[Fix-10367] Permission check related key adjustment. (#10368)

* Permission check related key adjustment. * resource create or upload fix. * Analysis Permission fix. * Ut coverage add. * rerun * source permission fix. * ut coverage is achieved * Reference permission package path modification * k8s path bug fix. * k8s path bug fix. * Corrected controller method name and rerun.
2024-11-30 03:08:01 +08:00 · 2022-06-09 19:10:34 +08:00 · 2022-06-09 19:10:34 +08:00 · 9782fe4e7c
commit 9782fe4e7c
parent 997f0d4bfd
46 changed files with 217 additions and 134 deletions
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/constants/ApiFuncIdentificationConstant.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/constants/ApiFuncIdentificationConstant.java
@ -154,6 +154,10 @@ public class ApiFuncIdentificationConstant {
    public static final String MONITOR_WORKER_VIEW = "monitor:workers:view";
    public static final String MONITOR_DATABASES_VIEW = "monitor:databases:view";

+    public static final String MONITOR_STATISTICS_VIEW = "monitor:statistics:view";
+    public static final String MONITOR_EVENT_LIST_VIEW = "monitor:event:view";
+    public static final String MONITOR_ALERT_LIST_VIEW = "monitor:alert:view";
+
    public final static Map<ExecuteType,String> map = new HashMap<ExecuteType,String>();

    static{
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/DataSourceController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/DataSourceController.java
@ -256,7 +256,7 @@ public class DataSourceController extends BaseController {
    @ResponseStatus(HttpStatus.OK)
    @ApiException(DELETE_DATA_SOURCE_FAILURE)
    @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
-    public Result delete(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
+    public Result deleteDataSource(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
                         @PathVariable("id") int id) {
        return dataSourceService.delete(loginUser, id);
    }
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/EnvironmentController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/EnvironmentController.java
@ -81,7 +81,7 @@ public class EnvironmentController extends BaseController {
    @ResponseStatus(HttpStatus.CREATED)
    @ApiException(CREATE_ENVIRONMENT_ERROR)
    @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
-    public Result createProject(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
+    public Result createEnvironment(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
                                @RequestParam("name") String name,
                                @RequestParam("config") String config,
                                @RequestParam(value = "description", required = false) String description,
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/SchedulerController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/SchedulerController.java
@ -182,7 +182,7 @@ public class SchedulerController extends BaseController {
    @PostMapping("/{id}/online")
    @ApiException(PUBLISH_SCHEDULE_ONLINE_ERROR)
    @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
-    public Result online(@ApiIgnore @RequestAttribute(value = SESSION_USER) User loginUser,
+    public Result publishScheduleOnline(@ApiIgnore @RequestAttribute(value = SESSION_USER) User loginUser,
                         @ApiParam(name = "projectCode", value = "PROJECT_CODE", required = true) @PathVariable long projectCode,
                         @PathVariable("id") Integer id) {
        Map<String, Object> result = schedulerService.setScheduleState(loginUser, projectCode, id, ReleaseState.ONLINE);
@ -204,7 +204,7 @@ public class SchedulerController extends BaseController {
    @PostMapping("/{id}/offline")
    @ApiException(OFFLINE_SCHEDULE_ERROR)
    @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
-    public Result offline(@ApiIgnore @RequestAttribute(value = SESSION_USER) User loginUser,
+    public Result offlineSchedule(@ApiIgnore @RequestAttribute(value = SESSION_USER) User loginUser,
                          @ApiParam(name = "projectCode", value = "PROJECT_CODE", required = true) @PathVariable long projectCode,
                          @PathVariable("id") Integer id) {

--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/WorkerGroupController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/WorkerGroupController.java
@ -146,7 +146,7 @@ public class WorkerGroupController extends BaseController {
     * @param id group id
     * @return delete result code
     */
-    @ApiOperation(value = "deleteById", notes = "DELETE_WORKER_GROUP_BY_ID_NOTES")
+    @ApiOperation(value = "deleteWorkerGroupById", notes = "DELETE_WORKER_GROUP_BY_ID_NOTES")
    @ApiImplicitParams({
        @ApiImplicitParam(name = "id", value = "WORKER_GROUP_ID", required = true, dataType = "Int", example = "10"),
    })
@ -154,7 +154,7 @@ public class WorkerGroupController extends BaseController {
    @ResponseStatus(HttpStatus.OK)
    @ApiException(DELETE_WORKER_GROUP_FAIL)
    @AccessLogAnnotation(ignoreRequestArgs = "loginUser")
-    public Result deleteById(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
+    public Result deleteWorkerGroupById(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
                             @PathVariable("id") Integer id
    ) {
        Map<String, Object> result = workerGroupService.deleteWorkerGroupById(loginUser, id);
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/k8s/K8sClientService.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/k8s/K8sClientService.java
@ -15,7 +15,7 @@
 * limitations under the License.
 */

-package org.apache.dolphinscheduler.service.k8s;
+package org.apache.dolphinscheduler.api.k8s;

 import org.apache.dolphinscheduler.dao.entity.K8sNamespace;

--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/k8s/K8sManager.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/k8s/K8sManager.java
@ -15,7 +15,7 @@
 * limitations under the License.
 */

