kfaraz commented on issue #13507: URL: https://github.com/apache/druid/issues/13507#issuecomment-1357107247
@wiegandf , that's correct, this is just a GET endpoint. So you are authorized to hit the API itself, but the result of the API is the list of supervisors to which you have WRITE access. So you can always hit the API successfully, even if you don't have WRITE access to any supervisor. In that case, as you observed, you would get back an empty list. Hope that clarifies the confusion. As for the docs, > GET requests require READ permissions, while POST and DELETE requests require WRITE permissions. This does hold true for the API in question as you are successfully able to hit the API even when you don't have WRITE permissions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@druid.apache.org For additional commands, e-mail: commits-h...@druid.apache.org
