Github user vanzin commented on a diff in the pull request:
https://github.com/apache/incubator-livy/pull/107#discussion_r219612538
--- Diff: server/src/main/scala/org/apache/livy/sessions/Session.scala ---
@@ -133,6 +134,40 @@ object Session {
resolved
}
+
+ /**
+ * Checks that the requesting user can impersonate the target user.
+ * If the user does not have permission to impersonate, then throws an
`AccessControlException`.
+ *
+ * @return The user that should be impersonated. That can be the target
user if defined, the
+ * request's user - which may not be defined - otherwise, or
`None` if impersonation is
+ * disabled.
+ */
+ def checkImpersonation(
--- End diff --
Since this method requires an `accessManager`, wouldn't it be better as a
method in the `AccessManager` class itself? (Same for `hasSuperAccess`.)
---
