Varun Vasudev commented on YARN-1937:

My feedback -
1. admins should be allowed to view all entities - the current patch only 
allows the owner
2. There should be a way to prevent un-authenticated users from posting 
entities. In the current patch, the owner is set to null but the entity is 
saved. Admins should be allowed to insist that users be authenticated before 
posting entities.

Otherwise it looks fine to me. 

> Add entity-level access control of the timeline data for owners only
> --------------------------------------------------------------------
>                 Key: YARN-1937
>                 URL: https://issues.apache.org/jira/browse/YARN-1937
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: YARN-1937.1.patch, YARN-1937.2.patch, YARN-1937.3.patch

This message was sent by Atlassian JIRA

Reply via email to