ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pradeep Agrawal (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (RANGER-480) Need access control on REST API based on permission model
Date Mon, 16 May 2016 15:19:12 GMT

     [ https://issues.apache.org/jira/browse/RANGER-480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Pradeep Agrawal reassigned RANGER-480:
--------------------------------------

    Assignee: Pradeep Agrawal  (was: Gautam Borad)

> Need access control on REST API based on permission model
> ---------------------------------------------------------
>
>                 Key: RANGER-480
>                 URL: https://issues.apache.org/jira/browse/RANGER-480
>             Project: Ranger
>          Issue Type: Task
>          Components: admin
>    Affects Versions: 0.5.0
>            Reporter: Gautam Borad
>            Assignee: Pradeep Agrawal
>             Fix For: 0.5.0
>
>
> *Need to put access control on REST API*
> If a non-admin user has no permission to a particular module say "Audit" but the group
to which he belongs has permission that module, then give access to that non-admin user. User
permissions is a union of his and his group permissions.
> *Use-cases to be covered:*
> Get AuditLogs	(user-with-no-permission) GET	service/assets/accessAudit
> Update user permission	(non-admin)	POST service/xusers/permission/user
> Update group permission (non-admin)	POST service/xusers/permission/group



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message