[Improvement-18072][Api] Add user permission validation logic to the connectionTest, getDatabases, getTables, and getTableColumns methods in DataSourceController#18073
Conversation
ruanwenjun
left a comment
ruanwenjun
left a comment
There was a problem hiding this comment.
Please revert the unrelated change, you should review your pr first.
| @ApiException(VERIFY_DATASOURCE_NAME_FAILURE) | ||
| public Result<Boolean> verifyDataSourceName(@Parameter(hidden = true) @RequestAttribute(value = Constants.SESSION_USER) User loginUser, | ||
| @RequestParam(value = "name") String name) { | ||
| public Result<Boolean> verifyDataSourceName(@RequestParam(value = "name") String name) { |
There was a problem hiding this comment.
Don't change this method.
ok
| * @return a boolean indicating whether Kerberos is currently active | ||
| */ | ||
| @Operation(summary = "getKerberosStartupState", description = "GET_USER_INFO_NOTES") | ||
| @Operation(summary = "getKerberosStartupState", description = "GET_KERBEROS_STARTUP_STATE") |
There was a problem hiding this comment.
Don't change the unrelated code of this issue.
There was a problem hiding this comment.
Don't change the unrelated code of this issue.
ok
Okay, I will create a separate issue and PR to address the inconsistent class comments in these classes. |
njnu-seafish
changed the title
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| } | ||
|
|
||
| if (!canOperatorPermissions(loginUser, new Object[]{datasourceId}, AuthorizationType.DATASOURCE, | ||
| ApiFuncIdentificationConstant.DATASOURCE)) { |
Check warning
Code scanning / CodeQL
Potential database resource leak Warning
| if (!canOperatorPermissions(loginUser, new Object[]{datasourceId}, AuthorizationType.DATASOURCE, | ||
| ApiFuncIdentificationConstant.DATASOURCE)) { | ||
| throw new ServiceException(Status.USER_NO_OPERATION_PERM); | ||
| } |
Check warning
Code scanning / CodeQL
Potential database resource leak Warning
|
|
@SbloodyS @ruanwenjun Could you please prioritize reviewing this user authentication issue first when you have a moment? Thank you very much. |
3 participants
Was this PR generated or assisted by AI?
NO
Purpose of the pull request
close #18072
Brief change log
Add user permission validation logic to the connectionTest, getDatabases, getTables, and getTableColumns methods in DataSourceController
Verify this pull request
This pull request is code cleanup without any test coverage.
(or)
This pull request is already covered by existing tests, such as (please describe tests).
(or)
This change added tests and can be verified as follows:
(or)
Pull Request Notice
Pull Request Notice
If your pull request contains incompatible change, you should also add it to
docs/docs/en/guide/upgrade/incompatible.md