----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73110/#review222400 -----------------------------------------------------------
Ship it! Ship It! - Pradeep Agrawal On Dec. 29, 2020, 1:15 p.m., ru jia wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73110/ > ----------------------------------------------------------- > > (Updated Dec. 29, 2020, 1:15 p.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, > Ramesh Mani, and Sailaja Polavarapu. > > > Bugs: RANGER-3135 > https://issues.apache.org/jira/browse/RANGER-3135 > > > Repository: ranger > > > Description > ------- > > when i access /role/name/{name}, a Exception "User does not have permission > for this operation" always been taken, even if this role doesn't exist . > it is better to prompt user this role is not exist in this case when > execute-user has admin permission. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java 86cda078c > > > Diff: https://reviews.apache.org/r/73110/diff/2/ > > > Testing > ------- > > exec command: curl -i -k --user {user}:{pwd} > "https://{rangeradminIp}:{rangeradminPort}/serice/role/roles/name/xxx"; -X GET > -H "Content-Type:application/json" > will return "Role with name : xxx does not exist" when exec-user is > rangeradmin > return "User does not have permission for this operation" when user isn't > rangeradmin and user doesn't have right permission > > > File Attachments > ---------------- > > 0001-optimze-log-print-for-querying-roles.patch > > https://reviews.apache.org/media/uploaded/files/2020/12/29/0757487c-2667-4362-8bb4-c3a0589fe396__0001-optimze-log-print-for-querying-roles.patch > > > Thanks, > > ru jia > >
