From c97e82fae48dff1bf4179d55eb4b78edf83e10aa Mon Sep 17 00:00:00 2001 From: wangxj3 <857234426@qq.com> Date: Sat, 10 Aug 2024 17:02:37 +0800 Subject: [PATCH] [Fix-16428] only admin user can grant datasource (#16429) * only admin user can grant datasource * fix ut --------- Co-authored-by: wangxj959 --- .../dolphinscheduler/api/service/impl/UsersServiceImpl.java | 5 +++++ .../dolphinscheduler/api/service/UsersServiceTest.java | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java index 9b8e56c7b3..059da16980 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java @@ -814,6 +814,11 @@ public class UsersServiceImpl extends BaseServiceImpl implements UsersService { putMsg(result, Status.FUNCTION_DISABLED); return result; } + // only admin can operate + if (this.check(result, !this.isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)) { + log.warn("Only admin can grant datasource."); + return result; + } User user = userMapper.selectById(userId); if (user == null) { putMsg(result, Status.USER_NOT_EXIST, userId); diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java index 493af5fb2e..e09eeb2dcb 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java @@ -572,7 +572,7 @@ public class UsersServiceTest { loginUser.setUserType(UserType.GENERAL_USER); result = usersService.grantDataSource(loginUser, userId, datasourceIds); logger.info(result.toString()); - Assertions.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); + Assertions.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS)); }