-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62024/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Fatima Khan, Gautam Borad, Mehul
Parikh, and Velmurugan Periasamy.
Bugs: RANGER-1756
https://issues.apache.org/jira/browse/RANGER-1756
Repository: ranger
Description
-------
A 'USER' role user is able to see details of 'ADMIN' role users.
Steps-
1.Create a user 'testuser4'.
2.Give user/group page permission to the user 'testuser4'.
3.Login with 'testuser4'.
4.Go to user/group page and check the list of users.
Expected result: It should just show USER role users.
Actual result: It is showing USER role users and ADMIN role users
Diffs
-----
security-admin/src/main/webapp/scripts/utils/XAUtils.js 1979847
Diff: https://reviews.apache.org/r/62024/diff/1/
Testing
-------
Verified scenario's :
1. A user with ROLE_ADMIN able to see users which has USER_ROLE/ADMIN_ROLE.
2. A user with ROLE_KEYADMIN able to see users which has
USER_ROLE/KEYADMIN_ROLE.
3. A user with role ROLE_USER able to see which has USER_ROLE.
Thanks,
Nitin Galave
