[
https://issues.apache.org/jira/browse/GEODE-6930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dick Cavender closed GEODE-6930.
--------------------------------
> Lucene Functions specified using Internal Function's required permission,
> will be rejected by PCC
> -------------------------------------------------------------------------------------------------
>
> Key: GEODE-6930
> URL: https://issues.apache.org/jira/browse/GEODE-6930
> Project: Geode
> Issue Type: Bug
> Components: lucene
> Reporter: Xiaojian Zhou
> Assignee: Xiaojian Zhou
> Priority: Major
> Labels: GeodeCommons
> Fix For: 1.10.0
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> When playing lucene app, I noticed the query is rejected with following error
> msg:
> 2019-06-14T10:24:29.83-0700 [APP/PROC/WEB/0] OUT Caused by:
> org.apache.geode.security.NotAuthorizedException:
> developer_jNnlmXMEdwsrmaDayfNKg not authorized for *
> This is because all the lucene functions are implementing Internal Function
> but forgot to override it's getRequiredPermissions method. So it requires to
> have ResourcePermissions.ALL to execute.
> There're following 9 lucene functions:
> WaitUntilFlushedFunction (Need READ)
> LuceneQueryFunction (Need READ)
> IndexingInProgressFunction (Need READ)
> LuceneCreateIndexFunction (used by gfsh only, no need to change)
> LuceneDestroyIndexFunction (used by gfsh only, no need to change)
> LuceneDescribeIndexFunction (used by gfsh only, no need to change)
> LuceneSearchIndexFunction (used by gfsh only, no need to change)
> LuceneListIndexFunction (used by gfsh only, no need to change)
> LuceneGetPageFunction (Need READ)
> The 5 of them are only used by gfsh, which is the real "internal function".
> The other 4 will be called by client application, so they should specify
> ResourcePermissions.READ.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
