You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2023/01/17 10:17:41 UTC
[GitHub] [solr] janhoy opened a new pull request, #1294: SOLR-16621: Admin UI fails to grant user permissions with wildcard role
janhoy opened a new pull request, #1294:
URL: https://github.com/apache/solr/pull/1294
https://issues.apache.org/jira/browse/SOLR-16621
Always grant access to a permission that has has the wildcard `"*"` role, no matter what roles user has.
Note, this is not the same as not requiring authentication for the permission, `"roles": null`. It means that the permission needs an authenticated user, but any role will do.
Also, this is just UI stuff so will not modify actual permissions on the API level, but will align role checking logic so it matches that of the backend.
To test:
1. Start Solr and enable security
```bash
./gradlew dev
cd solr/packaging/build/dev/
bin/solr start -c
bin/solr auth enable -credentials solr:solr -blockUnknown true
```
2. Log in to Admin UI with 'solr' and 'solr': http://localhost:8983/solr/#/~security
3. Edit the permissions 'security-edit' and 'security-read' to have `*` as role
4. The user can still see the Security Dashboard and edit permissions
(To confirm the bug, do the same test on main branch and see that user is blocked from security dashboard once the permissions are changed to `role=*`).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr] janhoy commented on pull request #1294: SOLR-16621: Admin UI fails to grant user permissions with wildcard role
Posted by GitBox <gi...@apache.org>.
janhoy commented on PR #1294:
URL: https://github.com/apache/solr/pull/1294#issuecomment-1385173003
@thelabdude I see some duplicate logic in the permission check for Security Dash. I believe you could have used the function `isPermitted()` already defined in `app.js`, see https://github.com/apache/solr/blob/main/solr/webapp/web/js/angular/app.js#L528-L533 ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr] janhoy merged pull request #1294: SOLR-16621: Admin UI fails to grant user permissions with wildcard role
Posted by GitBox <gi...@apache.org>.
janhoy merged PR #1294:
URL: https://github.com/apache/solr/pull/1294
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org