You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by li...@apache.org on 2017/04/26 07:49:45 UTC

[09/14] kylin git commit: KYLIN-2555 Check user exist before grant authorities

KYLIN-2555 Check user exist before grant authorities



Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/6d6e862f
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/6d6e862f
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/6d6e862f

Branch: refs/heads/master-hadoop3.0
Commit: 6d6e862f15568a5cd40f3bf10f02645641e17d07
Parents: 410898f
Author: FAN XIE <xi...@outlook.com>
Authored: Wed Apr 19 12:34:16 2017 +0800
Committer: hongbin ma <ma...@kyligence.io>
Committed: Wed Apr 19 12:34:16 2017 +0800

----------------------------------------------------------------------
 .../java/org/apache/kylin/rest/service/AclService.java | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kylin/blob/6d6e862f/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
index 3e3efec..c0ece1d 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
@@ -75,7 +75,6 @@ import com.fasterxml.jackson.databind.JsonMappingException;
 
 /**
  * @author xduo
- * 
  */
 @Component("aclService")
 public class AclService implements MutableAclService {
@@ -111,6 +110,9 @@ public class AclService implements MutableAclService {
     @Autowired
     protected AclHBaseStorage aclHBaseStorage;
 
+    @Autowired
+    protected UserService userService;
+
     public AclService() throws IOException {
         fieldAces.setAccessible(true);
         fieldAcl.setAccessible(true);
@@ -297,6 +299,13 @@ public class AclService implements MutableAclService {
             }
 
             for (AccessControlEntry ace : acl.getEntries()) {
+                if (ace.getSid() instanceof PrincipalSid) {
+                    PrincipalSid psid = (PrincipalSid) ace.getSid();
+                    String userName = psid.getPrincipal();
+                    logger.debug("ACE SID name: " + userName);
+                    if (!userService.userExists(userName))
+                        throw new NotFoundException("User : " + userName + " not exists. Please check or create user first");
+                }
                 AceInfo aceInfo = new AceInfo(ace);
                 put.addColumn(Bytes.toBytes(AclHBaseStorage.ACL_ACES_FAMILY), Bytes.toBytes(aceInfo.getSidInfo().getSid()), aceSerializer.serialize(aceInfo));
             }
@@ -315,6 +324,7 @@ public class AclService implements MutableAclService {
         return (MutableAcl) readAclById(acl.getObjectIdentity());
     }
 
+
     private void genAces(List<Sid> sids, Result result, AclImpl acl) throws JsonParseException, JsonMappingException, IOException {
         List<AceInfo> aceInfos = new ArrayList<AceInfo>();
         if (null != sids) {
@@ -459,4 +469,5 @@ public class AclService implements MutableAclService {
         }
     }
 
+
 }