Madhan Neethiraj created RANGER-3966:
----------------------------------------
Summary: incorrect roles used in policy evaluation for custom
RangerAccessRequest impl
Key: RANGER-3966
URL: https://issues.apache.org/jira/browse/RANGER-3966
Project: Ranger
Issue Type: Bug
Components: plugins
Reporter: Madhan Neethiraj
Assignee: Madhan Neethiraj
At the start of evaluating an access request, Ranger plugin finds all roles
applicable for the user and user's groups, and saves them in request context
for later use during policy evaluation. However, request.roles is used in
couple of places instead of the roles saved in request context. This can
potentially result in incorrect results when a custom RangerAccessRequest
(which doesn't extend RangerAccessRequestImpl) is used.
The fix will be to make sure roles saved in context are used consistently
everywhere.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
