Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-1213

No check for wrong ROLEs set on a user

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 0.6.1
    • 0.7.0
    • admin
    • None

    Description

      The following curl command goes through ok but the role is misspelled and as result the user disappears from the UI's user list:

      %curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H "Content-Type: application/json" http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm

      where the file of hive_user.role_sys_adm has the following contents:

      {"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive - add from Unix box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}

      The issue is that XUserMgr.updateXUser does not check the validity of the roles passed from client.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            pradeep Pradeep Agrawal
            yzhou2001 Yan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment