Description
The following curl command goes through ok but the role is misspelled and as result the user disappears from the UI's user list:
%curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm
where the file of hive_user.role_sys_adm has the following contents:
{"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive - add from Unix box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}The issue is that XUserMgr.updateXUser does not check the validity of the roles passed from client.
Attachments
Attachments
Issue Links
- links to