[
https://issues.apache.org/jira/browse/DLAB-1772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vira Vitanska updated DLAB-1772:
--------------------------------
Description:
If user (Project_admin of another project or not admin) has a notebook link of
the other user he can go to this Notebook via his own credentials and view
files of the other user on this Notebook.
So we should limit the access to this link from DevOps side (by the level of
Keycloak).
was:User (Project_admin of another project or not admin) has a notebook link
of the other user and we should limit the access to this link from DevOps side
(by the level of Keycloak).
> Adjust permission to Notebook links from DevOps side
> ----------------------------------------------------
>
> Key: DLAB-1772
> URL: https://issues.apache.org/jira/browse/DLAB-1772
> Project: Apache DLab
> Issue Type: Task
> Components: DLab Main
> Reporter: Vira Vitanska
> Priority: Minor
> Labels: AWS, AZURE, Debian, DevOps, GCP, RedHat
>
> If user (Project_admin of another project or not admin) has a notebook link
> of the other user he can go to this Notebook via his own credentials and view
> files of the other user on this Notebook.
> So we should limit the access to this link from DevOps side (by the level of
> Keycloak).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@dlab.apache.org
For additional commands, e-mail: dev-h...@dlab.apache.org
