This is an automated email from the ASF dual-hosted git repository.
casion pushed a commit to branch dev-1.3.1
in repository https://gitbox.apache.org/repos/asf/incubator-linkis.git
The following commit(s) were added to refs/heads/dev-1.3.1 by this push:
new 55dcbf578 fix:add administrator permission checks (#3950)
55dcbf578 is described below
commit 55dcbf5786b8399b700aaa93a846fe024332f140
Author: jacktao007 <[email protected]>
AuthorDate: Sun Dec 4 16:50:06 2022 +0800
fix:add administrator permission checks (#3950)
---
.../server/restful/DatasourceAccessRestfulApi.java | 17 +++++++++++----
.../server/restful/DatasourceEnvRestfulApi.java | 24 +++++++++++++++++----
.../restful/DatasourceTypeKeyRestfulApi.java | 17 +++++++++++----
.../server/restful/DatasourceTypeRestfulApi.java | 17 +++++++++++----
.../server/restful/ErrorCodeRestfulApi.java | 17 +++++++++++----
.../server/restful/GatewayAuthTokenRestfulApi.java | 22 +++++++++++++------
.../RmExternalResourceProviderRestfulApi.java | 25 +++++++++++++++-------
.../server/restful/UdfManagerRestfulApi.java | 17 +++++++++++----
.../server/restful/UdfTreeRestfulApi.java | 16 +++++++++++---
9 files changed, 131 insertions(+), 41 deletions(-)
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceAccessRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceAccessRestfulApi.java
index dffa31c51..7d39d493b 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceAccessRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceAccessRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.DatasourceAccessEntity;
import
org.apache.linkis.basedatamanager.server.service.DatasourceAccessService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -85,8 +86,12 @@ public class DatasourceAccessRestfulApi {
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(
HttpServletRequest request, @RequestBody DatasourceAccessEntity
datasourceAccess) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Datasource Access Record," +
datasourceAccess.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Datasource Access Record," +
datasourceAccess.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
datasourceAccess.setAccessTime(new Date());
boolean result = datasourceAccessService.save(datasourceAccess);
return Message.ok("").data("result", result);
@@ -119,8 +124,12 @@ public class DatasourceAccessRestfulApi {
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(
HttpServletRequest request, @RequestBody DatasourceAccessEntity
datasourceAccess) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Access Record,id:" +
datasourceAccess.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Access Record,id:" +
datasourceAccess.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = datasourceAccessService.updateById(datasourceAccess);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceEnvRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceEnvRestfulApi.java
index 42cd29fb4..cf2953b0e 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceEnvRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceEnvRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.DatasourceEnvEntity;
import org.apache.linkis.basedatamanager.server.service.DatasourceEnvService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -31,6 +32,8 @@ import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
+import java.util.Date;
+
import com.github.pagehelper.PageInfo;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
@@ -74,8 +77,15 @@ public class DatasourceEnvRestfulApi {
@ApiOperation(value = "add", notes = "Add a Datasource Env Record",
httpMethod = "POST")
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(HttpServletRequest request, @RequestBody
DatasourceEnvEntity datasourceEnv) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Datasource Env Record," + datasourceEnv.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Datasource Env Record," +
datasourceEnv.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
+ datasourceEnv.setCreateUser(username);
+ datasourceEnv.setCreateTime(new Date());
+ datasourceEnv.setModifyUser(username);
boolean result = datasourceEnvService.save(datasourceEnv);
return Message.ok("").data("result", result);
}
@@ -99,8 +109,14 @@ public class DatasourceEnvRestfulApi {
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(
HttpServletRequest request, @RequestBody DatasourceEnvEntity
datasourceEnv) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Env Record,id:" +
datasourceEnv.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Env Record,id:" +
datasourceEnv.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
+ datasourceEnv.setModifyUser(username);
+ datasourceEnv.setModifyTime(new Date());
boolean result = datasourceEnvService.updateById(datasourceEnv);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeKeyRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeKeyRestfulApi.java
index 6f02adf27..557c75322 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeKeyRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeKeyRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.DatasourceTypeKeyEntity;
import
org.apache.linkis.basedatamanager.server.service.DatasourceTypeKeyService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -81,8 +82,12 @@ public class DatasourceTypeKeyRestfulApi {
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(
HttpServletRequest request, @RequestBody DatasourceTypeKeyEntity
datasourceType) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Datasource Type Key Record," +
datasourceType.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Datasource Type Key Record," +
datasourceType.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = datasourceTypeKeyService.save(datasourceType);
