You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Shreepadma Venugopalan (JIRA)" <ji...@apache.org> on 2014/03/08 01:36:44 UTC
[jira] [Created] (SENTRY-135) Restrict access to policy store apis
based on user/group
Shreepadma Venugopalan created SENTRY-135:
---------------------------------------------
Summary: Restrict access to policy store apis based on user/group
Key: SENTRY-135
URL: https://issues.apache.org/jira/browse/SENTRY-135
Project: Sentry
Issue Type: Sub-task
Reporter: Shreepadma Venugopalan
Today, we don't restrict the execution of various policy store apis such as createRole, dropRole etc based on the use/group. Hive/Impala/Solr will connect to the service as superusers. However, the user on whose behalf the request is performed is included in the thrift request struct. We need to restrict the apis based on privileges of the user/group.
--
This message was sent by Atlassian JIRA
(v6.2#6252)