[ https://issues.apache.org/jira/browse/RANGER-2618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16953661#comment-16953661 ]
Nikhil Purbhe commented on RANGER-2618: --------------------------------------- patch committed on apache [master|https://github.com/apache/ranger/commit/c267ee7ef05078eea77770f7a4701d3189d05ca1] > Restrict rolename change when a policy/another role with that role exist > ------------------------------------------------------------------------ > > Key: RANGER-2618 > URL: https://issues.apache.org/jira/browse/RANGER-2618 > Project: Ranger > Issue Type: Bug > Components: admin > Reporter: suja s > Assignee: Nikhil Purbhe > Priority: Major > > When we try to delete a role associated with a ranger policy, the operation > is not allowed. Likewise, role edit for rolename change also should be > restricted. > Reason: > Rolename edit is allowed and the ranger policy still exists with old rolename > reference. Policy enforcement happens as per old policy. Rolename change is > not taken into consideration during policy download. > similarly for role which exist in another role rolename update should be > restricted -- This message was sent by Atlassian Jira (v8.3.4#803005)