ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nitin Galave <nitin.gal...@gmail.com>
Subject Review Request 62024: RANGER-1756: User is able to see "Admin" role user details.
Date Fri, 01 Sep 2017 06:06:34 GMT

This is an automatically generated e-mail. To reply, visit:

Review request for ranger, Ankita Sinha, Fatima Khan, Gautam Borad, Mehul Parikh, and Velmurugan

Bugs: RANGER-1756

Repository: ranger


A 'USER' role user is able to see details of 'ADMIN' role users.
1.Create a user 'testuser4'.
2.Give user/group page permission to the user 'testuser4'.
3.Login with 'testuser4'.
4.Go to user/group page and check the list of users.

Expected result: It should just show USER role users.
Actual result: It is showing USER role users and ADMIN role users


  security-admin/src/main/webapp/scripts/utils/XAUtils.js 1979847 

Diff: https://reviews.apache.org/r/62024/diff/1/


Verified scenario's :
1. A user with ROLE_ADMIN able to see users which has USER_ROLE/ADMIN_ROLE.
2. A user with ROLE_KEYADMIN able to see users which has USER_ROLE/KEYADMIN_ROLE.
3. A user with role ROLE_USER able to see which has USER_ROLE.


Nitin Galave

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message