Skip to content

Commit

Permalink
[Fix-12828][api] Add permission check when query specific datasource (#…
Browse files Browse the repository at this point in the history 
…12830)
  • Loading branch information
@rickchengx
rickchengx authored Feb 1, 2023
1 parent 78e5569 commit 80da35e
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 9 deletions.
2 changes: 1 addition & 1 deletion ...er-api/src/main/java/org/apache/dolphinscheduler/api/controller/DataSourceController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ public Result updateDataSource(@Parameter(hidden = true) @RequestAttribute(value
public Result queryDataSource(@Parameter(hidden = true) @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
@PathVariable("id") int id) {

Map<String, Object> result = dataSourceService.queryDataSource(id);
Map<String, Object> result = dataSourceService.queryDataSource(id, loginUser);
return returnDataList(result);
}

Expand Down
2 changes: 1 addition & 1 deletion ...cheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/DataSourceService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ public interface DataSourceService {
* @param id datasource id
* @return data source detail
*/
Map<String, Object> queryDataSource(int id);
Map<String, Object> queryDataSource(int id, User loginUser);

/**
* query datasource list by keyword
Expand Down
13 changes: 9 additions & 4 deletions ...api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ private boolean checkName(String name) {
* @return data source detail
*/
@Override
public Map<String, Object> queryDataSource(int id) {
public Map<String, Object> queryDataSource(int id, User loginUser) {

Map<String, Object> result = new HashMap<>();
DataSource dataSource = dataSourceMapper.selectById(id);
Expand All @@ -243,6 +243,13 @@ public Map<String, Object> queryDataSource(int id) {
putMsg(result, Status.RESOURCE_NOT_EXIST);
return result;
}

if (!canOperatorPermissions(loginUser, new Object[]{dataSource.getId()}, AuthorizationType.DATASOURCE,
ApiFuncIdentificationConstant.DATASOURCE)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}

// type
BaseDataSourceParamDTO baseDataSourceParamDTO = DataSourceUtils.buildDatasourceParamDTO(
dataSource.getType(), dataSource.getConnectionParams());
Expand Down Expand Up @@ -272,8 +279,7 @@ public Result queryDataSourceListPaging(User loginUser, String searchVal, Intege
Page<DataSource> dataSourcePage = new Page<>(pageNo, pageSize);
PageInfo<DataSource> pageInfo = new PageInfo<>(pageNo, pageSize);
if (loginUser.getUserType().equals(UserType.ADMIN_USER)) {
dataSourceList = dataSourceMapper.selectPaging(dataSourcePage,
UserType.ADMIN_USER.equals(loginUser.getUserType()) ? 0 : loginUser.getId(), searchVal);
dataSourceList = dataSourceMapper.selectPaging(dataSourcePage, 0, searchVal);
} else {
Set<Integer> ids = resourcePermissionCheckService
.userOwnedResourceIdsAcquisition(AuthorizationType.DATASOURCE, loginUser.getId(), logger);
Expand Down Expand Up @@ -340,7 +346,6 @@ public Map<String, Object> queryDataSourceList(User loginUser, Integer type, int
datasourceList = dataSourceMapper.selectBatchIds(ids).stream()
.filter(dataSource -> dataSource.getType().getCode() == type)
.filter(dataSource -> dataSource.getTestFlag() == testFlag).collect(Collectors.toList());

}
result.put(Constants.DATA_LIST, datasourceList);
putMsg(result, Status.SUCCESS);
Expand Down
16 changes: 13 additions & 3 deletions ...uler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@

package org.apache.dolphinscheduler.api.service;

import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.DATASOURCE;

import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
Expand Down Expand Up @@ -334,11 +336,19 @@ public void verifyDataSourceNameTest() {
@Test
public void queryDataSourceTest() {
Mockito.when(dataSourceMapper.selectById(Mockito.anyInt())).thenReturn(null);
Map<String, Object> result = dataSourceService.queryDataSource(Mockito.anyInt());
User loginUser = new User();
loginUser.setUserType(UserType.GENERAL_USER);
loginUser.setId(2);
Map<String, Object> result = dataSourceService.queryDataSource(Mockito.anyInt(), loginUser);
Assertions.assertEquals(((Status) result.get(Constants.STATUS)).getCode(), Status.RESOURCE_NOT_EXIST.getCode());

Mockito.when(dataSourceMapper.selectById(Mockito.anyInt())).thenReturn(getOracleDataSource());
result = dataSourceService.queryDataSource(Mockito.anyInt());
DataSource dataSource = getOracleDataSource(1);
Mockito.when(dataSourceMapper.selectById(Mockito.anyInt())).thenReturn(dataSource);
Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.DATASOURCE,
loginUser.getId(), DATASOURCE, baseServiceLogger)).thenReturn(true);
Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.DATASOURCE,
new Object[]{dataSource.getId()}, loginUser.getId(), baseServiceLogger)).thenReturn(true);
result = dataSourceService.queryDataSource(dataSource.getId(), loginUser);
Assertions.assertEquals(((Status) result.get(Constants.STATUS)).getCode(), Status.SUCCESS.getCode());
}

Expand Down

0 comments on commit 80da35e

Please sign in to comment.