You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/10/13 05:59:19 UTC
[GitHub] [dolphinscheduler] zixi0825 commented on a diff in pull request #12048: [Feature-12040][api][ui] Add authorization management of read and write permissions for project and resource center
zixi0825 commented on code in PR #12048:
URL: https://github.com/apache/dolphinscheduler/pull/12048#discussion_r994175326
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java:
##########
@@ -254,6 +264,33 @@ public boolean hasProjectAndPerm(User loginUser, Project project, Map<String, Ob
return checkResult;
}
+ @Override
+ public boolean hasProjectAndWritePerm(User loginUser, Project project, Map<String, Object> result) {
+ boolean checkResult = false;
+ if (project == null) {
+ putMsg(result, Status.PROJECT_NOT_FOUND, "");
+ } else {
+ // case 1: user is admin
+ if (loginUser.getUserType() == UserType.ADMIN_USER) {
+ return true;
+ }
+ // case 2: user is project owner
+ if (project.getUserId() == loginUser.getId()) {
+ return true;
+ }
+ // case 3: check user permission level
+ ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), loginUser.getId());
+ // if (!canOperatorPermissions(loginUser, new Object[]{project.getId()},AuthorizationType.PROJECTS,perm)){
Review Comment:
Please remove the useless code
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java:
##########
@@ -413,12 +497,56 @@ public Result update(User loginUser, Long projectCode, String projectName, Strin
return result;
}
+ /**
+ * query all project with authorized level
+ *
+ * @param loginUser login user
+ * @return project list
+ */
+ @Override
+ public Map<String, Object> queryProjectWithAuthorizedLevel(User loginUser, Integer userId) {
+ Map<String, Object> result = new HashMap<>();
+
+ Set<Integer> projectIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, loginUser.getId(), logger);
+ // if (projectIds.isEmpty()) {
Review Comment:
Please remove the useless code
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java:
##########
@@ -680,6 +788,149 @@ public Map<String, Object> revokeProject(User loginUser, int userId, long projec
return result;
}
+ /**
+ * grant resource with permission level
+ *
+ * @param loginUser login user
+ * @param userId user id
+ * @param readPermResourceIds resource id array with read permission
+ * @param allPermResourceIds resource id array with all permission
+ * @return grant result code
+ */
+ @Override
Review Comment:
The method body is too long, please refactor
##########
dolphinscheduler-ui/src/views/security/user-manage/components/use-authorize.ts:
##########
@@ -217,10 +316,10 @@ export function useAuthorize() {
if (state.saving) return false
state.saving = true
if (type === 'authorize_project') {
- await grantProject({
- userId,
- projectIds: state.authorizedProjects.join(',')
- })
+ // await grantProject({
Review Comment:
Please remove the useless code
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org