----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74359/ -----------------------------------------------------------
(Updated March 31, 2023, 1:18 p.m.) Review request for ranger, Dhaval Rajpara, Madhan Neethiraj, Mehul Parikh, Mugdha Varadkar, Nikunj Pansuriya, and Nitin Galave. Bugs: RANGER-4146 https://issues.apache.org/jira/browse/RANGER-4146 Repository: ranger Description ------- Ranger provides service-def option enableDenyAndExceptionsInPolicies to support services where explicit deny and expception are not feasible - for example services like Elasticsearch, Kylin, Nifi-Registry, Nifi, Sqoop. For such services, policy UI shows only allow policy items in resource-based policies. However, tag-based policies are common across all service-types, hence deny and exception policy-items are shown in policy UI. This allows users to setup tag-based policies to deny access to users/group/roles - even though they may not work for above services. To eliminate confusion, tag-based policy UI should not show permissions in deny and expception policy-items for service-types that don’t support deny and exceptions i.e., service-defs having options.enableDenyAndExceptionsInPolicies=false. Diffs (updated) ----- security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogDetail.jsx 7f43260ce313193044f068f6854b25bce61d8fb6 security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AccessLogs.jsx 6fa85ad8c93c85686567ac59adbadb131701896b security-admin/src/main/webapp/react-webapp/src/views/AuditEvent/AdminLogs/PolicyViewDetails.jsx abc9942f92da5f5e98a783d9f3f6bfded960fb0b security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/AddUpdatePolicyForm.jsx a1e5731a6367787c502ad2ca22f4567eafa48c16 security-admin/src/main/webapp/react-webapp/src/views/PolicyListing/TagBasePermissionItem.jsx a1b31e366371f72a6f29b783c33d3617136d43ee security-admin/src/main/webapp/react-webapp/src/views/Reports/SearchPolicyTable.jsx 79ca5c55fa75eab1c5a3381aa0414984ff35a41b Diff: https://reviews.apache.org/r/74359/diff/2/ Changes: https://reviews.apache.org/r/74359/diff/1-2/ Testing ------- 1)Build and Verified Ranger Admin setup with this changes. 2)Verified the Following things:- - CRUD operation on policy form. Thanks, Brijesh Bhalala