----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/49687/#review140955 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On July 6, 2016, 5:12 a.m., Ankita Sinha wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/49687/ > ----------------------------------------------------------- > > (Updated July 6, 2016, 5:12 a.m.) > > > Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, > Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan > Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-1078 > https://issues.apache.org/jira/browse/RANGER-1078 > > > Repository: ranger > > > Description > ------- > > **Problem Statement** > 1. If user was not premitted to Grant/Revoke then user was not give access to > do so but audit access log was showing success > 2. "policy.grantrevoke.auth.users" list property was not checking premission > against grantor it was checking against login user. > > **Actual Behaviour** > 1. If user is not permitted to do Grant/Revoke, Audit Access log should show > proper failure > 2. "policy.grantrevoke.auth.users" list property should check for grantor user > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java > c769ae4 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 6146984 > > Diff: https://reviews.apache.org/r/49687/diff/ > > > Testing > ------- > > Tested for Grant and Revoke > > > Thanks, > > Ankita Sinha > >
