Skip to content

Commit

Permalink
check dataset permissions when submit job
Browse files Browse the repository at this point in the history
  • Loading branch information
@ywy2090
ywy2090 committed Aug 27, 2024
1 parent f1439c4 commit b6c611f
Show file tree
Hide file tree
Showing 7 changed files with 144 additions and 4 deletions.
16 changes: 16 additions & 0 deletions ...dataset/src/main/java/com/webank/wedpr/components/dataset/dao/DatasetUserPermissions.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,20 @@ public boolean hasPermission(int permissionType) {
|| ((permissionType == DatasetPermissionType.WRITABLE.getType()) && writable)
|| ((permissionType == DatasetPermissionType.READABLE.getType()) && readable);
}

public boolean isReadable() {
return hasPermission(DatasetPermissionType.READABLE.getType());
}

public boolean isVisible() {
return hasPermission(DatasetPermissionType.VISIBLE.getType());
}

public boolean isUsable() {
return hasPermission(DatasetPermissionType.USABLE.getType());
}

public boolean isWritable() {
return hasPermission(DatasetPermissionType.WRITABLE.getType());
}
}
24 changes: 24 additions & 0 deletions ...n/java/com/webank/wedpr/components/dataset/permission/DatasetUserPermissionValidator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,30 @@ public class DatasetUserPermissionValidator {

private DatasetUserPermissionValidator() {}

/**
* confirm user’s dataset permissions
*
* @param datasetId
* @param userName
* @param agencyName
* @param datasetPermissionMapper
* @param isTx
* @return
* @throws DatasetException
*/
public static DatasetUserPermissions confirmUserDatasetPermissions(
String datasetId,
String userName,
String agencyName,
DatasetPermissionMapper datasetPermissionMapper,
boolean isTx)
throws DatasetException {

UserInfo userInfo =
UserInfo.builder().user(userName).agency(agencyName).groupInfos(null).build();
return confirmUserDatasetPermissions(datasetId, userInfo, datasetPermissionMapper, isTx);
}

/**
* confirm user’s dataset permissions
*
Expand Down
1 change: 1 addition & 0 deletions wedpr-components/meta/project/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ dependencies{
compile project(":wedpr-core-protocol")
compile project(":wedpr-components-uuid")
compile project(":wedpr-components-resource-follower")
compile project(":wedpr-components-dataset")
}
googleJavaFormat {
//toolVersion = '1.7'
Expand Down
9 changes: 9 additions & 0 deletions ...-components/meta/project/src/main/java/com/webank/wedpr/components/project/dao/JobDO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ public String toString() {
@JsonIgnore private transient Object jobRequest;
private String status;
@JsonIgnore private String result;
private List<String> datasetList;

@JsonProperty("jobStatusInfo")
private JobResult jobResult = new JobResult();
Expand Down Expand Up @@ -499,6 +500,14 @@ public boolean equals(Object o) {
&& Objects.equals(status, jobDO.status);
}

public List<String> getDatasetList() {
return datasetList;
}

public void setDatasetList(List<String> datasetList) {
this.datasetList = datasetList;
}

@Override
public int hashCode() {
return Objects.hash(id, name, parties, jobType, owner, ownerAgency, projectName, status);
Expand Down
6 changes: 6 additions & 0 deletions ...a/project/src/main/java/com/webank/wedpr/components/project/dao/ProjectMapperWrapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,11 +150,17 @@ public void recordJobStatus(JobDO jobDO) {

@Transactional(rollbackFor = Exception.class)
public void insertJob(JobDO jobDO) {
String id = jobDO.getId();
this.projectMapper.insertJobInfo(jobDO);
if (jobDO.getTaskParties() == null || jobDO.getTaskParties().isEmpty()) {
return;
}
this.followerMapper.batchInsert(jobDO.getTaskParties());

List<String> datasetList = jobDO.getDatasetList();
if (datasetList != null && !datasetList.isEmpty()) {
// TODO:
}
}

public void updateFinalJobResult(JobDO job, JobStatus status, String result) {
Expand Down
26 changes: 25 additions & 1 deletion ...ents/meta/project/src/main/java/com/webank/wedpr/components/project/model/JobRequest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
public class JobRequest extends PageRequest {
private JobDO job = new JobDO(true);
private List<FollowerDO> taskParties;
private List<String> datasetList;

public JobRequest() {}

Expand All @@ -48,6 +49,14 @@ public void setTaskParties(List<FollowerDO> taskParties) {
checkAndConfigTaskParities(taskParties);
}

public boolean isJobDataset(String datasetId) {
if (datasetList == null) {
return false;
}

return datasetList.contains(datasetId);
}

@SneakyThrows(WeDPRException.class)
private void checkAndConfigTaskParities(List<FollowerDO> taskParties) {
if (taskParties == null || taskParties.isEmpty()) {
Expand All @@ -63,8 +72,23 @@ private void checkAndConfigTaskParities(List<FollowerDO> taskParties) {
}
}

public List<String> getDatasetList() {
return datasetList;
}

public void setDatasetList(List<String> datasetList) {
this.datasetList = datasetList;
}

@Override
public String toString() {
return "JobRequest{" + "job=" + job + ", taskParties=" + taskParties + '}';
return "JobRequest{"
+ "job="
+ job
+ ", taskParties="
+ taskParties
+ ", datasetList="
+ datasetList
+ '}';
}
}
66 changes: 63 additions & 3 deletions ...ct/src/main/java/com/webank/wedpr/components/project/service/impl/ProjectServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@
package com.webank.wedpr.components.project.service.impl;

import com.github.pagehelper.PageInfo;
import com.webank.wedpr.components.dataset.dao.DatasetUserPermissions;
import com.webank.wedpr.components.dataset.mapper.DatasetMapper;
import com.webank.wedpr.components.dataset.mapper.DatasetPermissionMapper;
import com.webank.wedpr.components.dataset.permission.DatasetUserPermissionValidator;
import com.webank.wedpr.components.mybatis.PageHelperWrapper;
import com.webank.wedpr.components.project.JobChecker;
import com.webank.wedpr.components.project.dao.JobDO;
Expand Down Expand Up @@ -43,6 +47,9 @@ public class ProjectServiceImpl implements ProjectService {
@Autowired private ProjectMapperWrapper projectMapperWrapper;
@Autowired private JobChecker jobChecker;

@Autowired private DatasetMapper datasetMapper;
@Autowired private DatasetPermissionMapper datasetPermissionMapper;

// create a new project
@Override
public WeDPRResponse createProject(String user, ProjectRequest projectDetail) {
Expand Down Expand Up @@ -230,27 +237,80 @@ public WeDPRResponse queryProjectByCondition(String user, ProjectRequest conditi
return response;
}

// verify datasets permission
public void validateUserPermissionToDatasets(
String userName, String agencyName, List<String> datasetList) throws WeDPRException {

if (datasetList == null) {
return;
}

for (String dataset : datasetList) {
DatasetUserPermissions datasetUserPermissions =
DatasetUserPermissionValidator.confirmUserDatasetPermissions(
dataset, userName, agencyName, datasetPermissionMapper, false);

if (logger.isDebugEnabled()) {
logger.debug(
"user: {}, agency: {}, dataset: {}, permissions: {}",
userName,
agencyName,
dataset,
datasetUserPermissions);
}

if (!datasetUserPermissions.isUsable()) {
logger.error(
"the user has no dataset usable permission, user: {}, agency: {}, dataset: {}, permissions: {}",
userName,
agencyName,
dataset,
datasetUserPermissions);
throw new WeDPRException(
String.format(
"the user has no dataset usable permission, user: %s, agency: %s, dataset: %s",
userName, agencyName, dataset));
}
}
}

// submit a job
@Override
public WeDPRResponse submitJob(String user, JobRequest request) {
WeDPRResponse response =
new WeDPRResponse(Constant.WEDPR_SUCCESS, Constant.WEDPR_SUCCESS_MSG);

// String userName = user;
String agency = WeDPRCommonConfig.getAgency();

List<String> datasetList = request.getDatasetList();
try {
request.getJob().setOwner(user);
request.getJob().setOwnerAgency(WeDPRCommonConfig.getAgency());
request.getJob().setOwnerAgency(agency);
request.getJob().setTaskParties(request.getTaskParties());
request.getJob().checkCreate();
request.getJob().setDatasetList(datasetList);
// check the job param
jobChecker.checkAndParseParam(request.getJob());

request.getJob().setStatus(JobStatus.Submitted.getStatus());

// verify dataset permissions
validateUserPermissionToDatasets(user, agency, datasetList);

this.projectMapperWrapper.insertJob(request.getJob());
logger.info("submitJob, user: {}, detail: {}", user, request.getJob().toString());
logger.info(
"submitJob, user: {}, agency: {}, datasetIds: {}, detail: {}",
user,
agency,
datasetList,
request.getJob().toString());
response.setData(request.getJob().getId());
} catch (Exception e) {
logger.warn(
"submitJob failed, user: {}, detail: {}, error: ",
"submitJob failed, user: {}, agency: {}, detail: {}, error: ",
user,
agency,
request.getJob().toString(),
e);
response.setCode(Constant.WEDPR_FAILED);
Expand Down

0 comments on commit b6c611f

Please sign in to comment.