github-code-scanning[bot] commented on code in PR #12048:
URL:
https://github.com/apache/dolphinscheduler/pull/12048#discussion_r1002495383
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UsersService.java:
##########
@@ -172,6 +191,18 @@
*/
Map<String, Object> revokeProject(User loginUser, int userId, long
projectCode);
+ /**
+ * grant resource with permission level
+ *
+ * @param loginUser login user
+ * @param userId user id
+ * @param readPermResourceIds resource id array with read permission
+ * @param allPermResourceIds resource id array with all permission
+ * @return grant result code
+ */
+ Map<String, Object> grantResourceWithPermLevel(User loginUser, int userId,
String readPermResourceIds,
Review Comment:
## Useless parameter
The parameter 'loginUser' is never used.
[Show more
details](https://github.com/apache/dolphinscheduler/security/code-scanning/2012)
##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java:
##########
@@ -533,6 +533,97 @@
}
}
+ /**
+ * revoke the project permission for specified user by id
+ * @param loginUser Login user
+ * @param userId User id
+ * @param projectIds project id array
+ * @return
+ */
+ @Override
+ @Transactional(rollbackFor = RuntimeException.class)
+ public Map<String, Object> revokeProjectById(User loginUser, int userId,
String projectIds) {
+ Map<String, Object> result = new HashMap<>();
+ result.put(Constants.STATUS, false);
+
+ if (resourcePermissionCheckService.functionDisabled()) {
+ putMsg(result, Status.FUNCTION_DISABLED);
+ return result;
+ }
+ // 1. only admin can operate
+ if (this.check(result, !this.isAdmin(loginUser),
Status.USER_NO_OPERATION_PERM)) {
+ return result;
+ }
+
+ // 2. check if user is existed
+ User user = this.userMapper.selectById(userId);
+ if (user == null) {
+ this.putMsg(result, Status.USER_NOT_EXIST, userId);
+ return result;
+ }
+
+ Arrays.stream(projectIds.split(",")).distinct().forEach(projectId -> {
+ // 3. check if project is existed
+ Project project =
this.projectMapper.queryDetailById(Integer.parseInt(projectId));
+ if (project == null) {
+ this.putMsg(result, Status.PROJECT_NOT_FOUND,
Integer.parseInt(projectId));
Review Comment:
## Missing catch of NumberFormatException
Potential uncaught 'java.lang.NumberFormatException'.
[Show more
details](https://github.com/apache/dolphinscheduler/security/code-scanning/2013)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
