@zeroflag , This is one of those odd cases where the authorization logic depends on the content of the request. So we need to first look to see if the request is for a cluster-level request or an Ambari-level request before forming and executing the authorization check.
If this was not the case, then you are correct, we could use the mechanism you suggested. [ Full content available at: https://github.com/apache/ambari/pull/2198 ] This message was relayed via gitbox.apache.org for [email protected]
