Browse Source

[Feature][Permission] Reconstruction of permissions of resource center and monitoring center. (#10307)

* Reconstruction of permissions of resource center and monitoring center.

* clear local logs.

* resource query fix
3.1.0-release
WangJPLeo 3 years ago committed by GitHub
parent
commit
a4948f58e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 1
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/ApiApplicationServer.java
  2. 42
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/constants/ApiFuncIdentificationConstant.java
  3. 29
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ResourcesController.java
  4. 5
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
  5. 4
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/python/PythonGateway.java
  6. 12
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java
  7. 11
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UdfFuncService.java
  8. 6
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/BaseServiceImpl.java
  9. 26
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/MonitorServiceImpl.java
  10. 11
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
  11. 205
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ResourcesServiceImpl.java
  12. 8
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupQueueServiceImpl.java
  13. 47
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java
  14. 106
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UdfFuncServiceImpl.java
  15. 50
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
  16. 10
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AbstractControllerTest.java
  17. 26
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ResourcesControllerTest.java
  18. 74
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/MonitorServiceTest.java
  19. 30
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
  20. 142
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ResourcesServiceTest.java
  21. 34
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TaskGroupServiceTest.java
  22. 86
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UdfFuncServiceTest.java
  23. 81
      dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
  24. 8
      dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/enums/AuthorizationType.java
  25. 2
      dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/entity/TaskGroup.java
  26. 2
      dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/AlertGroupMapper.java
  27. 2
      dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.java
  28. 11
      dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapper.java
  29. 2
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AccessTokenMapper.xml
  30. 2
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AlertGroupMapper.xml
  31. 8
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AlertPluginInstanceMapper.xml
  32. 1
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectUserMapper.xml
  33. 17
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.xml
  34. 42
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapper.xml
  35. 11
      dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml
  36. 6
      dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapperTest.java
  37. 6
      dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapperTest.java
  38. 9
      dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/permission/ResourcePermissionCheckService.java
  39. 160
      dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/permission/ResourcePermissionCheckServiceImpl.java

1
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/ApiApplicationServer.java

@ -18,6 +18,7 @@
package org.apache.dolphinscheduler.api; package org.apache.dolphinscheduler.api;
import org.apache.dolphinscheduler.service.task.TaskPluginManager; import org.apache.dolphinscheduler.service.task.TaskPluginManager;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;

42
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/constants/ApiFuncIdentificationConstant.java

@ -21,7 +21,6 @@ import org.apache.dolphinscheduler.api.enums.ExecuteType;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
public class ApiFuncIdentificationConstant { public class ApiFuncIdentificationConstant {
public static final String ACCESS_TOKEN_MANAGE = "security:token:view"; public static final String ACCESS_TOKEN_MANAGE = "security:token:view";
@ -84,8 +83,6 @@ public class ApiFuncIdentificationConstant {
public static final String VIEW_PERMISSION = "security:role:permission-view"; public static final String VIEW_PERMISSION = "security:role:permission-view";
public static final String ASSIGN_PERMISSION = "security:role:permission-assign"; public static final String ASSIGN_PERMISSION = "security:role:permission-assign";
public static final String PROJECT = "project:view"; public static final String PROJECT = "project:view";
public static final String PROJECT_CREATE = "project:create"; public static final String PROJECT_CREATE = "project:create";
public static final String PROJECT_UPDATE = "project:edit"; public static final String PROJECT_UPDATE = "project:edit";
@ -141,6 +138,45 @@ public class ApiFuncIdentificationConstant {
public static final String DATASOURCE_LIST = "datasource:list"; public static final String DATASOURCE_LIST = "datasource:list";
public static final String DATASOURCE_PARAM_VIEW = "datasource:param-view"; public static final String DATASOURCE_PARAM_VIEW = "datasource:param-view";
public static final String FILE_VIEW = "resources:file:view";
public static final String FOLDER_ONLINE_CREATE = "resources:folder:online-create";
public static final String FILE_ONLINE_CREATE = "resources:file:online-create";
public static final String FILE_UPLOAD = "resources:file:upload";
public static final String FILE_UPDATE = "resources:file:update-content";
public static final String FILE_RENAME = "resources:file:rename";
public static final String FILE_DOWNLOAD = "resources:file:download";
public static final String FILE_DELETE = "resources:file:delete";
public static final String UDF_FILE_VIEW = "resources:udf:view";
public static final String UDF_FOLDER_ONLINE_CREATE = "resources:udf-folder:online-create";
public static final String UDF_UPLOAD = "resources:udf:upload";
public static final String UDF_UPDATE = "resources:udf:edit";
public static final String UDF_DOWNLOAD = "resources:udf:download";
public static final String UDF_DELETE = "resources:udf:delete";
public static final String UDF_FUNCTION_VIEW = "resources:udf-func:view";
public static final String UDF_FUNCTION_CREATE = "resources:udf-func:create";
public static final String UDF_FUNCTION_UPDATE = "resources:udf-func:update";
public static final String UDF_FUNCTION_DELETE = "resources:udf-func:delete";
public static final String TASK_GROUP_VIEW = "resources:task-group:view";
public static final String TASK_GROUP_CREATE = "resources:task-group:create";
public static final String TASK_GROUP_CLOSE = "resources:task-group:close";
public static final String TASK_GROUP_EDIT = "resources:task-group:update";
public static final String TASK_GROUP_VIEW_QUEUE = "resources:task-group:queue-view";
public static final String TASK_GROUP_QUEUE = "resources:task-group-queue:view";
public static final String TASK_GROUP_QUEUE_PRIORITY = "resources:task-group-queue:priority";
public static final String TASK_GROUP_QUEUE_START = "resources:task-group-queue:start";
public static final String MONITOR_MASTER_VIEW = "monitor:masters:view";
public static final String MONITOR_WORKER_VIEW = "monitor:workers:view";
public static final String MONITOR_DATABASES_VIEW = "monitor:databases:view";
public static final String MONITOR_STATISTICS_VIEW = "monitor:statistics:view";
public static final String MONITOR_EVENT_LIST_VIEW = "monitor:event:view";
public static final String MONITOR_ALERT_LIST_VIEW = "monitor:alert:view";
public final static Map<ExecuteType,String> map = new HashMap<ExecuteType,String>(); public final static Map<ExecuteType,String> map = new HashMap<ExecuteType,String>();
static{ static{

29
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/ResourcesController.java

@ -316,8 +316,7 @@ public class ResourcesController extends BaseController {
@RequestParam(value = "type") ResourceType type, @RequestParam(value = "type") ResourceType type,
@RequestParam(value = "programType", required = false) ProgramType programType @RequestParam(value = "programType", required = false) ProgramType programType
) { ) {
Map<String, Object> result = resourceService.queryResourceByProgramType(loginUser, type, programType); return resourceService.queryResourceByProgramType(loginUser, type, programType);
return returnDataList(result);
} }
/** /**
@ -345,7 +344,7 @@ public class ResourcesController extends BaseController {
@RequestParam(value = "type") ResourceType type @RequestParam(value = "type") ResourceType type
) { ) {
return resourceService.queryResource(fullName, id, type); return resourceService.queryResource(loginUser, fullName, id, type);
} }
/** /**
@ -371,7 +370,7 @@ public class ResourcesController extends BaseController {
@RequestParam(value = "skipLineNum") int skipLineNum, @RequestParam(value = "skipLineNum") int skipLineNum,
@RequestParam(value = "limit") int limit @RequestParam(value = "limit") int limit
) { ) {
return resourceService.readResource(resourceId, skipLineNum, limit); return resourceService.readResource(loginUser, resourceId, skipLineNum, limit);
} }
/** /**
@ -432,7 +431,7 @@ public class ResourcesController extends BaseController {
logger.error("The resource file contents are not allowed to be empty"); logger.error("The resource file contents are not allowed to be empty");
return error(RESOURCE_FILE_IS_EMPTY.getCode(), RESOURCE_FILE_IS_EMPTY.getMsg()); return error(RESOURCE_FILE_IS_EMPTY.getCode(), RESOURCE_FILE_IS_EMPTY.getMsg());
} }
return resourceService.updateResourceContent(resourceId, content); return resourceService.updateResourceContent(loginUser, resourceId, content);
} }
/** /**
@ -452,7 +451,7 @@ public class ResourcesController extends BaseController {
@AccessLogAnnotation(ignoreRequestArgs = "loginUser") @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
public ResponseEntity downloadResource(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, public ResponseEntity downloadResource(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@PathVariable(value = "id") int resourceId) throws Exception { @PathVariable(value = "id") int resourceId) throws Exception {
Resource file = resourceService.downloadResource(resourceId); Resource file = resourceService.downloadResource(loginUser, resourceId);
if (file == null) { if (file == null) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(RESOURCE_NOT_EXIST.getMsg()); return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(RESOURCE_NOT_EXIST.getMsg());
} }
@ -521,8 +520,7 @@ public class ResourcesController extends BaseController {
@AccessLogAnnotation(ignoreRequestArgs = "loginUser") @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
public Result viewUIUdfFunction(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, public Result viewUIUdfFunction(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@PathVariable("id") int id) { @PathVariable("id") int id) {
Map<String, Object> map = udfFuncService.queryUdfFuncDetail(id); return udfFuncService.queryUdfFuncDetail(loginUser, id);
return returnDataList(map);
} }
/** /**
@ -563,8 +561,7 @@ public class ResourcesController extends BaseController {
@RequestParam(value = "database", required = false) String database, @RequestParam(value = "database", required = false) String database,
@RequestParam(value = "description", required = false) String description, @RequestParam(value = "description", required = false) String description,
@PathVariable(value = "resourceId") int resourceId) { @PathVariable(value = "resourceId") int resourceId) {
Map<String, Object> result = udfFuncService.updateUdfFunc(udfFuncId, funcName, className, argTypes, database, description, type, resourceId); return udfFuncService.updateUdfFunc(loginUser, udfFuncId, funcName, className, argTypes, database, description, type, resourceId);
return returnDataList(result);
} }
/** /**
@ -595,8 +592,7 @@ public class ResourcesController extends BaseController {
if (!result.checkResult()) { if (!result.checkResult()) {
return result; return result;
} }
result = udfFuncService.queryUdfFuncListPaging(loginUser, searchVal, pageNo, pageSize); return udfFuncService.queryUdfFuncListPaging(loginUser, searchVal, pageNo, pageSize);
return result;
} }
/** /**
@ -616,8 +612,7 @@ public class ResourcesController extends BaseController {
@AccessLogAnnotation(ignoreRequestArgs = "loginUser") @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
public Result<Object> queryUdfFuncList(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, public Result<Object> queryUdfFuncList(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@RequestParam("type") UdfType type) { @RequestParam("type") UdfType type) {
Map<String, Object> result = udfFuncService.queryUdfFuncList(loginUser, type.ordinal()); return udfFuncService.queryUdfFuncList(loginUser, type.ordinal());
return returnDataList(result);
} }
/** /**
@ -639,7 +634,7 @@ public class ResourcesController extends BaseController {
public Result verifyUdfFuncName(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, public Result verifyUdfFuncName(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@RequestParam(value = "name") String name @RequestParam(value = "name") String name
) { ) {
return udfFuncService.verifyUdfFuncByName(name); return udfFuncService.verifyUdfFuncByName(loginUser, name);
} }
/** /**
@ -660,7 +655,7 @@ public class ResourcesController extends BaseController {
public Result deleteUdfFunc(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser, public Result deleteUdfFunc(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@PathVariable(value = "id") int udfFuncId @PathVariable(value = "id") int udfFuncId
) { ) {
return udfFuncService.delete(udfFuncId); return udfFuncService.delete(loginUser, udfFuncId);
} }
/** /**
@ -770,6 +765,6 @@ public class ResourcesController extends BaseController {
@PathVariable(value = "id", required = true) Integer id @PathVariable(value = "id", required = true) Integer id
) { ) {
return resourceService.queryResourceById(id); return resourceService.queryResourceById(loginUser, id);
} }
} }

5
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java

@ -404,7 +404,10 @@ public enum Status {
QUERY_CAN_USE_K8S_CLUSTER_ERROR(1300014, "login user query can used k8s cluster list error", "查询可用k8s集群错误"), QUERY_CAN_USE_K8S_CLUSTER_ERROR(1300014, "login user query can used k8s cluster list error", "查询可用k8s集群错误"),
RESOURCE_FULL_NAME_TOO_LONG_ERROR(1300015, "resource's fullname is too long error", "资源文件名过长"), RESOURCE_FULL_NAME_TOO_LONG_ERROR(1300015, "resource's fullname is too long error", "资源文件名过长"),
TENANT_FULL_NAME_TOO_LONG_ERROR(1300016, "tenant's fullname is too long error", "租户名过长"), TENANT_FULL_NAME_TOO_LONG_ERROR(1300016, "tenant's fullname is too long error", "租户名过长"),
FUNCTION_DISABLED(1400002, "The current feature is disabled.", "当前功能已被禁用");
NO_CURRENT_OPERATING_PERMISSION(1400001, "The current user does not have this permission.", "当前用户无此权限"),
FUNCTION_DISABLED(1400002, "The current feature is disabled.", "当前功能已被禁用"),
;
private final int code; private final int code;
private final String enMsg; private final String enMsg;

4
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/python/PythonGateway.java

@ -536,8 +536,8 @@ public class PythonGateway {
public Map<String, Object> getResourcesFileInfo(String programType, String fullName) { public Map<String, Object> getResourcesFileInfo(String programType, String fullName) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
Map<String, Object> resources = resourceService.queryResourceByProgramType(dummyAdminUser, ResourceType.FILE, ProgramType.valueOf(programType)); Result<Object> resources = resourceService.queryResourceByProgramType(dummyAdminUser, ResourceType.FILE, ProgramType.valueOf(programType));
List<ResourceComponent> resourcesComponent = (List<ResourceComponent>) resources.get(Constants.DATA_LIST); List<ResourceComponent> resourcesComponent = (List<ResourceComponent>) resources.getData();
List<ResourceComponent> namedResources = resourcesComponent.stream().filter(s -> fullName.equals(s.getFullName())).collect(Collectors.toList()); List<ResourceComponent> namedResources = resourcesComponent.stream().filter(s -> fullName.equals(s.getFullName())).collect(Collectors.toList());
if (CollectionUtils.isEmpty(namedResources)) { if (CollectionUtils.isEmpty(namedResources)) {
String msg = String.format("Can not find valid resource by program type %s and name %s", programType, fullName); String msg = String.format("Can not find valid resource by program type %s and name %s", programType, fullName);

12
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java

@ -115,7 +115,7 @@ public interface ResourcesService {
* @param type resource type * @param type resource type
* @return resource list * @return resource list
*/ */
Map<String, Object> queryResourceByProgramType(User loginUser, ResourceType type, ProgramType programType); Result<Object> queryResourceByProgramType(User loginUser, ResourceType type, ProgramType programType);
/** /**
* delete resource * delete resource
@ -143,7 +143,7 @@ public interface ResourcesService {
* @param type resource type * @param type resource type
* @return true if the resource full name or pid not exists, otherwise return false * @return true if the resource full name or pid not exists, otherwise return false
*/ */
Result<Object> queryResource(String fullName,Integer id,ResourceType type); Result<Object> queryResource(User loginUser,String fullName,Integer id,ResourceType type);
/** /**
* view resource file online * view resource file online
@ -153,7 +153,7 @@ public interface ResourcesService {
* @param limit limit * @param limit limit
* @return resource content * @return resource content
*/ */
Result<Object> readResource(int resourceId, int skipLineNum, int limit); Result<Object> readResource(User loginUser,int resourceId, int skipLineNum, int limit);
/** /**
* create resource file online * create resource file online
@ -175,7 +175,7 @@ public interface ResourcesService {
* @param content content * @param content content
* @return update result cod * @return update result cod
*/ */
Result<Object> updateResourceContent(int resourceId, String content); Result<Object> updateResourceContent(User loginUser,int resourceId, String content);
/** /**
* download file * download file
@ -184,7 +184,7 @@ public interface ResourcesService {
* @return resource content * @return resource content
* @throws IOException exception * @throws IOException exception
*/ */
org.springframework.core.io.Resource downloadResource(int resourceId) throws IOException; org.springframework.core.io.Resource downloadResource(User loginUser, int resourceId) throws IOException;
/** /**
* list all file * list all file
@ -236,6 +236,6 @@ public interface ResourcesService {
* @param resourceId resource id * @param resourceId resource id
* @return resource * @return resource
*/ */
Result<Object> queryResourceById(Integer resourceId); Result<Object> queryResourceById(User loginUser, Integer resourceId);
} }

11
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UdfFuncService.java

@ -56,7 +56,7 @@ public interface UdfFuncService {
* @param id udf function id * @param id udf function id
* @return udf function detail * @return udf function detail
*/ */
Map<String, Object> queryUdfFuncDetail(int id); Result<Object> queryUdfFuncDetail(User loginUser,int id);
/** /**
* updateProcessInstance udf function * updateProcessInstance udf function
@ -71,7 +71,8 @@ public interface UdfFuncService {
* @param className class name * @param className class name
* @return update result code * @return update result code
*/ */
Map<String, Object> updateUdfFunc(int udfFuncId, Result<Object> updateUdfFunc(User loginUser,
int udfFuncId,
String funcName, String funcName,
String className, String className,
String argTypes, String argTypes,
@ -98,7 +99,7 @@ public interface UdfFuncService {
* @param type udf type * @param type udf type
* @return udf func list * @return udf func list
*/ */
Map<String, Object> queryUdfFuncList(User loginUser, Integer type); Result<Object> queryUdfFuncList(User loginUser, Integer type);
/** /**
* delete udf function * delete udf function
@ -106,7 +107,7 @@ public interface UdfFuncService {
* @param id udf function id * @param id udf function id
* @return delete result code * @return delete result code
*/ */
Result<Object> delete(int id); Result<Object> delete(User loginUser, int id);
/** /**
* verify udf function by name * verify udf function by name
@ -114,6 +115,6 @@ public interface UdfFuncService {
* @param name name * @param name name
* @return true if the name can user, otherwise return false * @return true if the name can user, otherwise return false
*/ */
Result<Object> verifyUdfFuncByName(String name); Result<Object> verifyUdfFuncByName(User loginUser, String name);
} }

6
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/BaseServiceImpl.java

@ -45,7 +45,7 @@ public class BaseServiceImpl implements BaseService {
private static final Logger logger = LoggerFactory.getLogger(BaseServiceImpl.class); private static final Logger logger = LoggerFactory.getLogger(BaseServiceImpl.class);
@Autowired @Autowired
private ResourcePermissionCheckService resourcePermissionCheckService; protected ResourcePermissionCheckService resourcePermissionCheckService;
/** /**
* check admin * check admin
@ -162,8 +162,8 @@ public class BaseServiceImpl implements BaseService {
* @return boolean * @return boolean
*/ */
@Override @Override
public boolean canOperatorPermissions(User user, Object[] ids,AuthorizationType type,String perm) { public boolean canOperatorPermissions(User user, Object[] ids,AuthorizationType type,String permissionKey) {
boolean operationPermissionCheck = resourcePermissionCheckService.operationPermissionCheck(type, user.getId(), perm, logger); boolean operationPermissionCheck = resourcePermissionCheckService.operationPermissionCheck(type, user.getId(), permissionKey, logger);
boolean resourcePermissionCheck = resourcePermissionCheckService.resourcePermissionCheck(type, ids, user.getUserType().equals(UserType.ADMIN_USER) ? 0 : user.getId(), logger); boolean resourcePermissionCheck = resourcePermissionCheckService.resourcePermissionCheck(type, ids, user.getUserType().equals(UserType.ADMIN_USER) ? 0 : user.getId(), logger);
return operationPermissionCheck && resourcePermissionCheck; return operationPermissionCheck && resourcePermissionCheck;
} }

