[
https://issues.apache.org/jira/browse/RANGER-5610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramesh Mani reassigned RANGER-5610:
-----------------------------------
Assignee: Ramesh Mani
> getResourceACLs for a principal should consider validitySchedule of principal
> for ACL creation
> ----------------------------------------------------------------------------------------------
>
> Key: RANGER-5610
> URL: https://issues.apache.org/jira/browse/RANGER-5610
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 3.0.0
> Reporter: Ramesh Mani
> Assignee: Ramesh Mani
> Priority: Major
> Fix For: 3.0.0
>
>
> getResourceACLs for a principal should consider validitySchedule of principal
> for ACL creation. Currently getResourceACLs returns a set of ACLs for the
> principal but if the principal is has a validity period which is expired, it
> is giving the ACLs which are there which is not correct.
> This scenario occurs in GDS where a principal validity period is expired and
> ACL still show the access given, even though there is no access.
> Show Privileges in RangerHiveAuthorizer uses the getResourceACLs which also
> result in wrong permission sets shown when the principal validity period
> expired.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
