----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74304/#review225180 -----------------------------------------------------------
agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java Line 704 (original), 706 (patched) <https://reviews.apache.org/r/74304/#comment313937> Shouldn't requestedAccess be added even when impliedGrants is not empty? Consider replacing #705 - #709 with: allRequestedAccesses.add(requestedAccess); allRequestedAccesses.addAll(impliedGrants); - Madhan Neethiraj On Feb. 11, 2023, 9:59 p.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74304/ > ----------------------------------------------------------- > > (Updated Feb. 11, 2023, 9:59 p.m.) > > > Review request for ranger, madhan and Madhan Neethiraj. > > > Bugs: RANGER-3999 > https://issues.apache.org/jira/browse/RANGER-3999 > > > Repository: ranger > > > Description > ------- > > This patch addresses the following to an earlier patch for RANGER-3999: > - Add API to request-context to control how multiple resources' evaluation is > combined to compute composite result (EITHER or EVERY) > - Clean up - use existing APIs where possible > - Explication of "_ANY" access-type to avoid duplicate access-types which > have implied grants > - Add a few logging messages > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java > 4f65d3da2 > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 55752e79c > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java > 0ebb9cba5 > > > Diff: https://reviews.apache.org/r/74304/diff/1/ > > > Testing > ------- > > Passed all unit tests > > > Thanks, > > Abhay Kulkarni > >
