You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Fang-Yu Rao (Jira)" <ji...@apache.org> on 2021/01/08 22:52:00 UTC

[jira] [Created] (RANGER-3145) Allow dropping a role that is still associated with privileges

Fang-Yu Rao created RANGER-3145:
-----------------------------------

             Summary: Allow dropping a role that is still associated with privileges
                 Key: RANGER-3145
                 URL: https://issues.apache.org/jira/browse/RANGER-3145
             Project: Ranger
          Issue Type: Bug
          Components: plugins, Ranger
            Reporter: Fang-Yu Rao


To drop a role in Ranger using [RangerBasePlugin#dropRole()|https://github.com/apache/ranger/blob/9d459e0255484277d802b5d8e9fcdd936f3aed04/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java#L496-L506], we need to first revoke from this role all the associated privileges, which was not required when a user was using Sentry as the authorization provider. It would be much easier for users to adopt Ranger if {{RangerBasePlugin#dropRole()}} allows dropping a role that is still associated with privileges.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)