This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 9a62c14 RANGER-2597 : Allow auditor role user to get details of
services and policies from public API
9a62c14 is described below
commit 9a62c142ac7dbd7d3412076c26787c2d2e9ec1c6
Author: fatimaawez <[email protected]>
AuthorDate: Tue Oct 1 11:12:24 2019 +0530
RANGER-2597 : Allow auditor role user to get details of services and
policies from public API
Signed-off-by: Mehul Parikh <[email protected]>
---
.../apache/ranger/security/context/RangerPreAuthSecurityHandler.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
index 673902d..a4bf694 100644
---
a/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
+++
b/security-admin/src/main/java/org/apache/ranger/security/context/RangerPreAuthSecurityHandler.java
@@ -98,9 +98,9 @@ public class RangerPreAuthSecurityHandler {
public boolean isAPISpnegoAccessible(){
UserSessionBase userSession =
ContextUtil.getCurrentUserSession();
- if (userSession != null && (userSession.isSpnegoEnabled() ||
userSession.isUserAdmin())) {
+ if (userSession != null && (userSession.isSpnegoEnabled() ||
userSession.isUserAdmin() || userSession.isAuditUserAdmin())) {
return true;
- }else if(userSession != null && (userSession.isUserAdmin() ||
userSession.isKeyAdmin())){
+ }else if(userSession != null && (userSession.isUserAdmin() ||
userSession.isKeyAdmin() || userSession.isAuditKeyAdmin())){
return true;
}
throw
restErrorUtil.createRESTException(HttpServletResponse.SC_FORBIDDEN, "User is
not allowed to access the API", true);
