> On Oct. 15, 2019, 9:59 p.m., Madhan Neethiraj wrote: > > security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java > > Lines 159 (patched) > > <https://reviews.apache.org/r/71614/diff/2/?file=2169119#file2169119line159> > > > > In addition to looking for references in policies, shouldn't references > > from other roles be checked as well?
yes, it should be checked. - Nikhil ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71614/#review218219 ----------------------------------------------------------- On Oct. 16, 2019, 2:56 p.m., Nikhil P wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71614/ > ----------------------------------------------------------- > > (Updated Oct. 16, 2019, 2:56 p.m.) > > > Review request for ranger, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, > Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and > Velmurugan Periasamy. > > > Bugs: RANGER-2617 > https://issues.apache.org/jira/browse/RANGER-2617 > > > Repository: ranger > > > Description > ------- > > Scenario: > Create a role r1 > Create a ranger policy for role r1 > Try to delete role > Role delete is not allowed as a policy exists with the specified role. > > Response: XXRole can't be deleted > > Expected: > Descriptive message with details on why the operation is not allowed > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java > dfc5be89d > > > Diff: https://reviews.apache.org/r/71614/diff/3/ > > > Testing > ------- > > Tested on local VM if descriptive response is given If role delete is not > allowed. > > > Thanks, > > Nikhil P > >
