[RANGER-1213] No check for wrong ROLEs set on a user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 0.6.1
Fix Version/s: 0.7.0
Component/s: admin
Labels:
None

Description

The following curl command goes through ok but the role is misspelled and as result the user disappears from the UI's user list:

%curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm

where the file of hive_user.role_sys_adm has the following contents:

{"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive - add from Unix box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}

The issue is that XUserMgr.updateXUser does not check the validity of the roles passed from client.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

RANGER-1213-2.patch
22/Dec/16 03:05
2 kB
Pradeep Agrawal

Issue Links

links to

Apache review request link-1

Activity

People

Assignee:: Pradeep Agrawal

Reporter:: Yan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Nov/16 17:16

Updated:: 23/Dec/16 11:19

Resolved:: 23/Dec/16 11:19