[
https://issues.apache.org/jira/browse/SOLR-16658?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Høydahl resolved SOLR-16658.
--------------------------------
Fix Version/s: 9.2
Resolution: Fixed
> List of permissions returned to Admin UI is not complete
> --------------------------------------------------------
>
> Key: SOLR-16658
> URL: https://issues.apache.org/jira/browse/SOLR-16658
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Admin UI, security
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Fix For: 9.2
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The Admin UI fetches user's list of roles and permissions from the
> {{/admin/info/system}} API, and use it to enable/disable various parts of the
> UI.
> The lists are assembed by {{SystemInfoHandler}}, and work well for
> permissions assigned to one or more roles. However, Solr's security system
> also has two special type of roles that can be assigned to permissions:
> * {{null}} role: Means that no authentication is needed at all (if
> blockUnknown=false)
> * {{\*}} role: Wildcard role meaning a user with any role, i.e. any
> authenticated user, will have the permission
> This is handled correctly by the backend, but the list of permissions
> returned by {{/admin/info/system}} lacks these permissions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
