Skip to content

Commit

Permalink
Format and linting fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@mkamalas
mkamalas committed Aug 30, 2024
1 parent bf81623 commit 193a093
Show file tree
Hide file tree
Showing 10 changed files with 74 additions and 54 deletions.
5 changes: 3 additions & 2 deletions ...phql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/AddTagResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,10 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
}

if (!LabelUtils.isAuthorizedToAssociateTag(environment.getContext(), tagUrn)) {
throw new AuthorizationException("Only users granted permission to this tag can assign or remove it");
throw new AuthorizationException(
"Only users granted permission to this tag can assign or remove it");
}

return GraphQLConcurrencyUtils.supplyAsync(
() -> {
LabelUtils.validateResourceAndLabel(
Expand Down
14 changes: 8 additions & 6 deletions ...hql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/AddTagsResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,12 +43,14 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
"Unauthorized to perform this action. Please contact your DataHub administrator.");
}

tagUrns.forEach((tagUrn) -> {
if (!LabelUtils.isAuthorizedToAssociateTag(environment.getContext(), tagUrn)) {
throw new AuthorizationException("Only users granted permission to this tag can assign or remove it");
}
});

tagUrns.forEach(
(tagUrn) -> {
if (!LabelUtils.isAuthorizedToAssociateTag(environment.getContext(), tagUrn)) {
throw new AuthorizationException(
"Only users granted permission to this tag can assign or remove it");
}
});

LabelUtils.validateResourceAndLabel(
context.getOperationContext(),
tagUrns,
Expand Down
9 changes: 5 additions & 4 deletions ...ore/src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/BatchAddTagsResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
import com.linkedin.metadata.entity.EntityService;
import graphql.schema.DataFetcher;
import graphql.schema.DataFetchingEnvironment;
import io.datahubproject.metadata.context.OperationContext;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
Expand Down Expand Up @@ -129,10 +128,12 @@ private Boolean attemptBatchAddTagsWithSiblings(

private void validateTags(@Nonnull QueryContext context, List<Urn> tagUrns) {
for (Urn tagUrn : tagUrns) {
LabelUtils.validateLabel(context.getOperationContext(), tagUrn, Constants.TAG_ENTITY_NAME, _entityService);

LabelUtils.validateLabel(
context.getOperationContext(), tagUrn, Constants.TAG_ENTITY_NAME, _entityService);

if (!LabelUtils.isAuthorizedToAssociateTag(context, tagUrn)) {
throw new AuthorizationException("Only users granted permission to this tag can assign or remove it");
throw new AuthorizationException(
"Only users granted permission to this tag can assign or remove it");
}
}
}
Expand Down
3 changes: 2 additions & 1 deletion .../src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/BatchRemoveTagsResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,8 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
private void validateTags(List<Urn> tagUrns, QueryContext context) {
for (Urn tagUrn : tagUrns) {
if (!LabelUtils.isAuthorizedToAssociateTag(context, tagUrn)) {
throw new AuthorizationException("Only users granted permission to this tag can assign or remove it");
throw new AuthorizationException(
"Only users granted permission to this tag can assign or remove it");
}
}
}
Expand Down
3 changes: 2 additions & 1 deletion ...l-core/src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/RemoveTagResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,8 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
"Unauthorized to perform this action. Please contact your DataHub administrator.");
}
if (!LabelUtils.isAuthorizedToAssociateTag(environment.getContext(), tagUrn)) {
throw new AuthorizationException("Only users granted permission to this tag can assign or remove it");
throw new AuthorizationException(
"Only users granted permission to this tag can assign or remove it");
}

return GraphQLConcurrencyUtils.supplyAsync(
Expand Down
8 changes: 5 additions & 3 deletions ...hql-core/src/main/java/com/linkedin/datahub/graphql/resolvers/mutate/util/LabelUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,9 +261,11 @@ public static boolean isAuthorizedToUpdateTags(
public static boolean isAuthorizedToAssociateTag(@Nonnull QueryContext context, Urn targetUrn) {

