[
https://issues.apache.org/jira/browse/RANGER-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Selvamohan Neethiraj updated RANGER-1409:
-----------------------------------------
Fix Version/s: (was: 0.7.0)
0.7.1
> User role get deleted from table when he tries to update his role to a
> restricted role
> --------------------------------------------------------------------------------------
>
> Key: RANGER-1409
> URL: https://issues.apache.org/jira/browse/RANGER-1409
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 0.5.0, 0.6.0, 0.7.0
> Reporter: Pradeep Agrawal
> Assignee: Pradeep Agrawal
> Fix For: 0.7.1
>
> Attachments: RANGER-1409-1.patch
>
>
> *Problem Statement :* User role get deleted from x_portal_user_role table and
> login does not work when he tries to update his role to a restricted role for
> his profile by using Post method of API /service/users/ .
> User having role 'ROLE_SYS_ADMIN' can change his role to 'ROLE_USER'
> User having role 'ROLE_KEY_ADMIN' can change his role to 'ROLE_USER'
> User having role 'ROLE_USER' should not able to change his role to any other
> role.
> *Proposed solution :* User's new requested role should be validated and if
> requested role is invalid then server should return error message.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
