----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73028/#review222216 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On Nov. 20, 2020, 2:43 a.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73028/ > ----------------------------------------------------------- > > (Updated Nov. 20, 2020, 2:43 a.m.) > > > Review request for ranger, Madhan Neethiraj, Ramesh Mani, Sailaja Polavarapu, > and Velmurugan Periasamy. > > > Bugs: RANGER-3083 > https://issues.apache.org/jira/browse/RANGER-3083 > > > Repository: ranger > > > Description > ------- > > If 'isDenyAllElse' flag is set in a Ranger policy, then the expected behavior > is that access is denied to all users and/or for access types not explicitly > allowed by the policy. However, such policy is not correctly evaluated if the > access type is '_any' (which is used by Ranger internally to evaluate certain > access operations). > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 24cb42496 > agents-common/src/test/resources/policyengine/test_policyengine_hdfs.json > 976cd2532 > agents-common/src/test/resources/policyengine/test_policyengine_hive.json > 52864a067 > > > Diff: https://reviews.apache.org/r/73028/diff/1/ > > > Testing > ------- > > Developed new unit test cases for HDFS and Hive to test the fix. > Ran all unit tests successfully. > > > Thanks, > > Abhay Kulkarni > >
