Skip to content

A
atlas
Commit 1bfaf7ad by Madhan Neethiraj Committed by nixonrodrigues
Options

ATLAS-3942: delete-type fails if the user doesn't have permission for type-read

Signed-off-by: 's avatarnixonrodrigues <nixon@apache.org>
parent d555c02b
Showing with 21 additions and 5 deletions
repository/src/main/java/org/apache/atlas/repository/store/graph/AtlasTypeDefGraphStore.java
...@@ -692,7 +692,7 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { ...@@ -692,7 +692,7 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore {
} }
AtlasTypesDef typesDef = new AtlasTypesDef(); AtlasTypesDef typesDef = new AtlasTypesDef();
AtlasBaseTypeDef baseTypeDef = getByName(typeName); AtlasBaseTypeDef baseTypeDef = getByNameNoAuthz(typeName);
if (baseTypeDef instanceof AtlasClassificationDef) { if (baseTypeDef instanceof AtlasClassificationDef) {
typesDef.setClassificationDefs(Collections.singletonList((AtlasClassificationDef) baseTypeDef)); typesDef.setClassificationDefs(Collections.singletonList((AtlasClassificationDef) baseTypeDef));
...@@ -775,7 +775,27 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { ...@@ -775,7 +775,27 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore {
return getTypeDefFromType(type); return getTypeDefFromType(type);
} }
private AtlasBaseTypeDef getByNameNoAuthz(String name) throws AtlasBaseException {
if (StringUtils.isBlank(name)) {
throw new AtlasBaseException(AtlasErrorCode.TYPE_NAME_INVALID, "", name);
}
AtlasType type = typeRegistry.getType(name);
return getTypeDefFromTypeWithNoAuthz(type);
}
private AtlasBaseTypeDef getTypeDefFromType(AtlasType type) throws AtlasBaseException { private AtlasBaseTypeDef getTypeDefFromType(AtlasType type) throws AtlasBaseException {
AtlasBaseTypeDef ret = getTypeDefFromTypeWithNoAuthz(type);
if (ret != null) {
AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ", ret.getName());
}
return ret;
}
private AtlasBaseTypeDef getTypeDefFromTypeWithNoAuthz(AtlasType type) throws AtlasBaseException {
AtlasBaseTypeDef ret; AtlasBaseTypeDef ret;
switch (type.getTypeCategory()) { switch (type.getTypeCategory()) {
case ENUM: case ENUM:
...@@ -804,10 +824,6 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore { ...@@ -804,10 +824,6 @@ public abstract class AtlasTypeDefGraphStore implements AtlasTypeDefStore {
throw new AtlasBaseException(AtlasErrorCode.SYSTEM_TYPE, type.getTypeCategory().name()); throw new AtlasBaseException(AtlasErrorCode.SYSTEM_TYPE, type.getTypeCategory().name());
} }
if (ret != null) {
AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_READ, ret), "read type ", ret.getName());
}
return ret; return ret;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment