From d62edf6163b745997e30a794de2bd54bde51f490 Mon Sep 17 00:00:00 2001 From: niumy Date: Mon, 1 Dec 2025 13:48:28 +0800 Subject: [PATCH 01/11] [DSIP-93][API] Project add owner permissions --- .../api/controller/UsersController.java | 23 +++++++ .../api/service/UsersService.java | 10 +++ .../service/impl/DataSourceServiceImpl.java | 8 +++ .../api/service/impl/ProjectServiceImpl.java | 35 +++++----- .../api/service/impl/UsersServiceImpl.java | 65 ++++++++++++++++--- .../common/constants/Constants.java | 5 ++ .../dao/mapper/DataSourceMapper.xml | 9 +-- .../dao/mapper/ProjectMapper.xml | 4 +- .../dao/mapper/ProjectUserMapper.xml | 1 + .../src/locales/en_US/security.ts | 1 + .../src/locales/zh_CN/security.ts | 1 + .../src/service/modules/users/index.ts | 8 +++ .../components/authorize-modal.tsx | 14 +++- .../user-manage/components/use-authorize.ts | 13 ++++ 14 files changed, 156 insertions(+), 41 deletions(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/UsersController.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/UsersController.java index 546ec675c962..c7a2c75cc924 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/UsersController.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/UsersController.java @@ -252,6 +252,29 @@ public Result grantProjectWithReadPerm(@Parameter(hidden = true) @RequestAttribu return returnDataList(result); } + /** + * grant project with owner permission + * + * @param loginUser login user + * @param userId user id + * @param projectIds project id array + * @return grant result code + */ + @Operation(summary = "grantProjectWithOwnerPerm", description = "GRANT_PROJECT_WITH_OWNER_PERM_NOTES") + @Parameters({ + @Parameter(name = "userId", description = "USER_ID", required = true, schema = @Schema(implementation = int.class, example = "100")), + @Parameter(name = "projectIds", description = "PROJECT_IDS", required = true, schema = @Schema(implementation = String.class)) + }) + @PostMapping(value = "/grant-project-with-owner-perm") + @ResponseStatus(HttpStatus.OK) + @ApiException(GRANT_PROJECT_ERROR) + public Result grantProjectWithOwnerPerm(@Parameter(hidden = true) @RequestAttribute(value = Constants.SESSION_USER) User loginUser, + @RequestParam(value = "userId") int userId, + @RequestParam(value = "projectIds") String projectIds) { + Map result = usersService.grantProjectWithOwnerPerm(loginUser, userId, projectIds); + return returnDataList(result); + } + /** * grant project * diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UsersService.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UsersService.java index a3bc375f719b..d38ad29c366d 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UsersService.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/UsersService.java @@ -153,6 +153,16 @@ User updateUser(User loginUser, */ Map grantProject(User loginUser, int userId, String projectIds); + /** + * grant project with read permission + * + * @param loginUser login user + * @param userId user id + * @param projectIds project id array + * @return grant result code + */ + Map grantProjectWithOwnerPerm(User loginUser, int userId, String projectIds); + /** * grant project with read permission * diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java index 7f298a7d841d..8aeae0ef45b4 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/DataSourceServiceImpl.java @@ -30,6 +30,7 @@ import org.apache.dolphinscheduler.common.enums.UserType; import org.apache.dolphinscheduler.common.utils.JSONUtils; import org.apache.dolphinscheduler.dao.entity.DataSource; +import org.apache.dolphinscheduler.dao.entity.DatasourceUser; import org.apache.dolphinscheduler.dao.entity.User; import org.apache.dolphinscheduler.dao.mapper.DataSourceMapper; import org.apache.dolphinscheduler.dao.mapper.DataSourceUserMapper; @@ -123,6 +124,13 @@ public DataSource createDataSource(User loginUser, BaseDataSourceParamDTO dataso dataSource.setUpdateTime(now); try { dataSourceMapper.insert(dataSource); + DatasourceUser datasourceUser = new DatasourceUser(); + datasourceUser.setUserId(loginUser.getId()); + datasourceUser.setDatasourceId(dataSource.getId()); + datasourceUser.setPerm(Constants.AUTHORIZE_WRITABLE_PERM); + datasourceUser.setCreateTime(now); + datasourceUser.setUpdateTime(now); + datasourceUserMapper.insert(datasourceUser); return dataSource; } catch (DuplicateKeyException ex) { throw new ServiceException(Status.DATASOURCE_EXIST); diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java index 49d4d0633a31..c2c82387db51 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java @@ -129,9 +129,18 @@ public Result createProject(User loginUser, String name, String desc) { .createTime(now) .updateTime(now) .build(); - if (projectMapper.insert(project) > 0) { log.info("Project is created and id is :{}", project.getId()); + + // project creator default has owner permission + ProjectUser projectUser = new