You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@inlong.apache.org by he...@apache.org on 2023/04/04 02:46:13 UTC
[inlong] branch master updated: [INLONG-7774][Manager] Add permission verification for StreamSource (#7775)
This is an automated email from the ASF dual-hosted git repository.
healchow pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git
The following commit(s) were added to refs/heads/master by this push:
new 231dbd5aa [INLONG-7774][Manager] Add permission verification for StreamSource (#7775)
231dbd5aa is described below
commit 231dbd5aadb35a4c770ffd83c6f963b3dcf1913e
Author: fuweng11 <76...@users.noreply.github.com>
AuthorDate: Tue Apr 4 10:46:05 2023 +0800
[INLONG-7774][Manager] Add permission verification for StreamSource (#7775)
---
.../service/source/StreamSourceServiceImpl.java | 35 ++++++++++++++++++++--
.../web/controller/StreamSourceController.java | 2 +-
2 files changed, 33 insertions(+), 4 deletions(-)
diff --git a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
index 286912cf1..1419b9e74 100644
--- a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
+++ b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
@@ -101,7 +101,8 @@ public class StreamSourceServiceImpl implements StreamSourceService {
// Check if it can be added
String groupId = request.getInlongGroupId();
InlongGroupEntity groupEntity = groupCheckService.checkGroupStatus(groupId, operator);
-
+ // only the person in charges can query
+ userService.checkUser(groupEntity.getInCharges(), operator, ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
String streamId = request.getInlongStreamId();
String sourceName = request.getSourceName();
List<StreamSourceEntity> existList = sourceMapper.selectByRelatedId(groupId, streamId, sourceName);
@@ -336,7 +337,12 @@ public class StreamSourceServiceImpl implements StreamSourceService {
// Check if it can be modified
String groupId = request.getInlongGroupId();
InlongGroupEntity groupEntity = groupCheckService.checkGroupStatus(groupId, operator);
-
+ if (groupEntity == null) {
+ throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+ String.format("InlongGroup does not exist with InlongGroupId=%s", groupEntity.getInlongGroupId()));
+ }
+ // only the person in charges can query
+ userService.checkUser(groupEntity.getInCharges(), operator, ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator = operatorFactory.getInstance(request.getSourceType());
// Remove id in sourceField when save
List<StreamField> streamFields = request.getFieldList();
@@ -399,6 +405,15 @@ public class StreamSourceServiceImpl implements StreamSourceService {
ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
boolean isTemplateSource = CollectionUtils.isNotEmpty(sourceMapper.selectByTemplateId(id));
+ // Check if it can be delete
+ InlongGroupEntity groupEntity = groupMapper.selectByGroupId(entity.getInlongGroupId());
+ if (groupEntity == null) {
+ throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+ String.format("InlongGroup does not exist with InlongGroupId=%s", entity.getInlongGroupId()));
+ }
+ // only the person in charges can query
+ userService.checkUser(groupEntity.getInCharges(), operator, ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
+
SourceStatus curStatus = SourceStatus.forCode(entity.getStatus());
SourceStatus nextStatus = SourceStatus.TO_BE_ISSUED_DELETE;
// if source is frozen|failed|new, or if it is a template source or auto push source, delete directly
@@ -435,7 +450,7 @@ public class StreamSourceServiceImpl implements StreamSourceService {
Preconditions.expectNotNull(entity, ErrorCodeEnum.SOURCE_INFO_NOT_FOUND,
ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
- // Check if it can be added
+ // Check if it can be delete
InlongGroupEntity groupEntity = groupMapper.selectByGroupId(entity.getInlongGroupId());
if (groupEntity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
@@ -495,6 +510,13 @@ public class StreamSourceServiceImpl implements StreamSourceService {
LOGGER.info("begin to restart source by id={}", id);
StreamSourceEntity entity = sourceMapper.selectByIdForUpdate(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
+ InlongGroupEntity groupEntity = groupMapper.selectByGroupId(entity.getInlongGroupId());
+ if (groupEntity == null) {
+ throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+ String.format("InlongGroup does not exist with InlongGroupId=%s", entity.getInlongGroupId()));
+ }
+ // only the person in charges can query
+ userService.checkUser(groupEntity.getInCharges(), operator, ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator = operatorFactory.getInstance(entity.getSourceType());
SourceRequest sourceRequest = new SourceRequest();
@@ -511,6 +533,13 @@ public class StreamSourceServiceImpl implements StreamSourceService {
LOGGER.info("begin to stop source by id={}", id);
StreamSourceEntity entity = sourceMapper.selectByIdForUpdate(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
+ InlongGroupEntity groupEntity = groupMapper.selectByGroupId(entity.getInlongGroupId());
+ if (groupEntity == null) {
+ throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+ String.format("InlongGroup does not exist with InlongGroupId=%s", entity.getInlongGroupId()));
+ }
+ // only the person in charges can query
+ userService.checkUser(groupEntity.getInCharges(), operator, ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator = operatorFactory.getInstance(entity.getSourceType());
SourceRequest sourceRequest = new SourceRequest();
diff --git a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
index 8e8b566eb..5ceb8601c 100644
--- a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
+++ b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
@@ -63,7 +63,7 @@ public class StreamSourceController {
@ApiOperation(value = "Get stream source")
@ApiImplicitParam(name = "id", dataTypeClass = Integer.class, required = true)
public Response<StreamSource> get(@PathVariable Integer id) {
- return Response.success(sourceService.get(id));
+ return Response.success(sourceService.get(id, LoginUserUtils.getLoginUser()));
}
@RequestMapping(value = "/source/list", method = RequestMethod.POST)