-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49687/
-----------------------------------------------------------
Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni,
Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan
Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-1078
https://issues.apache.org/jira/browse/RANGER-1078
Repository: ranger
Description
-------
**Problem Statement**
1. If user was not premitted to Grant/Revoke then user was not give access to
do so but audit access log was showing success
2. "policy.grantrevoke.auth.users" list property was not checking premission
against grantor it was checking against login user.
**Actual Behaviour**
1. If user is not permitted to do Grant/Revoke, Audit Access log should show
proper failure
2. "policy.grantrevoke.auth.users" list property should check for grantor user
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java c769ae4
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 6146984
Diff: https://reviews.apache.org/r/49687/diff/
Testing
-------
Tested for Grant and Revoke
Thanks,
Ankita Sinha
