[RANGER-3676] tag-based policies don't recognize {OWNER} in users as resource owners - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.0, 2.3.0
Component/s: plugins
Labels:
None

Description

Ranger policies allow setting up permissions for resource-owners by using {OWNER} as the username in policies. Currently this works only for resource-based policies, and not for tag-based policies. Recognizing {OWNER} in tag-based policies can help address wider authorization needs, like:

tag:           SENSITIVE
users:         {OWNER}, groups: [ data-admins ]
permissions:   [ select ]
isDenyAllElse: true

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

RANGER-3676.patch
21/Mar/22 21:15
5 kB
Madhan Neethiraj

Issue Links

links to

Patch in review board

Activity

People

Assignee:: Madhan Neethiraj

Reporter:: Madhan Neethiraj

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 21/Mar/22 21:00

Updated:: 22/Mar/22 07:14

Resolved:: 22/Mar/22 07:14