Skip to content

Commit

Permalink
fix(ownership): Corrects validation of ownership type and makes it co…
Browse files Browse the repository at this point in the history
…nsistent across graphQL calls (#9044)

Co-authored-by: Ellie O'Neil <[email protected]>
  • Loading branch information
pedro93 and eboneil authored Oct 19, 2023
1 parent 409f981 commit 269c4ea
Show file tree
Hide file tree
Showing 5 changed files with 183 additions and 71 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,11 @@

import com.google.common.collect.ImmutableList;
import com.linkedin.common.urn.CorpuserUrn;

import com.linkedin.common.urn.Urn;
import com.linkedin.datahub.graphql.QueryContext;
import com.linkedin.datahub.graphql.exception.AuthorizationException;
import com.linkedin.datahub.graphql.generated.AddOwnerInput;
import com.linkedin.datahub.graphql.generated.OwnerEntityType;
import com.linkedin.datahub.graphql.generated.OwnerInput;
import com.linkedin.datahub.graphql.generated.OwnershipType;
import com.linkedin.datahub.graphql.generated.ResourceRefInput;
import com.linkedin.datahub.graphql.resolvers.mutate.util.OwnerUtils;
import com.linkedin.metadata.entity.EntityService;
Expand All @@ -20,7 +17,6 @@
import lombok.extern.slf4j.Slf4j;

import static com.linkedin.datahub.graphql.resolvers.ResolverUtils.*;
import static com.linkedin.datahub.graphql.resolvers.mutate.util.OwnerUtils.*;


@Slf4j
Expand All @@ -32,30 +28,33 @@ public class AddOwnerResolver implements DataFetcher<CompletableFuture<Boolean>>
@Override
public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throws Exception {
final AddOwnerInput input = bindArgument(environment.getArgument("input"), AddOwnerInput.class);

Urn ownerUrn = Urn.createFromString(input.getOwnerUrn());
OwnerEntityType ownerEntityType = input.getOwnerEntityType();
OwnershipType type = input.getType() == null ? OwnershipType.NONE : input.getType();
String ownershipUrn = input.getOwnershipTypeUrn() == null ? mapOwnershipTypeToEntity(type.name()) : input.getOwnershipTypeUrn();
Urn targetUrn = Urn.createFromString(input.getResourceUrn());
OwnerInput.Builder ownerInputBuilder = OwnerInput.builder();
ownerInputBuilder.setOwnerUrn(input.getOwnerUrn());
ownerInputBuilder.setOwnerEntityType(input.getOwnerEntityType());
if (input.getType() != null) {
ownerInputBuilder.setType(input.getType());
}
if (input.getOwnershipTypeUrn() != null) {
ownerInputBuilder.setOwnershipTypeUrn(input.getOwnershipTypeUrn());
}

OwnerInput ownerInput = ownerInputBuilder.build();
if (!OwnerUtils.isAuthorizedToUpdateOwners(environment.getContext(), targetUrn)) {
throw new AuthorizationException("Unauthorized to perform this action. Please contact your DataHub administrator.");
}

return CompletableFuture.supplyAsync(() -> {
OwnerUtils.validateAddInput(
ownerUrn, input.getOwnershipTypeUrn(), ownerEntityType,
targetUrn,
_entityService
);
OwnerUtils.validateAddOwnerInput(ownerInput, ownerUrn, _entityService);

try {

log.debug("Adding Owner. input: {}", input);

Urn actor = CorpuserUrn.createFromString(((QueryContext) environment.getContext()).getActorUrn());
OwnerUtils.addOwnersToResources(
ImmutableList.of(new OwnerInput(input.getOwnerUrn(), ownerEntityType, type, ownershipUrn)),
ImmutableList.of(ownerInput),
ImmutableList.of(new ResourceRefInput(input.getResourceUrn(), null, null)),
actor,
_entityService
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw
throw new AuthorizationException("Unauthorized to perform this action. Please contact your DataHub administrator.");
}

OwnerUtils.validateAddInput(
OwnerUtils.validateAddOwnerInput(
owners,
targetUrn,
_entityService
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,7 @@ public CompletableFuture<Boolean> get(DataFetchingEnvironment environment) throw

private void validateOwners(List<OwnerInput> owners) {
for (OwnerInput ownerInput : owners) {
OwnerUtils.validateOwner(UrnUtils.getUrn(ownerInput.getOwnerUrn()), ownerInput.getOwnerEntityType(),
UrnUtils.getUrn(ownerInput.getOwnershipTypeUrn()), _entityService);
OwnerUtils.validateOwner(ownerInput, _entityService);
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ public static void addOwnersToResources(
) {
final List<MetadataChangeProposal> changes = new ArrayList<>();
for (ResourceRefInput resource : resources) {
changes.add(buildAddOwnersProposal(owners, UrnUtils.getUrn(resource.getResourceUrn()), actor, entityService));
changes.add(buildAddOwnersProposal(owners, UrnUtils.getUrn(resource.getResourceUrn()), entityService));
}
EntityUtils.ingestChangeProposals(changes, entityService, actor, false);
}
Expand All @@ -69,7 +69,7 @@ public static void removeOwnersFromResources(
}


