-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70146/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and
Velmurugan Periasamy.
Bugs: RANGER-2343
https://issues.apache.org/jira/browse/RANGER-2343
Repository: ranger
Description
-------
When a resource, which belongs to a certain security zone, is accessed, Ranger
plugin should evaluates only those policies which are associated with the
security zone. Although resource-based policies to evaluate are selected in
this way, all tag policies belonging to the tag-service associated with the
resource-based service are currently evaluated - instead of only those tag
policies which are in the same security zone.
When policy engine evaluates tag policies, it now ignores those that do not
have the same zoneName as the resource being evaluated for access.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java
e239c8962
Diff: https://reviews.apache.org/r/70146/diff/1/
Testing
-------
Ran tests successfully
Thanks,
Abhay Kulkarni