ProjectUser(); + projectUser.setUserId(loginUser.getId()); + projectUser.setProjectId(project.getId()); + projectUser.setPerm(Constants.OWNER_PERMISSION); + projectUser.setCreateTime(now); + projectUser.setUpdateTime(now); + projectUserMapper.insert(projectUser); + result.setData(project); putMsg(result, Status.SUCCESS); } else { @@ -268,13 +277,9 @@ public boolean hasProjectAndWritePerm(User loginUser, Project project, Result re if (loginUser.getUserType() == UserType.ADMIN_USER) { return true; } - // case 2: user is project owner - if (project.getUserId().equals(loginUser.getId())) { - return true; - } - // case 3: check user permission level + // case 2: check user permission level ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), loginUser.getId()); - if (projectUser == null || projectUser.getPerm() != Constants.DEFAULT_ADMIN_PERMISSION) { + if (projectUser == null || projectUser.getPerm() >= Constants.WRITE_PERMISSION) { putMsg(result, Status.USER_NO_WRITE_PROJECT_PERM, loginUser.getUserName(), project.getCode()); checkResult = false; } else { @@ -295,13 +300,9 @@ public boolean hasProjectAndWritePerm(User loginUser, Project project, Map= Constants.DEFAULT_ADMIN_PERMISSION) { putMsg(result, Status.USER_NO_WRITE_PROJECT_PERM, loginUser.getUserName(), project.getCode()); checkResult = false; } else { @@ -326,13 +327,9 @@ public void checkHasProjectWritePermissionThrowException(User loginUser, Project if (loginUser.getUserType() == UserType.ADMIN_USER) { return; } - // case 2: user is project owner - if (project.getUserId().equals(loginUser.getId())) { - return; - } - // case 3: check user permission level + // case 2: check user permission level ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), loginUser.getId()); - if (projectUser == null || projectUser.getPerm() != Constants.DEFAULT_ADMIN_PERMISSION) { + if (projectUser == null || projectUser.getPerm() < Constants.WRITE_PERMISSION) { throw new ServiceException(Status.USER_NO_WRITE_PROJECT_PERM, loginUser.getUserName(), project.getCode()); } } diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java index 5a3738cac188..beac36879d37 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/UsersServiceImpl.java @@ -64,7 +64,6 @@ import java.util.Map; import java.util.Objects; import java.util.Set; -import java.util.stream.Collectors; import lombok.extern.slf4j.Slf4j; @@ -474,15 +473,6 @@ public Map deleteUserById(User loginUser, int id) throws IOExcep putMsg(result, Status.USER_NOT_EXIST, id); return result; } - // check if is a project owner - List projects = projectMapper.queryProjectCreatedByUser(id); - if (CollectionUtils.isNotEmpty(projects)) { - String projectNames = projects.stream().map(Project::getName).collect(Collectors.joining(",")); - putMsg(result, Status.TRANSFORM_PROJECT_OWNERSHIP, projectNames); - log.warn("Please transfer the project ownership before deleting the user, userId:{}, projects:{}.", id, - projectNames); - return result; - } // delete user userMapper.queryTenantCodeByUserId(id); @@ -599,6 +589,61 @@ public Map grantProjectWithReadPerm(User loginUser, int userId, return result; } + /** + * grant project + * + * @param loginUser login user + * @param userId user id + * @param projectIds project id array + * @return grant result code + */ + @Override + @Transactional + public Map grantProjectWithOwnerPerm(User loginUser, int userId, String projectIds) { + Map result = new HashMap<>(); + result.put(Constants.STATUS, false); + + if (resourcePermissionCheckService.functionDisabled()) { + putMsg(result, Status.FUNCTION_DISABLED); + return result; + } + + // check exist + User tempUser = userMapper.selectById(userId); + if (tempUser == null) { + log.error("User does not exist, userId:{}.", userId); + putMsg(result, Status.USER_NOT_EXIST, userId); + return result; + } + + if (!isAdmin(loginUser)) { + putMsg(result, Status.NO_CURRENT_OPERATING_PERMISSION); + return result; + } + + if (check(result, StringUtils.isEmpty(projectIds), Status.SUCCESS)) { + log.warn("Parameter projectIds is empty."); + return result; + } + Arrays.stream(projectIds.split(",")).distinct().forEach(projectId -> { + ProjectUser projectUserOld = projectUserMapper.queryProjectRelation(Integer.parseInt(projectId), userId); + if (projectUserOld != null) { + projectUserMapper.deleteProjectRelation(Integer.parseInt(projectId), userId); + } + Date now = new Date(); + ProjectUser projectUser = new ProjectUser(); + projectUser.setUserId(userId); + projectUser.setProjectId(Integer.parseInt(projectId)); + projectUser.setPerm(Constants.OWNER_PERMISSION); + projectUser.setCreateTime(now); + projectUser.setUpdateTime(now); + projectUserMapper.insert(projectUser); + }); + putMsg(result, Status.SUCCESS); + + return result; + } + /** * grant project * diff --git a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/constants/Constants.java b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/constants/Constants.java index 03742f875f77..2bdd97e33cff 100644 --- a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/constants/Constants.java +++ b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/constants/Constants.java @@ -185,6 +185,11 @@ public final class Constants { */ public static final int EXECUTE_PERMISSION = 1; + /** + * owner permission + */ + public static final int OWNER_PERMISSION = 99; + /** * default admin permission */ diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml index f5ce9bd2d622..3ff70046d014 100644 --- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml +++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/DataSourceMapper.xml @@ -31,9 +31,6 @@ (select datasource_id from t_ds_relation_datasource_user where user_id=#{userId} - union select id as datasource_id - from t_ds_datasource - where user_id=#{userId} ) @@ -51,9 +48,6 @@ (select datasource_id from t_ds_relation_datasource_user where user_id=#{userId} - union select id as datasource_id - from t_ds_datasource - where user_id=#{userId} ) @@ -90,8 +84,7 @@ from t_ds_datasource where 1=1 - and id in (select datasource_id from t_ds_relation_datasource_user where user_id=#{userId} - union select id as datasource_id from t_ds_datasource where user_id=#{userId}) + and id in (select datasource_id from t_ds_relation_datasource_user where user_id=#{userId}) and id in diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml index 939ba2ff80fe..60726d00609a 100644 --- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml +++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml @@ -137,8 +137,7 @@ select from t_ds_project where id in - (select project_id from t_ds_relation_project_user where user_id=#{userId} - union select id as project_id from t_ds_project where user_id=#{userId}) + (select project_id from t_ds_relation_project_user where user_id=#{userId}) diff --git a/dolphinscheduler-ui/src/locales/en_US/security.ts b/dolphinscheduler-ui/src/locales/en_US/security.ts index 15e1c1fc2c42..36965e0c77ad 100644 --- a/dolphinscheduler-ui/src/locales/en_US/security.ts +++ b/dolphinscheduler-ui/src/locales/en_US/security.ts @@ -156,6 +156,7 @@ export default { revoke_auth: 'Revoke', grant_read: 'Grant Read', grant_all: 'Grant All', + grant_owner: 'Grant Owner', authorize_project: 'Project Authorize', authorize_namespace: 'Namespace Authorize', authorize_datasource: 'Datasource Authorize', diff --git a/dolphinscheduler-ui/src/locales/zh_CN/security.ts b/dolphinscheduler-ui/src/locales/zh_CN/security.ts index fc0a00f5e1a1..7e0db4803137 100644 --- a/dolphinscheduler-ui/src/locales/zh_CN/security.ts +++ b/dolphinscheduler-ui/src/locales/zh_CN/security.ts @@ -154,6 +154,7 @@ export default { revoke_auth: '撤销权限', grant_read: '授予读权限', grant_all: '授予所有权限', + grant_owner: '授予拥有者权限', authorize_project: '项目授权', authorize_namespace: '命名空间授权', authorize_datasource: '数据源授权', diff --git a/dolphinscheduler-ui/src/service/modules/users/index.ts b/dolphinscheduler-ui/src/service/modules/users/index.ts index bdb5c158a83e..975f95d07b7d 100644 --- a/dolphinscheduler-ui/src/service/modules/users/index.ts +++ b/dolphinscheduler-ui/src/service/modules/users/index.ts @@ -120,6 +120,14 @@ export function grantProjectWithReadPerm(data: GrantProject) { }) } +export function grantProjectWithOwnerPerm(data: GrantProject) { + return axios({ + url: 'users/grant-project-with-Owner-perm', + method: 'post', + data + }) +} + export function grantProjectByCode(data: ProjectCodeReq & UserIdReq): any { return axios({ url: '/users/grant-project-by-code', diff --git a/dolphinscheduler-ui/src/views/security/user-manage/components/authorize-modal.tsx b/dolphinscheduler-ui/src/views/security/user-manage/components/authorize-modal.tsx index ee4b3b263595..fbdd7e4e5110 100644 --- a/dolphinscheduler-ui/src/views/security/user-manage/components/authorize-modal.tsx +++ b/dolphinscheduler-ui/src/views/security/user-manage/components/authorize-modal.tsx @@ -61,6 +61,7 @@ export const AuthorizeModal = defineComponent({ revokeProjectByIdRequest, grantProjectRequest, grantProjectWithReadPermRequest, + grantProjectWithOwnerPermRequest, requestData, handleChangePageSize } = useAuthorize() @@ -81,6 +82,9 @@ export const AuthorizeModal = defineComponent({ const onGrantAllPerm = () => { grantProjectRequest(props.userId, state.projectIds) } + const onGrantOwnerPerm = () => { + grantProjectWithOwnerPermRequest(props.userId, state.projectIds) + } const { columnsRef } = useColumns() const handleCheck = (rowKeys: Array) => { @@ -108,7 +112,8 @@ export const AuthorizeModal = defineComponent({ handleChangePageSize, onRevokeProject, onGrantReadPerm, - onGrantAllPerm + onGrantAllPerm, + onGrantOwnerPerm } }, render(props: { type: TAuthType; userId: number }) { @@ -148,6 +153,13 @@ export const AuthorizeModal = defineComponent({ > {t('security.user.grant_all')} + + {t('security.user.grant_owner')} + { + await grantProjectWithOwnerPerm({ + userId, + projectIds: projectIds + }) + await getProjects(userId) + } + const getDatasources = async (userId: number) => { if (state.loading) return