26
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/MonitorServiceImpl.java

@ -17,9 +17,11 @@
package org.apache.dolphinscheduler.api.service.impl; package org.apache.dolphinscheduler.api.service.impl;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.MonitorService; import org.apache.dolphinscheduler.api.service.MonitorService;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.NodeType; import org.apache.dolphinscheduler.common.enums.NodeType;
import org.apache.dolphinscheduler.common.model.Server; import org.apache.dolphinscheduler.common.model.Server;
import org.apache.dolphinscheduler.common.model.WorkerServerModel; import org.apache.dolphinscheduler.common.model.WorkerServerModel;
@ -34,6 +36,8 @@ import java.util.Map;
import java.util.function.Function; import java.util.function.Function;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
@ -45,6 +49,8 @@ import com.google.common.collect.Sets;
@Service @Service
public class MonitorServiceImpl extends BaseServiceImpl implements MonitorService { public class MonitorServiceImpl extends BaseServiceImpl implements MonitorService {
public static final Logger logger = LoggerFactory.getLogger(MonitorServiceImpl.class);
@Autowired @Autowired
private MonitorDBDao monitorDBDao; private MonitorDBDao monitorDBDao;
@ -60,14 +66,14 @@ public class MonitorServiceImpl extends BaseServiceImpl implements MonitorServic
@Override @Override
public Map<String, Object> queryDatabaseState(User loginUser) { public Map<String, Object> queryDatabaseState(User loginUser) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!canOperatorPermissions(loginUser, null, AuthorizationType.MONITOR, ApiFuncIdentificationConstant.MONITOR_DATABASES_VIEW)) {
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
List<MonitorRecord> monitorRecordList = monitorDBDao.queryDatabaseState(); List<MonitorRecord> monitorRecordList = monitorDBDao.queryDatabaseState();
result.put(Constants.DATA_LIST, monitorRecordList); result.put(Constants.DATA_LIST, monitorRecordList);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
return result; return result;
} }
/** /**
@ -78,9 +84,11 @@ public class MonitorServiceImpl extends BaseServiceImpl implements MonitorServic
*/ */
@Override @Override
public Map<String, Object> queryMaster(User loginUser) { public Map<String, Object> queryMaster(User loginUser) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!canOperatorPermissions(loginUser, null, AuthorizationType.MONITOR, ApiFuncIdentificationConstant.MONITOR_MASTER_VIEW)) {
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
List<Server> masterServers = getServerListFromRegistry(true); List<Server> masterServers = getServerListFromRegistry(true);
result.put(Constants.DATA_LIST, masterServers); result.put(Constants.DATA_LIST, masterServers);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
@ -98,6 +106,12 @@ public class MonitorServiceImpl extends BaseServiceImpl implements MonitorServic
public Map<String, Object> queryWorker(User loginUser) { public Map<String, Object> queryWorker(User loginUser) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!canOperatorPermissions(loginUser, null, AuthorizationType.MONITOR, ApiFuncIdentificationConstant.MONITOR_WORKER_VIEW)) {
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
List<WorkerServerModel> workerServers = getServerListFromRegistry(false) List<WorkerServerModel> workerServers = getServerListFromRegistry(false)
.stream() .stream()
.map((Server server) -> { .map((Server server) -> {

11
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java

@ -87,17 +87,15 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
@Override @Override
public Map<String, Object> createProject(User loginUser, String name, String desc) { public Map<String, Object> createProject(User loginUser, String name, String desc) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = checkDesc(desc);
Map<String, Object> descCheck = checkDesc(desc); if (result.get(Constants.STATUS) != Status.SUCCESS) {
if (descCheck.get(Constants.STATUS) != Status.SUCCESS) { return result;
return descCheck;
} }
if (!canOperatorPermissions(loginUser, null,AuthorizationType.PROJECTS, PROJECT_CREATE)) { if (!canOperatorPermissions(loginUser, null,AuthorizationType.PROJECTS, PROJECT_CREATE)) {
putMsg(result, Status.USER_NO_OPERATION_PERM); putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
Project project = projectMapper.queryByName(name); Project project = projectMapper.queryByName(name);
if (project != null) { if (project != null) {
putMsg(result, Status.PROJECT_ALREADY_EXISTS, name); putMsg(result, Status.PROJECT_ALREADY_EXISTS, name);
@ -482,7 +480,6 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
} }
/** /**
<<<<<<< HEAD
* check whether have read permission new * check whether have read permission new
* @param user * @param user
* @param id * @param id
@ -495,8 +492,6 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
} }
/** /**
=======
>>>>>>> f3b76b72a ([Feature][API] Modify the permissions of project management, security center, data source center and data quality module.)
* query permission id * query permission id
* *
* @param user user * @param user user

205
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ResourcesServiceImpl.java

@ -25,6 +25,7 @@ import com.google.common.io.Files;
import org.apache.commons.beanutils.BeanMap; import org.apache.commons.beanutils.BeanMap;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.dto.resources.ResourceComponent; import org.apache.dolphinscheduler.api.dto.resources.ResourceComponent;
import org.apache.dolphinscheduler.api.dto.resources.filter.ResourceFilter; import org.apache.dolphinscheduler.api.dto.resources.filter.ResourceFilter;
import org.apache.dolphinscheduler.api.dto.resources.visitor.ResourceTreeVisitor; import org.apache.dolphinscheduler.api.dto.resources.visitor.ResourceTreeVisitor;
@ -36,6 +37,7 @@ import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.RegexUtils; import org.apache.dolphinscheduler.api.utils.RegexUtils;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.ProgramType; import org.apache.dolphinscheduler.common.enums.ProgramType;
import org.apache.dolphinscheduler.common.enums.ResUploadType; import org.apache.dolphinscheduler.common.enums.ResUploadType;
import org.apache.dolphinscheduler.common.storage.StorageOperate; import org.apache.dolphinscheduler.common.storage.StorageOperate;
@ -54,6 +56,7 @@ import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper; import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
import org.apache.dolphinscheduler.dao.mapper.UserMapper; import org.apache.dolphinscheduler.dao.mapper.UserMapper;
import org.apache.dolphinscheduler.dao.utils.ResourceProcessDefinitionUtils; import org.apache.dolphinscheduler.dao.utils.ResourceProcessDefinitionUtils;
import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
import org.apache.dolphinscheduler.spi.enums.ResourceType; import org.apache.dolphinscheduler.spi.enums.ResourceType;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -66,7 +69,17 @@ import org.springframework.web.multipart.MultipartFile;
import java.io.IOException; import java.io.IOException;
import java.rmi.ServerException; import java.rmi.ServerException;
import java.text.MessageFormat; import java.text.MessageFormat;
import java.util.*; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.UUID;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@ -105,6 +118,9 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Autowired(required = false) @Autowired(required = false)
private StorageOperate storageOperate; private StorageOperate storageOperate;
@Autowired
private ResourcePermissionCheckService resourcePermissionCheckService;
/** /**
* create directory * create directory
@ -125,7 +141,15 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
ResourceType type, ResourceType type,
int pid, int pid,
String currentDir) { String currentDir) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FOLDER_ONLINE_CREATE : ApiFuncIdentificationConstant.UDF_FOLDER_ONLINE_CREATE;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
@ -197,7 +221,14 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
MultipartFile file, MultipartFile file,
int pid, int pid,
String currentDir) { String currentDir) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_ONLINE_CREATE : ApiFuncIdentificationConstant.UDF_FOLDER_ONLINE_CREATE;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
@ -311,7 +342,14 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
String desc, String desc,
ResourceType type, ResourceType type,
MultipartFile file) { MultipartFile file) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_UPDATE : ApiFuncIdentificationConstant.UDF_UPDATE;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
@ -577,13 +615,20 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
*/ */
@Override @Override
public Result queryResourceListPaging(User loginUser, int directoryId, ResourceType type, String searchVal, Integer pageNo, Integer pageSize) { public Result queryResourceListPaging(User loginUser, int directoryId, ResourceType type, String searchVal, Integer pageNo, Integer pageSize) {
Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
Result result = new Result();
Page<Resource> page = new Page<>(pageNo, pageSize); Page<Resource> page = new Page<>(pageNo, pageSize);
int userId = loginUser.getId(); int userId = loginUser.getId();
if (isAdmin(loginUser)) { if (isAdmin(loginUser)) {
userId = 0; userId = 0;
} }
if (directoryId != -1) { if (directoryId != -1) {
Resource directory = resourcesMapper.selectById(directoryId); Resource directory = resourcesMapper.selectById(directoryId);
if (directory == null) { if (directory == null) {
@ -592,9 +637,8 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
} }
} }
List<Integer> resourcesIds = resourceUserMapper.queryResourcesIdListByUserIdAndPerm(userId, 0); Set<Integer> resourcesIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, loginUser.getId(), logger);
IPage<Resource> resourceIPage = resourcesMapper.queryResourcePaging(page, directoryId, type.ordinal(), loginUser.getId(), searchVal, new ArrayList<>(resourcesIds));
IPage<Resource> resourceIPage = resourcesMapper.queryResourcePaging(page, userId, directoryId, type.ordinal(), searchVal, resourcesIds);
PageInfo<Resource> pageInfo = new PageInfo<>(pageNo, pageSize); PageInfo<Resource> pageInfo = new PageInfo<>(pageNo, pageSize);
pageInfo.setTotal((int) resourceIPage.getTotal()); pageInfo.setTotal((int) resourceIPage.getTotal());
@ -683,6 +727,14 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Map<String, Object> queryResourceList(User loginUser, ResourceType type) { public Map<String, Object> queryResourceList(User loginUser, ResourceType type) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
List<Resource> allResourceList = queryAuthoredResourceList(loginUser, type); List<Resource> allResourceList = queryAuthoredResourceList(loginUser, type);
Visitor resourceTreeVisitor = new ResourceTreeVisitor(allResourceList); Visitor resourceTreeVisitor = new ResourceTreeVisitor(allResourceList);
result.put(Constants.DATA_LIST, resourceTreeVisitor.visit().getChildren()); result.put(Constants.DATA_LIST, resourceTreeVisitor.visit().getChildren());
@ -699,10 +751,22 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @return resource list * @return resource list
*/ */
@Override @Override
public Map<String, Object> queryResourceByProgramType(User loginUser, ResourceType type, ProgramType programType) { public Result<Object> queryResourceByProgramType(User loginUser, ResourceType type, ProgramType programType) {
Map<String, Object> result = new HashMap<>(); Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
List<Resource> allResourceList = queryAuthoredResourceList(loginUser, type); Set<Integer> resourceIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, loginUser.getId(), logger);
if (resourceIds.isEmpty()){
result.setData(Collections.emptyList());
putMsg(result, Status.SUCCESS);
return result;
}
List<Resource> allResourceList = resourcesMapper.selectBatchIds(resourceIds);
String suffix = ".jar"; String suffix = ".jar";
if (programType != null) { if (programType != null) {
@ -718,9 +782,8 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
} }
List<Resource> resources = new ResourceFilter(suffix, new ArrayList<>(allResourceList)).filter(); List<Resource> resources = new ResourceFilter(suffix, new ArrayList<>(allResourceList)).filter();
Visitor resourceTreeVisitor = new ResourceTreeVisitor(resources); Visitor resourceTreeVisitor = new ResourceTreeVisitor(resources);
result.put(Constants.DATA_LIST, resourceTreeVisitor.visit().getChildren()); result.setData(resourceTreeVisitor.visit().getChildren());
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
return result; return result;
} }
@ -735,15 +798,22 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
public Result<Object> delete(User loginUser, int resourceId) throws IOException { public Result<Object> delete(User loginUser, int resourceId) throws IOException {
Result<Object> result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result;
}
// get resource by id // get resource by id
Result<Object> resultCheck = new Result<>();
Resource resource = resourcesMapper.selectById(resourceId); Resource resource = resourcesMapper.selectById(resourceId);
if (resource == null) { if (resource == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(resultCheck, Status.RESOURCE_NOT_EXIST);
return resultCheck;
}
String funcPermissionKey = resource.getType().equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_DELETE : ApiFuncIdentificationConstant.UDF_DELETE;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(resultCheck, Status.NO_CURRENT_OPERATING_PERMISSION);
return resultCheck;
}
Result<Object> result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
if (!canOperator(loginUser, resource.getUserId())) { if (!canOperator(loginUser, resource.getUserId())) {
@ -818,6 +888,12 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Result<Object> verifyResourceName(String fullName, ResourceType type, User loginUser) { public Result<Object> verifyResourceName(String fullName, ResourceType type, User loginUser) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_RENAME : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
if (checkResourceExists(fullName, type.ordinal())) { if (checkResourceExists(fullName, type.ordinal())) {
logger.error("resource type:{} name:{} has exist, can't create again.", type, RegexUtils.escapeNRT(fullName)); logger.error("resource type:{} name:{} has exist, can't create again.", type, RegexUtils.escapeNRT(fullName));
@ -854,34 +930,40 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @return true if the resource full name or pid not exists, otherwise return false * @return true if the resource full name or pid not exists, otherwise return false
*/ */
@Override @Override
public Result<Object> queryResource(String fullName, Integer id, ResourceType type) { public Result<Object> queryResource(User loginUser, String fullName, Integer id, ResourceType type) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
if (StringUtils.isBlank(fullName) && id == null) { if (StringUtils.isBlank(fullName) && id == null) {
putMsg(result, Status.REQUEST_PARAMS_NOT_VALID_ERROR); putMsg(result, Status.REQUEST_PARAMS_NOT_VALID_ERROR);
return result; return result;
} }
Resource resource;
if (StringUtils.isNotBlank(fullName)) { if (StringUtils.isNotBlank(fullName)) {
List<Resource> resourceList = resourcesMapper.queryResource(fullName, type.ordinal()); List<Resource> resourceList = resourcesMapper.queryResource(fullName, type.ordinal());
if (CollectionUtils.isEmpty(resourceList)) { if (CollectionUtils.isEmpty(resourceList)) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
putMsg(result, Status.SUCCESS); resource = resourceList.get(0);
result.setData(resourceList.get(0));
} else { } else {
Resource resource = resourcesMapper.selectById(id); resource = resourcesMapper.selectById(id);
if (resource == null) { if (resource == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
Resource parentResource = resourcesMapper.selectById(resource.getPid()); resource = resourcesMapper.selectById(resource.getPid());
if (parentResource == null) { if (resource == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
putMsg(result, Status.SUCCESS);
result.setData(parentResource);
} }
String funcPermissionKey = type.equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resource.getId()}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
putMsg(result, Status.SUCCESS);
result.setData(resource);
return result; return result;
} }
@ -891,13 +973,19 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @return resource * @return resource
*/ */
@Override @Override
public Result<Object> queryResourceById(Integer id) { public Result<Object> queryResourceById(User loginUser, Integer id) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
Resource resource = resourcesMapper.selectById(id); Resource resource = resourcesMapper.selectById(id);
if (resource == null) { if (resource == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
String funcPermissionKey = resource.getType().equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{id}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
result.setData(resource); result.setData(resource);
return result; return result;
@ -912,18 +1000,23 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @return resource content * @return resource content
*/ */
@Override @Override
public Result<Object> readResource(int resourceId, int skipLineNum, int limit) { public Result<Object> readResource(User loginUser, int resourceId, int skipLineNum, int limit) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
// get resource by id // get resource by id
Resource resource = resourcesMapper.selectById(resourceId); Resource resource = resourcesMapper.selectById(resourceId);
if (resource == null) { if (resource == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
String funcPermissionKey = resource.getType().equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_VIEW : ApiFuncIdentificationConstant.UDF_FILE_VIEW;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
//check preview or not by file suffix //check preview or not by file suffix
String nameSuffix = Files.getFileExtension(resource.getAlias()); String nameSuffix = Files.getFileExtension(resource.getAlias());
String resourceViewSuffixes = FileUtils.getResourceViewSuffixes(); String resourceViewSuffixes = FileUtils.getResourceViewSuffixes();
@ -982,7 +1075,14 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
public Result<Object> onlineCreateResource(User loginUser, ResourceType type, String fileName, String fileSuffix, String desc, String content, int pid, String currentDir) { public Result<Object> onlineCreateResource(User loginUser, ResourceType type, String fileName, String fileSuffix, String desc, String content, int pid, String currentDir) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.RESOURCE_FILE_ID, ApiFuncIdentificationConstant.FILE_ONLINE_CREATE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
} }
@ -1028,7 +1128,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
String tenantCode = tenantMapper.queryById(loginUser.getTenantId()).getTenantCode(); String tenantCode = tenantMapper.queryById(loginUser.getTenantId()).getTenantCode();
result = uploadContentToStorage(fullName, tenantCode, content); result = uploadContentToStorage(loginUser, fullName, tenantCode, content);
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
throw new ServiceException(result.getMsg()); throw new ServiceException(result.getMsg());
} }
@ -1081,7 +1181,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
*/ */
@Override @Override
@Transactional(rollbackFor = Exception.class) @Transactional(rollbackFor = Exception.class)
public Result<Object> updateResourceContent(int resourceId, String content) { public Result<Object> updateResourceContent(User loginUser, int resourceId, String content) {
Result<Object> result = checkResourceUploadStartupState(); Result<Object> result = checkResourceUploadStartupState();
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
return result; return result;
@ -1093,6 +1193,12 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
String funcPermissionKey = resource.getType().equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_UPDATE : ApiFuncIdentificationConstant.UDF_UPDATE;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
//check can edit by file suffix //check can edit by file suffix
String nameSuffix = Files.getFileExtension(resource.getAlias()); String nameSuffix = Files.getFileExtension(resource.getAlias());
String resourceViewSuffixes = FileUtils.getResourceViewSuffixes(); String resourceViewSuffixes = FileUtils.getResourceViewSuffixes();
@ -1114,7 +1220,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
resource.setUpdateTime(new Date()); resource.setUpdateTime(new Date());
resourcesMapper.updateById(resource); resourcesMapper.updateById(resource);
result = uploadContentToStorage(resource.getFullName(), tenantCode, content); result = uploadContentToStorage(loginUser, resource.getFullName(), tenantCode, content);
updateParentResourceSize(resource, resource.getSize() - originFileSize); updateParentResourceSize(resource, resource.getSize() - originFileSize);
if (!result.getCode().equals(Status.SUCCESS.getCode())) { if (!result.getCode().equals(Status.SUCCESS.getCode())) {
@ -1129,7 +1235,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @param content content * @param content content
* @return result * @return result
*/ */
private Result<Object> uploadContentToStorage(String resourceName, String tenantCode, String content) { private Result<Object> uploadContentToStorage(User loginUser,String resourceName, String tenantCode, String content) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
String localFilename = ""; String localFilename = "";
String storageFileName = ""; String storageFileName = "";
@ -1176,7 +1282,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
* @throws IOException exception * @throws IOException exception
*/ */
@Override @Override
public org.springframework.core.io.Resource downloadResource(int resourceId) throws IOException { public org.springframework.core.io.Resource downloadResource(User loginUser, int resourceId) throws IOException {
// if resource upload startup // if resource upload startup
if (!PropertyUtils.getResUploadStartupState()) { if (!PropertyUtils.getResUploadStartupState()) {
logger.error("resource upload startup state: {}", PropertyUtils.getResUploadStartupState()); logger.error("resource upload startup state: {}", PropertyUtils.getResUploadStartupState());
@ -1188,6 +1294,13 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
logger.error("download file not exist, resource id {}", resourceId); logger.error("download file not exist, resource id {}", resourceId);
return null; return null;
} }
String funcPermissionKey = resource.getType().equals(ResourceType.FILE) ? ApiFuncIdentificationConstant.FILE_DOWNLOAD : ApiFuncIdentificationConstant.UDF_DOWNLOAD;
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.RESOURCE_FILE_ID, funcPermissionKey);
if (!canOperatorPermissions){
logger.error("{}: {}", Status.NO_CURRENT_OPERATING_PERMISSION.getMsg(), PropertyUtils.getResUploadStartupState());
throw new ServiceException(Status.NO_CURRENT_OPERATING_PERMISSION.getMsg());
}
if (resource.isDirectory()) { if (resource.isDirectory()) {
logger.error("resource id {} is directory,can't download it", resourceId); logger.error("resource id {} is directory,can't download it", resourceId);
throw new ServiceException("can't download directory"); throw new ServiceException("can't download directory");
@ -1234,6 +1347,10 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Map<String, Object> authorizeResourceTree(User loginUser, Integer userId) { public Map<String, Object> authorizeResourceTree(User loginUser, Integer userId) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED);
return result;
}
List<Resource> resourceList; List<Resource> resourceList;
if (isAdmin(loginUser)) { if (isAdmin(loginUser)) {
@ -1300,7 +1417,11 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Map<String, Object> unauthorizedUDFFunction(User loginUser, Integer userId) { public Map<String, Object> unauthorizedUDFFunction(User loginUser, Integer userId) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED);
return result;
}
List<UdfFunc> udfFuncList; List<UdfFunc> udfFuncList;
if (isAdmin(loginUser)) { if (isAdmin(loginUser)) {
// admin gets all udfs except userId // admin gets all udfs except userId
@ -1334,7 +1455,10 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Map<String, Object> authorizedUDFFunction(User loginUser, Integer userId) { public Map<String, Object> authorizedUDFFunction(User loginUser, Integer userId) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED);
return result;
}
List<UdfFunc> udfFuncs = udfFunctionMapper.queryAuthedUdfFunc(userId); List<UdfFunc> udfFuncs = udfFunctionMapper.queryAuthedUdfFunc(userId);
result.put(Constants.DATA_LIST, udfFuncs); result.put(Constants.DATA_LIST, udfFuncs);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
@ -1351,6 +1475,10 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
@Override @Override
public Map<String, Object> authorizedFile(User loginUser, Integer userId) { public Map<String, Object> authorizedFile(User loginUser, Integer userId) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if (!resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED);
return result;
}
List<Resource> authedResources = queryResourceList(userId, Constants.AUTHORIZE_WRITABLE_PERM); List<Resource> authedResources = queryResourceList(userId, Constants.AUTHORIZE_WRITABLE_PERM);
Visitor visitor = new ResourceTreeVisitor(authedResources); Visitor visitor = new ResourceTreeVisitor(authedResources);
@ -1472,5 +1600,4 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
List<Integer> resIds = resourceUserMapper.queryResourcesIdListByUserIdAndPerm(userId, perm); List<Integer> resIds = resourceUserMapper.queryResourcesIdListByUserIdAndPerm(userId, perm);
return CollectionUtils.isEmpty(resIds) ? new ArrayList<>() : resourcesMapper.queryResourceListById(resIds); return CollectionUtils.isEmpty(resIds) ? new ArrayList<>() : resourcesMapper.queryResourceListById(resIds);
} }
} }

