janhoy commented on a change in pull request #427: URL: https://github.com/apache/solr/pull/427#discussion_r753722612
########## File path: solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java ########## @@ -213,14 +212,14 @@ public void testBasicPermissions() { "userPrincipal", "tim", "handler", new ReplicationHandler(), "collectionRequests", singletonList(new CollectionRequest("mycoll")) ) - , FORBIDDEN); + , STATUS_OK); // Replication requires "READ" permission, which Tim has Review comment: The user "tim" has the `dev` and `admin` roles, and thus the permission `read`, `collection-admin-edit` and `schema-edit`. Before this PR, `/replication` was not covered by any particular permission, so replication request was denied, since the user did not either have the `all` permission. After the PR, access is allowed since he has `read`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org