xiaojian zhou created GEODE-6930:
------------------------------------
Summary: Lucene Functions specified using Internal Function's
required permission, will be rejected by PCC
Key: GEODE-6930
URL: https://issues.apache.org/jira/browse/GEODE-6930
Project: Geode
Issue Type: Bug
Components: lucene
Reporter: xiaojian zhou
When playing lucene app in PCC, I noticed the query is rejected by PCC with
following error msg:
2019-06-14T10:24:29.83-0700 [APP/PROC/WEB/0] OUT Caused by:
org.apache.geode.security.NotAuthorizedException:
developer_jNnlmXMEdwsrmaDayfNKg not authorized for *
This is because all the lucene functions are implementing Internal Function but
forgot to override it's getRequiredPermissions method. So it requires to have
ResourcePermissions.ALL to execute.
There're following 9 lucene functions:
WaitUntilFlushedFunction (Need READ)
LuceneQueryFunction (Need READ)
IndexingInProgressFunction (Need READ)
LuceneCreateIndexFunction (used by gfsh only, no need to change)
LuceneDestroyIndexFunction (used by gfsh only, no need to change)
LuceneDescribeIndexFunction (used by gfsh only, no need to change)
LuceneSearchIndexFunction (used by gfsh only, no need to change)
LuceneListIndexFunction (used by gfsh only, no need to change)
LuceneGetPageFunction (Need READ)
The 5 of them are only used by gfsh, which is the real "internal function".
The other 4 will be called by client application, so they should specify
ResourcePermissions.READ.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