8
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupQueueServiceImpl.java

@ -17,11 +17,13 @@
package org.apache.dolphinscheduler.api.service.impl; package org.apache.dolphinscheduler.api.service.impl;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.ProjectService; import org.apache.dolphinscheduler.api.service.ProjectService;
import org.apache.dolphinscheduler.api.service.TaskGroupQueueService; import org.apache.dolphinscheduler.api.service.TaskGroupQueueService;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.dao.entity.Project; import org.apache.dolphinscheduler.dao.entity.Project;
import org.apache.dolphinscheduler.dao.entity.TaskGroupQueue; import org.apache.dolphinscheduler.dao.entity.TaskGroupQueue;
import org.apache.dolphinscheduler.dao.entity.User; import org.apache.dolphinscheduler.dao.entity.User;
@ -31,6 +33,7 @@ import org.apache.dolphinscheduler.dao.mapper.TaskInstanceMapper;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -70,6 +73,11 @@ public class TaskGroupQueueServiceImpl extends BaseServiceImpl implements TaskGr
public Map<String, Object> queryTasksByGroupId(User loginUser, String taskName public Map<String, Object> queryTasksByGroupId(User loginUser, String taskName
, String processName, Integer status, int groupId, int pageNo, int pageSize) { , String processName, Integer status, int groupId, int pageNo, int pageSize) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_QUEUE);
if (!canOperatorPermissions){
result.put(Constants.STATUS, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
Page<TaskGroupQueue> page = new Page<>(pageNo, pageSize); Page<TaskGroupQueue> page = new Page<>(pageNo, pageSize);
Map<String, Object> objectMap = this.projectService.queryAuthorizedProject(loginUser, loginUser.getId()); Map<String, Object> objectMap = this.projectService.queryAuthorizedProject(loginUser, loginUser.getId());
List<Project> projects = (List<Project>)objectMap.get(Constants.DATA_LIST); List<Project> projects = (List<Project>)objectMap.get(Constants.DATA_LIST);

47
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java

@ -17,12 +17,14 @@
package org.apache.dolphinscheduler.api.service.impl; package org.apache.dolphinscheduler.api.service.impl;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.ExecutorService; import org.apache.dolphinscheduler.api.service.ExecutorService;
import org.apache.dolphinscheduler.api.service.TaskGroupQueueService; import org.apache.dolphinscheduler.api.service.TaskGroupQueueService;
import org.apache.dolphinscheduler.api.service.TaskGroupService; import org.apache.dolphinscheduler.api.service.TaskGroupService;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.Flag; import org.apache.dolphinscheduler.common.enums.Flag;
import org.apache.dolphinscheduler.dao.entity.TaskGroup; import org.apache.dolphinscheduler.dao.entity.TaskGroup;
import org.apache.dolphinscheduler.dao.entity.User; import org.apache.dolphinscheduler.dao.entity.User;
@ -77,6 +79,12 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
@Override @Override
public Map<String, Object> createTaskGroup(User loginUser, Long projectCode, String name, String description, int groupSize) { public Map<String, Object> createTaskGroup(User loginUser, Long projectCode, String name, String description, int groupSize) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_CREATE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
if (name == null) { if (name == null) {
putMsg(result, Status.NAME_NULL); putMsg(result, Status.NAME_NULL);
return result; return result;
@ -117,6 +125,11 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
@Override @Override
public Map<String, Object> updateTaskGroup(User loginUser, int id, String name, String description, int groupSize) { public Map<String, Object> updateTaskGroup(User loginUser, int id, String name, String description, int groupSize) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_EDIT);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
if (name == null) { if (name == null) {
putMsg(result, Status.NAME_NULL); putMsg(result, Status.NAME_NULL);
return result; return result;
@ -202,6 +215,12 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
public Map<String, Object> queryTaskGroupByProjectCode(User loginUser, int pageNo, int pageSize, Long projectCode) { public Map<String, Object> queryTaskGroupByProjectCode(User loginUser, int pageNo, int pageSize, Long projectCode) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
Page<TaskGroup> page = new Page<>(pageNo, pageSize); Page<TaskGroup> page = new Page<>(pageNo, pageSize);
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_VIEW);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
IPage<TaskGroup> taskGroupPaging = taskGroupMapper.queryTaskGroupPagingByProjectCode(page, projectCode); IPage<TaskGroup> taskGroupPaging = taskGroupMapper.queryTaskGroupPagingByProjectCode(page, projectCode);
return getStringObjectMap(pageNo, pageSize, result, taskGroupPaging); return getStringObjectMap(pageNo, pageSize, result, taskGroupPaging);
@ -249,6 +268,12 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
public Map<String, Object> doQuery(User loginUser, int pageNo, int pageSize, int userId, String name, Integer status) { public Map<String, Object> doQuery(User loginUser, int pageNo, int pageSize, int userId, String name, Integer status) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
Page<TaskGroup> page = new Page<>(pageNo, pageSize); Page<TaskGroup> page = new Page<>(pageNo, pageSize);
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_VIEW);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
IPage<TaskGroup> taskGroupPaging = taskGroupMapper.queryTaskGroupPaging(page, userId, name, status); IPage<TaskGroup> taskGroupPaging = taskGroupMapper.queryTaskGroupPaging(page, userId, name, status);
return getStringObjectMap(pageNo, pageSize, result, taskGroupPaging); return getStringObjectMap(pageNo, pageSize, result, taskGroupPaging);
@ -264,6 +289,12 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
@Override @Override
public Map<String, Object> closeTaskGroup(User loginUser, int id) { public Map<String, Object> closeTaskGroup(User loginUser, int id) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_CLOSE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
TaskGroup taskGroup = taskGroupMapper.selectById(id); TaskGroup taskGroup = taskGroupMapper.selectById(id);
if (taskGroup.getStatus() == Flag.NO.getCode()) { if (taskGroup.getStatus() == Flag.NO.getCode()) {
putMsg(result, Status.TASK_GROUP_STATUS_CLOSED); putMsg(result, Status.TASK_GROUP_STATUS_CLOSED);
@ -286,6 +317,11 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
public Map<String, Object> startTaskGroup(User loginUser, int id) { public Map<String, Object> startTaskGroup(User loginUser, int id) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_CLOSE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
TaskGroup taskGroup = taskGroupMapper.selectById(id); TaskGroup taskGroup = taskGroupMapper.selectById(id);
if (taskGroup.getStatus() == Flag.YES.getCode()) { if (taskGroup.getStatus() == Flag.YES.getCode()) {
putMsg(result, Status.TASK_GROUP_STATUS_OPENED); putMsg(result, Status.TASK_GROUP_STATUS_OPENED);
@ -307,6 +343,12 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
*/ */
@Override @Override
public Map<String, Object> forceStartTask(User loginUser, int queueId) { public Map<String, Object> forceStartTask(User loginUser, int queueId) {
Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_QUEUE_START);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
return executorService.forceStartTaskInstance(loginUser, queueId); return executorService.forceStartTaskInstance(loginUser, queueId);
} }
@ -314,6 +356,11 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
public Map<String, Object> modifyPriority(User loginUser, Integer queueId, Integer priority) { public Map<String, Object> modifyPriority(User loginUser, Integer queueId, Integer priority) {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.TASK_GROUP, ApiFuncIdentificationConstant.TASK_GROUP_QUEUE_PRIORITY);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
taskGroupQueueService.modifyPriority(queueId, priority); taskGroupQueueService.modifyPriority(queueId, priority);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
return result; return result;

106
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UdfFuncServiceImpl.java

@ -17,11 +17,12 @@
package org.apache.dolphinscheduler.api.service.impl; package org.apache.dolphinscheduler.api.service.impl;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.UdfFuncService; import org.apache.dolphinscheduler.api.service.UdfFuncService;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UdfType; import org.apache.dolphinscheduler.common.enums.UdfType;
import org.apache.dolphinscheduler.common.utils.PropertyUtils; import org.apache.dolphinscheduler.common.utils.PropertyUtils;
import org.apache.dolphinscheduler.dao.entity.Resource; import org.apache.dolphinscheduler.dao.entity.Resource;
@ -33,10 +34,11 @@ import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date; import java.util.Date;
import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Set;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -88,6 +90,11 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
int resourceId) { int resourceId) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_CREATE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
// if resource upload startup // if resource upload startup
if (!PropertyUtils.getResUploadStartupState()) { if (!PropertyUtils.getResUploadStartupState()) {
logger.error("resource upload startup state: {}", PropertyUtils.getResUploadStartupState()); logger.error("resource upload startup state: {}", PropertyUtils.getResUploadStartupState());
@ -150,14 +157,19 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return udf function detail * @return udf function detail
*/ */
@Override @Override
public Map<String, Object> queryUdfFuncDetail(int id) { public Result<Object> queryUdfFuncDetail(User loginUser, int id) {
Map<String, Object> result = new HashMap<>(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{id}, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
UdfFunc udfFunc = udfFuncMapper.selectById(id); UdfFunc udfFunc = udfFuncMapper.selectById(id);
if (udfFunc == null) { if (udfFunc == null) {
putMsg(result, Status.RESOURCE_NOT_EXIST); putMsg(result, Status.RESOURCE_NOT_EXIST);
return result; return result;
} }
result.put(Constants.DATA_LIST, udfFunc); result.setData(udfFunc);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
return result; return result;
} }
@ -176,7 +188,8 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return update result code * @return update result code
*/ */
@Override @Override
public Map<String, Object> updateUdfFunc(int udfFuncId, public Result<Object> updateUdfFunc(User loginUser,
int udfFuncId,
String funcName, String funcName,
String className, String className,
String argTypes, String argTypes,
@ -184,13 +197,20 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
String desc, String desc,
UdfType type, UdfType type,
int resourceId) { int resourceId) {
Map<String, Object> result = new HashMap<>(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_UPDATE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
// verify udfFunc is exist // verify udfFunc is exist
UdfFunc udf = udfFuncMapper.selectUdfById(udfFuncId); UdfFunc udf = udfFuncMapper.selectUdfById(udfFuncId);
if (udf == null) { if (udf == null) {
result.put(Constants.STATUS, Status.UDF_FUNCTION_NOT_EXIST); result.setCode(Status.UDF_FUNCTION_NOT_EXIST.getCode());
result.put(Constants.MSG, Status.UDF_FUNCTION_NOT_EXIST.getMsg()); result.setMsg(Status.UDF_FUNCTION_NOT_EXIST.getMsg());
return result; return result;
} }
@ -205,8 +225,8 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
if (!funcName.equals(udf.getFuncName())) { if (!funcName.equals(udf.getFuncName())) {
if (checkUdfFuncNameExists(funcName)) { if (checkUdfFuncNameExists(funcName)) {
logger.error("UdfFuncRequest {} has exist, can't create again.", funcName); logger.error("UdfFuncRequest {} has exist, can't create again.", funcName);
result.put(Constants.STATUS, Status.UDF_FUNCTION_EXISTS); result.setCode(Status.UDF_FUNCTION_EXISTS.getCode());
result.put(Constants.MSG, Status.UDF_FUNCTION_EXISTS.getMsg()); result.setMsg(Status.UDF_FUNCTION_EXISTS.getMsg());
return result; return result;
} }
} }
@ -214,8 +234,8 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
Resource resource = resourceMapper.selectById(resourceId); Resource resource = resourceMapper.selectById(resourceId);
if (resource == null) { if (resource == null) {
logger.error("resourceId {} is not exist", resourceId); logger.error("resourceId {} is not exist", resourceId);
result.put(Constants.STATUS, Status.RESOURCE_NOT_EXIST); result.setCode(Status.RESOURCE_NOT_EXIST.getCode());
result.put(Constants.MSG, Status.RESOURCE_NOT_EXIST.getMsg()); result.setMsg(Status.RESOURCE_NOT_EXIST.getMsg());
return result; return result;
} }
Date now = new Date(); Date now = new Date();
@ -247,8 +267,13 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return udf function list page * @return udf function list page
*/ */
@Override @Override
public Result queryUdfFuncListPaging(User loginUser, String searchVal, Integer pageNo, Integer pageSize) { public Result<Object> queryUdfFuncListPaging(User loginUser, String searchVal, Integer pageNo, Integer pageSize) {
Result result = new Result(); Result<Object> result = new Result();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
PageInfo<UdfFunc> pageInfo = new PageInfo<>(pageNo, pageSize); PageInfo<UdfFunc> pageInfo = new PageInfo<>(pageNo, pageSize);
IPage<UdfFunc> udfFuncList = getUdfFuncsPage(loginUser, searchVal, pageSize, pageNo); IPage<UdfFunc> udfFuncList = getUdfFuncsPage(loginUser, searchVal, pageSize, pageNo);
pageInfo.setTotal((int)udfFuncList.getTotal()); pageInfo.setTotal((int)udfFuncList.getTotal());
@ -268,12 +293,12 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return udf function list page * @return udf function list page
*/ */
private IPage<UdfFunc> getUdfFuncsPage(User loginUser, String searchVal, Integer pageSize, int pageNo) { private IPage<UdfFunc> getUdfFuncsPage(User loginUser, String searchVal, Integer pageSize, int pageNo) {
int userId = loginUser.getId(); Set<Integer> udfFuncIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.UDF, loginUser.getId(), logger);
if (isAdmin(loginUser)) {
userId = 0;
}
Page<UdfFunc> page = new Page<>(pageNo, pageSize); Page<UdfFunc> page = new Page<>(pageNo, pageSize);
return udfFuncMapper.queryUdfFuncPaging(page, userId, searchVal); if (udfFuncIds.isEmpty()) {
return page;
}
return udfFuncMapper.queryUdfFuncPaging(page, new ArrayList<>(udfFuncIds), searchVal);
} }
/** /**
@ -284,15 +309,23 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return udf func list * @return udf func list
*/ */
@Override @Override
public Map<String, Object> queryUdfFuncList(User loginUser, Integer type) { public Result<Object> queryUdfFuncList(User loginUser, Integer type) {
Map<String, Object> result = new HashMap<>(); Result<Object> result = new Result<>();
int userId = loginUser.getId();
if (isAdmin(loginUser)) { boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW);
userId = 0; if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
} }
List<UdfFunc> udfFuncList = udfFuncMapper.getUdfFuncByType(userId, type); Set<Integer> udfFuncIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.UDF, loginUser.getId(), logger);
if (udfFuncIds.isEmpty()){
result.setData(Collections.emptyList());
putMsg(result, Status.SUCCESS);
return result;
}
List<UdfFunc> udfFuncList = udfFuncMapper.getUdfFuncByType(new ArrayList<>(udfFuncIds), type);
result.put(Constants.DATA_LIST, udfFuncList); result.setData(udfFuncList);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
return result; return result;
} }
@ -305,8 +338,14 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
*/ */
@Override @Override
@Transactional(rollbackFor = RuntimeException.class) @Transactional(rollbackFor = RuntimeException.class)
public Result<Object> delete(int id) { public Result<Object> delete(User loginUser, int id) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{id}, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_DELETE);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
udfFuncMapper.deleteById(id); udfFuncMapper.deleteById(id);
udfUserMapper.deleteByUdfFuncId(id); udfUserMapper.deleteByUdfFuncId(id);
putMsg(result, Status.SUCCESS); putMsg(result, Status.SUCCESS);
@ -320,8 +359,14 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
* @return true if the name can user, otherwise return false * @return true if the name can user, otherwise return false
*/ */
@Override @Override
public Result<Object> verifyUdfFuncByName(String name) { public Result<Object> verifyUdfFuncByName(User loginUser, String name) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
boolean canOperatorPermissions = canOperatorPermissions(loginUser, null, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW);
if (!canOperatorPermissions){
putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION);
return result;
}
if (checkUdfFuncNameExists(name)) { if (checkUdfFuncNameExists(name)) {
putMsg(result, Status.UDF_FUNCTION_EXISTS); putMsg(result, Status.UDF_FUNCTION_EXISTS);
} else { } else {
@ -329,5 +374,4 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
} }
return result; return result;
} }
} }

