Skip to content

Commit

Permalink
Merge branch 'datahub-project:master' into pluginv2
Browse files Browse the repository at this point in the history
  • Loading branch information
vishalkSimplify authored Oct 13, 2023
2 parents 9eaf943 + c02cbb3 commit caa3402
Show file tree
Hide file tree
Showing 143 changed files with 2,888 additions and 2,187 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1292,7 +1292,8 @@ private void configureCorpUserResolvers(final RuntimeWiring.Builder builder) {
*/
private void configureCorpGroupResolvers(final RuntimeWiring.Builder builder) {
builder.type("CorpGroup", typeWiring -> typeWiring
.dataFetcher("relationships", new EntityRelationshipsResultResolver(graphClient)));
.dataFetcher("relationships", new EntityRelationshipsResultResolver(graphClient))
.dataFetcher("exists", new EntityExistsResolver(entityService)));
builder.type("CorpGroupInfo", typeWiring -> typeWiring
.dataFetcher("admins",
new LoadableTypeBatchResolver<>(corpUserType,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
import com.datahub.plugins.auth.authorization.Authorizer;
import com.datahub.authorization.ConjunctivePrivilegeGroup;
import com.datahub.authorization.DisjunctivePrivilegeGroup;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.google.common.collect.ImmutableList;
import com.linkedin.common.AuditStamp;
import com.linkedin.common.urn.Urn;
Expand Down Expand Up @@ -90,7 +90,7 @@ public static boolean canManageTags(@Nonnull QueryContext context) {
}

public static boolean canDeleteEntity(@Nonnull Urn entityUrn, @Nonnull QueryContext context) {
return isAuthorized(context, Optional.of(new ResourceSpec(entityUrn.getEntityType(), entityUrn.toString())), PoliciesConfig.DELETE_ENTITY_PRIVILEGE);
return isAuthorized(context, Optional.of(new EntitySpec(entityUrn.getEntityType(), entityUrn.toString())), PoliciesConfig.DELETE_ENTITY_PRIVILEGE);
}

public static boolean canManageUserCredentials(@Nonnull QueryContext context) {
Expand Down Expand Up @@ -173,7 +173,7 @@ public static boolean canDeleteQuery(@Nonnull Urn entityUrn, @Nonnull List<Urn>

public static boolean isAuthorized(
@Nonnull QueryContext context,
@Nonnull Optional<ResourceSpec> resourceSpec,
@Nonnull Optional<EntitySpec> resourceSpec,
@Nonnull PoliciesConfig.Privilege privilege) {
final Authorizer authorizer = context.getAuthorizer();
final String actor = context.getActorUrn();
Expand All @@ -196,7 +196,7 @@ public static boolean isAuthorized(
@Nonnull String resource,
@Nonnull DisjunctivePrivilegeGroup privilegeGroup
) {
final ResourceSpec resourceSpec = new ResourceSpec(resourceType, resource);
final EntitySpec resourceSpec = new EntitySpec(resourceType, resource);
return AuthUtil.isAuthorized(authorizer, actor, Optional.of(resourceSpec), privilegeGroup);
}

Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package com.linkedin.datahub.graphql.resolvers.dataset;

import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.linkedin.common.urn.Urn;
Expand Down Expand Up @@ -104,7 +104,7 @@ private CorpUser createPartialUser(final Urn userUrn) {

private boolean isAuthorized(final Urn resourceUrn, final QueryContext context) {
return AuthorizationUtils.isAuthorized(context,
Optional.of(new ResourceSpec(resourceUrn.getEntityType(), resourceUrn.toString())),
Optional.of(new EntitySpec(resourceUrn.getEntityType(), resourceUrn.toString())),
PoliciesConfig.VIEW_DATASET_USAGE_PRIVILEGE);
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package com.linkedin.datahub.graphql.resolvers.dataset;

import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.linkedin.common.urn.Urn;
import com.linkedin.common.urn.UrnUtils;
import com.linkedin.datahub.graphql.QueryContext;
Expand Down Expand Up @@ -52,7 +52,7 @@ public CompletableFuture<UsageQueryResult> get(DataFetchingEnvironment environme

private boolean isAuthorized(final Urn resourceUrn, final QueryContext context) {
return AuthorizationUtils.isAuthorized(context,
Optional.of(new ResourceSpec(resourceUrn.getEntityType(), resourceUrn.toString())),
Optional.of(new EntitySpec(resourceUrn.getEntityType(), resourceUrn.toString())),
PoliciesConfig.VIEW_DATASET_USAGE_PRIVILEGE);
}
}
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package com.linkedin.datahub.graphql.resolvers.load;

import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.linkedin.datahub.graphql.QueryContext;
import com.linkedin.datahub.graphql.authorization.AuthorizationUtils;
import com.linkedin.datahub.graphql.generated.Entity;
Expand Down Expand Up @@ -79,7 +79,7 @@ public TimeSeriesAspectResolver(
private boolean isAuthorized(QueryContext context, String urn) {
if (_entityName.equals(Constants.DATASET_ENTITY_NAME) && _aspectName.equals(
Constants.DATASET_PROFILE_ASPECT_NAME)) {
return AuthorizationUtils.isAuthorized(context, Optional.of(new ResourceSpec(_entityName, urn)),
return AuthorizationUtils.isAuthorized(context, Optional.of(new EntitySpec(_entityName, urn)),
PoliciesConfig.VIEW_DATASET_PROFILE_PRIVILEGE);
}
return true;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

import com.datahub.authorization.AuthorizerChain;
import com.datahub.authorization.DataHubAuthorizer;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.linkedin.datahub.graphql.QueryContext;
import com.linkedin.datahub.graphql.exception.AuthorizationException;
import com.linkedin.datahub.graphql.generated.GetGrantedPrivilegesInput;
Expand Down Expand Up @@ -33,8 +33,8 @@ public CompletableFuture<Privileges> get(final DataFetchingEnvironment environme
if (!isAuthorized(context, actor)) {
throw new AuthorizationException("Unauthorized to get privileges for the given author.");
}
final Optional<ResourceSpec> resourceSpec = Optional.ofNullable(input.getResourceSpec())
.map(spec -> new ResourceSpec(EntityTypeMapper.getName(spec.getResourceType()), spec.getResourceUrn()));
final Optional<EntitySpec> resourceSpec = Optional.ofNullable(input.getResourceSpec())
.map(spec -> new EntitySpec(EntityTypeMapper.getName(spec.getResourceType()), spec.getResourceUrn()));

if (context.getAuthorizer() instanceof AuthorizerChain) {
DataHubAuthorizer dataHubAuthorizer = ((AuthorizerChain) context.getAuthorizer()).getDefaultAuthorizer();
Expand Down
5 changes: 5 additions & 0 deletions datahub-graphql-core/src/main/resources/entity.graphql
Original file line number Diff line number Diff line change
Expand Up @@ -3788,6 +3788,11 @@ type CorpGroup implements Entity {
Additional read only info about the group
"""
info: CorpGroupInfo @deprecated

"""
Whether or not this entity exists on DataHub
"""
exists: Boolean
}

"""
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
import com.datahub.authorization.AuthorizationRequest;
import com.datahub.authorization.AuthorizationResult;
import com.datahub.plugins.auth.authorization.Authorizer;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.linkedin.common.urn.GlossaryNodeUrn;
import com.linkedin.common.urn.Urn;
import com.linkedin.common.urn.UrnUtils;
Expand Down Expand Up @@ -89,17 +89,17 @@ private void setUpTests() throws Exception {
Mockito.any(Authentication.class)
)).thenReturn(new EntityResponse().setAspects(new EnvelopedAspectMap(parentNode3Aspects)));

final ResourceSpec resourceSpec3 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
final EntitySpec resourceSpec3 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
mockAuthRequest("MANAGE_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec3);

final ResourceSpec resourceSpec2 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
final EntitySpec resourceSpec2 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
mockAuthRequest("MANAGE_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec2);

final ResourceSpec resourceSpec1 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
final EntitySpec resourceSpec1 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
mockAuthRequest("MANAGE_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec1);
}

private void mockAuthRequest(String privilege, AuthorizationResult.Type allowOrDeny, ResourceSpec resourceSpec) {
private void mockAuthRequest(String privilege, AuthorizationResult.Type allowOrDeny, EntitySpec resourceSpec) {
final AuthorizationRequest authorizationRequest = new AuthorizationRequest(
userUrn,
privilege,
Expand Down Expand Up @@ -150,7 +150,7 @@ public void testCanManageChildrenEntitiesAuthorized() throws Exception {
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn.toString());
final EntitySpec resourceSpec = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn.toString());
mockAuthRequest("MANAGE_GLOSSARY_CHILDREN", AuthorizationResult.Type.ALLOW, resourceSpec);

assertTrue(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn, mockClient));
Expand All @@ -162,7 +162,7 @@ public void testCanManageChildrenEntitiesUnauthorized() throws Exception {
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn.toString());
final EntitySpec resourceSpec = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn.toString());
mockAuthRequest("MANAGE_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec);
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec);

Expand All @@ -175,13 +175,13 @@ public void testCanManageChildrenRecursivelyEntitiesAuthorized() throws Exceptio
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec3 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
final EntitySpec resourceSpec3 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.ALLOW, resourceSpec3);

final ResourceSpec resourceSpec2 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
final EntitySpec resourceSpec2 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec2);

final ResourceSpec resourceSpec1 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
final EntitySpec resourceSpec1 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec1);

assertTrue(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn1, mockClient));
Expand All @@ -193,13 +193,13 @@ public void testCanManageChildrenRecursivelyEntitiesUnauthorized() throws Except
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec3 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
final EntitySpec resourceSpec3 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec3);

final ResourceSpec resourceSpec2 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
final EntitySpec resourceSpec2 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec2);

final ResourceSpec resourceSpec1 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
final EntitySpec resourceSpec1 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec1);