-package org.apache.dolphinscheduler.service.k8s;
+package org.apache.dolphinscheduler.api.k8s;

 import org.apache.dolphinscheduler.dao.entity.K8s;
 import org.apache.dolphinscheduler.dao.mapper.K8sMapper;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/PermissionCheck.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/PermissionCheck.java
@ -15,7 +15,7 @@
 * limitations under the License.
 */

-package org.apache.dolphinscheduler.service.permission;
+package org.apache.dolphinscheduler.api.permission;

 import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.common.enums.UserType;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckService.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckService.java
@ -14,7 +14,7 @@
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
-package org.apache.dolphinscheduler.service.permission;
+package org.apache.dolphinscheduler.api.permission;

 import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.slf4j.Logger;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceImpl.java
@ -31,7 +31,7 @@
 * limitations under the License.
 */

-package org.apache.dolphinscheduler.service.permission;
+package org.apache.dolphinscheduler.api.permission;

 import static java.util.stream.Collectors.toSet;

--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AlertPluginInstanceServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AlertPluginInstanceServiceImpl.java
@ -17,6 +17,7 @@

 package org.apache.dolphinscheduler.api.service.impl;

+import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.AlertPluginInstanceService;
 import org.apache.dolphinscheduler.api.utils.PageInfo;
@ -176,7 +177,7 @@ public class AlertPluginInstanceServiceImpl extends BaseServiceImpl implements A
    public Map<String, Object> get(User loginUser, int id) {
        Map<String, Object> result = new HashMap<>();
        AlertPluginInstance alertPluginInstance = alertPluginInstanceMapper.selectById(id);
-        if (!canOperatorPermissions(loginUser,null, AuthorizationType.ALERT_PLUGIN_INSTANCE,ALART_LIST)) {
+        if (!canOperatorPermissions(loginUser,null, AuthorizationType.ALERT_PLUGIN_INSTANCE,ApiFuncIdentificationConstant.ALARM_INSTANCE_MANAGE)) {
            putMsg(result, Status.USER_NO_OPERATION_PERM);
            return result;
        }
@ -210,7 +211,7 @@ public class AlertPluginInstanceServiceImpl extends BaseServiceImpl implements A
    public Result listPaging(User loginUser, String searchVal, int pageNo, int pageSize) {

        Result result = new Result();
-        if (!canOperatorPermissions(loginUser,null,AuthorizationType.ALERT_PLUGIN_INSTANCE,ALART_LIST)) {
+        if (!canOperatorPermissions(loginUser,null,AuthorizationType.ALERT_PLUGIN_INSTANCE, ApiFuncIdentificationConstant.ALARM_INSTANCE_MANAGE)) {
            putMsg(result,Status.USER_NO_OPERATION_PERM);
            return result;
        }
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/BaseServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/BaseServiceImpl.java
@ -26,7 +26,7 @@ import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.common.enums.UserType;
 import org.apache.dolphinscheduler.common.utils.DateUtils;
 import org.apache.dolphinscheduler.dao.entity.User;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataAnalysisServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataAnalysisServiceImpl.java
@ -17,12 +17,16 @@

 package org.apache.dolphinscheduler.api.service.impl;

+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.tuple.Pair;
+import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
 import org.apache.dolphinscheduler.api.dto.CommandStateCount;
 import org.apache.dolphinscheduler.api.dto.DefineUserDto;
 import org.apache.dolphinscheduler.api.dto.TaskCountDto;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.DataAnalysisService;
 import org.apache.dolphinscheduler.api.service.ProjectService;
+import org.apache.dolphinscheduler.api.utils.Result;
 import org.apache.dolphinscheduler.common.Constants;
 import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.common.enums.CommandType;
@ -42,11 +46,15 @@ import org.apache.dolphinscheduler.dao.mapper.ProjectMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskInstanceMapper;
 import org.apache.dolphinscheduler.plugin.task.api.enums.ExecutionStatus;
 import org.apache.dolphinscheduler.service.process.ProcessService;
-
-import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;

 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
@ -57,9 +65,6 @@ import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;

-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
 import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.PROJECT_OVERVIEW;

 /**
@ -68,6 +73,8 @@ import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationCon
@Service
 public class DataAnalysisServiceImpl extends BaseServiceImpl implements DataAnalysisService {

+    private static final Logger logger = LoggerFactory.getLogger(DataAnalysisServiceImpl.class);
+
    @Autowired
    private ProjectMapper projectMapper;

@ -166,9 +173,11 @@ public class DataAnalysisServiceImpl extends BaseServiceImpl implements DataAnal
                return result;
            }
        }
-
-        Long[] projectCodeArray = projectCode == 0 ? getProjectCodesArrays(loginUser)
-                : new Long[]{projectCode};
+        Pair<Set<Integer>, Map<String, Object>> projectIds = getProjectIds(loginUser, result);
+        if (projectIds.getRight() != null) {
+            return projectIds.getRight();
+        }
+        Long[] projectCodeArray = projectCode == 0 ? getProjectCodesArrays(projectIds.getLeft()) : new Long[]{projectCode};
        List<ExecuteStatusCount> processInstanceStateCounts = new ArrayList<>();

        if (projectCodeArray.length != 0 || loginUser.getUserType() == UserType.ADMIN_USER) {
@ -205,8 +214,15 @@ public class DataAnalysisServiceImpl extends BaseServiceImpl implements DataAnal
        }

