You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by li...@apache.org on 2017/10/18 09:32:53 UTC
[05/10] kylin git commit: kylin access for cube and model (#2782)
kylin access for cube and model (#2782)
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/a794544f
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/a794544f
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/a794544f
Branch: refs/heads/2.2.x
Commit: a794544f9c79f04d44015730bed96c03055b6733
Parents: 32b2400
Author: luguosheng1314 <55...@qq.com>
Authored: Tue Oct 17 04:25:13 2017 -0500
Committer: lidongsjtu <li...@apache.org>
Committed: Tue Oct 17 17:44:05 2017 +0800
----------------------------------------------------------------------
webapp/app/js/controllers/cubeSchema.js | 5 -----
webapp/app/js/controllers/modelSchema.js | 4 ----
webapp/app/js/controllers/page.js | 21 +++++++++++++++++----
webapp/app/partials/common/access.html | 10 +++++-----
webapp/app/partials/cubes/cube_detail.html | 4 ++--
webapp/app/partials/cubes/cubes.html | 6 +++---
webapp/app/partials/models/models_tree.html | 2 +-
webapp/app/partials/projects/projects.html | 4 ++--
8 files changed, 30 insertions(+), 26 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/js/controllers/cubeSchema.js
----------------------------------------------------------------------
diff --git a/webapp/app/js/controllers/cubeSchema.js b/webapp/app/js/controllers/cubeSchema.js
index a912c72..2a47a8c 100755
--- a/webapp/app/js/controllers/cubeSchema.js
+++ b/webapp/app/js/controllers/cubeSchema.js
@@ -160,11 +160,6 @@ KylinApp.controller('CubeSchemaCtrl', function ($scope, QueryService, UserServic
});
- // ~ public methods
- $scope.filterProj = function(project){
- return $scope.userService.hasRole('ROLE_ADMIN') || $scope.hasPermission(project,$scope.permissions.ADMINISTRATION.mask);
- };
-
$scope.removeElement = function (arr, element) {
var index = arr.indexOf(element);
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/js/controllers/modelSchema.js
----------------------------------------------------------------------
diff --git a/webapp/app/js/controllers/modelSchema.js b/webapp/app/js/controllers/modelSchema.js
index 41a26bb..d1744bb 100644
--- a/webapp/app/js/controllers/modelSchema.js
+++ b/webapp/app/js/controllers/modelSchema.js
@@ -84,10 +84,6 @@ KylinApp.controller('ModelSchemaCtrl', function ($scope, QueryService, UserServi
});
- // ~ public methods
- $scope.filterProj = function (project) {
- return $scope.userService.hasRole('ROLE_ADMIN') || $scope.hasPermission(project, $scope.permissions.ADMINISTRATION.mask);
- };
$scope.removeElement = function (arr, element) {
var index = arr.indexOf(element);
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/js/controllers/page.js
----------------------------------------------------------------------
diff --git a/webapp/app/js/controllers/page.js b/webapp/app/js/controllers/page.js
index 575f455..5a77195 100644
--- a/webapp/app/js/controllers/page.js
+++ b/webapp/app/js/controllers/page.js
@@ -88,20 +88,33 @@ KylinApp.controller('PageCtrl', function ($scope, $q, AccessService, $modal, $lo
};
// common acl methods
- $scope.hasPermission = function (entity) {
+ $scope.hasPermission = function (accessType, entity) {
var curUser = UserService.getCurUser();
if (!curUser.userDetails) {
return curUser;
}
-
var hasPermission = false;
var masks = [];
- for (var i = 1; i < arguments.length; i++) {
+ for (var i = 2; i < arguments.length; i++) {
if (arguments[i]) {
masks.push(arguments[i]);
}
}
-
+ var project = ''
+ var projectAccesses = ProjectModel.projects || []
+ if (accessType === 'cube') {
+ project = entity.project
+ } else if (accessType === 'project') {
+ project = entity.name
+ } else if (accessType === 'model') {
+ project = ProjectModel.getProjectByCubeModel(entity.name)
+ }
+ for(var i = 0;i<projectAccesses.length;i++){
+ if(projectAccesses[i].name === project) {
+ entity = projectAccesses[i]
+ break;
+ }
+ }
if (entity) {
angular.forEach(entity.accessEntities, function (acessEntity, index) {
