----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74386/#review225359 -----------------------------------------------------------
Ship it! Ship It! - Monika Kachhadiya On April 8, 2023, 1:10 a.m., Madhan Neethiraj wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74386/ > ----------------------------------------------------------- > > (Updated April 8, 2023, 1:10 a.m.) > > > Review request for ranger, Abhishek Kumar, Anand Nadar, Ankita Sinha, Kishor > Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Monika Kachhadiya, Pradeep > Agrawal, Ramesh Mani, Sailaja Polavarapu, Subhrat Chaudhary, Tejas Patil, and > Velmurugan Periasamy. > > > Bugs: RANGER-4177 > https://issues.apache.org/jira/browse/RANGER-4177 > > > Repository: ranger > > > Description > ------- > > - updated policy create/update to fail when the policy references > non-existing users/groups/roles > - added an option to create missing users/groups/roles for admin users via > query parameter named createPrincipalsIfAbsent > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java > 4581112fe > security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java > 562467e80 > security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java > 89bffa7c9 > security-admin/src/main/java/org/apache/ranger/common/UserSessionBase.java > 6decee33b > > > Diff: https://reviews.apache.org/r/74386/diff/1/ > > > Testing > ------- > > - verified that policy create/update fails when the policy references > non-existing users/groups/roles > - verified that for admin users, such policy create/update succeeds with > query parameter createPrincipalsIfAbsent=true, > - verified that for non-admin users, such policy create/update fails even > with query parameter createPrincipalsIfAbsent=true > > > Thanks, > > Madhan Neethiraj > >
