----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73567/#review223442 -----------------------------------------------------------
Fix it, then Ship it! agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java Lines 628 (patched) <https://reviews.apache.org/r/73567/#comment312534> This method has references to 'policy' (parameter to this method) and 'getPolicy()'. Consider replacing 'getPolicy()' usage with 'policy'. - Madhan Neethiraj On Sept. 3, 2021, 10:55 p.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73567/ > ----------------------------------------------------------- > > (Updated Sept. 3, 2021, 10:55 p.m.) > > > Review request for ranger, Madhan Neethiraj, Ramesh Mani, Sailaja Polavarapu, > and Velmurugan Periasamy. > > > Bugs: RANGER-3397 > https://issues.apache.org/jira/browse/RANGER-3397 > > > Repository: ranger > > > Description > ------- > > Currently, getResourceACLs() API does not include chained-plugins into its > computation. Also, as users and groups for a given Ranger Role can be > completely resolved using Ranger's own database, it is useful to optionally > expand Roles to their constituent users and groups and report ACLs for users > and groups only. > > Resolving roles to user/groups is controlled by the configuration parameter : > "ranger.admin.policyengine.option.disable.role.resolution" (for ranger-admin > server), and > "ranger.plugin.<service-type>.policyengine.option.disable.role.resolution" > (for plugins). If set to true, roles are not resolved to their constituent > users/groups when computing ACLs. By default, the value of this parameter is > "true". > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngine.java > 7a4bb12fb > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java > 9e0a89eb9 > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineOptions.java > 0816ec170 > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 02a096fca > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerPolicyEvaluator.java > 0157c0047 > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java > 7e0894d7d > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerChainedPlugin.java > 0fca2d923 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRolesUtil.java > a6e461c4e > > agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyACLs.java > d2983a27c > agents-common/src/test/resources/policyengine/test_aclprovider_hdfs.json > PRE-CREATION > hdfs-agent/src/test/resources/aclprovider/test_aclprovider_default.json > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73567/diff/1/ > > > Testing > ------- > > Passed all unit tests. > > > Thanks, > > Abhay Kulkarni > >
