This is an automated email from the ASF dual-hosted git repository.

ramackri pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new 0274a6a0b RANGER-5657:Limit getAllModuleNames() to sys-admin sessions 
in SessionMgr (#1036)
0274a6a0b is described below

commit 0274a6a0bc9680a7640e97432f8cbd3217a1659c
Author: Ramachandran Krishnan <[email protected]>
AuthorDate: Sat Jul 4 20:21:09 2026 +0530

    RANGER-5657:Limit getAllModuleNames() to sys-admin sessions in SessionMgr 
(#1036)
    
    Co-authored-by: ramk <[email protected]>
---
 security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
index c0064a8f6..9b092b2f6 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
@@ -222,7 +222,7 @@ public void resetUserModulePermission(UserSessionBase 
userSession) {
         if (xUser != null) {
             List<String> permissionList;
 
-            if (userSession.isUserAdmin() || userSession.isKeyAdmin()) {
+            if (userSession.isUserAdmin()) {
                 permissionList = 
daoManager.getXXModuleDef().getAllModuleNames();
             } else {
                 permissionList = 
daoManager.getXXModuleDef().findAccessibleModulesByUserId(userSession.getUserId(),
 xUser.getId());

Reply via email to