[YARN-7982] Do ACLs check while retrieving entity-types per application - ASF JIRA

Voters

Watch issue

Watchers

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.3.0
Component/s: None
Labels:
None

Description

REST end point /apps/$appid/entity-types retrieves all the entity-types for given application. This need to be guarded with ACL check


[yarn@yarn-ats-3 ~]$ curl "http://yarn-ats-3:8198/ws/v2/timeline/apps/application_1552297011473_0002?user.name=ambari-qa1"
{"exception":"ForbiddenException","message":"java.lang.Exception: User ambari-qa1 is not allowed to read TimelineService V2 data.","javaClassName":"org.apache.hadoop.yarn.webapp.ForbiddenException"}

[yarn@yarn-ats-3 ~]$ curl "http://yarn-ats-3:8198/ws/v2/timeline/apps/application_1552297011473_0002/entity-types?user.name=ambari-qa1"
["YARN_APPLICATION_ATTEMPT","YARN_CONTAINER"]