[
https://issues.apache.org/jira/browse/HDDS-6693?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Siyao Meng updated HDDS-6693:
-----------------------------
Parent: HDDS-4944
Issue Type: Sub-task (was: Bug)
> [MultiTenancy] User info should have limited access except for admin
> --------------------------------------------------------------------
>
> Key: HDDS-6693
> URL: https://issues.apache.org/jira/browse/HDDS-6693
> Project: Apache Ozone
> Issue Type: Sub-task
> Components: Ozone Manager
> Affects Versions: 1.3.0
> Reporter: Soumitra Sulav
> Priority: Critical
> Labels: ozone-multitenancy
>
> Currently, user info API can be accessed by any user and get the tenant
> information even for non-admin users.
> {code:java}
> bash-4.2$ klist
> Ticket cache: FILE:/tmp/krb5cc_1000
> Default principal: testuser2/[email protected] starting Expires
> Service principal
> 05/03/22 12:33:03 05/04/22 12:33:03 krbtgt/[email protected]
> renew until 05/10/22 12:33:03
> bash-4.2$ ozone tenant user info testuser2 om testuser
> User 'testuser2' is assigned to:
> - Tenant 'tenantone' with accessId 'tenantone$testuser2'
> User 'om' is assigned to:
> - Tenant 'tenantone' with accessId 'tenantone$om'
> User 'testuser' is assigned to:
> - Tenant 'tenantone' delegated admin with accessId 'tenantone$testuser' {code}
>
> The information should be limited to the user principal session or only be
> allowed for the admin user.
>
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
