Review Request 73110: RANGER-3135:Ranger always ponit out "User does not have permission for this operation" when user try to query a none-exist role

ru jia Tue, 29 Dec 2020 04:31:27 -0800

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73110/
-----------------------------------------------------------


Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, 
Ramesh Mani, and Sailaja Polavarapu.


Bugs: RANGER-3135
    https://issues.apache.org/jira/browse/RANGER-3135


Repository: ranger


Description
-------

when i access /role/name/{name}, a Exception "User does not have permission for 
this operation" always been taken, even if this role doesn't exist .
it is better to prompt user this role is not exist in this case when 
execute-user has admin permission.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 86cda078c 


Diff: https://reviews.apache.org/r/73110/diff/1/


Testing
-------

exec command: curl -i -k --user {user}:{pwd} 
"https://{rangeradminIp}:{rangeradminPort}/serice/role/roles/name/xxx"; -X GET 
-H "Content-Type:application/json"
will return "Role with name : xxx does not exist" when exec-user is rangeradmin
return "User does not have permission for this operation" when user isn't 
rangeradmin and user doesn't have right permission


Thanks,

ru jia

Review Request 73110: RANGER-3135:Ranger always ponit out "User does not have permission for this operation" when user try to query a none-exist role

Reply via email to