Merge pull request #2809 from atlanhq/newauthz

Fix: Evaluator direct entity permissions to evauator method
atlanhq · Jan 31, 2024 · 4b842e2 · 4b842e2
2 parents f663234 + 9c565c2
commit 4b842e2
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/repository/src/main/java/org/apache/atlas/authorizer/authorizers/EntityAuthorizer.java b/repository/src/main/java/org/apache/atlas/authorizer/authorizers/EntityAuthorizer.java
@@ -416,6 +416,7 @@ private static AccessResult runESQueryAndEvaluateAccess(Map<String, Object> dsl)
                                 result.setAllowed(true);
                                 result.setPolicyId(matched_queries.get(0));
                             }
+                            return result;
                         } else {
                             throw new AtlasBaseException("Failed to extract matched policy guid");
                         }

diff --git a/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java b/webapp/src/main/java/org/apache/atlas/web/rest/EntityREST.java
@@ -175,7 +175,7 @@ public List<AtlasEvaluatePolicyResponse> evaluatePolicies(List<AtlasEvaluatePoli
                         AtlasEntityHeader entityHeader = getAtlasEntityHeader(entity.getEntityGuid(), entity.getEntityId(), entity.getTypeName());
 
                         AtlasPrivilege privilege = AtlasPrivilege.valueOf(action);
-                        AuthorizerUtils.verifyAccess(entityHeader, privilege);
+                        AuthorizerUtils.verifyAccessForEvaluator(entityHeader, privilege);
 
                         response.add(new AtlasEvaluatePolicyResponse(entity.getTypeName(), entity.getEntityGuid(), action, entity.getEntityId(), true, null, entity.getBusinessMetadata()));
                     } catch (AtlasBaseException e) {