Repository: incubator-atlas Updated Branches: refs/heads/master 7f914ab9e -> c8f3184fc
ATLAS-1489 : Show create/edit entity button based on role (Kalyanikashikar via kevalbhatt) Project: http://git-wip-us.apache.org/repos/asf/incubator-atlas/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-atlas/commit/c8f3184f Tree: http://git-wip-us.apache.org/repos/asf/incubator-atlas/tree/c8f3184f Diff: http://git-wip-us.apache.org/repos/asf/incubator-atlas/diff/c8f3184f Branch: refs/heads/master Commit: c8f3184fccd5236e9f2b5366c301fd3b286f6ef2 Parents: 7f914ab Author: kevalbhatt <[email protected]> Authored: Mon Jan 23 15:15:53 2017 +0530 Committer: kevalbhatt <[email protected]> Committed: Mon Jan 23 15:18:39 2017 +0530 ---------------------------------------------------------------------- .../simple/AtlasAuthorizationUtils.java | 25 +++++++++++++++++++- dashboardv2/public/js/main.js | 6 +++++ .../detail_page/DetailPageLayoutView_tmpl.html | 3 ++- .../templates/search/SearchLayoutView_tmpl.html | 8 ++++--- .../views/detail_page/DetailPageLayoutView.js | 7 +++--- .../public/js/views/search/SearchLayoutView.js | 12 ++++++++-- .../js/views/search/SearchResultLayoutView.js | 2 +- release-log.txt | 1 + .../atlas/web/resources/AdminResource.java | 16 +++++++++++-- 9 files changed, 66 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java ---------------------------------------------------------------------- diff --git a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java index 9f33115..f30dfe0 100644 --- a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java +++ b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java @@ -21,6 +21,10 @@ package org.apache.atlas.authorize.simple; import org.apache.atlas.AtlasClient; import org.apache.atlas.authorize.AtlasActionTypes; import org.apache.atlas.authorize.AtlasResourceTypes; +import org.apache.atlas.authorize.AtlasAuthorizationException; +import org.apache.atlas.authorize.AtlasAuthorizer; +import org.apache.atlas.authorize.AtlasAccessRequest; +import org.apache.atlas.authorize.AtlasAuthorizerFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -115,7 +119,7 @@ public class AtlasAuthorizationUtils { || api.startsWith("graph")) { resourceTypes.add(AtlasResourceTypes.OPERATION); } else if (api.startsWith("entities") || api.startsWith("lineage") || - api.startsWith("discovery") || api.startsWith("entity")) { + api.startsWith("discovery") || api.startsWith("entity") || api.startsWith("search")) { resourceTypes.add(AtlasResourceTypes.ENTITY); } else if (api.startsWith("taxonomies")) { resourceTypes.add(AtlasResourceTypes.TAXONOMY); @@ -135,4 +139,23 @@ public class AtlasAuthorizationUtils { } return resourceTypes; } + + public static boolean isAccessAllowed(AtlasResourceTypes resourcetype, AtlasActionTypes actionType, String userName, Set<String> groups) { + AtlasAuthorizer authorizer = null; + boolean isaccessAllowed = false; + + Set<AtlasResourceTypes> resourceTypes = new HashSet<>(); + resourceTypes.add(resourcetype); + AtlasAccessRequest atlasRequest = new AtlasAccessRequest(resourceTypes, "*", actionType, userName, groups); + try { + authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer(); + if (authorizer != null) { + isaccessAllowed = authorizer.isAccessAllowed(atlasRequest); + } + } catch (AtlasAuthorizationException e) { + LOG.error("Unable to obtain AtlasAuthorizer. ", e); + } + + return isaccessAllowed; + } } http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/main.js ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/main.js b/dashboardv2/public/js/main.js index fe08754..3b7f2b2 100644 --- a/dashboardv2/public/js/main.js +++ b/dashboardv2/public/js/main.js @@ -174,6 +174,12 @@ require(['App', if (response && response['atlas.feature.taxonomy.enable'] !== undefined) { Globals.taxonomy = response['atlas.feature.taxonomy.enable'] } + if (response && response['atlas.entity.create.allowed'] !== undefined) { + Globals.entityCreate = response['atlas.entity.create.allowed']; + } + if (response && response['atlas.entity.update.allowed'] !