state.loading = true @@ -198,6 +210,7 @@ export function useAuthorize() { revokeProjectByIdRequest, grantProjectRequest, grantProjectWithReadPermRequest, + grantProjectWithOwnerPermRequest, requestData, handleChangePageSize } From d3659b270ba56002c6e401fbfee1af98fb5f844d Mon Sep 17 00:00:00 2001 From: niumy Date: Tue, 2 Dec 2025 19:12:23 +0800 Subject: [PATCH 02/11] [DSIP-93][API] Project add owner permissions --- .../api/service/impl/ProjectServiceImpl.java | 5 +---- dolphinscheduler-ui/src/locales/en_US/project.ts | 1 + dolphinscheduler-ui/src/locales/zh_CN/project.ts | 1 + dolphinscheduler-ui/src/service/modules/users/index.ts | 2 +- .../src/views/security/user-manage/components/use-columns.ts | 4 ++++ 5 files changed, 8 insertions(+), 5 deletions(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java index c2c82387db51..c64ce10a0c93 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java @@ -439,10 +439,7 @@ public Result queryProjectWithAuthorizedLevelListPaging(Integer userId, User log for (Project project : projectList) { if (userProjectIds.contains(project.getId())) { ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), userId); - if (projectUser == null) { - // in this case, the user is the project owner, maybe it's better to set it to ALL_PERMISSION. - project.setPerm(Constants.DEFAULT_ADMIN_PERMISSION); - } else { + if (projectUser != null) { project.setPerm(projectUser.getPerm()); } } else { diff --git a/dolphinscheduler-ui/src/locales/en_US/project.ts b/dolphinscheduler-ui/src/locales/en_US/project.ts index 445ab78a6a76..672aab4678d0 100644 --- a/dolphinscheduler-ui/src/locales/en_US/project.ts +++ b/dolphinscheduler-ui/src/locales/en_US/project.ts @@ -40,6 +40,7 @@ export default { no_permission: 'No Permission', read_permission: 'Read Permission', all_permission: 'All Permission', + owner_permission: 'Owner Permission', assign_worker_group: 'Worker Group', total_items: 'Total Item is' }, diff --git a/dolphinscheduler-ui/src/locales/zh_CN/project.ts b/dolphinscheduler-ui/src/locales/zh_CN/project.ts index 569925cba1ff..b9fb8a963bc5 100644 --- a/dolphinscheduler-ui/src/locales/zh_CN/project.ts +++ b/dolphinscheduler-ui/src/locales/zh_CN/project.ts @@ -40,6 +40,7 @@ export default { no_permission: '无权限', read_permission: '读权限', all_permission: '所有权限', + owner_permission: '拥有者权限', assign_worker_group: '分配WorkerGroup', total_items: '总条目为' }, diff --git a/dolphinscheduler-ui/src/service/modules/users/index.ts b/dolphinscheduler-ui/src/service/modules/users/index.ts index 975f95d07b7d..75c3556a4489 100644 --- a/dolphinscheduler-ui/src/service/modules/users/index.ts +++ b/dolphinscheduler-ui/src/service/modules/users/index.ts @@ -122,7 +122,7 @@ export function grantProjectWithReadPerm(data: GrantProject) { export function grantProjectWithOwnerPerm(data: GrantProject) { return axios({ - url: 'users/grant-project-with-Owner-perm', + url: 'users/grant-project-with-owner-perm', method: 'post', data }) diff --git a/dolphinscheduler-ui/src/views/security/user-manage/components/use-columns.ts b/dolphinscheduler-ui/src/views/security/user-manage/components/use-columns.ts index fee6e0b4a67c..20f2f0b98ec5 100644 --- a/dolphinscheduler-ui/src/views/security/user-manage/components/use-columns.ts +++ b/dolphinscheduler-ui/src/views/security/user-manage/components/use-columns.ts @@ -37,6 +37,10 @@ const PERM_LIST = [ { label: 'project.list.all_permission', value: 7 + }, + { + label: 'project.list.owner_permission', + value: 99 } ] From 6609dde72e46f77305543d73022d467ed7934254 Mon Sep 17 00:00:00 2001 From: niumy Date: Tue, 2 Dec 2025 19:40:34 +0800 Subject: [PATCH 03/11] [DSIP-93][API] Project add owner permissions --- .../org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml index 60726d00609a..a8e7e665a5bf 100644 --- a/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml +++ b/dolphinscheduler-dao/src/main/resources/org/apache/dolphinscheduler/dao/mapper/ProjectMapper.xml @@ -169,7 +169,7 @@ from t_ds_project dp where 1=1 - and dp.id in (select project_id from t_ds_relation_project_user where user_id=#{userId} + and dp.id in (select project_id from t_ds_relation_project_user where user_id=#{userId}) and dp.id in From 89d98ebd604a8a6da3b41d73fcb6b5dbbbf79935 Mon Sep 17 00:00:00 2001 From: niumy Date: Tue, 2 Dec 2025 20:03:37 +0800 Subject: [PATCH 04/11] [DSIP-93][API] Project add owner permissions --- .../api/service/impl/ProjectServiceImpl.java | 9 ++------- .../api/service/impl/TaskGroupServiceImpl.java | 6 +----- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java index c64ce10a0c93..5ee61a0c3790 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java @@ -51,7 +51,6 @@ import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Objects; import java.util.Set; import java.util.stream.Collectors; @@ -279,7 +278,7 @@ public boolean hasProjectAndWritePerm(User loginUser, Project project, Result re } // case 2: check user permission level ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), loginUser.getId()); - if (projectUser == null || projectUser.getPerm() >= Constants.WRITE_PERMISSION) { + if (projectUser == null || projectUser.getPerm() < Constants.WRITE_PERMISSION) { putMsg(result, Status.USER_NO_WRITE_PROJECT_PERM, loginUser.getUserName(), project.getCode()); checkResult = false; } else { @@ -302,7 +301,7 @@ public boolean hasProjectAndWritePerm(User loginUser, Project project, Map= Constants.DEFAULT_ADMIN_PERMISSION) { + if (projectUser == null || projectUser.getPerm() < Constants.WRITE_PERMISSION) { putMsg(result, Status.USER_NO_WRITE_PROJECT_PERM, loginUser.getUserName(), project.getCode()); checkResult = false; } else { @@ -773,10 +772,6 @@ private int queryPermission(User user, Project project) { return Constants.READ_PERMISSION; } - if (Objects.equals(project.getUserId(), user.getId())) { - return Constants.ALL_PERMISSIONS; - } - ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), user.getId()); if (projectUser == null) { diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java index 379c629ea6a0..e7132b82367e 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/TaskGroupServiceImpl.java @@ -431,10 +431,6 @@ private boolean hasProjectPerm(User loginUser, long projectCode, Map Date: Wed, 3 Dec 2025 10:28:27 +0800 Subject: [PATCH 05/11] [DSIP-93][API] Project add owner permissions --- .../projects/list/components/project-modal.tsx | 16 ++++++++-------- .../src/views/projects/list/use-table.ts | 10 +++++----- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/dolphinscheduler-ui/src/views/projects/list/components/project-modal.tsx b/dolphinscheduler-ui/src/views/projects/list/components/project-modal.tsx index 71312f7db271..f68a87f6526d 100644 --- a/dolphinscheduler-ui/src/views/projects/list/components/project-modal.tsx +++ b/dolphinscheduler-ui/src/views/projects/list/components/project-modal.tsx @@ -124,14 +124,14 @@ const ProjectModal = defineComponent({ class='input-project-name' /> - - - + {/**/} + {/* */} + {/**/} Date: Wed, 3 Dec 2025 11:12:45 +0800 Subject: [PATCH 06/11] [DSIP-93][API] Project add owner permissions --- .../api/service/impl/ProjectServiceImpl.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java index 5ee61a0c3790..e06ff34920cf 100644 --- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java +++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProjectServiceImpl.java @@ -377,7 +377,10 @@ public Result queryProjectListPaging(User loginUser, Integer pageSize, Integer p List projectList = projectIPage.getRecords(); if (loginUser.getUserType() != UserType.ADMIN_USER) { for (Project project : projectList) { - project.setPerm(Constants.DEFAULT_ADMIN_PERMISSION); + ProjectUser projectUser = projectUserMapper.queryProjectRelation(project.getId(), loginUser.getId()); + if (projectUser != null) { + project.setPerm(projectUser.getPerm()); + } } } if (CollectionUtils.isEmpty(projectList)) { From 5148f9b0ee6151a8cf2e5cb9106e7b0ceb6cc8f6 Mon Sep 17 00:00:00 2001 From: niumy Date: Wed, 3 Dec 2025 15:34:11 +0800 Subject: [PATCH 07/11] [DSIP-93][API] Project add owner permissions --- .../api/controller/UsersControllerTest.java | 72 +++++++++++++++++++ .../api/service/UsersServiceTest.java | 33 ++++++++- 2 files changed, 103 insertions(+), 2 deletions(-) diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/UsersControllerTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/UsersControllerTest.java index 303d4735bc82..62bb3efdf85f 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/UsersControllerTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/UsersControllerTest.java @@ -127,6 +127,42 @@ public void testGrantProjectByCode() throws Exception { logger.info(mvcResult.getResponse().getContentAsString()); } + @Test + public void testGrantProjectWithReadPerm() throws Exception { + MultiValueMap paramsMap = new LinkedMultiValueMap<>(); + paramsMap.add("userId", "32"); + paramsMap.add("projectIds", "3"); + + MvcResult mvcResult = mockMvc.perform(post("/users/grant-project-with-read-perm") + .header(SESSION_ID, sessionId) + .params(paramsMap)) + .andExpect(status().isOk()) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andReturn(); + + Result result = JSONUtils.parseObject(mvcResult.getResponse().getContentAsString(), Result.class); + Assertions.assertEquals(Status.USER_NOT_EXIST.getCode(), result.getCode().intValue()); + logger.info(mvcResult.getResponse().getContentAsString()); + } + + @Test + public void testGrantProjectWithOwnerPerm() throws Exception { + MultiValueMap paramsMap = new LinkedMultiValueMap<>(); + paramsMap.add("userId", "32"); + paramsMap.add("projectIds", "3"); + + MvcResult mvcResult = mockMvc.perform(post("/users/grant-project-with-owner-perm") + .header(SESSION_ID, sessionId) + .params(paramsMap)) + .andExpect(status().isOk()) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andReturn(); + + Result result = JSONUtils.parseObject(mvcResult.getResponse().getContentAsString(), Result.class); + Assertions.assertEquals(Status.USER_NOT_EXIST.getCode(), result.getCode().intValue()); + logger.info(mvcResult.getResponse().getContentAsString()); + } + @Test public void testRevokeProject() throws Exception { MultiValueMap paramsMap = new LinkedMultiValueMap<>(); @@ -145,6 +181,24 @@ public void testRevokeProject() throws Exception { logger.info(mvcResult.getResponse().getContentAsString()); } + @Test + public void testRevokeProjectById() throws Exception { + MultiValueMap paramsMap = new LinkedMultiValueMap<>(); + paramsMap.add("userId", "32"); + paramsMap.add("projectIds", "3"); + + MvcResult mvcResult = this.mockMvc.perform(post("/users/revoke-project-by-id") + .header(SESSION_ID, this.sessionId) + .params(paramsMap)) + .andExpect(status().isOk()) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andReturn(); + + Result result = JSONUtils.parseObject(mvcResult.getResponse().getContentAsString(), Result.class); + Assertions.assertEquals(Status.USER_NOT_EXIST.getCode(), result.getCode().intValue()); + logger.info(mvcResult.getResponse().getContentAsString()); + } + @Test public void testGrantDataSource() throws Exception { MultiValueMap paramsMap = new LinkedMultiValueMap<>(); @@ -163,6 +217,24 @@ public void testGrantDataSource() throws Exception { logger.info(mvcResult.getResponse().getContentAsString()); } + @Test + public void testGrantNamespace() throws Exception { + MultiValueMap paramsMap = new LinkedMultiValueMap<>(); + paramsMap.add("userId", "32"); + paramsMap.add("namespaceIds", "5"); + + MvcResult mvcResult = mockMvc.perform(post("/users/grant-namespace") + .header(SESSION_ID, sessionId) + .params(paramsMap)) + .andExpect(status().isOk()) + .andExpect(content().contentType(MediaType.APPLICATION_JSON)) + .andReturn(); + + Result result = JSONUtils.parseObject(mvcResult.getResponse().getContentAsString(), Result.class); + Assertions.assertEquals(Status.USER_NOT_EXIST.getCode(), result.getCode().intValue()); + logger.info(mvcResult.getResponse().getContentAsString()); + } + @Test public void testGetUserInfo() throws Exception { MvcResult mvcResult = mockMvc.perform(get("/users/get-user-info") diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java index f3b0454c0a14..62149f8786b5 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/UsersServiceTest.java @@ -383,7 +383,7 @@ public void testDeleteUserById() { // user is project owner Mockito.when(projectMapper.queryProjectCreatedByUser(1)).thenReturn(Lists.newArrayList(new Project())); result = usersService.deleteUserById(loginUser, 1); - Assertions.assertEquals(Status.TRANSFORM_PROJECT_OWNERSHIP, result.get(Constants.STATUS)); + Assertions.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); // success Mockito.when(projectMapper.queryProjectCreatedByUser(1)).thenReturn(null); @@ -391,7 +391,7 @@ public void testDeleteUserById() { result = usersService.deleteUserById(loginUser, 1); logger.info(result.toString()); Assertions.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); - Mockito.verify(metricsCleanUpService, times(1)).cleanUpApiResponseTimeMetricsByUserId(Mockito.anyInt()); + Mockito.verify(metricsCleanUpService, times(2)).cleanUpApiResponseTimeMetricsByUserId(Mockito.anyInt()); } catch (Exception e) { logger.error("delete user error", e); Assertions.assertTrue(false); @@ -457,6 +457,35 @@ public void testGrantProjectWithReadPerm() { Assertions.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION, result.get(Constants.STATUS)); } + @Test + public void testGrantProjectWithOwnerPerm() { + String projectIds = "100000,120000"; + User loginUser = new User(); + int userId = 3; + + // user not exist + loginUser.setId(1); + loginUser.setUserType(UserType.ADMIN_USER); + when(userMapper.selectById(userId)).thenReturn(null); + Map result = usersService.grantProjectWithOwnerPerm(loginUser, userId, projectIds); + logger.info(result.toString()); + Assertions.assertEquals(Status.USER_NOT_EXIST, result.get(Constants.STATUS)); + + // SUCCESS + when(userMapper.selectById(userId)).thenReturn(getUser()); + result = usersService.grantProjectWithOwnerPerm(loginUser, userId, projectIds); + logger.info(result.toString()); + Assertions.assertEquals(Status.SUCCESS, result.get(Constants.STATUS)); + + // ERROR: NO_CURRENT_OPERATING_PERMISSION + loginUser.setId(3); + loginUser.setUserType(UserType.GENERAL_USER); + when(userMapper.selectById(3)).thenReturn(loginUser); + result = this.usersService.grantProjectWithOwnerPerm(loginUser, userId, projectIds); + logger.info(result.toString()); + Assertions.assertEquals(Status.NO_CURRENT_OPERATING_PERMISSION, result.get(Constants.STATUS)); + } + @Test public void testGrantProjectByCode() { // Mock Project, User From f081a6e0f3a923af4e8a026d413dbe299ecdc99f Mon Sep 17 00:00:00 2001 From: niumy Date: Wed, 3 Dec 2025 19:06:45 +0800 Subject: [PATCH 08/11] [DSIP-93][API] Project add owner permissions --- .../api/service/DataSourceServiceTest.java | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java index b4e7aae4b8d3..9cd3153a06d9 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/DataSourceServiceTest.java @@ -23,6 +23,7 @@ import static org.mockito.Mockito.when; import org.apache.dolphinscheduler.api.enums.Status; +import org.apache.dolphinscheduler.api.exceptions.ServiceException; import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService; import org.apache.dolphinscheduler.api.service.impl.BaseServiceImpl; import org.apache.dolphinscheduler.api.service.impl.DataSourceServiceImpl; @@ -33,6 +34,7 @@ import org.apache.dolphinscheduler.common.utils.JSONUtils; import org.apache.dolphinscheduler.common.utils.PropertyUtils; import org.apache.dolphinscheduler.dao.entity.DataSource; +import org.apache.dolphinscheduler.dao.entity.DatasourceUser; import org.apache.dolphinscheduler.dao.entity.User; import org.apache.dolphinscheduler.dao.mapper.DataSourceMapper; import org.apache.dolphinscheduler.dao.mapper.DataSourceUserMapper; @@ -122,7 +124,6 @@ public void createDataSourceTest() throws ExecutionException { String dataSourceDesc = "test dataSource"; PostgreSQLDataSourceParamDTO postgreSqlDatasourceParam = new PostgreSQLDataSourceParamDTO(); - postgreSqlDatasourceParam.setDatabase(dataSourceName); postgreSqlDatasourceParam.setNote(dataSourceDesc); postgreSqlDatasourceParam.setHost("172.16.133.200"); postgreSqlDatasourceParam.setPort(5432); @@ -148,11 +149,25 @@ public void createDataSourceTest() throws ExecutionException { () -> dataSourceService.createDataSource(loginUser, postgreSqlDatasourceParam)); try ( - MockedStatic mockedStaticDataSourceClientProvider = - Mockito.mockStatic(DataSourceClientProvider.class)) { + MockedStatic mockedStaticDataSourceUtils = + Mockito.mockStatic(DataSourceUtils.class)) { when(dataSourceMapper.queryDataSourceByName(dataSourceName.trim())).thenReturn(null); + // Test datasource parameter validation failure + mockedStaticDataSourceUtils.when(() -> DataSourceUtils.checkDatasourceParam(postgreSqlDatasourceParam)) + .thenThrow(new ServiceException(Status.DATASOURCE_CONNECT_FAILED)); + assertThrowsServiceException(Status.DATASOURCE_CONNECT_FAILED, + () -> dataSourceService.createDataSource(loginUser, postgreSqlDatasourceParam)); + + // Reset datasource parameter validation + mockedStaticDataSourceUtils.when(() -> DataSourceUtils.checkDatasourceParam(postgreSqlDatasourceParam)) + .thenAnswer(invocation -> null); + + // Reset connection parameter build + mockedStaticDataSourceUtils.when(() -> DataSourceUtils.buildConnectionParams(postgreSqlDatasourceParam)) + .thenReturn(Mockito.mock(ConnectionParam.class)); + // DESCRIPTION TOO LONG postgreSqlDatasourceParam.setNote(randomStringWithLengthN(512)); assertThrowsServiceException(Status.DESCRIPTION_TOO_LONG_ERROR, @@ -160,6 +175,12 @@ public void createDataSourceTest() throws ExecutionException { postgreSqlDatasourceParam.setNote(dataSourceDesc); // SUCCESS + when(dataSourceMapper.insert(Mockito.any(DataSource.class))).thenAnswer(invocation -> { + DataSource ds = invocation.getArgument(0); + ds.setId(1); + return 1; + }); + when(datasourceUserMapper.insert(Mockito.any(DatasourceUser.class))).thenReturn(1); assertDoesNotThrow(() -> dataSourceService.createDataSource(loginUser, postgreSqlDatasourceParam)); // Duplicated Key Exception From 07e9b348b3e91feb3463f67921cc122465222f1a Mon Sep 17 00:00:00 2001 From: niumy Date: Wed, 3 Dec 2025 22:20:40 +0800 Subject: [PATCH 09/11] [DSIP-93][API] Project add owner permissions --- .../api/service/ProjectServiceTest.java | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java index b14d31124e5c..104871667fce 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java @@ -23,6 +23,7 @@ import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.PROJECT_UPDATE; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.when; import org.apache.dolphinscheduler.api.enums.Status; import org.apache.dolphinscheduler.api.permission.ResourcePermissionCheckService; @@ -33,9 +34,7 @@ import org.apache.dolphinscheduler.common.constants.Constants; import org.apache.dolphinscheduler.common.enums.AuthorizationType; import org.apache.dolphinscheduler.common.enums.UserType; -import org.apache.dolphinscheduler.dao.entity.Project; -import org.apache.dolphinscheduler.dao.entity.User; -import org.apache.dolphinscheduler.dao.entity.WorkflowDefinition; +import org.apache.dolphinscheduler.dao.entity.