-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73028/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj, Ramesh Mani, Sailaja Polavarapu,
and Velmurugan Periasamy.
Bugs: RANGER-3083
https://issues.apache.org/jira/browse/RANGER-3083
Repository: ranger
Description
-------
If 'isDenyAllElse' flag is set in a Ranger policy, then the expected behavior
is that access is denied to all users and/or for access types not explicitly
allowed by the policy. However, such policy is not correctly evaluated if the
access type is '_any' (which is used by Ranger internally to evaluate certain
access operations).
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
24cb42496
agents-common/src/test/resources/policyengine/test_policyengine_hdfs.json
976cd2532
agents-common/src/test/resources/policyengine/test_policyengine_hive.json
52864a067
Diff: https://reviews.apache.org/r/73028/diff/1/
Testing
-------
Developed new unit test cases for HDFS and Hive to test the fix.
Ran all unit tests successfully.
Thanks,
Abhay Kulkarni
