usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject usergrid git commit: Allow superuser to access @RequireAdminUserAccess
Date Tue, 23 Feb 2016 06:11:52 GMT
Repository: usergrid
Updated Branches:
  refs/heads/1.x 8f360c791 -> 0a918bbcd


Allow superuser to access @RequireAdminUserAccess


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/0a918bbc
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/0a918bbc
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/0a918bbc

Branch: refs/heads/1.x
Commit: 0a918bbcdda3cac0147dfe806de8e29c2de8395f
Parents: 8f360c7
Author: Michael Russo <mrusso@apigee.com>
Authored: Mon Feb 22 22:11:40 2016 -0800
Committer: Michael Russo <mrusso@apigee.com>
Committed: Mon Feb 22 22:11:40 2016 -0800

----------------------------------------------------------------------
 .../org/apache/usergrid/rest/management/users/UserResource.java    | 2 +-
 .../usergrid/rest/security/SecuredResourceFilterFactory.java       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/0a918bbc/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index 3c755f8..d3f2aa0 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -100,7 +100,7 @@ public class UserResource extends AbstractContextResource {
         return getSubResource( OrganizationsResource.class ).init( user );
     }
 
-
+    @RequireAdminUserAccess
     @PUT
     public JSONWithPadding setUserInfo( @Context UriInfo ui, Map<String, Object> json,
                                         @QueryParam( "callback" ) @DefaultValue( "callback"
) String callback )

http://git-wip-us.apache.org/repos/asf/usergrid/blob/0a918bbc/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
index 428973f..56319fc 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
@@ -316,7 +316,7 @@ public class SecuredResourceFilterFactory implements ResourceFilterFactory
{
         @Override
         public void authorize( ContainerRequest request ) {
             logger.debug( "AdminUserFilter.authorize" );
-            if ( !isUser( getUserIdentifier() ) ) {
+            if ( !isUser( getUserIdentifier() ) && !isServiceAdmin() ) {
                 throw mappableSecurityException( "unauthorized", "No admin user access authorized"
);
             }
         }


Mime
View raw message