[Bug-12410] [API]Fix the worker list result in workflow definition only has default (#12411)

* Fix the worker list result in workflow definition only has default

* Fix tenant, k8s namespace similar permission issues.

* code clean in the k8s namespace mapper

* delete redundant sql method
This commit is contained in:
Kerwin 2022-10-21 13:54:28 +08:00 committed by GitHub
parent 651588c98d
commit 1436ad65fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 9 additions and 36 deletions

View File

@ -41,6 +41,7 @@ import org.apache.dolphinscheduler.dao.entity.AccessToken;
import org.apache.dolphinscheduler.dao.entity.AlertGroup;
import org.apache.dolphinscheduler.dao.entity.DataSource;
import org.apache.dolphinscheduler.dao.entity.Environment;
import org.apache.dolphinscheduler.dao.entity.K8sNamespace;
import org.apache.dolphinscheduler.dao.entity.Project;
import org.apache.dolphinscheduler.dao.entity.Queue;
import org.apache.dolphinscheduler.dao.entity.Resource;
@ -48,6 +49,7 @@ import org.apache.dolphinscheduler.dao.entity.TaskGroup;
import org.apache.dolphinscheduler.dao.entity.Tenant;
import org.apache.dolphinscheduler.dao.entity.UdfFunc;
import org.apache.dolphinscheduler.dao.entity.User;
import org.apache.dolphinscheduler.dao.entity.WorkerGroup;
import org.apache.dolphinscheduler.dao.mapper.AccessTokenMapper;
import org.apache.dolphinscheduler.dao.mapper.AlertGroupMapper;
import org.apache.dolphinscheduler.dao.mapper.AlertPluginInstanceMapper;
@ -180,8 +182,7 @@ public class ResourcePermissionCheckServiceImpl
return Collections.emptySet();
}
List<Queue> queues = queueMapper.selectList(null);
return CollectionUtils.isEmpty(queues) ? Collections.emptySet()
: queues.stream().map(Queue::getId).collect(toSet());
return queues.stream().map(Queue::getId).collect(toSet());
}
}
@ -267,9 +268,6 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
List<UdfFunc> udfFuncList = udfFuncMapper.listAuthorizedUdfByUserId(userId);
if (CollectionUtils.isEmpty(udfFuncList)) {
return Collections.emptySet();
}
return udfFuncList.stream().map(UdfFunc::getId).collect(toSet());
}
@ -296,9 +294,6 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
List<TaskGroup> taskGroupList = taskGroupMapper.listAuthorizedResource(userId);
if (CollectionUtils.isEmpty(taskGroupList)) {
return Collections.emptySet();
}
return taskGroupList.stream().map(TaskGroup::getId).collect(Collectors.toSet());
}
@ -329,7 +324,8 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
return Collections.emptySet();
List<K8sNamespace> k8sNamespaces = k8sNamespaceMapper.queryAuthedNamespaceListByUserId(userId);
return k8sNamespaces.stream().map(K8sNamespace::getId).collect(Collectors.toSet());
}
}
@ -355,9 +351,6 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
List<Environment> environments = environmentMapper.queryAllEnvironmentList();
if (CollectionUtils.isEmpty(environments)) {
return Collections.emptySet();
}
return environments.stream().map(Environment::getId).collect(Collectors.toSet());
}
}
@ -383,7 +376,8 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
return Collections.emptySet();
List<WorkerGroup> workerGroups = workerGroupMapper.queryAllWorkerGroup();
return workerGroups.stream().map(WorkerGroup::getId).collect(Collectors.toSet());
}
}
@ -468,9 +462,6 @@ public class ResourcePermissionCheckServiceImpl
@Override
public Set<Integer> listAuthorizedResource(int userId, Logger logger) {
if (userId != 0) {
return Collections.emptySet();
}
List<Tenant> tenantList = tenantMapper.queryAll();
return tenantList.stream().map(Tenant::getId).collect(Collectors.toSet());
}

View File

@ -445,7 +445,7 @@ public class K8SNamespaceServiceImpl extends BaseServiceImpl implements K8sNames
if (isAdmin(loginUser)) {
k8sNamespaces = k8sNamespaceMapper.selectList(null);
} else {
k8sNamespaces = k8sNamespaceMapper.queryNamespaceAvailable(loginUser.getId());
k8sNamespaces = k8sNamespaceMapper.queryAuthedNamespaceListByUserId(loginUser.getId());
}
setClusterName(k8sNamespaces);
return k8sNamespaces;

View File

@ -64,15 +64,7 @@ public interface K8sNamespaceMapper extends BaseMapper<K8sNamespace> {
* @param userId userId
* @return namespace list
*/
List<K8sNamespace> queryAuthedNamespaceListByUserId(@Param("userId") int userId);
/**
* query namespace can use
*
* @param userId userId
* @return namespace list
*/
List<K8sNamespace> queryNamespaceAvailable(@Param("userId") Integer userId);
List<K8sNamespace> queryAuthedNamespaceListByUserId(@Param("userId") Integer userId);
/**
* check the target namespace

View File

@ -70,16 +70,6 @@
where p.id = rel.namespace_id and rel.user_id= #{userId}
</select>
<select id="queryNamespaceAvailable" resultType="org.apache.dolphinscheduler.dao.entity.K8sNamespace">
select
<include refid="baseSqlV2">
<property name="alias" value="b"/>
</include>
from ( select namespace_id from t_ds_relation_namespace_user where user_id= #{userId} ) a
left join t_ds_k8s_namespace b
on b.id = a.namespace_id
where b.id is not null
</select>
<select id="queryByNamespaceCode" resultType="org.apache.dolphinscheduler.dao.entity.K8sNamespace">
select
<include refid="baseSql"/>