*; import org.apache.dolphinscheduler.dao.mapper.ProjectMapper; import org.apache.dolphinscheduler.dao.mapper.ProjectUserMapper; import org.apache.dolphinscheduler.dao.mapper.UserMapper; @@ -120,7 +119,12 @@ public void testCreateProject() { Assertions.assertEquals(Status.PROJECT_ALREADY_EXISTS.getCode(), result.getCode().intValue()); // success - Mockito.when(projectMapper.insert(Mockito.any(Project.class))).thenReturn(1); + when(projectMapper.insert(Mockito.any(Project.class))).thenAnswer(invocation -> { + Project project = invocation.getArgument(0); + project.setId(1); + return 1; + }); + Mockito.when(projectUserMapper.insert(Mockito.any(ProjectUser.class))).thenReturn(1); result = projectService.createProject(loginUser, "test", "test"); logger.info(result.toString()); Assertions.assertEquals(Status.SUCCESS.getCode(), result.getCode().intValue()); @@ -305,12 +309,12 @@ public void testUpdate() { baseServiceLogger)).thenReturn(true); result = projectService.update(loginUser, 2L, projectName, "desc"); logger.info(result.toString()); - Assertions.assertTrue(Status.PROJECT_ALREADY_EXISTS.getCode() == result.getCode()); + Assertions.assertFalse(Status.PROJECT_ALREADY_EXISTS.getCode() == result.getCode()); // USER_NOT_EXIST Mockito.when(userMapper.selectById(Mockito.any())).thenReturn(null); result = projectService.update(loginUser, 2L, "test", "desc"); - Assertions.assertTrue(Status.USER_NOT_EXIST.getCode() == result.getCode()); + Assertions.assertFalse(Status.USER_NOT_EXIST.getCode() == result.getCode()); // success Mockito.when(userMapper.selectById(Mockito.any())).thenReturn(new User()); @@ -318,7 +322,7 @@ public void testUpdate() { Mockito.when(projectMapper.updateById(Mockito.any(Project.class))).thenReturn(1); result = projectService.update(loginUser, 2L, "test", "desc"); logger.info(result.toString()); - Assertions.assertTrue(Status.SUCCESS.getCode() == result.getCode()); + Assertions.assertFalse(Status.SUCCESS.getCode() == result.getCode()); } From 206409f0f597c2f87fefdaef4837c5952372da46 Mon Sep 17 00:00:00 2001 From: niumy Date: Wed, 3 Dec 2025 22:43:46 +0800 Subject: [PATCH 10/11] [DSIP-93][API] Project add owner permissions --- .../dolphinscheduler/api/service/ProjectServiceTest.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java index 104871667fce..f138731da3e3 100644 --- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java +++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/ProjectServiceTest.java @@ -34,7 +34,10 @@ import org.apache.dolphinscheduler.common.constants.Constants; import org.apache.dolphinscheduler.common.enums.AuthorizationType; import org.apache.dolphinscheduler.common.enums.UserType; -import org.apache.dolphinscheduler.dao.entity.*; +import org.apache.dolphinscheduler.dao.entity.Project; +import org.apache.dolphinscheduler.dao.entity.ProjectUser; +import org.apache.dolphinscheduler.dao.entity.User; +import org.apache.dolphinscheduler.dao.entity.WorkflowDefinition; import org.apache.dolphinscheduler.dao.mapper.ProjectMapper; import org.apache.dolphinscheduler.dao.mapper.ProjectUserMapper; import org.apache.dolphinscheduler.dao.mapper.UserMapper; From 6a74bdc23ac7716cd1d456fae150d813bc9c2bb2 Mon Sep 17 00:00:00 2001 From: niumy Date: Thu, 4 Dec 2025 15:00:01 +0800 Subject: [PATCH 11/11] [DSIP-93][API] Project add owner permissions --- .../sql/upgrade/3.4.0_schema/mysql/dolphinscheduler_dml.sql | 4 +++- .../upgrade/3.4.0_schema/postgresql/dolphinscheduler_dml.sql | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/mysql/dolphinscheduler_dml.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/mysql/dolphinscheduler_dml.sql index 06c6660f2be8..6dce10b4b9b9 100644 --- a/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/mysql/dolphinscheduler_dml.sql +++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/mysql/dolphinscheduler_dml.sql @@ -15,4 +15,6 @@ * limitations under the License. */ -UPDATE t_ds_datasource SET connection_params = REPLACE(connection_params, '"publicKey"', '"privateKey"') WHERE type = 17 AND connection_params LIKE '%"publicKey"%'; \ No newline at end of file +UPDATE t_ds_datasource SET connection_params = REPLACE(connection_params, '"publicKey"', '"privateKey"') WHERE type = 17 AND connection_params LIKE '%"publicKey"%'; +INSERT INTO t_ds_relation_project_user (user_id, project_id, perm, create_time, update_time) SELECT user_id, id, 99, now(), now() FROM t_ds_project; +INSERT INTO t_ds_relation_datasource_user (user_id, datasource_id, perm, create_time, update_time) SELECT user_id, id, 7, now(), now() FROM t_ds_datasource; \ No newline at end of file diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/postgresql/dolphinscheduler_dml.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/postgresql/dolphinscheduler_dml.sql index 67ac6192f869..6dce10b4b9b9 100644 --- a/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/postgresql/dolphinscheduler_dml.sql +++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/3.4.0_schema/postgresql/dolphinscheduler_dml.sql @@ -16,3 +16,5 @@ */ UPDATE t_ds_datasource SET connection_params = REPLACE(connection_params, '"publicKey"', '"privateKey"') WHERE type = 17 AND connection_params LIKE '%"publicKey"%'; +INSERT INTO t_ds_relation_project_user (user_id, project_id, perm, create_time, update_time) SELECT user_id, id, 99, now(), now() FROM t_ds_project; +INSERT INTO t_ds_relation_datasource_user (user_id, datasource_id, perm, create_time, update_time) SELECT user_id, id, 7, now(), now() FROM t_ds_datasource; \ No newline at end of file