sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brock Noland (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (SENTRY-135) Restrict access to policy store apis based on user/group
Date Mon, 17 Mar 2014 19:19:48 GMT

     [ https://issues.apache.org/jira/browse/SENTRY-135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brock Noland resolved SENTRY-135.
---------------------------------

    Resolution: Duplicate

> Restrict access to policy store apis based on user/group
> --------------------------------------------------------
>
>                 Key: SENTRY-135
>                 URL: https://issues.apache.org/jira/browse/SENTRY-135
>             Project: Sentry
>          Issue Type: Sub-task
>            Reporter: Shreepadma Venugopalan
>
> Today, we don't restrict the execution of various policy store apis such as createRole,
dropRole etc based on the use/group. Hive/Impala/Solr will connect to the service as superusers.
However, the user on whose behalf the request is performed is included in the thrift request
struct. We need to restrict the apis based on privileges of the user/group.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message