You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by li...@apache.org on 2021/12/05 23:17:41 UTC
[dolphinscheduler] branch dev updated: to feature #7191 (#7194)
This is an automated email from the ASF dual-hosted git repository.
lidongdai pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/dev by this push:
new 3c8d1c6 to feature #7191 (#7194)
3c8d1c6 is described below
commit 3c8d1c6da91b23aa9106353829469f40899a7bed
Author: ouyangyewei <ou...@foxmail.com>
AuthorDate: Mon Dec 6 07:17:33 2021 +0800
to feature #7191 (#7194)
Co-authored-by: ouyangyewei <ye...@alibaba-inc.com>
---
.../api/controller/ProjectController.java | 22 +++++++++
.../apache/dolphinscheduler/api/enums/Status.java | 1 +
.../api/service/ProjectService.java | 9 ++++
.../api/service/impl/ProjectServiceImpl.java | 25 ++++++++++
.../src/main/resources/i18n/messages.properties | 1 +
.../main/resources/i18n/messages_en_US.properties | 1 +
.../main/resources/i18n/messages_zh_CN.properties | 1 +
.../api/controller/ProjectControllerTest.java | 10 ++++
.../api/service/ProjectServiceTest.java | 54 ++++++++++++++++++++++
.../dolphinscheduler/dao/mapper/UserMapper.java | 7 +++
.../dolphinscheduler/dao/mapper/UserMapper.xml | 8 ++++
11 files changed, 139 insertions(+)
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java
index 1dfb7e5..22e5822 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java
@@ -17,6 +17,7 @@
package org.apache.dolphinscheduler.api.controller;
+import static org.apache.dolphinscheduler.api.enums.Status.QUERY_AUTHORIZED_USER;
import static org.apache.dolphinscheduler.api.enums.Status.CREATE_PROJECT_ERROR;
import static org.apache.dolphinscheduler.api.enums.Status.DELETE_PROJECT_ERROR;
import static org.apache.dolphinscheduler.api.enums.Status.LOGIN_USER_QUERY_PROJECT_LIST_PAGING_ERROR;
@@ -238,6 +239,27 @@ public class ProjectController extends BaseController {
}
/**
+ * query authorized user
+ *
+ * @param loginUser login user
+ * @param projectCode project code
+ * @return users who have permission for the specified project
+ */
+ @ApiOperation(value = "queryAuthorizedUser", notes = "QUERY_AUTHORIZED_USER_NOTES")
+ @ApiImplicitParams({
+ @ApiImplicitParam(name = "projectCode", value = "PROJECT_CODE", dataType = "Long", example = "100")
+ })
+ @GetMapping(value = "/authed-user")
+ @ResponseStatus(HttpStatus.OK)
+ @ApiException(QUERY_AUTHORIZED_USER)
+ @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
+ public Result queryAuthorizedUser(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
+ @RequestParam("projectCode") Long projectCode) {
+ Map<String, Object> result = this.projectService.queryAuthorizedUser(loginUser, projectCode);
+ return this.returnDataList(result);
+ }
+
+ /**
* query authorized and user created project
*
* @param loginUser login user
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
index 7f72b16..7606d32 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
@@ -213,6 +213,7 @@ public enum Status {
QUERY_ALERT_GROUP_ERROR(10180, "query alert group error", "查询告警组错误"),
CURRENT_LOGIN_USER_TENANT_NOT_EXIST(10181, "the tenant of the currently login user is not specified", "未指定当前登录用户的租户"),
REVOKE_PROJECT_ERROR(10182, "revoke project error", "撤销项目授权错误"),
+ QUERY_AUTHORIZED_USER(10183, "query authorized user error", "查询拥有项目权限的用户错误"),
UDF_FUNCTION_NOT_EXIST(20001, "UDF function not found", "UDF函数不存在"),
UDF_FUNCTION_EXISTS(20002, "UDF function already exists", "UDF函数已存在"),
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java
index df05dee..38c0c53 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java
@@ -120,6 +120,15 @@ public interface ProjectService {
Map<String, Object> queryAuthorizedProject(User loginUser, Integer userId);
/**
+ * query authorized user
+ *
+ * @param loginUser login user
+ * @param projectCode project code
+ * @return users who have permission for the specified project
+ */
+ Map<String, Object> queryAuthorizedUser(User loginUser, Long projectCode);
+
+ /**
* query authorized project
*
* @param loginUser login user
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
index b5e0bb4..3579cd8 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
@@ -405,6 +405,31 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
}
/**
+ * query authorized user
+ *
+ * @param loginUser login user
+ * @param projectCode project code
+ * @return users who have permission for the specified project
+ */
+ @Override
+ public Map<String, Object> queryAuthorizedUser(User loginUser, Long projectCode) {
+ Map<String, Object> result = new HashMap<>();
+
+ // 1. check read permission
+ Project project = this.projectMapper.queryByCode(projectCode);
+ boolean hasProjectAndPerm = this.hasProjectAndPerm(loginUser, project, result);
+ if (!hasProjectAndPerm) {
+ return result;
+ }
+
+ // 2. query authorized user list
+ List<User> users = this.userMapper.queryAuthedUserListByProjectId(project.getId());
+ result.put(Constants.DATA_LIST, users);
+ this.putMsg(result, Status.SUCCESS);
+ return result;
+ }
+
+ /**
* query authorized project
*
* @param loginUser login user
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages.properties b/dolphinscheduler-api/src/main/resources/i18n/messages.properties
index 7f43ce6..971149a 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages.properties
@@ -140,6 +140,7 @@ DELETE_PROJECT_BY_ID_NOTES=delete project by id
QUERY_UNAUTHORIZED_PROJECT_NOTES=query unauthorized project
QUERY_ALL_PROJECT_LIST_NOTES=query all project list
QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project
+QUERY_AUTHORIZED_USER_NOTES=query authorized user
TASK_RECORD_TAG=task record related operation
QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging
CREATE_TOKEN_NOTES=create token ,note: please login first
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
index 8c03137..9f1288e 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
@@ -156,6 +156,7 @@ QUERY_ALL_PROJECT_LIST_NOTES=query all project list
DELETE_PROJECT_BY_ID_NOTES=delete project by id
QUERY_UNAUTHORIZED_PROJECT_NOTES=query unauthorized project
QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project
+QUERY_AUTHORIZED_USER_NOTES=query authorized user
TASK_RECORD_TAG=task record related operation
QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging
CREATE_TOKEN_NOTES=create token ,note: please login first
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
index fc83ae6..b606702 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
@@ -145,6 +145,7 @@ QUERY_ALL_PROJECT_LIST_NOTES=查询所有项目
DELETE_PROJECT_BY_ID_NOTES=通过ID删除项目
QUERY_UNAUTHORIZED_PROJECT_NOTES=查询未授权的项目
QUERY_AUTHORIZED_PROJECT_NOTES=查询授权项目
+QUERY_AUTHORIZED_USER_NOTES=查询拥有项目授权的用户
TASK_RECORD_TAG=任务记录相关操作
QUERY_TASK_RECORD_LIST_PAGING_NOTES=分页查询任务记录列表
CREATE_TOKEN_NOTES=创建token,注意需要先登录
diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java
index 0bce72d..118484c 100644
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java
@@ -126,6 +126,16 @@ public class ProjectControllerTest {
}
@Test
+ public void testQueryAuthorizedUser() {
+ Map<String, Object> result = new HashMap<>();
+ this.putMsg(result, Status.SUCCESS);
+
+ Mockito.when(this.projectService.queryAuthorizedUser(this.user, 3682329499136L)).thenReturn(result);
+ Result response = this.projectController.queryAuthorizedUser(this.user, 3682329499136L);
+ Assert.assertEquals(Status.SUCCESS.getCode(), response.getCode().intValue());
+ }
+
+ @Test
public void testQueryAllProjectList() {
Map<String, Object> result = new HashMap<>();
putMsg(result, Status.SUCCESS);
diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
index 6f516b7..de782df 100644
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
@@ -277,6 +277,38 @@ public class ProjectServiceTest {
}
@Test
+ public void testQueryAuthorizedUser() {
+ final User loginUser = this.getLoginUser();
+
+ // Failure 1: PROJECT_NOT_FOUND
+ Map<String, Object> result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L);
+ logger.info("FAILURE 1: {}", result.toString());
+ Assert.assertEquals(Status.PROJECT_NOT_FOUNT, result.get(Constants.STATUS));
+
+ // Failure 2: USER_NO_OPERATION_PROJECT_PERM
+ loginUser.setId(100);
+ Mockito.when(this.projectMapper.queryByCode(Mockito.anyLong())).thenReturn(this.getProject());
+ result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L);
+ logger.info("FAILURE 2: {}", result.toString());
+ Assert.assertEquals(Status.USER_NO_OPERATION_PROJECT_PERM, result.get(Constants.STATUS));
+
+ // SUCCESS
+ loginUser.setUserType(UserType.ADMIN_USER);
+ Mockito.when(this.userMapper.queryAuthedUserListByProjectId(1)).thenReturn(this.getUserList());
+ result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L);
+ logger.info("SUCCESS 1: {}", result.toString());
+ List<User> users = (List<User>) result.get(Constants.DATA_LIST);
+ Assert.assertTrue(CollectionUtils.isNotEmpty(users));
+
+ loginUser.setId(1);
+ loginUser.setUserType(UserType.GENERAL_USER);
+ result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L);
+ logger.info("SUCCESS 2: {}", result.toString());
+ users = (List<User>) result.get(Constants.DATA_LIST);
+ Assert.assertTrue(CollectionUtils.isNotEmpty(users));
+ }
+
+ @Test
public void testQueryCreatedProject() {
User loginUser = getLoginUser();
@@ -366,6 +398,28 @@ public class ProjectServiceTest {
}
/**
+ * Get general user
+ * @return
+ */
+ private User getGeneralUser() {
+ User user = new User();
+ user.setUserType(UserType.GENERAL_USER);
+ user.setUserName("userTest0001");
+ user.setUserPassword("userTest0001");
+ return user;
+ }
+
+ /**
+ * Get user list
+ * @return
+ */
+ private List<User> getUserList() {
+ List<User> userList = new ArrayList<>();
+ userList.add(this.getGeneralUser());
+ return userList;
+ }
+
+ /**
* get project user
*/
private ProjectUser getProjectUser() {
diff --git a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java
index 20fafdc..1d5ad8f 100644
--- a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java
+++ b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java
@@ -162,4 +162,11 @@ public interface UserMapper extends BaseMapper<User> {
* @return user list
*/
List<User> selectByIds(@Param("ids") List<Integer> ids);
+
+ /**
+ * query authed user list by projectId
+ * @param projectId projectId
+ * @return user list
+ */
+ List<User> queryAuthedUserListByProjectId(@Param("projectId") int projectId);
}
diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml
index dec6a51..570e395 100644
--- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml
+++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml
@@ -123,4 +123,12 @@
#{id}
</foreach>
</select>
+ <select id="queryAuthedUserListByProjectId" resultType="org.apache.dolphinscheduler.dao.entity.User">
+ select
+ <include refid="baseSqlV2">
+ <property name="alias" value="u"/>
+ </include>
+ from t_ds_user u, t_ds_relation_project_user rel
+ where u.id = rel.user_id and rel.project_id = #{projectId}
+ </select>
</mapper>