assertFalse(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn1, mockClient));
Expand All @@ -211,10 +211,10 @@ public void testCanManageChildrenRecursivelyEntitiesAuthorizedLevel2() throws Ex
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec2 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
final EntitySpec resourceSpec2 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.ALLOW, resourceSpec2);

final ResourceSpec resourceSpec1 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
final EntitySpec resourceSpec1 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn1.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec1);

assertTrue(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn1, mockClient));
Expand All @@ -226,10 +226,10 @@ public void testCanManageChildrenRecursivelyEntitiesUnauthorizedLevel2() throws
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec3 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
final EntitySpec resourceSpec3 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec3);

final ResourceSpec resourceSpec2 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
final EntitySpec resourceSpec2 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn2.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec2);

assertFalse(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn2, mockClient));
Expand All @@ -241,7 +241,7 @@ public void testCanManageChildrenRecursivelyEntitiesNoLevel2() throws Exception
// they do NOT have the MANAGE_GLOSSARIES platform privilege
mockAuthRequest("MANAGE_GLOSSARIES", AuthorizationResult.Type.DENY, null);

final ResourceSpec resourceSpec3 = new ResourceSpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
final EntitySpec resourceSpec3 = new EntitySpec(parentNodeUrn.getEntityType(), parentNodeUrn3.toString());
mockAuthRequest("MANAGE_ALL_GLOSSARY_CHILDREN", AuthorizationResult.Type.DENY, resourceSpec3);

assertFalse(GlossaryUtils.canManageChildrenEntities(mockContext, parentNodeUrn3, mockClient));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
import com.datahub.authentication.Authentication;
import com.datahub.authorization.AuthorizationRequest;
import com.datahub.authorization.AuthorizationResult;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.datahub.plugins.auth.authorization.Authorizer;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
Expand Down Expand Up @@ -201,7 +201,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_QUERIES_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN.getEntityType(),
TEST_DATASET_URN.toString()))
);
Expand All @@ -210,7 +210,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_ENTITY_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN.getEntityType(),
TEST_DATASET_URN.toString()))
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
import com.datahub.authentication.Authentication;
import com.datahub.authorization.AuthorizationRequest;
import com.datahub.authorization.AuthorizationResult;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.datahub.plugins.auth.authorization.Authorizer;
import com.google.common.collect.ImmutableList;
import com.linkedin.common.urn.Urn;
Expand Down Expand Up @@ -134,7 +134,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
DeleteQueryResolverTest.TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_QUERIES_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
DeleteQueryResolverTest.TEST_DATASET_URN.getEntityType(),
DeleteQueryResolverTest.TEST_DATASET_URN.toString()))
);
Expand All @@ -143,7 +143,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_ENTITY_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN.getEntityType(),
TEST_DATASET_URN.toString()))
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
import com.datahub.authentication.Authentication;
import com.datahub.authorization.AuthorizationRequest;
import com.datahub.authorization.AuthorizationResult;
import com.datahub.authorization.ResourceSpec;
import com.datahub.authorization.EntitySpec;
import com.datahub.plugins.auth.authorization.Authorizer;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
Expand Down Expand Up @@ -206,7 +206,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_QUERIES_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN.getEntityType(),
TEST_DATASET_URN.toString()))
);
Expand All @@ -215,7 +215,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_ENTITY_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN.getEntityType(),
TEST_DATASET_URN.toString()))
);
Expand All @@ -224,7 +224,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_QUERIES_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN_2.getEntityType(),
TEST_DATASET_URN_2.toString()))
);
Expand All @@ -233,7 +233,7 @@ private QueryContext getMockQueryContext(boolean allowEditEntityQueries) {
TEST_ACTOR_URN.toString(),
PoliciesConfig.EDIT_ENTITY_PRIVILEGE.getType(),
Optional.of(
new ResourceSpec(
new EntitySpec(
TEST_DATASET_URN_2.getEntityType(),
TEST_DATASET_URN_2.toString()))
);
Expand Down
4 changes: 4 additions & 0 deletions datahub-web-react/src/app/entity/group/GroupProfile.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import { RoutedTabs } from '../../shared/RoutedTabs';
import GroupInfoSidebar from './GroupInfoSideBar';
import { GroupAssets } from './GroupAssets';
import { ErrorSection } from '../../shared/error/ErrorSection';
import NonExistentEntityPage from '../shared/entity/NonExistentEntityPage';

const messageStyle = { marginTop: '10%' };

Expand Down Expand Up @@ -110,6 +111,9 @@ export default function GroupProfile() {
urn,
};

if (data?.corpGroup?.exists === false) {
return <NonExistentEntityPage />;
}
return (
<>
{error && <ErrorSection />}
Expand Down
1 change: 1 addition & 0 deletions datahub-web-react/src/graphql/group.graphql
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ query getGroup($urn: String!, $membersCount: Int!) {
urn
type
name
exists
origin {
type
externalType
Expand Down
Loading

0 comments on commit caa3402

Please sign in to comment.