This is an automated email from the ASF dual-hosted git repository.
caishunfeng pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/dev by this push:
new 44e0935f56 [Improvement-12650][Permission] Improve the check of
resourcePermissionCheck() (#12652)
44e0935f56 is described below
commit 44e0935f569d6a9dbf65ef1edaf91bd9e892c558
Author: rickchengx <[email protected]>
AuthorDate: Thu Nov 3 09:12:56 2022 +0800
[Improvement-12650][Permission] Improve the check of
resourcePermissionCheck() (#12652)
---
.../api/permission/ResourcePermissionCheckServiceImpl.java | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
index 3f4cb01f40..3ee3fb9903 100644
---
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
+++
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
@@ -113,10 +113,11 @@ public class ResourcePermissionCheckServiceImpl
if (Objects.nonNull(needChecks) && needChecks.length > 0) {
Set<?> originResSet = new HashSet<>(Arrays.asList(needChecks));
Set<?> ownResSets =
RESOURCE_LIST_MAP.get(authorizationType).listAuthorizedResource(userId, logger);
- originResSet.removeAll(ownResSets);
- if (CollectionUtils.isNotEmpty(originResSet))
+ boolean checkResult = ownResSets != null &&
ownResSets.containsAll(originResSet);
+ if (!checkResult) {
logger.warn("User does not have resource permission on
associated resources, userId:{}", userId);
- return CollectionUtils.isEmpty(originResSet);
+ }
+ return checkResult;
}
return true;
}
