yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-08-19 22:49:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Missing Permission on Adding Users to team (#20768)

Browse Source
This commit is contained in:
Mohit Yadav 2025-04-11 09:37:20 +05:30 committed by GitHub
parent 2ecf934812
commit d86257c2a0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openmetadata-service/src/main/java/org/openmetadata/service/jdbi3/TeamRepository.java
View File

@ -182,8 +182,8 @@ public class TeamRepository extends EntityRepository<Team> {
validatePolicies(team.getPolicies());
}
public BulkOperationResult bulkAddAssets(String domainName, BulkAssets request) {
Team team = getByName(null, domainName, getFields("id"));
public BulkOperationResult bulkAddAssets(String teamName, BulkAssets request) {
Team team = getByName(null, teamName, getFields("id"));
// Validate all to be users
validateAllRefUsers(request.getAssets());

8
openmetadata-service/src/main/java/org/openmetadata/service/resources/domains/DataProductResource.java
View File

@ -52,6 +52,7 @@ import org.openmetadata.schema.type.ChangeEvent;
import org.openmetadata.schema.type.EntityHistory;
import org.openmetadata.schema.type.EntityReference;
import org.openmetadata.schema.type.Include;
import org.openmetadata.schema.type.MetadataOperation;
import org.openmetadata.schema.type.api.BulkAssets;
import org.openmetadata.schema.type.api.BulkOperationResult;
import org.openmetadata.service.Entity;
@ -61,6 +62,7 @@ import org.openmetadata.service.limits.Limits;
import org.openmetadata.service.resources.Collection;
import org.openmetadata.service.resources.EntityResource;
import org.openmetadata.service.security.Authorizer;
import org.openmetadata.service.security.policyevaluator.OperationContext;
import org.openmetadata.service.util.ResultList;
@Slf4j
@ -335,6 +337,9 @@ public class DataProductResource extends EntityResource<DataProduct, DataProduct
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkAddAssets(name, request)).build();
}
@ -361,6 +366,9 @@ public class DataProductResource extends EntityResource<DataProduct, DataProduct
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkRemoveAssets(name, request)).build();
}

8
openmetadata-service/src/main/java/org/openmetadata/service/resources/domains/DomainResource.java
View File

@ -49,6 +49,7 @@ import org.openmetadata.schema.entity.data.EntityHierarchy;
import org.openmetadata.schema.entity.domains.Domain;
import org.openmetadata.schema.type.ChangeEvent;
import org.openmetadata.schema.type.EntityHistory;
import org.openmetadata.schema.type.MetadataOperation;
import org.openmetadata.schema.type.api.BulkAssets;
import org.openmetadata.schema.type.api.BulkOperationResult;
import org.openmetadata.service.Entity;
@ -58,6 +59,7 @@ import org.openmetadata.service.limits.Limits;
import org.openmetadata.service.resources.Collection;
import org.openmetadata.service.resources.EntityResource;
import org.openmetadata.service.security.Authorizer;
import org.openmetadata.service.security.policyevaluator.OperationContext;
import org.openmetadata.service.util.EntityHierarchyList;
import org.openmetadata.service.util.ResultList;
@ -313,6 +315,9 @@ public class DomainResource extends EntityResource<Domain, DomainRepository> {
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkAddAssets(name, request)).build();
}
@ -339,6 +344,9 @@ public class DomainResource extends EntityResource<Domain, DomainRepository> {
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkRemoveAssets(name, request)).build();
}

13
openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/TeamResource.java
View File

@ -69,6 +69,7 @@ import org.openmetadata.service.limits.Limits;
import org.openmetadata.service.resources.Collection;
import org.openmetadata.service.resources.EntityResource;
import org.openmetadata.service.security.Authorizer;
import org.openmetadata.service.security.policyevaluator.OperationContext;
import org.openmetadata.service.util.CSVExportResponse;
import org.openmetadata.service.util.JsonUtils;
import org.openmetadata.service.util.ResultList;
@ -423,6 +424,9 @@ public class TeamResource extends EntityResource<Team, TeamRepository> {
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkAddAssets(name, request)).build();
}
@ -449,6 +453,9 @@ public class TeamResource extends EntityResource<Team, TeamRepository> {
@PathParam("name")
String name,
@Valid BulkAssets request) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextByName(name));
return Response.ok().entity(repository.bulkRemoveAssets(name, request)).build();
}
@ -709,6 +716,9 @@ public class TeamResource extends EntityResource<Team, TeamRepository> {
@Context SecurityContext securityContext,
@PathParam("teamId") UUID teamId,
List<EntityReference> users) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextById(teamId));
return repository
.updateTeamUsers(securityContext.getUserPrincipal().getName(), teamId, users)
.toResponse();
@ -739,6 +749,9 @@ public class TeamResource extends EntityResource<Team, TeamRepository> {
@Parameter(description = "Id of the user being removed", schema = @Schema(type = "string"))
@PathParam("userId")
String userId) {
OperationContext operationContext =
new OperationContext(entityType, MetadataOperation.EDIT_ALL);
authorizer.authorize(securityContext, operationContext, getResourceContextById(teamId));
return repository
.deleteTeamUser(
securityContext.getUserPrincipal().getName(), teamId, UUID.fromString(userId))