ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yao Lei (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-21016) RBAC:Ambari should be sensitve to the change of login user's permissions.
Date Sat, 13 May 2017 10:58:04 GMT
Yao Lei created AMBARI-21016:
--------------------------------

             Summary: RBAC:Ambari should be sensitve to the change of login user's permissions.
                 Key: AMBARI-21016
                 URL: https://issues.apache.org/jira/browse/AMBARI-21016
             Project: Ambari
          Issue Type: Bug
    Affects Versions: trunk
            Reporter: Yao Lei
             Fix For: trunk, 2.5.1


Steps to reproduce:
1.Login ambari with ambari administrator role and create a user named Test on host A.
2.Assign service administrator role(or any other one of five roles) to this user Test.
3.On host B, login ambari with user Test .Now it plays as a service administrato role.
4.On host A, unassign the role of user Test , or change the role to another one, or even delete
this user.
5.On host B, we will find the user Test can continue to operate ambari with previous permissions
as a service administrator which actually have already changed by step 4.

Except for on two different hosts, we also can reproduce this problem between two different
browsers on local host.


One solution:
Periodly schedule a task to update current user's authorization. If any error happens in this
process, we should log off current user.




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message