMLWordPrintableJSON

Details

    • Wish
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 2.8
    • None
    • security
    • None
    • Docs Required, Release Notes Required

    Description

      Now the work of permissions for API IgniteClient and REST is different.
      To create/delete a cache:
      IgniteClient authorises CACHE_CREATE/CACHE_DESTROY.(GridCacheProcessor#authorizeCacheCreate, authorizeCacheDestroy)
      REST authorises ADMIN_CACHE.(GridRestProcessor#authorize)
      I think this is inconsistent.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #7601

          Activity

            People

              RyzhovSV Sergei Ryzhov
              RyzhovSV Sergei Ryzhov
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10m
                  10m