----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/65635/#review197482 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On Feb. 13, 2018, 1:10 p.m., Nixon Rodrigues wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/65635/ > ----------------------------------------------------------- > > (Updated Feb. 13, 2018, 1:10 p.m.) > > > Review request for atlas, Apoorv Naik, Ashutosh Mestry, Madhan Neethiraj, and > Sarath Subramanian. > > > Bugs: ATLAS-2442 > https://issues.apache.org/jira/browse/ATLAS-2442 > > > Repository: atlas > > > Description > ------- > > Bug descripton:- Logged into Atlas as a read only user and fired basic > search. Since Basic search on UI is a POST request , Atlas throws 403 error. > If Basic search is fired using GET, search succeeds. In Atlas apart from > creating entities, tags , Basic search is also fired as POST request. > > Solution:- > In Atlas api method such as GET,POST,PUT,DELETE are mapped to authorization > action like READ,WRITE,UPDATE & DELETE respectively. But the basic search is > exception to it with POST method for READ entities, need to add a exception > case to convert action to READ for POST in case basic search API. > > > Diffs > ----- > > > authorization/src/main/java/org/apache/atlas/authorize/AtlasAccessRequest.java > 7022081f7 > > authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java > 6bc51b777 > > > Diff: https://reviews.apache.org/r/65635/diff/1/ > > > Testing > ------- > > Performed Unit test cases. > Tested UI and api's with user with different permissions. > > > Thanks, > > Nixon Rodrigues > >