[ https://issues.apache.org/jira/browse/RANGER-3517?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nishchith Shetty updated RANGER-3517: ------------------------------------- Description: Hello, Once a policy is created and then all the policies are cleared from Ranger Admin, the plugin enforces the last policy that was cached instead of clearing the policies on the client. *Steps to reproduce* * Create a allow policy for userA (ID-1) * Delete the policy ({_}now there are 0 policies on ranger server){_} * Use the plugin ** Expected/Ideal behaviour - deny (as there's no policy) ** Current behaviour - allow (enforced policy ID-1) _Note: For each step let the change get synced to the client via plugin_ *Logs (ranger-plugin v2.2.0)* {code:java} Downloaded policies do not require policy change !! Keeping old policy-engine! Ranger-PolicyVersion:[139], Cached-PolicyVersion:[138] {code} was: Hello, Once a policy is created and then all the policies are cleared from Ranger Admin, the plugin enforces the last policy that was cached instead of clearing the policies on the client. *Steps to reproduce* * Create a allow policy for userA (ID-1) * Delete the policy ({_}now there are 0 policies on ranger server){_} * Use the plugin ** Expected/Ideal behaviour - deny (as there's no policy) ** Current behaviour - allow (enforced policy ID-1) _Note: For each step let the change get synced to the client via plugin_ *Logs (ranger-plugin v2.2.0)* {{}} {code:java} Downloaded policies do not require policy change !! Keeping old policy-engine! Ranger-PolicyVersion:[139], Cached-PolicyVersion:[138] {code} {{}} > Incorrect Policy evaluation on clearing existing policy > ------------------------------------------------------- > > Key: RANGER-3517 > URL: https://issues.apache.org/jira/browse/RANGER-3517 > Project: Ranger > Issue Type: Bug > Components: plugins, Ranger > Affects Versions: 2.2.0 > Reporter: Nishchith Shetty > Priority: Critical > > Hello, > > Once a policy is created and then all the policies are cleared from Ranger > Admin, the plugin enforces the last policy that was cached instead of > clearing the policies on the client. > > *Steps to reproduce* > * Create a allow policy for userA (ID-1) > * Delete the policy ({_}now there are 0 policies on ranger server){_} > * Use the plugin > ** Expected/Ideal behaviour - deny (as there's no policy) > ** Current behaviour - allow (enforced policy ID-1) > _Note: For each step let the change get synced to the client via plugin_ > > *Logs (ranger-plugin v2.2.0)* > {code:java} > Downloaded policies do not require policy change !! > Keeping old policy-engine! > Ranger-PolicyVersion:[139], Cached-PolicyVersion:[138] > {code} -- This message was sent by Atlassian Jira (v8.20.1#820001)