Repository: usergrid Updated Branches: refs/heads/1.x 8f360c791 -> 0a918bbcd
Allow superuser to access @RequireAdminUserAccess Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/0a918bbc Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/0a918bbc Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/0a918bbc Branch: refs/heads/1.x Commit: 0a918bbcdda3cac0147dfe806de8e29c2de8395f Parents: 8f360c7 Author: Michael Russo <[email protected]> Authored: Mon Feb 22 22:11:40 2016 -0800 Committer: Michael Russo <[email protected]> Committed: Mon Feb 22 22:11:40 2016 -0800 ---------------------------------------------------------------------- .../org/apache/usergrid/rest/management/users/UserResource.java | 2 +- .../usergrid/rest/security/SecuredResourceFilterFactory.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/0a918bbc/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java index 3c755f8..d3f2aa0 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java @@ -100,7 +100,7 @@ public class UserResource extends AbstractContextResource { return getSubResource( OrganizationsResource.class ).init( user ); } - + @RequireAdminUserAccess @PUT public JSONWithPadding setUserInfo( @Context UriInfo ui, Map<String, Object> json, @QueryParam( "callback" ) @DefaultValue( "callback" ) String callback ) http://git-wip-us.apache.org/repos/asf/usergrid/blob/0a918bbc/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java index 428973f..56319fc 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java @@ -316,7 +316,7 @@ public class SecuredResourceFilterFactory implements ResourceFilterFactory { @Override public void authorize( ContainerRequest request ) { logger.debug( "AdminUserFilter.authorize" ); - if ( !isUser( getUserIdentifier() ) ) { + if ( !isUser( getUserIdentifier() ) && !isServiceAdmin() ) { throw mappableSecurityException( "unauthorized", "No admin user access authorized" ); } }
