Details
-
Task
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
We added calls to ensureAdminAccess() in grantAccess() and revokeAccess() in RANGER-4445.
But according to https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1251 and https://github.com/apache/ranger/blame/master/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java#L1492, grantAccess() and revokeAccess() are open API's. Thus, it seems we could safely remove the calls to ensureAdminAccess() in these 2 places.
Removing the calls to ensureAdminAccess() also allows the users of other Apache components, e.g., Apache Impala, to test the integration with Apache Ranger, since at the moment Apache Impala stills relies on grantAccess() and revokeAccess() to perform authorization-related tests.
Attachments
Issue Links
- blocks
-
IMPALA-12921 Consider adding support for locally built Ranger
- Open