This is an automated email from the ASF dual-hosted git repository.
zihaoxiang pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/dev by this push:
new d2df861db4 [Fix-16578] Fix environment resource permission (#16579)
d2df861db4 is described below
commit d2df861db4da0247fa8b3c62e2e40cb6fa4f5016
Author: wangxj3 <[email protected]>
AuthorDate: Sun Sep 29 10:17:48 2024 +0800
[Fix-16578] Fix environment resource permission (#16579)
---
.../ResourcePermissionCheckServiceImpl.java | 13 +++++++++--
.../EnvironmentResourcePermissionCheckTest.java | 25 +++++++++++++++++++---
2 files changed, 33 insertions(+), 5 deletions(-)
diff --git
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
index 67c5151ec1..91a4abfe4c 100644
---
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
+++
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
@@ -43,6 +43,7 @@ import org.apache.dolphinscheduler.dao.mapper.QueueMapper;
import org.apache.dolphinscheduler.dao.mapper.TaskGroupMapper;
import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
import org.apache.dolphinscheduler.dao.mapper.WorkerGroupMapper;
+import org.apache.dolphinscheduler.dao.repository.UserDao;
import org.apache.dolphinscheduler.service.process.ProcessService;
import java.util.Arrays;
@@ -240,8 +241,11 @@ public class ResourcePermissionCheckServiceImpl
private final EnvironmentMapper environmentMapper;
- public EnvironmentResourcePermissionCheck(EnvironmentMapper
environmentMapper) {
+ private final UserDao userDao;
+
+ public EnvironmentResourcePermissionCheck(EnvironmentMapper
environmentMapper, UserDao userDao) {
this.environmentMapper = environmentMapper;
+ this.userDao = userDao;
}
@Override
@@ -251,7 +255,12 @@ public class ResourcePermissionCheckServiceImpl
@Override
public boolean permissionCheck(int userId, String url, Logger logger) {
- return true;
+ User user = userDao.queryById(userId);
+ if (user == null) {
+ logger.error("User does not exist, userId:{}.", userId);
+ return false;
+ }
+ return user.getUserType() == UserType.ADMIN_USER;
}
@Override
diff --git
a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/EnvironmentResourcePermissionCheckTest.java
b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/EnvironmentResourcePermissionCheckTest.java
index 51a49ee15e..b84e1f1e4c 100644
---
a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/EnvironmentResourcePermissionCheckTest.java
+++
b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/EnvironmentResourcePermissionCheckTest.java
@@ -17,11 +17,14 @@
package org.apache.dolphinscheduler.api.permission;
+import static org.mockito.Mockito.when;
+
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.dao.entity.Environment;
import org.apache.dolphinscheduler.dao.entity.User;
import org.apache.dolphinscheduler.dao.mapper.EnvironmentMapper;
+import org.apache.dolphinscheduler.dao.repository.UserDao;
import java.util.Arrays;
import java.util.Collections;
@@ -34,7 +37,6 @@ import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
-import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -46,14 +48,24 @@ public class EnvironmentResourcePermissionCheckTest {
@InjectMocks
private
ResourcePermissionCheckServiceImpl.EnvironmentResourcePermissionCheck
environmentResourcePermissionCheck;
+ @Mock
+ private UserDao userDao;
+
@Mock
private EnvironmentMapper environmentMapper;
@Test
public void testPermissionCheck() {
- User user = getLoginUser();
+ User user = getLoginAdminUser();
+ when(userDao.queryById(user.getId())).thenReturn(user);
Assertions.assertTrue(environmentResourcePermissionCheck.permissionCheck(user.getId(),
null, logger));
}
+ @Test
+ public void testPermissionCheckFail() {
+ User user = getLoginAdminUser();
+ when(userDao.queryById(user.getId())).thenReturn(null);
+
Assertions.assertFalse(environmentResourcePermissionCheck.permissionCheck(user.getId(),
null, logger));
+ }
@Test
public void testAuthorizationTypes() {
@@ -69,7 +81,7 @@ public class EnvironmentResourcePermissionCheckTest {
ids.add(environment.getId());
List<Environment> environments = Arrays.asList(environment);
-
Mockito.when(environmentMapper.queryAllEnvironmentList()).thenReturn(environments);
+
when(environmentMapper.queryAllEnvironmentList()).thenReturn(environments);
Assertions.assertEquals(ids,
environmentResourcePermissionCheck.listAuthorizedResourceIds(user.getId(),
logger));
@@ -82,4 +94,11 @@ public class EnvironmentResourcePermissionCheckTest {
loginUser.setId(1);
return loginUser;
}
+ private User getLoginAdminUser() {
+ User loginUser = new User();
+ loginUser.setUserType(UserType.ADMIN_USER);
+ loginUser.setUserName("test");
+ loginUser.setId(1);
+ return loginUser;
+ }
}
