Shreepadma Venugopalan created SENTRY-135:
---------------------------------------------
Summary: Restrict access to policy store apis based on user/group
Key: SENTRY-135
URL: https://issues.apache.org/jira/browse/SENTRY-135
Project: Sentry
Issue Type: Sub-task
Reporter: Shreepadma Venugopalan
Today, we don't restrict the execution of various policy store apis such as
createRole, dropRole etc based on the use/group. Hive/Impala/Solr will connect
to the service as superusers. However, the user on whose behalf the request is
performed is included in the thrift request struct. We need to restrict the
apis based on privileges of the user/group.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
