This is an automated email from the ASF dual-hosted git repository.
dockerzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git
The following commit(s) were added to refs/heads/master by this push:
new 15877cffc9 [INLONG-8563][Manager] Opitmize the permission check of
tenant-related operation (#8763)
15877cffc9 is described below
commit 15877cffc9ff68703b42e356b7e3be0b22fca30d
Author: vernedeng <[email protected]>
AuthorDate: Mon Aug 21 10:50:33 2023 +0800
[INLONG-8563][Manager] Opitmize the permission check of tenant-related
operation (#8763)
---
.../resources/mappers/InlongStreamEntityMapper.xml | 9 ---
.../service/cluster/InlongClusterServiceImpl.java | 93 ----------------------
.../service/consume/InlongConsumeServiceImpl.java | 9 ---
.../core/impl/WorkflowApproverServiceImpl.java | 6 --
.../service/group/InlongGroupServiceImpl.java | 17 +---
.../manager/service/node/DataNodeServiceImpl.java | 19 -----
.../service/sink/StreamSinkServiceImpl.java | 24 ------
.../service/source/StreamSourceServiceImpl.java | 25 ------
.../service/stream/InlongStreamProcessService.java | 14 ----
.../service/stream/InlongStreamServiceImpl.java | 20 -----
.../transform/StreamTransformServiceImpl.java | 15 ----
.../inlong/manager/service/user/UserService.java | 9 ---
.../manager/service/user/UserServiceImpl.java | 7 --
.../manager/web/controller/DataNodeController.java | 8 --
.../web/controller/InlongClusterController.java | 3 +-
.../web/controller/InlongConsumeController.java | 7 --
.../web/controller/InlongGroupController.java | 13 ---
.../web/controller/InlongTenantController.java | 6 +-
.../web/controller/InlongTenantRoleController.java | 2 +-
.../manager/web/controller/UserController.java | 2 +-
.../web/controller/WorkflowApproverController.java | 7 +-
.../controller/openapi/OpenDataNodeController.java | 6 --
22 files changed, 11 insertions(+), 310 deletions(-)
diff --git
a/inlong-manager/manager-dao/src/main/resources/mappers/InlongStreamEntityMapper.xml
b/inlong-manager/manager-dao/src/main/resources/mappers/InlongStreamEntityMapper.xml
index b75909aa58..6f1f0aef14 100644
---
a/inlong-manager/manager-dao/src/main/resources/mappers/InlongStreamEntityMapper.xml
+++
b/inlong-manager/manager-dao/src/main/resources/mappers/InlongStreamEntityMapper.xml
@@ -246,12 +246,6 @@
<if test="request.inlongGroupId != null and request.inlongGroupId
!= ''">
and stream.inlong_group_id = #{request.inlongGroupId,
jdbcType=VARCHAR}
</if>
- <if test="request.isAdminRole == false">
- and (
- find_in_set(#{request.currentUser, jdbcType=VARCHAR},
grp.in_charges)
- or find_in_set(#{request.currentUser, jdbcType=VARCHAR},
grp.followers)
- )
- </if>
<if test="request.keyword != null and request.keyword != ''">
and (
stream.inlong_stream_id like CONCAT('%', #{request.keyword},
'%')
@@ -267,9 +261,6 @@
#{status}
</foreach>
</if>
- <if test="request.inCharge != null and request.inCharge != ''">
- and find_in_set(#{request.inCharge, jdbcType=VARCHAR},
grp.in_charges)
- </if>
</where>
<choose>
<when test="request.orderField != null and request.orderField !=
'' and request.orderType != null and request.orderType != ''">
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/cluster/InlongClusterServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/cluster/InlongClusterServiceImpl.java
index ab2243fcef..dede44da6b 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/cluster/InlongClusterServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/cluster/InlongClusterServiceImpl.java
@@ -78,7 +78,6 @@ import
org.apache.inlong.manager.service.repository.DataProxyConfigRepositoryV2;
import org.apache.inlong.manager.service.tenant.InlongTenantService;
import org.apache.inlong.manager.service.user.InlongRoleService;
import org.apache.inlong.manager.service.user.TenantRoleService;
-import org.apache.inlong.manager.service.user.UserService;
import com.github.pagehelper.Page;
import com.github.pagehelper.PageHelper;
@@ -116,8 +115,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
private static final Logger LOGGER =
LoggerFactory.getLogger(InlongClusterServiceImpl.class);
private static final Gson GSON = new Gson();
- @Autowired
- private UserService userService;
@Autowired
private InlongGroupEntityMapper groupMapper;
@Autowired
@@ -207,8 +204,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error("inlong cluster tag not found by id={}", id);
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND);
}
- userService.checkUser(entity.getInCharges(), currentUser,
- "Current user does not have permission to get cluster tag");
ClusterTagResponse response = CommonBeanUtils.copyProperties(entity,
ClusterTagResponse::new);
@@ -229,9 +224,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND,
String.format("inlong cluster tag not found by id=%s",
id));
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to get cluster tag");
return CommonBeanUtils.copyProperties(entity, ClusterTagResponse::new);
}
@@ -291,8 +283,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error(errMsg);
throw new BusinessException(ErrorCodeEnum.CONFIG_EXPIRED);
}
- userService.checkUser(exist.getInCharges(), operator,
- "Current user does not have permission to update cluster tag");
// if the cluster tag was changed, need to check whether the new tag
already exists
String oldClusterTag = exist.getClusterTag();
if (!newClusterTag.equals(oldClusterTag)) {
@@ -376,9 +366,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.RECORD_NOT_FOUND,
String.format("inlong cluster tag was not exist for
id=%s", request.getId()));
}
- // only the person in charges can query
- userService.checkUser(exist.getInCharges(), opInfo.getName(),
- "Current user does not have permission to update cluster tag");
// check record version
Preconditions.expectEquals(exist.getVersion(), request.getVersion(),
ErrorCodeEnum.CONFIG_EXPIRED,
@@ -435,8 +422,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error("inlong cluster tag not found by id={}", id);
return false;
}
- userService.checkUser(exist.getInCharges(), operator,
- "Current user does not have permission to delete cluster tag");
// check if there are some InlongGroups that uses this tag
String clusterTag = exist.getClusterTag();
@@ -477,9 +462,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
if (exist == null || exist.getIsDeleted() >
InlongConstants.UN_DELETED) {
return true;
}
- // only the person in charges can query
- userService.checkUser(exist.getInCharges(), opInfo.getName(),
- "Current user does not have permission to delete cluster tag");
// check if there are some InlongGroups that uses this tag
String clusterTag = exist.getClusterTag();
// check if there are some InlongGroups that uses this tag
@@ -562,8 +544,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error("inlong cluster not found by id={}", id);
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND);
}
- String message = "Current user does not have permission to get cluster
info";
- userService.checkUser(entity.getInCharges(), currentUser, message);
InlongClusterOperator instance =
clusterOperatorFactory.getInstance(entity.getType());
ClusterInfo clusterInfo = instance.getFromEntity(entity);
@@ -578,9 +558,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND,
String.format("inlong cluster not found by id=%s", id));
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to query cluster info");
InlongClusterOperator instance =
clusterOperatorFactory.getInstance(entity.getType());
return instance.getFromEntity(entity);
@@ -682,8 +659,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error(errMsg);
throw new BusinessException(errMsg);
}
- String message = "Current user does not have permission to update
cluster info";
- userService.checkUser(entity.getInCharges(), operator, message);
InlongClusterOperator instance =
clusterOperatorFactory.getInstance(request.getType());
instance.updateOpt(request, operator);
@@ -698,9 +673,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND,
String.format("inlong cluster not found by id=%s",
request.getId()));
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to update cluster
info");
// check parameters
