Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-2065

Entity is readable even if there is no entity-read-classification permission.

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.1.0
    • Component/s: plugins
    • Labels:
      None

      Description

      Scenario:
      1) create entity and tag, 
      2) associate that entity to tag.
      3) user1 does not have read classification but read entity.

      Make a rest call to read classification details in the entity it fails as expected:

      {
      "errorCode": "ATLAS-403-00-001",
      "errorMessage": "admin is not authorized to perform get classifications: guid=d11fd3de-d99d-4e3f-b489-4c0f97651f7d"
      }
      

      but when we login to UI and open the entity we are able to see classification details despite of having no read classification permission which is same information as what was denied in rest call.

        Attachments

        1. RANGER-2065.patch
          11 kB
          Nixon Rodrigues
        2. RANGER-2065.1.patch
          12 kB
          Nixon Rodrigues

          Issue Links

            Activity

              People

              • Assignee:
                nixonrodrigues Nixon Rodrigues
                Reporter:
                nixonrodrigues Nixon Rodrigues
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: