-
Notifications
You must be signed in to change notification settings - Fork 617
feat(server): adapt Hubble 2.0 frontend APIs and implement default graph/role management #3008
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from all commits
77cee94
42f3dfd
e5e5028
19af891
1a810c0
01e64e8
79ea319
f722cd5
9ac0f2b
34222e5
70d88fb
35002f7
34673b7
f868dbc
6ddfb17
b67df7b
2a17b8d
dc011c0
5e3796d
93da151
c48300b
5977ef2
26a2c42
4b3edca
682c2b5
2c51f7f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -22,9 +22,12 @@ | |
| import java.util.ArrayList; | ||
| import java.util.List; | ||
|
|
||
| import org.apache.commons.lang3.StringUtils; | ||
|
|
||
| import org.apache.hugegraph.api.API; | ||
| import org.apache.hugegraph.api.filter.StatusFilter; | ||
| import org.apache.hugegraph.auth.AuthManager; | ||
| import org.apache.hugegraph.auth.HugeDefaultRole; | ||
| import org.apache.hugegraph.auth.HugeGraphAuthProxy; | ||
| import org.apache.hugegraph.auth.HugePermission; | ||
| import org.apache.hugegraph.core.GraphManager; | ||
|
|
@@ -259,6 +262,45 @@ public String getRolesInGs(@Context GraphManager manager, | |
| result)); | ||
| } | ||
|
|
||
| @GET | ||
| @Timed | ||
| @Path("default") | ||
| public String checkDefaultRole(@Context GraphManager manager, | ||
| @PathParam("graphspace") String graphSpace, | ||
| @QueryParam("role") String role, | ||
| @QueryParam("graph") String graph) { | ||
| LOG.debug("check if current user is default role: {} {} {}", | ||
| role, graphSpace, graph); | ||
| ensurePdModeEnabled(manager); | ||
| AuthManager authManager = manager.authManager(); | ||
| String user = HugeGraphAuthProxy.username(); | ||
|
|
||
| E.checkArgument(StringUtils.isNotEmpty(role) && | ||
| StringUtils.isNotEmpty(graphSpace), | ||
| "Must pass graphspace and role params"); | ||
|
|
||
| HugeDefaultRole defaultRole; | ||
| try { | ||
| defaultRole = HugeDefaultRole.valueOf(role.toUpperCase()); | ||
| } catch (IllegalArgumentException e) { | ||
| E.checkArgument(false, "Invalid role value '%s'", role); | ||
| defaultRole = null; // unreachable, satisfies compiler | ||
| } | ||
| boolean hasGraph = defaultRole.equals(HugeDefaultRole.OBSERVER); | ||
| E.checkArgument(!hasGraph || StringUtils.isNotEmpty(graph), | ||
| "Must set a graph for observer"); | ||
|
|
||
| boolean result; | ||
| if (hasGraph) { | ||
| result = authManager.isDefaultRole(graphSpace, graph, user, | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This endpoint checks raw default-role metadata without first validating that the path graphspace exists, and for |
||
| defaultRole); | ||
| } else { | ||
| result = authManager.isDefaultRole(graphSpace, user, | ||
| defaultRole); | ||
| } | ||
| return manager.serializer().writeMap(ImmutableMap.of("check", result)); | ||
| } | ||
|
Comment on lines
+265
to
+302
|
||
|
|
||
| private void validUser(AuthManager authManager, String user) { | ||
| E.checkArgument(authManager.findUser(user) != null || | ||
| authManager.findGroup(user) != null, | ||
|
|
@@ -274,7 +316,7 @@ private void validType(HugePermission type) { | |
|
|
||
| private void validGraphSpace(GraphManager manager, String graphSpace) { | ||
| E.checkArgument(manager.graphSpace(graphSpace) != null, | ||
| "The graph space is not exist"); | ||
| "The graph space '%s' does not exist", graphSpace); | ||
| } | ||
|
|
||
| private static class JsonManager implements Checkable { | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.