Details
Description
We already authorize which http users can set/remove quota for particular roles, but even knowing of the existence of these roles (let alone their quotas) may be sensitive information. We should add authz around GET operations on /quota.
Attachments
Issue Links
- is related to
-
MESOS-5335 Add authorization to GET /weights.
- Resolved
- relates to
-
MESOS-5155 Consolidate authorization actions for quota.
- Resolved