        List<DefinitionGroupByUser> defineGroupByUsers = new ArrayList<>();
-        Long[] projectCodeArray = projectCode == 0 ? getProjectCodesArrays(loginUser)
-                : new Long[]{projectCode};
+        Pair<Set<Integer>, Map<String, Object>> projectIds = getProjectIds(loginUser, result);
+        if (projectIds.getRight() != null) {
+            List<DefinitionGroupByUser> emptyList = new ArrayList<>();
+            DefineUserDto dto = new DefineUserDto(emptyList);
+            result.put(Constants.DATA_LIST, dto);
+            putMsg(result, Status.SUCCESS);
+            return result;
+        }
+        Long[] projectCodeArray = projectCode == 0 ? getProjectCodesArrays(projectIds.getLeft()) : new Long[]{projectCode};
        if (projectCodeArray.length != 0 || loginUser.getUserType() == UserType.ADMIN_USER) {
            defineGroupByUsers = processDefinitionMapper.countDefinitionByProjectCodes(projectCodeArray);
        }
@ -234,10 +250,17 @@ public class DataAnalysisServiceImpl extends BaseServiceImpl implements DataAnal
         */
        Date start = null;
        Date end = null;
-        Long[] projectCodeArray = getProjectCodesArrays(loginUser);
+        Pair<Set<Integer>, Map<String, Object>> projectIds = getProjectIds(loginUser, result);
+        if (projectIds.getRight() != null) {
+            List<CommandStateCount> noData = Arrays.stream(CommandType.values()).map(commandType -> new CommandStateCount(0, 0, commandType)).collect(Collectors.toList());
+            result.put(Constants.DATA_LIST, noData);
+            putMsg(result, Status.SUCCESS);
+            return result;
+        }
+        Long[] projectCodeArray = getProjectCodesArrays(projectIds.getLeft());

        // admin can view all
-        if(!canOperatorPermissions(loginUser,null, AuthorizationType.DATA_ANALYSIS, PROJECT_OVERVIEW)){
+        if(!canOperatorPermissions(loginUser,null, AuthorizationType.DATA_ANALYSIS, ApiFuncIdentificationConstant.MONITOR_STATISTICS_VIEW)){
            putMsg(result, Status.USER_NO_OPERATION_PROJECT_PERM);
            return result;
        }
@ -265,16 +288,23 @@ public class DataAnalysisServiceImpl extends BaseServiceImpl implements DataAnal
        return result;
    }

-    private Long[] getProjectCodesArrays(User loginUser) {
-        List<Project> projectList = projectMapper.queryRelationProjectListByUserId(
-                loginUser.getUserType() == UserType.ADMIN_USER ? 0 : loginUser.getId());
-        Set<Long> projectCodes = new HashSet<>();
-        projectList.forEach(project -> projectCodes.add(project.getCode()));
-        if (loginUser.getUserType() == UserType.GENERAL_USER) {
-            List<Project> createProjects = projectMapper.queryProjectCreatedByUser(loginUser.getId());
-            createProjects.forEach(project -> projectCodes.add(project.getCode()));
+    private Pair<Set<Integer>, Map<String, Object>> getProjectIds(User loginUser, Map<String, Object> result) {
+        Set<Integer> projectIds = resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, loginUser.getId(), logger);
+        if (projectIds.isEmpty()) {
+            List<ExecuteStatusCount> taskInstanceStateCounts = new ArrayList<>();
+            result.put(Constants.DATA_LIST, new TaskCountDto(taskInstanceStateCounts));
+            putMsg(result, Status.SUCCESS);
+            return Pair.of(null, result);
        }
-        return projectCodes.toArray(new Long[0]);
+        return Pair.of(projectIds, null);
+    }
+
+    private Long[] getProjectCodesArrays(Set<Integer> projectIds) {
+        List<Project> projects = projectMapper.selectBatchIds(projectIds);
+        List<Long> codeList = projects.stream().map(Project::getCode).collect(Collectors.toList());
+        Long[] projectCodeArray = new Long[codeList.size()];
+        codeList.toArray(projectCodeArray);
+        return projectCodeArray;
    }

    /**
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java
@ -32,7 +32,7 @@ import org.apache.dolphinscheduler.dao.mapper.DataSourceUserMapper;
 import org.apache.dolphinscheduler.plugin.datasource.api.datasource.BaseDataSourceParamDTO;
 import org.apache.dolphinscheduler.plugin.datasource.api.plugin.DataSourceClientProvider;
 import org.apache.dolphinscheduler.plugin.datasource.api.utils.DataSourceUtils;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.datasource.BaseConnectionParam;
 import org.apache.dolphinscheduler.spi.datasource.ConnectionParam;
 import org.apache.dolphinscheduler.spi.enums.DbType;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/K8SNamespaceServiceImpl.java
@ -26,7 +26,7 @@ import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.dao.entity.K8sNamespace;
 import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.K8sNamespaceMapper;
-import org.apache.dolphinscheduler.service.k8s.K8sClientService;
+import org.apache.dolphinscheduler.api.k8s.K8sClientService;

 import org.apache.commons.lang3.StringUtils;

