RANGER-436, a policy with empty access list is valid if delegated admin is true. But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.
Create / update policy with only 'delegate admin' permission should be allowed via Ranger Admin UI
Upon saving, the create page throws this error for user:
"Please add permission(s) for the selected User, else User will not be added."
And similar error for group:
"Please add permission(s) for the selected Group, else Group will not be added."
As of now, the workaround is to create / update the policy via REST API. But the only caveat is user will not be able to edit the policy again via Admin UI.