[
https://issues.apache.org/jira/browse/FALCON-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Venkatesh Seetharam updated FALCON-466:
---------------------------------------
Description: Entity and instance operations must add the authenticated
user/owner as an implicit filter so the user operates on only his entities. For
example: List will return entities belonging to the authenticated user,
lifecycle operations such as delete/kill/suspend/resume/etc. are only
applicable to the owner of the entity. (was: Entity and instance operations
must add the authenticated user/owner as an implicit filter so the user sees
only his entities.)
> REST APIs must add the entity owner as an implicit filter
> ---------------------------------------------------------
>
> Key: FALCON-466
> URL: https://issues.apache.org/jira/browse/FALCON-466
> Project: Falcon
> Issue Type: Sub-task
> Components: webapp
> Affects Versions: 0.6
> Reporter: Venkatesh Seetharam
> Labels: authorization, security
>
> Entity and instance operations must add the authenticated user/owner as an
> implicit filter so the user operates on only his entities. For example: List
> will return entities belonging to the authenticated user, lifecycle
> operations such as delete/kill/suspend/resume/etc. are only applicable to the
> owner of the entity.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
