drill-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DRILL-6017) Fix for SHUTDOWN button being visible for non Admin users
Date Fri, 08 Dec 2017 13:01:05 GMT

    [ https://issues.apache.org/jira/browse/DRILL-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16283492#comment-16283492
] 

ASF GitHub Bot commented on DRILL-6017:
---------------------------------------

Github user arina-ielchiieva commented on a diff in the pull request:

    https://github.com/apache/drill/pull/1064#discussion_r155772067
  
    --- Diff: exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/DrillRoot.java
---
    @@ -189,7 +189,7 @@ public ClusterInfo getClusterInfoJSON() {
         String adminUsers = ExecConstants.ADMIN_USERS_VALIDATOR.getAdminUsers(optionManager);
         String adminUserGroups = ExecConstants.ADMIN_USER_GROUPS_VALIDATOR.getAdminUserGroups(optionManager);
     
    -    final boolean shouldShowUserInfo = isUserLoggedIn &&
    +    final boolean shouldShowAdminInfo = isUserLoggedIn &&
    --- End diff --
    
    I think it is not fully correct to use this option to decide if we can show shutdown button
or not.
    This option is used only when authentication is enabled. When it's not, user by default
is admin. So with your fix without authentication, this button is also absent.


> Fix for SHUTDOWN button being visible for non Admin users
> ---------------------------------------------------------
>
>                 Key: DRILL-6017
>                 URL: https://issues.apache.org/jira/browse/DRILL-6017
>             Project: Apache Drill
>          Issue Type: Bug
>    Affects Versions: 1.12.0
>            Reporter: Arina Ielchiieva
>            Assignee: Karthikeyan Manivannan
>            Priority: Blocker
>              Labels: ready-to-commit
>             Fix For: 1.12.0
>
>
> DRILL-4286 introduces shutdown button on index page but when authorization is enabled
it should be visible only to admin users.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message