[
https://issues.apache.org/jira/browse/MAPREDUCE-7293?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17178760#comment-17178760
]
Bilwa S T commented on MAPREDUCE-7293:
--------------------------------------
Hi [~sunilg]
In MAPREDUCE-7097 i see that checkAccess was called from HsJobBlock before and
then it was moved to HsJobsBlock. But HsJobBlock can be accessed by other user.
i think it should be added in all places. any suggestions?
> All pages in JHS should honor yarn.webapp.filter-entity-list-by-user
> --------------------------------------------------------------------
>
> Key: MAPREDUCE-7293
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-7293
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Reporter: Bilwa S T
> Assignee: Bilwa S T
> Priority: Major
>
> Currently only HsJobsBlock checks for the access. If user who doesn't have
> permission to access job page is able to do it which is wrong. So we need to
> have below check in HsJobBlock,HsTasksBlock and HsTaskPage
> {code:java}
> if (isFilterAppListByUserEnabled && ugi != null && !aclsManager
> .checkAccess(ugi, JobACL.VIEW_JOB, job.getUserName(), null)) {
>
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