chkUnmodifiableParams(entity, request);
// check whether the cluster already exists
@@ -731,9 +703,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
request.setId(entity.getId());
// check unmodifiable parameters
chkUnmodifiableParams(entity, request);
- // check permission
- String message = "Current user does not have permission to update
cluster info";
- userService.checkUser(entity.getInCharges(), operator, message);
// update record
InlongClusterOperator instance =
clusterOperatorFactory.getInstance(request.getType());
instance.updateOpt(request, operator);
@@ -748,13 +717,9 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
String clusterTag = request.getClusterTag();
Preconditions.expectNotBlank(clusterTag,
ErrorCodeEnum.INVALID_PARAMETER, "cluster tag cannot be empty");
InlongClusterTagEntity exist =
clusterTagMapper.selectByTag(clusterTag);
- userService.checkUser(exist.getInCharges(), operator,
- "Current user does not have permission to bind or unbind
cluster tag");
if (CollectionUtils.isNotEmpty(request.getBindClusters())) {
request.getBindClusters().forEach(id -> {
InlongClusterEntity entity = clusterMapper.selectById(id);
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to bind or
unbind cluster tag");
Set<String> tagSet =
Sets.newHashSet(entity.getClusterTags().split(InlongConstants.COMMA));
tagSet.add(clusterTag);
String updateTags = Joiner.on(",").join(tagSet);
@@ -772,10 +737,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
if (CollectionUtils.isNotEmpty(request.getUnbindClusters())) {
request.getUnbindClusters().forEach(id -> {
InlongClusterEntity entity = clusterMapper.selectById(id);
- String errMsg = String.format(
- "Current user does not have permission to bind or
unbind cluster tag for cluster by id=%s, name=%s",
- entity.getId(), entity.getName());
- userService.checkUser(entity.getInCharges(), operator, errMsg);
this.removeClusterTag(entity, clusterTag, operator);
});
}
@@ -785,17 +746,9 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
@Override
public Boolean bindTag(BindTagRequest request, UserInfo opInfo) {
- InlongClusterTagEntity exist =
clusterTagMapper.selectByTag(request.getClusterTag());
- // only the person in charges can bing tag
- userService.checkUser(exist.getInCharges(), opInfo.getName(),
- "Current user does not have permission to bind or unbind
cluster tag");
if (CollectionUtils.isNotEmpty(request.getBindClusters())) {
request.getBindClusters().forEach(id -> {
InlongClusterEntity entity = clusterMapper.selectById(id);
- String errMsg = String.format(
- "Current user does not have permission to bind or
unbind cluster tag for cluster by id=%s, name=%s",
- entity.getId(), entity.getName());
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
errMsg);
Set<String> tagSet =
Sets.newHashSet(entity.getClusterTags().split(InlongConstants.COMMA));
tagSet.add(request.getClusterTag());
String updateTags = Joiner.on(",").join(tagSet);
@@ -812,10 +765,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
if (CollectionUtils.isNotEmpty(request.getUnbindClusters())) {
request.getUnbindClusters().forEach(id -> {
InlongClusterEntity entity = clusterMapper.selectById(id);
- String errMsg = String.format(
- "Current user does not have permission to bind or
unbind cluster tag for cluster by id=%s, name=%s",
- entity.getId(), entity.getName());
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
errMsg);
Set<String> tagSet =
Sets.newHashSet(entity.getClusterTags().split(InlongConstants.COMMA));
tagSet.remove(request.getClusterTag());
String updateTags = Joiner.on(",").join(tagSet);
@@ -841,8 +790,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
name, type);
return false;
}
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to delete cluster
info");
List<InlongClusterNodeEntity> nodeEntities =
clusterNodeMapper.selectByParentId(entity.getId(), null);
if (CollectionUtils.isNotEmpty(nodeEntities)) {
@@ -869,8 +816,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
InlongClusterEntity entity = clusterMapper.selectById(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.CLUSTER_NOT_FOUND,
ErrorCodeEnum.CLUSTER_NOT_FOUND.getMessage());
- String message = "Current user does not have permission to delete
cluster info";
- userService.checkUser(entity.getInCharges(), operator, message);
List<InlongClusterNodeEntity> nodeEntities =
clusterNodeMapper.selectByParentId(id, null);
if (CollectionUtils.isNotEmpty(nodeEntities)) {
@@ -896,9 +841,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
Preconditions.expectNotNull(entity, ErrorCodeEnum.CLUSTER_NOT_FOUND,
ErrorCodeEnum.CONSUME_NOT_FOUND.getMessage());
- // only the person in charges can delete
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to delete cluster
info");
List<InlongClusterNodeEntity> nodeEntities =
clusterNodeMapper.selectByParentId(id, null);
if (CollectionUtils.isNotEmpty(nodeEntities)) {
throw new BusinessException(ErrorCodeEnum.RECORD_IN_USED,
@@ -938,9 +880,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
InlongClusterEntity entity =
clusterMapper.selectById(request.getParentId());
Preconditions.expectNotNull(entity, ErrorCodeEnum.CLUSTER_NOT_FOUND,
String.format("inlong cluster not found by id=%s, or was
already deleted", request.getParentId()));
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- String.format("No permission to add cluster node in
cluster=%s", request.getParentId()));
// check cluster node if exist
InlongClusterNodeEntity exist =
clusterNodeMapper.selectByUniqueKey(request);
if (exist != null) {
@@ -961,9 +900,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error("inlong cluster node not found by id={}", id);
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND);
}
- InlongClusterEntity cluster =
clusterMapper.selectById(entity.getParentId());
- String message = "Current user does not have permission to get cluster
node";
- userService.checkUser(cluster.getInCharges(), currentUser, message);
InlongClusterNodeOperator instance =
clusterNodeOperatorFactory.getInstance(entity.getType());
return instance.getFromEntity(entity);
}
@@ -975,9 +911,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.CLUSTER_NOT_FOUND);
}
InlongClusterEntity cluster =
clusterMapper.selectById(entity.getParentId());
- // only the person in charges can query
- userService.checkUser(cluster.getInCharges(), opInfo.getName(),
- "Current user does not have permission to delete cluster
info");
return CommonBeanUtils.copyProperties(entity,
ClusterNodeResponse::new);
}
@@ -990,9 +923,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
}
Integer parentId = request.getParentId();
Preconditions.expectNotNull(parentId, "Cluster id cannot be empty");
- InlongClusterEntity cluster = clusterMapper.selectById(parentId);
- String message = "Current user does not have permission to get cluster
node list";
- userService.checkUser(cluster.getInCharges(), currentUser, message);
PageHelper.startPage(request.getPageNum(), request.getPageSize());
Page<InlongClusterNodeEntity> entityPage =
(Page<InlongClusterNodeEntity>)
clusterNodeMapper.selectByCondition(request);
@@ -1012,10 +942,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.ID_IS_EMPTY,
"Cluster id cannot be empty");
}
- InlongClusterEntity cluster =
clusterMapper.selectById(request.getParentId());
- // only the person in charges can query
- userService.checkUser(cluster.getInCharges(), opInfo.getName(),
- "Current user does not have permission to get cluster node
list");
return CommonBeanUtils.copyListProperties(
clusterNodeMapper.selectByCondition(request),
ClusterNodeResponse::new);
} else {
@@ -1064,9 +990,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("inlong group not exists for groupId=%s",
groupId));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- String.format("Current user does not have permission to query
for groupId=%s", groupId));
String clusterTag = groupEntity.getInlongClusterTag();
if (StringUtils.isBlank(clusterTag)) {
throw new BusinessException(ErrorCodeEnum.CLUSTER_TAG_NOT_FOUND,
@@ -1146,10 +1069,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
LOGGER.error(errMsg);
