[
https://issues.apache.org/jira/browse/RANGER-1213?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pradeep Agrawal updated RANGER-1213:
------------------------------------
Attachment: (was: RANGER-1213-2.patch)
> No check for wrong ROLEs set on a user
> --------------------------------------
>
> Key: RANGER-1213
> URL: https://issues.apache.org/jira/browse/RANGER-1213
> Project: Ranger
> Issue Type: Bug
> Components: admin
> Affects Versions: 0.6.1
> Reporter: Yan
> Assignee: Pradeep Agrawal
> Priority: Minor
> Fix For: 0.7.0
>
> Attachments: RANGER-1213-2.patch
>
>
> The following curl command goes through ok but the role is misspelled and as
> result the user disappears from the UI's user list:
> %curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H
> "Content-Type: application/json"
> http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm
> where the file of hive_user.role_sys_adm has the following contents:
> {"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive
> - add from Unix
> box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}
> The issue is that XUserMgr.updateXUser does not check the validity of the
> roles passed from client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
