You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2018/04/18 20:46:40 UTC

Re: Review Request 66688: Ranger Hbase plugin does not authorize scan table even when a policy allows read on a column in a column-family

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/66688/
-----------------------------------------------------------

(Updated April 18, 2018, 8:46 p.m.)


Review request for ranger and Madhan Neethiraj.


Repository: ranger


Description
-------

Ranger policy : allow read for testuser on table/column-family/column
Hbase shell command : scan 'table'
ER - Display results of table/column-family/column (only) with audit log displaying correct policy-id
AR - Access denied.


Diffs
-----

  agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java 46c409f41 
  hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java 8952752aa 


Diff: https://reviews.apache.org/r/66688/diff/1/


Testing
-------

Tested with local VM


Thanks,

Abhay Kulkarni