[
https://issues.apache.org/jira/browse/GEODE-2605?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15977717#comment-15977717
]
ASF subversion and git services commented on GEODE-2605:
--------------------------------------------------------
Commit f6d3ab7f89e9d373075c3df28060c9c23a96aaa2 in geode's branch
refs/heads/feature/GEODE-2681 from [~barry.oglesby]
[ https://git-wip-us.apache.org/repos/asf?p=geode.git;h=f6d3ab7 ]
GEODE-2605: Modified gfsh search lucene to require DATA:WRITE privilege to
match client
> Unable to do a Lucene query without CLUSTER:READ privilege
> ----------------------------------------------------------
>
> Key: GEODE-2605
> URL: https://issues.apache.org/jira/browse/GEODE-2605
> Project: Geode
> Issue Type: Bug
> Components: docs, lucene, security
> Reporter: Diane Hardman
> Assignee: Barry Oglesby
> Fix For: 1.2.0
>
> Attachments: security.json
>
>
> I have configured a small cluster with security and am testing the privileges
> I need for creating a Lucene index and then executing a query/search using
> Lucene.
> I have confirmed that DATA:MANAGE privilege allows me to create a lucene
> index (similar to creating OQL indexes).
> I assumed I needed DATA:WRITE privilege to execute 'search lucene' because
> the implementation uses a function. Instead, I am getting an error that I
> need CLUSTER:READ privilege. I don't know why.
> As an aside, we may want to document that all DATA privileges automatically
> include CLUSTER:READ as I found I could create indexes with DATA:WRITE, but
> could not list the indexes I created without CLUSTER:READ... go figure.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
