[ https://issues.apache.org/jira/browse/AMBARI-24546?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16598461#comment-16598461 ]
Hudson commented on AMBARI-24546: --------------------------------- SUCCESS: Integrated in Jenkins build Ambari-trunk-Commit #9903 (See [https://builds.apache.org/job/Ambari-trunk-Commit/9903/]) AMBARI-24546. Only authenticated users with proper AMBARI/CLUSTER (github: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=8a79291ff36b23014a14261c703658437db9acc3]) * (edit) ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog272Test.java * (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RequestResourceProvider.java * (edit) ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog272.java * (edit) ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RequestResourceProviderTest.java * (edit) ambari-server/src/main/java/org/apache/ambari/server/security/authorization/RoleAuthorization.java > Protect the Request resource so that only authorized users may have read-only > access the data > --------------------------------------------------------------------------------------------- > > Key: AMBARI-24546 > URL: https://issues.apache.org/jira/browse/AMBARI-24546 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.3.0 > Reporter: Robert Levas > Assignee: Sandor Molnar > Priority: Major > Labels: pull-request-available, rbac > Fix For: 2.7.2 > > Time Spent: 3h > Remaining Estimate: 0h > > Protect the Request resource so that only authorized users may have read-only > access the data. > Users with the following roles should have read-only access: > * {{AMBARI.ADMINISTRATOR}} > * {{CLUSTER.ADMINISTRATOR}} > * {{CLUSTER.OPERATOR}} > * {{SERVICE.ADMINISTRATOR}} > * {{SERVICE.OPERATOR}} > * {{CLUSTER.USER}} > Users with no role related to the cluster may not view the data. -- This message was sent by Atlassian JIRA (v7.6.3#76005)