Merge pull request lowcoder-org#109 from lvhuichao/develop

neon-balcony · web-flow · commit 75443cd54acb · 2022-12-08T21:58:32.000+08:00
1. fix authRequestFactory autowire 2. fix system data source permission check
diff --git a/server/openblocks-domain/src/main/java/com/openblocks/domain/permission/service/DatasourcePermissionHandler.java b/server/openblocks-domain/src/main/java/com/openblocks/domain/permission/service/DatasourcePermissionHandler.java
@@ -1,25 +1,36 @@
 package com.openblocks.domain.permission.service;
 
+import static com.openblocks.domain.permission.model.ResourceHolder.USER;
+import static com.openblocks.sdk.constants.Authentication.ANONYMOUS_USER_ID;
+
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.function.Function;
+import java.util.stream.Collectors;
 
+import org.apache.commons.collections4.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 
+import com.google.common.collect.Maps;
 import com.openblocks.domain.datasource.model.Datasource;
 import com.openblocks.domain.datasource.service.DatasourceService;
 import com.openblocks.domain.permission.model.ResourceAction;
 import com.openblocks.domain.permission.model.ResourcePermission;
+import com.openblocks.domain.permission.model.ResourceRole;
+import com.openblocks.domain.permission.model.ResourceType;
 
 import reactor.core.publisher.Mono;
 
 @Lazy
 @Component
 class DatasourcePermissionHandler extends ResourcePermissionHandler {
 
+    private static final ResourceRole SYSTEM_STATIC_DATASOURCE_USER_ROLE = ResourceRole.OWNER;
+
     @Autowired
     private DatasourceService datasourceService;
 
@@ -33,4 +44,39 @@ protected Mono<String> getOrgId(String resourceId) {
         return datasourceService.getById(resourceId)
                 .map(Datasource::getOrganizationId);
     }
+
+    @Override
+    public Mono<Map<String, List<ResourcePermission>>> getAllMatchingPermissions(String userId, Collection<String> resourceIds,
+            ResourceAction resourceAction) {
+
+        List<String> systemStaticDatasourceIds = resourceIds.stream()
+                .filter(Datasource::isSystemStaticId)
+                .toList();
+        List<String> nonSystemStaticDatasourceIds = resourceIds.stream()
+                .filter(Datasource::isNotSystemStaticId)
+                .toList();
+
+        if (CollectionUtils.isEmpty(systemStaticDatasourceIds)) {
+            return super.getAllMatchingPermissions(userId, nonSystemStaticDatasourceIds, resourceAction);
+        }
+        return super.getAllMatchingPermissions(userId, nonSystemStaticDatasourceIds, resourceAction)
+                .map(allMatchingPermissions -> {
+                    Map<String, List<ResourcePermission>> result = Maps.newHashMap();
+                    Map<String, List<ResourcePermission>> systemStaticDatasourcePermissions = systemStaticDatasourceIds.stream()
+                            .collect(Collectors.toMap(Function.identity(), id -> getSystemStaticDatasourcePermission(userId, id)));
+                    result.putAll(systemStaticDatasourcePermissions);
+                    result.putAll(allMatchingPermissions);
+                    return result;
+                });
+    }
+
+    private List<ResourcePermission> getSystemStaticDatasourcePermission(String userId, String datasourceId) {
+        return Collections.singletonList(ResourcePermission.builder()
+                .resourceId(datasourceId)
+                .resourceType(ResourceType.DATASOURCE)
+                .resourceHolder(USER)
+                .resourceHolderId(userId)
+                .resourceRole(SYSTEM_STATIC_DATASOURCE_USER_ROLE)
+                .build());
+    }
 }
diff --git a/server/openblocks-server/src/main/java/com/openblocks/api/authentication/request/AuthRequestFactoryFacade.java b/server/openblocks-server/src/main/java/com/openblocks/api/authentication/request/AuthRequestFactoryFacade.java
@@ -22,10 +22,11 @@
 @Slf4j
 @Primary
 @Component
+@SuppressWarnings({"rawtypes", "unchecked"})
 public class AuthRequestFactoryFacade implements AuthRequestFactory<AuthRequestContext> {
 
     @Autowired
-    private List<AuthRequestFactory<AuthRequestContext>> authRequestFactories;
+    private List<AuthRequestFactory> authRequestFactories;
 
     private final Map<String, AuthRequestFactory<AuthRequestContext>> authRequestFactoryMap = new HashMap<>();
 