throw new BusinessException(errMsg);
}
- // check user's permission
- InlongClusterEntity cluster =
clusterMapper.selectById(entity.getParentId());
- String message = "Current user does not have permission to update
cluster node";
- userService.checkUser(cluster.getInCharges(), operator, message);
// update record
InlongClusterNodeOperator instance =
clusterNodeOperatorFactory.getInstance(request.getType());
instance.updateOpt(request, operator);
@@ -1189,9 +1108,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
String.format("The cluster to which the node belongs not
found by clusterId=%s",
request.getParentId()));
}
- // only the person in charges can query
- userService.checkUser(cluster.getInCharges(), opInfo.getName(),
- String.format("No permission to update cluster node for
clusterId=%s", entity.getParentId()));
// update record
InlongClusterNodeOperator instance =
clusterNodeOperatorFactory.getInstance(request.getType());
instance.updateOpt(request, opInfo.getName());
@@ -1204,10 +1120,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
InlongClusterNodeEntity entity = clusterNodeMapper.selectById(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.CLUSTER_NOT_FOUND);
- InlongClusterEntity cluster =
clusterMapper.selectById(entity.getParentId());
- String message = "Current user does not have permission to delete
cluster node";
- userService.checkUser(cluster.getInCharges(), operator, message);
-
entity.setIsDeleted(entity.getId());
entity.setModifier(operator);
if (InlongConstants.AFFECTED_ONE_ROW !=
clusterNodeMapper.updateById(entity)) {
@@ -1223,10 +1135,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
public Boolean deleteNode(Integer id, UserInfo opInfo) {
InlongClusterNodeEntity entity = clusterNodeMapper.selectById(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.CLUSTER_NOT_FOUND);
- InlongClusterEntity cluster =
clusterMapper.selectById(entity.getParentId());
- // only the person in charges can delete
- userService.checkUser(cluster.getInCharges(), opInfo.getName(),
- String.format("No permission to delete cluster node for
clusterId=%s", entity.getParentId()));
// delete record
entity.setIsDeleted(entity.getId());
entity.setModifier(opInfo.getName());
@@ -1504,7 +1412,6 @@ public class InlongClusterServiceImpl implements
InlongClusterService {
@Override
public Boolean testConnection(ClusterRequest request) {
LOGGER.info("begin test connection for: {}", request);
- String type = request.getType();
// according to the data node type, test connection
InlongClusterOperator clusterOperator =
clusterOperatorFactory.getInstance(request.getType());
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/consume/InlongConsumeServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/consume/InlongConsumeServiceImpl.java
index 37c7152903..5f44810632 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/consume/InlongConsumeServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/consume/InlongConsumeServiceImpl.java
@@ -34,7 +34,6 @@ import
org.apache.inlong.manager.pojo.consume.InlongConsumeInfo;
import org.apache.inlong.manager.pojo.consume.InlongConsumePageRequest;
import org.apache.inlong.manager.pojo.consume.InlongConsumeRequest;
import org.apache.inlong.manager.pojo.group.InlongGroupInfo;
-import org.apache.inlong.manager.service.user.UserService;
import com.github.pagehelper.Page;
import com.github.pagehelper.PageHelper;
@@ -66,8 +65,6 @@ public class InlongConsumeServiceImpl implements
InlongConsumeService {
private InlongConsumeEntityMapper consumeMapper;
@Autowired
private InlongConsumeOperatorFactory consumeOperatorFactory;
- @Autowired
- private UserService userService;
@Override
public Integer save(InlongConsumeRequest request, String operator) {
@@ -142,8 +139,6 @@ public class InlongConsumeServiceImpl implements
InlongConsumeService {
LOGGER.error("inlong consume not found with id={}", id);
throw new BusinessException(ErrorCodeEnum.CONSUME_NOT_FOUND);
}
- userService.checkUser(entity.getInCharges(), currentUser,
- "Current user does not have permission to get inlong consume");
InlongConsumeOperator consumeOperator =
consumeOperatorFactory.getInstance(entity.getMqType());
InlongConsumeInfo consumeInfo = consumeOperator.getFromEntity(entity);
@@ -200,8 +195,6 @@ public class InlongConsumeServiceImpl implements
InlongConsumeService {
Integer consumeId = request.getId();
InlongConsumeEntity existEntity = consumeMapper.selectById(consumeId);
Preconditions.expectNotNull(existEntity, "inlong consume not exist
with id " + consumeId);
- userService.checkUser(existEntity.getInCharges(), operator,
- "Current user does not have permission to update inlong
consume");
if (!Objects.equals(existEntity.getVersion(), request.getVersion())) {
LOGGER.error(String.format("inlong consume has already updated,
id=%s, curVersion=%s",
@@ -250,8 +243,6 @@ public class InlongConsumeServiceImpl implements
InlongConsumeService {
Preconditions.expectNotNull(id, "inlong consume id cannot be null");
InlongConsumeEntity entity = consumeMapper.selectById(id);
Preconditions.expectNotNull(entity, "inlong consume not exist with id
" + id);
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to delete inlong
consume");
entity.setIsDeleted(id);
entity.setStatus(ConsumeStatus.DELETED.getCode());
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/core/impl/WorkflowApproverServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/core/impl/WorkflowApproverServiceImpl.java
index 874b0efb1e..c2899215fe 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/core/impl/WorkflowApproverServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/core/impl/WorkflowApproverServiceImpl.java
@@ -29,7 +29,6 @@ import
org.apache.inlong.manager.pojo.workflow.ApproverPageRequest;
import org.apache.inlong.manager.pojo.workflow.ApproverRequest;
import org.apache.inlong.manager.pojo.workflow.ApproverResponse;
import org.apache.inlong.manager.service.core.WorkflowApproverService;
-import org.apache.inlong.manager.service.user.UserService;
import org.apache.inlong.manager.workflow.core.ProcessDefinitionService;
import org.apache.inlong.manager.workflow.definition.UserTask;
import org.apache.inlong.manager.workflow.definition.WorkflowProcess;
@@ -61,8 +60,6 @@ public class WorkflowApproverServiceImpl implements
WorkflowApproverService {
private WorkflowApproverEntityMapper approverMapper;
@Autowired
private ProcessDefinitionService processDefinitionService;
- @Autowired
- private UserService userService;
@Override
public Integer save(ApproverRequest request, String operator) {
@@ -99,9 +96,6 @@ public class WorkflowApproverServiceImpl implements
WorkflowApproverService {
throw new
BusinessException(ErrorCodeEnum.WORKFLOW_APPROVER_NOT_FOUND);
}
- userService.checkUser(approverEntity.getApprovers(), operator,
- "Current user does not have permission to get this workflow
approver info");
-
return CommonBeanUtils.copyProperties(approverEntity,
ApproverResponse::new);
}
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/group/InlongGroupServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/group/InlongGroupServiceImpl.java
index 0d7d4126e7..5b5d01d88a 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/group/InlongGroupServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/group/InlongGroupServiceImpl.java
@@ -56,7 +56,6 @@ import
org.apache.inlong.manager.service.cluster.InlongClusterService;
import org.apache.inlong.manager.service.source.SourceOperatorFactory;
import org.apache.inlong.manager.service.source.StreamSourceOperator;
import org.apache.inlong.manager.service.stream.InlongStreamService;
-import org.apache.inlong.manager.service.user.UserService;
import com.fasterxml.jackson.core.type.TypeReference;
import com.github.pagehelper.Page;
@@ -114,8 +113,6 @@ public class InlongGroupServiceImpl implements
InlongGroupService {
private InlongGroupOperatorFactory groupOperatorFactory;
@Autowired
private SourceOperatorFactory sourceOperatorFactory;
- @Autowired
- private UserService userService;
/**
* Check whether modification is supported under the current group status,
and which fields can be modified.