private static MetadataChangeProposal buildAddOwnersProposal(List<OwnerInput> owners, Urn resourceUrn, Urn actor, EntityService entityService) {
static MetadataChangeProposal buildAddOwnersProposal(List<OwnerInput> owners, Urn resourceUrn, EntityService entityService) {
Ownership ownershipAspect = (Ownership) EntityUtils.getAspectFromEntity(
resourceUrn.toString(),
Constants.OWNERSHIP_ASPECT_NAME, entityService,
Expand Down Expand Up @@ -181,63 +181,43 @@ public static boolean isAuthorizedToUpdateOwners(@Nonnull QueryContext context,
orPrivilegeGroups);
}

public static Boolean validateAddInput(
public static Boolean validateAddOwnerInput(
List<OwnerInput> owners,
Urn resourceUrn,
EntityService entityService
) {
for (OwnerInput owner : owners) {
boolean result = validateAddInput(
UrnUtils.getUrn(owner.getOwnerUrn()),
owner.getOwnershipTypeUrn(),
owner.getOwnerEntityType(),
resourceUrn,
entityService);
boolean result = validateAddOwnerInput(owner, resourceUrn, entityService);
if (!result) {
return false;
}
}
return true;
}

public static Boolean validateAddInput(
Urn ownerUrn,
String ownershipEntityUrn,
OwnerEntityType ownerEntityType,
public static Boolean validateAddOwnerInput(
OwnerInput owner,
Urn resourceUrn,
EntityService entityService
) {

if (OwnerEntityType.CORP_GROUP.equals(ownerEntityType) && !Constants.CORP_GROUP_ENTITY_NAME.equals(ownerUrn.getEntityType())) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource %s. Expected a corp group urn.", resourceUrn));
}

if (OwnerEntityType.CORP_USER.equals(ownerEntityType) && !Constants.CORP_USER_ENTITY_NAME.equals(ownerUrn.getEntityType())) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource %s. Expected a corp user urn.", resourceUrn));
}

if (!entityService.exists(resourceUrn)) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource %s. Resource does not exist.", resourceUrn));
}

if (!entityService.exists(ownerUrn)) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource %s. Owner %s does not exist.", resourceUrn, ownerUrn));
}

if (ownershipEntityUrn != null && !entityService.exists(UrnUtils.getUrn(ownershipEntityUrn))) {
throw new IllegalArgumentException(String.format("Failed to change ownership type for resource %s. Ownership Type "
+ "%s does not exist.", resourceUrn, ownershipEntityUrn));
}
validateOwner(owner, entityService);

return true;
}

public static void validateOwner(
Urn ownerUrn,
OwnerEntityType ownerEntityType,
Urn ownershipEntityUrn,
OwnerInput owner,
EntityService entityService
) {

OwnerEntityType ownerEntityType = owner.getOwnerEntityType();
Urn ownerUrn = UrnUtils.getUrn(owner.getOwnerUrn());

if (OwnerEntityType.CORP_GROUP.equals(ownerEntityType) && !Constants.CORP_GROUP_ENTITY_NAME.equals(ownerUrn.getEntityType())) {
throw new IllegalArgumentException(
String.format("Failed to change ownership for resource(s). Expected a corp group urn, found %s", ownerUrn));
Expand All @@ -252,9 +232,14 @@ public static void validateOwner(
throw new IllegalArgumentException(String.format("Failed to change ownership for resource(s). Owner with urn %s does not exist.", ownerUrn));
}

if (!entityService.exists(ownershipEntityUrn)) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource(s). Ownership type with "
+ "urn %s does not exist.", ownershipEntityUrn));
if (owner.getOwnershipTypeUrn() != null && !entityService.exists(UrnUtils.getUrn(owner.getOwnershipTypeUrn()))) {
throw new IllegalArgumentException(String.format("Failed to change ownership for resource(s). Custom Ownership type with "
+ "urn %s does not exist.", owner.getOwnershipTypeUrn()));
}

if (owner.getType() == null && owner.getOwnershipTypeUrn() == null) {
throw new IllegalArgumentException("Failed to change ownership for resource(s). Expected either "
+ "type or ownershipTypeUrn to be specified.");
}
}

Expand All @@ -269,11 +254,11 @@ public static Boolean validateRemoveInput(
}

public static void addCreatorAsOwner(
QueryContext context,
String urn,
OwnerEntityType ownerEntityType,
OwnershipType ownershipType,
EntityService entityService) {
QueryContext context,
String urn,
OwnerEntityType ownerEntityType,
OwnershipType ownershipType,
EntityService entityService) {
try {
Urn actorUrn = CorpuserUrn.createFromString(context.getActorUrn());
String ownershipTypeUrn = mapOwnershipTypeToEntity(ownershipType.name());
Expand Down
Loading

0 comments on commit 269c4ea

Please sign in to comment.