You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Pradeep Agrawal (JIRA)" <ji...@apache.org> on 2016/11/15 11:56:58 UTC
[jira] [Assigned] (RANGER-1213) No check for wrong ROLEs set on a
user
[ https://issues.apache.org/jira/browse/RANGER-1213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pradeep Agrawal reassigned RANGER-1213:
---------------------------------------
Assignee: Pradeep Agrawal
> No check for wrong ROLEs set on a user
> --------------------------------------
>
> Key: RANGER-1213
> URL: https://issues.apache.org/jira/browse/RANGER-1213
> Project: Ranger
> Issue Type: Bug
> Components: admin
> Affects Versions: 0.6.1
> Reporter: Yan
> Assignee: Pradeep Agrawal
> Priority: Minor
>
> The following curl command goes through ok but the role is misspelled and as result the user disappears from the UI's user list:
> %curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm
> where the file of hive_user.role_sys_adm has the following contents:
> {"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive - add from Unix box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}
> The issue is that XUserMgr.updateXUser does not check the validity of the roles passed from client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)