You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ja...@apache.org on 2023/08/22 18:48:20 UTC
[solr] branch branch_9x updated: SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)
This is an automated email from the ASF dual-hosted git repository.
janhoy pushed a commit to branch branch_9x
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/branch_9x by this push:
new b7a4adfd686 SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)
b7a4adfd686 is described below
commit b7a4adfd686827e711762b31bfb39722118ae234
Author: Jan Høydahl <ja...@users.noreply.github.com>
AuthorDate: Tue Aug 22 20:04:55 2023 +0200
SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)
(cherry picked from commit 59f70172167795e7e2bdb2da66b1f45c6fc8250c)
---
solr/CHANGES.txt | 2 ++
.../src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java | 4 ++--
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 537f75358d3..36d30c6e7f8 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -68,6 +68,8 @@ Bug Fixes
* PR#1826: Allow looking up Solr Package repo when that URL references a raw repository.json hosted on Github when the file is JSON but the mimetype used is text/plain. (Eric Pugh)
+* SOLR-16944: V2 API /api/node/health should be governed by "health" permission, not "config-read" (janhoy)
+
* SOLR-16859: Missing Proxy support for Http2SolrClient (Alex Deparvu)
* SOLR-16929: SolrStream propagates undecoded error message (Alex Deparvu)
diff --git a/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java b/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
index db5e97039b2..df5f64900f0 100644
--- a/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
+++ b/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
@@ -18,7 +18,7 @@
package org.apache.solr.handler.admin.api;
import static org.apache.solr.client.solrj.SolrRequest.METHOD.GET;
-import static org.apache.solr.security.PermissionNameProvider.Name.CONFIG_READ_PERM;
+import static org.apache.solr.security.PermissionNameProvider.Name.HEALTH_PERM;
import org.apache.solr.api.EndPoint;
import org.apache.solr.handler.admin.HealthCheckHandler;
@@ -41,7 +41,7 @@ public class NodeHealthAPI {
@EndPoint(
path = {"/node/health"},
method = GET,
- permission = CONFIG_READ_PERM)
+ permission = HEALTH_PERM)
public void getSystemInformation(SolrQueryRequest req, SolrQueryResponse rsp) throws Exception {
handler.handleRequestBody(req, rsp);
}