KYLIN-2555 Check user exist before grant authorities
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/6d6e862f Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/6d6e862f Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/6d6e862f Branch: refs/heads/master-hadoop3.0 Commit: 6d6e862f15568a5cd40f3bf10f02645641e17d07 Parents: 410898f Author: FAN XIE <xiefan.s...@outlook.com> Authored: Wed Apr 19 12:34:16 2017 +0800 Committer: hongbin ma <m...@kyligence.io> Committed: Wed Apr 19 12:34:16 2017 +0800 ---------------------------------------------------------------------- .../java/org/apache/kylin/rest/service/AclService.java | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kylin/blob/6d6e862f/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java ---------------------------------------------------------------------- diff --git a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java index 3e3efec..c0ece1d 100644 --- a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java +++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java @@ -75,7 +75,6 @@ import com.fasterxml.jackson.databind.JsonMappingException; /** * @author xduo - * */ @Component("aclService") public class AclService implements MutableAclService { @@ -111,6 +110,9 @@ public class AclService implements MutableAclService { @Autowired protected AclHBaseStorage aclHBaseStorage; + @Autowired + protected UserService userService; + public AclService() throws IOException { fieldAces.setAccessible(true); fieldAcl.setAccessible(true); @@ -297,6 +299,13 @@ public class AclService implements MutableAclService { } for (AccessControlEntry ace : acl.getEntries()) { + if (ace.getSid() instanceof PrincipalSid) { + PrincipalSid psid = (PrincipalSid) ace.getSid(); + String userName = psid.getPrincipal(); + logger.debug("ACE SID name: " + userName); + if (!userService.userExists(userName)) + throw new NotFoundException("User : " + userName + " not exists. Please check or create user first"); + } AceInfo aceInfo = new AceInfo(ace); put.addColumn(Bytes.toBytes(AclHBaseStorage.ACL_ACES_FAMILY), Bytes.toBytes(aceInfo.getSidInfo().getSid()), aceSerializer.serialize(aceInfo)); } @@ -315,6 +324,7 @@ public class AclService implements MutableAclService { return (MutableAcl) readAclById(acl.getObjectIdentity()); } + private void genAces(List<Sid> sids, Result result, AclImpl acl) throws JsonParseException, JsonMappingException, IOException { List<AceInfo> aceInfos = new ArrayList<AceInfo>(); if (null != sids) { @@ -459,4 +469,5 @@ public class AclService implements MutableAclService { } } + }