@@ -129,13 +126,6 @@ public class InlongGroupServiceImpl implements
InlongGroupService {
return;
}
- // only the person in charges can update
- List<String> inCharges =
Arrays.asList(entity.getInCharges().split(InlongConstants.COMMA));
- if (!inCharges.contains(operator)) {
- LOGGER.error("user [{}] has no privilege for the inlong group",
operator);
- throw new BusinessException(ErrorCodeEnum.GROUP_PERMISSION_DENIED);
- }
-
// check whether the current status supports modification
GroupStatus curStatus = GroupStatus.forCode(entity.getStatus());
if (GroupStatus.notAllowedUpdate(curStatus)) {
@@ -229,9 +219,7 @@ public class InlongGroupServiceImpl implements
InlongGroupService {
if (entity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
+
// query mq information
InlongGroupOperator instance =
groupOperatorFactory.getInstance(entity.getMqType());
InlongGroupInfo groupInfo = instance.getFromEntity(entity);
@@ -423,9 +411,6 @@ public class InlongGroupServiceImpl implements
InlongGroupService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
chkUnmodifiableParams(entity, request);
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check whether the current status supports modification
GroupStatus curStatus = GroupStatus.forCode(entity.getStatus());
if (GroupStatus.notAllowedUpdate(curStatus)) {
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/node/DataNodeServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/node/DataNodeServiceImpl.java
index c950937dfe..4de9ef5dd0 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/node/DataNodeServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/node/DataNodeServiceImpl.java
@@ -31,7 +31,6 @@ import org.apache.inlong.manager.pojo.node.DataNodeInfo;
import org.apache.inlong.manager.pojo.node.DataNodePageRequest;
import org.apache.inlong.manager.pojo.node.DataNodeRequest;
import org.apache.inlong.manager.pojo.user.UserInfo;
-import org.apache.inlong.manager.service.user.UserService;
import com.github.pagehelper.Page;
import com.github.pagehelper.PageHelper;
@@ -58,8 +57,6 @@ public class DataNodeServiceImpl implements DataNodeService {
private DataNodeEntityMapper dataNodeMapper;
@Autowired
private DataNodeOperatorFactory operatorFactory;
- @Autowired
- private UserService userService;
@Override
public Integer save(DataNodeRequest request, String operator) {
@@ -114,8 +111,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
LOGGER.error("data node not found by id={}", id);
throw new BusinessException("data node not found");
}
- userService.checkUser(entity.getInCharges(), currentUser,
- "Current user does not have permission to get data node info");
String dataNodeType = entity.getType();
DataNodeOperator dataNodeOperator =
operatorFactory.getInstance(dataNodeType);
DataNodeInfo dataNodeInfo = dataNodeOperator.getFromEntity(entity);
@@ -129,9 +124,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
if (entity == null) {
throw new BusinessException(ErrorCodeEnum.DATA_NODE_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to get data node info");
DataNodeOperator dataNodeOperator =
operatorFactory.getInstance(entity.getType());
return dataNodeOperator.getFromEntity(entity);
}
@@ -191,9 +183,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
throw new BusinessException(ErrorCodeEnum.RECORD_NOT_FOUND,
String.format("data node record not found by id=%d",
request.getId()));
}
- userService.checkUser(curEntity.getInCharges(), operator,
- "Current user does not have permission to update data node
info");
-
// check whether modify unmodifiable parameters
chkUnmodifiableParams(curEntity, request);
@@ -230,8 +219,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
LOGGER.error(errMsg);
throw new BusinessException(errMsg);
}
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to update data node
info");
request.setId(entity.getId());
Boolean result = this.update(request, operator);
LOGGER.info("success to update data node by key: {}", request);
@@ -243,8 +230,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
DataNodeEntity entity = dataNodeMapper.selectById(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.DATA_NODE_NOT_FOUND,
ErrorCodeEnum.DATA_NODE_NOT_FOUND.getMessage());
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to delete data node
info");
return delete(entity, operator);
}
@@ -253,8 +238,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
DataNodeEntity entity = dataNodeMapper.selectById(id);
Preconditions.expectNotNull(entity, ErrorCodeEnum.DATA_NODE_NOT_FOUND,
ErrorCodeEnum.DATA_NODE_NOT_FOUND.getMessage());
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- "Current user does not have permission to delete data node
info");
// delete record
entity.setIsDeleted(entity.getId());
entity.setModifier(opInfo.getName());
@@ -303,8 +286,6 @@ public class DataNodeServiceImpl implements DataNodeService
{
DataNodeEntity entity = dataNodeMapper.selectByUniqueKey(name, type);
Preconditions.expectNotNull(entity, ErrorCodeEnum.DATA_NODE_NOT_FOUND,
ErrorCodeEnum.DATA_NODE_NOT_FOUND.getMessage());
- userService.checkUser(entity.getInCharges(), operator,
- "Current user does not have permission to delete data node
info");
return delete(entity, operator);
}
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/sink/StreamSinkServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/sink/StreamSinkServiceImpl.java
index e6036a33f5..b9c0ffe40f 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/sink/StreamSinkServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/sink/StreamSinkServiceImpl.java
@@ -48,7 +48,6 @@ import org.apache.inlong.manager.pojo.stream.InlongStreamInfo;
import org.apache.inlong.manager.pojo.user.UserInfo;
import org.apache.inlong.manager.service.group.GroupCheckService;
import org.apache.inlong.manager.service.stream.InlongStreamProcessService;
-import org.apache.inlong.manager.service.user.UserService;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
@@ -117,8 +116,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
@Autowired
private AutowireCapableBeanFactory autowireCapableBeanFactory;
@Autowired
- private UserService userService;
- @Autowired
private ObjectMapper objectMapper;
// To avoid circular dependencies, you cannot use @Autowired, it will be
injected by AutowireCapableBeanFactory
@@ -188,9 +185,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check group status
GroupStatus curState = GroupStatus.forCode(entity.getStatus());
if (GroupStatus.notAllowedUpdate(curState)) {
@@ -262,9 +256,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
if (groupEntity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSinkOperator sinkOperator =
