You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2022/07/08 06:03:42 UTC
Re: Review Request 74044: RANGER-3814: fix for incorrect result from IS_IN_ROLE(roleName) condition
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74044/#review224544
-----------------------------------------------------------
Ship it!
Ship It!
- Abhay Kulkarni
On June 29, 2022, 8:08 p.m., Madhan Neethiraj wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74044/
> -----------------------------------------------------------
>
> (Updated June 29, 2022, 8:08 p.m.)
>
>
> Review request for ranger, Abhishek Kumar, Ankita Sinha, Kishor Gollapalliwar, Abhay Kulkarni, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, Subhrat Chaudhary, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-3814
> https://issues.apache.org/jira/browse/RANGER-3814
>
>
> Repository: ranger
>
>
> Description
> -------
>
> updated RangerDefaultRequestProcessor to populate request.userRoles, in addition to setting in the context
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java c514a86a3
> agents-common/src/main/java/org/apache/ranger/plugin/service/RangerDefaultRequestProcessor.java ac9ce8faa
> agents-common/src/test/resources/policyengine/test_policyengine_with_roles.json c8352cc3b
>
>
> Diff: https://reviews.apache.org/r/74044/diff/1/
>
>
> Testing
> -------
>
> - updated unit tests to cover IS_IN_ROLE(roleName) condition
> - fixed RangerDefaultPolicyEvaluator.lookupPolicyACLSummary() to look into role access only when access is not determined by user/groups
>
>
> Thanks,
>
> Madhan Neethiraj
>
>