[jira] [Closed] (KYLIN-2038) 'Access denied' occurred if a query hit none of cubes and the user is not in admin role.

Shaofeng SHI (JIRA) Wed, 30 May 2018 04:04:14 -0700


     [ 
https://issues.apache.org/jira/browse/KYLIN-2038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Shaofeng SHI closed KYLIN-2038.
-------------------------------
    Resolution: Won't Fix

The ACL has been refactored in 2.x, now this is not needed.

> 'Access denied' occurred if a query hit none of cubes and the user is not in 
> admin role.
> ----------------------------------------------------------------------------------------
>
>                 Key: KYLIN-2038
>                 URL: https://issues.apache.org/jira/browse/KYLIN-2038
>             Project: Kylin
>          Issue Type: Bug
>          Components: REST Service
>    Affects Versions: all
>            Reporter: Chaozhong Yang
>            Assignee: Zhong,Jason
>            Priority: Major
>             Fix For: Future
>
>         Attachments: fix_query_quth.patch
>
>
> The  method `checkCubeAuthorization` in QueryService will check permission 
> for every query. If a query has not hit any cube in Kylin, 
> `checkCubeAuthorization` will throw AccessDeniedException.
> "@PreAuthorize(Constant.ACCESS_HAS_ROLE_ADMIN + " or hasPermission(#cube, 
> 'ADMINISTRATION') or hasPermission(#cube, 'MANAGEMENT')" + " or 
> hasPermission(#cube, 'OPERATION') or hasPermission(#cube, 'READ')")" will 
> throw AccessDeniedException if cube is null.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Closed] (KYLIN-2038) 'Access denied' occurred if a query hit none of cubes and the user is not in admin role.

Reply via email to