50
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java

@ -29,7 +29,6 @@ import org.apache.dolphinscheduler.api.utils.CheckUtils;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.Flag; import org.apache.dolphinscheduler.common.enums.Flag;
import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.storage.StorageOperate; import org.apache.dolphinscheduler.common.storage.StorageOperate;
@ -78,8 +77,6 @@ import java.util.TimeZone;
import java.util.Arrays; import java.util.Arrays;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.*;
/** /**
* users service impl * users service impl
*/ */
@ -157,18 +154,18 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
//check all user params //check all user params
String msg = this.checkUserParams(userName, userPassword, email, phone); String msg = this.checkUserParams(userName, userPassword, email, phone);
if(resourcePermissionCheckService.functionDisabled()){ if(resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED, msg); putMsg(result, Status.FUNCTION_DISABLED, msg);
return result; return result;
} }
if (!StringUtils.isEmpty(msg)) { if (!isAdmin(loginUser)) {
putMsg(result, Status.REQUEST_PARAMS_NOT_VALID_ERROR, msg); putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
if (!canOperatorPermissions(loginUser,null, AuthorizationType.USER,USERS_CREATE)) {
putMsg(result, Status.USER_NO_OPERATION_PERM); if (!StringUtils.isEmpty(msg)) {
putMsg(result, Status.REQUEST_PARAMS_NOT_VALID_ERROR, msg);
return result; return result;
} }
@ -334,15 +331,14 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
@Override @Override
public Result<Object> queryUserList(User loginUser, String searchVal, Integer pageNo, Integer pageSize) { public Result<Object> queryUserList(User loginUser, String searchVal, Integer pageNo, Integer pageSize) {
Result<Object> result = new Result<>(); Result<Object> result = new Result<>();
if (!canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_MANAGER)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
if(resourcePermissionCheckService.functionDisabled()){ if(resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
if (!isAdmin(loginUser)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
Page<User> page = new Page<>(pageNo, pageSize); Page<User> page = new Page<>(pageNo, pageSize);
@ -389,8 +385,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
if (check(result, !canOperator(loginUser, userId), Status.USER_NO_OPERATION_PERM)) {
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_UPDATE), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
User user = userMapper.selectById(userId); User user = userMapper.selectById(userId);
@ -527,14 +522,12 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
@Transactional(rollbackFor = RuntimeException.class) @Transactional(rollbackFor = RuntimeException.class)
public Map<String, Object> deleteUserById(User loginUser, int id) throws IOException { public Map<String, Object> deleteUserById(User loginUser, int id) throws IOException {
Map<String, Object> result = new HashMap<>(); Map<String, Object> result = new HashMap<>();
if(resourcePermissionCheckService.functionDisabled()){ if(resourcePermissionCheckService.functionDisabled()){
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
//only admin can operate //only admin can operate
if (!canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_DELETE)) { if (!isAdmin(loginUser)) {
putMsg(result, Status.USER_NO_OPERATION_PERM, id); putMsg(result, Status.USER_NO_OPERATION_PERM, id);
return result; return result;
} }
@ -582,7 +575,6 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
//check exist //check exist
User tempUser = userMapper.selectById(userId); User tempUser = userMapper.selectById(userId);
if (tempUser == null) { if (tempUser == null) {
@ -643,7 +635,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
} }
// 3. only project owner can operate // 3. only project owner can operate
if (!this.canOperatorPermissions(loginUser,new Object[]{project.getId()},AuthorizationType.USER,null)) { if (!this.canOperator(loginUser, project.getUserId())) {
this.putMsg(result, Status.USER_NO_OPERATION_PERM); this.putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
@ -683,7 +675,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
// 1. only admin can operate // 1. only admin can operate
if (this.check(result, !this.canOperatorPermissions(loginUser,null,AuthorizationType.USER,null), Status.USER_NO_OPERATION_PERM)) { if (this.check(result, !this.isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
@ -871,7 +863,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
//only admin can operate //only admin can operate
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER, null), Status.USER_NO_OPERATION_PERM)) { if (this.check(result, !this.isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
@ -968,7 +960,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
User user = null; User user = null;
if (canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_MANAGER)) { if (loginUser.getUserType() == UserType.ADMIN_USER) {
user = loginUser; user = loginUser;
} else { } else {
user = userMapper.queryDetailsById(loginUser.getId()); user = userMapper.queryDetailsById(loginUser.getId());
@ -1011,7 +1003,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
//only admin can operate //only admin can operate
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_MANAGER), Status.USER_NO_OPERATION_PERM)) { if (check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
@ -1036,7 +1028,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
//only admin can operate //only admin can operate
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER,USER_MANAGER), Status.USER_NO_OPERATION_PERM)) { if (check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
@ -1083,7 +1075,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
//only admin can operate //only admin can operate
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER,null), Status.USER_NO_OPERATION_PERM)) { if (check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
@ -1123,7 +1115,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
return result; return result;
} }
//only admin can operate //only admin can operate
if (check(result, !canOperatorPermissions(loginUser,null,AuthorizationType.USER,null), Status.USER_NO_OPERATION_PERM)) { if (check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) {
return result; return result;
} }
List<User> userList = userMapper.queryUserListByAlertGroupId(alertGroupId); List<User> userList = userMapper.queryUserListByAlertGroupId(alertGroupId);
@ -1259,7 +1251,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
if (!canOperatorPermissions(loginUser,null,AuthorizationType.USER,null)) { if (!isAdmin(loginUser)) {
putMsg(result, Status.USER_NO_OPERATION_PERM); putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
@ -1307,7 +1299,7 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService {
putMsg(result, Status.FUNCTION_DISABLED); putMsg(result, Status.FUNCTION_DISABLED);
return result; return result;
} }
if (!canOperatorPermissions(loginUser,null,AuthorizationType.USER,null)) { if (!isAdmin(loginUser)) {
putMsg(result, Status.USER_NO_OPERATION_PERM); putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }

10
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AbstractControllerTest.java

@ -22,6 +22,7 @@ import org.apache.dolphinscheduler.api.controller.AbstractControllerTest.Registr
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.SessionService; import org.apache.dolphinscheduler.api.service.SessionService;
import org.apache.dolphinscheduler.api.service.UsersService; import org.apache.dolphinscheduler.api.service.UsersService;
import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.dao.DaoConfiguration; import org.apache.dolphinscheduler.dao.DaoConfiguration;
import org.apache.dolphinscheduler.dao.entity.User; import org.apache.dolphinscheduler.dao.entity.User;
@ -107,6 +108,15 @@ public abstract class AbstractControllerTest {
} }
} }
public void putMsg(Result<Object> result, Status status, Object... statusParams) {
result.setCode(status.getCode());
if (statusParams != null && statusParams.length > 0) {
result.setMsg(MessageFormat.format(status.getMsg(), statusParams));
} else {
result.setMsg(status.getMsg());
}
}
@Configuration @Configuration
public static class RegistryServer { public static class RegistryServer {
@PostConstruct @PostConstruct

26
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/ResourcesControllerTest.java

@ -135,7 +135,7 @@ public class ResourcesControllerTest extends AbstractControllerTest {
public void testViewResource() throws Exception { public void testViewResource() throws Exception {
Result mockResult = new Result<>(); Result mockResult = new Result<>();
mockResult.setCode(Status.HDFS_NOT_STARTUP.getCode()); mockResult.setCode(Status.HDFS_NOT_STARTUP.getCode());
PowerMockito.when(resourcesService.readResource(Mockito.anyInt(), Mockito.anyInt(), Mockito.anyInt())).thenReturn(mockResult); PowerMockito.when(resourcesService.readResource(Mockito.any(), Mockito.anyInt(), Mockito.anyInt(), Mockito.anyInt())).thenReturn(mockResult);
MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>(); MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
paramsMap.add("skipLineNum", "2"); paramsMap.add("skipLineNum", "2");
@ -188,7 +188,7 @@ public class ResourcesControllerTest extends AbstractControllerTest {
public void testUpdateResourceContent() throws Exception { public void testUpdateResourceContent() throws Exception {
Result mockResult = new Result<>(); Result mockResult = new Result<>();
mockResult.setCode(Status.TENANT_NOT_EXIST.getCode()); mockResult.setCode(Status.TENANT_NOT_EXIST.getCode());
PowerMockito.when(resourcesService.updateResourceContent(Mockito.anyInt(), Mockito.anyString())).thenReturn(mockResult); PowerMockito.when(resourcesService.updateResourceContent(Mockito.any(), Mockito.anyInt(), Mockito.anyString())).thenReturn(mockResult);
MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>(); MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
paramsMap.add("id", "1"); paramsMap.add("id", "1");
@ -210,7 +210,7 @@ public class ResourcesControllerTest extends AbstractControllerTest {
@Test @Test
public void testDownloadResource() throws Exception { public void testDownloadResource() throws Exception {
PowerMockito.when(resourcesService.downloadResource(Mockito.anyInt())).thenReturn(null); PowerMockito.when(resourcesService.downloadResource(Mockito.any(), Mockito.anyInt())).thenReturn(null);
MvcResult mvcResult = mockMvc.perform(get("/resources/{id}/download", 5) MvcResult mvcResult = mockMvc.perform(get("/resources/{id}/download", 5)
.header(SESSION_ID, sessionId)) .header(SESSION_ID, sessionId))
@ -252,10 +252,10 @@ public class ResourcesControllerTest extends AbstractControllerTest {
@Test @Test
public void testViewUIUdfFunction() throws Exception { public void testViewUIUdfFunction() throws Exception {
Map<String, Object> mockResult = new HashMap<>(); Result<Object> mockResult = new Result<>();
mockResult.put(Constants.STATUS, Status.TENANT_NOT_EXIST); putMsg(mockResult, Status.TENANT_NOT_EXIST);
PowerMockito.when(udfFuncService PowerMockito.when(udfFuncService
.queryUdfFuncDetail(Mockito.anyInt())) .queryUdfFuncDetail(Mockito.any(), Mockito.anyInt()))
.thenReturn(mockResult); .thenReturn(mockResult);
MvcResult mvcResult = mockMvc.perform(get("/resources/{id}/udf-func", "123") MvcResult mvcResult = mockMvc.perform(get("/resources/{id}/udf-func", "123")
@ -272,10 +272,10 @@ public class ResourcesControllerTest extends AbstractControllerTest {
@Test @Test
public void testUpdateUdfFunc() throws Exception { public void testUpdateUdfFunc() throws Exception {
Map<String, Object> mockResult = new HashMap<>(); Result<Object> mockResult = new Result<>();
mockResult.put(Constants.STATUS, Status.TENANT_NOT_EXIST); mockResult.setCode(Status.TENANT_NOT_EXIST.getCode());
PowerMockito.when(udfFuncService PowerMockito.when(udfFuncService
.updateUdfFunc(Mockito.anyInt(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.anyInt())) .updateUdfFunc(Mockito.any(), Mockito.anyInt(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.anyInt()))
.thenReturn(mockResult); .thenReturn(mockResult);
MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>(); MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
@ -327,8 +327,8 @@ public class ResourcesControllerTest extends AbstractControllerTest {
@Test @Test
public void testQueryResourceList() throws Exception { public void testQueryResourceList() throws Exception {
Map<String, Object> mockResult = new HashMap<>(); Result<Object> mockResult = new Result<>();
mockResult.put(Constants.STATUS, Status.SUCCESS); mockResult.setCode(Status.SUCCESS.getCode());
PowerMockito.when(udfFuncService.queryUdfFuncList(Mockito.any(), Mockito.anyInt())).thenReturn(mockResult); PowerMockito.when(udfFuncService.queryUdfFuncList(Mockito.any(), Mockito.anyInt())).thenReturn(mockResult);
MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>(); MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
@ -351,7 +351,7 @@ public class ResourcesControllerTest extends AbstractControllerTest {
public void testVerifyUdfFuncName() throws Exception { public void testVerifyUdfFuncName() throws Exception {
Result mockResult = new Result<>(); Result mockResult = new Result<>();
mockResult.setCode(Status.SUCCESS.getCode()); mockResult.setCode(Status.SUCCESS.getCode());
PowerMockito.when(udfFuncService.verifyUdfFuncByName(Mockito.anyString())).thenReturn(mockResult); PowerMockito.when(udfFuncService.verifyUdfFuncByName(Mockito.any(), Mockito.anyString())).thenReturn(mockResult);
MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>(); MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
paramsMap.add("name", "test"); paramsMap.add("name", "test");
@ -439,7 +439,7 @@ public class ResourcesControllerTest extends AbstractControllerTest {
public void testDeleteUdfFunc() throws Exception { public void testDeleteUdfFunc() throws Exception {
Result mockResult = new Result<>(); Result mockResult = new Result<>();
mockResult.setCode(Status.SUCCESS.getCode()); mockResult.setCode(Status.SUCCESS.getCode());
PowerMockito.when(udfFuncService.delete(Mockito.anyInt())).thenReturn(mockResult); PowerMockito.when(udfFuncService.delete(Mockito.any(), Mockito.anyInt())).thenReturn(mockResult);
MvcResult mvcResult = mockMvc.perform(delete("/resources/udf-func/{id}", "123") MvcResult mvcResult = mockMvc.perform(delete("/resources/udf-func/{id}", "123")
.header(SESSION_ID, sessionId)) .header(SESSION_ID, sessionId))

74
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/MonitorServiceTest.java

@ -17,21 +17,31 @@
package org.apache.dolphinscheduler.api.service; package org.apache.dolphinscheduler.api.service;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
import org.apache.dolphinscheduler.api.service.impl.MonitorServiceImpl; import org.apache.dolphinscheduler.api.service.impl.MonitorServiceImpl;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.NodeType;
import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.model.Server; import org.apache.dolphinscheduler.common.model.Server;
import org.apache.dolphinscheduler.dao.MonitorDBDao; import org.apache.dolphinscheduler.dao.MonitorDBDao;
import org.apache.dolphinscheduler.dao.entity.MonitorRecord; import org.apache.dolphinscheduler.dao.entity.MonitorRecord;
import org.apache.dolphinscheduler.dao.entity.User;
import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
import org.apache.dolphinscheduler.service.registry.RegistryClient;
import org.apache.dolphinscheduler.spi.enums.DbType; import org.apache.dolphinscheduler.spi.enums.DbType;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.mockito.InjectMocks; import org.mockito.InjectMocks;
@ -55,23 +65,60 @@ public class MonitorServiceTest {
@Mock @Mock
private MonitorDBDao monitorDBDao; private MonitorDBDao monitorDBDao;
@Mock
private ResourcePermissionCheckService resourcePermissionCheckService;
@Mock
private RegistryClient registryClient;
private User user;
public static final Logger serviceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);
@Before
public void init () {
user = new User();
user.setUserType(UserType.ADMIN_USER);
user.setId(1);
}
@Test @Test
public void testQueryDatabaseState() { public void testQueryDatabaseState() {
mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_DATABASES_VIEW, true);
Mockito.when(monitorDBDao.queryDatabaseState()).thenReturn(getList()); Mockito.when(monitorDBDao.queryDatabaseState()).thenReturn(getList());
Map<String,Object> result = monitorService.queryDatabaseState(null); Map<String,Object> result = monitorService.queryDatabaseState(user);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS));
List<MonitorRecord> monitorRecordList = (List<MonitorRecord>) result.get(Constants.DATA_LIST); List<MonitorRecord> monitorRecordList = (List<MonitorRecord>) result.get(Constants.DATA_LIST);
Assert.assertTrue(CollectionUtils.isNotEmpty(monitorRecordList)); Assert.assertTrue(CollectionUtils.isNotEmpty(monitorRecordList));
mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_DATABASES_VIEW, false);
Map<String,Object> noPermission = monitorService.queryDatabaseState(user);
Assert.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION,noPermission.get(Constants.STATUS));
} }
@Test @Test
public void testQueryMaster() { public void testQueryMaster() {
//TODO need zk mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_MASTER_VIEW, true);
/*Map<String,Object> result = monitorService.queryMaster(null);*/ Mockito.when(registryClient.getServerList(NodeType.MASTER)).thenReturn(getServerList());
/*logger.info(result.toString());*/ Map<String, Object> result = monitorService.queryMaster(user);
/*Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS));*/ Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS));
mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_MASTER_VIEW, false);
Map<String,Object> noPermission = monitorService.queryMaster(user);
Assert.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION,noPermission.get(Constants.STATUS));
}
@Test
public void testQueryWorker() {
mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_WORKER_VIEW, true);
Mockito.when(registryClient.getServerList(NodeType.WORKER)).thenReturn(getServerList());
Map<String, Object> result = monitorService.queryWorker(user);
Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS));
mockPermissionCheck(ApiFuncIdentificationConstant.MONITOR_WORKER_VIEW, false);
Map<String,Object> noPermission = monitorService.queryWorker(user);
Assert.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION,noPermission.get(Constants.STATUS));
} }
@Test @Test
@ -81,6 +128,11 @@ public class MonitorServiceTest {
/*logger.info(serverList.toString());*/ /*logger.info(serverList.toString());*/
} }
private void mockPermissionCheck(String permissionKey, boolean result){
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.MONITOR, 1, permissionKey, serviceLogger)).thenReturn(result);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.MONITOR, null, 0, serviceLogger)).thenReturn(true);
}
private List<MonitorRecord> getList() { private List<MonitorRecord> getList() {
List<MonitorRecord> monitorRecordList = new ArrayList<>(); List<MonitorRecord> monitorRecordList = new ArrayList<>();
monitorRecordList.add(getEntity()); monitorRecordList.add(getEntity());
@ -94,8 +146,16 @@ public class MonitorServiceTest {
} }
private List<Server> getServerList() { private List<Server> getServerList() {
Server server = new Server();
server.setId(1);
server.setHost("127.0.0.1");
server.setZkDirectory("ws/server");
server.setPort(123);
server.setCreateTime(new Date());
server.setLastHeartbeatTime(new Date());
List<Server> servers = new ArrayList<>(); List<Server> servers = new ArrayList<>();
servers.add(new Server()); servers.add(server);
return servers; return servers;
} }

30
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java

@ -84,8 +84,8 @@ public class ProjectServiceTest {
User loginUser = getLoginUser(); User loginUser = getLoginUser();
loginUser.setId(1); loginUser.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.PROJECTS, loginUser.getId(), PROJECT_CREATE , baseServiceLogger)).thenReturn(true); Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.PROJECTS, 1, PROJECT_CREATE , baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.PROJECTS, null, loginUser.getId(), baseServiceLogger)).thenReturn(true); Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.PROJECTS, null, 1, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = projectService.createProject(loginUser, projectName, getDesc()); Map<String, Object> result = projectService.createProject(loginUser, projectName, getDesc());
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS)); Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS));
@ -179,32 +179,6 @@ public class ProjectServiceTest {
Assert.assertTrue(checkResult); Assert.assertTrue(checkResult);
} }
// @Test
// public void testQueryProjectListPaging() {
// IPage<Project> page = new Page<>(1, 10);
// page.setRecords(getList());
// page.setTotal(1L);
// Set<Integer> set = new HashSet();
// set.add(1);
// Mockito.when(projectMapper.queryProjectListPaging(Mockito.any(Page.class),Mockito.anySet().toArray(), Mockito.eq(projectName))).thenReturn(page);
// User loginUser = getLoginUser();
//
// // project owner
// Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, loginUser.getId(), projectLogger)).thenReturn(set);
// Result result = projectService.queryProjectListPaging(loginUser, 10, 1, projectName);
// logger.info(result.toString());
// PageInfo<Project> pageInfo = (PageInfo<Project>) result.getData();
// Assert.assertTrue(CollectionUtils.isNotEmpty(pageInfo.getTotalList()));
//
// //admin
// Mockito.when(projectMapper.queryProjectListPaging(Mockito.any(Page.class), Mockito.anySet().toArray(), Mockito.eq(projectName))).thenReturn(page);
// loginUser.setUserType(UserType.ADMIN_USER);
// result = projectService.queryProjectListPaging(loginUser, 10, 1, projectName);
// logger.info(result.toString());
// pageInfo = (PageInfo<Project>) result.getData();
// Assert.assertTrue(CollectionUtils.isNotEmpty(pageInfo.getTotalList()));
// }
@Test @Test
public void testDeleteProject() { public void testDeleteProject() {
User loginUser = getLoginUser(); User loginUser = getLoginUser();

142
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ResourcesServiceTest.java

