[ https://issues.apache.org/jira/browse/RANGER-3535?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ramesh Mani updated RANGER-3535: -------------------------------- Fix Version/s: 3.0.0 > A delegate admin user should be able to add another user with all or subset > of permissions they have > ---------------------------------------------------------------------------------------------------- > > Key: RANGER-3535 > URL: https://issues.apache.org/jira/browse/RANGER-3535 > Project: Ranger > Issue Type: Bug > Components: Ranger > Reporter: Abhay Kulkarni > Assignee: Abhay Kulkarni > Priority: Major > Fix For: 3.0.0 > > > Steps to reproduce: > # Login to Ranger Admin as admin user > # Create normal users (steve, peter, erwin, bob) in Ranger Admin > # Create new policy p1 with resource /p1 & allowed users steve (read, > delegate-admin) & peter (read, delegate-admin) > # Create new policy p2 with resource /p2 & allowed users steve (read, write, > delegate-admin) & peter (read, delegate-admin) > # Create new policy p3 with resource /p3 & allowed users steve (write, > delegate-admin) & peter (read, delegate-admin) > # Create new policy p4 with resource /p4 & allowed users bob (read, write) & > peter (read, delegate-admin) > # Log out as admin user, and login again as peter > # Try to add user erwin (read) in p1, p2, p3 & p4 > # delegate admin user peter should be able to add user erwin in all > policies, but other than p1 rest all fails. > Requirement: > # Delegate admin user should be able to add other users with permissions > less or equal to his/ her. > # Delegate admin user should not be able to add other users with permission > more than what he/ she possesses. Basically he/ she can give permissions, all > or sub-set of permissions he/ she possesses. > # Delegate admin user should not be able to add more permissions to his own. -- This message was sent by Atlassian Jira (v8.20.1#820001)