[atlas] branch branch-2.0 updated: ATLAS-4016 : Update authorization - 'admin-audits' for retrieving admin audits

Tue, 10 Nov 2020 21:45:55 -0800 

This is an automated email from the ASF dual-hosted git repository.

nixon pushed a commit to branch branch-2.0
in repository https://gitbox.apache.org/repos/asf/atlas.git


The following commit(s) were added to refs/heads/branch-2.0 by this push:
     new 9ca59a6  ATLAS-4016 : Update authorization - 'admin-audits' for 
retrieving admin audits
9ca59a6 is described below

commit 9ca59a6f2c5d12346da96efe14762a56ae2a036b
Author: Mandar Ambawane <mandar.ambaw...@freestoneinfotech.com>
AuthorDate: Tue Nov 10 13:15:40 2020 +0530

    ATLAS-4016 : Update authorization - 'admin-audits' for retrieving admin 
audits
    
    Signed-off-by: nixonrodrigues <ni...@apache.org>
    (cherry picked from commit b7c219a52363c378832536b8f00e003a5b0bbe5a)
---
 .../src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java      | 4 +++-
 .../src/main/java/org/apache/atlas/web/resources/AdminResource.java   | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git 
a/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java 
b/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java
index 9dbcd32..5d06e1b 100644
--- a/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java
+++ b/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java
@@ -44,7 +44,9 @@ public enum AtlasPrivilege {
      ENTITY_REMOVE_LABEL("entity-remove-label"),
      ENTITY_UPDATE_BUSINESS_METADATA("entity-update-business-metadata"),
 
-     TYPE_READ("type-read");
+     TYPE_READ("type-read"),
+
+     ADMIN_AUDITS("admin-audits");
 
      private final String type;
 
diff --git 
a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java 
b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
index f6a20c0..4db477e 100755
--- a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
+++ b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
@@ -624,6 +624,8 @@ public class AdminResource {
                 perf = AtlasPerfTracer.getPerfTracer(PERF_LOG, 
"AdminResource.getAtlasAudits(" + auditSearchParameters + ")");
             }
 
+            AtlasAuthorizationUtils.verifyAccess(new 
AtlasAdminAccessRequest(AtlasPrivilege.ADMIN_AUDITS), "Admin Audits");
+
             return auditService.get(auditSearchParameters);
         } finally {
             AtlasPerfTracer.log(perf);

Reply via email to