This is an automated email from the ASF dual-hosted git repository.
ramackri pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 0274a6a0b RANGER-5657:Limit getAllModuleNames() to sys-admin sessions
in SessionMgr (#1036)
0274a6a0b is described below
commit 0274a6a0bc9680a7640e97432f8cbd3217a1659c
Author: Ramachandran Krishnan <[email protected]>
AuthorDate: Sat Jul 4 20:21:09 2026 +0530
RANGER-5657:Limit getAllModuleNames() to sys-admin sessions in SessionMgr
(#1036)
Co-authored-by: ramk <[email protected]>
---
security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
index c0064a8f6..9b092b2f6 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
@@ -222,7 +222,7 @@ public void resetUserModulePermission(UserSessionBase
userSession) {
if (xUser != null) {
List<String> permissionList;
- if (userSession.isUserAdmin() || userSession.isKeyAdmin()) {
+ if (userSession.isUserAdmin()) {
permissionList =
daoManager.getXXModuleDef().getAllModuleNames();
} else {
permissionList =
daoManager.getXXModuleDef().findAccessibleModulesByUserId(userSession.getUserId(),
xUser.getId());