-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/75320/
-----------------------------------------------------------
Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay
Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, sanket
shelar, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-5074
https://issues.apache.org/jira/browse/RANGER-5074
Repository: ranger
Description
-------
The Keyadmin user is able to retrieve admin user logs through the following
REST APIs:
/service/xaudit/trx_log
/service/xaudit/trx_log/{id}
/service/assets/report
/service/assets/report/{transactionId}
Diffs
-----
security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java
b09c72697
security-admin/src/main/java/org/apache/ranger/service/RangerTrxLogV2Service.java
3eb2a707e
Diff: https://reviews.apache.org/r/75320/diff/1/
Testing
-------
Tested and verified that the Keyadmin user is unable to retrieve Admin user
logs when attempting to access the following REST APIs:
/service/xaudit/trx_log
/service/xaudit/trx_log/{id}
/service/assets/report
/service/assets/report/{transactionId}
Thanks,
Rakesh Gupta