@ -19,11 +19,14 @@ package org.apache.dolphinscheduler.api.service;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
import org.apache.dolphinscheduler.api.service.impl.ResourcesServiceImpl; import org.apache.dolphinscheduler.api.service.impl.ResourcesServiceImpl;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.storage.StorageOperate; import org.apache.dolphinscheduler.common.storage.StorageOperate;
import org.apache.dolphinscheduler.common.utils.FileUtils; import org.apache.dolphinscheduler.common.utils.FileUtils;
@ -38,6 +41,7 @@ import org.apache.dolphinscheduler.dao.mapper.ResourceUserMapper;
import org.apache.dolphinscheduler.dao.mapper.TenantMapper; import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper; import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
import org.apache.dolphinscheduler.dao.mapper.UserMapper; import org.apache.dolphinscheduler.dao.mapper.UserMapper;
import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
import org.apache.dolphinscheduler.spi.enums.ResourceType; import org.apache.dolphinscheduler.spi.enums.ResourceType;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
@ -47,9 +51,11 @@ import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Random; import java.util.Random;
import java.util.Set;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
@ -106,6 +112,12 @@ public class ResourcesServiceTest {
@Mock @Mock
private ResourceUserMapper resourceUserMapper; private ResourceUserMapper resourceUserMapper;
@Mock
private ResourcePermissionCheckService resourcePermissionCheckService;
private static final Logger serviceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);
@Before @Before
public void setUp() { public void setUp() {
// PowerMockito.mockStatic(HadoopUtils.class); // PowerMockito.mockStatic(HadoopUtils.class);
@ -125,8 +137,13 @@ public class ResourcesServiceTest {
@Test @Test
public void testCreateResource() { public void testCreateResource() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
User user = new User(); User user = new User();
user.setId(1);
user.setUserType(UserType.GENERAL_USER);
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
Result result = resourcesService.createResource(user, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null, -1, "/"); Result result = resourcesService.createResource(user, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null, -1, "/");
logger.info(result.toString()); logger.info(result.toString());
@ -148,6 +165,9 @@ public class ResourcesServiceTest {
Assert.assertEquals(Status.RESOURCE_SUFFIX_FORBID_CHANGE.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_SUFFIX_FORBID_CHANGE.getMsg(), result.getMsg());
//UDF_RESOURCE_SUFFIX_NOT_JAR //UDF_RESOURCE_SUFFIX_NOT_JAR
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.UDF_FOLDER_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
mockMultipartFile = new MockMultipartFile("ResourcesServiceTest.pdf", "ResourcesServiceTest.pdf", "pdf", "test".getBytes()); mockMultipartFile = new MockMultipartFile("ResourcesServiceTest.pdf", "ResourcesServiceTest.pdf", "pdf", "test".getBytes());
PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.pdf")).thenReturn("pdf"); PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.pdf")).thenReturn("pdf");
result = resourcesService.createResource(user, "ResourcesServiceTest.pdf", "ResourcesServiceTest", ResourceType.UDF, mockMultipartFile, -1, "/"); result = resourcesService.createResource(user, "ResourcesServiceTest.pdf", "ResourcesServiceTest", ResourceType.UDF, mockMultipartFile, -1, "/");
@ -155,6 +175,9 @@ public class ResourcesServiceTest {
Assert.assertEquals(Status.UDF_RESOURCE_SUFFIX_NOT_JAR.getMsg(), result.getMsg()); Assert.assertEquals(Status.UDF_RESOURCE_SUFFIX_NOT_JAR.getMsg(), result.getMsg());
//FULL_FILE_NAME_TOO_LONG //FULL_FILE_NAME_TOO_LONG
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
String tooLongFileName = getRandomStringWithLength(Constants.RESOURCE_FULL_NAME_MAX_LENGTH) + ".pdf"; String tooLongFileName = getRandomStringWithLength(Constants.RESOURCE_FULL_NAME_MAX_LENGTH) + ".pdf";
mockMultipartFile = new MockMultipartFile(tooLongFileName, tooLongFileName, "pdf", "test".getBytes()); mockMultipartFile = new MockMultipartFile(tooLongFileName, tooLongFileName, "pdf", "test".getBytes());
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
@ -166,9 +189,13 @@ public class ResourcesServiceTest {
@Test @Test
public void testCreateDirecotry() { public void testCreateDirecotry() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FOLDER_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
User user = new User(); User user = new User();
user.setId(1);
user.setUserType(UserType.GENERAL_USER);
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
Result result = resourcesService.createDirectory(user, "directoryTest", "directory test", ResourceType.FILE, -1, "/"); Result result = resourcesService.createDirectory(user, "directoryTest", "directory test", ResourceType.FILE, -1, "/");
logger.info(result.toString()); logger.info(result.toString());
@ -181,6 +208,10 @@ public class ResourcesServiceTest {
Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant()); Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant());
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
Mockito.when(resourcesMapper.selectById(Mockito.anyInt())).thenReturn(null); Mockito.when(resourcesMapper.selectById(Mockito.anyInt())).thenReturn(null);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FOLDER_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_RENAME, serviceLogger)).thenReturn(true);
result = resourcesService.createDirectory(user, "directoryTest", "directory test", ResourceType.FILE, 1, "/"); result = resourcesService.createDirectory(user, "directoryTest", "directory test", ResourceType.FILE, 1, "/");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.PARENT_RESOURCE_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.PARENT_RESOURCE_NOT_EXIST.getMsg(), result.getMsg());
@ -196,14 +227,21 @@ public class ResourcesServiceTest {
@Test @Test
public void testUpdateResource() { public void testUpdateResource() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
User user = new User(); User user = new User();
user.setId(1);
user.setUserType(UserType.GENERAL_USER);
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
Result result = resourcesService.updateResource(user, 1, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null); Result result = resourcesService.updateResource(user, 1, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg()); Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg());
//RESOURCE_NOT_EXIST //RESOURCE_NOT_EXIST
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{0}, 1, serviceLogger)).thenReturn(true);
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource()); Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
result = resourcesService.updateResource(user, 0, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null); result = resourcesService.updateResource(user, 0, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null);
@ -211,6 +249,10 @@ public class ResourcesServiceTest {
Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg());
//USER_NO_OPERATION_PERM //USER_NO_OPERATION_PERM
user.setId(2);
user.setUserType(UserType.GENERAL_USER);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 2, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 2, serviceLogger)).thenReturn(true);
result = resourcesService.updateResource(user, 1, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null); result = resourcesService.updateResource(user, 1, "ResourcesServiceTest", "ResourcesServiceTest", ResourceType.FILE, null);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM.getMsg(), result.getMsg()); Assert.assertEquals(Status.USER_NO_OPERATION_PERM.getMsg(), result.getMsg());
@ -221,6 +263,8 @@ public class ResourcesServiceTest {
Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant()); Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant());
PowerMockito.when(storageOperate.getFileName(Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn("test1"); PowerMockito.when(storageOperate.getFileName(Mockito.any(), Mockito.any(), Mockito.anyString())).thenReturn("test1");
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.UDF_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
try { try {
Mockito.when(storageOperate.exists(Mockito.any(), Mockito.any())).thenReturn(false); Mockito.when(storageOperate.exists(Mockito.any(), Mockito.any())).thenReturn(false);
} catch (IOException e) { } catch (IOException e) {
@ -239,6 +283,8 @@ public class ResourcesServiceTest {
logger.error(e.getMessage(), e); logger.error(e.getMessage(), e);
} }
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
result = resourcesService.updateResource(user, 1, "ResourcesServiceTest.jar", "ResourcesServiceTest", ResourceType.FILE, null); result = resourcesService.updateResource(user, 1, "ResourcesServiceTest.jar", "ResourcesServiceTest", ResourceType.FILE, null);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg()); Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg());
@ -249,6 +295,8 @@ public class ResourcesServiceTest {
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_EXIST.getMsg(), result.getMsg());
//USER_NOT_EXIST //USER_NOT_EXIST
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.UDF_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
Mockito.when(userMapper.selectById(Mockito.anyInt())).thenReturn(null); Mockito.when(userMapper.selectById(Mockito.anyInt())).thenReturn(null);
result = resourcesService.updateResource(user, 1, "ResourcesServiceTest1.jar", "ResourcesServiceTest", ResourceType.UDF, null); result = resourcesService.updateResource(user, 1, "ResourcesServiceTest1.jar", "ResourcesServiceTest", ResourceType.UDF, null);
logger.info(result.toString()); logger.info(result.toString());
@ -279,13 +327,17 @@ public class ResourcesServiceTest {
@Test @Test
public void testQueryResourceListPaging() { public void testQueryResourceListPaging() {
User loginUser = new User(); User loginUser = new User();
loginUser.setId(1);
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
IPage<Resource> resourcePage = new Page<>(1, 10); IPage<Resource> resourcePage = new Page<>(1, 10);
resourcePage.setTotal(1); resourcePage.setTotal(1);
resourcePage.setRecords(getResourceList()); resourcePage.setRecords(getResourceList());
Mockito.when(resourcesMapper.queryResourcePaging(Mockito.any(Page.class), PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_VIEW, serviceLogger)).thenReturn(true);
eq(0), eq(-1), eq(0), eq("test"), Mockito.any())).thenReturn(resourcePage); PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, 1, serviceLogger)).thenReturn(getSetIds());
Mockito.when(resourcesMapper.queryResourcePaging(Mockito.any(Page.class), eq(-1), eq(0), eq(1), eq("test"), Mockito.any())).thenReturn(resourcePage);
Result result = resourcesService.queryResourceListPaging(loginUser, -1, ResourceType.FILE, "test", 1, 10); Result result = resourcesService.queryResourceListPaging(loginUser, -1, ResourceType.FILE, "test", 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getCode(), (int) result.getCode()); Assert.assertEquals(Status.SUCCESS.getCode(), (int) result.getCode());
@ -299,6 +351,11 @@ public class ResourcesServiceTest {
User loginUser = new User(); User loginUser = new User();
loginUser.setId(0); loginUser.setId(0);
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 0, ApiFuncIdentificationConstant.FILE_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, 0, serviceLogger)).thenReturn(getSetIds());
Mockito.when(resourcesMapper.queryResourceListAuthored(0, 0)).thenReturn(getResourceList()); Mockito.when(resourcesMapper.queryResourceListAuthored(0, 0)).thenReturn(getResourceList());
Map<String, Object> result = resourcesService.queryResourceList(loginUser, ResourceType.FILE); Map<String, Object> result = resourcesService.queryResourceList(loginUser, ResourceType.FILE);
logger.info(result.toString()); logger.info(result.toString());
@ -307,6 +364,9 @@ public class ResourcesServiceTest {
Assert.assertTrue(CollectionUtils.isNotEmpty(resourceList)); Assert.assertTrue(CollectionUtils.isNotEmpty(resourceList));
// test udf // test udf
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 0, ApiFuncIdentificationConstant.UDF_FILE_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, 0, serviceLogger)).thenReturn(getSetIds());
loginUser.setUserType(UserType.GENERAL_USER); loginUser.setUserType(UserType.GENERAL_USER);
Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(0, 0)) Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(0, 0))
.thenReturn(Arrays.asList(Integer.valueOf(10), Integer.valueOf(11))); .thenReturn(Arrays.asList(Integer.valueOf(10), Integer.valueOf(11)));
@ -325,9 +385,13 @@ public class ResourcesServiceTest {
User loginUser = new User(); User loginUser = new User();
loginUser.setId(0); loginUser.setId(0);
loginUser.setUserType(UserType.GENERAL_USER);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant()); Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant());
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 0, ApiFuncIdentificationConstant.FILE_DELETE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 0, serviceLogger)).thenReturn(true);
try { try {
// HDFS_NOT_STARTUP // HDFS_NOT_STARTUP
Result result = resourcesService.delete(loginUser, 1); Result result = resourcesService.delete(loginUser, 1);
@ -337,6 +401,9 @@ public class ResourcesServiceTest {
//RESOURCE_NOT_EXIST //RESOURCE_NOT_EXIST
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource()); Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 0, ApiFuncIdentificationConstant.FILE_DELETE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{2}, 0, serviceLogger)).thenReturn(true);
result = resourcesService.delete(loginUser, 2); result = resourcesService.delete(loginUser, 2);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg());
@ -350,6 +417,8 @@ public class ResourcesServiceTest {
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
loginUser.setTenantId(2); loginUser.setTenantId(2);
Mockito.when(userMapper.selectById(Mockito.anyInt())).thenReturn(loginUser); Mockito.when(userMapper.selectById(Mockito.anyInt())).thenReturn(loginUser);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 0, ApiFuncIdentificationConstant.FILE_DELETE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 0, serviceLogger)).thenReturn(true);
result = resourcesService.delete(loginUser, 1); result = resourcesService.delete(loginUser, 1);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getMsg(), result.getMsg());
@ -373,8 +442,11 @@ public class ResourcesServiceTest {
@Test @Test
public void testVerifyResourceName() { public void testVerifyResourceName() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_RENAME, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
User user = new User(); User user = new User();
user.setId(1); user.setId(1);
user.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcesMapper.existResource("/ResourcesServiceTest.jar", 0)).thenReturn(true); Mockito.when(resourcesMapper.existResource("/ResourcesServiceTest.jar", 0)).thenReturn(true);
Result result = resourcesService.verifyResourceName("/ResourcesServiceTest.jar", ResourceType.FILE, user); Result result = resourcesService.verifyResourceName("/ResourcesServiceTest.jar", ResourceType.FILE, user);
logger.info(result.toString()); logger.info(result.toString());
@ -414,37 +486,43 @@ public class ResourcesServiceTest {
@Test @Test
public void testReadResource() { public void testReadResource() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
Result result = resourcesService.readResource(1, 1, 10); Result result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg()); Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg());
//RESOURCE_NOT_EXIST //RESOURCE_NOT_EXIST
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource()); Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
result = resourcesService.readResource(2, 1, 10); PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{2}, 1, serviceLogger)).thenReturn(true);
result = resourcesService.readResource(getUser(), 2, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg());
//RESOURCE_SUFFIX_NOT_SUPPORT_VIEW //RESOURCE_SUFFIX_NOT_SUPPORT_VIEW
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("class"); PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("class");
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
result = resourcesService.readResource(1, 1, 10); result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_SUFFIX_NOT_SUPPORT_VIEW.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_SUFFIX_NOT_SUPPORT_VIEW.getMsg(), result.getMsg());
//USER_NOT_EXIST //USER_NOT_EXIST
PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("jar"); PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("jar");
PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.jar")).thenReturn("jar"); PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.jar")).thenReturn("jar");
result = resourcesService.readResource(1, 1, 10); result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NOT_EXIST.getCode(), (int) result.getCode()); Assert.assertEquals(Status.USER_NOT_EXIST.getCode(), (int) result.getCode());
//TENANT_NOT_EXIST //TENANT_NOT_EXIST
Mockito.when(userMapper.selectById(1)).thenReturn(getUser()); Mockito.when(userMapper.selectById(1)).thenReturn(getUser());
result = resourcesService.readResource(1, 1, 10); result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getMsg(), result.getMsg());
@ -455,7 +533,7 @@ public class ResourcesServiceTest {
} catch (IOException e) { } catch (IOException e) {
logger.error("hadoop error", e); logger.error("hadoop error", e);
} }
result = resourcesService.readResource(1, 1, 10); result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_FILE_NOT_EXIST.getCode(), (int) result.getCode()); Assert.assertEquals(Status.RESOURCE_FILE_NOT_EXIST.getCode(), (int) result.getCode());
@ -467,7 +545,7 @@ public class ResourcesServiceTest {
} catch (IOException e) { } catch (IOException e) {
logger.error("storage error", e); logger.error("storage error", e);
} }
result = resourcesService.readResource(1, 1, 10); result = resourcesService.readResource(getUser(), 1, 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg()); Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg());
@ -476,10 +554,14 @@ public class ResourcesServiceTest {
@Test @Test
public void testOnlineCreateResource() { public void testOnlineCreateResource() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_ONLINE_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
PowerMockito.when(storageOperate.getResourceFileName(Mockito.anyString(), eq("hdfsdDir"))).thenReturn("hdfsDir"); PowerMockito.when(storageOperate.getResourceFileName(Mockito.anyString(), eq("hdfsdDir"))).thenReturn("hdfsDir");
PowerMockito.when(storageOperate.getUdfDir("udfDir")).thenReturn("udfDir"); PowerMockito.when(storageOperate.getUdfDir("udfDir")).thenReturn("udfDir");
User user = getUser(); User user = getUser();
user.setId(1);
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
Result result = resourcesService.onlineCreateResource(user, ResourceType.FILE, "test", "jar", "desc", "content", -1, "/"); Result result = resourcesService.onlineCreateResource(user, ResourceType.FILE, "test", "jar", "desc", "content", -1, "/");
logger.info(result.toString()); logger.info(result.toString());
@ -503,6 +585,9 @@ public class ResourcesServiceTest {
} }
//SUCCESS //SUCCESS
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_RENAME, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 1, serviceLogger)).thenReturn(true);
Mockito.when(FileUtils.getUploadFilename(Mockito.anyString(), Mockito.anyString())).thenReturn("test"); Mockito.when(FileUtils.getUploadFilename(Mockito.anyString(), Mockito.anyString())).thenReturn("test");
PowerMockito.when(FileUtils.writeContent2File(Mockito.anyString(), Mockito.anyString())).thenReturn(true); PowerMockito.when(FileUtils.writeContent2File(Mockito.anyString(), Mockito.anyString())).thenReturn(true);
result = resourcesService.onlineCreateResource(user, ResourceType.FILE, "test", "jar", "desc", "content", -1, "/"); result = resourcesService.onlineCreateResource(user, ResourceType.FILE, "test", "jar", "desc", "content", -1, "/");
@ -516,34 +601,41 @@ public class ResourcesServiceTest {
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
// HDFS_NOT_STARTUP // HDFS_NOT_STARTUP
Result result = resourcesService.updateResourceContent(1, "content"); PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
Result result = resourcesService.updateResourceContent(getUser(), 1, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg()); Assert.assertEquals(Status.STORAGE_NOT_STARTUP.getMsg(), result.getMsg());
//RESOURCE_NOT_EXIST //RESOURCE_NOT_EXIST
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{2}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource()); Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
result = resourcesService.updateResourceContent(2, "content"); result = resourcesService.updateResourceContent(getUser(), 2, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_NOT_EXIST.getMsg(), result.getMsg());
//RESOURCE_SUFFIX_NOT_SUPPORT_VIEW //RESOURCE_SUFFIX_NOT_SUPPORT_VIEW
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("class"); PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("class");
result = resourcesService.updateResourceContent(1, "content"); result = resourcesService.updateResourceContent(getUser(), 1, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_SUFFIX_NOT_SUPPORT_VIEW.getMsg(), result.getMsg()); Assert.assertEquals(Status.RESOURCE_SUFFIX_NOT_SUPPORT_VIEW.getMsg(), result.getMsg());
//USER_NOT_EXIST //USER_NOT_EXIST
PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("jar"); PowerMockito.when(FileUtils.getResourceViewSuffixes()).thenReturn("jar");
PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.jar")).thenReturn("jar"); PowerMockito.when(Files.getFileExtension("ResourcesServiceTest.jar")).thenReturn("jar");
result = resourcesService.updateResourceContent(1, "content"); result = resourcesService.updateResourceContent(getUser(), 1, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertTrue(Status.USER_NOT_EXIST.getCode() == result.getCode()); Assert.assertTrue(Status.USER_NOT_EXIST.getCode() == result.getCode());
//TENANT_NOT_EXIST //TENANT_NOT_EXIST
Mockito.when(userMapper.selectById(1)).thenReturn(getUser()); Mockito.when(userMapper.selectById(1)).thenReturn(getUser());
result = resourcesService.updateResourceContent(1, "content"); result = resourcesService.updateResourceContent(getUser(), 1, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertTrue(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getCode() == result.getCode()); Assert.assertTrue(Status.CURRENT_LOGIN_USER_TENANT_NOT_EXIST.getCode() == result.getCode());
@ -551,7 +643,7 @@ public class ResourcesServiceTest {
Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant()); Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant());
Mockito.when(FileUtils.getUploadFilename(Mockito.anyString(), Mockito.anyString())).thenReturn("test"); Mockito.when(FileUtils.getUploadFilename(Mockito.anyString(), Mockito.anyString())).thenReturn("test");
PowerMockito.when(FileUtils.writeContent2File(Mockito.anyString(), Mockito.anyString())).thenReturn(true); PowerMockito.when(FileUtils.writeContent2File(Mockito.anyString(), Mockito.anyString())).thenReturn(true);
result = resourcesService.updateResourceContent(1, "content"); result = resourcesService.updateResourceContent(getUser(), 1, "content");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg()); Assert.assertEquals(Status.SUCCESS.getMsg(), result.getMsg());
} }
@ -559,18 +651,21 @@ public class ResourcesServiceTest {
@Test @Test
public void testDownloadResource() { public void testDownloadResource() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.RESOURCE_FILE_ID, 1, ApiFuncIdentificationConstant.FILE_DOWNLOAD, serviceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, new Object[]{1}, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant()); Mockito.when(tenantMapper.queryById(1)).thenReturn(getTenant());
Mockito.when(userMapper.selectById(1)).thenReturn(getUser()); Mockito.when(userMapper.selectById(1)).thenReturn(getUser());
org.springframework.core.io.Resource resourceMock = Mockito.mock(org.springframework.core.io.Resource.class); org.springframework.core.io.Resource resourceMock = Mockito.mock(org.springframework.core.io.Resource.class);
try { try {
//resource null //resource null
org.springframework.core.io.Resource resource = resourcesService.downloadResource(1); org.springframework.core.io.Resource resource = resourcesService.downloadResource(getUser(), 1);
Assert.assertNull(resource); Assert.assertNull(resource);
Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource()); Mockito.when(resourcesMapper.selectById(1)).thenReturn(getResource());
PowerMockito.when(org.apache.dolphinscheduler.api.utils.FileUtils.file2Resource(Mockito.any())).thenReturn(resourceMock); PowerMockito.when(org.apache.dolphinscheduler.api.utils.FileUtils.file2Resource(Mockito.any())).thenReturn(resourceMock);
resource = resourcesService.downloadResource(1); resource = resourcesService.downloadResource(getUser(), 1);
Assert.assertNotNull(resource); Assert.assertNotNull(resource);
} catch (Exception e) { } catch (Exception e) {
logger.error("DownloadResource error", e); logger.error("DownloadResource error", e);
@ -589,6 +684,7 @@ public class ResourcesServiceTest {
// test admin user // test admin user
List<Integer> resIds = new ArrayList<>(); List<Integer> resIds = new ArrayList<>();
resIds.add(1); resIds.add(1);
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(true);
Mockito.when(resourcesMapper.queryResourceExceptUserId(userId)).thenReturn(getResourceList()); Mockito.when(resourcesMapper.queryResourceExceptUserId(userId)).thenReturn(getResourceList());
Map<String, Object> result = resourcesService.authorizeResourceTree(user, userId); Map<String, Object> result = resourcesService.authorizeResourceTree(user, userId);
logger.info(result.toString()); logger.info(result.toString());
@ -617,6 +713,7 @@ public class ResourcesServiceTest {
// test admin user // test admin user
List<Integer> resIds = new ArrayList<>(); List<Integer> resIds = new ArrayList<>();
resIds.add(1); resIds.add(1);
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(true);
Mockito.when(resourcesMapper.queryResourceExceptUserId(userId)).thenReturn(getResourceList()); Mockito.when(resourcesMapper.queryResourceExceptUserId(userId)).thenReturn(getResourceList());
Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(Mockito.anyInt(), Mockito.anyInt())).thenReturn(resIds); Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(Mockito.anyInt(), Mockito.anyInt())).thenReturn(resIds);
Mockito.when(resourcesMapper.queryResourceListById(Mockito.any())).thenReturn(getSingleResourceList()); Mockito.when(resourcesMapper.queryResourceListById(Mockito.any())).thenReturn(getSingleResourceList());
@ -645,6 +742,7 @@ public class ResourcesServiceTest {
int userId = 3; int userId = 3;
// test admin user // test admin user
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(true);
Mockito.when(udfFunctionMapper.queryUdfFuncExceptUserId(userId)).thenReturn(getUdfFuncList()); Mockito.when(udfFunctionMapper.queryUdfFuncExceptUserId(userId)).thenReturn(getUdfFuncList());
Mockito.when(udfFunctionMapper.queryAuthedUdfFunc(userId)).thenReturn(getSingleUdfFuncList()); Mockito.when(udfFunctionMapper.queryAuthedUdfFunc(userId)).thenReturn(getSingleUdfFuncList());
Map<String, Object> result = resourcesService.unauthorizedUDFFunction(user, userId); Map<String, Object> result = resourcesService.unauthorizedUDFFunction(user, userId);
@ -671,6 +769,7 @@ public class ResourcesServiceTest {
int userId = 3; int userId = 3;
// test admin user // test admin user
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(true);
Mockito.when(udfFunctionMapper.queryAuthedUdfFunc(userId)).thenReturn(getUdfFuncList()); Mockito.when(udfFunctionMapper.queryAuthedUdfFunc(userId)).thenReturn(getUdfFuncList());
Map<String, Object> result = resourcesService.authorizedUDFFunction(user, userId); Map<String, Object> result = resourcesService.authorizedUDFFunction(user, userId);
logger.info(result.toString()); logger.info(result.toString());
@ -699,6 +798,7 @@ public class ResourcesServiceTest {
// test admin user // test admin user
List<Integer> resIds = new ArrayList<>(); List<Integer> resIds = new ArrayList<>();
resIds.add(1); resIds.add(1);
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(true);
Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(Mockito.anyInt(), Mockito.anyInt())).thenReturn(resIds); Mockito.when(resourceUserMapper.queryResourcesIdListByUserIdAndPerm(Mockito.anyInt(), Mockito.anyInt())).thenReturn(resIds);
Mockito.when(resourcesMapper.queryResourceListById(Mockito.any())).thenReturn(getResourceList()); Mockito.when(resourcesMapper.queryResourceListById(Mockito.any())).thenReturn(getResourceList());
Map<String, Object> result = resourcesService.authorizedFile(user, userId); Map<String, Object> result = resourcesService.authorizedFile(user, userId);
@ -745,6 +845,13 @@ public class ResourcesServiceTest {
return resources; return resources;
} }
private Set<Integer> getSetIds() {
Set<Integer> resources = new HashSet<>();
resources.add(1);
return resources;
}
private List<Resource> getSingleResourceList() { private List<Resource> getSingleResourceList() {
return Collections.singletonList(getResource(1)); return Collections.singletonList(getResource(1));
} }
@ -834,6 +941,7 @@ public class ResourcesServiceTest {
private User getUser() { private User getUser() {
User user = new User(); User user = new User();
user.setId(1); user.setId(1);
user.setUserType(UserType.GENERAL_USER);
user.setTenantId(1); user.setTenantId(1);
user.setTenantCode("tenantCode"); user.setTenantCode("tenantCode");
return user; return user;