--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
@ -36,7 +36,7 @@ import org.apache.dolphinscheduler.dao.mapper.ProcessDefinitionMapper;
 import org.apache.dolphinscheduler.dao.mapper.ProjectMapper;
 import org.apache.dolphinscheduler.dao.mapper.ProjectUserMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ResourcesServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ResourcesServiceImpl.java
@ -56,7 +56,7 @@ import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
 import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
 import org.apache.dolphinscheduler.dao.utils.ResourceProcessDefinitionUtils;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.enums.ResourceType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -176,7 +176,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
        try {
            resourcesMapper.insert(resource);
            putMsg(result, Status.SUCCESS);
-            permissionPostHandle(AuthorizationType.RESOURCE_FILE_ID, loginUser.getId(), Collections.singletonList(resource.getId()), logger);
+            permissionPostHandle(resource.getType(), loginUser, resource.getId());
            Map<String, Object> resultMap = new HashMap<>();
            for (Map.Entry<Object, Object> entry : new BeanMap(resource).entrySet()) {
                if (!"class".equalsIgnoreCase(entry.getKey().toString())) {
@ -270,7 +270,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
            resourcesMapper.insert(resource);
            updateParentResourceSize(resource, resource.getSize());
            putMsg(result, Status.SUCCESS);
-            permissionPostHandle(AuthorizationType.RESOURCE_FILE_ID, loginUser.getId(), Collections.singletonList(resource.getId()), logger);
+            permissionPostHandle(resource.getType(), loginUser, resource.getId());
            Map<String, Object> resultMap = new HashMap<>();
            for (Map.Entry<Object, Object> entry : new BeanMap(resource).entrySet()) {
                if (!"class".equalsIgnoreCase(entry.getKey().toString())) {
@ -646,7 +646,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
            putMsg(result, Status.SUCCESS);
            return result;
        }
-        IPage<Resource> resourceIPage = resourcesMapper.queryResourcePaging(page, directoryId, type.ordinal(), loginUser.getId(), searchVal, new ArrayList<>(resourcesIds));
+        IPage<Resource> resourceIPage = resourcesMapper.queryResourcePaging(page, directoryId, type.ordinal(), searchVal, new ArrayList<>(resourcesIds));
        pageInfo.setTotal((int) resourceIPage.getTotal());
        pageInfo.setTotalList(resourceIPage.getRecords());
        result.setData(pageInfo);
@ -1124,7 +1124,7 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
        updateParentResourceSize(resource, resource.getSize());

        putMsg(result, Status.SUCCESS);
-        permissionPostHandle(checkResourceType(resource.getType()), loginUser.getId(), Collections.singletonList(resource.getId()), logger);
+        permissionPostHandle(resource.getType(), loginUser, resource.getId());
        Map<String, Object> resultMap = new HashMap<>();
        for (Map.Entry<Object, Object> entry : new BeanMap(resource).entrySet()) {
            if (!Constants.CLASS.equalsIgnoreCase(entry.getKey().toString())) {
@ -1142,6 +1142,11 @@ public class ResourcesServiceImpl extends BaseServiceImpl implements ResourcesSe
        return result;
    }

+    private void permissionPostHandle(ResourceType resourceType, User loginUser, Integer resourceId) {
+        AuthorizationType authorizationType = resourceType.equals(ResourceType.FILE) ? AuthorizationType.RESOURCE_FILE_ID : AuthorizationType.UDF_FILE;
+        permissionPostHandle(authorizationType, loginUser.getId(), Collections.singletonList(resourceId), logger);
+    }
+
    private Result<Object> checkResourceUploadStartupState() {
        Result<Object> result = new Result<>();
        putMsg(result, Status.SUCCESS);
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskDefinitionServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskDefinitionServiceImpl.java
@ -45,7 +45,7 @@ import org.apache.dolphinscheduler.dao.mapper.ProjectMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskDefinitionLogMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskDefinitionMapper;
 import org.apache.dolphinscheduler.plugin.task.api.parameters.ParametersNode;
-import org.apache.dolphinscheduler.service.permission.PermissionCheck;
+import org.apache.dolphinscheduler.api.permission.PermissionCheck;
 import org.apache.dolphinscheduler.service.process.ProcessService;
 import org.apache.dolphinscheduler.service.task.TaskPluginManager;

--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java
@ -17,6 +17,9 @@

 package org.apache.dolphinscheduler.api.service.impl;

+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.ExecutorService;
@ -26,11 +29,16 @@ import org.apache.dolphinscheduler.api.utils.PageInfo;
 import org.apache.dolphinscheduler.common.Constants;
 import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.common.enums.Flag;
+import org.apache.dolphinscheduler.common.enums.UserType;
 import org.apache.dolphinscheduler.dao.entity.TaskGroup;
 import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.TaskGroupMapper;
 import org.apache.dolphinscheduler.service.process.ProcessService;
 import org.apache.dolphinscheduler.spi.utils.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;

 import java.util.ArrayList;
 import java.util.Date;
@ -38,15 +46,6 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;

