You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Gus Heck (Jira)" <ji...@apache.org> on 2021/03/25 14:12:00 UTC
[jira] [Created] (SOLR-15287) No way to delete a user-role mapping
in Rule Based Authorization Plugin
Gus Heck created SOLR-15287:
-------------------------------
Summary: No way to delete a user-role mapping in Rule Based Authorization Plugin
Key: SOLR-15287
URL: https://issues.apache.org/jira/browse/SOLR-15287
Project: Solr
Issue Type: Improvement
Security Level: Public (Default Security Level. Issues are Public)
Components: Authorization
Affects Versions: 8.8.1
Reporter: Gus Heck
I don't have time to work on this soon, but filing this so it's not lost. I recently typoed the name of a user when assigning a role, and got a useless user-role mapping, and there does not appear to be a command in org.apache.solr.security.AutorizationEditOperation (in my slightly outdated branch_8x working copy at least) for deleting this mapping. Also the ref guide does not document such. We should probably do two things here:
1.) Validate that the user being mapped exists as a user, 400 Bad request if not
2.) Provide a means to remove the mapping entirely (delete-user-role)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)