-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71493/
-----------------------------------------------------------

Review request for ranger and Madhan Neethiraj.


Bugs: RANGER-2569
    https://issues.apache.org/jira/browse/RANGER-2569


Repository: ranger


Description
-------

RANGER-2507 introduced flag isDenyAllElse in RangerPolicy to implicitly deny 
accesses other than the ones granted in this policy. Such policies incorrectly 
deny requests to check if the user has any access for a given resource - if the 
policy explicitly doesn't allow the user any access. This is incorrect, as this 
prevents other policies from being evaluated to check if they grant the user 
any access.


Diffs
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 4c1402ac1 


Diff: https://reviews.apache.org/r/71493/diff/1/


Testing
-------

Ran all unit tests successfully


Thanks,

Abhay Kulkarni

Reply via email to