[
https://issues.apache.org/jira/browse/SOLR-16658?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17689146#comment-17689146
]
ASF subversion and git services commented on SOLR-16658:
--------------------------------------------------------
Commit 300dd1094b0a40dd140e77793e0490dcba4914e0 in solr's branch
refs/heads/branch_9x from Jan Høydahl
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=300dd1094b0 ]
SOLR-16658 List of permissions returned to Admin UI is not complete (#1359)
> List of permissions returned to Admin UI is not complete
> --------------------------------------------------------
>
> Key: SOLR-16658
> URL: https://issues.apache.org/jira/browse/SOLR-16658
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Admin UI, security
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The Admin UI fetches user's list of roles and permissions from the
> {{/admin/info/system}} API, and use it to enable/disable various parts of the
> UI.
> The lists are assembed by {{SystemInfoHandler}}, and work well for
> permissions assigned to one or more roles. However, Solr's security system
> also has two special type of roles that can be assigned to permissions:
> * {{null}} role: Means that no authentication is needed at all (if
> blockUnknown=false)
> * {{\*}} role: Wildcard role meaning a user with any role, i.e. any
> authenticated user, will have the permission
> This is handled correctly by the backend, but the list of permissions
> returned by {{/admin/info/system}} lacks these permissions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
