-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71493/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-2569
https://issues.apache.org/jira/browse/RANGER-2569
Repository: ranger
Description
-------
RANGER-2507 introduced flag isDenyAllElse in RangerPolicy to implicitly deny
accesses other than the ones granted in this policy. Such policies incorrectly
deny requests to check if the user has any access for a given resource - if the
policy explicitly doesn't allow the user any access. This is incorrect, as this
prevents other policies from being evaluated to check if they grant the user
any access.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
4c1402ac1
Diff: https://reviews.apache.org/r/71493/diff/1/
Testing
-------
Ran all unit tests successfully
Thanks,
Abhay Kulkarni
