----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74308/#review225188 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On Feb. 16, 2023, 1:31 a.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74308/ > ----------------------------------------------------------- > > (Updated Feb. 16, 2023, 1:31 a.m.) > > > Review request for ranger, madhan and Madhan Neethiraj. > > > Bugs: RANGER-3999 > https://issues.apache.org/jira/browse/RANGER-3999 > > > Repository: ranger > > > Description > ------- > > When ANY_ACCESS is requested, the policy matching algorithm returns match if > match-type is not NONE. However, the current check for ANY_ACCESS checks not > only the request's access-type but also the value in the request's context. > As the request's context's attribute ISANYACCESS may be set up for processing > any of the multiple accesses specified in the context's ACCESSTYPES > attribute, only request's access-type needs to be checked to determine if the > policy matches. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 9a0df550c > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerAccessRequestUtil.java > a51f2322a > > agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java > eb3d0ff46 > agents-common/src/test/resources/policyengine/test_policyengine_hive.json > 0544feb14 > > > Diff: https://reviews.apache.org/r/74308/diff/2/ > > > Testing > ------- > > Compiles clean and passes all unit tests. > > > Thanks, > > Abhay Kulkarni > >
