----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71614/#review218219 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java Lines 157 (patched) <https://reviews.apache.org/r/71614/#comment305811> "it is already present in policy" => "it is referenced in one or more policies" security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java Lines 159 (patched) <https://reviews.apache.org/r/71614/#comment305812> In addition to looking for references in policies, shouldn't references from other roles be checked as well? - Madhan Neethiraj On Oct. 15, 2019, 1:46 p.m., Nikhil P wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71614/ > ----------------------------------------------------------- > > (Updated Oct. 15, 2019, 1:46 p.m.) > > > Review request for ranger, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, > Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and > Velmurugan Periasamy. > > > Bugs: RANGER-2617 > https://issues.apache.org/jira/browse/RANGER-2617 > > > Repository: ranger > > > Description > ------- > > Scenario: > Create a role r1 > Create a ranger policy for role r1 > Try to delete role > Role delete is not allowed as a policy exists with the specified role. > > Response: XXRole can't be deleted > > Expected: > Descriptive message with details on why the operation is not allowed > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java > dfc5be89d > > > Diff: https://reviews.apache.org/r/71614/diff/2/ > > > Testing > ------- > > Tested on local VM if descriptive response is given If role delete is not > allowed. > > > Thanks, > > Nikhil P > >
