You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2021/11/20 22:41:59 UTC

[GitHub] [solr] janhoy commented on a change in pull request #427: SOLR-11623 Every request handler - PermissionNameProvider (Take 2)

janhoy commented on a change in pull request #427:
URL: https://github.com/apache/solr/pull/427#discussion_r753722612



##########
File path: solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
##########
@@ -213,14 +212,14 @@ public void testBasicPermissions() {
         "userPrincipal", "tim",
         "handler", new ReplicationHandler(),
         "collectionRequests", singletonList(new CollectionRequest("mycoll")) )
-        , FORBIDDEN);
+        , STATUS_OK); // Replication requires "READ" permission, which Tim has

Review comment:
       The user "tim" has the `dev` and `admin` roles, and thus the permission `read`, `collection-admin-edit` and `schema-edit`. 
   
   Before this PR, `/replication` was not covered by any particular permission, so replication request was denied, since the user did not either have the `all` permission. After the PR, access is allowed since he has `read`.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org