[incubator-dolphinscheduler] branch 1.3.2-release updated: modify general user can't create, delete, update token (#3538)

Mon, 17 Aug 2020 23:08:22 -0700 

This is an automated email from the ASF dual-hosted git repository.

journey pushed a commit to branch 1.3.2-release
in repository https://gitbox.apache.org/repos/asf/incubator-dolphinscheduler.git


The following commit(s) were added to refs/heads/1.3.2-release by this push:
     new b8a9e2e  modify general user can't create,delete,update token (#3538)
b8a9e2e is described below

commit b8a9e2e00f2f207ae60c913a7173b59405ff95f1
Author: qiaozhanwei <qiaozhan...@outlook.com>
AuthorDate: Tue Aug 18 14:07:47 2020 +0800

    modify general user can't create,delete,update token (#3538)
    
    Co-authored-by: qiaozhanwei <qiaozhan...@analysys.com.cn>
---
 .../dolphinscheduler/api/service/AccessTokenService.java  | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git 
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
 
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
index 8ccbff1..c663842 100644
--- 
a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
+++ 
b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
@@ -84,7 +84,9 @@ public class AccessTokenService extends BaseService {
      */
     public Map<String, Object> createToken(User loginUser, int userId, String 
expireTime, String token) {
         Map<String, Object> result = new HashMap<>(5);
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
+
+        if (!hasPerm(loginUser,userId)){
+            putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
 
@@ -140,10 +142,6 @@ public class AccessTokenService extends BaseService {
     public Map<String, Object> delAccessTokenById(User loginUser, int id) {
         Map<String, Object> result = new HashMap<>(5);
 
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
-            return result;
-        }
-
         AccessToken accessToken = accessTokenMapper.selectById(id);
 
         if (accessToken == null) {
@@ -152,8 +150,7 @@ public class AccessTokenService extends BaseService {
             return result;
         }
 
-        if (loginUser.getId() != accessToken.getUserId() &&
-                loginUser.getUserType() != UserType.ADMIN_USER) {
+        if (!hasPerm(loginUser,accessToken.getUserId())){
             putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
@@ -176,9 +173,11 @@ public class AccessTokenService extends BaseService {
     public Map<String, Object> updateToken(User loginUser, int id, int userId, 
String expireTime, String token) {
         Map<String, Object> result = new HashMap<>(5);
 
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
+        if (!hasPerm(loginUser,userId)){
+            putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
+
         AccessToken accessToken = accessTokenMapper.selectById(id);
         if (accessToken == null) {
             logger.error("access token not exist,  access token id {}", id);

Reply via email to