[jira] [Created] (RANGER-4677) grantor and grant option not correctly populated in response of "show role grant" command

Sun, 28 Jan 2024 22:59:03 -0800 

Kundan Kumar Jha created RANGER-4677:
----------------------------------------

             Summary: grantor and grant option not correctly populated in 
response of "show role grant" command
                 Key: RANGER-4677
                 URL: https://issues.apache.org/jira/browse/RANGER-4677
             Project: Ranger
          Issue Type: Bug
          Components: Ranger
            Reporter: Kundan Kumar Jha


PROBLEM STATEMENT:
Response from "show role grant user \{user_name}" is not returning correct 
grantor and grant_option in response.

STEPS TO REPRODUCE:
1. Kinit as "admin" user and then login to beeline.

2. Create role "some_new_role" from beeline using the command
{code:java}
create role some_new_role;{code}
3. Then grant that role to "user_1" using following command
{code:java}
grant role some_new_role to user user_1 with admin option;{code}
4. Then exit from beeline. And kinit as "user_1" and login to beeline.

5. Then grant the role "some_new_role" to "user_2" using following command
{code:java}
grant role some_new_role to user user_2 with admin option;{code}
6. Then exit from beeline. And kinit as "user_2" and login to beeline.

7. Then run the following command to get the role grant for user "user_2".
{code:java}
show role grant user user_2; {code}
Then the result of the above command looks like:
{code:java}
+----------------+---------------+----------------+----------+
|      role      | grant_option  |   grant_time   | grantor  |
+----------------+---------------+----------------+----------+
| some_new_role  | false         | 1696326074000  | admin    |
+----------------+---------------+----------------+----------+ {code}
CURRENT BEHAVIOUR:

The role "some_new_role" is granted to "user_2" by "user_1" with admin option 
but as we can see in the response above has grant_option "false" and grantor as 
"admin" instead of "grant_option" true and grantor as "user_1".

EXPECTED BEHAVIOUR:
In the above response for role grant command for user user_2 the grant_option 
should be "true" and the grantor will be "user_1".

IMPACT:
Not able to get correct grantor and grant_option for a role grant to a user.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to