You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Pradeep Agrawal (JIRA)" <ji...@apache.org> on 2016/11/15 11:56:58 UTC

[jira] [Assigned] (RANGER-1213) No check for wrong ROLEs set on a user

     [ https://issues.apache.org/jira/browse/RANGER-1213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pradeep Agrawal reassigned RANGER-1213:
---------------------------------------

    Assignee: Pradeep Agrawal

> No check for wrong ROLEs set on a user
> --------------------------------------
>
>                 Key: RANGER-1213
>                 URL: https://issues.apache.org/jira/browse/RANGER-1213
>             Project: Ranger
>          Issue Type: Bug
>          Components: admin
>    Affects Versions: 0.6.1
>            Reporter: Yan
>            Assignee: Pradeep Agrawal
>            Priority: Minor
>
> The following curl command goes through ok but the role is misspelled and as result the user disappears from the UI's user list:
> %curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm
> where the file of hive_user.role_sys_adm has the following contents:
> {"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive - add from Unix box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}
> The issue is that  XUserMgr.updateXUser does not check the validity of the roles passed from client.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)