-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74823/
-----------------------------------------------------------
(Updated Jan. 8, 2024, 10:20 p.m.)
Review request for ranger, madhan, Madhan Neethiraj, Mahesh Bandal, Pradeep
Agrawal, Ramesh Mani, and Velmurugan Periasamy.
Changes
-------
Addressed review comment
Bugs: RANGER-4639
https://issues.apache.org/jira/browse/RANGER-4639
Repository: ranger
Description
-------
When a chained plugin is configured, for every access request processed by the
parent plugin is also processed by chained plugin. It may be appropriate, in
some cases, under a configuration option, to bypass the evaluation of chained
plugin when an applicable policy is found by the parent plugin.
This is controlled by a configuration parameter:
ranger.plugin.<base-plugin-type>.bypass.chained.plugin.evaluation.if.access.is.determined
with a default value of false. If it is set to true, then the chanined plugin
evaluation will be bypassed - if the base-plugin found applicable policy.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
5d6c3d97c
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerChainedPlugin.java
b969fb687
Diff: https://reviews.apache.org/r/74823/diff/2/
Changes: https://reviews.apache.org/r/74823/diff/1-2/
Testing
-------
Compiled clean and ran unit tests. Verified that for HDFS base-plugin there is
no regression, and when the configuration parameter is set to true, the
chained-plugin evaluation is bypassed.
Thanks,
Abhay Kulkarni
