ATLAS-4016 : Update authorization - 'admin-audits' for retrieving admin audits

Signed-off-by: nixonrodrigues <nixon@apache.org>
2020-11-10 13:15:40 +05:30 · 2020-11-10 13:15:40 +05:30 · b7c219a523
parent 801d40c3c6
commit b7c219a523
2 changed files with 5 additions and 1 deletions
--- a/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java
+++ b/authorization/src/main/java/org/apache/atlas/authorize/AtlasPrivilege.java
@ -44,7 +44,9 @@ public enum AtlasPrivilege {
     ENTITY_REMOVE_LABEL("entity-remove-label"),
     ENTITY_UPDATE_BUSINESS_METADATA("entity-update-business-metadata"),

-     TYPE_READ("type-read");
+     TYPE_READ("type-read"),
+
+     ADMIN_AUDITS("admin-audits");

     private final String type;

--- a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
+++ b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
@ -624,6 +624,8 @@ public class AdminResource {
                perf = AtlasPerfTracer.getPerfTracer(PERF_LOG, "AdminResource.getAtlasAudits(" + auditSearchParameters + ")");
            }

+            AtlasAuthorizationUtils.verifyAccess(new AtlasAdminAccessRequest(AtlasPrivilege.ADMIN_AUDITS), "Admin Audits");
+
            return auditService.get(auditSearchParameters);
        } finally {
            AtlasPerfTracer.log(perf);