[
https://issues.apache.org/jira/browse/SOLR-11623?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17446729#comment-17446729
]
Jan Høydahl commented on SOLR-11623:
------------------------------------
I reverted the commit and will look into the test failures.
> Every request handler in Solr should implement PermissionNameProvider
> interface
> -------------------------------------------------------------------------------
>
> Key: SOLR-11623
> URL: https://issues.apache.org/jira/browse/SOLR-11623
> Project: Solr
> Issue Type: Improvement
> Affects Versions: 7.1
> Reporter: Hrishikesh Gadre
> Assignee: Jan Høydahl
> Priority: Blocker
> Fix For: main (9.0)
>
> Time Spent: 7h
> Remaining Estimate: 0h
>
> Solr authorization framework expects request handler to implement
> PermissionNameProvider interface so that the type of the permission for the
> request can be extracted. Currently not all request handlers implement
> PermissionNameProvider, requiring authorization plugin implementation to
> check this case explicitly and return OK. During code review of SENTRY-1475,
> this issue was discussed. Since PermissionNameProvider.Name enum provides
> "ALL" permission type, it should be possible to have every request handler to
> implement PermissionNameProvider interface and provide "ALL" permission type
> if no authorization checks are necessary.
> The secondary benefit of this work would be that we can review all the
> request handlers and ensure that we aren't missing authorization support for
> any request handlers which provide sensitive information.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
