Github user vanzin commented on the issue:
https://github.com/apache/spark/pull/17582
> user configured with "spark.admin.acls" (or group) or
"spark.ui.view.acls" (or group), or the user who started SHS could list all the
applications, otherwise none of them can be listed
So to me this is the only bug; which means that maybe ACLs on the listing
itself shouldn't ever be applied, and this PR should be a lot simpler, right?
Most of it seem to be dealing with filtering the list of apps so that only
applications the user can see are shown. I wonder if that's necessary, since
the only thing that's showing is the existence of the application, not any data
about it that could be considered sensitive.
There's also a minor thing that the listing being different for different
users might cause confusion; but if there's a good reason for filtering, then
that concern can be overridden. I'm just not sure there is a good reason for it.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
