commit | 0a918bbcdda3cac0147dfe806de8e29c2de8395f | [log] [tgz] |
---|---|---|
author | Michael Russo <mrusso@apigee.com> | Mon Feb 22 22:11:40 2016 -0800 |
committer | Michael Russo <mrusso@apigee.com> | Mon Feb 22 22:11:40 2016 -0800 |
tree | 03121a5945990331244beeea4b805bf7be704a20 | |
parent | 8f360c79102ba3f1d83617176e529f9992f6882b [diff] |
Allow superuser to access @RequireAdminUserAccess
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java index 3c755f8..d3f2aa0 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -100,7 +100,7 @@ return getSubResource( OrganizationsResource.class ).init( user ); } - + @RequireAdminUserAccess @PUT public JSONWithPadding setUserInfo( @Context UriInfo ui, Map<String, Object> json, @QueryParam( "callback" ) @DefaultValue( "callback" ) String callback )
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java index 428973f..56319fc 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
@@ -316,7 +316,7 @@ @Override public void authorize( ContainerRequest request ) { logger.debug( "AdminUserFilter.authorize" ); - if ( !isUser( getUserIdentifier() ) ) { + if ( !isUser( getUserIdentifier() ) && !isServiceAdmin() ) { throw mappableSecurityException( "unauthorized", "No admin user access authorized" ); } }