You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Abhay Kulkarni (Jira)" <ji...@apache.org> on 2020/11/19 17:07:00 UTC

[jira] [Created] (RANGER-3083) denyAllElse policy does not handle access request with access-type of '_any'

Abhay Kulkarni created RANGER-3083:
--------------------------------------

             Summary: denyAllElse policy does not handle access request with access-type of '_any'
                 Key: RANGER-3083
                 URL: https://issues.apache.org/jira/browse/RANGER-3083
             Project: Ranger
          Issue Type: Bug
          Components: Ranger
            Reporter: Abhay Kulkarni
            Assignee: Abhay Kulkarni


If 'isDenyAllElse' flag is set in a Ranger policy, then the expected behavior is that access is denied to all users and/or for access types not explicitly allowed by the policy. However, such policy is not correctly evaluated if the access type is '_any' (which is used by Ranger internally to evaluate certain access operations). 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)