== undefined) { + Globals.entityUpdate = response['atlas.entity.update.allowed']; + } App.start(); } }); http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html b/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html index e47b0c2..1de3608 100644 --- a/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html +++ b/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html @@ -22,8 +22,9 @@ <div class="row"> <a href="javascript:void(0);" class="backButton" data-id="backButton"><i class="fa fa-chevron-left"></i> Back To Results</a> </div> - <h1><span data-id="title"></span></h1> + <h1><span data-id="title"></span></h1> {{#if entityUpdate}} <button data-id="editButton" class="btn btn-default pull-right editbutton" id="editText"><i class="fa fa-pencil"></i></button> + {{/if}} <div class="tagTerm"> <span class="tagSpan">Tags:</span> <div class="" data-id="tagList"> http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html b/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html index 8d7f874..7301ebc 100644 --- a/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html +++ b/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html @@ -15,17 +15,19 @@ * limitations under the License. --> <div class="row row-margin-bottom"> + {{#if entityCreate}} <div class="col-sm-12"> <button class="btn btn-atlasAction btn-atlas pull-left" data-id="createEntity"><i class="fa fa-plus"></i> Create Entity</button> </div> + {{/if}} <div class="col-sm-12" style="margin:15px 0px;"> <div class="row"> <div class="col-md-6"> <span class="pull-left">Text</span> <label class="switch pull-left"> - <input type="checkbox" class="switch-input" name="queryType" value="text"/> - <span class="switch-slider"></span> - </label> + <input type="checkbox" class="switch-input" name="queryType" value="text" /> + <span class="switch-slider"></span> + </label> <span class="pull-left">DSL</span> </div> <div class="col-md-6"> http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js b/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js index d63bb5a..3f197cf 100644 --- a/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js +++ b/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js @@ -61,15 +61,14 @@ define(['require', }, templateHelpers: function() { return { - taxonomy: Globals.taxonomy + taxonomy: Globals.taxonomy, + entityUpdate: Globals.entityUpdate }; }, /** ui events hash */ events: function() { var events = {}; - if (Globals.entityCrud) { - events["click " + this.ui.editButton] = 'onClickEditEntity'; - } + events["click " + this.ui.editButton] = 'onClickEditEntity'; events["click " + this.ui.tagClick] = function(e) { if (e.target.nodeName.toLocaleLowerCase() != "i") { var scope = $(e.currentTarget); http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/views/search/SearchLayoutView.js ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/views/search/SearchLayoutView.js b/dashboardv2/public/js/views/search/SearchLayoutView.js index 38bf6b5..bdb71a6 100644 --- a/dashboardv2/public/js/views/search/SearchLayoutView.js +++ b/dashboardv2/public/js/views/search/SearchLayoutView.js @@ -21,8 +21,9 @@ define(['require', 'hbs!tmpl/search/SearchLayoutView_tmpl', 'collection/VTagList', 'utils/Utils', - 'utils/UrlLinks' -], function(require, Backbone, SearchLayoutViewTmpl, VTagList, Utils, UrlLinks) { + 'utils/UrlLinks', + 'utils/Globals', +], function(require, Backbone, SearchLayoutViewTmpl, VTagList, Utils, UrlLinks, Globals) { 'use strict'; var SearchLayoutView = Backbone.Marionette.LayoutView.extend( @@ -45,6 +46,13 @@ define(['require', refreshBtn: '[data-id="refreshBtn"]', createEntity: "[data-id='createEntity']", }, + + templateHelpers: function() { + return { + entityCreate: Globals.entityCreate + }; + }, + /** ui events hash */ events: function() { var events = {}, http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/dashboardv2/public/js/views/search/SearchResultLayoutView.js ---------------------------------------------------------------------- diff --git a/dashboardv2/public/js/views/search/SearchResultLayoutView.js b/dashboardv2/public/js/views/search/SearchResultLayoutView.js index f389515..8d0720e 100644 --- a/dashboardv2/public/js/views/search/SearchResultLayoutView.js +++ b/dashboardv2/public/js/views/search/SearchResultLayoutView.js @@ -449,7 +449,7 @@ define(['require', nameHtml += '<button type="button" title="Deleted" class="btn btn-atlasAction btn-atlas deleteBtn"><i class="fa fa-trash"></i></button>'; return '<div class="readOnly readOnlyLink">' + nameHtml + '</div>'; } else { - if (Globals.entityCrud) { + if (Globals.entityUpdate) { nameHtml += '<button title="Edit" data-id="editEntityButton" data-giud= "' + (model.get('$id$').id || model.get('$id$')) + '" class="btn btn-atlasAction btn-atlas editBtn"><i class="fa fa-pencil"></i></button>' } return nameHtml; http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/release-log.txt ---------------------------------------------------------------------- diff --git a/release-log.txt b/release-log.txt index 760f4c3..a770877 100644 --- a/release-log.txt +++ b/release-log.txt @@ -9,6 +9,7 @@ ATLAS-1060 Add composite indexes for exact match performance improvements for al ATLAS-1127 Modify creation and modification timestamps to Date instead of Long(sumasai) ALL CHANGES: +ATLAS-1489 Show create/edit entity button based on role (Kalyanikashikar via kevalbhatt) ATLAS-1478 REST API to add classification to multiple entities (svimal2106 via mneethiraj) ATLAS-1490 added methods to get sub-types of entity and classification types (mneethiraj) ATLAS-1437 UI update to disallow tag association changes to deleted entities (Kalyanikashikar via mneethiraj) http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/c8f3184f/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java ---------------------------------------------------------------------- diff --git a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java index 02d7488..3b4155c 100755 --- a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java +++ b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java @@ -20,6 +20,9 @@ package org.apache.atlas.web.resources; import com.google.inject.Inject; import org.apache.atlas.AtlasClient; +import org.apache.atlas.authorize.AtlasActionTypes; +import org.apache.atlas.authorize.AtlasResourceTypes; +import org.apache.atlas.authorize.simple.AtlasAuthorizationUtils; import org.apache.atlas.web.filters.AtlasCSRFPreventionFilter; import org.apache.atlas.web.service.ServiceState; import org.apache.atlas.web.util.Servlets; @@ -58,7 +61,8 @@ public class AdminResource { private static final String CUSTOM_METHODS_TO_IGNORE_PARAM = "atlas.rest-csrf.methods-to-ignore"; private static final String CUSTOM_HEADER_PARAM = "atlas.rest-csrf.custom-header"; private static final String isTaxonomyEnabled = "atlas.feature.taxonomy.enable"; - + private static final String isEntityUpdateAllowed = "atlas.entity.update.allowed"; + private static final String isEntityCreateAllowed = "atlas.entity.create.allowed"; private Response version; private ServiceState serviceState; @@ -179,6 +183,8 @@ public class AdminResource { try { PropertiesConfiguration configProperties = new PropertiesConfiguration("atlas-application.properties"); Boolean enableTaxonomy = configProperties.getBoolean(isTaxonomyEnabled, false); + boolean isEntityUpdateAccessAllowed = false; + boolean isEntityCreateAccessAllowed = false; Authentication auth = SecurityContextHolder.getContext().getAuthentication(); String userName = null; Set<String> groups = new HashSet<>(); @@ -188,15 +194,21 @@ public class AdminResource { for (GrantedAuthority c : authorities) { groups.add(c.getAuthority()); } + isEntityUpdateAccessAllowed = AtlasAuthorizationUtils.isAccessAllowed(AtlasResourceTypes.ENTITY, + AtlasActionTypes.UPDATE, userName, groups); + isEntityCreateAccessAllowed = AtlasAuthorizationUtils.isAccessAllowed(AtlasResourceTypes.ENTITY, + AtlasActionTypes.CREATE, userName, groups); } JSONObject responseData = new JSONObject(); - responseData.put(isCSRF_ENABLED, AtlasCSRFPreventionFilter.isCSRF_ENABLED); + responseData.put(isCSRF_ENABLED, AtlasCSRFPreventionFilter.isCSRF_ENABLED); responseData.put(BROWSER_USER_AGENT_PARAM, AtlasCSRFPreventionFilter.BROWSER_USER_AGENTS_DEFAULT); responseData.put(CUSTOM_METHODS_TO_IGNORE_PARAM, AtlasCSRFPreventionFilter.METHODS_TO_IGNORE_DEFAULT); responseData.put(CUSTOM_HEADER_PARAM, AtlasCSRFPreventionFilter.HEADER_DEFAULT); responseData.put(isTaxonomyEnabled, enableTaxonomy); + responseData.put(isEntityUpdateAllowed, isEntityUpdateAccessAllowed); + responseData.put(isEntityCreateAllowed, isEntityCreateAccessAllowed); responseData.put("userName", userName); responseData.put("groups", groups);
