fixed #547

Author: ElishaZhang

dss-apps/dss-apiservice-server/src/main/java/com/webank/wedatasphere/dss/apiservice/core/dao/ApiServiceApprovalDao.java

@@ -0,0 +1,78 @@
+/*
+ *
+ *  * Copyright 2019 WeBank
+ *  *
+ *  * Licensed under the Apache License, Version 2.0 (the "License");
+ *  *  you may not use this file except in compliance with the License.
+ *  * You may obtain a copy of the License at
+ *  *
+ *  * http://www.apache.org/licenses/LICENSE-2.0
+ *  *
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
+ *
+ */
+
+package com.webank.wedatasphere.dss.apiservice.core.dao;
+
+
+import com.webank.wedatasphere.dss.apiservice.core.vo.ApprovalVo;
+import org.apache.ibatis.annotations.Param;
+
+import java.util.List;
+
+/**
+ * @author: jinyangrao
+ * @date: 2020-08-26 18:03:34
+ */
+public interface ApiServiceApprovalDao {
+
+    /**
+     * 新增一条审批单
+     */
+    void insert(ApprovalVo approvalVo);
+
+    /**
+     * 查询审批单
+     * */
+    List<ApprovalVo> queryByApprovalNo(@Param("approvalNo") String approvalNo);
+
+    /**
+     * set status to success
+     * */
+    void setApprovalStatusSuccess(@Param("approvalNo") String approvalNo);
+
+    /**
+     * set status to failed
+     * */
+    void setApprovalStatusFailed(@Param("approvalNo") String approvalNo);
+
+    /**
+     * set status to init
+     * */
+    void setApprovalStatusInit(@Param("approvalNo") String approvalNo);
+
+    /**
+     * set status to applying
+     * */
+    void setApprovalStatusApplying(@Param("approvalNo") String approvalNo);
+
+    /**
+     * update status
+     * */
+    void updateApprovalStatus(@Param("approvalNo") String approvalNo, @Param("status") Integer status);
+
+
+    /**
+     * delete approval
+     * */
+    void deleteApproval(@Param("approvalNo") String approvalNo);
+
+    /**
+     * 通过版本ID查询审批单
+     * */
+    ApprovalVo queryByVersionId(@Param("apiVersionId") Long apiVersionId);
+}

dss-apps/dss-apiservice-server/src/main/java/com/webank/wedatasphere/dss/apiservice/core/dao/mapper/ApiServiceApprovalMapper.xml

