modify general user can't create,delete,update token (#3538)

Co-authored-by: qiaozhanwei <qiaozhanwei@analysys.com.cn>
apache · Aug 18, 2020 · b8a9e2e · b8a9e2e
1 parent 0505ebf
commit b8a9e2e
Showing 1 changed file with 7 additions and 8 deletions.
diff --git a/...heduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java b/...heduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
@@ -84,7 +84,9 @@ public Map<String, Object> queryAccessTokenList(User loginUser, String searchVal
      */
     public Map<String, Object> createToken(User loginUser, int userId, String expireTime, String token) {
         Map<String, Object> result = new HashMap<>(5);
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
+
+        if (!hasPerm(loginUser,userId)){
+            putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
 
@@ -140,10 +142,6 @@ public Map<String, Object> generateToken(User loginUser, int userId, String expi
     public Map<String, Object> delAccessTokenById(User loginUser, int id) {
         Map<String, Object> result = new HashMap<>(5);
 
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
-            return result;
-        }
-
         AccessToken accessToken = accessTokenMapper.selectById(id);
 
         if (accessToken == null) {
@@ -152,8 +150,7 @@ public Map<String, Object> delAccessTokenById(User loginUser, int id) {
             return result;
         }
 
-        if (loginUser.getId() != accessToken.getUserId() &&
-                loginUser.getUserType() != UserType.ADMIN_USER) {
+        if (!hasPerm(loginUser,accessToken.getUserId())){
             putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
@@ -176,9 +173,11 @@ public Map<String, Object> delAccessTokenById(User loginUser, int id) {
     public Map<String, Object> updateToken(User loginUser, int id, int userId, String expireTime, String token) {
         Map<String, Object> result = new HashMap<>(5);
 
-        if(check(result, !isAdmin(loginUser), Status.USER_NO_OPERATION_PERM)){
+        if (!hasPerm(loginUser,userId)){
+            putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
+
         AccessToken accessToken = accessTokenMapper.selectById(id);
         if (accessToken == null) {
             logger.error("access token not exist,  access token id {}", id);