Re: Review Request 72601: ATLAS-3845 : Audit API returns the audit information for an unauthorised entity

chaitali Mon, 22 Jun 2020 10:16:05 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72601/
-----------------------------------------------------------


(Updated June 22, 2020, 5:15 p.m.)


Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nixon Rodrigues, 
and Sarath Subramanian.


Bugs: ATLAS-3845
    https://issues.apache.org/jira/browse/ATLAS-3845


Repository: atlas


Description
-------

Audit api was returning all entities details even after blocking the rights for 
read entity in Ranger policy-This patch handles the issue by adding verify 
access check.


Diffs (updated)
-----

  webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java b1055605f 


Diff: https://reviews.apache.org/r/72601/diff/3/

Changes: https://reviews.apache.org/r/72601/diff/2-3/


Testing
-------

Tested by adding deny policy for read/create entity in Ranger


Thanks,

chaitali

Re: Review Request 72601: ATLAS-3845 : Audit API returns the audit information for an unauthorised entity

Reply via email to