Merge pull request #109 from lvhuichao/develop

1. fix authRequestFactory autowire 2. fix system data source permission check

server/openblocks-domain/src/main/java/com/openblocks/domain/permission/service/DatasourcePermissionHandler.java

@@ -1,25 +1,36 @@
 package com.openblocks.domain.permission.service;
 
+import static com.openblocks.domain.permission.model.ResourceHolder.USER;
+import static com.openblocks.sdk.constants.Authentication.ANONYMOUS_USER_ID;
+
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.function.Function;
+import java.util.stream.Collectors;
 
+import org.apache.commons.collections4.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 
+import com.google.common.collect.Maps;
 import com.openblocks.domain.datasource.model.Datasource;
 import com.openblocks.domain.datasource.service.DatasourceService;
 import com.openblocks.domain.permission.model.ResourceAction;
 import com.openblocks.domain.permission.model.ResourcePermission;
+import com.openblocks.domain.permission.model.ResourceRole;
+import com.openblocks.domain.permission.model.ResourceType;
 
 import reactor.core.publisher.Mono;
 
 @Lazy
 @Component
 class DatasourcePermissionHandler extends ResourcePermissionHandler {
 
+ private static final ResourceRole SYSTEM_STATIC_DATASOURCE_USER_ROLE = ResourceRole.OWNER;
+
  @Autowired
  private DatasourceService datasourceService;
 
@@ -33,4 +44,39 @@ protected Mono<String> getOrgId(String resourceId) {
  return datasourceService.getById(resourceId)
  .map(Datasource::getOrganizationId);
  }
+
+ @Override
+ public Mono<Map<String, List<ResourcePermission>>> getAllMatchingPermissions(String userId, Collection<String> resourceIds,
+ ResourceAction resourceAction) {
+
+ List<String> systemStaticDatasourceIds = resourceIds.stream()
+ .filter(Datasource::isSystemStaticId)
+ .toList();
+ List<String> nonSystemStaticDatasourceIds = resourceIds.stream()
+ .filter(Datasource::isNotSystemStaticId)
+ .toList();
+
+ if (CollectionUtils.isEmpty(systemStaticDatasourceIds)) {
+ return super.getAllMatchingPermissions(userId, nonSystemStaticDatasourceIds, resourceAction);
+ }
+ return super.getAllMatchingPermissions(userId, nonSystemStaticDatasourceIds, resourceAction)
+ .map(allMatchingPermissions -> {
+ Map<String, List<ResourcePermission>> result = Maps.newHashMap();
+ Map<String, List<ResourcePermission>> systemStaticDatasourcePermissions = systemStaticDatasourceIds.stream()
+ .collect(Collectors.toMap(Function.identity(), id -> getSystemStaticDatasourcePermission(userId, id)));
+ result.putAll(systemStaticDatasourcePermissions);
+ result.putAll(allMatchingPermissions);
+ return result;
+ });
+ }
+
+ private List<ResourcePermission> getSystemStaticDatasourcePermission(String userId, String datasourceId) {
+ return Collections.singletonList(ResourcePermission.builder()
+ .resourceId(datasourceId)
+ .resourceType(ResourceType.DATASOURCE)
+ .resourceHolder(USER)
+ .resourceHolderId(userId)
+ .resourceRole(SYSTEM_STATIC_DATASOURCE_USER_ROLE)
+ .build());
+ }
 }

server/openblocks-server/src/main/java/com/openblocks/api/authentication/request/AuthRequestFactoryFacade.java

@@ -22,10 +22,11 @@
 @Slf4j
 @Primary
 @Component
+@SuppressWarnings({"rawtypes", "unchecked"})
 public class AuthRequestFactoryFacade implements AuthRequestFactory<AuthRequestContext> {
 
  @Autowired
- private List<AuthRequestFactory<AuthRequestContext>> authRequestFactories;
+ private List<AuthRequestFactory> authRequestFactories;
 
  private final Map<String, AuthRequestFactory<AuthRequestContext>> authRequestFactoryMap = new HashMap<>();