34
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TaskGroupServiceTest.java

@ -17,10 +17,13 @@
package org.apache.dolphinscheduler.api.service; package org.apache.dolphinscheduler.api.service;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
import org.apache.dolphinscheduler.api.service.impl.TaskGroupServiceImpl; import org.apache.dolphinscheduler.api.service.impl.TaskGroupServiceImpl;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.Flag; import org.apache.dolphinscheduler.common.enums.Flag;
import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.dao.entity.TaskGroup; import org.apache.dolphinscheduler.dao.entity.TaskGroup;
@ -28,12 +31,12 @@ import org.apache.dolphinscheduler.dao.entity.User;
import org.apache.dolphinscheduler.dao.mapper.TaskGroupMapper; import org.apache.dolphinscheduler.dao.mapper.TaskGroupMapper;
import org.apache.dolphinscheduler.dao.mapper.TaskGroupQueueMapper; import org.apache.dolphinscheduler.dao.mapper.TaskGroupQueueMapper;
import org.apache.dolphinscheduler.dao.mapper.UserMapper; import org.apache.dolphinscheduler.dao.mapper.UserMapper;
import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
import org.apache.dolphinscheduler.service.process.ProcessService; import org.apache.dolphinscheduler.service.process.ProcessService;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.TreeMap;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Test; import org.junit.Test;
@ -80,6 +83,11 @@ public class TaskGroupServiceTest {
private String userName = "taskGroupServiceTest"; private String userName = "taskGroupServiceTest";
@Mock
private ResourcePermissionCheckService resourcePermissionCheckService;
private static final Logger serviceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);
/** /**
* create admin user * create admin user
*/ */
@ -103,10 +111,27 @@ public class TaskGroupServiceTest {
return list; return list;
} }
@Test
public void forceStartTask() {
User loginUser = getLoginUser();
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_QUEUE_START, serviceLogger)).thenReturn(false);
Map<String, Object> objectMap = taskGroupService.forceStartTask(loginUser, 1);
Assert.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION, objectMap.get(Constants.STATUS));
}
@Test
public void modifyPriority() {
User loginUser = getLoginUser();
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_QUEUE_PRIORITY, serviceLogger)).thenReturn(false);
Map<String, Object> objectMap = taskGroupService.modifyPriority(loginUser, 1, 1);
Assert.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION, objectMap.get(Constants.STATUS));
}
@Test @Test
public void testCreate() { public void testCreate() {
User loginUser = getLoginUser(); User loginUser = getLoginUser();
TaskGroup taskGroup = getTaskGroup(); TaskGroup taskGroup = getTaskGroup();
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_CREATE, serviceLogger)).thenReturn(true);
Mockito.when(taskGroupMapper.insert(taskGroup)).thenReturn(1); Mockito.when(taskGroupMapper.insert(taskGroup)).thenReturn(1);
Mockito.when(taskGroupMapper.queryByName(loginUser.getId(), taskGroupName)).thenReturn(null); Mockito.when(taskGroupMapper.queryByName(loginUser.getId(), taskGroupName)).thenReturn(null);
Map<String, Object> result = taskGroupService.createTaskGroup(loginUser,0L, taskGroupName, taskGroupDesc, 100); Map<String, Object> result = taskGroupService.createTaskGroup(loginUser,0L, taskGroupName, taskGroupDesc, 100);
@ -129,6 +154,8 @@ public class TaskGroupServiceTest {
IPage<TaskGroup> page = new Page<>(1, 10); IPage<TaskGroup> page = new Page<>(1, 10);
page.setRecords(getList()); page.setRecords(getList());
User loginUser = getLoginUser(); User loginUser = getLoginUser();
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_VIEW, serviceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.TASK_GROUP, null, 0, serviceLogger)).thenReturn(true);
Mockito.when(taskGroupMapper.queryTaskGroupPaging(Mockito.any(Page.class), Mockito.eq(10), Mockito.when(taskGroupMapper.queryTaskGroupPaging(Mockito.any(Page.class), Mockito.eq(10),
Mockito.eq(null), Mockito.eq(0))).thenReturn(page); Mockito.eq(null), Mockito.eq(0))).thenReturn(page);
@ -145,6 +172,9 @@ public class TaskGroupServiceTest {
TaskGroup taskGroup = getTaskGroup(); TaskGroup taskGroup = getTaskGroup();
taskGroup.setStatus(Flag.YES.getCode()); taskGroup.setStatus(Flag.YES.getCode());
// Task group status error // Task group status error
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_EDIT, serviceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.TASK_GROUP, null, 0, serviceLogger)).thenReturn(true);
Mockito.when(taskGroupMapper.selectById(1)).thenReturn(taskGroup); Mockito.when(taskGroupMapper.selectById(1)).thenReturn(taskGroup);
Map<String, Object> result = taskGroupService.updateTaskGroup(loginUser, 1, "newName", "desc", 100); Map<String, Object> result = taskGroupService.updateTaskGroup(loginUser, 1, "newName", "desc", 100);
logger.info(result.toString()); logger.info(result.toString());
@ -161,6 +191,8 @@ public class TaskGroupServiceTest {
Mockito.when(taskGroupMapper.selectById(1)).thenReturn(taskGroup); Mockito.when(taskGroupMapper.selectById(1)).thenReturn(taskGroup);
//close failed //close failed
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.TASK_GROUP, loginUser.getId(), ApiFuncIdentificationConstant.TASK_GROUP_CLOSE, serviceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.TASK_GROUP, null, 0, serviceLogger)).thenReturn(true);
Map<String, Object> result = taskGroupService.closeTaskGroup(loginUser, 1); Map<String, Object> result = taskGroupService.closeTaskGroup(loginUser, 1);
Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));

86
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UdfFuncServiceTest.java

@ -17,11 +17,13 @@
package org.apache.dolphinscheduler.api.service; package org.apache.dolphinscheduler.api.service;
import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
import org.apache.dolphinscheduler.api.service.impl.UdfFuncServiceImpl; import org.apache.dolphinscheduler.api.service.impl.UdfFuncServiceImpl;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UdfType; import org.apache.dolphinscheduler.common.enums.UdfType;
import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.utils.PropertyUtils; import org.apache.dolphinscheduler.common.utils.PropertyUtils;
@ -35,10 +37,13 @@ import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collections;
import java.util.Date; import java.util.Date;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Set;
import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
@ -81,9 +86,17 @@ public class UdfFuncServiceTest {
PowerMockito.mockStatic(PropertyUtils.class); PowerMockito.mockStatic(PropertyUtils.class);
} }
@Mock
private ResourcePermissionCheckService resourcePermissionCheckService;
private static final Logger serviceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);
private static final Logger udfLogger = LoggerFactory.getLogger(UdfFuncServiceImpl.class);
@Test @Test
public void testCreateUdfFunction() { public void testCreateUdfFunction() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_CREATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, null, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(false);
//hdfs not start //hdfs not start
Result result = udfFuncService.createUdfFunction(getLoginUser(), "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String", Result result = udfFuncService.createUdfFunction(getLoginUser(), "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String",
@ -107,15 +120,19 @@ public class UdfFuncServiceTest {
@Test @Test
public void testQueryUdfFuncDetail() { public void testQueryUdfFuncDetail() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{2}, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(udfFuncMapper.selectById(1)).thenReturn(getUdfFunc()); PowerMockito.when(udfFuncMapper.selectById(1)).thenReturn(getUdfFunc());
//resource not exist //resource not exist
Map<String, Object> result = udfFuncService.queryUdfFuncDetail(2); Result<Object> result = udfFuncService.queryUdfFuncDetail(getLoginUser(), 2);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_NOT_EXIST,result.get(Constants.STATUS)); Assert.assertTrue(Status.RESOURCE_NOT_EXIST.getCode() == result.getCode());
// success // success
result = udfFuncService.queryUdfFuncDetail(1); PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{1}, 0, serviceLogger)).thenReturn(true);
result = udfFuncService.queryUdfFuncDetail(getLoginUser(), 1);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS)); Assert.assertTrue(Status.SUCCESS.getCode() == result.getCode());
} }
@Test @Test
@ -126,40 +143,49 @@ public class UdfFuncServiceTest {
PowerMockito.when(resourceMapper.selectById(1)).thenReturn(getResource()); PowerMockito.when(resourceMapper.selectById(1)).thenReturn(getResource());
//UDF_FUNCTION_NOT_EXIST //UDF_FUNCTION_NOT_EXIST
Map<String, Object> result = udfFuncService.updateUdfFunc(12, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String", PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{1}, 0, serviceLogger)).thenReturn(true);
Result<Object> result = udfFuncService.updateUdfFunc(getLoginUser(), 12, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String",
"UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1); "UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.UDF_FUNCTION_NOT_EXIST,result.get(Constants.STATUS)); Assert.assertTrue(Status.UDF_FUNCTION_NOT_EXIST.getCode() == result.getCode());
//HDFS_NOT_STARTUP //HDFS_NOT_STARTUP
result = udfFuncService.updateUdfFunc(1, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String", result = udfFuncService.updateUdfFunc(getLoginUser(), 1, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String",
"UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1); "UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.HDFS_NOT_STARTUP,result.get(Constants.STATUS)); Assert.assertTrue(Status.HDFS_NOT_STARTUP.getCode() == result.getCode());
//RESOURCE_NOT_EXIST //RESOURCE_NOT_EXIST
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{12}, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(udfFuncMapper.selectUdfById(11)).thenReturn(getUdfFunc()); PowerMockito.when(udfFuncMapper.selectUdfById(11)).thenReturn(getUdfFunc());
PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true); PowerMockito.when(PropertyUtils.getResUploadStartupState()).thenReturn(true);
result = udfFuncService.updateUdfFunc(11, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String", result = udfFuncService.updateUdfFunc(getLoginUser(), 11, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String",
"UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 12); "UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 12);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.RESOURCE_NOT_EXIST,result.get(Constants.STATUS)); Assert.assertTrue(Status.RESOURCE_NOT_EXIST.getCode() == result.getCode());
//success //success
result = udfFuncService.updateUdfFunc(11, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String", PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_UPDATE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{1}, 0, serviceLogger)).thenReturn(true);
result = udfFuncService.updateUdfFunc(getLoginUser(), 11, "UdfFuncServiceTest", "org.apache.dolphinscheduler.api.service.UdfFuncServiceTest", "String",
"UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1); "UdfFuncServiceTest", "UdfFuncServiceTest", UdfType.HIVE, 1);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS)); Assert.assertTrue(Status.SUCCESS.getCode() == result.getCode());
} }
@Test @Test
public void testQueryUdfFuncListPaging() { public void testQueryUdfFuncListPaging() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, null, 0, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.UDF, 1, udfLogger)).thenReturn(getSetIds());
IPage<UdfFunc> page = new Page<>(1,10); IPage<UdfFunc> page = new Page<>(1,10);
page.setTotal(1L); page.setTotal(1L);
page.setRecords(getList()); page.setRecords(getList());
Mockito.when(udfFuncMapper.queryUdfFuncPaging(Mockito.any(Page.class), Mockito.eq(0),Mockito.eq("test"))).thenReturn(page); Mockito.when(udfFuncMapper.queryUdfFuncPaging(Mockito.any(Page.class), Mockito.anyList(),Mockito.eq("test"))).thenReturn(page);
Result result = udfFuncService.queryUdfFuncListPaging(getLoginUser(),"test",1,10); Result result = udfFuncService.queryUdfFuncListPaging(getLoginUser(),"test",1,10);
logger.info(result.toString()); logger.info(result.toString());
PageInfo pageInfo = (PageInfo) result.getData(); PageInfo pageInfo = (PageInfo) result.getData();
@ -168,21 +194,29 @@ public class UdfFuncServiceTest {
@Test @Test
public void testQueryUdfFuncList() { public void testQueryUdfFuncList() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, null, 1, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.UDF, 1, udfLogger)).thenReturn(getSetIds());
User user = getLoginUser(); User user = getLoginUser();
user.setUserType(UserType.GENERAL_USER); user.setUserType(UserType.GENERAL_USER);
Mockito.when(udfFuncMapper.getUdfFuncByType(user.getId(), UdfType.HIVE.ordinal())).thenReturn(getList()); user.setId(1);
Map<String, Object> result = udfFuncService.queryUdfFuncList(user,UdfType.HIVE.ordinal()); Mockito.when(udfFuncMapper.getUdfFuncByType(Collections.singletonList(1), UdfType.HIVE.ordinal())).thenReturn(getList());
Result<Object> result = udfFuncService.queryUdfFuncList(user,UdfType.HIVE.ordinal());
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS,result.get(Constants.STATUS)); Assert.assertTrue(Status.SUCCESS.getCode() == result.getCode());
List<UdfFunc> udfFuncList = (List<UdfFunc>) result.get(Constants.DATA_LIST); List<UdfFunc> udfFuncList = (List<UdfFunc>) result.getData();
Assert.assertTrue(CollectionUtils.isNotEmpty(udfFuncList)); Assert.assertTrue(CollectionUtils.isNotEmpty(udfFuncList));
} }
@Test @Test
public void testDelete() { public void testDelete() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_DELETE, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, new Object[]{122}, 0, serviceLogger)).thenReturn(true);
Mockito.when(udfFuncMapper.deleteById(Mockito.anyInt())).thenReturn(1); Mockito.when(udfFuncMapper.deleteById(Mockito.anyInt())).thenReturn(1);
Mockito.when(udfUserMapper.deleteByUdfFuncId(Mockito.anyInt())).thenReturn(1); Mockito.when(udfUserMapper.deleteByUdfFuncId(Mockito.anyInt())).thenReturn(1);
Result result = udfFuncService.delete(122); Result result = udfFuncService.delete(getLoginUser(), 122);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getMsg(),result.getMsg()); Assert.assertEquals(Status.SUCCESS.getMsg(),result.getMsg());
} }
@ -190,17 +224,25 @@ public class UdfFuncServiceTest {
@Test @Test
public void testVerifyUdfFuncByName() { public void testVerifyUdfFuncByName() {
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.UDF, 1, ApiFuncIdentificationConstant.UDF_FUNCTION_VIEW, serviceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.UDF, null, 0, serviceLogger)).thenReturn(true);
//success //success
Mockito.when(udfFuncMapper.queryUdfByIdStr(null, "UdfFuncServiceTest")).thenReturn(getList()); Mockito.when(udfFuncMapper.queryUdfByIdStr(null, "UdfFuncServiceTest")).thenReturn(getList());
Result result = udfFuncService.verifyUdfFuncByName("test"); Result result = udfFuncService.verifyUdfFuncByName(getLoginUser(), "test");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS.getMsg(),result.getMsg()); Assert.assertEquals(Status.SUCCESS.getMsg(),result.getMsg());
//exist //exist
result = udfFuncService.verifyUdfFuncByName("UdfFuncServiceTest"); result = udfFuncService.verifyUdfFuncByName(getLoginUser(), "UdfFuncServiceTest");
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.UDF_FUNCTION_EXISTS.getMsg(),result.getMsg()); Assert.assertEquals(Status.UDF_FUNCTION_EXISTS.getMsg(),result.getMsg());
} }
private Set<Integer> getSetIds(){
Set<Integer> set = new HashSet();
set.add(1);
return set;
}
/** /**
* create admin user * create admin user
* @return * @return

