Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Currently delegated admin user is allowed to change the base policy for HBase/Knox. User should be allowed to edit the policy and make access more restrictive and not broader.
Steps to reproduce:
1. Login into system as admin
2. Create HBase policy with Tables=TBL1, ColumnFamilies=CF1 and assign it to "user" ( Note this user should be internal user ) with permissions as : Admin ( Selecting Admin will also highlight all other permissions )
3. Now login as "user" ( As per policy in step 2, this user is now a "Delegated Admin" user )
4. Click on Edit policy and add TBL2 to the list of Tables. Final set : Tables=TBL1,TBL2 ColumnFamilies=CF1
5. Click on save
Expected result: User should be NOT be allowed to change the Tables ( since he/she was delegated admin ONLY for TBL1/CF1)
Actual result : The user is allowed to save the policy, which should not be case.
Attachments
Attachments
Issue Links
- links to