This is an automated email from the ASF dual-hosted git repository.
peacewong pushed a commit to branch dev-1.3.1
in repository https://gitbox.apache.org/repos/asf/incubator-linkis.git
The following commit(s) were added to refs/heads/dev-1.3.1 by this push:
new 80196647e [Bug] Add isNotAdmin method (#3963)
80196647e is described below
commit 80196647e6afd871d48d2de773d0e0ee55ebfcae
Author: GuoPhilipse <[email protected]>
AuthorDate: Mon Dec 5 15:46:32 2022 +0800
[Bug] Add isNotAdmin method (#3963)
---
.../org/apache/linkis/common/conf/Configuration.scala | 4 ++++
.../linkis/entrance/restful/EntranceLabelRestfulApi.java | 2 +-
.../linkis/entrance/restful/EntranceMetricRestfulApi.java | 2 +-
.../org/apache/linkis/manager/am/restful/EMRestfulApi.java | 6 +++---
.../apache/linkis/manager/am/restful/EngineRestfulApi.java | 14 +++++++++-----
.../apache/linkis/manager/am/conf/AMConfiguration.scala | 4 ++++
.../configuration/restful/api/ConfigurationRestfulApi.java | 2 +-
.../linkis/cs/server/restful/ContextIDRestfulApi.java | 2 +-
.../apache/linkis/cs/server/restful/ContextRestfulApi.java | 2 +-
.../core/restful/DataSourceAdminRestfulApi.java | 10 +++++-----
.../datasourcemanager/core/restful/RestfulApiHelper.java | 12 +++++++++++-
.../linkis/instance/label/restful/InstanceRestful.java | 4 ++--
12 files changed, 43 insertions(+), 21 deletions(-)
diff --git
a/linkis-commons/linkis-common/src/main/scala/org/apache/linkis/common/conf/Configuration.scala
b/linkis-commons/linkis-common/src/main/scala/org/apache/linkis/common/conf/Configuration.scala
index bc51ab5fb..bb7a8611a 100644
---
a/linkis-commons/linkis-common/src/main/scala/org/apache/linkis/common/conf/Configuration.scala
+++
b/linkis-commons/linkis-common/src/main/scala/org/apache/linkis/common/conf/Configuration.scala
@@ -64,6 +64,10 @@ object Configuration extends Logging {
adminUsers.exists(username.equalsIgnoreCase)
}
+ def isNotAdmin(username: String): Boolean = {
+ !isAdmin(username)
+ }
+
def getGateWayURL(): String = {
val url = GATEWAY_URL.getValue.trim
val gatewayUr = if (url.endsWith("/")) {
diff --git
a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceLabelRestfulApi.java
b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceLabelRestfulApi.java
index 6d35a91d5..fc08fb1d9 100644
---
a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceLabelRestfulApi.java
+++
b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceLabelRestfulApi.java
@@ -51,7 +51,7 @@ public class EntranceLabelRestfulApi {
@RequestMapping(path = "/update", method = RequestMethod.POST)
public Message updateRouteLabel(HttpServletRequest req, @RequestBody
JsonNode jsonNode) {
String userName = ModuleUserUtils.getOperationUser(req,
"updateRouteLabel");
- if (!Configuration.isAdmin(userName)) {
+ if (Configuration.isNotAdmin(userName)) {
return Message.error("Non-administrators cannot update Route Label");
}
String routeLabel = jsonNode.get("routeLabel").textValue();
diff --git
a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceMetricRestfulApi.java
b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceMetricRestfulApi.java
index a09f55f23..18973e6e2 100644
---
a/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceMetricRestfulApi.java
+++
b/linkis-computation-governance/linkis-entrance/src/main/java/org/apache/linkis/entrance/restful/EntranceMetricRestfulApi.java
@@ -70,7 +70,7 @@ public class EntranceMetricRestfulApi {
@RequestParam(value = "engineTypeLabel", required = false) String
engineTypeLabelValue) {
String userName = ModuleUserUtils.getOperationUser(req, "taskinfo");
String queryUser = user;
- if (!Configuration.isAdmin(userName)) {
+ if (Configuration.isNotAdmin(userName)) {
if (StringUtils.isBlank(queryUser)) {
queryUser = userName;
} else if (!userName.equalsIgnoreCase(queryUser)) {
diff --git
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java
index f6a9b6cad..9cd037ccd 100644
---
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java
+++
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EMRestfulApi.java
@@ -96,7 +96,7 @@ public class EMRestfulApi {
private String[] adminOperations =
AMConfiguration.ECM_ADMIN_OPERATIONS().getValue().split(",");
