Pradeep Agrawal created RANGER-1409:
---------------------------------------
Summary: User role get deleted from table when he tries to update
his role to a restricted role
Key: RANGER-1409
URL: https://issues.apache.org/jira/browse/RANGER-1409
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 0.6.0, 0.5.0, 0.7.0
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal
*Problem Statement :* User role get deleted from x_portal_user_role table and
login does not work when he tries to update his role to a restricted role for
his profile by using Post method of API /service/users/ .
User having role 'ROLE_SYS_ADMIN' can change his role to 'ROLE_USER'
User having role 'ROLE_KEY_ADMIN' can change his role to 'ROLE_USER'
User having role 'ROLE_USER' should not able to change his role to any other
role.
*Proposed solution :* User's new requested role should be validated and if
requested role is invalid then server should return error message.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