operatorFactory.getInstance(entity.getSinkType());
return sinkOperator.getFromEntity(entity);
}
@@ -318,8 +309,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
@Override
public PageResult<? extends StreamSink> listByCondition(SinkPageRequest
request, String operator) {
Preconditions.expectNotBlank(request.getInlongGroupId(),
ErrorCodeEnum.GROUP_ID_IS_EMPTY);
- UserInfo userInfo = userService.getByName(operator);
- boolean isAdmin =
TenantUserTypeEnum.TENANT_ADMIN.getCode().equals(userInfo.getAccountType());
PageHelper.startPage(request.getPageNum(), request.getPageSize());
OrderFieldEnum.checkOrderField(request);
OrderTypeEnum.checkOrderType(request);
@@ -331,13 +320,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
if (groupEntity == null) {
continue;
}
- // only the person in charges can query
- if (!isAdmin) {
- List<String> inCharges =
Arrays.asList(groupEntity.getInCharges().split(InlongConstants.COMMA));
- if (!inCharges.contains(operator)) {
- continue;
- }
- }
sinkMap.computeIfAbsent(streamSink.getSinkType(), k -> new
Page<>()).add(streamSink);
}
List<StreamSink> responseList = Lists.newArrayList();
@@ -460,9 +442,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
throw new
BusinessException(ErrorCodeEnum.ILLEGAL_RECORD_FIELD_VALUE,
String.format("InlongGroup does not exist with
InlongGroupId=%s", curEntity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(curGroupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// Check if group status can be modified
GroupStatus curState = GroupStatus.forCode(curEntity.getStatus());
if (GroupStatus.notAllowedUpdate(curState)) {
@@ -571,9 +550,6 @@ public class StreamSinkServiceImpl implements
StreamSinkService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", sinkEntity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// Check if group status can be modified
GroupStatus curState = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.notAllowedUpdate(curState)) {
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
index fe6109fba1..a8a01224b8 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/source/StreamSourceServiceImpl.java
@@ -44,7 +44,6 @@ import org.apache.inlong.manager.pojo.stream.InlongStreamInfo;
import org.apache.inlong.manager.pojo.stream.StreamField;
import org.apache.inlong.manager.pojo.user.UserInfo;
import org.apache.inlong.manager.service.group.GroupCheckService;
-import org.apache.inlong.manager.service.user.UserService;
import com.github.pagehelper.Page;
import com.github.pagehelper.PageHelper;
@@ -90,8 +89,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
private StreamSourceFieldEntityMapper sourceFieldMapper;
@Autowired
private GroupCheckService groupCheckService;
- @Autowired
- private UserService userService;
@Override
@Transactional(rollbackFor = Throwable.class, propagation =
Propagation.REQUIRES_NEW)
@@ -102,8 +99,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
// Check if it can be added
String groupId = request.getInlongGroupId();
InlongGroupEntity groupEntity =
groupCheckService.checkGroupStatus(groupId, operator);
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
String streamId = request.getInlongStreamId();
String sourceName = request.getSourceName();
List<StreamSourceEntity> existList =
sourceMapper.selectByRelatedId(groupId, streamId, sourceName);
@@ -134,9 +129,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// get stream information
InlongStreamEntity streamEntity = streamMapper.selectByIdentifier(
request.getInlongGroupId(), request.getInlongStreamId());
@@ -196,9 +188,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
if (groupEntity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator =
operatorFactory.getInstance(entity.getSourceType());
return sourceOperator.getFromEntity(entity);
}
@@ -338,8 +327,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", groupEntity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator =
operatorFactory.getInstance(request.getSourceType());
// Remove id in sourceField when save
List<StreamField> streamFields = request.getFieldList();
@@ -363,9 +350,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new
BusinessException(ErrorCodeEnum.ILLEGAL_RECORD_FIELD_VALUE,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check inlong group status
GroupStatus status = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.notAllowedUpdate(status)) {
@@ -408,8 +392,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", entity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
SourceStatus curStatus = SourceStatus.forCode(entity.getStatus());
SourceStatus nextStatus = SourceStatus.TO_BE_ISSUED_DELETE;
@@ -453,9 +435,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", entity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check record status
boolean isTemplateSource =
CollectionUtils.isNotEmpty(sourceMapper.selectByTemplateId(id));
SourceStatus curStatus = SourceStatus.forCode(entity.getStatus());
@@ -513,8 +492,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", entity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator =
operatorFactory.getInstance(entity.getSourceType());
SourceRequest sourceRequest = new SourceRequest();
@@ -536,8 +513,6 @@ public class StreamSourceServiceImpl implements
StreamSourceService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", entity.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
StreamSourceOperator sourceOperator =
operatorFactory.getInstance(entity.getSourceType());
SourceRequest sourceRequest = new SourceRequest();
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamProcessService.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamProcessService.java
index ffb1dbbf56..12c00cd7db 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamProcessService.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamProcessService.java
@@ -32,7 +32,6 @@ import org.apache.inlong.manager.pojo.user.UserInfo;
import org.apache.inlong.manager.pojo.workflow.WorkflowResult;
import
org.apache.inlong.manager.pojo.workflow.form.process.StreamResourceProcessForm;
import org.apache.inlong.manager.service.group.InlongGroupService;
-import org.apache.inlong.manager.service.user.UserService;
import org.apache.inlong.manager.service.workflow.WorkflowService;
import com.google.common.util.concurrent.ThreadFactoryBuilder;
@@ -73,8 +72,6 @@ public class InlongStreamProcessService {
private InlongStreamService streamService;
@Autowired
private WorkflowService workflowService;
- @Autowired
- private UserService userService;
/**
* Create stream in synchronous/asynchronous way.
