You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Tom Beerbower (JIRA)" <ji...@apache.org> on 2014/10/01 23:20:33 UTC
[jira] [Updated] (AMBARI-7598) Views: the "properties" object
should only be accessible from REST API if AMBARI.ADMIN
[ https://issues.apache.org/jira/browse/AMBARI-7598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tom Beerbower updated AMBARI-7598:
----------------------------------
Attachment: AMBARI-7598.patch
> Views: the "properties" object should only be accessible from REST API if AMBARI.ADMIN
> --------------------------------------------------------------------------------------
>
> Key: AMBARI-7598
> URL: https://issues.apache.org/jira/browse/AMBARI-7598
> Project: Ambari
> Issue Type: Task
> Reporter: Tom Beerbower
> Assignee: Tom Beerbower
> Fix For: 1.7.0
>
> Attachments: AMBARI-7598.patch
>
>
> /api/v1/views/FILES/versions/0.1.0/instances/FILES_1
> Configuration properties for a view instance should only be accessible from the Views REST API if you are an AMBARI.ADMIN. This protects view instance config props info from regular users of a view. If a view client-side happens to need access to these properties for some reason, they should implement a server-side resource in their view that exposes this information.
> {code}
> "properties" : {
> "dataworker.defaultFs" : "webhdfs://c6401.ambari.apache.org:50070",
> "dataworker.username" : null
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)