Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-1176

Ranger admin does not allow to create / update a policy with only delegate admin permission

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 0.5.0
    • 1.0.0, 0.7.2
    • admin
    • None

    Description

      As of RANGER-436, a policy with empty access list is valid if delegated admin is true. But the Ranger Admin UI doesn't allow user to create / update a policy with only the 'delegate admin' permission for a user / group.

      Expected Result:
      Create / update policy with only 'delegate admin' permission should be allowed via Ranger Admin UI

      Actual Result:
      Upon saving, the create page throws this error for user:
      "Please add permission(s) for the selected User, else User will not be added."
      And similar error for group:
      "Please add permission(s) for the selected Group, else Group will not be added."

      Workaround:
      As of now, the workaround is to create / update the policy via REST API. But the only caveat is user will not be able to edit the policy again via Admin UI.

      Attachments

        Issue Links

        links to

        Web Link RR

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            nitin.galave Nitin Galave
            vrathor-hw Vipin Rathor
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment