You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by GitBox <gi...@apache.org> on 2022/10/26 06:06:24 UTC
[GitHub] [dolphinscheduler] SbloodyS commented on a diff in pull request #12048: [Feature-12040][api][ui] Add authorization management of read and write permissions for project and resource center
SbloodyS commented on code in PR #12048:
URL: https://github.com/apache/dolphinscheduler/pull/12048#discussion_r1005256605
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java:
##########
@@ -533,6 +533,97 @@ public Map<String, Object> deleteUserById(User loginUser, int id) throws IOExcep
}
}
+ /**
+ * revoke the project permission for specified user by id
+ * @param loginUser Login user
+ * @param userId User id
+ * @param projectIds project id array
+ * @return
+ */
+ @Override
+ @Transactional(rollbackFor = RuntimeException.class)
+ public Map<String, Object> revokeProjectById(User loginUser, int userId, String projectIds) {
+ Map<String, Object> result = new HashMap<>();
+ result.put(Constants.STATUS, false);
+
+ if (resourcePermissionCheckService.functionDisabled()) {
+ putMsg(result, Status.FUNCTION_DISABLED);
+ return result;
+ }
+ // 1. only admin can operate
+ if (this.check(result, !this.isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
+ return result;
+ }
+
+ // 2. check if user is existed
+ User user = this.userMapper.selectById(userId);
+ if (user == null) {
+ this.putMsg(result, Status.USER_NOT_EXIST, userId);
+ return result;
+ }
+
+ Arrays.stream(projectIds.split(",")).distinct().forEach(projectId -> {
+ // 3. check if project is existed
+ Project project = this.projectMapper.queryDetailById(Integer.parseInt(projectId));
+ if (project == null) {
+ this.putMsg(result, Status.PROJECT_NOT_FOUND, Integer.parseInt(projectId));
+ } else {
+ // 4. delete the relationship between project and user
+ this.projectUserMapper.deleteProjectRelation(project.getId(), user.getId());
+ }
+ });
+
+ this.putMsg(result, Status.SUCCESS);
+ return result;
+ }
+
+ /**
+ * grant project with read permission
+ *
+ * @param loginUser login user
+ * @param userId user id
+ * @param projectIds project id array
+ * @return grant result code
+ */
+ @Override
+ @Transactional(rollbackFor = RuntimeException.class)
+ public Map<String, Object> grantProjectWithReadPerm(User loginUser, int userId, String projectIds) {
+ Map<String, Object> result = new HashMap<>();
+ result.put(Constants.STATUS, false);
+
+ if (resourcePermissionCheckService.functionDisabled()) {
+ putMsg(result, Status.FUNCTION_DISABLED);
+ return result;
+ }
+ // check exist
+ User tempUser = userMapper.selectById(userId);
+ if (tempUser == null) {
+ putMsg(result, Status.USER_NOT_EXIST, userId);
+ return result;
+ }
+
+ if (check(result, StringUtils.isEmpty(projectIds), Status.SUCCESS)) {
+ return result;
+ }
+ Arrays.stream(projectIds.split(",")).distinct().forEach(projectId -> {
Review Comment:
```suggestion
Arrays.stream(projectIds.split(Constants.COMMA)).distinct().forEach(projectId -> {
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@dolphinscheduler.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org