[jira] [Updated] (RANGER-3083) denyAllElse policy does not handle access request with access-type of '_any'

Ramesh Mani (Jira) Tue, 24 Aug 2021 16:36:06 -0700


     [ 
https://issues.apache.org/jira/browse/RANGER-3083?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ramesh Mani updated RANGER-3083:
--------------------------------
    Fix Version/s: 2.2.0
                   3.0.0

> denyAllElse policy does not handle access request with access-type of '_any'
> ----------------------------------------------------------------------------
>
>                 Key: RANGER-3083
>                 URL: https://issues.apache.org/jira/browse/RANGER-3083
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>            Reporter: Abhay Kulkarni
>            Assignee: Abhay Kulkarni
>            Priority: Major
>             Fix For: 3.0.0, 2.2.0
>
>
> If 'isDenyAllElse' flag is set in a Ranger policy, then the expected behavior 
> is that access is denied to all users and/or for access types not explicitly 
> allowed by the policy. However, such policy is not correctly evaluated if the 
> access type is '_any' (which is used by Ranger internally to evaluate certain 
> access operations). 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-3083) denyAllElse policy does not handle access request with access-type of '_any'

Reply via email to