if (masks.indexOf(acessEntity.permission.mask) != -1) {
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/partials/common/access.html
----------------------------------------------------------------------
diff --git a/webapp/app/partials/common/access.html b/webapp/app/partials/common/access.html
index be0a9d0..ee41e64 100644
--- a/webapp/app/partials/common/access.html
+++ b/webapp/app/partials/common/access.html
@@ -19,7 +19,7 @@
<div ng-controller="AccessCtrl">
<div class="space-4"></div>
<div class="pull-right">
- <button class="btn btn-primary btn-xs" ng-click="renewAccess(entity)" ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(entity, 16) && !newAccess"><i
+ <button class="btn btn-primary btn-xs" ng-click="renewAccess(entity)" ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('project',entity, 16) && !newAccess"><i
class="fa fa-plus"></i> Grant
</button>
<button class="btn btn-primary btn-xs" ng-click="resetNewAcess()" ng-if="newAccess"><i
@@ -72,8 +72,8 @@
<th>Name</th>
<th>Type</th>
<th>Access</th>
- <th ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(entity, 16)">Update</th>
- <th ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(entity, 16)">Revoke</th>
+ <th ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('project',entity, 16)">Update</th>
+ <th ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('project',entity, 16)">Revoke</th>
</tr>
</thead>
<tbody>
@@ -92,7 +92,7 @@
<span ng-if="accessEntity.permission.mask == 64">OPERATION</span>
<span ng-if="accessEntity.permission.mask == 16">ADMIN</span>
</td>
- <td ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(entity, 16)">
+ <td ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('project',entity, 16)">
<select ng-model="accessEntity.newPermission" ng-init="newAccess.permission=permissions.READ.value"
ng-options="permission.value as permission.name for (name, permission) in permissions">
<option value="">-- select access --</option>
@@ -101,7 +101,7 @@
ng-click="update(type, entity, accessEntity, accessEntity.newPermission)">Update
</button>
</td>
- <td ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(entity, 16)">
+ <td ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('project',entity, 16)">
<button class="btn btn-default btn-xs" ng-click="revoke(type, accessEntity, entity)">Revoke</button>
</td>
</tr>
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/partials/cubes/cube_detail.html
----------------------------------------------------------------------
diff --git a/webapp/app/partials/cubes/cube_detail.html b/webapp/app/partials/cubes/cube_detail.html
index 674e3f0..db0ed8d 100755
--- a/webapp/app/partials/cubes/cube_detail.html
+++ b/webapp/app/partials/cubes/cube_detail.html
@@ -26,7 +26,7 @@
<a href="" ng-click="cube.visiblePage='sql';getCubeSql(cube)">SQL</a>
</li>
<li class="{{cube.visiblePage=='json'? 'active':''}}"
- ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(cube, 16) && !newAccess">
+ ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('cube',cube, 16) && !newAccess">
<a href="" ng-click="cube.visiblePage='json';">JSON(Cube)</a>
</li>
<!--<li class="{{cube.visiblePage=='access'? 'active':''}}"-->
@@ -34,7 +34,7 @@
<!--<a href="" ng-click="cube.visiblePage='access';listAccess(cube, 'CubeInstance');">Access</a>-->
<!--</li>-->
<li class="{{cube.visiblePage=='notification'? 'active':''}}"
- ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(cube, 16) && !newAccess">
+ ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('cube',cube, 16) && !newAccess">
<a href="" ng-click="cube.visiblePage='notification';getNotifyListString(cube);">Notification</a>
</li>
<li class="{{cube.visiblePage=='hbase'? 'active':''}}"
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/partials/cubes/cubes.html
----------------------------------------------------------------------
diff --git a/webapp/app/partials/cubes/cubes.html b/webapp/app/partials/cubes/cubes.html
index d43b857..22ab122 100644
--- a/webapp/app/partials/cubes/cubes.html
+++ b/webapp/app/partials/cubes/cubes.html
@@ -87,10 +87,10 @@
