github
/
DolphinScheduler
mirror of https://gitee.com/dolphinscheduler/DolphinScheduler.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

modify general user can't create,delete,update token (#3538) 

Co-authored-by: qiaozhanwei <qiaozhanwei@analysys.com.cn>
pull/3/MERGE
qiaozhanwei 4 years ago committed by GitHub
parent
0505ebf45d
commit
b8a9e2e00f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java

15
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
Unescape View File

@ -84,7 +84,9 @@ public class AccessTokenService extends BaseService {
*/ */
public Map<String, Object> createToken(User loginUser, int userId, String expireTime, String token) { public Map<String, Object> createToken(User loginUser, int userId, String expireTime, String token) {
Map<String, Object> result = new HashMap<>(5); Map<String, Object> result = new HashMap<>(5);
if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
if (!hasPerm(loginUser,userId)){
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
@ -140,10 +142,6 @@ public class AccessTokenService extends BaseService {
public Map<String, Object> delAccessTokenById(User loginUser, int id) { public Map<String, Object> delAccessTokenById(User loginUser, int id) {
Map<String, Object> result = new HashMap<>(5); Map<String, Object> result = new HashMap<>(5);
if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
return result;
}
AccessToken accessToken = accessTokenMapper.selectById(id); AccessToken accessToken = accessTokenMapper.selectById(id);
if (accessToken == null) { if (accessToken == null) {
@ -152,8 +150,7 @@ public class AccessTokenService extends BaseService {
return result; return result;
} }
if (loginUser.getId() != accessToken.getUserId() && if (!hasPerm(loginUser,accessToken.getUserId())){
loginUser.getUserType() != UserType.ADMIN_USER) {
putMsg(result, Status.USER_NO_OPERATION_PERM); putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
@ -176,9 +173,11 @@ public class AccessTokenService extends BaseService {
public Map<String, Object> updateToken(User loginUser, int id, int userId, String expireTime, String token) { public Map<String, Object> updateToken(User loginUser, int id, int userId, String expireTime, String token) {
Map<String, Object> result = new HashMap<>(5); Map<String, Object> result = new HashMap<>(5);
if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){ if (!hasPerm(loginUser,userId)){
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result; return result;
} }
AccessToken accessToken = accessTokenMapper.selectById(id); AccessToken accessToken = accessTokenMapper.selectById(id);
if (accessToken == null) { if (accessToken == null) {
logger.error("access token not exist, access token id {}", id); logger.error("access token not exist, access token id {}", id);

Write Preview
Loading…
Cancel
Save