-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73110/
-----------------------------------------------------------
(Updated εδΊζ 29, 2020, 1:15 p.m.)
Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal,
Ramesh Mani, and Sailaja Polavarapu.
Bugs: RANGER-3135
https://issues.apache.org/jira/browse/RANGER-3135
Repository: ranger
Description
-------
when i access /role/name/{name}, a Exception "User does not have permission for
this operation" always been taken, even if this role doesn't exist .
it is better to prompt user this role is not exist in this case when
execute-user has admin permission.
Diffs (updated)
-----
security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 86cda078c
Diff: https://reviews.apache.org/r/73110/diff/2/
Changes: https://reviews.apache.org/r/73110/diff/1-2/
Testing
-------
exec command: curl -i -k --user {user}:{pwd}
"https://{rangeradminIp}:{rangeradminPort}/serice/role/roles/name/xxx"; -X GET
-H "Content-Type:application/json"
will return "Role with name : xxx does not exist" when exec-user is rangeradmin
return "User does not have permission for this operation" when user isn't
rangeradmin and user doesn't have right permission
File Attachments (updated)
----------------
0001-optimze-log-print-for-querying-roles.patch
https://reviews.apache.org/media/uploaded/files/2020/12/29/0757487c-2667-4362-8bb4-c3a0589fe396__0001-optimze-log-print-for-querying-roles.patch
Thanks,
ru jia
