Repository: usergrid Updated Branches: refs/heads/hotfix-20160819 92b4ebaaf -> b9792cc24
Add extra check in path permissions filter in REST in case the annotation gets added to a system resource. Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/b9792cc2 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/b9792cc2 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/b9792cc2 Branch: refs/heads/hotfix-20160819 Commit: b9792cc243705ead5480e31f9cece669f28cf446 Parents: 92b4eba Author: Michael Russo <[email protected]> Authored: Sat Sep 10 13:51:38 2016 -0700 Committer: Michael Russo <[email protected]> Committed: Sat Sep 10 13:51:38 2016 -0700 ---------------------------------------------------------------------- .../usergrid/rest/security/SecuredResourceFilterFactory.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/b9792cc2/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java index 7b62514..d68c9c9 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java @@ -468,7 +468,7 @@ public class SecuredResourceFilterFactory implements DynamicFeature { logger.debug( "PathPermissionsFilter.authorize" ); } - if ( isServiceAdmin() ){ + if ( isServiceAdmin() || isBasicAuthServiceAdmin(request) ){ if(logger.isTraceEnabled()){ logger.trace("User is sysadmin. Allowing access."); }
