[ https://issues.apache.org/jira/browse/KYLIN-2038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chaozhong Yang updated KYLIN-2038: ---------------------------------- Attachment: (was: fix_query_quth.patch) > 'Access denied' occurred if a query hit none of cubes and the user is not in > admin role. > ---------------------------------------------------------------------------------------- > > Key: KYLIN-2038 > URL: https://issues.apache.org/jira/browse/KYLIN-2038 > Project: Kylin > Issue Type: Bug > Components: REST Service > Affects Versions: all > Reporter: Chaozhong Yang > Assignee: Zhong,Jason > Fix For: Future > > > The method `checkCubeAuthorization` in QueryService will check permission > for every query. If a query has not hit any cube in Kylin, > `checkCubeAuthorization` will throw AccessDeniedException. > "@PreAuthorize(Constant.ACCESS_HAS_ROLE_ADMIN + " or hasPermission(#cube, > 'ADMINISTRATION') or hasPermission(#cube, 'MANAGEMENT')" + " or > hasPermission(#cube, 'OPERATION') or hasPermission(#cube, 'READ')")" will > throw AccessDeniedException if cube is null. -- This message was sent by Atlassian JIRA (v6.3.4#6332)