You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kylin.apache.org by "Zongwei Li (JIRA)" <ji...@apache.org> on 2018/09/19 01:38:00 UTC
[jira] [Updated] (KYLIN-3569) Server with query mode still can
submit/build job
[ https://issues.apache.org/jira/browse/KYLIN-3569?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Zongwei Li updated KYLIN-3569:
------------------------------
Attachment: kylinCode.png
> Server with query mode still can submit/build job
> -------------------------------------------------
>
> Key: KYLIN-3569
> URL: https://issues.apache.org/jira/browse/KYLIN-3569
> Project: Kylin
> Issue Type: Bug
> Components: Job Engine, REST Service, Security
> Affects Versions: v2.4.1
> Environment: CentOS 6.7, HBase 1.2.0+cdh5.14.2+456
> Reporter: Zongwei Li
> Priority: Major
> Labels: build, documentation, security
> Attachments: kylinCode.png
>
>
> From the Docs at Kylin site, [http://kylin.apache.org/docs24/install/kylin_cluster.html]
> * *query* : run query engine only; Kylin query engine accepts and answers your SQL queries
> It seems that if server set with 'kylin.server.mode=query', it should not can support submit/build job. But as we tested, server with query mode still can submit/build job from UI or RESTFul API.
> We analyzed the source code, found that there didn't exist any protect logic to check whether server is at 'job' or 'build' mode in service layer for submit/build job. Will attach the source code is this issue.
> This issue really confused us, because we considered query server cannot build job in Kylin Docs and many Kylin books. And query server will exposed to 3rd BI tool to query the data, if we forget to configure the suitable ACL for Cubes, then the 3rd BI tool can trigger build job in any time.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)