----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/75353/#review227351 -----------------------------------------------------------
Ship it! Ship It! - Kishor Gollapalliwar On April 28, 2025, 3:05 p.m., Rakesh Gupta wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/75353/ > ----------------------------------------------------------- > > (Updated April 28, 2025, 3:05 p.m.) > > > Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Abhay > Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > sanket shelar, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-5074 > https://issues.apache.org/jira/browse/RANGER-5074 > > > Repository: ranger > > > Description > ------- > > The Keyadmin user is able to retrieve admin user logs through the following > REST APIs: > > /service/xaudit/trx_log > /service/xaudit/trx_log/{id} > /service/assets/report > /service/assets/report/{transactionId} > > > Diffs > ----- > > > security-admin/src/main/java/org/apache/ranger/service/RangerServiceServiceBase.java > c074575e4 > > security-admin/src/main/java/org/apache/ranger/service/RangerTrxLogV2Service.java > 3eb2a707e > > > Diff: https://reviews.apache.org/r/75353/diff/2/ > > > Testing > ------- > > Tested and verified that the Keyadmin user is unable to retrieve Admin user > logs when attempting to access the following REST APIs: > > > /service/xaudit/trx_log > /service/xaudit/trx_log/{id} > /service/assets/report > /service/assets/report/{transactionId} > > > Thanks, > > Rakesh Gupta > >
