[Improvement][API] the QueryAuthorizedProject interface adds permission judgment (#5170) (#5184)

039d517c · wenjun · GitHub · 73e917d3 · 039d517c · 039d517c
2 changed file
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java
@@ -301,7 +301,7 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
    @Override
    public Map<String, Object> queryUnauthorizedProject(User loginUser, Integer userId) {
        Map<String, Object> result = new HashMap<>();
-        if (isNotAdmin(loginUser, result)) {
+        if (loginUser.getId() != userId && isNotAdmin(loginUser, result)) {
            return result;
        }
        /**
@@ -353,7 +353,7 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
    public Map<String, Object> queryAuthorizedProject(User loginUser, Integer userId) {
        Map<String, Object> result = new HashMap<>();
-        if (isNotAdmin(loginUser, result)) {
+        if (loginUser.getId() != userId && isNotAdmin(loginUser, result)) {
            return result;
        }
@@ -374,10 +374,6 @@ public class ProjectServiceImpl extends BaseServiceImpl implements ProjectServic
    public Map<String, Object> queryProjectCreatedByUser(User loginUser) {
        Map<String, Object> result = new HashMap<>();
-        if (isNotAdmin(loginUser, result)) {
-            return result;
-        }
        List<Project> projects = projectMapper.queryProjectCreatedByUser(loginUser.getId());
        result.put(Constants.DATA_LIST, projects);
        putMsg(result, Status.SUCCESS);

--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java
@@ -276,6 +276,10 @@ public class ProjectServiceTest {
        List<Project> projects = (List<Project>) result.get(Constants.DATA_LIST);
        Assert.assertTrue(CollectionUtils.isNotEmpty(projects));
+        loginUser.setUserType(UserType.GENERAL_USER);
+        result = projectService.queryAuthorizedProject(loginUser, loginUser.getId());
+        projects = (List<Project>) result.get(Constants.DATA_LIST);
+        Assert.assertTrue(CollectionUtils.isNotEmpty(projects));
    }
    @Test
@@ -284,14 +288,10 @@ public class ProjectServiceTest {
        User loginUser = getLoginUser();
        Mockito.when(projectMapper.queryProjectCreatedByUser(1)).thenReturn(getList());
-        //USER_NO_OPERATION_PERM
-        Map<String, Object> result = projectService.queryProjectCreatedByUser(loginUser);
-        logger.info(result.toString());
-        Assert.assertEquals(Status.USER_NO_OPERATION_PERM, result.get(Constants.STATUS));
        //success
        loginUser.setUserType(UserType.ADMIN_USER);
-        result = projectService.queryProjectCreatedByUser(loginUser);
+        Map<String, Object> result = projectService.queryProjectCreatedByUser(loginUser);
        logger.info(result.toString());
        List<Project> projects = (List<Project>) result.get(Constants.DATA_LIST);
        Assert.assertTrue(CollectionUtils.isNotEmpty(projects));