@@ -90,9 +87,6 @@ public class InlongStreamProcessService {
+ " for groupId=%s", groupStatus, groupId));
}
- // only the person in charges can start process
- userService.checkUser(groupInfo.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
-
InlongStreamInfo streamInfo = streamService.get(groupId, streamId);
Preconditions.expectNotNull(streamInfo,
ErrorCodeEnum.STREAM_NOT_FOUND.getMessage());
StreamStatus status = StreamStatus.forCode(streamInfo.getStatus());
@@ -137,9 +131,6 @@ public class InlongStreamProcessService {
+ " for groupId=%s", groupStatus, groupId));
}
- // only the person in charges can suspend process
- userService.checkUser(groupInfo.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
-
InlongStreamInfo streamInfo = streamService.get(groupId, streamId);
Preconditions.expectNotNull(streamInfo,
ErrorCodeEnum.STREAM_NOT_FOUND.getMessage());
StreamStatus status = StreamStatus.forCode(streamInfo.getStatus());
@@ -181,8 +172,6 @@ public class InlongStreamProcessService {
throw new BusinessException(
String.format("group status=%s not support restart stream
for groupId=%s", groupStatus, groupId));
}
- // only the person in charges can restart process
- userService.checkUser(groupInfo.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
InlongStreamInfo streamInfo = streamService.get(groupId, streamId);
Preconditions.expectNotNull(streamInfo,
ErrorCodeEnum.STREAM_NOT_FOUND.getMessage());
@@ -224,9 +213,6 @@ public class InlongStreamProcessService {
ErrorCodeEnum.GROUP_NOT_FOUND.getMessage() + " : " +
groupId);
}
- // only the person in charges can delete process
- userService.checkUser(groupInfo.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
-
GroupStatus groupStatus = GroupStatus.forCode(groupInfo.getStatus());
if (GroupStatus.notAllowedTransition(groupStatus,
GroupStatus.DELETING)) {
throw new BusinessException(ErrorCodeEnum.GROUP_DELETE_NOT_ALLOWED,
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamServiceImpl.java
index a3172b809b..9083c3d8de 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/stream/InlongStreamServiceImpl.java
@@ -58,7 +58,6 @@ import
org.apache.inlong.manager.service.resource.queue.QueueResourceOperator;
import
org.apache.inlong.manager.service.resource.queue.QueueResourceOperatorFactory;
import org.apache.inlong.manager.service.sink.StreamSinkService;
import org.apache.inlong.manager.service.source.StreamSourceService;
-import org.apache.inlong.manager.service.user.UserService;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
@@ -130,8 +129,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
@Autowired
private ObjectMapper objectMapper;
@Autowired
- private UserService userService;
- @Autowired
@Lazy
private QueueResourceOperatorFactory queueOperatorFactory;
@Autowired
@@ -186,9 +183,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
if (entity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// Add/modify/delete is not allowed under temporary inlong group status
GroupStatus curState = GroupStatus.forCode(entity.getStatus());
if (GroupStatus.isTempStatus(curState)) {
@@ -266,9 +260,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
if (entity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// get stream information
InlongStreamEntity streamEntity =
streamMapper.selectByIdentifier(groupId, streamId);
if (streamEntity == null) {
@@ -297,9 +288,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), operator,
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// get stream information
InlongStreamEntity streamEntity =
streamMapper.selectByIdentifier(groupId, streamId);
if (streamEntity == null) {
@@ -478,9 +466,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(entity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// Add/modify/delete is not allowed under temporary inlong group status
GroupStatus curState = GroupStatus.forCode(entity.getStatus());
if (GroupStatus.isTempStatus(curState)) {
@@ -611,9 +596,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
if (groupEntity == null) {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND);
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// Add/modify/delete is not allowed under temporary inlong group status
GroupStatus curState = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.isTempStatus(curState)) {
@@ -1004,8 +986,6 @@ public class InlongStreamServiceImpl implements
InlongStreamService {
@Override
public List<BriefMQMessage> listMessages(String groupId, String streamId,
Integer messageCount, String operator) {
InlongGroupEntity groupEntity = groupMapper.selectByGroupId(groupId);
- // check user
- userService.checkUser(groupEntity.getInCharges(), operator,
ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
InlongGroupOperator instance =
groupOperatorFactory.getInstance(groupEntity.getMqType());
InlongGroupInfo groupInfo = instance.getFromEntity(groupEntity);
InlongStreamInfo inlongStreamInfo = get(groupId, streamId);
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/transform/StreamTransformServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/transform/StreamTransformServiceImpl.java
index d5ca2cf628..6ffdcd975b 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/transform/StreamTransformServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/transform/StreamTransformServiceImpl.java
@@ -111,9 +111,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check inlong group status
GroupStatus status = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.notAllowedUpdate(status)) {
@@ -151,8 +148,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", groupId));
}
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// query result
List<StreamTransformEntity> entityList =
transformMapper.selectByCondition(request);
@@ -179,8 +174,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", entity.getInlongGroupId()));
}
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
Map<Integer, List<StreamField>> fieldInfoMap = fieldEntities.stream()
.map(transformFieldEntity -> {
@@ -213,8 +206,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", groupId));
}
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// query result
List<StreamTransformEntity> entityList =
transformMapper.selectByRelatedId(groupId, streamId, null);
if (CollectionUtils.isEmpty(entityList)) {
@@ -261,9 +252,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check inlong group status
GroupStatus status = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.notAllowedUpdate(status)) {
@@ -327,9 +315,6 @@ public class StreamTransformServiceImpl implements
StreamTransformService {
throw new BusinessException(ErrorCodeEnum.GROUP_NOT_FOUND,
String.format("InlongGroup does not exist with
InlongGroupId=%s", request.getInlongGroupId()));
}
- // only the person in charges can query
- userService.checkUser(groupEntity.getInCharges(), opInfo.getName(),
- ErrorCodeEnum.GROUP_PERMISSION_DENIED.getMessage());
// check inlong group status
GroupStatus status = GroupStatus.forCode(groupEntity.getStatus());
if (GroupStatus.notAllowedUpdate(status)) {
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserService.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserService.java
index be79bb6980..9e2de4bfea 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserService.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserService.java
@@ -82,13 +82,4 @@ public interface UserService {
*/
void login(UserLoginRequest req);
- /**
- * Check the given user is the admin or is one of the in charges.
- *
- * @param inCharges incharge list
- * @param user current user name
- * @param errMsg error message
- */
- void checkUser(String inCharges, String user, String errMsg);
-
}
diff --git
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java
index a3f29d4494..02388f55d0 100644
---
a/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java
+++
b/inlong-manager/manager-service/src/main/java/org/apache/inlong/manager/service/user/UserServiceImpl.java
@@ -354,13 +354,6 @@ public class UserServiceImpl implements UserService {
loginLockStatusMap.put(username, userLoginLockStatus);
}
- public void checkUser(String inCharges, String user, String errMsg) {
- UserEntity userEntity = userMapper.selectByName(user);
- boolean isInCharge = Preconditions.inSeparatedString(user, inCharges,
InlongConstants.COMMA);
- Preconditions.expectTrue(isInCharge
- ||
TenantUserTypeEnum.TENANT_ADMIN.getCode().equals(userEntity.getAccountType()),
errMsg);
- }
-
public void removeInChargeForGroup(String user, String operator) {
InlongGroupPageRequest pageRequest = new InlongGroupPageRequest();
pageRequest.setCurrentUser(user);
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/DataNodeController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/DataNodeController.java
index aacd8d107b..83b17000ec 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/DataNodeController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/DataNodeController.java
@@ -29,7 +29,6 @@ import org.apache.inlong.manager.pojo.node.DataNodeInfo;
import org.apache.inlong.manager.pojo.node.DataNodePageRequest;
import org.apache.inlong.manager.pojo.node.DataNodeRequest;
import org.apache.inlong.manager.pojo.user.LoginUserUtils;
-import org.apache.inlong.manager.pojo.user.UserRoleCode;
import org.apache.inlong.manager.service.node.DataNodeService;
import org.apache.inlong.manager.service.operationlog.OperationLog;
