diff options
author | Alex Rudyy <orudyy@apache.org> | 2015-03-10 22:26:16 +0000 |
---|---|---|
committer | Alex Rudyy <orudyy@apache.org> | 2015-03-10 22:26:16 +0000 |
commit | 0fcc28c303a9f3abfa8c85eb9f0a29039aa98df3 (patch) | |
tree | 81e80cff831a682add04f2a5094b5af2a5477474 | |
parent | 34ff17e386900442c79c2c266a417e3ba868470e (diff) | |
download | qpid-python-0fcc28c303a9f3abfa8c85eb9f0a29039aa98df3.tar.gz |
QPID-6436: Allow user to update its own preferences without explicit permissions
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1665731 13f79535-47bb-0310-9956-ffa450edef68
-rwxr-xr-x | qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java index 922d64e6ee..754f6074e3 100755 --- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java +++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SecurityManager.java @@ -532,6 +532,13 @@ public class SecurityManager public void authoriseUserUpdate(final String userName) { + AuthenticatedPrincipal principal = getCurrentUser(); + if (principal != null && principal.getName().equals(userName)) + { + // allow user to update its own data + return; + } + final Operation operation = Operation.UPDATE; if(! checkAllPlugins(new AccessCheck() { |