Review Request 74852: RANGER-4671 : Noticed a change in Behaviour of DatasetInDataShare Object for 2 cases

Mon, 22 Jan 2024 23:43:35 -0800 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74852/
-----------------------------------------------------------

Review request for ranger, Akshay Tupe, Anand Nadar, Ankita Sinha, Madhan 
Neethiraj, Monika Kachhadiya, Siddhesh Phatak, Subhrat Chaudhary, and Vanita 
Ubale.


Bugs: RANGER-4671
    https://issues.apache.org/jira/browse/RANGER-4671


Repository: ranger


Description
-------

There was change in behaviour of DatasetInDataShare Object for below mentioned 
2 cases

case 1 :    

1) create a user with Ranger ROLE as ROLE_USER

2)create a dataShare with the same user's account so the user will be dataShare 
Admin

3)create a dataset the above user should be absent in dataset ACL 

4)create DatasetInDataShare object for these dataset,dataShare with status as 
ACTIVE

5)update this DatasetInDataShare object  by the above created user's account 
change the status from ACTIVE to GRANTED the response is 200 expected response 
is 400 with validation message stating (Not a ADMIN for dataset)

case 2:    

1) create a user with Ranger ROLE as ROLE_USER

2)create a dataShare with the same user's account so the user will be dataShare 
Admin

3)create a dataset the above user should be absent in dataset ACL 

4)create DatasetInDataShare object for these dataset,dataShare with status as 
ACTIVE

5)update this DatasetInDataShare object  by the above created user's account 
change the status from ACTIVE to DENIED the response is 200 expected response 
is 400 with validation message stating (Not a ADMIN for dataset)


Diffs
-----

  
security-admin/src/main/java/org/apache/ranger/validation/RangerGdsValidator.java
 a42a11ffb 


Diff: https://reviews.apache.org/r/74852/diff/1/


Testing
-------

Steps to check :
For the above mentioned 2 cases we get response as 400 with validation message 
stating 
(Not a Dataset Admin)

Response Message

 "msgDesc": "[ Validation failure: error code[4106], reason[User [Test-User-6] 
is not an admin for dataset [Test_Dataset1]], field[null], subfield[null], 
type[]]"


Thanks,

Prashant Satam

Reply via email to