@@ -37,8 +36,6 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
@@ -64,7 +61,6 @@ public class DataNodeController {
@PostMapping(value = "/node/save")
@ApiOperation(value = "Save node")
@OperationLog(operation = OperationType.CREATE)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> save(@Validated(SaveValidation.class)
@RequestBody DataNodeRequest request) {
String currentUser = LoginUserUtils.getLoginUser().getName();
return Response.success(dataNodeService.save(request, currentUser));
@@ -90,7 +86,6 @@ public class DataNodeController {
@PostMapping(value = "/node/update")
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update data node")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> update(@Validated(UpdateByIdValidation.class)
@RequestBody DataNodeRequest request) {
String username = LoginUserUtils.getLoginUser().getName();
return Response.success(dataNodeService.update(request, username));
@@ -99,7 +94,6 @@ public class DataNodeController {
@PostMapping(value = "/node/updateByKey")
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update data node by key")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<UpdateResult> updateByKey(
@Validated(UpdateByKeyValidation.class) @RequestBody
DataNodeRequest request) {
String username = LoginUserUtils.getLoginUser().getName();
@@ -110,7 +104,6 @@ public class DataNodeController {
@ApiOperation(value = "Delete data node by id")
@OperationLog(operation = OperationType.DELETE)
@ApiImplicitParam(name = "id", value = "Data node ID", dataTypeClass =
Integer.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> delete(@PathVariable Integer id) {
return Response.success(dataNodeService.delete(id,
LoginUserUtils.getLoginUser().getName()));
}
@@ -122,7 +115,6 @@ public class DataNodeController {
@ApiImplicitParam(name = "name", value = "Data node name",
dataTypeClass = String.class, required = true),
@ApiImplicitParam(name = "type", value = "Data node type",
dataTypeClass = String.class, required = true)
})
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> deleteByKey(@RequestParam String name,
@RequestParam String type) {
return Response.success(dataNodeService.deleteByKey(name, type,
LoginUserUtils.getLoginUser().getName()));
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongClusterController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongClusterController.java
index 5322aebc71..eb6fd58d52 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongClusterController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongClusterController.java
@@ -46,7 +46,6 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
@@ -213,7 +212,7 @@ public class InlongClusterController {
@ApiOperation(value = "Delete cluster by id")
@OperationLog(operation = OperationType.DELETE)
@ApiImplicitParam(name = "id", value = "Cluster ID", dataTypeClass =
Integer.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.INLONG_ADMIN})
+ @RequiresRoles(UserRoleCode.INLONG_ADMIN)
public Response<Boolean> delete(@PathVariable Integer id) {
return Response.success(clusterService.delete(id,
LoginUserUtils.getLoginUser().getName()));
}
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongConsumeController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongConsumeController.java
index 62d3826994..6433f46655 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongConsumeController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongConsumeController.java
@@ -28,7 +28,6 @@ import
org.apache.inlong.manager.pojo.consume.InlongConsumeInfo;
import org.apache.inlong.manager.pojo.consume.InlongConsumePageRequest;
import org.apache.inlong.manager.pojo.consume.InlongConsumeRequest;
import org.apache.inlong.manager.pojo.user.LoginUserUtils;
-import org.apache.inlong.manager.pojo.user.UserRoleCode;
import org.apache.inlong.manager.pojo.workflow.WorkflowResult;
import org.apache.inlong.manager.service.consume.InlongConsumeProcessService;
import org.apache.inlong.manager.service.consume.InlongConsumeService;
@@ -37,8 +36,6 @@ import
org.apache.inlong.manager.service.operationlog.OperationLog;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
@@ -66,7 +63,6 @@ public class InlongConsumeController {
@RequestMapping(value = "/consume/save", method = RequestMethod.POST)
@OperationLog(operation = OperationType.CREATE)
@ApiOperation(value = "Save inlong consume")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> save(@RequestBody InlongConsumeRequest request) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(consumeService.save(request, operator));
@@ -97,7 +93,6 @@ public class InlongConsumeController {
@PostMapping("/consume/update")
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update inlong consume")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> update(@Validated(UpdateValidation.class)
@RequestBody InlongConsumeRequest request) {
return Response.success(consumeService.update(request,
LoginUserUtils.getLoginUser().getName()));
}
@@ -106,7 +101,6 @@ public class InlongConsumeController {
@OperationLog(operation = OperationType.DELETE)
@ApiOperation(value = "Delete inlong consume by ID")
@ApiImplicitParam(name = "id", value = "Inlong consume ID", dataTypeClass
= Integer.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> delete(@PathVariable(name = "id") Integer id) {
return Response.success(consumeService.delete(id,
LoginUserUtils.getLoginUser().getName()));
}
@@ -115,7 +109,6 @@ public class InlongConsumeController {
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Start inlong consume process")
@ApiImplicitParam(name = "id", value = "Inlong consume ID", dataTypeClass
= Integer.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<WorkflowResult> startProcess(@PathVariable(name = "id")
Integer id) {
String username = LoginUserUtils.getLoginUser().getName();
return Response.success(consumeProcessService.startProcess(id,
username));
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongGroupController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongGroupController.java
index 34b18b35e7..edf6ed6a33 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongGroupController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongGroupController.java
@@ -32,7 +32,6 @@ import
org.apache.inlong.manager.pojo.group.InlongGroupResetRequest;
import org.apache.inlong.manager.pojo.group.InlongGroupTopicInfo;
import org.apache.inlong.manager.pojo.group.InlongGroupTopicRequest;
import org.apache.inlong.manager.pojo.user.LoginUserUtils;
-import org.apache.inlong.manager.pojo.user.UserRoleCode;
import org.apache.inlong.manager.pojo.workflow.WorkflowResult;
import org.apache.inlong.manager.service.group.InlongGroupProcessService;
import org.apache.inlong.manager.service.group.InlongGroupService;
@@ -41,8 +40,6 @@ import
org.apache.inlong.manager.service.operationlog.OperationLog;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
@@ -73,7 +70,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/save", method = RequestMethod.POST)
@OperationLog(operation = OperationType.CREATE)
@ApiOperation(value = "Save inlong group")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<String> save(@Validated(SaveValidation.class) @RequestBody
InlongGroupRequest groupRequest) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupService.save(groupRequest, operator));
@@ -132,7 +128,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/update", method = RequestMethod.POST)
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update inlong group")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<String> update(@Validated(UpdateValidation.class)
@RequestBody InlongGroupRequest groupRequest) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupService.update(groupRequest, operator));
@@ -142,7 +137,6 @@ public class InlongGroupController {
@ApiOperation(value = "Delete inlong group info")
@OperationLog(operation = OperationType.DELETE)
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> delete(@PathVariable String groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupProcessOperation.deleteProcess(groupId,
operator));
@@ -152,7 +146,6 @@ public class InlongGroupController {
@ApiOperation(value = "Delete inlong group info")
@OperationLog(operation = OperationType.DELETE)
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<String> deleteAsync(@PathVariable String groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return
Response.success(groupProcessOperation.deleteProcessAsync(groupId, operator));
@@ -161,7 +154,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/startProcess/{groupId}", method =
RequestMethod.POST)
@ApiOperation(value = "Start inlong approval process")
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<WorkflowResult> startProcess(@PathVariable String groupId)
{
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupProcessOperation.startProcess(groupId,
operator));
@@ -170,7 +162,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/suspendProcess/{groupId}", method =
RequestMethod.POST)
@ApiOperation(value = "Suspend inlong group process")
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<WorkflowResult> suspendProcess(@PathVariable String
groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupProcessOperation.suspendProcess(groupId,
operator));
@@ -179,7 +170,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/restartProcess/{groupId}", method =
