Repository: kylin Updated Branches: refs/heads/master ed319575e -> 6474e22fe
KYLIN-3074 Change cube access to project access in ExternalAclProvider.java Signed-off-by: shaofengshi <shaofeng...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/kylin/repo Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/6474e22f Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/6474e22f Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/6474e22f Branch: refs/heads/master Commit: 6474e22fe09012d9c22e20685a55de6b43d181a4 Parents: ed31957 Author: peng.jianhua <peng.jian...@zte.com.cn> Authored: Tue Dec 5 15:31:20 2017 +0800 Committer: shaofengshi <shaofeng...@apache.org> Committed: Tue Dec 5 16:15:28 2017 +0800 ---------------------------------------------------------------------- .../kylin/rest/security/AclPermissionFactory.java | 11 +++++++++-- .../kylin/rest/security/ExternalAclProvider.java | 16 ++++++++-------- webapp/app/partials/cubes/cubes.html | 4 ++-- webapp/app/partials/models/models_tree.html | 2 +- 4 files changed, 20 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kylin/blob/6474e22f/server-base/src/main/java/org/apache/kylin/rest/security/AclPermissionFactory.java ---------------------------------------------------------------------- diff --git a/server-base/src/main/java/org/apache/kylin/rest/security/AclPermissionFactory.java b/server-base/src/main/java/org/apache/kylin/rest/security/AclPermissionFactory.java index d662403..aeba5fb 100644 --- a/server-base/src/main/java/org/apache/kylin/rest/security/AclPermissionFactory.java +++ b/server-base/src/main/java/org/apache/kylin/rest/security/AclPermissionFactory.java @@ -45,8 +45,15 @@ public class AclPermissionFactory extends DefaultPermissionFactory { Object fieldValue = field.get(null); if (Permission.class.isAssignableFrom(fieldValue.getClass())) { - // Found a Permission static field - permissions.add((Permission) fieldValue); + Permission perm = (Permission) fieldValue; + String permissionName = field.getName(); + if (permissionName.equals(AclPermissionType.ADMINISTRATION) + || permissionName.equals(AclPermissionType.MANAGEMENT) + || permissionName.equals(AclPermissionType.OPERATION) + || permissionName.equals(AclPermissionType.READ)) { + // Found a Permission static field + permissions.add(perm); + } } } catch (Exception ignore) { //ignore on purpose http://git-wip-us.apache.org/repos/asf/kylin/blob/6474e22f/server-base/src/main/java/org/apache/kylin/rest/security/ExternalAclProvider.java ---------------------------------------------------------------------- diff --git a/server-base/src/main/java/org/apache/kylin/rest/security/ExternalAclProvider.java b/server-base/src/main/java/org/apache/kylin/rest/security/ExternalAclProvider.java index 395f44d..9e977d0 100644 --- a/server-base/src/main/java/org/apache/kylin/rest/security/ExternalAclProvider.java +++ b/server-base/src/main/java/org/apache/kylin/rest/security/ExternalAclProvider.java @@ -52,22 +52,22 @@ abstract public class ExternalAclProvider { // ============================================================================ - public final static String CUBE_ADMIN = "CUBE ADMIN"; - public final static String CUBE_EDIT = "CUBE EDIT"; - public final static String CUBE_OPERATION = "CUBE OPERATION"; - public final static String CUBE_QUERY = "CUBE QUERY"; + public final static String ADMINISTRATION = "ADMIN"; + public final static String MANAGEMENT = "MANAGEMENT"; + public final static String OPERATION = "OPERATION"; + public final static String READ = "QUERY"; // used by ranger ExternalAclProvider public static String transformPermission(Permission p) { String permString = null; if (AclPermission.ADMINISTRATION.equals(p)) { - permString = CUBE_ADMIN; + permString = ADMINISTRATION; } else if (AclPermission.MANAGEMENT.equals(p)) { - permString = CUBE_EDIT; + permString = MANAGEMENT; } else if (AclPermission.OPERATION.equals(p)) { - permString = CUBE_OPERATION; + permString = OPERATION; } else if (AclPermission.READ.equals(p)) { - permString = CUBE_QUERY; + permString = READ; } else { permString = p.getPattern(); } http://git-wip-us.apache.org/repos/asf/kylin/blob/6474e22f/webapp/app/partials/cubes/cubes.html ---------------------------------------------------------------------- diff --git a/webapp/app/partials/cubes/cubes.html b/webapp/app/partials/cubes/cubes.html index 5afe9d6..3e7e961 100644 --- a/webapp/app/partials/cubes/cubes.html +++ b/webapp/app/partials/cubes/cubes.html @@ -84,7 +84,7 @@ <td> <div ng-click="$event.stopPropagation();" class="btn-group"> <button type="button" class="btn btn-default btn-xs dropdown-toggle" - data-toggle="dropdown" ng-click="listAccess(cube, 'CubeInstance')"> + data-toggle="dropdown"> Action <span class="ace-icon fa fa-caret-down icon-on-right"></span> </button> <ul ng-if="userService.hasRole('ROLE_ADMIN') || hasPermission(cube, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask)" class="dropdown-menu" role="menu" style="right:0;left:auto;"> @@ -108,7 +108,7 @@ </td> <td ng-if="userService.hasRole('ROLE_ADMIN')"> <div ng-click="$event.stopPropagation();" class="btn-group"> - <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown" ng-click="listAccess(cube, 'CubeInstance')"> + <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown"> Action <span class="ace-icon fa fa-caret-down icon-on-right"></span> </button> <ul class="dropdown-menu" role="menu" style="right:0;left:auto;"> http://git-wip-us.apache.org/repos/asf/kylin/blob/6474e22f/webapp/app/partials/models/models_tree.html ---------------------------------------------------------------------- diff --git a/webapp/app/partials/models/models_tree.html b/webapp/app/partials/models/models_tree.html index c10d57d..e0f25ff 100644 --- a/webapp/app/partials/models/models_tree.html +++ b/webapp/app/partials/models/models_tree.html @@ -49,7 +49,7 @@ <div class="pull-right" showonhoverparent style="display:none;" > <div ng-click="$event.stopPropagation();" class="btn-group"> - <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown" ng-click="listModelAccess(model)"> + <button type="button" class="btn btn-default btn-xs dropdown-toggle" data-toggle="dropdown"> Action <span class="ace-icon fa fa-caret-down icon-on-right"></span> </button> <ul class="dropdown-menu" role="menu" style="right:0;left:auto;" ng-if="(userService.hasRole('ROLE_ADMIN') || hasPermission(model, permissions.ADMINISTRATION.mask, permissions.MANAGEMENT.mask, permissions.OPERATION.mask))">