You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by li...@apache.org on 2017/04/26 07:49:45 UTC
[09/14] kylin git commit: KYLIN-2555 Check user exist before grant
authorities
KYLIN-2555 Check user exist before grant authorities
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/6d6e862f
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/6d6e862f
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/6d6e862f
Branch: refs/heads/master-hadoop3.0
Commit: 6d6e862f15568a5cd40f3bf10f02645641e17d07
Parents: 410898f
Author: FAN XIE <xi...@outlook.com>
Authored: Wed Apr 19 12:34:16 2017 +0800
Committer: hongbin ma <ma...@kyligence.io>
Committed: Wed Apr 19 12:34:16 2017 +0800
----------------------------------------------------------------------
.../java/org/apache/kylin/rest/service/AclService.java | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/6d6e862f/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
index 3e3efec..c0ece1d 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
@@ -75,7 +75,6 @@ import com.fasterxml.jackson.databind.JsonMappingException;
/**
* @author xduo
- *
*/
@Component("aclService")
public class AclService implements MutableAclService {
@@ -111,6 +110,9 @@ public class AclService implements MutableAclService {
@Autowired
protected AclHBaseStorage aclHBaseStorage;
+ @Autowired
+ protected UserService userService;
+
public AclService() throws IOException {
fieldAces.setAccessible(true);
fieldAcl.setAccessible(true);
@@ -297,6 +299,13 @@ public class AclService implements MutableAclService {
}
for (AccessControlEntry ace : acl.getEntries()) {
+ if (ace.getSid() instanceof PrincipalSid) {
+ PrincipalSid psid = (PrincipalSid) ace.getSid();
+ String userName = psid.getPrincipal();
+ logger.debug("ACE SID name: " + userName);
+ if (!userService.userExists(userName))
+ throw new NotFoundException("User : " + userName + " not exists. Please check or create user first");
+ }
AceInfo aceInfo = new AceInfo(ace);
put.addColumn(Bytes.toBytes(AclHBaseStorage.ACL_ACES_FAMILY), Bytes.toBytes(aceInfo.getSidInfo().getSid()), aceSerializer.serialize(aceInfo));
}
@@ -315,6 +324,7 @@ public class AclService implements MutableAclService {
return (MutableAcl) readAclById(acl.getObjectIdentity());
}
+
private void genAces(List<Sid> sids, Result result, AclImpl acl) throws JsonParseException, JsonMappingException, IOException {
List<AceInfo> aceInfos = new ArrayList<AceInfo>();
if (null != sids) {
@@ -459,4 +469,5 @@ public class AclService implements MutableAclService {
}
}
+
}