falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Venkatesh Seetharam (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FALCON-466) REST APIs must add the entity owner as an implicit filter
Date Tue, 17 Jun 2014 08:13:01 GMT

     [ https://issues.apache.org/jira/browse/FALCON-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Venkatesh Seetharam updated FALCON-466:
---------------------------------------

    Description: Entity and instance operations must add the authenticated user/owner as an
implicit filter so the user operates on only his entities. For example: List will return entities
belonging to the authenticated user, lifecycle operations such as delete/kill/suspend/resume/etc.
are only applicable to the owner of the entity.   (was: Entity and instance operations must
add the authenticated user/owner as an implicit filter so the user sees only his entities.)

> REST APIs must add the entity owner as an implicit filter
> ---------------------------------------------------------
>
>                 Key: FALCON-466
>                 URL: https://issues.apache.org/jira/browse/FALCON-466
>             Project: Falcon
>          Issue Type: Sub-task
>          Components: webapp
>    Affects Versions: 0.6
>            Reporter: Venkatesh Seetharam
>              Labels: authorization, security
>
> Entity and instance operations must add the authenticated user/owner as an implicit filter
so the user operates on only his entities. For example: List will return entities belonging
to the authenticated user, lifecycle operations such as delete/kill/suspend/resume/etc. are
only applicable to the owner of the entity. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message