return Message.ok("").data("result", result);
}
@@ -110,8 +115,12 @@ public class DatasourceTypeKeyRestfulApi {
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(
HttpServletRequest request, @RequestBody DatasourceTypeKeyEntity
datasourceType) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Type Key Record,id:" +
datasourceType.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Type Key Record,id:" +
datasourceType.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = datasourceTypeKeyService.updateById(datasourceType);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeRestfulApi.java
index 7590fc46b..9fc8ea9d7 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/DatasourceTypeRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.DatasourceTypeEntity;
import org.apache.linkis.basedatamanager.server.service.DatasourceTypeService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -77,8 +78,12 @@ public class DatasourceTypeRestfulApi {
@ApiOperation(value = "add", notes = "Add a Datasource Type Record",
httpMethod = "POST")
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(HttpServletRequest request, @RequestBody
DatasourceTypeEntity datasourceType) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Datasource Type Record," + datasourceType.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Datasource Type Record," +
datasourceType.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = datasourceTypeService.save(datasourceType);
return Message.ok("").data("result", result);
}
@@ -106,8 +111,12 @@ public class DatasourceTypeRestfulApi {
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(
HttpServletRequest request, @RequestBody DatasourceTypeEntity
datasourceType) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Type Record,id:" +
datasourceType.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Type Record,id:" +
datasourceType.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = datasourceTypeService.updateById(datasourceType);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/ErrorCodeRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/ErrorCodeRestfulApi.java
index 5d200cace..3c215a831 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/ErrorCodeRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/ErrorCodeRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.ErrorCodeEntity;
import org.apache.linkis.basedatamanager.server.service.ErrorCodeService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -74,8 +75,12 @@ public class ErrorCodeRestfulApi {
@ApiOperation(value = "add", notes = "Add an Error Code Record", httpMethod
= "POST")
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(HttpServletRequest request, @RequestBody ErrorCodeEntity
errorCode) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Datasource Code Record," + errorCode.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Datasource Code Record," + errorCode.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = errorCodeService.save(errorCode);
return Message.ok("").data("result", result);
}
@@ -96,8 +101,12 @@ public class ErrorCodeRestfulApi {
@ApiOperation(value = "update", notes = "Update a Error Code Record",
httpMethod = "PUT")
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(HttpServletRequest request, @RequestBody
ErrorCodeEntity errorCode) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Code Record,id:" +
errorCode.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Code Record,id:" +
errorCode.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = errorCodeService.updateById(errorCode);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/GatewayAuthTokenRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/GatewayAuthTokenRestfulApi.java
index 8fda9346c..2b86e5bb4 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/GatewayAuthTokenRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/GatewayAuthTokenRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.GatewayAuthTokenEntity;
import
org.apache.linkis.basedatamanager.server.service.GatewayAuthTokenService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -80,12 +81,16 @@ public class GatewayAuthTokenRestfulApi {
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(
HttpServletRequest request, @RequestBody GatewayAuthTokenEntity
gatewayAuthToken) {
- ModuleUserUtils.getOperationUser(
- request, "Add a Gateway Auth Token Record," +
gatewayAuthToken.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a Gateway Auth Token Record," +
gatewayAuthToken.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
gatewayAuthToken.setCreateTime(new Date());
gatewayAuthToken.setUpdateTime(new Date());
gatewayAuthToken.setBusinessOwner("BDP");
- gatewayAuthToken.setUpdateBy("LINKIS");
+ gatewayAuthToken.setUpdateBy(username);
ModuleUserUtils.getOperationUser(
request, "Add a Gateway Auth Token Record," +
gatewayAuthToken.toString());
@@ -99,10 +104,15 @@ public class GatewayAuthTokenRestfulApi {
@ApiOperation(value = "update", notes = "Update a Gateway Auth Token
Record", httpMethod = "PUT")
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(HttpServletRequest request, @RequestBody
GatewayAuthTokenEntity token) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Gateway Auth Token Record,id:" +
token.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Gateway Auth Token Record,id:" +
token.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
+
token.setUpdateTime(new Date());
- token.setUpdateBy("LINKIS");
+ token.setUpdateBy(username);
boolean result = gatewayAuthTokenService.updateById(token);
return Message.ok("").data("result", result);
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/RmExternalResourceProviderRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/RmExternalResourceProviderRestfulApi.java
