Uploaded image for project: 'CDAP'
  1. CDAP
  2. CDAP-11830

User is able to write to a stream even if he does not have any privilege on the namespace.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: None
    • Fix Version/s: 4.3.0
    • Component/s: Security
    • Labels:
    • Rank:
      1|i003d3:

      Description

      To reproduce:
      1. Create a namespace with user bob,
      2. Create a stream with user bob,
      3. Send some events to the stream using cli,
      4. Revoke all privileges on the namespace from user bob through cli,
      4. User bob will not be able to list the namespaces, streams, get the stream.
      5. But he can still send events to the stream using cli if he does not log out and stays in the namespace.

        Attachments

          Activity

            People

            • Assignee:
              poorna Poorna Chandra
              Reporter:
              yaojie Yaojie Feng
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: