[
https://issues.apache.org/jira/browse/RANGER-4771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18032422#comment-18032422
]
Madhan Neethiraj edited comment on RANGER-4771 at 10/24/25 4:36 AM:
--------------------------------------------------------------------
Merged in master -
[https://github.com/apache/ranger/commit/c731ac3a53f957bbd117c3d38b12c5b34c18d8ce]
ranger-2.8 branch:
[https://github.com/apache/ranger/commit/ee575c4bce0fa5e32e4ce324edc8cf121aee1897]
was (Author: JIRAUSER298659):
Merged in master -
https://github.com/apache/ranger/commit/c731ac3a53f957bbd117c3d38b12c5b34c18d8ce
> Remove the calls to ensureAdminAccess() in grantAccess() and revokeAccess()
> ---------------------------------------------------------------------------
>
> Key: RANGER-4771
> URL: https://issues.apache.org/jira/browse/RANGER-4771
> Project: Ranger
> Issue Type: Task
> Components: admin
> Affects Versions: 3.0.0, 2.8.0
> Reporter: Fang-Yu Rao
> Assignee: Sanket Shelar
> Priority: Major
> Fix For: 3.0.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> We added calls to {*}ensureAdminAccess{*}() in {*}grantAccess{*}() and
> {*}revokeAccess{*}() in RANGER-4445.
> But according to
> [https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1251]
> and
> [https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1492],
> {*}grantAccess{*}() and {*}revokeAccess{*}() are open API's. Thus, it seems
> we could safely remove the calls to {*}ensureAdminAccess{*}() in these 2
> places.
> Removing the calls to {*}ensureAdminAccess{*}() also allows the users of
> other Apache components, e.g., Apache Impala, to test the integration with
> Apache Ranger, since at the moment Apache Impala stills relies on
> {*}grantAccess{*}() and {*}revokeAccess{*}() to perform authorization-related
> tests.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
