[
https://issues.apache.org/jira/browse/RANGER-3155?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17269280#comment-17269280
]
rujia edited comment on RANGER-3155 at 1/21/21, 1:05 PM:
---------------------------------------------------------
Hi [~maheshbandal] there is a main point that none-admin user has no permission
to know whether a role exists, right?
CC: [~mehul], [~vel],[~pradeep]
was (Author: rujia1019):
Hi [~maheshbandal] there is a main point that none-admin user has no permission
to know whether a role exists, right?
> Roles are not accessible for Admin User through REST API
> --------------------------------------------------------
>
> Key: RANGER-3155
> URL: https://issues.apache.org/jira/browse/RANGER-3155
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 3.0.0
> Reporter: Mahesh Hanumant Bandal
> Assignee: Mahesh Hanumant Bandal
> Priority: Major
> Fix For: 3.0.0
>
>
> This issue is introduced by RANGER-3135.
> Following is current observation :
> I tried to access GET API
> [http://localhost:6080/service/roles/roles/name/role1] with admin user and it
> does not return roles which already exist, whereas select * from x_role
> returns two roles. ie. role1, role2.
> API returns following response :
> {code:java}
> <vxResponse>
> <msgDesc>Role with name: role1 does not exist</msgDesc>
> <statusCode>1</statusCode>
> </vxResponse>
> {code}
> *With admin user it shows same response regardless of role's existence.*
> =================================================================
> Resolution :
> Admin user should get roles when accessed via REST API. This JIRA should also
> focus on providing fix for RANGER-3135 where GET API /roles/name/\{name}
> should provide proper message in case of the role does not exist. In case of
> non-admin user, it should deny access to roles.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
