Fang-Yu Rao created RANGER-4771:
-----------------------------------
Summary: Remove the calls to ensureAdminAccess() in grantAccess()
and revokeAccess()
Key: RANGER-4771
URL: https://issues.apache.org/jira/browse/RANGER-4771
Project: Ranger
Issue Type: Task
Components: admin
Reporter: Fang-Yu Rao
We added calls to {*}ensureAdminAccess{*}() in {*}grantAccess{*}() and
{*}revokeAccess{*}() in RANGER-4445.
But according to
[https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1251]
and
[https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1492],
{*}grantAccess{*}() and {*}revokeAccess{*}() are open API's. Thus, it seems we
could safely remove the calls to {*}ensureAdminAccess{*}() in these 2 places.
Removing the calls to {*}ensureAdminAccess{*}() also allows the users of other
Apache components, e.g., Apache Impala, to test the integration with Apache
Ranger, since at the moment Apache Impala stills relies on {*}grantAccess{*}()
and {*}revokeAccess{*}() to perform authorization-related tests.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
