----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70146/#review213503 -----------------------------------------------------------
Ship it! Ship It! - madhan On March 6, 2019, 11:22 p.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70146/ > ----------------------------------------------------------- > > (Updated March 6, 2019, 11:22 p.m.) > > > Review request for ranger, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, > and Velmurugan Periasamy. > > > Bugs: RANGER-2343 > https://issues.apache.org/jira/browse/RANGER-2343 > > > Repository: ranger > > > Description > ------- > > When a resource, which belongs to a certain security zone, is accessed, > Ranger plugin should evaluates only those policies which are associated with > the security zone. Although resource-based policies to evaluate are selected > in this way, all tag policies belonging to the tag-service associated with > the resource-based service are currently evaluated - instead of only those > tag policies which are in the same security zone. > > When policy engine evaluates tag policies, it now ignores those that do not > have the same zoneName as the resource being evaluated for access. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java > e239c8962 > > > Diff: https://reviews.apache.org/r/70146/diff/1/ > > > Testing > ------- > > Ran tests successfully > > > Thanks, > > Abhay Kulkarni > >
