[
https://issues.apache.org/jira/browse/RANGER-3883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17620475#comment-17620475
]
Ramachandran commented on RANGER-3883:
--------------------------------------
When a POST/PUT request is made to the following APIs return 200 status code
even when the userId or id is invalid.
Ranger is not honouring Id
/service/users/\{USER_ID}/passwordchange
/service/users/\{USER_ID}/emailchange
/assets/\{id}
/permission/\{id}
/services/\{id}
/definitions/\{id}
/secure/groups/\{id}
/policies/\{id}
Ideally, the APIs must return 404 or Bad request(400) not found when using an
invalid userid or id in the URL
But in this case, the POST/PUT request results in status code 200 instead of
400 cc >> [[email protected]] [~pradeep] [~vel]
> emailchange and passwordchange User REST API's work even when invalid user id
> is used in the url
> ------------------------------------------------------------------------------------------------
>
> Key: RANGER-3883
> URL: https://issues.apache.org/jira/browse/RANGER-3883
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhishek
> Priority: Major
>
> When a POST request is made to the following APIs return 200 status code even
> when the userId is invalid .
> # {RANGER_ADMIN_URL}/service/users/\{USER_ID}/passwordchange
> # \{RANGER_ADMIN_URL}/service/users/\{USER_ID}/emailchange
> Ideally, the API's must return 404 not found when using an invalid userid in
> the url,
> but in the case of the aforementioned APIs, POST request results in status
> code 200.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
