From 1436ad65fc1e6be5f049a534251a0a4516100109 Mon Sep 17 00:00:00 2001 From: Kerwin <37063904+zhuangchong@users.noreply.github.com> Date: Fri, 21 Oct 2022 13:54:28 +0800 Subject: [PATCH] [Bug-12410] [API]Fix the worker list result in workflow definition only has default (#12411) * Fix the worker list result in workflow definition only has default * Fix tenant, k8s namespace similar permission issues. * code clean in the k8s namespace mapper * delete redundant sql method --- .../ResourcePermissionCheckServiceImpl.java | 23 ++++++------------- .../service/impl/K8SNamespaceServiceImpl.java | 2 +- .../dao/mapper/K8sNamespaceMapper.java | 10 +------- .../dao/mapper/K8sNamespaceMapper.xml | 10 -------- 4 files changed, 9 insertions(+), 36 deletions(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java index f2dc5162a5..7b3da83bf5 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java @@ -41,6 +41,7 @@ import org.apache.dolphinscheduler.dao.entity.AccessToken; import org.apache.dolphinscheduler.dao.entity.AlertGroup; import org.apache.dolphinscheduler.dao.entity.DataSource; import org.apache.dolphinscheduler.dao.entity.Environment; +import org.apache.dolphinscheduler.dao.entity.K8sNamespace; import org.apache.dolphinscheduler.dao.entity.Project; import org.apache.dolphinscheduler.dao.entity.Queue; import org.apache.dolphinscheduler.dao.entity.Resource; @@ -48,6 +49,7 @@ import org.apache.dolphinscheduler.dao.entity.TaskGroup; import org.apache.dolphinscheduler.dao.entity.Tenant; import org.apache.dolphinscheduler.dao.entity.UdfFunc; import org.apache.dolphinscheduler.dao.entity.User; +import org.apache.dolphinscheduler.dao.entity.WorkerGroup; import org.apache.dolphinscheduler.dao.mapper.AccessTokenMapper; import org.apache.dolphinscheduler.dao.mapper.AlertGroupMapper; import org.apache.dolphinscheduler.dao.mapper.AlertPluginInstanceMapper; @@ -180,8 +182,7 @@ public class ResourcePermissionCheckServiceImpl return Collections.emptySet(); } List queues = queueMapper.selectList(null); - return CollectionUtils.isEmpty(queues) ? Collections.emptySet() - : queues.stream().map(Queue::getId).collect(toSet()); + return queues.stream().map(Queue::getId).collect(toSet()); } } @@ -267,9 +268,6 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { List udfFuncList = udfFuncMapper.listAuthorizedUdfByUserId(userId); - if (CollectionUtils.isEmpty(udfFuncList)) { - return Collections.emptySet(); - } return udfFuncList.stream().map(UdfFunc::getId).collect(toSet()); } @@ -296,9 +294,6 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { List taskGroupList = taskGroupMapper.listAuthorizedResource(userId); - if (CollectionUtils.isEmpty(taskGroupList)) { - return Collections.emptySet(); - } return taskGroupList.stream().map(TaskGroup::getId).collect(Collectors.toSet()); } @@ -329,7 +324,8 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { - return Collections.emptySet(); + List k8sNamespaces = k8sNamespaceMapper.queryAuthedNamespaceListByUserId(userId); + return k8sNamespaces.stream().map(K8sNamespace::getId).collect(Collectors.toSet()); } } @@ -355,9 +351,6 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { List environments = environmentMapper.queryAllEnvironmentList(); - if (CollectionUtils.isEmpty(environments)) { - return Collections.emptySet(); - } return environments.stream().map(Environment::getId).collect(Collectors.toSet()); } } @@ -383,7 +376,8 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { - return Collections.emptySet(); + List workerGroups = workerGroupMapper.queryAllWorkerGroup(); + return workerGroups.stream().map(WorkerGroup::getId).collect(Collectors.toSet()); } } @@ -468,9 +462,6 @@ public class ResourcePermissionCheckServiceImpl @Override public Set listAuthorizedResource(int userId, Logger logger) { - if (userId != 0) { - return Collections.emptySet(); - } List tenantList = tenantMapper.queryAll(); return tenantList.stream().map(Tenant::getId).collect(Collectors.toSet()); } diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java index 7316b3e337..c07df13f0f 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java @@ -445,7 +445,7 @@ public class K8SNamespaceServiceImpl extends BaseServiceImpl implements K8sNames if (isAdmin(loginUser)) { k8sNamespaces = k8sNamespaceMapper.selectList(null); } else { - k8sNamespaces = k8sNamespaceMapper.queryNamespaceAvailable(loginUser.getId()); + k8sNamespaces = k8sNamespaceMapper.queryAuthedNamespaceListByUserId(loginUser.getId()); } setClusterName(k8sNamespaces); return k8sNamespaces; diff --git a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.java b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.java index ce0f2f87a4..6c773c3e1d 100644 --- a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.java +++ b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.java @@ -64,15 +64,7 @@ public interface K8sNamespaceMapper extends BaseMapper { * @param userId userId * @return namespace list */ - List queryAuthedNamespaceListByUserId(@Param("userId") int userId); - - /** - * query namespace can use - * - * @param userId userId - * @return namespace list - */ - List queryNamespaceAvailable(@Param("userId") Integer userId); + List queryAuthedNamespaceListByUserId(@Param("userId") Integer userId); /** * check the target namespace diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.xml index 4acea799df..acac0023b4 100644 --- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.xml +++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/K8sNamespaceMapper.xml @@ -70,16 +70,6 @@ where p.id = rel.namespace_id and rel.user_id= #{userId} -