@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ /*
+  ~  * Copyright 2019 WeBank
+  ~  *
+  ~  * Licensed under the Apache License, Version 2.0 (the "License");
+  ~  *  you may not use this file except in compliance with the License.
+  ~  * You may obtain a copy of the License at
+  ~  *
+  ~  * http://www.apache.org/licenses/LICENSE-2.0
+  ~  *
+  ~  * Unless required by applicable law or agreed to in writing, software
+  ~  * distributed under the License is distributed on an "AS IS" BASIS,
+  ~  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  * See the License for the specific language governing permissions and
+  ~  * limitations under the License.
+  ~  */
+  -->
+
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"  "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.webank.wedatasphere.dss.apiservice.core.dao.ApiServiceApprovalDao">
+
+    <resultMap id="approvalMap" type="com.webank.wedatasphere.dss.apiservice.core.vo.ApprovalVo">
+        <result property="id" column="id"/>
+        <result property="apiId" column="api_id"/>
+        <result property="apiVersionId" column="api_version_id"/>
+        <result property="approvalName" column="approval_name"/>
+        <result property="applyUser" column="apply_user"/>
+        <result property="executeUser" column="execute_user"/>
+        <result property="creator" column="creator"/>
+        <result property="status" column="status"/>
+        <result property="createTime" column="create_time"/>
+        <result property="updateTime" column="update_time"/>
+        <result property="approvalNo" column="approval_no"/>
+    </resultMap>
+
+    <sql id="fields">
+        `api_id`, `api_version_id`, `approval_name`, `apply_user`, `execute_user`, `creator`,
+        `status`, `create_time`, `update_time`, `approval_no`
+    </sql>
+
+    <sql id="fields_query">
+        `id`, `api_version_id`, `api_id`, `approval_name`, `apply_user`, `execute_user`, `creator`,
+        `status`, `create_time`, `update_time`, `approval_no`
+    </sql>
+
+    <insert id="insert" useGeneratedKeys="true" keyProperty="id" parameterType="com.webank.wedatasphere.dss.apiservice.core.vo.ApprovalVo">
+        <![CDATA[INSERT INTO `dss_apiservice_approval`(]]>
+        <include refid="fields"/>
+        <![CDATA[) VALUES(#{apiId}, #{apiVersionId}, #{approvalName}, #{applyUser}, #{executeUser}, #{creator},
+                        #{status}, #{createTime}, #{updateTime}, #{approvalNo})]]>
+    </insert>
+
+    <select id="queryByApprovalNo" parameterType="java.lang.String" resultMap="approvalMap">
+        <![CDATA[SELECT]]>
+        <include refid="fields_query"/>
+        <![CDATA[ FROM `dss_apiservice_approval` ]]>
+        <where>
+            `approval_no` = #{approvalNo}
+        </where>
+    </select>
+
+    <update id="setApprovalStatusSuccess" parameterType="java.lang.String">
+        UPDATE `dss_apiservice_approval`
+        SET `status` = 3
+        WHERE `approval_no` = #{approvalNo}
+    </update>
+
+    <update id="setApprovalStatusFailed" parameterType="java.lang.String">
+        UPDATE `dss_apiservice_approval`
+        SET `status` = 4
+        WHERE `approval_no` = #{approvalNo}
+    </update>
+
+    <update id="setApprovalStatusInit" parameterType="java.lang.String">
+        UPDATE `dss_apiservice_approval`
+        SET `status` = 1
+        WHERE `approval_no` = #{approvalNo}
+    </update>
+
+    <update id="setApprovalStatusApplying" parameterType="java.lang.String">
+        UPDATE `dss_apiservice_approval`
+        SET `status` = 2
+        WHERE `approval_no` = #{approvalNo}
+    </update>
+
+    <update id="updateApprovalStatus">
+        UPDATE `dss_apiservice_approval`
+        SET `status` = #{status}
+        WHERE `approval_no` = #{approvalNo}
+    </update>
+
+    <delete id="deleteApproval" parameterType="java.lang.String">
+        DELETE FROM
+        `dss_apiservice_approval`
+        WHERE `approval_no` = #{approvalNo}
+    </delete>
+
+    <select id="queryByVersionId" parameterType="java.lang.Long" resultMap="approvalMap">
+        <![CDATA[SELECT]]>
+        <include refid="fields_query"/>
+        <![CDATA[ FROM `dss_apiservice_approval` ]]>
+        <where>
+            `api_version_id` = #{apiVersionId}
+        </where>
+    </select>
+
+
+</mapper>

dss-apps/dss-apiservice-server/src/main/java/com/webank/wedatasphere/dss/apiservice/core/service/impl/ApiServiceImpl.java

@@ -78,6 +78,9 @@ public class ApiServiceImpl implements ApiService {
     @Autowired
     private ApiServiceTokenManagerDao apiServiceTokenManagerDao;
 
+    @Autowired
+    ApiServiceApprovalDao apiServiceApprovalDao;
+
     @Autowired
     TokenAuth tokenAuth;
 
@@ -137,9 +140,7 @@ public void save(ApiServiceVo apiService) throws Exception {
             //todo update by query
             apiVersionVo.setMetadataInfo("default");
             apiServiceVersionDao.insert(apiVersionVo);
-
-
-
+            addApprovalToDB(apiService,apiVersionVo.getId(),apiVersionVo.getAuthId());
             // insert linkis_oneservice_params
             List<ParamVo> params = apiService.getParams();
             if (params != null && !params.isEmpty()) {
@@ -200,7 +201,7 @@ public void saveByApp(ApiServiceVo apiService) throws Exception {
             //顺序不能改变，版本信息依赖审批单信息
             apiServiceVersionDao.insert(apiVersionVo);
 
-//            addApprovalToDB(apiService,apiVersionVo.getId(),apiVersionVo.getAuthId());
+            addApprovalToDB(apiService,apiVersionVo.getId(),apiVersionVo.getAuthId());
 
             // insert linkis_oneservice_params
             List<ParamVo> params = apiService.getParams();
@@ -285,7 +286,7 @@ public void  update(ApiServiceVo apiService) throws Exception {
                         }
                     }
 
