From 3c8d1c6da91b23aa9106353829469f40899a7bed Mon Sep 17 00:00:00 2001 From: ouyangyewei Date: Mon, 6 Dec 2021 07:17:33 +0800 Subject: [PATCH] to feature #7191 (#7194) Co-authored-by: ouyangyewei --- .../api/controller/ProjectController.java | 22 ++++++++ .../dolphinscheduler/api/enums/Status.java | 1 + .../api/service/ProjectService.java | 9 ++++ .../api/service/impl/ProjectServiceImpl.java | 25 +++++++++ .../main/resources/i18n/messages.properties | 1 + .../resources/i18n/messages_en_US.properties | 1 + .../resources/i18n/messages_zh_CN.properties | 1 + .../api/controller/ProjectControllerTest.java | 10 ++++ .../api/service/ProjectServiceTest.java | 54 +++++++++++++++++++ .../dao/mapper/UserMapper.java | 7 +++ .../dao/mapper/UserMapper.xml | 8 +++ 11 files changed, 139 insertions(+) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java index 1dfb7e5df8..22e582204d 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ProjectController.java @@ -17,6 +17,7 @@ package org.apache.dolphinscheduler.api.controller; +import static org.apache.dolphinscheduler.api.enums.Status.QUERY_AUTHORIZED_USER; import static org.apache.dolphinscheduler.api.enums.Status.CREATE_PROJECT_ERROR; import static org.apache.dolphinscheduler.api.enums.Status.DELETE_PROJECT_ERROR; import static org.apache.dolphinscheduler.api.enums.Status.LOGIN_USER_QUERY_PROJECT_LIST_PAGING_ERROR; @@ -237,6 +238,27 @@ public class ProjectController extends BaseController { return returnDataList(result); } + /** + * query authorized user + * + * @param loginUser login user + * @param projectCode project code + * @return users who have permission for the specified project + */ + @ApiOperation(value = "queryAuthorizedUser", notes = "QUERY_AUTHORIZED_USER_NOTES") + @ApiImplicitParams({ + @ApiImplicitParam(name = "projectCode", value = "PROJECT_CODE", dataType = "Long", example = "100") + }) + @GetMapping(value = "/authed-user") + @ResponseStatus(HttpStatus.OK) + @ApiException(QUERY_AUTHORIZED_USER) + @AccessLogAnnotation(ignoreRequestArgs = "loginUser") + public Result queryAuthorizedUser(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, + @RequestParam("projectCode") Long projectCode) { + Map result = this.projectService.queryAuthorizedUser(loginUser, projectCode); + return this.returnDataList(result); + } + /** * query authorized and user created project * diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java index 7f72b163a7..7606d32042 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java @@ -213,6 +213,7 @@ public enum Status { QUERY_ALERT_GROUP_ERROR(10180, "query alert group error", "查询告警组错误"), CURRENT_LOGIN_USER_TENANT_NOT_EXIST(10181, "the tenant of the currently login user is not specified", "未指定当前登录用户的租户"), REVOKE_PROJECT_ERROR(10182, "revoke project error", "撤销项目授权错误"), + QUERY_AUTHORIZED_USER(10183, "query authorized user error", "查询拥有项目权限的用户错误"), UDF_FUNCTION_NOT_EXIST(20001, "UDF function not found", "UDF函数不存在"), UDF_FUNCTION_EXISTS(20002, "UDF function already exists", "UDF函数已存在"), diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java index df05dee106..38c0c53386 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ProjectService.java @@ -119,6 +119,15 @@ public interface ProjectService { */ Map queryAuthorizedProject(User loginUser, Integer userId); + /** + * query authorized user + * + * @param loginUser login user + * @param projectCode project code + * @return users who have permission for the specified project + */ + Map queryAuthorizedUser(User loginUser, Long projectCode); + /** * query authorized project * diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java index b5e0bb4938..3579cd8ade 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java @@ -404,6 +404,31 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic return result; } + /** + * query authorized user + * + * @param loginUser login user + * @param projectCode project code + * @return users who have permission for the specified project + */ + @Override + public Map queryAuthorizedUser(User loginUser, Long projectCode) { + Map result = new HashMap<>(); + + // 1. check read permission + Project project = this.projectMapper.queryByCode(projectCode); + boolean hasProjectAndPerm = this.hasProjectAndPerm(loginUser, project, result); + if (!hasProjectAndPerm) { + return result; + } + + // 2. query authorized user list + List users = this.userMapper.queryAuthedUserListByProjectId(project.getId()); + result.put(Constants.DATA_LIST, users); + this.putMsg(result, Status.SUCCESS); + return result; + } + /** * query authorized project * diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages.properties b/dolphinscheduler-api/src/main/resources/i18n/messages.properties index 7f43ce6910..971149a494 100644 --- a/dolphinscheduler-api/src/main/resources/i18n/messages.properties +++ b/dolphinscheduler-api/src/main/resources/i18n/messages.properties @@ -140,6 +140,7 @@ DELETE_PROJECT_BY_ID_NOTES=delete project by id QUERY_UNAUTHORIZED_PROJECT_NOTES=query unauthorized project QUERY_ALL_PROJECT_LIST_NOTES=query all project list QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project +QUERY_AUTHORIZED_USER_NOTES=query authorized user