private void checkAdmin(String userName) throws AMErrorException {
- if (!AMConfiguration.isAdmin(userName)) {
+ if (AMConfiguration.isNotAdmin(userName)) {
throw new AMErrorException(210003, "Only admin can modify
ECMs(只有管理员才能修改ECM).");
}
}
@@ -271,7 +271,7 @@ public class EMRestfulApi {
+ ExceptionUtils.getRootCauseMessage(e));
}
parameters.put(ECMOperateRequest.ENGINE_CONN_INSTANCE_KEY(),
serviceInstance.getInstance());
- if (!userName.equals(engineNode.getOwner()) &&
!AMConfiguration.isAdmin(userName)) {
+ if (!userName.equals(engineNode.getOwner()) &&
AMConfiguration.isNotAdmin(userName)) {
return Message.error(
"You have no permission to execute ECM Operation by this EngineConn
" + serviceInstance);
}
@@ -371,7 +371,7 @@ public class EMRestfulApi {
private Message executeECMOperation(EMNode ecmNode, ECMOperateRequest
ecmOperateRequest) {
String operationName =
OperateRequest$.MODULE$.getOperationName(ecmOperateRequest.parameters());
if (ArrayUtils.contains(adminOperations, operationName)
- && !AMConfiguration.isAdmin(ecmOperateRequest.user())) {
+ && AMConfiguration.isNotAdmin(ecmOperateRequest.user())) {
logger.warn(
"User {} has no permission to execute {} admin Operation in ECM {}.",
ecmOperateRequest.user(),
diff --git
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java
index 77d2e9084..609c67a93 100644
---
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java
+++
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/java/org/apache/linkis/manager/am/restful/EngineRestfulApi.java
@@ -188,7 +188,7 @@ public class EngineRestfulApi {
}
engineNode = ECResourceInfoUtils.convertECInfoTOECNode(ecInfo);
}
- if (!userName.equals(engineNode.getOwner()) && !isAdmin(userName)) {
+ if (!userName.equals(engineNode.getOwner()) && isNotAdmin(userName)) {
return Message.error("You have no permission to access EngineConn " +
serviceInstance);
}
return Message.ok().data("engine", engineNode);
@@ -204,7 +204,7 @@ public class EngineRestfulApi {
String userName = ModuleUserUtils.getOperationUser(req, "killEngineConn:"
+ serviceInstance);
logger.info("User {} try to kill engineConn {}.", userName,
serviceInstance);
EngineNode engineNode = engineNodeManager.getEngineNode(serviceInstance);
- if (!userName.equals(engineNode.getOwner()) && !isAdmin(userName)) {
+ if (!userName.equals(engineNode.getOwner()) && isNotAdmin(userName)) {
return Message.error("You have no permission to kill EngineConn " +
serviceInstance);
}
EngineStopRequest stopEngineRequest = new
EngineStopRequest(serviceInstance, userName);
@@ -278,7 +278,7 @@ public class EngineRestfulApi {
public Message listEMEngines(HttpServletRequest req, @RequestBody JsonNode
jsonNode)
throws IOException, AMErrorException {
String username = ModuleUserUtils.getOperationUser(req, "listEMEngines");
- if (!isAdmin(username)) {
+ if (isNotAdmin(username)) {
throw new AMErrorException(
210003, "Only admin can search engine
information(只有管理员才能查询所有引擎信息).");
}
@@ -347,7 +347,7 @@ public class EngineRestfulApi {
public Message modifyEngineInfo(HttpServletRequest req, @RequestBody
JsonNode jsonNode)
throws AMErrorException, LabelErrorException {
String username = ModuleUserUtils.getOperationUser(req,
"modifyEngineInfo");
- if (!isAdmin(username)) {
+ if (isNotAdmin(username)) {
throw new AMErrorException(
210003, "Only admin can modify engineConn
information(只有管理员才能修改引擎信息).");
}
@@ -401,7 +401,7 @@ public class EngineRestfulApi {
ServiceInstance serviceInstance = getServiceInstance(jsonNode);
logger.info("User {} try to execute Engine Operation {}.", userName,
serviceInstance);
EngineNode engineNode = engineNodeManager.getEngineNode(serviceInstance);
- if (!userName.equals(engineNode.getOwner()) && !isAdmin(userName)) {
+ if (!userName.equals(engineNode.getOwner()) && isNotAdmin(userName)) {
return Message.error("You have no permission to execute Engine Operation
" + serviceInstance);
}
Map<String, Object> parameters =
@@ -421,6 +421,10 @@ public class EngineRestfulApi {
return AMConfiguration.isAdmin(user);
}
+ private boolean isNotAdmin(String user) {
+ return !isAdmin(user);
+ }
+
static ServiceInstance getServiceInstance(JsonNode jsonNode) throws
AMErrorException {
