-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65635/
-----------------------------------------------------------
Review request for atlas, Apoorv Naik, Ashutosh Mestry, Madhan Neethiraj, and
Sarath Subramanian.
Bugs: ATLAS-2442
https://issues.apache.org/jira/browse/ATLAS-2442
Repository: atlas
Description
-------
Bug descripton:- Logged into Atlas as a read only user and fired basic search.
Since Basic search on UI is a POST request , Atlas throws 403 error. If Basic
search is fired using GET, search succeeds. In Atlas apart from creating
entities, tags , Basic search is also fired as POST request.
Solution:-
In Atlas api method such as GET,POST,PUT,DELETE are mapped to authorization
action like READ,WRITE,UPDATE & DELETE respectively. But the basic search is
exception to it with POST method for READ entities, need to add a exception
case to convert action to READ for POST in case basic search API.
Diffs
-----
authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java
7022081f7
authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
6bc51b777
Diff: https://reviews.apache.org/r/65635/diff/1/
Testing
-------
Performed Unit test cases.
Tested UI and api's with user with different permissions.
Thanks,
Nixon Rodrigues
