AUDIT-13 : Secure audit log API access

[sudhanshu-raj]

Description of what I changed

Added the authorization check to access Audit Logs. Users now need to have the privilege (VIEW_AUDIT_LOGS) to view Audit Logs to access them. Both REST API and MVC controllers have been secured. Users without permissions will see a custom access denied page for UI and will receive a 403 Forbidden response for REST API.

Issue I worked on

see https://openmrs.atlassian.net/browse/AUDIT-13

Checklist: I completed these to help reviewers :)

• My IDE is configured to follow the code style of this project.

  No? Unsure? -> configure your IDE, format the code and add the changes with git add . && git commit --amend

• I have added tests to cover my changes. (If you refactored
  existing code that was well tested you do not have to add tests)

  No? -> write tests and add them to this commit git add . && git commit --amend

• I ran mvn clean package right before creating this pull request and
  added all formatting changes to my commit.

  No? -> execute above command

• All new and existing tests passed.

  No? -> figure out why and add the fix to your commit. It is your responsibility to make sure your code works.

• My pull request is based on the latest changes of the master branch.

  No? Unsure? -> execute command git pull --rebase upstream master

[sudhanshu-raj]

Hi @nsalifu , @wikumChamith @ibacher ,could you please take a look and share your review when you get a chance?

[sudhanshu-raj]

Hi @ibacher @wikumChamith @nsalifu , just a gentle reminder to review this when you have a moment.