Hi, Solr's Rule-Based Authz is complex to configure but this should be possible. If you share a security.json configuration you attempted, I can suggest tweaks from there to get you what you need.
In case you haven't seen them, the docs here might be helpful: https://solr.apache.org/guide/8_8/rule-based-authorization-plugin.html Best, Jason On Thu, Feb 25, 2021 at 8:31 AM Subhajit Das <subhajitdas...@live.com> wrote: > > Hi There, > > I am trying to create a rule based authorization for two types of user. > > Role : Access > ----------------- > power-user : Everything except data change in collections/cores > ui-user : UI access to view all data. But no edit access except data change > in collections/cores > > How to implement this? > > No predefined permissions for this. Tried by adding all read permissions to > this ui-user. But dosent wok. One of failing APIs is “/admin/info/system”. > Cant match this url, with custom permission also. > > Please help. > > Thanks in advance. >
