Chaozhong Yang created KYLIN-2038: ------------------------------------- Summary: 'Access denied' occurred if a query hit none of cubes and the user is not in admin role. Key: KYLIN-2038 URL: https://issues.apache.org/jira/browse/KYLIN-2038 Project: Kylin Issue Type: Bug Components: REST Service Affects Versions: all Reporter: Chaozhong Yang Assignee: Zhong,Jason Fix For: Future
The method `checkCubeAuthorization` in QueryService will check permission for every query. If a query has not hit any cube in Kylin, `checkCubeAuthorization` will throw AccessDeniedException. "@PreAuthorize(Constant.ACCESS_HAS_ROLE_ADMIN + " or hasPermission(#cube, 'ADMINISTRATION') or hasPermission(#cube, 'MANAGEMENT')" + " or hasPermission(#cube, 'OPERATION') or hasPermission(#cube, 'READ')")" will throw AccessDeniedException if cube is null. -- This message was sent by Atlassian JIRA (v6.3.4#6332)