You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "Gus Heck (Jira)" <ji...@apache.org> on 2021/03/25 14:12:00 UTC

[jira] [Created] (SOLR-15287) No way to delete a user-role mapping in Rule Based Authorization Plugin

Gus Heck created SOLR-15287:
-------------------------------

             Summary: No way to delete a user-role mapping in Rule Based Authorization Plugin
                 Key: SOLR-15287
                 URL: https://issues.apache.org/jira/browse/SOLR-15287
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
          Components: Authorization
    Affects Versions: 8.8.1
            Reporter: Gus Heck


I don't have time to work on this soon, but filing this so it's not lost. I recently typoed the name of a user when assigning a role, and got a useless user-role mapping, and there does not appear to be a command in org.apache.solr.security.AutorizationEditOperation (in my slightly outdated branch_8x working copy at least) for deleting this mapping. Also the ref guide does not document such. We should probably do two things here:

1.) Validate that the user being mapped exists as a user, 400 Bad request if not

2.) Provide a means to remove the mapping entirely (delete-user-role) 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)