Github user mgaido91 commented on a diff in the pull request:
https://github.com/apache/incubator-livy/pull/107#discussion_r219764285
--- Diff: server/src/main/scala/org/apache/livy/sessions/Session.scala ---
@@ -133,6 +134,40 @@ object Session {
resolved
}
+
+ /**
+ * Checks that the requesting user can impersonate the target user.
+ * If the user does not have permission to impersonate, then throws an
`AccessControlException`.
+ *
+ * @return The user that should be impersonated. That can be the target
user if defined, the
+ * request's user - which may not be defined - otherwise, or
`None` if impersonation is
+ * disabled.
+ */
+ def checkImpersonation(
--- End diff --
sure, I agree. I'll move `hasViewAccess` and `hasModifyAccess` too for
coherency. Seems also that the `AccessManager` is the right place for putting
the logic of these methods IMHO. Thanks.
---