String applicationName = jsonNode.get("applicationName").asText();
String instance = jsonNode.get("instance").asText();
diff --git
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/scala/org/apache/linkis/manager/am/conf/AMConfiguration.scala
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/scala/org/apache/linkis/manager/am/conf/AMConfiguration.scala
index c7384e959..81a7ea75c 100644
---
a/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/scala/org/apache/linkis/manager/am/conf/AMConfiguration.scala
+++
b/linkis-computation-governance/linkis-manager/linkis-application-manager/src/main/scala/org/apache/linkis/manager/am/conf/AMConfiguration.scala
@@ -98,4 +98,8 @@ object AMConfiguration {
GOVERNANCE_STATION_ADMIN.getValue.split(",").contains(userName)
}
+ def isNotAdmin(userName: String): Boolean = {
+ !isAdmin(userName)
+ }
+
}
diff --git
a/linkis-public-enhancements/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java
b/linkis-public-enhancements/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java
index f1ac09fba..3adbe89ea 100644
---
a/linkis-public-enhancements/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java
+++
b/linkis-public-enhancements/linkis-configuration/src/main/java/org/apache/linkis/configuration/restful/api/ConfigurationRestfulApi.java
@@ -328,7 +328,7 @@ public class ConfigurationRestfulApi {
}
private void checkAdmin(String userName) throws ConfigurationException {
- if (!Configuration.isAdmin(userName)) {
+ if (Configuration.isNotAdmin(userName)) {
throw new ConfigurationException(ONLY_ADMIN_CAN_MODIFY.getErrorDesc());
}
}
diff --git
a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextIDRestfulApi.java
b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextIDRestfulApi.java
index 64fb4979a..90d543292 100644
---
a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextIDRestfulApi.java
+++
b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextIDRestfulApi.java
@@ -159,7 +159,7 @@ public class ContextIDRestfulApi implements CsRestfulParent
{
@RequestParam(value = "pageSize", required = false) Integer
paramPageSize)
throws InterruptedException, CSErrorException, IOException,
ClassNotFoundException {
String username = ModuleUserUtils.getOperationUser(req);
- if (!Configuration.isAdmin(username)) {
+ if (Configuration.isNotAdmin(username)) {
throw new CSErrorException(97018, "Only station admins are allowed.");
}
logger.info(
diff --git
a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextRestfulApi.java
b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextRestfulApi.java
index 9399e5592..1b6df7593 100644
---
a/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextRestfulApi.java
+++
b/linkis-public-enhancements/linkis-context-service/linkis-cs-server/src/main/java/org/apache/linkis/cs/server/restful/ContextRestfulApi.java
@@ -271,7 +271,7 @@ public class ContextRestfulApi implements CsRestfulParent {
HttpServletRequest req, @RequestBody Map<String, Object> bodyMap)
throws InterruptedException, CSErrorException, IOException,
ClassNotFoundException {
String username = ModuleUserUtils.getOperationUser(req);
- if (!Configuration.isAdmin(username)) {
+ if (Configuration.isNotAdmin(username)) {
throw new CSErrorException(97018, "Only station admins are allowed.");
}
if (null == bodyMap || bodyMap.isEmpty()) {
diff --git
a/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/DataSourceAdminRestfulApi.java
b/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/DataSourceAdminRestfulApi.java
index 5c2f7b273..0efcc74e8 100644
---
a/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/DataSourceAdminRestfulApi.java
+++
b/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/DataSourceAdminRestfulApi.java
@@ -78,7 +78,7 @@ public class DataSourceAdminRestfulApi {
return RestfulApiHelper.doAndResponse(
() -> {
String userName = ModuleUserUtils.getOperationUser(req,
"insertJsonEnv");
- if (!RestfulApiHelper.isAdminUser(userName)) {
+ if (RestfulApiHelper.isNotAdminUser(userName)) {
return Message.error("User '" + userName + "' is not admin
user[非管理员用户]");
}
// Bean validation
@@ -114,7 +114,7 @@ public class DataSourceAdminRestfulApi {
HttpServletRequest req)
throws ErrorException {
