[
https://issues.apache.org/jira/browse/KYLIN-2964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16218019#comment-16218019
]
Pan, Julian commented on KYLIN-2964:
------------------------------------
LM-SHC-16501335:dist liapan$ git diff
diff --git
a/server-base/src/main/java/org/apache/kylin/rest/service/AccessService.java
b/server-base/src/main/java/org/apache/kylin/rest/service/AccessService.java
index ae7ac6e..5255acf 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AccessService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AccessService.java
@@ -126,6 +126,7 @@ public class AccessService {
acl.insertAce(acl.getEntries().size(), permission, sid, true);
}
+ aclService.checkUserName(acl);
acl = aclService.updateAcl(acl);
return acl;
@@ -160,6 +161,7 @@ public class AccessService {
try {
acl.updateAce(indexOfAce, newPermission);
+ aclService.checkUserName(acl);
acl = aclService.updateAcl(acl);
} catch (NotFoundException e) {
//do nothing?
@@ -238,6 +240,7 @@ public class AccessService {
acl.setEntriesInheriting(true);
acl.setParent(parentAcl);
+ aclService.checkUserName(acl);
aclService.updateAcl(acl);
}
diff --git
a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
index d4a9614..a9110fe 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
index d4a9614..a9110fe 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclService.java
@@ -261,7 +261,6 @@ public class AclService implements MutableAclService {
@Override
public MutableAcl updateAcl(MutableAcl mutableAcl) throws
NotFoundException {
- Message msg = MsgPicker.getMsg();
try {
readAclById(mutableAcl.getObjectIdentity(), null, false);
} catch (NotFoundException e) {
@@ -281,12 +280,6 @@ public class AclService implements MutableAclService {
Map<String, AceInfo> allAceInfo = record.getAllAceInfo();
allAceInfo.clear();
for (AccessControlEntry ace : mutableAcl.getEntries()) {
- if (ace.getSid() instanceof PrincipalSid) {
- PrincipalSid psid = (PrincipalSid) ace.getSid();
- String userName = psid.getPrincipal();
- if (!userService.userExists(userName))
- throw new
BadRequestException(String.format(msg.getUSER_NOT_EXIST(), userName));
- }
AceInfo aceInfo = new AceInfo(ace);
allAceInfo.put(String.valueOf(aceInfo.getSidInfo().getSid()),
aceInfo);
}
@@ -351,4 +344,15 @@ public class AclService implements MutableAclService {
public static String getQueryKeyById(String id) {
return DIR_PREFIX + id;
}
+
+ protected void checkUserName(MutableAcl mutableAcl) {
+ for (AccessControlEntry ace : mutableAcl.getEntries()) {
+ if (ace.getSid() instanceof PrincipalSid) {
+ PrincipalSid psid = (PrincipalSid) ace.getSid();
+ String userName = psid.getPrincipal();
+ if (!userService.userExists(userName))
+ throw new
BadRequestException(String.format(MsgPicker.getMsg().getUSER_NOT_EXIST(),
userName));
+ }
+ }
+ }
}
\ No newline at end of file
> AclEntity operation issue
> --------------------------
>
> Key: KYLIN-2964
> URL: https://issues.apache.org/jira/browse/KYLIN-2964
> Project: Kylin
> Issue Type: Bug
> Components: REST Service
> Affects Versions: v2.1.0
> Reporter: Pan, Julian
> Assignee: Zhong,Jason
>
> When user add/update/delete access for AclEntity (project, model, cube, job),
> which will check user exist. But if there are two user not exist, which will
> cause issue. Admin want to delete the notExistsUser1, it will throws
> notExistsUser2 not exist. The other operation has same issues for this check.
> Could we add another method for checkExistUser and just add the method for
> add or update? It should be fix this issue.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