TASK_RECORD_TAG=task record related operation QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging CREATE_TOKEN_NOTES=create token ,note: please login first diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties index 8c03137fe5..9f1288eff0 100644 --- a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties +++ b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties @@ -156,6 +156,7 @@ QUERY_ALL_PROJECT_LIST_NOTES=query all project list DELETE_PROJECT_BY_ID_NOTES=delete project by id QUERY_UNAUTHORIZED_PROJECT_NOTES=query unauthorized project QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project +QUERY_AUTHORIZED_USER_NOTES=query authorized user TASK_RECORD_TAG=task record related operation QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging CREATE_TOKEN_NOTES=create token ,note: please login first diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties index fc83ae6635..b606702278 100644 --- a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties +++ b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties @@ -145,6 +145,7 @@ QUERY_ALL_PROJECT_LIST_NOTES=查询所有项目 DELETE_PROJECT_BY_ID_NOTES=通过ID删除项目 QUERY_UNAUTHORIZED_PROJECT_NOTES=查询未授权的项目 QUERY_AUTHORIZED_PROJECT_NOTES=查询授权项目 +QUERY_AUTHORIZED_USER_NOTES=查询拥有项目授权的用户 TASK_RECORD_TAG=任务记录相关操作 QUERY_TASK_RECORD_LIST_PAGING_NOTES=分页查询任务记录列表 CREATE_TOKEN_NOTES=创建token,注意需要先登录 diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java index 0bce72d9f9..118484c4c9 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ProjectControllerTest.java @@ -125,6 +125,16 @@ public class ProjectControllerTest { Assert.assertEquals(Status.SUCCESS.getCode(), response.getCode().intValue()); } + @Test + public void testQueryAuthorizedUser() { + Map result = new HashMap<>(); + this.putMsg(result, Status.SUCCESS); + + Mockito.when(this.projectService.queryAuthorizedUser(this.user, 3682329499136L)).thenReturn(result); + Result response = this.projectController.queryAuthorizedUser(this.user, 3682329499136L); + Assert.assertEquals(Status.SUCCESS.getCode(), response.getCode().intValue()); + } + @Test public void testQueryAllProjectList() { Map result = new HashMap<>(); diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java index 6f516b750f..de782df087 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java @@ -276,6 +276,38 @@ public class ProjectServiceTest { Assert.assertTrue(CollectionUtils.isNotEmpty(projects)); } + @Test + public void testQueryAuthorizedUser() { + final User loginUser = this.getLoginUser(); + + // Failure 1: PROJECT_NOT_FOUND + Map result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L); + logger.info("FAILURE 1: {}", result.toString()); + Assert.assertEquals(Status.PROJECT_NOT_FOUNT, result.get(Constants.STATUS)); + + // Failure 2: USER_NO_OPERATION_PROJECT_PERM + loginUser.setId(100); + Mockito.when(this.projectMapper.queryByCode(Mockito.anyLong())).thenReturn(this.getProject()); + result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L); + logger.info("FAILURE 2: {}", result.toString()); + Assert.assertEquals(Status.USER_NO_OPERATION_PROJECT_PERM, result.get(Constants.STATUS)); + + // SUCCESS + loginUser.setUserType(UserType.ADMIN_USER); + Mockito.when(this.userMapper.queryAuthedUserListByProjectId(1)).thenReturn(this.getUserList()); + result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L); + logger.info("SUCCESS 1: {}", result.toString()); + List users = (List) result.get(Constants.DATA_LIST); + Assert.assertTrue(CollectionUtils.isNotEmpty(users)); + + loginUser.setId(1); + loginUser.setUserType(UserType.GENERAL_USER); + result = this.projectService.queryAuthorizedUser(loginUser, 3682329499136L); + logger.info("SUCCESS 2: {}", result.toString()); + users = (List) result.get(Constants.DATA_LIST); + Assert.assertTrue(CollectionUtils.isNotEmpty(users)); + } + @Test public void testQueryCreatedProject() { @@ -365,6 +397,28 @@ public class ProjectServiceTest { return loginUser; } + /** + * Get general user + * @return + */ + private User getGeneralUser() { + User user = new User(); + user.setUserType(UserType.GENERAL_USER); + user.setUserName("userTest0001"); + user.setUserPassword("userTest0001"); + return user; + } + + /** + * Get user list + * @return + */ + private List getUserList() { + List userList = new ArrayList<>(); + userList.add(this.getGeneralUser()); + return userList; + } + /** * get project user */ diff --git a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java index 20fafdc1c6..1d5ad8f328 100644 --- a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java +++ b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UserMapper.java @@ -162,4 +162,11 @@ public interface UserMapper extends BaseMapper { * @return user list */ List selectByIds(@Param("ids") List ids); + + /** + * query authed user list by projectId + * @param projectId projectId + * @return user list + */ + List queryAuthedUserListByProjectId(@Param("projectId") int projectId); } diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml index dec6a51937..570e395ffb 100644 --- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml +++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml @@ -123,4 +123,12 @@ #{id} +