Repository: atlas
Updated Branches:
  refs/heads/branch-0.8 043ab72b9 -> 435338ccc


ATLAS-2442:- Fix for read-only permission to allow read entity when http method 
is POST


Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/435338cc
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/435338cc
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/435338cc

Branch: refs/heads/branch-0.8
Commit: 435338ccccbffadb15e7d51d80bf6c2899319744
Parents: 043ab72
Author: nixonrodrigues <ni...@apache.org>
Authored: Tue Feb 13 17:32:44 2018 +0530
Committer: nixonrodrigues <ni...@apache.org>
Committed: Thu Feb 15 12:45:35 2018 +0530

----------------------------------------------------------------------
 .../java/org/apache/atlas/authorize/AtlasAccessRequest.java | 2 +-
 .../atlas/authorize/simple/AtlasAuthorizationUtils.java     | 9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/atlas/blob/435338cc/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
----------------------------------------------------------------------
diff --git 
a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
 
b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
index 7022081..07cb2b0 100644
--- 
a/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
+++ 
b/authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
@@ -40,7 +40,7 @@ public class AtlasAccessRequest {
     public AtlasAccessRequest(HttpServletRequest request, String user, 
Set<String> userGroups) {
         // Spring Security 4 Change => request.getServletPath() -> 
request.getPathInfo()
         
this(AtlasAuthorizationUtils.getAtlasResourceType(request.getPathInfo()), "*", 
AtlasAuthorizationUtils
-            .getAtlasAction(request.getMethod()), user, 
userGroups,AtlasAuthorizationUtils.getRequestIpAddress(request));
+            .getAtlasAction(request.getMethod(),request.getPathInfo()), user, 
userGroups,AtlasAuthorizationUtils.getRequestIpAddress(request));
     }
 
     public AtlasAccessRequest(Set<AtlasResourceTypes> resourceType, String 
resource, AtlasActionTypes action,

http://git-wip-us.apache.org/repos/asf/atlas/blob/435338cc/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
----------------------------------------------------------------------
diff --git 
a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
 
b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
index 6bc51b7..e103d55 100644
--- 
a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
+++ 
b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
@@ -71,12 +71,17 @@ public class AtlasAuthorizationUtils {
         return api;
     }
 
-    public static AtlasActionTypes getAtlasAction(String method) {
+    public static AtlasActionTypes getAtlasAction(String method, String 
contextPath) {
         AtlasActionTypes action = null;
 
         switch (method.toUpperCase()) {
             case "POST":
-                action = AtlasActionTypes.CREATE;
+                String api = getApi(contextPath);
+                if (api != null && api.startsWith("search")) {   // 
exceptional case for basic search api with POST method
+                    action = AtlasActionTypes.READ;
+                } else {
+                    action = AtlasActionTypes.CREATE;
+                }
                 break;
             case "GET":
                 action = AtlasActionTypes.READ;

Reply via email to