This is an automated email from the ASF dual-hosted git repository.
nixon pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/atlas.git
The following commit(s) were added to refs/heads/master by this push:
new 1bfaf7a ATLAS-3942: delete-type fails if the user doesn't have
permission for type-read
1bfaf7a is described below
commit 1bfaf7add99e30130cabe20e9cedf2f90ca96e0d
Author: Madhan Neethiraj <[email protected]>
AuthorDate: Tue Sep 15 08:51:13 2020 -0700
ATLAS-3942: delete-type fails if the user doesn't have permission for
type-read
Signed-off-by: nixonrodrigues <[email protected]>
---
.../store/graph/AtlasTypeDefGraphStore.java | 26 +++++++++++++++++-----
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git
a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java
b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java
index 0b1317a..458ec49 100644
---
a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java
+++
b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java
@@ -692,7 +692,7 @@ public abstract class AtlasTypeDefGraphStore implements
AtlasTypeDefStore {
}
AtlasTypesDef typesDef = new AtlasTypesDef();
- AtlasBaseTypeDef baseTypeDef = getByName(typeName);
+ AtlasBaseTypeDef baseTypeDef = getByNameNoAuthz(typeName);
if (baseTypeDef instanceof AtlasClassificationDef) {
typesDef.setClassificationDefs(Collections.singletonList((AtlasClassificationDef)
baseTypeDef));
@@ -775,7 +775,27 @@ public abstract class AtlasTypeDefGraphStore implements
AtlasTypeDefStore {
return getTypeDefFromType(type);
}
+ private AtlasBaseTypeDef getByNameNoAuthz(String name) throws
AtlasBaseException {
+ if (StringUtils.isBlank(name)) {
+ throw new AtlasBaseException(AtlasErrorCode.TYPE_NAME_INVALID, "",
name);
+ }
+
+ AtlasType type = typeRegistry.getType(name);
+
+ return getTypeDefFromTypeWithNoAuthz(type);
+ }
+
private AtlasBaseTypeDef getTypeDefFromType(AtlasType type) throws
AtlasBaseException {
+ AtlasBaseTypeDef ret = getTypeDefFromTypeWithNoAuthz(type);
+
+ if (ret != null) {
+ AtlasAuthorizationUtils.verifyAccess(new
AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ",
ret.getName());
+ }
+
+ return ret;
+ }
+
+ private AtlasBaseTypeDef getTypeDefFromTypeWithNoAuthz(AtlasType type)
throws AtlasBaseException {
AtlasBaseTypeDef ret;
switch (type.getTypeCategory()) {
case ENUM:
@@ -804,10 +824,6 @@ public abstract class AtlasTypeDefGraphStore implements
AtlasTypeDefStore {
throw new AtlasBaseException(AtlasErrorCode.SYSTEM_TYPE,
type.getTypeCategory().name());
}
- if (ret != null) {
- AtlasAuthorizationUtils.verifyAccess(new
AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ",
ret.getName());
- }
-
return ret;
}
