----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74423/#review225432 -----------------------------------------------------------
Fix it, then Ship it! agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java Line 283 (original), 283 (patched) <https://reviews.apache.org/r/74423/#comment314044> Consider replacing "getPolicy().getId()" with "getPolicyId()". - Madhan Neethiraj On May 3, 2023, 4:32 a.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74423/ > ----------------------------------------------------------- > > (Updated May 3, 2023, 4:32 a.m.) > > > Review request for ranger, madhan, Madhan Neethiraj, Pradeep Agrawal, and > Ramesh Mani. > > > Bugs: RANGER-4219 > https://issues.apache.org/jira/browse/RANGER-4219 > > > Repository: ranger > > > Description > ------- > > 1. users "test" and user has its own database "utest" > 2. Ranger policy to grant permissions: > — > Database: u > > {USER} > table: * > columns: * > > Allow Conditions: user: {USER} > > permission: ALL +Delegate Admin > — > > The grant does not work for Impala GRANTs. The following error is seen. > > > GRANT SELECT ON TABLE utest.testtable TO ROLE rolename; > > The response is: > InternalException: Error granting a privilege in Ranger. Ranger error > message: HTTP 403 Error: User doesn't have necessary permission to grant > access > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java > 96e232b43 > > > Diff: https://reviews.apache.org/r/74423/diff/1/ > > > Testing > ------- > > Compiled and ran unit tests successfully. > Verified the fix using cURL command to invoke secureGrant REST endpoint. > > > Thanks, > > Abhay Kulkarni > >
