Dhaval Rajpara created RANGER-4450:
--------------------------------------
Summary: Inconsistencies in API (service/plugins/definitions)
response when user has insufficient permissions.
Key: RANGER-4450
URL: https://issues.apache.org/jira/browse/RANGER-4450
Project: Ranger
Issue Type: Improvement
Components: Ranger
Affects Versions: 3.0.0
Reporter: Dhaval Rajpara
API : *service/plugins/definitions*
This API provides extensive information on service definitions(Resource base
Policies module and tag base Policies module) in JSON format.
Case 1 :
1) Remove user permission from the resources base module and only allow tag
base module permission to that user.
2) Login with that user. This API retunes 403 forbidden for that user.
3) However the same user can get resource base policy definition information
through Name and ID
For example: service/plugins/definitions/name/hdfs,
service/plugins/definitions/name/hbase
Any reason why we restrict this API (service/plugins/definitions) for user
roles?
We want this API open for optimization performance in Ranger React UI.
CC : [~madhan] / [~abhay] / [~pradeep] / [~dineshkumar-yadav] /[~mehul]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
