You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@solr.apache.org by ja...@apache.org on 2023/01/20 08:39:00 UTC

[solr] branch main updated: SOLR-16621: Admin UI fails to grant user permissions that have wildcard role (#1294)

This is an automated email from the ASF dual-hosted git repository.

janhoy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/main by this push:
     new 6ba00a484bc SOLR-16621: Admin UI fails to grant user permissions that have wildcard role (#1294)
6ba00a484bc is described below

commit 6ba00a484bc221d596e5684e1089d02f0ef34925
Author: Jan Høydahl <ja...@users.noreply.github.com>
AuthorDate: Fri Jan 20 09:38:53 2023 +0100

    SOLR-16621: Admin UI fails to grant user permissions that have wildcard role (#1294)
---
 solr/CHANGES.txt                                   |  2 ++
 solr/webapp/web/js/angular/controllers/security.js | 10 +++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index d7b96214ea8..3cc189e8815 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -169,6 +169,8 @@ Bug Fixes
 
 * SOLR-16613: CryptoKeys should handle RSA padding for OpenJ9 (Kevin Risden)
 
+* SOLR-16621: Admin UI fails to grant user permissions that have wildcard role (janhoy)
+
 Build
 ---------------------
 * Upgrade forbiddenapis to 3.4 (Uwe Schindler)
diff --git a/solr/webapp/web/js/angular/controllers/security.js b/solr/webapp/web/js/angular/controllers/security.js
index d1b09916a77..64275d5f755 100644
--- a/solr/webapp/web/js/angular/controllers/security.js
+++ b/solr/webapp/web/js/angular/controllers/security.js
@@ -52,8 +52,16 @@ solrAdminApp.controller('SecurityController', function ($scope, $timeout, $cooki
     return roles.sort((a, b) => (a.name > b.name) ? 1 : -1);
   }
 
+  /**
+   * Check if user's roles are compatible with permission's roles
+   * @param roles list of roles for a permission, where at least one is required
+   * @param rolesForUser list of roles for user
+   * @return true if user has one of the required roles, or permission has a wildcard role
+   */
   function roleMatch(roles, rolesForUser) {
-    for (r in rolesForUser) {
+    if (roles.includes("*"))
+      return true
+    for (let r in rolesForUser) {
       if (roles.includes(rolesForUser[r]))
         return true;
     }