This is an automated email from the ASF dual-hosted git repository.
sarath pushed a commit to branch branch-2.0
in repository https://gitbox.apache.org/repos/asf/atlas.git
The following commit(s) were added to refs/heads/branch-2.0 by this push:
new 7f42cca ATLAS-3845 : Audit API returns the audit information for an
unauthorised entity
7f42cca is described below
commit 7f42cca10d28af9a05a453db614cdffb58a973aa
Author: chaitali borole <[email protected]>
AuthorDate: Mon Jun 22 20:17:54 2020 +0530
ATLAS-3845 : Audit API returns the audit information for an unauthorised
entity
Signed-off-by: Sarath Subramanian <[email protected]>
(cherry picked from commit 474d73c5822183ba8e810615eb195d559ef9589a)
---
webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java | 3 +++
1 file changed, 3 insertions(+)
diff --git a/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java
b/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java
index b105560..88de8b6 100644
--- a/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java
+++ b/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java
@@ -806,6 +806,9 @@ public class EntityREST {
perf = AtlasPerfTracer.getPerfTracer(PERF_LOG,
"EntityREST.getAuditEvents(" + guid + ", " + startKey + ", " + count + ")");
}
+ // following call enforces authorization for entity-read
+ entitiesStore.getHeaderById(guid);
+
List<EntityAuditEventV2> ret = new ArrayList<>();
if(auditAction != null) {
