[
https://issues.apache.org/jira/browse/RANGER-3663?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17505163#comment-17505163
]
kirby zhou commented on RANGER-3663:
------------------------------------
Some API returns 400 instead of 401 if user-session is not available after
applying this patch.
Is it OK?
For example:
@Path("/services/grant/{serviceName}")
@Produces({ "application/json", "application/xml" })
public ServiceRest::RESTResponse grantAccess()
calls
ServiceDBStore::createPolicy
calls
PolicyRefUpdater::createNewPolMappingForRefTable
calls
RangerBizUtils::checkAdminAccess
It is used to throw exception with
vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
Now throw exception with
gjResponse.setStatusCode(HttpServletResponse.SC_BAD_REQUEST);
> RangerBizUtil.checkAdminAccess() should return false if user-session is not
> available
> -------------------------------------------------------------------------------------
>
> Key: RANGER-3663
> URL: https://issues.apache.org/jira/browse/RANGER-3663
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Abhay Kulkarni
> Assignee: Abhay Kulkarni
> Priority: Major
>
> Instead of throwing exception, RangerBizUtil.checkAdminAccess() should return
> false if user-session is not available.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
