ruanwenjun opened a new pull request, #18300:
URL: https://github.com/apache/dolphinscheduler/pull/18300

   <!--Thanks very much for contributing to Apache DolphinScheduler. Please 
review 
https://dolphinscheduler.apache.org/en-us/community/development/pull-request.html
 before opening a pull request.-->
   
   ## Purpose of the pull request
   
   Close #18299.
   
   Ensure non-admin users can only create or update access tokens for their own 
user id.
   
   ## Brief change log
   
   - Add a service-layer ownership check for access-token create/update target 
user ids.
   - Add regression tests for non-admin create/update attempts that target 
another user.
   
   ## Verify this pull request
   
   - `./mvnw -q -pl dolphinscheduler-api -am clean test 
-Dtest=AccessTokenServiceTest#testCreateTokenForOtherUserDeniedForGeneralUser+testUpdateTokenToOtherUserDeniedForGeneralUser
 -DfailIfNoTests=false -Dsurefire.failIfNoSpecifiedTests=false 
-Djacoco.skip=true -Dspotless.check.skip=true -Drat.skip=true 
-Dcheckstyle.skip=true`
   - `./mvnw -q -pl dolphinscheduler-api -Dtest=AccessTokenServiceTest 
-DfailIfNoTests=false -Dsurefire.failIfNoSpecifiedTests=false 
-Djacoco.skip=true -Dspotless.check.skip=true -Drat.skip=true 
-Dcheckstyle.skip=true test`
   - `./mvnw -q -pl dolphinscheduler-api 
-Dtest=AccessTokenServiceTest,AccessTokenControllerTest,AccessTokenResourcePermissionCheckTest
 -DfailIfNoTests=false -Dsurefire.failIfNoSpecifiedTests=false 
-Djacoco.skip=true -Dspotless.check.skip=true -Drat.skip=true 
-Dcheckstyle.skip=true test`
   - `git diff --check`
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to