Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
3.0.0
Description
While testing permission module use cases, developer found one case for user role. Policy listing page stuck on loading when 'Security Zone' module permission of user with user-role is revoked.
By default user with user role has permission to 'Security Zone' module.
Impact here is user with user-role will not be able to access policies from policy listing page in Ranger Admin UI with React JS.
However there is a work around which is to give permission to the user with user-role in the 'Security Zone' module.
Need to provide a fix to handle this use case where we should not use the modules level API and try to implement and use API which is open to access data even if user don't have permission on certain modules.
As part of this fix provided below open API for SecurityZoneHeaderInfo based on serviceId
service/public/v2/api/zones/zone-headers/for-service/{serviceId=}?isTagService=false
isTagService query param is false by default
use below curl request
– for non-tag based service, below curl request will works
curl -u {user}:{user_pass} -X GET '{hostname}/service/public/v2/api/zones/zone-headers/for-service/{serviceId}?isTagService=false'
curl -u {user}:{user_pass} -X GET '{hostname}/service/public/v2/api/zones/zone-headers/for-service/{serviceId=}'
– for tag based service need to pass isTagService=ture
curl -u {user}:{user_pass} -X GET '{hostname}/service/public/v2/api/zones/zone-headers/for-service/{serviceId}?isTagService=true'
Apart from above fixes, this jira is also handling one improvement on the Dashboard page to reduce server side API call for zone change operation.
Attachments
Issue Links
- links to
