You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Abhay Kulkarni (Jira)" <ji...@apache.org> on 2021/10/04 14:51:00 UTC
[jira] [Updated] (RANGER-3462) User with delegated admin permission
on a resource cannot fetch policy for the resource
[ https://issues.apache.org/jira/browse/RANGER-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Abhay Kulkarni updated RANGER-3462:
-----------------------------------
Description:
Steps to reproduce the issue:
# Create users in Ranger alice, bob, and charlie. Alice has admin role, bob and charlie has user role.
# Create an HDFS policy with name "test-delegate-admin" as alice. In that policy there 2 policy items; one for bob, and the other for alice with RWX permissions with "Delegate Admin".
# Log in as bob, and edited the policy item for bob: removed Write permission.
# After saving the policy bob is not able to see to policy anymore. It only becomes visible after the Write permission is restored.
was:
Steps to reproduce the issue:
# Create users in Ranger alice, bob, and charlie. Alice has admin role, bob and charlie has user role.
# Create an HDFS policy with name "test-delegate-admin" as alice. In that policy there 2 policy items; one for bob, and the other for alice with RWX permissions with "Delegate Admin".
# Log in as bob, and edited the policy item for bob: removed Write permission.
# After saving the policy bob is not able to see to policy anymore. It only becomes visible after the Write permission was restored.
> User with delegated admin permission on a resource cannot fetch policy for the resource
> ---------------------------------------------------------------------------------------
>
> Key: RANGER-3462
> URL: https://issues.apache.org/jira/browse/RANGER-3462
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhay Kulkarni
> Assignee: Abhay Kulkarni
> Priority: Major
>
> Steps to reproduce the issue:
> # Create users in Ranger alice, bob, and charlie. Alice has admin role, bob and charlie has user role.
> # Create an HDFS policy with name "test-delegate-admin" as alice. In that policy there 2 policy items; one for bob, and the other for alice with RWX permissions with "Delegate Admin".
> # Log in as bob, and edited the policy item for bob: removed Write permission.
> # After saving the policy bob is not able to see to policy anymore. It only becomes visible after the Write permission is restored.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)