[inlong] branch master updated: [INLONG-7774][Manager] Add permission verification for StreamSource (#7775)

healchow Mon, 03 Apr 2023 19:46:20 -0700

This is an automated email from the ASF dual-hosted git repository.

healchow pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git



The following commit(s) were added to refs/heads/master by this push:
     new 231dbd5aa [INLONG-7774][Manager] Add permission verification for 
StreamSource (#7775)
231dbd5aa is described below

commit 231dbd5aadb35a4c770ffd83c6f963b3dcf1913e
Author: fuweng11 <[email protected]>
AuthorDate: Tue Apr 4 10:46:05 2023 +0800

    [INLONG-7774][Manager] Add permission verification for StreamSource (#7775)
---
 .../service/source/StreamSourceServiceImpl.java    | 35 ++++++++++++++++++++--
 .../web/controller/StreamSourceController.java     |  2 +-
 2 files changed, 33 insertions(+), 4 deletions(-)

diff --git 
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
 
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
index 286912cf1..1419b9e74 100644
--- 
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
+++ 
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
@@ -101,7 +101,8 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
         // Check if it can be added
         String groupId = request.getInlongGroupId();
         InlongGroupEntity groupEntity = 
groupCheckService.checkGroupStatus(groupId, operator);
-
+        // only the person in charges can query
+        userService.checkUser(groupEntity.getInCharges(), operator, 
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
         String streamId = request.getInlongStreamId();
         String sourceName = request.getSourceName();
         List<StreamSourceEntity> existList = 
sourceMapper.selectByRelatedId(groupId, streamId, sourceName);
@@ -336,7 +337,12 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
         // Check if it can be modified
         String groupId = request.getInlongGroupId();
         InlongGroupEntity groupEntity = 
groupCheckService.checkGroupStatus(groupId, operator);
-
+        if (groupEntity == null) {
+            throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+                    String.format("InlongGroup does not exist with 
InlongGroupId=%s", groupEntity.getInlongGroupId()));
+        }
+        // only the person in charges can query
+        userService.checkUser(groupEntity.getInCharges(), operator, 
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
         StreamSourceOperator sourceOperator = 
operatorFactory.getInstance(request.getSourceType());
         // Remove id in sourceField when save
         List<StreamField> streamFields = request.getFieldList();
@@ -399,6 +405,15 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
                 ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
         boolean isTemplateSource = 
CollectionUtils.isNotEmpty(sourceMapper.selectByTemplateId(id));
 
+        // Check if it can be delete
+        InlongGroupEntity groupEntity = 
groupMapper.selectByGroupId(entity.getInlongGroupId());
+        if (groupEntity == null) {
+            throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+                    String.format("InlongGroup does not exist with 
InlongGroupId=%s", entity.getInlongGroupId()));
+        }
+        // only the person in charges can query
+        userService.checkUser(groupEntity.getInCharges(), operator, 
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
+
         SourceStatus curStatus = SourceStatus.forCode(entity.getStatus());
         SourceStatus nextStatus = SourceStatus.TO_BE_ISSUED_DELETE;
         // if source is frozen|failed|new, or if it is a template source or 
auto push source, delete directly
@@ -435,7 +450,7 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
         Preconditions.expectNotNull(entity, 
ErrorCodeEnum.SOURCE_INFO_NOT_FOUND,
                 ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
 
-        // Check if it can be added
+        // Check if it can be delete
         InlongGroupEntity groupEntity = 
groupMapper.selectByGroupId(entity.getInlongGroupId());
         if (groupEntity == null) {
             throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
@@ -495,6 +510,13 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
         LOGGER.info("begin to restart source by id={}", id);
         StreamSourceEntity entity = sourceMapper.selectByIdForUpdate(id);
         Preconditions.expectNotNull(entity, 
ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
+        InlongGroupEntity groupEntity = 
groupMapper.selectByGroupId(entity.getInlongGroupId());
+        if (groupEntity == null) {
+            throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+                    String.format("InlongGroup does not exist with 
InlongGroupId=%s", entity.getInlongGroupId()));
+        }
+        // only the person in charges can query
+        userService.checkUser(groupEntity.getInCharges(), operator, 
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
 
         StreamSourceOperator sourceOperator = 
operatorFactory.getInstance(entity.getSourceType());
         SourceRequest sourceRequest = new SourceRequest();
@@ -511,6 +533,13 @@ public class StreamSourceServiceImpl implements 
StreamSourceService {
         LOGGER.info("begin to stop source by id={}", id);
         StreamSourceEntity entity = sourceMapper.selectByIdForUpdate(id);
         Preconditions.expectNotNull(entity, 
ErrorCodeEnum.SOURCE_INFO_NOT_FOUND.getMessage());
+        InlongGroupEntity groupEntity = 
groupMapper.selectByGroupId(entity.getInlongGroupId());
+        if (groupEntity == null) {
+            throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
+                    String.format("InlongGroup does not exist with 
InlongGroupId=%s", entity.getInlongGroupId()));
+        }
+        // only the person in charges can query
+        userService.checkUser(groupEntity.getInCharges(), operator, 
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
 
         StreamSourceOperator sourceOperator = 
operatorFactory.getInstance(entity.getSourceType());
         SourceRequest sourceRequest = new SourceRequest();
diff --git 
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
 
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
index 8e8b566eb..5ceb8601c 100644
--- 
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
+++ 
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/StreamSourceController.java
@@ -63,7 +63,7 @@ public class StreamSourceController {
     @ApiOperation(value = "Get stream source")
     @ApiImplicitParam(name = "id", dataTypeClass = Integer.class, required = 
true)
     public Response<StreamSource> get(@PathVariable Integer id) {
-        return Response.success(sourceService.get(id));
+        return Response.success(sourceService.get(id, 
LoginUserUtils.getLoginUser()));
     }
 
     @RequestMapping(value = "/source/list", method = RequestMethod.POST)

[inlong] branch master updated: [INLONG-7774][Manager] Add permission verification for StreamSource (#7775)

Reply via email to