index 64bf99b38..5575eca20 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/RmExternalResourceProviderRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/RmExternalResourceProviderRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import
org.apache.linkis.basedatamanager.server.domain.RmExternalResourceProviderEntity;
import
org.apache.linkis.basedatamanager.server.service.RmExternalResourceProviderService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -92,10 +93,14 @@ public class RmExternalResourceProviderRestfulApi {
public Message add(
HttpServletRequest request,
@RequestBody RmExternalResourceProviderEntity
rmExternalResourceProvider) {
- ModuleUserUtils.getOperationUser(
- request,
- "Add a Resource manager External Resource Provider Record,"
- + rmExternalResourceProvider.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request,
+ "Add a Resource manager External Resource Provider Record,"
+ + rmExternalResourceProvider.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result =
rmExternalResourceProviderService.save(rmExternalResourceProvider);
return Message.ok("").data("result", result);
}
@@ -127,10 +132,14 @@ public class RmExternalResourceProviderRestfulApi {
public Message update(
HttpServletRequest request,
@RequestBody RmExternalResourceProviderEntity
rmExternalResourceProvider) {
- ModuleUserUtils.getOperationUser(
- request,
- "Update a Resource manager External Resource Provider Record,id:"
- + rmExternalResourceProvider.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request,
+ "Update a Resource manager External Resource Provider Record,id:"
+ + rmExternalResourceProvider.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result =
rmExternalResourceProviderService.updateById(rmExternalResourceProvider);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfManagerRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfManagerRestfulApi.java
index 50777c0be..f6e684f83 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfManagerRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfManagerRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.UdfManagerEntity;
import org.apache.linkis.basedatamanager.server.service.UdfManagerService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -78,8 +79,12 @@ public class UdfManagerRestfulApi {
@ApiOperation(value = "add", notes = "Add a UDF Manager Record", httpMethod
= "POST")
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(HttpServletRequest request, @RequestBody UdfManagerEntity
udfManagerEntity) {
- ModuleUserUtils.getOperationUser(
- request, "Add a UDF Manager Record," + udfManagerEntity.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a UDF Manager Record," +
udfManagerEntity.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
QueryWrapper<UdfManagerEntity> queryWrapper =
new QueryWrapper<>(udfManagerEntity).eq("user_name",
udfManagerEntity.getUserName());
UdfManagerEntity udfManager = udfManagerService.getOne(queryWrapper);
@@ -110,8 +115,12 @@ public class UdfManagerRestfulApi {
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(
HttpServletRequest request, @RequestBody UdfManagerEntity
udfManagerEntity) {
- ModuleUserUtils.getOperationUser(
- request, "Update a Datasource Access Record,id:" +
udfManagerEntity.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a Datasource Access Record,id:" +
udfManagerEntity.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = udfManagerService.updateById(udfManagerEntity);
return Message.ok("").data("result", result);
}
diff --git
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfTreeRestfulApi.java
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfTreeRestfulApi.java
index c3e5e1464..e5c9cbc44 100644
---
a/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfTreeRestfulApi.java
+++
b/linkis-public-enhancements/linkis-basedata-manager/src/main/java/org/apache/linkis/basedatamanager/server/restful/UdfTreeRestfulApi.java
@@ -19,6 +19,7 @@ package org.apache.linkis.basedatamanager.server.restful;
import org.apache.linkis.basedatamanager.server.domain.UdfTreeEntity;
import org.apache.linkis.basedatamanager.server.service.UdfTreeService;
+import org.apache.linkis.common.conf.Configuration;
import org.apache.linkis.server.Message;
import org.apache.linkis.server.utils.ModuleUserUtils;
@@ -85,7 +86,12 @@ public class UdfTreeRestfulApi {
@ApiOperation(value = "add", notes = "Add a UDF Tree Record", httpMethod =
"POST")
@RequestMapping(path = "", method = RequestMethod.POST)
public Message add(HttpServletRequest request, @RequestBody UdfTreeEntity
udfTreeEntity) {
- ModuleUserUtils.getOperationUser(request, "Add a UDF Tree Record," +
udfTreeEntity.toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Add a UDF Tree Record," + udfTreeEntity.toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = udfTreeService.save(udfTreeEntity);
return Message.ok("").data("result", result);
}
@@ -105,8 +111,12 @@ public class UdfTreeRestfulApi {
@ApiOperation(value = "update", notes = "Update a UDF Tree Record",
httpMethod = "PUT")
@RequestMapping(path = "", method = RequestMethod.PUT)
public Message update(HttpServletRequest request, @RequestBody UdfTreeEntity
udfTreeEntity) {
- ModuleUserUtils.getOperationUser(
- request, "Update a UDF Tree Record,id:" +
udfTreeEntity.getId().toString());
+ String username =
+ ModuleUserUtils.getOperationUser(
+ request, "Update a UDF Tree Record,id:" +
udfTreeEntity.getId().toString());
+ if (!Configuration.isAdmin(username)) {
+ return Message.error("User '" + username + "' is not admin
user[非管理员用户]");
+ }
boolean result = udfTreeService.updateById(udfTreeEntity);
return Message.ok("").data("result", result);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
