Review Request 71580: RANGER-2603: Delegate Admin processing incorrectly giving policy access to user - due to owner policies

Abhay Kulkarni Thu, 03 Oct 2019 19:40:04 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71580/
-----------------------------------------------------------


Review request for ranger, Madhan Neethiraj and Velmurugan Periasamy.


Bugs: RANGER-2603
    https://issues.apache.org/jira/browse/RANGER-2603


Repository: ranger


Description
-------

A non-admin user is incorrectly allowed to view/edit resource policy if it 
allows delegated-admin access to {OWNER}


Diffs
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 3e00d1e5d 


Diff: https://reviews.apache.org/r/71580/diff/1/


Testing
-------

Tested with a patched cluster to ensure that the non-admin user cannot view 
policies to which they do not have delegated admin.


Thanks,

Abhay Kulkarni

Review Request 71580: RANGER-2603: Delegate Admin processing incorrectly giving policy access to user - due to owner policies

Reply via email to