[ https://issues.apache.org/jira/browse/RANGER-1213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pradeep Agrawal updated RANGER-1213: ------------------------------------ Attachment: (was: RANGER-1213-2.patch) > No check for wrong ROLEs set on a user > -------------------------------------- > > Key: RANGER-1213 > URL: https://issues.apache.org/jira/browse/RANGER-1213 > Project: Ranger > Issue Type: Bug > Components: admin > Affects Versions: 0.6.1 > Reporter: Yan > Assignee: Pradeep Agrawal > Priority: Minor > Fix For: 0.7.0 > > Attachments: RANGER-1213-2.patch > > > The following curl command goes through ok but the role is misspelled and as > result the user disappears from the UI's user list: > %curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H > "Content-Type: application/json" > http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm > where the file of hive_user.role_sys_adm has the following contents: > {"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive > - add from Unix > box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]} > The issue is that XUserMgr.updateXUser does not check the validity of the > roles passed from client. -- This message was sent by Atlassian JIRA (v6.3.4#6332)