You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by th...@apache.org on 2021/12/02 16:03:32 UTC
[solr] branch main updated: SOLR-15825: Security UI 'hasPermission' check should check if the user has the all permission if the requested permission is not defined (#437)
This is an automated email from the ASF dual-hosted git repository.
thelabdude pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new f49734e SOLR-15825: Security UI 'hasPermission' check should check if the user has the all permission if the requested permission is not defined (#437)
f49734e is described below
commit f49734e5f73b693cc20e8718b3a98f0595087fda
Author: Timothy Potter <th...@gmail.com>
AuthorDate: Thu Dec 2 09:03:24 2021 -0700
SOLR-15825: Security UI 'hasPermission' check should check if the user has the all permission if the requested permission is not defined (#437)
---
solr/CHANGES.txt | 3 +++
solr/webapp/web/js/angular/controllers/security.js | 8 ++++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 35c6534..de6a00c 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -458,6 +458,9 @@ Bug Fixes
* SOLR-15813: Schema designer not handling `update.autoCreateFields` stored as a string (vs. boolean) in the config overlay (Timothy Potter)
+* SOLR-15825: Security UI 'hasPermission' check should check if the user has the "all" permission if the requested permission is not defined
+ to match how the backend works (Timothy Potter)
+
================== 8.11.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
diff --git a/solr/webapp/web/js/angular/controllers/security.js b/solr/webapp/web/js/angular/controllers/security.js
index 54e1d6c..b1bae4d 100644
--- a/solr/webapp/web/js/angular/controllers/security.js
+++ b/solr/webapp/web/js/angular/controllers/security.js
@@ -282,8 +282,12 @@ solrAdminApp.controller('SecurityController', function ($scope, $timeout, $cooki
};
$scope.hasPermission = function(permissionName) {
- var rolesForPermission = $scope.permissionsTable.filter(p => permissionName === p.name).flatMap(p => p.roles);
- return (rolesForPermission.length > 0 && roleMatch(rolesForPermission, $scope.getCurrentUserRoles()));
+ var matched = $scope.permissionsTable.filter(p => permissionName === p.name);
+ if (matched.length === 0 && permissionName !== "all") {
+ // this permission is not explicitly defined, but "all" will apply if it is defined
+ matched = $scope.permissionsTable.filter(p => "all" === p.name);
+ }
+ return matched.length > 0 && roleMatch(matched.flatMap(p => p.roles), $scope.getCurrentUserRoles());
};
$scope.refreshSecurityPanel = function() {