You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by Nixon Rodrigues <ni...@freestoneinfotech.com> on 2018/12/14 06:25:49 UTC
Re: Atlas ExportAPI & Read Only Permission -> You are not authorized
Adding Atlas dev,
Tom,
Your concern is right, this issue similar to the exceptional case like
ATLAS-2442.
Please add w-WRITE permission to your user or group to overcome this issue.
Regards,
Nixon
On Thu, Dec 13, 2018 at 10:23 PM <me...@gmx.net> wrote:
>
>
> Hi All,
> we configured an Atlas (Version 0.8.0 with HDP 2.6.4) read only Group via
> policy-store.txt and so far it is working fine…. But similar like the issue
> described in https://issues.apache.org/jira/browse/ATLAS-2442 the access
> to the export API fails with ‘You are not authorized for CREATE on
> [OPERATION]’
>
> < HTTP/1.1 403 {"AuthorizationError":"You are not authorized for CREATE on
> [OPERATION] : *"}
>
> To me it looks like the export API is using a POST (no GET) and so Atlas
> rejects the same similar as we had with ATLAS-2442.
>
> Sample curl export command:
> curl -X POST -v -u "user:PW" -H "Content-Type: application/json" -H
> "Cache-Control: no-cache" -d '{
> "itemsToExport": [
> {
> "typeName": "hive_db",
> "uniqueAttributes": { "name": "mydb" },
> "status": "ACTIVE"
> }
> ],
> "options": {
> "fetchType": "connected",
> "matchType": "matches"
> }
> }' "http://myatlas-server.com:21000/api/atlas/admin/export" -o output.txt
>
> Its my understanding that a ready only user should be able to export,
> isn’t it? Any thoughts?
>
> Regards,
> Tom
>
>