[RANGER-1446] Ranger Solr Plugin does not work when the collection list in the request is empty - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 0.7.0, 0.6.1, 0.6.2, 0.6.3
Fix Version/s: 1.0.0, 0.7.1
Component/s: plugins
Labels:
None

Description

The fix of Ranger-1095 set the initial value of "denied" to "true" from the previous "false". One impact of this change is that, when context.getCollectionRequests() is empty which could be the case in many invocations Solr makes to Ranger on authorization per client request, the permission is plainly denied without going to Ranger policy engine. So the fix changed the default behavior related "denied".

A proper fix of Ranger-1095 IMO should be just to set the "denied" to "true" in the catch block without changing the initial value of the variable.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-Ranger-1446-Ranger-Solr-Plugin-does-not-work-when-th.patch
13/Mar/17 15:33
2 kB
Yan

Issue Links

is broken by

RANGER-1095 Invert authorization logic in RangerSolrAuthorizer

Resolved

Activity

People

Assignee:: Yan

Reporter:: Yan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Mar/17 20:14

Updated:: 22/May/17 16:36

Resolved:: 13/Mar/17 16:02