[
https://issues.apache.org/jira/browse/GEODE-6930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
xiaojian zhou resolved GEODE-6930.
----------------------------------
Resolution: Fixed
Fix Version/s: 1.10.0
> Lucene Functions specified using Internal Function's required permission,
> will be rejected by PCC
> -------------------------------------------------------------------------------------------------
>
> Key: GEODE-6930
> URL: https://issues.apache.org/jira/browse/GEODE-6930
> Project: Geode
> Issue Type: Bug
> Components: lucene
> Reporter: xiaojian zhou
> Assignee: xiaojian zhou
> Priority: Major
> Labels: GeodeCommons
> Fix For: 1.10.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> When playing lucene app in PCC, I noticed the query is rejected by PCC with
> following error msg:
> 2019-06-14T10:24:29.83-0700 [APP/PROC/WEB/0] OUT Caused by:
> org.apache.geode.security.NotAuthorizedException:
> developer_jNnlmXMEdwsrmaDayfNKg not authorized for *
> This is because all the lucene functions are implementing Internal Function
> but forgot to override it's getRequiredPermissions method. So it requires to
> have ResourcePermissions.ALL to execute.
> There're following 9 lucene functions:
> WaitUntilFlushedFunction (Need READ)
> LuceneQueryFunction (Need READ)
> IndexingInProgressFunction (Need READ)
> LuceneCreateIndexFunction (used by gfsh only, no need to change)
> LuceneDestroyIndexFunction (used by gfsh only, no need to change)
> LuceneDescribeIndexFunction (used by gfsh only, no need to change)
> LuceneSearchIndexFunction (used by gfsh only, no need to change)
> LuceneListIndexFunction (used by gfsh only, no need to change)
> LuceneGetPageFunction (Need READ)
> The 5 of them are only used by gfsh, which is the real "internal function".
> The other 4 will be called by client application, so they should specify
> ResourcePermissions.READ.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
