You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@solr.apache.org by ja...@apache.org on 2023/08/22 18:48:20 UTC

[solr] branch branch_9x updated: SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)

This is an automated email from the ASF dual-hosted git repository.

janhoy pushed a commit to branch branch_9x
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/branch_9x by this push:
     new b7a4adfd686 SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)
b7a4adfd686 is described below

commit b7a4adfd686827e711762b31bfb39722118ae234
Author: Jan Høydahl <ja...@users.noreply.github.com>
AuthorDate: Tue Aug 22 20:04:55 2023 +0200

    SOLR-16944 V2 API /api/node/health should be governed by "health" permission, not "config-read" (#1858)
    
    (cherry picked from commit 59f70172167795e7e2bdb2da66b1f45c6fc8250c)
---
 solr/CHANGES.txt                                                      | 2 ++
 .../src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java     | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 537f75358d3..36d30c6e7f8 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -68,6 +68,8 @@ Bug Fixes
 
 * PR#1826: Allow looking up Solr Package repo when that URL references a raw repository.json hosted on Github when the file is JSON but the mimetype used is text/plain. (Eric Pugh)
 
+* SOLR-16944: V2 API /api/node/health should be governed by "health" permission, not "config-read" (janhoy)
+
 * SOLR-16859: Missing Proxy support for Http2SolrClient (Alex Deparvu)
 
 * SOLR-16929: SolrStream propagates undecoded error message (Alex Deparvu)
diff --git a/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java b/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
index db5e97039b2..df5f64900f0 100644
--- a/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
+++ b/solr/core/src/java/org/apache/solr/handler/admin/api/NodeHealthAPI.java
@@ -18,7 +18,7 @@
 package org.apache.solr.handler.admin.api;
 
 import static org.apache.solr.client.solrj.SolrRequest.METHOD.GET;
-import static org.apache.solr.security.PermissionNameProvider.Name.CONFIG_READ_PERM;
+import static org.apache.solr.security.PermissionNameProvider.Name.HEALTH_PERM;
 
 import org.apache.solr.api.EndPoint;
 import org.apache.solr.handler.admin.HealthCheckHandler;
@@ -41,7 +41,7 @@ public class NodeHealthAPI {
   @EndPoint(
       path = {"/node/health"},
       method = GET,
-      permission = CONFIG_READ_PERM)
+      permission = HEALTH_PERM)
   public void getSystemInformation(SolrQueryRequest req, SolrQueryResponse rsp) throws Exception {
     handler.handleRequestBody(req, rsp);
   }