theoryxu commented on code in PR #5629:
URL: https://github.com/apache/gravitino/pull/5629#discussion_r1855678616
##########
authorizations/authorization-ranger/src/main/java/org/apache/gravitino/authorization/ranger/RangerHelper.java:
##########
@@ -86,6 +86,9 @@ public RangerHelper(
*/
void checkPolicyItemAccess(RangerPolicy.RangerPolicyItem policyItem)
throws AuthorizationPluginException {
+ if (!isGravitinoManagedPolicyItemAccess(policyItem)) {
+ return;
Review Comment:
You are right. I modified the function but did not change the comment, so it
caused confusion.
There are two types of policy items:
* Gravitino managed policy items: They contain one privilege each.
* User-defined policy items: They could contain multiple privileges and
not be managed and checked by Gravitino.
I have fixed the comment now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