-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-import com.baomidou.mybatisplus.core.metadata.IPage;
-import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
-
 /**
 * task Group Service
 */
@ -99,7 +98,7 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
            return result;
        }
        TaskGroup taskGroup = new TaskGroup(name, projectCode, description,
-            groupSize, loginUser.getId(), Flag.YES.getCode());
+                groupSize, loginUser.getId(), Flag.YES.getCode());

        taskGroup.setCreateTime(new Date());
        taskGroup.setUpdateTime(new Date());
@ -139,9 +138,9 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
            return result;
        }
        Integer exists = taskGroupMapper.selectCount(new QueryWrapper<TaskGroup>().lambda()
-            .eq(TaskGroup::getName, name)
-            .eq(TaskGroup::getUserId, loginUser.getId())
-            .ne(TaskGroup::getId, id));
+                .eq(TaskGroup::getName, name)
+                .eq(TaskGroup::getUserId, loginUser.getId())
+                .ne(TaskGroup::getId, id));

        if (exists > 0) {
            putMsg(result, Status.TASK_GROUP_NAME_EXSIT);
@ -185,7 +184,7 @@ public class TaskGroupServiceImpl extends BaseServiceImpl implements TaskGroupSe
     */
    @Override
    public Map<String, Object> queryAllTaskGroup(User loginUser, String name, Integer status, int pageNo, int pageSize) {
-        return this.doQuery(loginUser, pageNo, pageSize, loginUser.getId(), name, status);
+        return this.doQuery(loginUser, pageNo, pageSize, loginUser.getUserType().equals(UserType.ADMIN_USER) ? 0 : loginUser.getId(), name, status);
    }

    /**
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UdfFuncServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UdfFuncServiceImpl.java
@ -17,6 +17,9 @@

 package org.apache.dolphinscheduler.api.service.impl;

+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.UdfFuncService;
@ -31,23 +34,17 @@ import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.ResourceMapper;
 import org.apache.dolphinscheduler.dao.mapper.UDFUserMapper;
 import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
-
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.List;
-import java.util.Set;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

-import com.baomidou.mybatisplus.core.metadata.IPage;
-import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+import java.util.Set;

 /**
 * udf func service impl
@ -137,7 +134,7 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic

        udfFuncMapper.insert(udf);
        putMsg(result, Status.SUCCESS);
-        permissionPostHandle(AuthorizationType.UDF, loginUser.getId(), Collections.singletonList(resource.getId()), logger);
+        permissionPostHandle(AuthorizationType.UDF, loginUser.getId(), Collections.singletonList(udf.getId()), logger);
        return result;
    }

@ -190,14 +187,14 @@ public class UdfFuncServiceImpl extends BaseServiceImpl implements UdfFuncServic
     */
    @Override
    public Result<Object> updateUdfFunc(User loginUser,
-                                             int udfFuncId,
-                                             String funcName,
-                                             String className,
-                                             String argTypes,
-                                             String database,
-                                             String desc,
-                                             UdfType type,
-                                             int resourceId) {
+                                        int udfFuncId,
+                                        String funcName,
+                                        String className,
+                                        String argTypes,
+                                        String database,
+                                        String desc,
+                                        UdfType type,
+                                        int resourceId) {
        Result<Object> result = new Result<>();

        boolean canOperatorPermissions = canOperatorPermissions(loginUser, new Object[]{resourceId}, AuthorizationType.UDF, ApiFuncIdentificationConstant.UDF_FUNCTION_UPDATE);
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java
@ -59,7 +59,7 @@ import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
 import org.apache.dolphinscheduler.dao.mapper.UDFUserMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
 import org.apache.dolphinscheduler.dao.utils.ResourceProcessDefinitionUtils;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/k8s/K8sManagerTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/k8s/K8sManagerTest.java
@ -15,7 +15,7 @@
 * limitations under the License.
 */

-package org.apache.dolphinscheduler.service.k8s;
+package org.apache.dolphinscheduler.api.k8s;

 import org.apache.dolphinscheduler.dao.entity.K8s;
 import org.apache.dolphinscheduler.dao.mapper.K8sMapper;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/permission/ResourcePermissionCheckServiceTest.java
@ -14,7 +14,7 @@
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
-package org.apache.dolphinscheduler.service.permission;
+package org.apache.dolphinscheduler.api.permission;


 import com.google.common.collect.Lists;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java
@ -42,7 +42,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Optional;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.assertj.core.util.Lists;
 import org.junit.Assert;
 import org.junit.Test;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AlertGroupServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AlertGroupServiceTest.java
@ -39,7 +39,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AlertPluginInstanceServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AlertPluginInstanceServiceTest.java
@ -36,7 +36,7 @@ import java.util.Collections;
 import java.util.List;
 import java.util.Map;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataAnalysisServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataAnalysisServiceTest.java
@ -17,12 +17,7 @@

 package org.apache.dolphinscheduler.api.service;

