Fix no corresponding backend roles user can update model issue #909
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Zan Niu <[email protected]>
ylwu-amzn
reviewed
May 24, 2023
| if (hasAccessControlChange(input) && !modelAccessControlHelper.isOwner(mlModelGroup.getOwner(), user)) { | ||
| throw new IllegalArgumentException("Only owner has valid privilege to perform update access control data"); | ||
| if (hasAccessControlChange(input)) { | ||
| if (!modelAccessControlHelper.isOwner(mlModelGroup.getOwner(), user)) { |
There was a problem hiding this comment.
Should we also consider admin?
…check Signed-off-by: Zan Niu <[email protected]>
Signed-off-by: Zan Niu <[email protected]>
ylwu-amzn
previously approved these changes
May 24, 2023
…ccess identifier to model access mode Signed-off-by: Zan Niu <[email protected]>
ylwu-amzn
approved these changes
May 24, 2023
rbhavna
reviewed
May 24, 2023
| } else if ((ModelAccessIdentifier.PUBLIC == modelAccessIdentifier || ModelAccessIdentifier.PRIVATE == modelAccessIdentifier) | ||
| if (modelAccessMode == null) { | ||
| if (!Boolean.TRUE.equals(isAddAllBackendRoles) && CollectionUtils.isEmpty(input.getBackendRoles())) { | ||
| throw new IllegalArgumentException("User must specify at least one backend role or make the model public/private"); |
There was a problem hiding this comment.
If we do not specify any access fields, the default should be private actually, not throw exception
There was a problem hiding this comment.
I think let user aware of this need more time, explicitly specify the model mode to private would be easy to understand and less confuse to user, let's make this explicit, if there's callout from user, we can change the behavior.
rbhavna
approved these changes
May 24, 2023
b4sjoo
pushed a commit
to b4sjoo/ml-commons
that referenced
this pull request
May 30, 2023
…earch-project#909) * Fix no corresponding backend roles user can update model issue Signed-off-by: Zan Niu <[email protected]> * Remove private model check and merge this case into has backend role check Signed-off-by: Zan Niu <[email protected]> * Add admin check for access control change to make admin pass Signed-off-by: Zan Niu <[email protected]> * Change model access mode not mandatory in registering, rename model access identifier to model access mode Signed-off-by: Zan Niu <[email protected]> --------- Signed-off-by: Zan Niu <[email protected]>
b4sjoo
pushed a commit
to b4sjoo/ml-commons
that referenced
this pull request
May 30, 2023
…earch-project#909) * Fix no corresponding backend roles user can update model issue Signed-off-by: Zan Niu <[email protected]> * Remove private model check and merge this case into has backend role check Signed-off-by: Zan Niu <[email protected]> * Add admin check for access control change to make admin pass Signed-off-by: Zan Niu <[email protected]> * Change model access mode not mandatory in registering, rename model access identifier to model access mode Signed-off-by: Zan Niu <[email protected]> --------- Signed-off-by: Zan Niu <[email protected]> Signed-off-by: Sicheng Song <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
[Describe what this change achieves]
Issues Resolved
[List any issues this PR will resolve]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.