You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Tom Beerbower (JIRA)" <ji...@apache.org> on 2014/10/01 23:20:33 UTC

[jira] [Updated] (AMBARI-7598) Views: the "properties" object should only be accessible from REST API if AMBARI.ADMIN

     [ https://issues.apache.org/jira/browse/AMBARI-7598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tom Beerbower updated AMBARI-7598:
----------------------------------
    Attachment: AMBARI-7598.patch

> Views: the "properties" object should only be accessible from REST API if AMBARI.ADMIN
> --------------------------------------------------------------------------------------
>
>                 Key: AMBARI-7598
>                 URL: https://issues.apache.org/jira/browse/AMBARI-7598
>             Project: Ambari
>          Issue Type: Task
>            Reporter: Tom Beerbower
>            Assignee: Tom Beerbower
>             Fix For: 1.7.0
>
>         Attachments: AMBARI-7598.patch
>
>
> /api/v1/views/FILES/versions/0.1.0/instances/FILES_1
> Configuration properties for a view instance should only be accessible from the Views REST API if you are an AMBARI.ADMIN. This protects view instance config props info from regular users of a view. If a view client-side happens to need access to these properties for some reason, they should implement a server-side resource in their view that exposes this information.
> {code}
>     "properties" : {
>       "dataworker.defaultFs" : "webhdfs://c6401.ambari.apache.org:50070",
>       "dataworker.username" : null
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)