String userName = ModuleUserUtils.getOperationUser(req,
"insertJsonEnvBatch");
- if (!RestfulApiHelper.isAdminUser(userName) &&
!permitSystemList.contains(system)) {
+ if (RestfulApiHelper.isNotAdminUser(userName) &&
!permitSystemList.contains(system)) {
return Message.error("User '" + userName + "' is not admin
user[非管理员用户]");
}
for (DataSourceEnv dataSourceEnv : dataSourceEnvList) {
@@ -160,7 +160,7 @@ public class DataSourceAdminRestfulApi {
HttpServletRequest request)
throws ErrorException {
String userName = ModuleUserUtils.getOperationUser(request,
"updateJsonEnvBatch");
- if (!RestfulApiHelper.isAdminUser(userName) &&
!permitSystemList.contains(system)) {
+ if (RestfulApiHelper.isNotAdminUser(userName) &&
!permitSystemList.contains(system)) {
return Message.error("User '" + userName + "' is not admin
user[非管理员用户]");
}
for (DataSourceEnv dataSourceEnv : dataSourceEnvList) {
@@ -254,7 +254,7 @@ public class DataSourceAdminRestfulApi {
return RestfulApiHelper.doAndResponse(
() -> {
String userName = ModuleUserUtils.getOperationUser(request,
"removeEnvEntity");
- if (!RestfulApiHelper.isAdminUser(userName)) {
+ if (RestfulApiHelper.isNotAdminUser(userName)) {
return Message.error("User '" + userName + "' is not admin
user[非管理员用户]");
}
Long removeId = dataSourceInfoService.removeDataSourceEnv(envId);
@@ -281,7 +281,7 @@ public class DataSourceAdminRestfulApi {
return RestfulApiHelper.doAndResponse(
() -> {
String userName = ModuleUserUtils.getOperationUser(request,
"updateJsonEnv");
- if (!RestfulApiHelper.isAdminUser(userName)) {
+ if (RestfulApiHelper.isNotAdminUser(userName)) {
return Message.error("User '" + userName + "' is not admin
user[非管理员用户]");
}
// Bean validation
diff --git
a/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/RestfulApiHelper.java
b/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/RestfulApiHelper.java
index 099373e46..8a539faa5 100644
---
a/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/RestfulApiHelper.java
+++
b/linkis-public-enhancements/linkis-datasource/linkis-datasource-manager/server/src/main/java/org/apache/linkis/datasourcemanager/core/restful/RestfulApiHelper.java
@@ -37,13 +37,23 @@ public class RestfulApiHelper {
* If is administrator
*
* @param userName user name
- * @return
+ * @return whether userName is an admin user
*/
public static boolean isAdminUser(String userName) {
List<String> userList =
Arrays.asList(AuthContext.AUTH_ADMINISTRATOR.getValue().split(","));
return userList.contains(userName);
}
+ /**
+ * If is not administrator
+ *
+ * @param userName user name
+ * @return whether userName is not an admin user
+ */
+ public static boolean isNotAdminUser(String userName) {
+ return !isAdminUser(userName);
+ }
+
/**
* Encrypt key of password type
*
diff --git
a/linkis-public-enhancements/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java
b/linkis-public-enhancements/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java
index a46ffc5ee..d47272398 100644
---
a/linkis-public-enhancements/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java
+++
b/linkis-public-enhancements/linkis-instance-label/linkis-instance-label-server/src/main/java/org/apache/linkis/instance/label/restful/InstanceRestful.java
@@ -74,7 +74,7 @@ public class InstanceRestful {
@RequestMapping(path = "/allInstance", method = RequestMethod.GET)
public Message listAllInstanceWithLabel(HttpServletRequest req) throws
Exception {
String userName = ModuleUserUtils.getOperationUser(req);
- if (!Configuration.isAdmin(userName)) {
+ if (Configuration.isNotAdmin(userName)) {
throw new InstanceErrorException(
String.format(
ONLY_ADMIN_CAN_VIEW.getErrorDesc() + "The user [%s] is not
admin.", userName));
@@ -104,7 +104,7 @@ public class InstanceRestful {
public Message upDateInstanceLabel(HttpServletRequest req, @RequestBody
JsonNode jsonNode)
throws Exception {
String userName = ModuleUserUtils.getOperationUser(req);
- if (!Configuration.isAdmin(userName)) {
+ if (Configuration.isNotAdmin(userName)) {
throw new InstanceErrorException(
String.format(
ONLY_ADMIN_CAN_MODIFY.getErrorDesc() + " The user [%s] is not
admin", userName));
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