-//                    addApprovalToDB(apiService, apiServiceVersionVo.getId(), apiServiceVersionVo.getAuthId());
+                    addApprovalToDB(apiService, apiServiceVersionVo.getId(), apiServiceVersionVo.getAuthId());
 
                     //insert a token record for self
                     genTokenForPublisher(apiService, apiServiceVersionVo.getId());
@@ -305,6 +306,26 @@ public void  update(ApiServiceVo apiService) throws Exception {
         }
     }
 
+    public void addApprovalToDB(ApiServiceVo apiService, Long apiVersionId, String approvalNumber) {
+
+        ApprovalVo approvalVo = apiService.getApprovalVo();
+        // 需要插入审批单记录
+        approvalVo.setApiId(apiService.getId() != null ? apiService.getId() : 0);
+        approvalVo.setApiVersionId(apiVersionId != null ? apiVersionId : 0);
+        approvalVo.setApprovalNo(approvalNumber != null ? approvalNumber : "");
+        approvalVo.setCreator(apiService.getCreator() != null ? apiService.getCreator() : "");
+        approvalVo.setStatus(3);
+        approvalVo.setCreateTime(new Date());
+        approvalVo.setUpdateTime(new Date());
+        if (StringUtils.isEmpty(approvalVo.getExecuteUser())) {
+            approvalVo.setExecuteUser(approvalVo.getCreator());
+        }
+        if (approvalVo.getApprovalName() == null) {
+            approvalVo.setApprovalName("");
+        }
+        apiServiceApprovalDao.insert(approvalVo);
+    }
+
     @Override
     public List<ApiServiceVo> query(ApiServiceQuery apiServiceQuery) throws ApiServiceQueryException {
         //todo 查询需要优化，量小时不影响效率
@@ -348,6 +369,11 @@ public List<ApiServiceVo> query(ApiServiceQuery apiServiceQuery) throws ApiServi
     @Override
     public List<ApiServiceVo> queryByWorkspaceId(Integer workspaceId, String userName){
         List<ApiServiceVo> result = apiServiceDao.queryByWorkspaceId(workspaceId,userName);
+        result.stream().forEach(apiServiceVo -> {
+            ApiVersionVo apiVersionVo = getMaxVersion(apiServiceVo.getId());
+            ApprovalVo approvalVo =apiServiceApprovalDao.queryByVersionId(apiVersionVo.getId());
+            apiServiceVo.setApprovalVo(approvalVo);
+        });
         return result;
     }
 

dss-apps/dss-apiservice-server/src/main/java/com/webank/wedatasphere/dss/apiservice/core/service/impl/ApiServiceQueryServiceImpl.java

@@ -149,6 +149,9 @@ public class ApiServiceQueryServiceImpl implements ApiServiceQueryService {
     @Autowired
     private  ApiServiceAccessDao apiServiceAccessDao;
 
+    @Autowired
+    private ApiServiceApprovalDao apiServiceApprovalDao;
+
     /**
      * Bml client
      */
@@ -244,6 +247,8 @@ public LinkisExecuteResult query(String path,
 
 //            AssertUtil.isTrue(MapUtils.isNotEmpty((Map) collect.getKey()), "数据源不能为空");
 
+            //获取代理执行用户
+            ApprovalVo approvalVo =  apiServiceApprovalDao.queryByVersionId(maxApiVersionVo.getId());
 
             ApiServiceExecuteJob job = new DefaultApiServiceJob();
             //sql代码封装成scala执行
@@ -253,7 +258,12 @@ public LinkisExecuteResult query(String path,
             //不允许创建用户自己随意代理执行，创建用户只能用自己用户执行
             //如果需要代理执行可以在这里更改用户
             job.setUser(loginUser);
-
+            if( !apiServiceVo.getCreator().equals(loginUser) && StringUtils.isNotEmpty(approvalVo.getExecuteUser())){
+                if("hadoop".equals(approvalVo.getExecuteUser().toLowerCase())){
+                    throw new ApiServiceRuntimeException("非法使用Hadoop用户作为执行用户");
+                }
+                job.setUser(approvalVo.getExecuteUser());
+            }
             job.setParams(null);
             job.setRuntimeParams(reqParams);
             job.setScriptePath(apiServiceVo.getScriptPath());