(dolphinscheduler) branch dev updated: [Fix-16428] only admin user can grant datasource (#16429)

Sat, 10 Aug 2024 02:03:32 -0700 

This is an automated email from the ASF dual-hosted git repository.

gallardot pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git


The following commit(s) were added to refs/heads/dev by this push:
     new c97e82fae4 [Fix-16428] only admin user can grant datasource (#16429)
c97e82fae4 is described below

commit c97e82fae48dff1bf4179d55eb4b78edf83e10aa
Author: wangxj3 <[email protected]>
AuthorDate: Sat Aug 10 17:02:37 2024 +0800

    [Fix-16428] only admin user can grant datasource (#16429)
    
    * only admin user can grant datasource
    
    * fix ut
    
    ---------
    
    Co-authored-by: wangxj959 <[email protected]>
---
 .../apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java   | 5 +++++
 .../org/apache/dolphinscheduler/api/service/UsersServiceTest.java    | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git 
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
 
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
index 9b8e56c7b3..059da16980 100644
--- 
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
+++ 
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
@@ -814,6 +814,11 @@ public class UsersServiceImpl extends BaseServiceImpl 
implements UsersService {
             putMsg(result, Status.FUNCTION_DISABLED);
             return result;
         }
+        // only admin can operate
+        if (this.check(result, !this.isAdmin(loginUser), 
Status.USER_NO_OPERATION_PERM)) {
+            log.warn("Only admin can grant datasource.");
+            return result;
+        }
         User user = userMapper.selectById(userId);
         if (user == null) {
             putMsg(result, Status.USER_NOT_EXIST, userId);
diff --git 
a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
 
b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
index 493af5fb2e..e09eeb2dcb 100644
--- 
a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
+++ 
b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
@@ -572,7 +572,7 @@ public class UsersServiceTest {
         loginUser.setUserType(UserType.GENERAL_USER);
         result = usersService.grantDataSource(loginUser, userId, 
datasourceIds);
         logger.info(result.toString());
-        Assertions.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
+        Assertions.assertEquals(Status.USER_NO_OPERATION_PERM, 
result.get(Constants.STATUS));
 
     }

Reply via email to