zhongjiajie commented on code in PR #10792:
URL: https://github.com/apache/dolphinscheduler/pull/10792#discussion_r913830919
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TenantServiceImpl.java:
##########
@@ -359,4 +372,41 @@ public Map<String, Object> queryByTenantCode(String
tenantCode) {
}
return result;
}
+
+ /**
+ * Make sure tenant with given name exists, and create the tenant if not
exists
+ *
+ * ONLY for python gateway server, and should not use this in web ui
function
+ *
+ * @param tenantCode tenant code
+ * @param desc The description of tenant object
+ * @param queue The value of queue which current tenant belong
+ * @param queueName The name of queue which current tenant belong
+ * @return Tenant object
+ */
+ @Override
+ public Tenant createTenantIfNotExists(String tenantCode, String desc,
String queue, String queueName) {
+ if (checkTenantExists(tenantCode)) {
+ return tenantMapper.queryByTenantCode(tenantCode);
+ }
+
+ Optional<Map<String, Object>> tenantValidator =
tenantCodeValid(tenantCode);
+ if (tenantValidator.isPresent()) {
+ Map<String, Object> validator = tenantValidator.get();
+ throw new IllegalArgumentException((String)
validator.get(Constants.MSG));
+ }
+ Queue newQueue = queueService.createQueueIfNotExists(queue, queueName);
+
+ Tenant tenant = new Tenant();
+ Date now = new Date();
+ tenant.setTenantCode(tenantCode);
+ tenant.setQueueId(newQueue.getId());
+ tenant.setDescription(desc);
+ tenant.setCreateTime(now);
+ tenant.setUpdateTime(now);
+
+ // save
+ tenantMapper.insert(tenant);
Review Comment:
I think we should ignore the permission check currently for
pydolphinscheudler, if we have to consider the permission, we have to create a
role and connect the role for the current user who creates the workflow from
pydolphinscheudler to define code.
But as we know, pydolphinscheudler is a batch operator API instead of an
interactive APIļ¼ which mean that it will batch create or update all related
object when is submit. If users change the definition in
https://github.com/apache/dolphinscheduler/blob/a1aff5156e53c7659c4a57fe9b21057433cc48ef/dolphinscheduler-python/pydolphinscheduler/src/pydolphinscheduler/examples/tutorial.py#L44-L49
like change users or tenant, it have to reflash all the user and role
relation to make the change work.
The most important thing is, that it should work finally, otherwise, users
will think there is a bug here, IMO is another method to ignore the permission.
If we instead to add RBAC to pydolphinscheudler, will make dolphinscheduler
have mulitple dummy role and the relation between roles and users
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
