----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71493/#review217773 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On Sept. 17, 2019, 6:34 a.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71493/ > ----------------------------------------------------------- > > (Updated Sept. 17, 2019, 6:34 a.m.) > > > Review request for ranger and Madhan Neethiraj. > > > Bugs: RANGER-2569 > https://issues.apache.org/jira/browse/RANGER-2569 > > > Repository: ranger > > > Description > ------- > > RANGER-2507 introduced flag isDenyAllElse in RangerPolicy to implicitly deny > accesses other than the ones granted in this policy. Such policies > incorrectly deny requests to check if the user has any access for a given > resource - if the policy explicitly doesn't allow the user any access. This > is incorrect, as this prevents other policies from being evaluated to check > if they grant the user any access. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 4c1402ac1 > > > Diff: https://reviews.apache.org/r/71493/diff/1/ > > > Testing > ------- > > Ran all unit tests successfully > > > Thanks, > > Abhay Kulkarni > >
