Yan created RANGER-1213:
---------------------------
Summary: No check for wrong ROLEs set on a user
Key: RANGER-1213
URL: https://issues.apache.org/jira/browse/RANGER-1213
Project: Ranger
Issue Type: Bug
Components: admin
Affects Versions: 0.6.1
Reporter: Yan
Priority: Minor
The following curl command goes through ok but the role is misspelled and as
result the user disappears from the UI's user list:
%curl -u admin:admin -v -i -s -X PUT -H "Accept: application/json" -H
"Content-Type: application/json"
http://9.3.2.1:6080/service/xusers/secure/users/4 -d@hive_user.role_sys_adm
where the file of hive_user.role_sys_adm has the following contents:
{"id":4,"name":"hive","firstName":"hive","lastName":"hive","description":"hive
- add from Unix
box","status":1,"isVisible":1,"userSource":1,"userRoleList":["ROLE_SYS_ADM"]}
The issue is that XUserMgr.updateXUser does not check the validity of the
roles passed from client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
