-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73466/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani,
Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-3343
https://issues.apache.org/jira/browse/RANGER-3343
Repository: ranger
Description
-------
There are two external users : diasmi(user role) and diasmi_admin (admin role).
diasmi is granted a delegated admin privilege on some resource.
Log in to Ranger admin GUI from as diasmi_admin and change the policy (first
policy item) for the resource.
Wait for policy sync. policy cache json is correct and it has both policy item
entries.
Log in to Ranger admin GUI as diasmi user and change the policy to add another
policy item (second policy-item) with the delegated-admin box unchecked.
Wait for policy sync. policy cache json is incorrect and it has only first
policy item entry.
Ensured that the policy cache is not modified during creation of
delegated-admin processing policy engine.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerAbstractPolicyEvaluator.java
99ae598a0
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
03e37fe3d
Diff: https://reviews.apache.org/r/73466/diff/1/
Testing
-------
Tested the scenario and ensured that the Policy-cache is not modified, and the
downloaded policies are same as the database copy.
Thanks,
Abhay Kulkarni
