Dhaval Rajpara created RANGER-4450: -------------------------------------- Summary: Inconsistencies in API (service/plugins/definitions) response when user has insufficient permissions. Key: RANGER-4450 URL: https://issues.apache.org/jira/browse/RANGER-4450 Project: Ranger Issue Type: Improvement Components: Ranger Affects Versions: 3.0.0 Reporter: Dhaval Rajpara
API : *service/plugins/definitions* This API provides extensive information on service definitions(Resource base Policies module and tag base Policies module) in JSON format. Case 1 : 1) Remove user permission from the resources base module and only allow tag base module permission to that user. 2) Login with that user. This API retunes 403 forbidden for that user. 3) However the same user can get resource base policy definition information through Name and ID For example: service/plugins/definitions/name/hdfs, service/plugins/definitions/name/hbase Any reason why we restrict this API (service/plugins/definitions) for user roles? We want this API open for optimization performance in Ranger React UI. CC : [~madhan] / [~abhay] / [~pradeep] / [~dineshkumar-yadav] /[~mehul] -- This message was sent by Atlassian Jira (v8.20.10#820010)