[
https://issues.apache.org/jira/browse/RANGER-4086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17743758#comment-17743758
]
Dineshkumar Yadav commented on RANGER-4086:
-------------------------------------------
Hi [~abhishek.patil], As per designed Ranger Admin user can perform all
activity. so closing this jira.
> An admin user without permissions on all permission modules is able to view
> permissions module page and assign permissions to self
> ----------------------------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-4086
> URL: https://issues.apache.org/jira/browse/RANGER-4086
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhishek
> Assignee: Dineshkumar Yadav
> Priority: Major
>
> On the Ranger UI, create a new admin user and login as the newly created user
> in a different browser.
> Then remove the permissions for the user on any module.
> In the second browser, the newly created user is still able to access the
> permissions module page and is able to assign permissions to self.
> Ideally, if a user does not have access to all the permission modules, then
> the user should not be able to edit permissions,
> or if a user tries to remove permissions for an admin user, it should result
> in an error or a notification stating that permissions for admin users can't
> be removed
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
