lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony A <antonyaugus...@gmail.com>
Subject Re: Basic Auth Permission
Date Tue, 04 Dec 2018 17:34:02 GMT
Hi Rick,

This is how I was able to restrict permissions to user-role ( user1  ) to
its own collection. Hopefully it helps.

   "permissions": [
     {"name": "*", "path": "/dataimport", "params": {"command":
["status"]}, "role": "*"},
     {"collection": "name", "path": "/admin/file", "role": ["user1",
"admin"]},
     {"collection": "name", "path": "/files", "role": ["user1", "admin"]},
     {"collection": "name", "path": "/admin/collections", "params":
{"action": ["LIST"]}, "role": ["user1", "admin"]},
     {"collection": "name", "path": "/dataimport", "role": ["user1",
"admin"]},
     {"collection": "name", "path": "/select", "role": ["user1", "admin"]},
     {"collection": "name", "name": "update", "role": ["user1", "admin"]},
     {"collection": "name", "name": "collection-admin-read", "role":
["user1", "admin"]},
     {"collection": "name", "name": "schema-read", "role": ["user1",
"admin"]},
     {"collection": "name", "name": "core-admin-read", "role": ["user1",
"admin"]},
     {"collection": "null", "path": "/admin/zookeeper", "role": ["admin"]},
     {"name": "security-read", "role": ["admin"]},
     {"name": "schema-edit", "role": ["admin"]},
     {"name": "config-edit", "role": ["admin"]},
     {"name": "core-admin-edit", "role": ["admin"]},
     {"name": "security-read", "role": ["admin"]},
     {"name": "collection-admin-edit", "role": ["admin"]},
     {"name": "security-edit", "role": ["admin"]}
    ]

Thanks,
Antony


On Tue, Dec 4, 2018 at 10:07 AM Terry Steichen <terry@net-frame.com> wrote:

> In setting his permission, Antony said he set "path": "/admin/file".  I
> use "path":"/*" - that may be too restrictive for you, but it works fine
> (for me).
>
> On 12/4/18 9:55 AM, yydpkm wrote:
> > Hi Antony,
> >
> > Have you solved this? I am facing the same thing. Other users can still
> do
> > /select after I set the permission path and collection.
> >
> > Best,
> > Rick
> >
> >
> >
> > --
> > Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message