81
dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java

@ -27,7 +27,6 @@ import org.apache.dolphinscheduler.api.service.impl.UsersServiceImpl;
import org.apache.dolphinscheduler.api.utils.PageInfo; import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result; import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants; import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.storage.StorageOperate; import org.apache.dolphinscheduler.common.storage.StorageOperate;
import org.apache.dolphinscheduler.common.utils.EncryptionUtils; import org.apache.dolphinscheduler.common.utils.EncryptionUtils;
@ -44,7 +43,6 @@ import org.mockito.InjectMocks;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.Mockito; import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner; import org.mockito.junit.MockitoJUnitRunner;
import org.powermock.api.mockito.PowerMockito;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -52,7 +50,6 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.*;
import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
@ -62,7 +59,7 @@ import static org.mockito.Mockito.when;
*/ */
@RunWith(MockitoJUnitRunner.Silent.class) @RunWith(MockitoJUnitRunner.Silent.class)
public class UsersServiceTest { public class UsersServiceTest {
private static final Logger baseServiceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);
private static final Logger logger = LoggerFactory.getLogger(UsersServiceTest.class); private static final Logger logger = LoggerFactory.getLogger(UsersServiceTest.class);
@InjectMocks @InjectMocks
@ -111,6 +108,7 @@ public class UsersServiceTest {
@Before @Before
public void before() { public void before() {
Mockito.when(resourcePermissionCheckService.functionDisabled()).thenReturn(false);
} }
@After @After
@ -138,8 +136,6 @@ public class UsersServiceTest {
int state = 1; int state = 1;
try { try {
//userName error //userName error
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), USERS_CREATE , baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.createUser(user, userName, userPassword, email, tenantId, phone, queueName, state); Map<String, Object> result = usersService.createUser(user, userName, userPassword, email, tenantId, phone, queueName, state);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS)); Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS));
@ -230,20 +226,14 @@ public class UsersServiceTest {
@Test @Test
public void testQueryUserList() { public void testQueryUserList() {
User user = new User(); User user = new User();
user.setUserType(UserType.GENERAL_USER);
user.setId(999);
//no operate //no operate
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null, 1, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.queryUserList(user); Map<String, Object> result = usersService.queryUserList(user);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//success //success
user.setUserType(UserType.ADMIN_USER); user.setUserType(UserType.ADMIN_USER);
user.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null, 0, baseServiceLogger)).thenReturn(true);
when(userMapper.selectList(null)).thenReturn(getUserList()); when(userMapper.selectList(null)).thenReturn(getUserList());
result = usersService.queryUserList(user); result = usersService.queryUserList(user);
List<User> userList = (List<User>) result.get(Constants.DATA_LIST); List<User> userList = (List<User>) result.get(Constants.DATA_LIST);
@ -258,17 +248,12 @@ public class UsersServiceTest {
when(userMapper.queryUserPaging(any(Page.class), eq("userTest"))).thenReturn(page); when(userMapper.queryUserPaging(any(Page.class), eq("userTest"))).thenReturn(page);
//no operate //no operate
user.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 99, USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,99, baseServiceLogger)).thenReturn(true);
Result result = usersService.queryUserList(user, "userTest", 1, 10); Result result = usersService.queryUserList(user, "userTest", 1, 10);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM.getCode(), (int) result.getCode()); Assert.assertEquals(Status.USER_NO_OPERATION_PERM.getCode(), (int) result.getCode());
//success //success
user.setUserType(UserType.ADMIN_USER); user.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
result = usersService.queryUserList(user, "userTest", 1, 10); result = usersService.queryUserList(user, "userTest", 1, 10);
Assert.assertEquals(Status.SUCCESS.getCode(), (int) result.getCode()); Assert.assertEquals(Status.SUCCESS.getCode(), (int) result.getCode());
PageInfo<User> pageInfo = (PageInfo<User>) result.getData(); PageInfo<User> pageInfo = (PageInfo<User>) result.getData();
@ -281,11 +266,6 @@ public class UsersServiceTest {
String userPassword = "userTest0001"; String userPassword = "userTest0001";
try { try {
//user not exist //user not exist
User user = new User();
user.setUserType(UserType.ADMIN_USER);
user.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(),USER_UPDATE, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.updateUser(getLoginUser(), 0, userName, userPassword, "3443@qq.com", 1, "13457864543", "queue", 1, "Asia/Shanghai"); Map<String, Object> result = usersService.updateUser(getLoginUser(), 0, userName, userPassword, "3443@qq.com", 1, "13457864543", "queue", 1, "Asia/Shanghai");
Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS));
logger.info(result.toString()); logger.info(result.toString());
@ -309,18 +289,12 @@ public class UsersServiceTest {
when(userMapper.selectById(1)).thenReturn(getUser()); when(userMapper.selectById(1)).thenReturn(getUser());
when(accessTokenMapper.deleteAccessTokenByUserId(1)).thenReturn(0); when(accessTokenMapper.deleteAccessTokenByUserId(1)).thenReturn(0);
//no operate //no operate
loginUser.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 990, USER_DELETE, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,990, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.deleteUserById(loginUser, 3); Map<String, Object> result = usersService.deleteUserById(loginUser, 3);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
// user not exist // user not exist
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
loginUser.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 1, USER_DELETE,baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
result = usersService.deleteUserById(loginUser, 3); result = usersService.deleteUserById(loginUser, 3);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS));
@ -372,8 +346,7 @@ public class UsersServiceTest {
Mockito.when(this.userMapper.selectById(authorizer)).thenReturn(this.getUser()); Mockito.when(this.userMapper.selectById(authorizer)).thenReturn(this.getUser());
Mockito.when(this.userMapper.selectById(projectCreator)).thenReturn(this.getUser()); Mockito.when(this.userMapper.selectById(projectCreator)).thenReturn(this.getUser());
Mockito.when(this.projectMapper.queryByCode(projectCode)).thenReturn(this.getProject()); Mockito.when(this.projectMapper.queryByCode(projectCode)).thenReturn(this.getProject());
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 999, null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null, 1, baseServiceLogger)).thenReturn(true);
// ERROR: USER_NOT_EXIST // ERROR: USER_NOT_EXIST
User loginUser = new User(); User loginUser = new User();
Map<String, Object> result = this.usersService.grantProjectByCode(loginUser, 999, projectCode); Map<String, Object> result = this.usersService.grantProjectByCode(loginUser, 999, projectCode);
@ -395,8 +368,6 @@ public class UsersServiceTest {
// SUCCESS: USER IS PROJECT OWNER // SUCCESS: USER IS PROJECT OWNER
loginUser.setId(projectCreator); loginUser.setId(projectCreator);
loginUser.setUserType(UserType.GENERAL_USER); loginUser.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, new Object[]{1}, loginUser.getId(), baseServiceLogger)).thenReturn(true);
result = this.usersService.grantProjectByCode(loginUser, authorizer, projectCode); result = this.usersService.grantProjectByCode(loginUser, authorizer, projectCode);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
@ -404,8 +375,6 @@ public class UsersServiceTest {
// SUCCESS: USER IS ADMINISTRATOR // SUCCESS: USER IS ADMINISTRATOR
loginUser.setId(999); loginUser.setId(999);
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, new Object[]{1}, 0, baseServiceLogger)).thenReturn(true);
result = this.usersService.grantProjectByCode(loginUser, authorizer, projectCode); result = this.usersService.grantProjectByCode(loginUser, authorizer, projectCode);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
@ -419,19 +388,12 @@ public class UsersServiceTest {
// user no permission // user no permission
User loginUser = new User(); User loginUser = new User();
loginUser.setId(999);
loginUser.setUserType(UserType.GENERAL_USER);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 999,null, baseServiceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null, 2, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = this.usersService.revokeProject(loginUser, 1, projectCode); Map<String, Object> result = this.usersService.revokeProject(loginUser, 1, projectCode);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
// user not exist // user not exist
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
loginUser.setId(1);
PowerMockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(),null, baseServiceLogger)).thenReturn(true);
PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null, 0, baseServiceLogger)).thenReturn(true);
result = this.usersService.revokeProject(loginUser, 2, projectCode); result = this.usersService.revokeProject(loginUser, 2, projectCode);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS));
@ -489,8 +451,6 @@ public class UsersServiceTest {
//user not exist //user not exist
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.grantNamespaces(loginUser, 2, namespaceIds); Map<String, Object> result = usersService.grantNamespaces(loginUser, 2, namespaceIds);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS));
@ -544,8 +504,6 @@ public class UsersServiceTest {
loginUser.setUserName("admin"); loginUser.setUserName("admin");
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
// get admin user // get admin user
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.getUserInfo(loginUser); Map<String, Object> result = usersService.getUserInfo(loginUser);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
@ -554,10 +512,8 @@ public class UsersServiceTest {
Assert.assertEquals("admin", tempUser.getUserName()); Assert.assertEquals("admin", tempUser.getUserName());
//get general user //get general user
loginUser.setUserType(UserType.GENERAL_USER); loginUser.setUserType(null);
loginUser.setId(1); loginUser.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 1, null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
when(userMapper.queryDetailsById(1)).thenReturn(getGeneralUser()); when(userMapper.queryDetailsById(1)).thenReturn(getGeneralUser());
when(alertGroupMapper.queryByUserId(1)).thenReturn(getAlertGroups()); when(alertGroupMapper.queryByUserId(1)).thenReturn(getAlertGroups());
result = usersService.getUserInfo(loginUser); result = usersService.getUserInfo(loginUser);
@ -572,16 +528,11 @@ public class UsersServiceTest {
public void testQueryAllGeneralUsers() { public void testQueryAllGeneralUsers() {
User loginUser = new User(); User loginUser = new User();
//no operate //no operate
loginUser.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 99, USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,99, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.queryAllGeneralUsers(loginUser); Map<String, Object> result = usersService.queryAllGeneralUsers(loginUser);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//success //success
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), USER_MANAGER, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
when(userMapper.queryAllGeneralUser()).thenReturn(getUserList()); when(userMapper.queryAllGeneralUser()).thenReturn(getUserList());
result = usersService.queryAllGeneralUsers(loginUser); result = usersService.queryAllGeneralUsers(loginUser);
logger.info(result.toString()); logger.info(result.toString());
@ -592,9 +543,6 @@ public class UsersServiceTest {
@Test @Test
public void testVerifyUserName() { public void testVerifyUserName() {
User user = new User();
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
//not exist user //not exist user
Result result = usersService.verifyUserName("admin89899"); Result result = usersService.verifyUserName("admin89899");
logger.info(result.toString()); logger.info(result.toString());
@ -612,14 +560,9 @@ public class UsersServiceTest {
when(userMapper.selectList(null)).thenReturn(getUserList()); when(userMapper.selectList(null)).thenReturn(getUserList());
when(userMapper.queryUserListByAlertGroupId(2)).thenReturn(getUserList()); when(userMapper.queryUserListByAlertGroupId(2)).thenReturn(getUserList());
//no operate //no operate
loginUser.setUserType(UserType.GENERAL_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 99, null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,99, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.unauthorizedUser(loginUser, 2); Map<String, Object> result = usersService.unauthorizedUser(loginUser, 2);
logger.info(result.toString()); logger.info(result.toString());
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//success //success
result = usersService.unauthorizedUser(loginUser, 2); result = usersService.unauthorizedUser(loginUser, 2);
@ -630,18 +573,13 @@ public class UsersServiceTest {
@Test @Test
public void testAuthorizedUser() { public void testAuthorizedUser() {
User loginUser = new User(); User loginUser = new User();
loginUser.setUserType(UserType.GENERAL_USER);
when(userMapper.queryUserListByAlertGroupId(2)).thenReturn(getUserList()); when(userMapper.queryUserListByAlertGroupId(2)).thenReturn(getUserList());
//no operate //no operate
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,2, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.authorizedUser(loginUser, 2); Map<String, Object> result = usersService.authorizedUser(loginUser, 2);
logger.info(result.toString()); logger.info(result.toString());
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//success //success
loginUser.setUserType(UserType.ADMIN_USER); loginUser.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, loginUser.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
result = usersService.authorizedUser(loginUser, 2); result = usersService.authorizedUser(loginUser, 2);
Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
List<User> userList = (List<User>) result.get(Constants.DATA_LIST); List<User> userList = (List<User>) result.get(Constants.DATA_LIST);
@ -695,15 +633,11 @@ public class UsersServiceTest {
String userName = "userTest0002~"; String userName = "userTest0002~";
try { try {
//not admin //not admin
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, 99, null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,99, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.activateUser(user, userName); Map<String, Object> result = usersService.activateUser(user, userName);
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//userName error //userName error
user.setUserType(UserType.ADMIN_USER); user.setUserType(UserType.ADMIN_USER);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
result = usersService.activateUser(user, userName); result = usersService.activateUser(user, userName);
Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS)); Assert.assertEquals(Status.REQUEST_PARAMS_NOT_VALID_ERROR, result.get(Constants.STATUS));
@ -739,16 +673,11 @@ public class UsersServiceTest {
try { try {
//not admin //not admin
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,2, baseServiceLogger)).thenReturn(true);
Map<String, Object> result = usersService.batchActivateUser(user, userNames); Map<String, Object> result = usersService.batchActivateUser(user, userNames);
Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
//batch activate user names //batch activate user names
user.setUserType(UserType.ADMIN_USER); user.setUserType(UserType.ADMIN_USER);
user.setId(1);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.USER, user.getId(), null, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.USER, null ,0, baseServiceLogger)).thenReturn(true);
when(userMapper.queryByUserNameAccurately("userTest0001")).thenReturn(getUser()); when(userMapper.queryByUserNameAccurately("userTest0001")).thenReturn(getUser());
when(userMapper.queryByUserNameAccurately("userTest0002")).thenReturn(getDisabledUser()); when(userMapper.queryByUserNameAccurately("userTest0002")).thenReturn(getDisabledUser());
result = usersService.batchActivateUser(user, userNames); result = usersService.batchActivateUser(user, userNames);

8
dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/enums/AuthorizationType.java

@ -56,11 +56,13 @@ public enum AuthorizationType {
QUEUE(10,"queue"), QUEUE(10,"queue"),
DATA_ANALYSIS(11,"data analysis"), DATA_ANALYSIS(11,"data analysis"),
K8S_NAMESPACE(12,"k8s namespace"), K8S_NAMESPACE(12,"k8s namespace"),
MONITOR(13,"montitor"), MONITOR(13,"monitor"),
ALERT_PLUGIN_INSTANCE(14,"alert plugin instance"), ALERT_PLUGIN_INSTANCE(14,"alert plugin instance"),
TENANT(15,"tenant"), TENANT(15,"tenant"),
USER(16,"user"), DATA_QUALITY(16,"data quality"),
DATA_QUALITY(17,"data quality"); TASK_GROUP(17,"task group"),
;
AuthorizationType(int code, String descp) { AuthorizationType(int code, String descp) {
this.code = code; this.code = code;
this.descp = descp; this.descp = descp;

2
dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/entity/TaskGroup.java

@ -33,7 +33,7 @@ public class TaskGroup implements Serializable {
* key * key
*/ */
@TableId(value = "id", type = IdType.AUTO) @TableId(value = "id", type = IdType.AUTO)
private int id; private Integer id;
/** /**
* task_group name * task_group name
*/ */

2
dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/AlertGroupMapper.java

@ -90,6 +90,6 @@ public interface AlertGroupMapper extends BaseMapper<AlertGroup> {
* @param alertGroupsIds * @param alertGroupsIds
* @return * @return
*/ */
<T> List<AlertGroup> listAuthorizedAlertGroupList (@Param("userId") int userId, @Param("alertGroupsIds")T[] alertGroupsIds); <T> List<AlertGroup> listAuthorizedAlertGroupList (@Param("userId") int userId, @Param("alertGroupsIds")List<Integer> alertGroupsIds);
} }

2
dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.java

@ -62,9 +62,9 @@ public interface ResourceMapper extends BaseMapper<Resource> {
* @return resource page * @return resource page
*/ */
IPage<Resource> queryResourcePaging(IPage<Resource> page, IPage<Resource> queryResourcePaging(IPage<Resource> page,
@Param("userId") int userId,
@Param("id") int id, @Param("id") int id,
@Param("type") int type, @Param("type") int type,
@Param("userId") int userId,
@Param("searchVal") String searchVal, @Param("searchVal") String searchVal,
@Param("resIds") List<Integer> resIds); @Param("resIds") List<Integer> resIds);

11
dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapper.java

@ -52,7 +52,7 @@ public interface UdfFuncMapper extends BaseMapper<UdfFunc> {
* @return udf function IPage * @return udf function IPage
*/ */
IPage<UdfFunc> queryUdfFuncPaging(IPage<UdfFunc> page, IPage<UdfFunc> queryUdfFuncPaging(IPage<UdfFunc> page,
@Param("userId") int userId, @Param("ids") List<Integer> ids,
@Param("searchVal") String searchVal); @Param("searchVal") String searchVal);
/** /**
@ -61,7 +61,7 @@ public interface UdfFuncMapper extends BaseMapper<UdfFunc> {
* @param type type * @param type type
* @return udf function list * @return udf function list
*/ */
List<UdfFunc> getUdfFuncByType(@Param("userId") int userId, List<UdfFunc> getUdfFuncByType(@Param("ids") List<Integer> ids,
@Param("type") Integer type); @Param("type") Integer type);
/** /**
@ -107,5 +107,10 @@ public interface UdfFuncMapper extends BaseMapper<UdfFunc> {
*/ */
int batchUpdateUdfFunc(@Param("udfFuncList") List<UdfFunc> udfFuncList); int batchUpdateUdfFunc(@Param("udfFuncList") List<UdfFunc> udfFuncList);
/**
* listAuthorizedUdfByUserId
* @param userId
* @return
*/
List<UdfFunc> listAuthorizedUdfByUserId(@Param("userId") int userId);
} }

