Review Request 74044: RANGER-3814: fix for incorrect result from IS_IN_ROLE(roleName) condition

Madhan Neethiraj Wed, 29 Jun 2022 13:09:01 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74044/
-----------------------------------------------------------


Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor Gollapalliwar, 
Abhay Kulkarni, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, Subhrat 
Chaudhary, and Velmurugan Periasamy.


Bugs: RANGER-3814
    https://issues.apache.org/jira/browse/RANGER-3814


Repository: ranger


Description
-------

updated RangerDefaultRequestProcessor to populate request.userRoles, in 
addition to setting in the context


Diffs
-----

  
agents-common/src/main/java/org/apache/ranger/plugin/policyevaluator/RangerDefaultPolicyEvaluator.java
 c514a86a3 
  
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerDefaultRequestProcessor.java
 ac9ce8faa 
  
agents-common/src/test/resources/policyengine/test_policyengine_with_roles.json 
c8352cc3b 


Diff: https://reviews.apache.org/r/74044/diff/1/


Testing
-------

- updated unit tests to cover IS_IN_ROLE(roleName) condition
- fixed RangerDefaultPolicyEvaluator.lookupPolicyACLSummary() to look into role 
access only when access is not determined by user/groups


Thanks,

Madhan Neethiraj

Review Request 74044: RANGER-3814: fix for incorrect result from IS_IN_ROLE(roleName) condition

Reply via email to