topdog/supersonic
1
0
Fork 0
mirror of https://github.com/tencentmusic/supersonic.git synced 2025-12-10 19:51:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

(fix)(headless)Fix database permission check.

Browse Source 
(fix)(headless)Fix database permission check.
This commit is contained in:
jerryjzhang
2025-03-05 14:29:40 +08:00
parent 5b994c4f8f
commit 732222ab98
1 changed files with 41 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java
View File

@@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.google.common.collect.Lists; import com.google.common.collect.Lists;
import com.tencent.supersonic.common.pojo.QueryColumn; import com.tencent.supersonic.common.pojo.QueryColumn;
import com.tencent.supersonic.common.pojo.User; import com.tencent.supersonic.common.pojo.User;
import com.tencent.supersonic.common.pojo.enums.AuthType;
import com.tencent.supersonic.common.pojo.enums.EngineType; import com.tencent.supersonic.common.pojo.enums.EngineType;
import com.tencent.supersonic.headless.api.pojo.DBColumn; import com.tencent.supersonic.headless.api.pojo.DBColumn;
import com.tencent.supersonic.headless.api.pojo.enums.DataType; import com.tencent.supersonic.headless.api.pojo.enums.DataType;
@@ -79,8 +80,9 @@ public class DatabaseServiceImpl extends ServiceImpl<DatabaseDOMapper, DatabaseD
@Override @Override
public List<DatabaseResp> getDatabaseList(User user) { public List<DatabaseResp> getDatabaseList(User user) {
List<DatabaseResp> databaseResps = List<DatabaseResp> databaseResps = list().stream().map(DatabaseConverter::convert)
list().stream().map(DatabaseConverter::convert).collect(Collectors.toList()); .filter(database -> filterByAuth(database, user, AuthType.VIEWER))
.collect(Collectors.toList());
fillPermission(databaseResps, user); fillPermission(databaseResps, user);
return databaseResps; return databaseResps;
} }
@@ -100,6 +102,43 @@ public class DatabaseServiceImpl extends ServiceImpl<DatabaseDOMapper, DatabaseD
}); });
} }
private boolean filterByAuth(DatabaseResp database, User user, AuthType authType) {
if (user.isSuperAdmin() || user.getName().equals(database.getCreatedBy())) {
return true;
}
authType = authType == null ? AuthType.VIEWER : authType;
switch (authType) {
case ADMIN:
return checkAdminPermission(user, database);
case VIEWER:
default:
return checkViewPermission(user, database);
}
}
private boolean checkAdminPermission(User user, DatabaseResp database) {
List<String> admins = database.getAdmins();
if (user.isSuperAdmin()) {
return true;
}
if (admins.contains(user.getName()) || database.getCreatedBy().equals(user.getName())) {
return true;
}
return false;
}
private boolean checkViewPermission(User user, DatabaseResp database) {
if (checkAdminPermission(user, database)) {
return true;
}
List<String> viewers = database.getViewers();
if (viewers.contains(user.getName())) {
return true;
}
return false;
}
@Override @Override
public void deleteDatabase(Long databaseId) { public void deleteDatabase(Long databaseId) {
ModelFilter modelFilter = new ModelFilter(); ModelFilter modelFilter = new ModelFilter();