hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Varun Vasudev (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-1937) Add entity-level access control of the timeline data for owners only
Date Mon, 19 May 2014 10:31:38 GMT

    [ https://issues.apache.org/jira/browse/YARN-1937?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14001572#comment-14001572
] 

Varun Vasudev commented on YARN-1937:
-------------------------------------

My feedback -
1. admins should be allowed to view all entities - the current patch only allows the owner
2. There should be a way to prevent un-authenticated users from posting entities. In the current
patch, the owner is set to null but the entity is saved. Admins should be allowed to insist
that users be authenticated before posting entities.

Otherwise it looks fine to me. 

> Add entity-level access control of the timeline data for owners only
> --------------------------------------------------------------------
>
>                 Key: YARN-1937
>                 URL: https://issues.apache.org/jira/browse/YARN-1937
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: YARN-1937.1.patch, YARN-1937.2.patch, YARN-1937.3.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message