-import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.PROJECT_OVERVIEW;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyInt;
-import static org.mockito.ArgumentMatchers.anyLong;
-
+import org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant;
 import org.apache.dolphinscheduler.api.dto.CommandStateCount;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl;
@ -44,16 +39,7 @@ import org.apache.dolphinscheduler.dao.mapper.ProcessInstanceMapper;
 import org.apache.dolphinscheduler.dao.mapper.ProjectMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskInstanceMapper;
 import org.apache.dolphinscheduler.plugin.task.api.enums.ExecutionStatus;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
-import org.apache.dolphinscheduler.service.process.ProcessService;
-
-import java.text.MessageFormat;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
@ -67,6 +53,21 @@ import org.powermock.modules.junit4.PowerMockRunner;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.PROJECT_OVERVIEW;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.anyLong;
+
 /**
 * data analysis service test
 */
@ -75,6 +76,8 @@ public class DataAnalysisServiceTest {

    private static final Logger baseServiceLogger = LoggerFactory.getLogger(BaseServiceImpl.class);

+    private static final Logger serviceLogger = LoggerFactory.getLogger(DataAnalysisServiceImpl.class);
+
    @InjectMocks
    private DataAnalysisServiceImpl dataAnalysisServiceImpl;

@ -99,9 +102,6 @@ public class DataAnalysisServiceTest {
    @Mock
    TaskInstanceMapper taskInstanceMapper;

-    @Mock
-    ProcessService processService;
-
    @Mock
    private ResourcePermissionCheckService resourcePermissionCheckService;

@ -113,6 +113,7 @@ public class DataAnalysisServiceTest {
    public void setUp() {

        user = new User();
+        user.setId(1);
        Project project = new Project();
        project.setId(1);
        project.setName("test");
@ -198,6 +199,8 @@ public class DataAnalysisServiceTest {

        // when general user doesn't have any task then return all count are 0
        user.setUserType(UserType.GENERAL_USER);
+        Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, 1, serviceLogger))
+                .thenReturn(projectIds());
        Mockito.when(taskInstanceMapper.countTaskInstanceStateByProjectCodes(any(), any(), any())).thenReturn(
                Collections.emptyList());
        result = dataAnalysisServiceImpl.countTaskStateByProject(user, 1, null, null);
@ -214,6 +217,7 @@ public class DataAnalysisServiceTest {
        putMsg(result, Status.SUCCESS, null);
        Mockito.when(projectService.checkProjectAndAuth(any(), any(), anyLong(),any())).thenReturn(result);
        Mockito.when(projectMapper.queryByCode(1L)).thenReturn(getProject("test"));
+        Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, 1, serviceLogger)).thenReturn(projectIds());

        // when instanceStateCounter return null, then return nothing
        user.setUserType(UserType.GENERAL_USER);
@ -258,7 +262,12 @@ public class DataAnalysisServiceTest {
        Mockito.when(projectService.checkProjectAndAuth(any(), any(), anyLong(),any())).thenReturn(result);

        Mockito.when(processDefinitionMapper.countDefinitionByProjectCodes(
-            Mockito.any(Long[].class))).thenReturn(new ArrayList<DefinitionGroupByUser>());
+                Mockito.any(Long[].class))).thenReturn(new ArrayList<DefinitionGroupByUser>());
+        Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, 1, serviceLogger)).thenReturn(projectIds());
+        result = dataAnalysisServiceImpl.countDefinitionByUser(user, 0);
+        Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
+
+        Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, 1, serviceLogger)).thenReturn(Collections.emptySet());
        result = dataAnalysisServiceImpl.countDefinitionByUser(user, 0);
        Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
    }
@ -272,7 +281,7 @@ public class DataAnalysisServiceTest {
        CommandCount commandCount = new CommandCount();
        commandCount.setCommandType(CommandType.START_PROCESS);
        commandCounts.add(commandCount);
-        Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.DATA_ANALYSIS, user.getId(), PROJECT_OVERVIEW, baseServiceLogger)).thenReturn(true);
+        Mockito.when(resourcePermissionCheckService.operationPermissionCheck(AuthorizationType.DATA_ANALYSIS, user.getId(), ApiFuncIdentificationConstant.MONITOR_STATISTICS_VIEW, baseServiceLogger)).thenReturn(true);
        Mockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.DATA_ANALYSIS, null, 0, baseServiceLogger)).thenReturn(true);
        Mockito.when(commandMapper.countCommandState(0, null, null, new Long[]{1L})).thenReturn(commandCounts);
        Mockito.when(errorCommandMapper.countCommandState(0, null, null, new Long[]{1L})).thenReturn(commandCounts);
@ -283,6 +292,8 @@ public class DataAnalysisServiceTest {
        // when no command found then return all count are 0
        Mockito.when(commandMapper.countCommandState(anyInt(), any(), any(), any())).thenReturn(Collections.emptyList());
        Mockito.when(errorCommandMapper.countCommandState(anyInt(), any(), any(), any())).thenReturn(Collections.emptyList());
+        Mockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.PROJECTS, 1, serviceLogger)).thenReturn(projectIds());
+
        Map<String, Object> result5 = dataAnalysisServiceImpl.countCommandState(user);
        assertThat(result5).containsEntry(Constants.STATUS, Status.SUCCESS);
        assertThat(result5.get(Constants.DATA_LIST)).asList().extracting("errorCount").allMatch(count -> count.equals(0));
@ -317,6 +328,12 @@ public class DataAnalysisServiceTest {
                .allMatch(count -> count.equals(0));
    }