data-toggle="dropdown" ng-click="listAccess(cube, 'CubeInstance')">
Action <span class="ace-icon fa fa-caret-down icon-on-right"></span>
</button>
- <ul ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask)" class="dropdown-menu" role="menu">
+ <ul ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission('cube',cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask)" class="dropdown-menu" role="menu">
<li ng-if="cube.status!='READY' && userService.hasRole('ROLE_ADMIN') ">
<a ng-click="dropCube(cube)" tooltip="Drop the cube, related jobs and data permanently.">Drop</a></li>
- <li ng-if="(userService.hasRole('ROLE_ADMIN') || hasPermission(cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask))">
+ <li ng-if="(userService.hasRole('ROLE_ADMIN') || hasPermission('cube',cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask))">
<a ng-click="cubeEdit(cube);">Edit</a></li>
<li ng-if="cube.status!='DESCBROKEN'"><a ng-click="startJobSubmit(cube);">Build</a></li>
<li ng-if="cube.status!='DESCBROKEN'"><a ng-click="startRefresh(cube)">Refresh</a></li>
@@ -101,7 +101,7 @@
<li ng-if="cube.status!='DESCBROKEN'"><a ng-click="cloneCube(cube)">Clone</a></li>
</ul>
- <ul ng-if="!(userService.hasRole('ROLE_ADMIN') || hasPermission(cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))" class="dropdown-menu" role="menu">
+ <ul ng-if="!(userService.hasRole('ROLE_ADMIN') || hasPermission('cube',cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))" class="dropdown-menu" role="menu">
<li><a>N/A</a></li>
</ul>
</div>
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/partials/models/models_tree.html
----------------------------------------------------------------------
diff --git a/webapp/app/partials/models/models_tree.html b/webapp/app/partials/models/models_tree.html
index 399f839..d6d0b1a 100644
--- a/webapp/app/partials/models/models_tree.html
+++ b/webapp/app/partials/models/models_tree.html
@@ -52,7 +52,7 @@
<button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown" ng-click="listModelAccess(model)">
Action <span class="ace-icon fa fa-caret-down icon-on-right"></span>
</button>
- <ul class="dropdown-menu" role="menu" ng-if="(userService.hasRole('ROLE_ADMIN') || hasPermission(model, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))">
+ <ul class="dropdown-menu" role="menu" ng-if="(userService.hasRole('ROLE_ADMIN') || hasPermission('model',model, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))">
<li><a ng-click="editModel(model, false)" title="Edit Model" style="cursor:pointer;margin-right: 8px;" >Edit</a></li>
<li><a ng-click="cloneModel(model)" title="Clone Model" style="cursor:pointer;margin-right: 8px;" >Clone </a></li>
<li><a ng-click="dropModel(model)" title="Drop Model" style="cursor:pointer;margin-right: 8px;">Drop</a></li>
http://git-wip-us.apache.org/repos/asf/kylin/blob/a794544f/webapp/app/partials/projects/projects.html
----------------------------------------------------------------------
diff --git a/webapp/app/partials/projects/projects.html b/webapp/app/partials/projects/projects.html
index 96e4a91..95fc359 100644
--- a/webapp/app/partials/projects/projects.html
+++ b/webapp/app/partials/projects/projects.html
@@ -58,10 +58,10 @@
<td>{{ project.create_time_utc | utcToConfigTimeZone}}</td>
<td>
<button class="btn btn-xs btn-info" ng-click="toEdit(project)" tooltip="Edit"
- ng-disabled="!(userService.hasRole('ROLE_ADMIN') || hasPermission(project, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))">
+ ng-disabled="!(userService.hasRole('ROLE_ADMIN') || hasPermission('project',project, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))">
<i class="fa fa-pencil"></i></button>
<button class="btn btn-xs btn-danger" ng-click="delete(project)" tooltip="Delete"
- ng-disabled="!(userService.hasRole('ROLE_ADMIN') || hasPermission(project, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))"
+ ng-disabled="!(userService.hasRole('ROLE_ADMIN') || hasPermission('project',project, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))"
><i class="fa fa-trash-o"></i></button>
</td>
</tr>