[
https://issues.apache.org/jira/browse/YARN-6727?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16064261#comment-16064261
]
Sunil G commented on YARN-6727:
-------------------------------
I second [[email protected]]'s opinion. We need not have to add more
overhead such as invoking {{YarnAuthorizationProvider#checkPermission}} with a
readLock (We already doing some what similar in existing public apis such as
getQueueUserAclInfo), its better if we can avoid similar api's in future. Also
a client api/cli getting a lock (read) to scheduler's internal structure could
add more complexities later. Hence we can start thinking in having precomputed
access checks for active/non-active users. New user's might need to do with
some common checks from QueueACLManager itself.
> Improve getQueueUserAcls API to query for specific queue and user
> ------------------------------------------------------------------
>
> Key: YARN-6727
> URL: https://issues.apache.org/jira/browse/YARN-6727
> Project: Hadoop YARN
> Issue Type: Improvement
> Reporter: Bibin A Chundatt
> Assignee: Bibin A Chundatt
> Attachments: YARN-6727.WIP.patch
>
>
> Currently {{ApplicationClientProtocol#getQueueUserAcls}} return data for all
> the queues available in scheduler for user.
> User wants to know whether he has rights of a particular queue only. For
> systems with 5K queues returning all queues list is not efficient.
> Suggested change: support additional parameters *userName and queueName* as
> optional. Admin user should be able to query other users ACL for a particular
> queueName.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
