[solr] branch main updated: SOLR-15626: Fix `config-read` permission. (#296)

[epugh]

This is an automated email from the ASF dual-hosted git repository.

epugh pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/main by this push:
     new d013e9b  SOLR-15626: Fix `config-read` permission. (#296)
d013e9b is described below

commit d013e9b485659bcf3366e4b433d69b3b60195b89
Author: Jon Senchyna <these...@users.noreply.github.com>
AuthorDate: Thu Oct 7 10:38:03 2021 -0400

    SOLR-15626: Fix `config-read` permission. (#296)
    
    * SOLR-15626: Fix `config-read` permission. The `config-read` permission 
was not including the `null` collection, preventing it from being matched on 
endpoints like `/amin/configs?action=LIST`, as they are not associated with a 
specific collection.
---
 solr/CHANGES.txt                                   | 29 ++++++++++++++++++++++
 .../solr/security/PermissionNameProvider.java      |  2 +-
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index fb0b6fa..87e0bbf 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -386,6 +386,35 @@ Bug Fixes
 
 * SOLR-15653: Fix collection creation race that assumes a local clusterstate 
when the collection has only just been created. (Mark Miller)
 
+==================  8.11.0 ==================
+
+Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this 
release.
+
+New Features
+---------------------
+(No changes)
+
+Improvements
+---------------------
+(No changes)
+
+Optimizations
+---------------------
+(No changes)
+
+Bug Fixes
+---------------------
+* SOLR-15626: The "config-read" permission has been fixed to properly allow 
access to `/solr/admin/configs?action=LIST` (Jon Senchyna via Eric Pugh)
+
+Build
+---------------------
+
+* LUCENE-10104, SOLR-15631: Upgrade forbiddenapis to version 3.2.  (Uwe 
Schindler)
+
+Other Changes
+---------------------
+(No changes)
+
 ==================  8.10.0 ==================
 
 Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this 
release.
diff --git 
a/solr/core/src/java/org/apache/solr/security/PermissionNameProvider.java 
b/solr/core/src/java/org/apache/solr/security/PermissionNameProvider.java
index c0c3f7b..bac5e8a 100644
--- a/solr/core/src/java/org/apache/solr/security/PermissionNameProvider.java
+++ b/solr/core/src/java/org/apache/solr/security/PermissionNameProvider.java
@@ -42,7 +42,7 @@ public interface PermissionNameProvider {
     READ_PERM("read", "*"),
     UPDATE_PERM("update", "*"),
     CONFIG_EDIT_PERM("config-edit", unmodifiableSet(new HashSet<>(asList("*", 
null)))),
-    CONFIG_READ_PERM("config-read", "*"),
+    CONFIG_READ_PERM("config-read", unmodifiableSet(new HashSet<>(asList("*", 
null)))),
     SCHEMA_READ_PERM("schema-read", "*"),
     SCHEMA_EDIT_PERM("schema-edit", "*"),
     SECURITY_EDIT_PERM("security-edit", null),