This is an automated email from the ASF dual-hosted git repository. nixon pushed a commit to branch branch-2.0 in repository https://gitbox.apache.org/repos/asf/atlas.git
commit 51ca7b6918064c22fb196a530b0eb838b2d5d112 Author: Madhan Neethiraj <[email protected]> AuthorDate: Tue Sep 15 08:51:13 2020 -0700 ATLAS-3942: delete-type fails if the user doesn't have permission for type-read Signed-off-by: nixonrodrigues <[email protected]> (cherry picked from commit 1bfaf7add99e30130cabe20e9cedf2f90ca96e0d) --- .../store/graph/AtlasTypeDefGraphStore.java | 26 +++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java index 0b1317a..458ec49 100644 --- a/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java +++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java @@ -692,7 +692,7 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { } AtlasTypesDef typesDef = new AtlasTypesDef(); - AtlasBaseTypeDef baseTypeDef = getByName(typeName); + AtlasBaseTypeDef baseTypeDef = getByNameNoAuthz(typeName); if (baseTypeDef instanceof AtlasClassificationDef) { typesDef.setClassificationDefs(Collections.singletonList((AtlasClassificationDef) baseTypeDef)); @@ -775,7 +775,27 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { return getTypeDefFromType(type); } + private AtlasBaseTypeDef getByNameNoAuthz(String name) throws AtlasBaseException { + if (StringUtils.isBlank(name)) { + throw new AtlasBaseException(AtlasErrorCode.TYPE_NAME_INVALID, "", name); + } + + AtlasType type = typeRegistry.getType(name); + + return getTypeDefFromTypeWithNoAuthz(type); + } + private AtlasBaseTypeDef getTypeDefFromType(AtlasType type) throws AtlasBaseException { + AtlasBaseTypeDef ret = getTypeDefFromTypeWithNoAuthz(type); + + if (ret != null) { + AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ", ret.getName()); + } + + return ret; + } + + private AtlasBaseTypeDef getTypeDefFromTypeWithNoAuthz(AtlasType type) throws AtlasBaseException { AtlasBaseTypeDef ret; switch (type.getTypeCategory()) { case ENUM: @@ -804,10 +824,6 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { throw new AtlasBaseException(AtlasErrorCode.SYSTEM_TYPE, type.getTypeCategory().name()); } - if (ret != null) { - AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ", ret.getName()); - } - return ret; }
