From 94e453cbd50f1ea72d52040d6edf9c33ed13e74d Mon Sep 17 00:00:00 2001
From: qiaozhanwei <qiaozhanwei@analysys.com.cn>
Date: Tue, 18 Aug 2020 10:14:10 +0800
Subject: [PATCH] modify general user can't create token

---
 .../dolphinscheduler/api/service/AccessTokenService.java      | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
index 8b40a25743..8ccbff1e2f 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
@@ -120,9 +120,11 @@ public class AccessTokenService extends BaseService {
      */
     public Map<String, Object> generateToken(User loginUser, int userId, String expireTime) {
         Map<String, Object> result = new HashMap<>(5);
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
+        if (!hasPerm(loginUser,userId)){
+            putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
+
         String token = EncryptionUtils.getMd5(userId + expireTime + String.valueOf(System.currentTimeMillis()));
         result.put(Constants.DATA_LIST, token);
         putMsg(result, Status.SUCCESS);