// Decide whether the current principal should be allowed to associate the tag
final DisjunctivePrivilegeGroup orPrivilegeGroups = new DisjunctivePrivilegeGroup(ImmutableList.of(
new ConjunctivePrivilegeGroup(ImmutableList.of(PoliciesConfig.ASSOCIATE_TAGS_PRIVILEGE.getType()))
));
final DisjunctivePrivilegeGroup orPrivilegeGroups =
new DisjunctivePrivilegeGroup(
ImmutableList.of(
new ConjunctivePrivilegeGroup(
ImmutableList.of(PoliciesConfig.ASSOCIATE_TAGS_PRIVILEGE.getType()))));

return AuthorizationUtils.isAuthorized(
context.getAuthorizer(),
Expand Down
59 changes: 32 additions & 27 deletions datahub-web-react/src/app/permissions/policy/PolicyPrivilegeForm.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import React, { useEffect, useMemo, useRef, useState } from 'react';
import { Link } from 'react-router-dom';
import { Form, Select, Tag, Tooltip, Typography, Tag as CustomTag, Checkbox } from 'antd';
import { CheckboxChangeEvent } from 'antd/lib/checkbox';
import styled from 'styled-components/macro';

import { useEntityRegistry } from '../../useEntityRegistry';
Expand Down Expand Up @@ -183,7 +184,12 @@ export default function PolicyPrivilegeForm({
};
setResources({
...resources,
filter: setFieldValues(filter, 'TYPE', [...resourceTypes, createCriterionValue(selectedResourceType)], PolicyMatchCondition.Equals),
filter: setFieldValues(
filter,
'TYPE',
[...resourceTypes, createCriterionValue(selectedResourceType)],
PolicyMatchCondition.Equals,
),
});
};

Expand All @@ -209,15 +215,18 @@ export default function PolicyPrivilegeForm({
};
setResources({
...resources,
filter: setFieldValues(filter, 'URN', [
...resourceEntities,
createCriterionValueWithEntity(
resource,
getEntityFromSearchResults(resourceSearchResults, resource) || null,
),
],
matchCondition,
),
filter: setFieldValues(
filter,
'URN',
[
...resourceEntities,
createCriterionValueWithEntity(
resource,
getEntityFromSearchResults(resourceSearchResults, resource) || null,
),
],
matchCondition,
),
});
};

Expand Down Expand Up @@ -258,13 +267,10 @@ export default function PolicyPrivilegeForm({
};
const domainEntity = domainObj || getEntityFromSearchResults(domainSearchResults, domainUrn);
const updatedFilter = setFieldValues(
filter,
'DOMAIN',
[
...domains,
createCriterionValueWithEntity(domainUrn, domainEntity || null),
],
PolicyMatchCondition.Equals,
filter,
'DOMAIN',
[...domains, createCriterionValueWithEntity(domainUrn, domainEntity || null)],
PolicyMatchCondition.Equals,
);
setResources({
...resources,
Expand Down Expand Up @@ -412,7 +418,7 @@ export default function PolicyPrivilegeForm({
setSelectedTags(editTags);
setResources({
...resources,
filter: setFieldValues(filter, 'TAG', [...(newTag as any)]),
filter: setFieldValues(filter, 'TAG', [...(newTag as any)], PolicyMatchCondition.Equals),
});
}
// eslint-disable-next-line react-hooks/exhaustive-deps
Expand All @@ -426,7 +432,7 @@ export default function PolicyPrivilegeForm({

