Ramesh Mani created RANGER-5610:
-----------------------------------
Summary: getResourceACLs for a principal should consider
validitySchedule of principal for ACL creation
Key: RANGER-5610
URL: https://issues.apache.org/jira/browse/RANGER-5610
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 3.0.0
Reporter: Ramesh Mani
Fix For: 3.0.0
getResourceACLs for a principal should consider validitySchedule of principal
for ACL creation. Currently getResourceACLs returns a set of ACLs for the
principal but if the principal is has a validity period which is expired, it is
giving the ACLs which are there which is not correct.
This scenario occurs in GDS where a principal validity period is expired and
ACL still show the access given, even though there is no access.
Show Privileges in RangerHiveAuthorizer uses the getResourceACLs which also
result in wrong permission sets shown when the principal validity period
expired.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