+    private Set<Integer> projectIds() {
+        Set<Integer> projectIds = new HashSet<>();
+        projectIds.add(1);
+        return projectIds;
+    }
+
    /**
     * get list
     */
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java
@ -40,7 +40,7 @@ import org.apache.dolphinscheduler.plugin.datasource.hive.param.HiveDataSourcePa
 import org.apache.dolphinscheduler.plugin.datasource.mysql.param.MySQLDataSourceParamDTO;
 import org.apache.dolphinscheduler.plugin.datasource.oracle.param.OracleDataSourceParamDTO;
 import org.apache.dolphinscheduler.plugin.datasource.postgresql.param.PostgreSQLDataSourceParamDTO;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.datasource.ConnectionParam;
 import org.apache.dolphinscheduler.spi.enums.DbConnectType;
 import org.apache.dolphinscheduler.spi.enums.DbType;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DqExecuteResultServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DqExecuteResultServiceTest.java
@ -38,7 +38,7 @@ import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DqRuleServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DqRuleServiceTest.java
@ -44,7 +44,7 @@ import org.apache.dolphinscheduler.plugin.task.api.enums.dp.InputType;
 import org.apache.dolphinscheduler.plugin.task.api.enums.dp.OptionSourceType;
 import org.apache.dolphinscheduler.plugin.task.api.enums.dp.RuleType;
 import org.apache.dolphinscheduler.plugin.task.api.enums.dp.ValueType;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.enums.DbType;
 import org.apache.dolphinscheduler.spi.params.base.FormType;

--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/EnvironmentServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/EnvironmentServiceTest.java
@ -38,7 +38,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.assertj.core.util.Lists;
 import org.junit.After;
 import org.junit.Assert;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ExecutorServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ExecutorServiceTest.java
@ -46,7 +46,7 @@ import org.apache.dolphinscheduler.dao.mapper.ProjectMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskDefinitionMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskGroupQueueMapper;
 import org.apache.dolphinscheduler.plugin.task.api.enums.ExecutionStatus;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.service.process.ProcessService;

 import java.util.ArrayList;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/K8SNamespaceServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/K8SNamespaceServiceTest.java
@ -29,7 +29,7 @@ import org.apache.dolphinscheduler.dao.entity.K8sNamespace;
 import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.K8sNamespaceMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
-import org.apache.dolphinscheduler.service.k8s.K8sClientService;
+import org.apache.dolphinscheduler.api.k8s.K8sClientService;

 import org.apache.commons.collections.CollectionUtils;

@ -37,7 +37,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/MonitorServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/MonitorServiceTest.java
@ -29,7 +29,7 @@ import org.apache.dolphinscheduler.common.model.Server;
 import org.apache.dolphinscheduler.dao.MonitorDBDao;
 import org.apache.dolphinscheduler.dao.entity.MonitorRecord;
 import org.apache.dolphinscheduler.dao.entity.User;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.service.registry.RegistryClient;
 import org.apache.dolphinscheduler.spi.enums.DbType;

--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
@ -35,7 +35,7 @@ import org.apache.dolphinscheduler.dao.mapper.UserMapper;

 import org.apache.commons.collections.CollectionUtils;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/QueueServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/QueueServiceTest.java
@ -36,7 +36,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ResourcesServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ResourcesServiceTest.java
@ -41,7 +41,7 @@ import org.apache.dolphinscheduler.dao.mapper.ResourceUserMapper;
 import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
 import org.apache.dolphinscheduler.dao.mapper.UdfFuncMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.enums.ResourceType;

 import org.apache.commons.collections.CollectionUtils;
@ -352,7 +352,7 @@ public class ResourcesServiceTest {
        PowerMockito.when(resourcePermissionCheckService.resourcePermissionCheck(AuthorizationType.RESOURCE_FILE_ID, null, 0, serviceLogger)).thenReturn(true);
        PowerMockito.when(resourcePermissionCheckService.userOwnedResourceIdsAcquisition(AuthorizationType.RESOURCE_FILE_ID, 1, resourceLogger)).thenReturn(getSetIds());

-        Mockito.when(resourcesMapper.queryResourcePaging(Mockito.any(Page.class), eq(-1), eq(0), eq(1), eq("test"), Mockito.any())).thenReturn(resourcePage);
+        Mockito.when(resourcesMapper.queryResourcePaging(Mockito.any(Page.class), eq(-1), eq(0), eq("test"), Mockito.any())).thenReturn(resourcePage);
        Result result = resourcesService.queryResourceListPaging(loginUser, -1, ResourceType.FILE, "test", 1, 10);
        logger.info(result.toString());
        Assert.assertEquals(Status.SUCCESS.getCode(), (int) result.getCode());
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TaskGroupServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TaskGroupServiceTest.java
@ -31,7 +31,7 @@ import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.TaskGroupMapper;
 import org.apache.dolphinscheduler.dao.mapper.TaskGroupQueueMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.service.process.ProcessService;

 import java.util.ArrayList;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TenantServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/TenantServiceTest.java
@ -38,7 +38,7 @@ import org.apache.dolphinscheduler.dao.mapper.ProcessDefinitionMapper;
 import org.apache.dolphinscheduler.dao.mapper.ProcessInstanceMapper;
 import org.apache.dolphinscheduler.dao.mapper.TenantMapper;
 import org.apache.dolphinscheduler.dao.mapper.UserMapper;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UdfFuncServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UdfFuncServiceTest.java
@ -43,7 +43,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Set;