RequestMethod.POST)
@ApiOperation(value = "Restart inlong group process")
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<WorkflowResult> restartProcess(@PathVariable String
groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return Response.success(groupProcessOperation.restartProcess(groupId,
operator));
@@ -188,7 +178,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/suspendProcessAsync/{groupId}", method =
RequestMethod.POST)
@ApiOperation(value = "Suspend inlong group process")
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<String> suspendProcessAsync(@PathVariable String groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return
Response.success(groupProcessOperation.suspendProcessAsync(groupId, operator));
@@ -197,7 +186,6 @@ public class InlongGroupController {
@RequestMapping(value = "/group/restartProcessAsync/{groupId}", method =
RequestMethod.POST)
@ApiOperation(value = "Restart inlong group process")
@ApiImplicitParam(name = "groupId", value = "Inlong group id",
dataTypeClass = String.class)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<String> restartProcessAsync(@PathVariable String groupId) {
String operator = LoginUserUtils.getLoginUser().getName();
return
Response.success(groupProcessOperation.restartProcessAsync(groupId, operator));
@@ -205,7 +193,6 @@ public class InlongGroupController {
@PostMapping(value = "/group/reset")
@ApiOperation(value = "Reset group status when group is in
CONFIG_ING|SUSPENDING|RESTARTING|DELETING")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> reset(@RequestBody @Validated
InlongGroupResetRequest request) {
String operator = LoginUserUtils.getLoginUser().getName();
return
Response.success(groupProcessOperation.resetGroupStatus(request, operator));
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantController.java
index 1726244396..e35afe44d8 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantController.java
@@ -63,7 +63,7 @@ public class InlongTenantController {
@RequestMapping(value = "/tenant/save", method = RequestMethod.POST)
@OperationLog(operation = OperationType.CREATE)
@ApiOperation(value = "Save inlong tenant")
- @RequiresRoles(logical = Logical.OR, value = {INLONG_ADMIN})
+ @RequiresRoles(INLONG_ADMIN)
public Response<Integer> save(@Validated @RequestBody InlongTenantRequest
request) {
return Response.success(tenantService.save(request));
}
@@ -77,7 +77,7 @@ public class InlongTenantController {
@RequestMapping(value = "/tenant/update", method = RequestMethod.POST)
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update inlong tenant")
- @RequiresRoles(logical = Logical.OR, value = {INLONG_ADMIN})
+ @RequiresRoles(INLONG_ADMIN)
public Response<Boolean> update(@Validated(UpdateByIdValidation.class)
@RequestBody InlongTenantRequest request) {
return Response.success(tenantService.update(request));
}
@@ -85,7 +85,7 @@ public class InlongTenantController {
@RequestMapping(value = "/tenant/delete/{name}", method =
RequestMethod.GET)
@ApiOperation(value = "Delete inlong tenant by name")
@ApiImplicitParam(name = "name", dataTypeClass = String.class, required =
true)
- @RequiresRoles(logical = Logical.OR, value = {INLONG_ADMIN})
+ @RequiresRoles(INLONG_ADMIN)
public Response<Boolean> delete(@PathVariable String name) {
return Response.success(tenantService.delete(name));
}
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantRoleController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantRoleController.java
index 5493a8fffb..d08ac5508d 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantRoleController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/InlongTenantRoleController.java
@@ -68,7 +68,7 @@ public class InlongTenantRoleController {
}
@RequestMapping(value = "/role/tenant/update", method = RequestMethod.POST)
- @OperationLog(operation = OperationType.CREATE)
+ @OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update tenant role")
@RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> update(@Validated @RequestBody TenantRoleRequest
request) {
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/UserController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/UserController.java
index 340f55c93b..b02d277b1e 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/UserController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/UserController.java
@@ -82,7 +82,7 @@ public class UserController {
@PostMapping("/user/listAll")
@ApiOperation(value = "List all users")
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.INLONG_ADMIN,
UserRoleCode.TENANT_ADMIN})
+ @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.INLONG_ADMIN})
public Response<PageResult<UserInfo>> list(@RequestBody UserRequest
request) {
return Response.success(userService.list(request));
}
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/WorkflowApproverController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/WorkflowApproverController.java
index 06d334b259..70b24dc952 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/WorkflowApproverController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/WorkflowApproverController.java
@@ -32,6 +32,7 @@ import
org.apache.inlong.manager.service.operationlog.OperationLog;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
+import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
@@ -56,7 +57,7 @@ public class WorkflowApproverController {
@PostMapping("/workflow/approver/save")
@OperationLog(operation = OperationType.CREATE)
@ApiOperation(value = "Save approver info")
- @RequiresRoles(value = UserRoleCode.TENANT_ADMIN)
+ @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> save(@RequestBody ApproverRequest config) {
return Response.success(workflowApproverService.save(config,
LoginUserUtils.getLoginUser().getName()));
}
@@ -80,7 +81,7 @@ public class WorkflowApproverController {
@PostMapping("/workflow/approver/update")
@OperationLog(operation = OperationType.UPDATE)
@ApiOperation(value = "Update approver info")
- @RequiresRoles(value = UserRoleCode.TENANT_ADMIN)
+ @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> update(@RequestBody ApproverRequest request) {
return Response.success(workflowApproverService.update(request,
LoginUserUtils.getLoginUser().getName()));
}
@@ -89,7 +90,7 @@ public class WorkflowApproverController {
@OperationLog(operation = OperationType.DELETE)
@ApiOperation(value = "Delete approver by ID")
@ApiImplicitParam(name = "id", value = "Workflow approver ID",
dataTypeClass = Integer.class, required = true)
- @RequiresRoles(value = UserRoleCode.TENANT_ADMIN)
+ @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> delete(@PathVariable Integer id) {
workflowApproverService.delete(id,
LoginUserUtils.getLoginUser().getName());
return Response.success(true);
diff --git
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/openapi/OpenDataNodeController.java
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/openapi/OpenDataNodeController.java
index e42da8452a..833580edc3 100644
---
a/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/openapi/OpenDataNodeController.java
+++
b/inlong-manager/manager-web/src/main/java/org/apache/inlong/manager/web/controller/openapi/OpenDataNodeController.java
@@ -27,15 +27,12 @@ import org.apache.inlong.manager.pojo.node.DataNodeInfo;
import org.apache.inlong.manager.pojo.node.DataNodePageRequest;
import org.apache.inlong.manager.pojo.node.DataNodeRequest;
import org.apache.inlong.manager.pojo.user.LoginUserUtils;
-import org.apache.inlong.manager.pojo.user.UserRoleCode;
import org.apache.inlong.manager.service.node.DataNodeService;
import org.apache.inlong.manager.service.operationlog.OperationLog;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authz.annotation.Logical;
-import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.DeleteMapping;
@@ -79,7 +76,6 @@ public class OpenDataNodeController {
@PostMapping(value = "/node/save")
@ApiOperation(value = "Save node")
@OperationLog(operation = OperationType.CREATE)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Integer> save(@Validated(SaveValidation.class)
@RequestBody DataNodeRequest request) {
Preconditions.expectNotNull(request, ErrorCodeEnum.INVALID_PARAMETER,
"request cannot be null");
Preconditions.expectNotNull(LoginUserUtils.getLoginUser(),
ErrorCodeEnum.LOGIN_USER_EMPTY);
@@ -89,7 +85,6 @@ public class OpenDataNodeController {
@PostMapping(value = "/node/update")
@ApiOperation(value = "Update data node")
@OperationLog(operation = OperationType.UPDATE)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> update(@Validated(UpdateByIdValidation.class)
@RequestBody DataNodeRequest request) {
Preconditions.expectNotNull(request, ErrorCodeEnum.REQUEST_IS_EMPTY);
Preconditions.expectNotNull(LoginUserUtils.getLoginUser(),
ErrorCodeEnum.LOGIN_USER_EMPTY);
@@ -100,7 +95,6 @@ public class OpenDataNodeController {
@ApiOperation(value = "Delete data node by id")
@OperationLog(operation = OperationType.DELETE)
@ApiImplicitParam(name = "id", value = "Data node ID", dataTypeClass =
Integer.class, required = true)
- @RequiresRoles(logical = Logical.OR, value = {UserRoleCode.TENANT_ADMIN,
UserRoleCode.INLONG_ADMIN})
public Response<Boolean> delete(@PathVariable Integer id) {
Preconditions.expectNotNull(id, ErrorCodeEnum.INVALID_PARAMETER, "data
node id cannot be null");
Preconditions.expectNotNull(LoginUserUtils.getLoginUser(),
ErrorCodeEnum.LOGIN_USER_EMPTY);
