From 6142f24bcae8ad9bc6e02089f2ef39b555ab0c39 Mon Sep 17 00:00:00 2001
From: Sriharsha Chintalapani <harshach@users.noreply.github.com>
Date: Tue, 7 Jan 2025 07:39:46 -0800
Subject: [PATCH] Issue-19066: ViewAll() not working with matchAnyTag() and
 isOwner() conditions (#19209)

* Issue-19066: ViewAll() not working with matchAnyTag() and isOwner() conditions

* Issue-19066: ViewAll() not working with matchAnyTag() and isOwner() conditions

* Fix tests

* Minor: Fix checkstyle

---------

Co-authored-by: Aniket Katkar <aniketkatkar97@gmail.com>
---
 .../java/org/openmetadata/service/Entity.java | 27 +++++++++++++++++++
 .../service/jdbi3/ListFilter.java             | 20 ++++++++++++++
 .../service/resources/EntityResource.java     |  4 +--
 .../policyevaluator/CompiledRule.java         |  7 ++---
 4 files changed, 53 insertions(+), 5 deletions(-)

diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/Entity.java b/openmetadata-service/src/main/java/org/openmetadata/service/Entity.java
index 9ee39619310..1d8a4a8322a 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/Entity.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/Entity.java
@@ -248,6 +248,8 @@ public final class Entity {
   public static final String DOCUMENT = "document";
   // ServiceType - Service Entity name map
   static final Map<ServiceType, String> SERVICE_TYPE_ENTITY_MAP = new EnumMap<>(ServiceType.class);
+  // entity type to service entity name map
+  static final Map<String, String> ENTITY_SERVICE_TYPE_MAP = new HashMap<>();
   public static final List<String> PARENT_ENTITY_TYPES = new ArrayList<>();
 
   static {
@@ -260,6 +262,24 @@ public final class Entity {
     SERVICE_TYPE_ENTITY_MAP.put(ServiceType.STORAGE, STORAGE_SERVICE);
     SERVICE_TYPE_ENTITY_MAP.put(ServiceType.SEARCH, SEARCH_SERVICE);
     SERVICE_TYPE_ENTITY_MAP.put(ServiceType.API, API_SERVICE);
+
+    ENTITY_SERVICE_TYPE_MAP.put(DATABASE, DATABASE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(DATABASE_SCHEMA, DATABASE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(TABLE, DATABASE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(STORED_PROCEDURE, DATABASE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(QUERY, DATABASE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(DASHBOARD, DASHBOARD_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(DASHBOARD_DATA_MODEL, DASHBOARD_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(CHART, DASHBOARD_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(PIPELINE, PIPELINE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(MLMODEL, MLMODEL_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(TOPIC, MESSAGING_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(API, API_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(API_COLLCECTION, API_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(API_ENDPOINT, API_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(CONTAINER, STORAGE_SERVICE);
+    ENTITY_SERVICE_TYPE_MAP.put(SEARCH_INDEX, SEARCH_SERVICE);
+
     PARENT_ENTITY_TYPES.addAll(
         listOf(
             DATABASE_SERVICE,
@@ -636,4 +656,11 @@ public final class Entity {
   public static <T> T getSearchRepo() {
     return (T) searchRepository;
   }
+
+  public static String getServiceType(String entityType) {
+    if (ENTITY_SERVICE_TYPE_MAP.containsKey(entityType)) {
+      return ENTITY_SERVICE_TYPE_MAP.get(entityType);
+    }
+    return entityType;
+  }
 }
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/ListFilter.java b/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/ListFilter.java
index 1722181a18a..1c4326ee149 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/ListFilter.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/ListFilter.java
@@ -11,6 +11,7 @@ import org.openmetadata.schema.type.Relationship;
 import org.openmetadata.schema.utils.EntityInterfaceUtil;
 import org.openmetadata.service.Entity;
 import org.openmetadata.service.resources.databases.DatasourceConfig;
+import org.openmetadata.service.security.policyevaluator.ResourceContext;
 import org.openmetadata.service.util.FullyQualifiedName;
 
 public class ListFilter extends Filter<ListFilter> {
@@ -52,6 +53,25 @@ public class ListFilter extends Filter<ListFilter> {
     return condition.isEmpty() ? "WHERE TRUE" : "WHERE " + condition;
   }
 
+  public ResourceContext getResourceContext(String entityType) {
+    if (queryParams.containsKey("service") && queryParams.get("service") != null) {
+      return new ResourceContext<>(
+          Entity.getServiceType(entityType), null, queryParams.get("service"));
+    } else if (queryParams.containsKey(Entity.DATABASE)
+        && queryParams.get(Entity.DATABASE) != null) {
+      return new ResourceContext<>(Entity.DATABASE, null, queryParams.get(Entity.DATABASE));
+    } else if (queryParams.containsKey(Entity.DATABASE_SCHEMA)
+        && queryParams.get(Entity.DATABASE_SCHEMA) != null) {
+      return new ResourceContext<>(
+          Entity.DATABASE_SCHEMA, null, queryParams.get(Entity.DATABASE_SCHEMA));
+    } else if (queryParams.containsKey(Entity.API_COLLCECTION)
+        && queryParams.get(Entity.API_COLLCECTION) != null) {
+      return new ResourceContext<>(
+          Entity.API_COLLCECTION, null, queryParams.get(Entity.API_COLLCECTION));
+    }
+    return new ResourceContext<>(entityType);
+  }
+
   private String getAssignee() {
     String assignee = queryParams.get("assignee");
     return assignee == null ? "" : String.format("assignee = '%s'", assignee);
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java b/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java
index 04deb0fd052..7eda62b9082 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/EntityResource.java
@@ -144,7 +144,7 @@ public abstract class EntityResource<T extends EntityInterface, K extends Entity
     Fields fields = getFields(fieldsParam);
     OperationContext listOperationContext =
         new OperationContext(entityType, getViewOperations(fields));
-
+    ResourceContext resourceContext = filter.getResourceContext(entityType);
     return listInternal(
         uriInfo,
         securityContext,
@@ -154,7 +154,7 @@ public abstract class EntityResource<T extends EntityInterface, K extends Entity
         before,
         after,
         listOperationContext,
-        getResourceContext());
+        resourceContext);
   }
 
   public ResultList<T> listInternal(
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java
index 659cb9fb23d..2a2c25c2c0a 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/policyevaluator/CompiledRule.java
@@ -197,16 +197,17 @@ public class CompiledRule extends Rule {
   }
 
   private boolean matchOperation(MetadataOperation operation) {
-    if (getOperations().contains(MetadataOperation.ALL)) {
+    List<MetadataOperation> operations = getOperations();
+    if (operations.contains(MetadataOperation.ALL)) {
       LOG.debug("matched all operations");
       return true; // Match all operations
     }
-    if (getOperations().contains(MetadataOperation.EDIT_ALL)
+    if (operations.contains(MetadataOperation.EDIT_ALL)
         && OperationContext.isEditOperation(operation)) {
       LOG.debug("matched editAll operations");
       return true;
     }
-    if (getOperations().contains(MetadataOperation.VIEW_ALL)
+    if (operations.contains(MetadataOperation.VIEW_ALL)
         && OperationContext.isViewOperation(operation)) {
       LOG.debug("matched viewAll operations");
       return true;