-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java
@ -33,7 +33,7 @@ import org.apache.dolphinscheduler.common.storage.StorageOperate;
 import org.apache.dolphinscheduler.common.utils.EncryptionUtils;
 import org.apache.dolphinscheduler.dao.entity.*;
 import org.apache.dolphinscheduler.dao.mapper.*;
-import org.apache.dolphinscheduler.service.permission.ResourcePermissionCheckService;
+import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService;
 import org.apache.dolphinscheduler.spi.enums.ResourceType;
 import org.junit.After;
 import org.junit.Assert;
--- a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.java
+++ b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.java
@ -108,5 +108,5 @@ public interface DataSourceMapper extends BaseMapper<DataSource> {
     * @param searchVal
     * @return
     */
-    IPage<DataSource> selectPagingByIds(Page<DataSource> dataSourcePage, @Param("ids")List<Integer> ids, @Param("searchVal")String searchVal);
+    IPage<DataSource> selectPagingByIds(Page<DataSource> dataSourcePage, @Param("dataSourceIds")List<Integer> dataSourceIds, @Param("name")String name);
 }
--- a/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.java
+++ b/dolphinscheduler-dao/src/main/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.java
@ -64,7 +64,6 @@ public interface ResourceMapper extends BaseMapper<Resource> {
    IPage<Resource> queryResourcePaging(IPage<Resource> page,
                                        @Param("id") int id,
                                        @Param("type") int type,
-                                        @Param("userId") int userId,
                                        @Param("searchVal") String searchVal,
                                        @Param("resIds") List<Integer> resIds);

--- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml
+++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml
@ -113,4 +113,24 @@
        and rel.user_id = #{userId}
    </select>

+    <select id="selectPagingByIds" resultType="org.apache.dolphinscheduler.dao.entity.DataSource">
+        select
+        d.id, d.name, d.note, d.type, d.user_id, connection_params, d.create_time, d.update_time
+        ,
+        u.user_name as user_name
+        from t_ds_datasource d
+        join t_ds_user u on d.user_id = u.id
+        where 1 =1
+        <if test="name != null and name != ''">
+            and d.name like concat ('%', #{name}, '%')
+        </if>
+        <if test="dataSourceIds != null and dataSourceIds.size() > 0">
+            and d.id in
+            <foreach collection="dataSourceIds" item="i" open="(" close=")" separator=",">
+                #{i}
+            </foreach>
+        </if>
+        order by update_time desc
+    </select>
+
 </mapper>
--- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.xml
+++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ResourceMapper.xml
@ -59,8 +59,9 @@
            <property name="alias" value="d"/>
        </include>
        ,u.user_name
-        from t_ds_resources d,t_ds_user u
-        where 1=1 and d.type=#{type} and d.pid=#{id} and u.id = #{userId}
+        from t_ds_resources d
+        left join t_ds_user u on u.id = d.user_id
+        where 1=1 and d.type=#{type} and d.pid=#{id}
        <if test="resIds != null and resIds.size() > 0">
            and d.id in
            <foreach collection="resIds" item="i" open="(" close=")" separator=",">
--- a/dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapperTest.java
+++ b/dolphinscheduler-dao/src/test/java/org/apache/dolphinscheduler/dao/mapper/ResourceMapperTest.java
@ -221,11 +221,23 @@ public class ResourceMapperTest extends BaseDaoTest {
     */
    @Test
    public void testQueryResourcePaging() {
-        Resource resource = insertOne();
-        ResourcesUser resourcesUser = new ResourcesUser();
-        resourcesUser.setResourcesId(resource.getId());
-        resourcesUser.setUserId(1110);
-        resourceUserMapper.insert(resourcesUser);
+        User user = new User();
+        user.setUserName("11");
+        user.setUserPassword("1");
+        user.setEmail("xx@123.com");
+        user.setUserType(UserType.GENERAL_USER);
+        user.setCreateTime(new Date());
+        user.setTenantId(1);
+        user.setUpdateTime(new Date());
+        userMapper.insert(user);
+        Resource resource = new Resource();
+        resource.setAlias("ut-resource");
+        resource.setFullName("/ut-resource");
+        resource.setPid(-1);
+        resource.setDirectory(false);
+        resource.setType(ResourceType.FILE);
+        resource.setUserId(user.getId());
+        resourceMapper.insert(resource);

        Page<Resource> page = new Page(1, 3);

@ -233,7 +245,6 @@ public class ResourceMapperTest extends BaseDaoTest {
                page,
                -1,
                resource.getType().ordinal(),
-                1110,
                "",
                new ArrayList<>(resource.getId())
        );
@ -241,12 +252,11 @@ public class ResourceMapperTest extends BaseDaoTest {
                page,
                -1,
                resource.getType().ordinal(),
-                1110,
                "",
                null
        );
-        Assert.assertEquals(resourceIPage.getTotal(), 0);
-        Assert.assertEquals(resourceIPage1.getTotal(), 0);
+        Assert.assertEquals(resourceIPage.getTotal(), 1);
+        Assert.assertEquals(resourceIPage1.getTotal(), 1);

    }