[
https://issues.apache.org/jira/browse/RANGER-480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pradeep Agrawal reassigned RANGER-480:
--------------------------------------
Assignee: Pradeep Agrawal (was: Gautam Borad)
> Need access control on REST API based on permission model
> ---------------------------------------------------------
>
> Key: RANGER-480
> URL: https://issues.apache.org/jira/browse/RANGER-480
> Project: Ranger
> Issue Type: Task
> Components: admin
> Affects Versions: 0.5.0
> Reporter: Gautam Borad
> Assignee: Pradeep Agrawal
> Fix For: 0.5.0
>
>
> *Need to put access control on REST API*
> If a non-admin user has no permission to a particular module say "Audit" but
> the group to which he belongs has permission that module, then give access to
> that non-admin user. User permissions is a union of his and his group
> permissions.
> *Use-cases to be covered:*
> Get AuditLogs (user-with-no-permission) GET service/assets/accessAudit
> Update user permission (non-admin) POST
> service/xusers/permission/user
> Update group permission (non-admin) POST service/xusers/permission/group
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
