[
https://issues.apache.org/jira/browse/RANGER-4820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Abhay Kulkarni reassigned RANGER-4820:
--------------------------------------
Assignee: Abhay Kulkarni
> Support authorization of multiple accesses grouped by access groups in one
> policy engine call
> ---------------------------------------------------------------------------------------------
>
> Key: RANGER-4820
> URL: https://issues.apache.org/jira/browse/RANGER-4820
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Reporter: Abhay Kulkarni
> Assignee: Abhay Kulkarni
> Priority: Major
>
> Currently, Ranger policy engine supports authorization of multiple accesses
> for a given resource in a single call to the Ranger plugin's
> isAccessAllowed() API. However, it has some limitations which are addressed
> by this JIRA.
> Limitation: If multiple accesses are to be authorized, then the current
> authorization logic in Ranger policy engine is designed to allow the request
> to succeed (that is, grant access) only if all requested accesses are granted.
> This Jira supports organizing accesses in groups where each group is granted
> access if any access in the group is allowed, and the request is successful
> (that is, user is allowed access) only if all groups are granted access.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
