This is an automated email from the ASF dual-hosted git repository.
leonbao pushed a commit to branch dev-1.3.0
in repository https://gitbox.apache.org/repos/asf/incubator-dolphinscheduler.git
The following commit(s) were added to refs/heads/dev-1.3.0 by this push:
new 60f8eb2 fix #2598::allow to update resource suffix,but if it is
authorized to other users,it is not allowed (#2732)
60f8eb2 is described below
commit 60f8eb25fa69fa39cd17404b9eb66376c174b9c3
Author: lgcareer <[email protected]>
AuthorDate: Mon May 18 17:56:41 2020 +0800
fix #2598::allow to update resource suffix,but if it is authorized to other
users,it is not allowed (#2732)
* fix #2598:allow to update resource suffix,but if it is authorized to
other users,it is not allowed.
* add RESOURCE_IS_AUTHORIZED status
* verify whether the suffix is empty
* remove extra variables
* fix code smell
---
.../apache/dolphinscheduler/api/enums/Status.java | 2 +-
.../api/service/ResourcesService.java | 43 ++++++++++++++--------
2 files changed, 29 insertions(+), 16 deletions(-)
diff --git
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
index b3d10da..49dac87 100644
---
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
+++
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/enums/Status.java
@@ -191,7 +191,7 @@ public enum Status {
RESOURCE_IS_USED(20014, "resource file is used by process
definition","资源文件被上线的流程定义使用了"),
PARENT_RESOURCE_NOT_EXIST(20015, "parent resource not exist","父资源文件不存在"),
RESOURCE_NOT_EXIST_OR_NO_PERMISSION(20016, "resource not exist or no
permission,please view the task node and remove error
resource","请检查任务节点并移除无权限或者已删除的资源"),
-
+ RESOURCE_IS_AUTHORIZED(20017, "resource is authorized to user {0},suffix
not allowed to be modified", "资源文件已授权其他用户[{0}],后缀不允许修改"),
USER_NO_OPERATION_PERM(30001, "user has no operation privilege",
"当前用户没有操作权限"),
USER_NO_OPERATION_PROJECT_PERM(30002, "user {0} is not has project {1}
permission", "当前用户[{0}]没有[{1}]项目的操作权限"),
diff --git
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java
index 8f30754..4b847e7 100644
---
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java
+++
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/ResourcesService.java
@@ -32,10 +32,7 @@ import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.Constants;
import org.apache.dolphinscheduler.common.enums.ResourceType;
import org.apache.dolphinscheduler.common.utils.*;
-import org.apache.dolphinscheduler.dao.entity.Resource;
-import org.apache.dolphinscheduler.dao.entity.Tenant;
-import org.apache.dolphinscheduler.dao.entity.UdfFunc;
-import org.apache.dolphinscheduler.dao.entity.User;
+import org.apache.dolphinscheduler.dao.entity.*;
import org.apache.dolphinscheduler.dao.mapper.*;
import org.apache.dolphinscheduler.dao.utils.ResourceProcessDefinitionUtils;
import org.slf4j.Logger;
@@ -352,24 +349,40 @@ public class ResourcesService extends BaseService {
throw new ServiceException(Status.HDFS_OPERATION_ERROR);
}
- String nameWithSuffix = name;
-
if (!resource.isDirectory()) {
- //get the file suffix
- String suffix =
originResourceName.substring(originResourceName.lastIndexOf("."));
-
- //if the name without suffix then add it ,else use the origin name
- if(!name.endsWith(suffix)){
- nameWithSuffix = nameWithSuffix + suffix;
+ //get the origin file suffix
+ String originSuffix = FileUtils.suffix(originFullName);
+ String suffix = FileUtils.suffix(fullName);
+ boolean suffixIsChanged = false;
+ if (StringUtils.isBlank(suffix) &&
StringUtils.isNotBlank(originSuffix)) {
+ suffixIsChanged = true;
+ }
+ if (StringUtils.isNotBlank(suffix) &&
!suffix.equals(originSuffix)) {
+ suffixIsChanged = true;
+ }
+ //verify whether suffix is changed
+ if (suffixIsChanged) {
+ //need verify whether this resource is authorized to other
users
+ Map<String, Object> columnMap = new HashMap<>();
+ columnMap.put("resources_id", resourceId);
+
+ List<ResourcesUser> resourcesUsers =
resourceUserMapper.selectByMap(columnMap);
+ if (CollectionUtils.isNotEmpty(resourcesUsers)) {
+ List<Integer> userIds =
resourcesUsers.stream().map(ResourcesUser::getId).collect(Collectors.toList());
+ List<User> users = userMapper.selectBatchIds(userIds);
+ String userNames =
users.stream().map(User::getUserName).collect(Collectors.toList()).toString();
+ logger.error("resource is authorized to user {},suffix not
allowed to be modified", userNames);
+ putMsg(result,Status.RESOURCE_IS_AUTHORIZED,userNames);
+ return result;
+ }
}
}
// updateResource data
List<Integer> childrenResource = listAllChildren(resource,false);
- String oldFullName = resource.getFullName();
Date now = new Date();
- resource.setAlias(nameWithSuffix);
+ resource.setAlias(name);
resource.setFullName(fullName);
resource.setDescription(desc);
resource.setUpdateTime(now);
@@ -381,7 +394,7 @@ public class ResourcesService extends BaseService {
List<Resource> childResourceList = new ArrayList<>();
List<Resource> resourceList =
resourcesMapper.listResourceByIds(childrenResource.toArray(new
Integer[childrenResource.size()]));
childResourceList = resourceList.stream().map(t -> {
- t.setFullName(t.getFullName().replaceFirst(oldFullName,
matcherFullName));
+ t.setFullName(t.getFullName().replaceFirst(originFullName,
matcherFullName));
t.setUpdateTime(now);
return t;
}).collect(Collectors.toList());