setResources({
...resources,
filter: setFieldValues(filter, 'TAG', [...tags, urn as any]),
filter: setFieldValues(filter, 'TAG', [...tags, urn as any], PolicyMatchCondition.Equals),
});
setSelectedTags([...(selectedTags as any), selectedTagOption]);
if (inputEl && inputEl.current) {
Expand All @@ -448,6 +454,7 @@ export default function PolicyPrivilegeForm({
filter,
'TAG',
tags?.filter((criterionValue) => (criterionValue as any) !== urn),
PolicyMatchCondition.Equals,
),
});
};
Expand Down Expand Up @@ -540,13 +547,11 @@ export default function PolicyPrivilegeForm({
</Typography.Paragraph>
<Checkbox
checked={matchCondition === PolicyMatchCondition.NotEquals}
onChange={(value) => {
onChange={(event: CheckboxChangeEvent) => {
setMatchCondition(
value?.target?.checked
? PolicyMatchCondition.NotEquals
: PolicyMatchCondition.Equals,
event.target.checked ? PolicyMatchCondition.NotEquals : PolicyMatchCondition.Equals,
);
updateMatchConditionInResources(value?.target?.checked);
updateMatchConditionInResources(event.target.checked);
}}
>
Exclude Resources
Expand Down Expand Up @@ -576,9 +581,9 @@ export default function PolicyPrivilegeForm({
)}
>
{resourceSearchResults?.map((result) => (
<Select.Option key={result.entity.urn} value={result.entity.urn}>
{renderSearchResult(result)}
</Select.Option>
<Select.Option key={result.entity.urn} value={result.entity.urn}>
{renderSearchResult(result)}
</Select.Option>
))}
</Select>
</Form.Item>
Expand Down
8 changes: 6 additions & 2 deletions datahub-web-react/src/app/permissions/policy/policyUtils.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,10 +103,14 @@ export const convertLegacyResourceFilter = (resourceFilter: Maybe<ResourceFilter
}
const criteria = new Array<PolicyMatchCriterion>();
if (resourceFilter.type) {
criteria.push(createCriterion('TYPE', [createCriterionValue(resourceFilter.type)]), PolicyMatchCondition.Equals,);
criteria.push(
createCriterion('TYPE', [createCriterionValue(resourceFilter.type)], PolicyMatchCondition.Equals),
);
}
if (resourceFilter.resources && resourceFilter.resources.length > 0) {
criteria.push(createCriterion('URN', resourceFilter.resources.map(createCriterionValue), PolicyMatchCondition.Equals));
criteria.push(
createCriterion('URN', resourceFilter.resources.map(createCriterionValue), PolicyMatchCondition.Equals),
);
}
return {
filter: {
Expand Down
10 changes: 6 additions & 4 deletions metadata-service/auth-impl/src/main/java/com/datahub/authorization/PolicyEngine.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,11 +245,13 @@ private boolean checkCriterion(
}

Set<String> fieldValues = resource.getFieldValues(entityFieldType);
//For PolicyMatchCondition.NOT_EQUALS, we need to make sure the condition is not satistified for all of the resources specified

// For PolicyMatchCondition.NOT_EQUALS, we need to make sure the condition is not satistified
// for all of the resources specified
if (criterion.getCondition() == PolicyMatchCondition.NOT_EQUALS) {
return criterion.getValues()
.stream()
.allMatch(filterValue -> checkCondition(fieldValues, filterValue, criterion.getCondition()));
return criterion.getValues().stream()
.allMatch(
filterValue -> checkCondition(fieldValues, filterValue, criterion.getCondition()));
}
return criterion.getValues().stream()
.anyMatch(
Expand Down
9 changes: 5 additions & 4 deletions metadata-utils/src/main/java/com/linkedin/metadata/authorization/PoliciesConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -376,10 +376,11 @@ public class PoliciesConfig {
public static final Privilege EDIT_TAG_COLOR_PRIVILEGE =
Privilege.of("EDIT_TAG_COLOR", "Edit Tag Color", "The ability to change the color of a Tag.");

public static final Privilege ASSOCIATE_TAGS_PRIVILEGE = Privilege.of(
"ASSOCIATE_TAGS_PRIVILEGE",
"Associate Tags",
"The ability to associate this tag to an asset.");
public static final Privilege ASSOCIATE_TAGS_PRIVILEGE =
Privilege.of(
"ASSOCIATE_TAGS_PRIVILEGE",
"Associate Tags",
"The ability to associate this tag to an asset.");

// Group Privileges
public static final Privilege EDIT_GROUP_MEMBERS_PRIVILEGE =
Expand Down

0 comments on commit 193a093

Please sign in to comment.