2
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AccessTokenMapper.xml

@ -50,7 +50,7 @@
<if test="userId != 0"> <if test="userId != 0">
and t.user_id = #{userId} and t.user_id = #{userId}
</if> </if>
<if test="accessTokensIds != null and accessTokensIds.length > 0"> <if test="accessTokensIds != null and accessTokensIds.size() > 0">
and t.id in and t.id in
<foreach item="id" index="index" collection="accessTokensIds" open="(" separator="," close=")"> <foreach item="id" index="index" collection="accessTokensIds" open="(" separator="," close=")">
#{id} #{id}

2
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AlertGroupMapper.xml

@ -80,7 +80,7 @@
<if test="userId != 0"> <if test="userId != 0">
and ag.create_user_id = #{userId} and ag.create_user_id = #{userId}
</if> </if>
<if test="alertGroupsIds != null and alertGroupsIds.length > 0"> <if test="alertGroupsIds != null and alertGroupsIds.size() > 0">
and ag.id in and ag.id in
<foreach item="id" index="index" collection="alertGroupsIds" open="(" separator="," close=")"> <foreach item="id" index="index" collection="alertGroupsIds" open="(" separator="," close=")">
#{id} #{id}

8
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/AlertPluginInstanceMapper.xml

@ -59,12 +59,4 @@
where instance_name = #{instanceName} limit 1 where instance_name = #{instanceName} limit 1
</select> </select>
<select id="queryAllAlertPluginInstanceList"
resultType="org.apache.dolphinscheduler.dao.entity.AlertPluginInstance">
select
<include refid="baseSql"/>
from t_ds_alert_plugin_instance
</select>
</mapper> </mapper>

1
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectUserMapper.xml

@ -37,5 +37,4 @@
and user_id = #{userId} and user_id = #{userId}
limit 1 limit 1
</select> </select>
</mapper> </mapper>

17
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.xml

@ -60,17 +60,12 @@
</include> </include>
,u.user_name ,u.user_name
from t_ds_resources d,t_ds_user u from t_ds_resources d,t_ds_user u
where d.type=#{type} and d.pid=#{id} and d.user_id=u.id where d.type=#{type} and d.pid=#{id} and u.id = #{userId}
<if test="userId != 0"> <if test="resIds != null and resIds.size() > 0">
and ( and d.id in
d.user_id=#{userId} <foreach collection="resIds" item="i" open="(" close=")" separator=",">
<if test="resIds != null and resIds.size() > 0"> #{i}
or d.id in </foreach>
<foreach collection="resIds" item="i" open="(" close=")" separator=",">
#{i}
</foreach>
</if>
)
</if> </if>
<if test="searchVal != null and searchVal != ''"> <if test="searchVal != null and searchVal != ''">
and d.alias like concat('%', #{searchVal}, '%') and d.alias like concat('%', #{searchVal}, '%')

42
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapper.xml

@ -62,11 +62,17 @@
<if test="searchVal!= null and searchVal != ''"> <if test="searchVal!= null and searchVal != ''">
and udf.func_name like concat('%', #{searchVal}, '%') and udf.func_name like concat('%', #{searchVal}, '%')
</if> </if>
<if test="userId != 0"> <if test="ids != null and ids.size() > 0">
and udf.id in ( and udf.id in
select udf_id from t_ds_relation_udfs_user where user_id=#{userId} <foreach collection="ids" item="i" open="(" close=")" separator=",">
union select id as udf_id from t_ds_udfs where user_id=#{userId}) #{i}
</foreach>
</if> </if>
<!-- <if test="userId != 0">-->
<!-- and udf.id in (-->
<!-- select udf_id from t_ds_relation_udfs_user where user_id=#{userId}-->
<!-- union select id as udf_id from t_ds_udfs where user_id=#{userId})-->
<!-- </if>-->
order by udf.create_time desc order by udf.create_time desc
</select> </select>
<select id="getUdfFuncByType" resultType="org.apache.dolphinscheduler.dao.entity.UdfFunc"> <select id="getUdfFuncByType" resultType="org.apache.dolphinscheduler.dao.entity.UdfFunc">
@ -76,11 +82,17 @@
</include> </include>
from t_ds_udfs udf from t_ds_udfs udf
where udf.type=#{type} where udf.type=#{type}
<if test="userId != 0"> <if test="ids != null and ids.size() > 0">
and udf.id in ( and udf.id in
select udf_id from t_ds_relation_udfs_user where user_id=#{userId} <foreach collection="ids" item="i" open="(" close=")" separator=",">
union select id as udf_id from t_ds_udfs where user_id=#{userId}) #{i}
</foreach>
</if> </if>
<!-- <if test="userId != 0">-->
<!-- and udf.id in (-->
<!-- select udf_id from t_ds_relation_udfs_user where user_id=#{userId}-->
<!-- union select id as udf_id from t_ds_udfs where user_id=#{userId})-->
<!-- </if>-->
</select> </select>
<select id="queryUdfFuncExceptUserId" resultType="org.apache.dolphinscheduler.dao.entity.UdfFunc"> <select id="queryUdfFuncExceptUserId" resultType="org.apache.dolphinscheduler.dao.entity.UdfFunc">
select select
@ -157,5 +169,19 @@
</where> </where>
</foreach> </foreach>
</update> </update>
<select id="listAuthorizedUdfByUserId" resultType="org.apache.dolphinscheduler.dao.entity.UdfFunc">
select
<include refid="baseSql">
<property name="alias" value="udf"/>
</include>
from t_ds_udfs udf
where 1=1
<if test="userId != 0">
and udf.id in (
select udf_id from t_ds_relation_udfs_user where user_id=#{userId}
union select id as udf_id from t_ds_udfs where user_id=#{userId})
</if>
</select>
</mapper> </mapper>

11
dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/UserMapper.xml

@ -131,15 +131,4 @@
from t_ds_user u, t_ds_relation_project_user rel from t_ds_user u, t_ds_relation_project_user rel
where u.id = rel.user_id and rel.project_id = #{projectId} where u.id = rel.user_id and rel.project_id = #{projectId}
</select> </select>
<select id="listAuthorizedUsersList" resultType="org.apache.dolphinscheduler.dao.entity.Project">
select
*
from t_ds_project dp
where 1=1
<if test="userId != 0">
and dp.id in (select project_id from t_ds_relation_project_user where user_id=#{userId}
union select id as project_id from t_ds_project where user_id=#{userId})
</if>
</select>
</mapper> </mapper>

6
dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapperTest.java

@ -231,17 +231,17 @@ public class ResourceMapperTest extends BaseDaoTest {
IPage<Resource> resourceIPage = resourceMapper.queryResourcePaging( IPage<Resource> resourceIPage = resourceMapper.queryResourcePaging(
page, page,
0,
-1, -1,
resource.getType().ordinal(), resource.getType().ordinal(),
1110,
"", "",
new ArrayList<>() new ArrayList<>(resource.getId())
); );
IPage<Resource> resourceIPage1 = resourceMapper.queryResourcePaging( IPage<Resource> resourceIPage1 = resourceMapper.queryResourcePaging(
page, page,
1110,
-1, -1,
resource.getType().ordinal(), resource.getType().ordinal(),
1110,
"", "",
null null
); );

6
dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/UdfFuncMapperTest.java

@ -27,6 +27,7 @@ import org.apache.dolphinscheduler.dao.entity.User;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
@ -212,7 +213,8 @@ public class UdfFuncMapperTest extends BaseDaoTest {
UdfFunc udfFunc = insertOne(user); UdfFunc udfFunc = insertOne(user);
//queryUdfFuncPaging //queryUdfFuncPaging
Page<UdfFunc> page = new Page(1, 3); Page<UdfFunc> page = new Page(1, 3);
IPage<UdfFunc> udfFuncIPage = udfFuncMapper.queryUdfFuncPaging(page, user.getId(), "");
IPage<UdfFunc> udfFuncIPage = udfFuncMapper.queryUdfFuncPaging(page, Collections.singletonList(udfFunc.getId()), "");
Assert.assertNotEquals(udfFuncIPage.getTotal(), 0); Assert.assertNotEquals(udfFuncIPage.getTotal(), 0);
} }
@ -227,7 +229,7 @@ public class UdfFuncMapperTest extends BaseDaoTest {
//insertOne //insertOne
UdfFunc udfFunc = insertOne(user); UdfFunc udfFunc = insertOne(user);
//getUdfFuncByType //getUdfFuncByType
List<UdfFunc> udfFuncList = udfFuncMapper.getUdfFuncByType(user.getId(), udfFunc.getType().ordinal()); List<UdfFunc> udfFuncList = udfFuncMapper.getUdfFuncByType(Collections.singletonList(udfFunc.getId()), udfFunc.getType().ordinal());
Assert.assertNotEquals(udfFuncList.size(), 0); Assert.assertNotEquals(udfFuncList.size(), 0);
} }

9
dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/permission/ResourcePermissionCheckService.java

@ -19,6 +19,7 @@ package org.apache.dolphinscheduler.service.permission;
import org.apache.dolphinscheduler.common.enums.AuthorizationType; import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.slf4j.Logger; import org.slf4j.Logger;
import java.util.List;
import java.util.Set; import java.util.Set;
public interface ResourcePermissionCheckService<T>{ public interface ResourcePermissionCheckService<T>{
@ -30,7 +31,7 @@ public interface ResourcePermissionCheckService<T>{
* @param logger * @param logger
* @return * @return
*/ */
boolean resourcePermissionCheck(AuthorizationType authorizationType, T[] needChecks, int userId, Logger logger); boolean resourcePermissionCheck(AuthorizationType authorizationType, Object[] needChecks, Integer userId, Logger logger);
/** /**
* userOwnedResourceIdsAcquisition * userOwnedResourceIdsAcquisition
@ -40,17 +41,17 @@ public interface ResourcePermissionCheckService<T>{
* @param <T> * @param <T>
* @return * @return
*/ */
<T> Set<T> userOwnedResourceIdsAcquisition(AuthorizationType authorizationType, int userId, Logger logger); <T> Set<T> userOwnedResourceIdsAcquisition(AuthorizationType authorizationType, Integer userId, Logger logger);
/** /**
* operationpermissionCheck * operationpermissionCheck
* @param authorizationType * @param authorizationType
* @param userId * @param userId
* @param sourceUrl * @param permissionKey
* @param logger * @param logger
* @return * @return
*/ */
boolean operationPermissionCheck(AuthorizationType authorizationType, int userId, String sourceUrl, Logger logger); boolean operationPermissionCheck(AuthorizationType authorizationType, Integer userId, String permissionKey, Logger logger);
/** /**
* functionDisabled * functionDisabled

160
dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/permission/ResourcePermissionCheckServiceImpl.java

@ -68,7 +68,7 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
@Override @Override
public boolean resourcePermissionCheck(AuthorizationType authorizationType, Object[] needChecks, int userId, Logger logger) { public boolean resourcePermissionCheck(AuthorizationType authorizationType, Object[] needChecks, Integer userId, Logger logger) {
if (Objects.nonNull(needChecks) && needChecks.length > 0){ if (Objects.nonNull(needChecks) && needChecks.length > 0){
Set<Object> originResSet = new HashSet<>(Arrays.asList(needChecks)); Set<Object> originResSet = new HashSet<>(Arrays.asList(needChecks));
Set<Object> ownResSets = RESOURCE_LIST_MAP.get(authorizationType).listAuthorizedResource(userId, logger); Set<Object> ownResSets = RESOURCE_LIST_MAP.get(authorizationType).listAuthorizedResource(userId, logger);
@ -79,8 +79,8 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
@Override @Override
public boolean operationPermissionCheck(AuthorizationType authorizationType, int userId, String sourceUrl, Logger logger) { public boolean operationPermissionCheck(AuthorizationType authorizationType, Integer userId, String permissionKey, Logger logger) {
return RESOURCE_LIST_MAP.get(authorizationType).permissionCheck(userId, sourceUrl, logger); return RESOURCE_LIST_MAP.get(authorizationType).permissionCheck(userId, permissionKey, logger);
} }
@Override @Override
@ -89,7 +89,7 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
@Override @Override
public <T> Set<T> userOwnedResourceIdsAcquisition(AuthorizationType authorizationType, int userId, Logger logger) { public <T> Set<T> userOwnedResourceIdsAcquisition(AuthorizationType authorizationType, Integer userId, Logger logger) {
User user = processService.getUserById(userId); User user = processService.getUserById(userId);
if (user == null){ if (user == null){
logger.error("user id {} doesn't exist", userId); logger.error("user id {} doesn't exist", userId);
@ -99,13 +99,11 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
@Component @Component
public static class ProjectsResourceList implements ResourceAcquisitionAndPermissionCheck<Integer> { public static class ProjectsResourcePermissionCheck implements ResourceAcquisitionAndPermissionCheck<Integer> {
private final ProjectMapper projectMapper; private final ProjectMapper projectMapper;
public ProjectsResourcePermissionCheck(ProjectMapper projectMapper) {
public ProjectsResourceList(ProjectMapper projectMapper) {
this.projectMapper = projectMapper; this.projectMapper = projectMapper;
} }
@ -115,23 +113,118 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
@Override @Override
public boolean permissionCheck(int userId, String url, Logger logger) { public boolean permissionCheck(int userId, String permissionKey, Logger logger) {
// all users can create projects
return true; return true;
} }
@Override @Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) { public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
return projectMapper.listAuthorizedProjects(userId, null).stream().map(Project::getId).collect(toSet()); return projectMapper.listAuthorizedProjects(userId, null).stream().map(Project::getId).collect(toSet());
} }
} }
@Component
public static class MonitorResourcePermissionCheck implements ResourceAcquisitionAndPermissionCheck<Integer> {
@Override
public List<AuthorizationType> authorizationTypes() {
return Collections.singletonList(AuthorizationType.MONITOR);
}
@Override
public <T> Set<T> listAuthorizedResource(int userId, Logger logger) {
return null;
}
@Override
public boolean permissionCheck(int userId, String permissionKey, Logger logger) {
return true;
}
}
@Component
public static class FilePermissionCheck implements ResourceAcquisitionAndPermissionCheck<Integer> {
private final ResourceMapper resourceMapper;
public FilePermissionCheck(ResourceMapper resourceMapper) {
this.resourceMapper = resourceMapper;
}
@Override
public List<AuthorizationType> authorizationTypes() {
return Arrays.asList(AuthorizationType.RESOURCE_FILE_ID, AuthorizationType.UDF_FILE);
}
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
List<Resource> resources = resourceMapper.queryResourceList(null, userId, -1);
if (resources.isEmpty()){
return Collections.emptySet();
}
return resources.stream().map(Resource::getId).collect(toSet());
}
@Override
public boolean permissionCheck(int userId, String permissionKey, Logger logger) {
return true;
}
}
@Component
public static class UdfFuncPermissionCheck implements ResourceAcquisitionAndPermissionCheck<Integer> {
private final UdfFuncMapper udfFuncMapper;
public UdfFuncPermissionCheck(UdfFuncMapper udfFuncMapper) {
this.udfFuncMapper = udfFuncMapper;
}
@Override
public List<AuthorizationType> authorizationTypes() {
return Collections.singletonList(AuthorizationType.UDF);
}
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
List<UdfFunc> udfFuncList = udfFuncMapper.listAuthorizedUdfByUserId(userId);
if (udfFuncList.isEmpty()){
return Collections.emptySet();
}
return udfFuncList.stream().map(UdfFunc::getId).collect(toSet());
}
@Override
public boolean permissionCheck(int userId, String permissionKey, Logger logger) {
return true;
}
}
@Component
public static class TaskGroupPermissionCheck implements ResourceAcquisitionAndPermissionCheck<Integer> {
@Override
public List<AuthorizationType> authorizationTypes() {
return Collections.singletonList(AuthorizationType.TASK_GROUP);
}
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
return null;
}
@Override
public boolean permissionCheck(int userId, String permissionKey, Logger logger) {
return true;
}
}
@Component @Component
public static class K8sNamespaceResourceList implements ResourceAcquisitionAndPermissionCheck<Integer> { public static class K8sNamespaceResourceList implements ResourceAcquisitionAndPermissionCheck<Integer> {
private final K8sNamespaceMapper k8sNamespaceMapper; private final K8sNamespaceMapper k8sNamespaceMapper;
public K8sNamespaceResourceList(K8sNamespaceMapper k8sNamespaceMapper) { public K8sNamespaceResourceList(K8sNamespaceMapper k8sNamespaceMapper) {
this.k8sNamespaceMapper = k8sNamespaceMapper; this.k8sNamespaceMapper = k8sNamespaceMapper;
} }
@ -158,8 +251,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final EnvironmentMapper environmentMapper; private final EnvironmentMapper environmentMapper;
public EnvironmentResourceList(EnvironmentMapper environmentMapper) { public EnvironmentResourceList(EnvironmentMapper environmentMapper) {
this.environmentMapper = environmentMapper; this.environmentMapper = environmentMapper;
} }
@ -185,8 +276,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final QueueMapper queueMapper; private final QueueMapper queueMapper;
public QueueResourceList(QueueMapper queueMapper) { public QueueResourceList(QueueMapper queueMapper) {
this.queueMapper = queueMapper; this.queueMapper = queueMapper;
} }
@ -213,8 +302,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final WorkerGroupMapper workerGroupMapper; private final WorkerGroupMapper workerGroupMapper;
public WorkerGroupResourceList(WorkerGroupMapper workerGroupMapper) { public WorkerGroupResourceList(WorkerGroupMapper workerGroupMapper) {
this.workerGroupMapper = workerGroupMapper; this.workerGroupMapper = workerGroupMapper;
} }
@ -244,8 +331,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final AlertPluginInstanceMapper alertPluginInstanceMapper; private final AlertPluginInstanceMapper alertPluginInstanceMapper;
public AlertPluginInstanceResourceList(AlertPluginInstanceMapper alertPluginInstanceMapper) { public AlertPluginInstanceResourceList(AlertPluginInstanceMapper alertPluginInstanceMapper) {
this.alertPluginInstanceMapper = alertPluginInstanceMapper; this.alertPluginInstanceMapper = alertPluginInstanceMapper;
} }
@ -275,8 +360,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final AlertGroupMapper alertGroupMapper; private final AlertGroupMapper alertGroupMapper;
public AlertGroupResourceList(AlertGroupMapper alertGroupMapper) { public AlertGroupResourceList(AlertGroupMapper alertGroupMapper) {
this.alertGroupMapper = alertGroupMapper; this.alertGroupMapper = alertGroupMapper;
} }
@ -306,8 +389,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
private final TenantMapper tenantMapper; private final TenantMapper tenantMapper;
public TenantResourceList(TenantMapper tenantMapper) { public TenantResourceList(TenantMapper tenantMapper) {
this.tenantMapper = tenantMapper; this.tenantMapper = tenantMapper;
} }
@ -329,37 +410,6 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
} }
} }
/**
* User Resource
*/
@Component
public static class UsersResourceList implements ResourceAcquisitionAndPermissionCheck<Integer> {
private final UserMapper userMapper;
public UsersResourceList(UserMapper userMapper) {
this.userMapper = userMapper;
}
@Override
public List<AuthorizationType> authorizationTypes() {
return Collections.singletonList(AuthorizationType.USER);
}
@Override
public boolean permissionCheck(int userId, String url, Logger logger) {
return true;
}
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
return userMapper.listAuthorizedUsersList(userId, null).stream().map(User::getId).collect(toSet());
}
}
/** /**
* DataSource Resource * DataSource Resource
*/ */
@ -506,7 +556,7 @@ public class ResourcePermissionCheckServiceImpl implements ResourcePermissionChe
* @param userId * @param userId
* @return * @return
*/ */
boolean permissionCheck(int userId, String url, Logger logger); boolean permissionCheck(int userId, String permissionKey, Logger logger);
} }
} }

Loading…
Cancel
Save