You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by ni...@apache.org on 2018/02/15 07:23:40 UTC
atlas git commit: ATLAS-2442:- Fix for read-only permission to allow
read entity when http method is POST
Repository: atlas
Updated Branches:
refs/heads/master 19d67a132 -> 340f8637d
ATLAS-2442:- Fix for read-only permission to allow read entity when http method is POST
Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/340f8637
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/340f8637
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/340f8637
Branch: refs/heads/master
Commit: 340f8637ded4789be2620d7fdbfde7edf6ffcee2
Parents: 19d67a1
Author: nixonrodrigues <ni...@apache.org>
Authored: Tue Feb 13 17:32:44 2018 +0530
Committer: nixonrodrigues <ni...@apache.org>
Committed: Thu Feb 15 12:38:38 2018 +0530
----------------------------------------------------------------------
.../java/org/apache/atlas/authorize/AtlasAccessRequest.java | 2 +-
.../atlas/authorize/simple/AtlasAuthorizationUtils.java | 9 +++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/atlas/blob/340f8637/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
----------------------------------------------------------------------
diff --git a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
index 7022081..07cb2b0 100644
--- a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
+++ b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
@@ -40,7 +40,7 @@ public class AtlasAccessRequest {
public AtlasAccessRequest(HttpServletRequest request, String user, Set<String> userGroups) {
// Spring Security 4 Change => request.getServletPath() -> request.getPathInfo()
this(AtlasAuthorizationUtils.getAtlasResourceType(request.getPathInfo()), "*", AtlasAuthorizationUtils
- .getAtlasAction(request.getMethod()), user, userGroups,AtlasAuthorizationUtils.getRequestIpAddress(request));
+ .getAtlasAction(request.getMethod(),request.getPathInfo()), user, userGroups,AtlasAuthorizationUtils.getRequestIpAddress(request));
}
public AtlasAccessRequest(Set<AtlasResourceTypes> resourceType, String resource, AtlasActionTypes action,
http://git-wip-us.apache.org/repos/asf/atlas/blob/340f8637/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
----------------------------------------------------------------------
diff --git a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
index 311894e..5bc1941 100644
--- a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
+++ b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
@@ -71,12 +71,17 @@ public class AtlasAuthorizationUtils {
return api;
}
- public static AtlasActionTypes getAtlasAction(String method) {
+ public static AtlasActionTypes getAtlasAction(String method, String contextPath) {
AtlasActionTypes action = null;
switch (method.toUpperCase()) {
case "POST":
- action = AtlasActionTypes.CREATE;
+ String api = getApi(contextPath);
+ if (api != null && api.startsWith("search")) { // exceptional case for basic search api with POST method
+ action = AtlasActionTypes.READ;
+ } else {
+ action = AtlasActionTypes.CREATE;
+ }
break;
case "GET":
action = AtlasActionTypes.READ;