diff --git a/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java b/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java index 46c771064..2daef8690 100644 --- a/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java +++ b/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java @@ -101,9 +101,11 @@ public class UserController { @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "users", action = ActionTypes.WRITE) public Object deleteUser(@RequestParam String username) { List roleInfoList = roleService.getRoles(username); - for (RoleInfo roleInfo : roleInfoList) { - if (roleInfo.getRole().equals(NacosRoleServiceImpl.GLOBAL_ADMIN_ROLE)) { - throw new IllegalArgumentException("cannot delete admin: " + username); + if (roleInfoList != null) { + for (RoleInfo roleInfo : roleInfoList) { + if (roleInfo.getRole().equals(NacosRoleServiceImpl.GLOBAL_ADMIN_ROLE)) { + throw new IllegalArgumentException("cannot delete admin: " + username); + } } } userDetailsService.deleteUser(username); diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java index 3386a5efb..bd6d12293 100644 --- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java +++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java @@ -81,12 +81,15 @@ public class NacosAuthManager implements AuthManager { user.setUserName(username); user.setToken(token); List roleInfoList = roleService.getRoles(username); - for (RoleInfo roleInfo : roleInfoList) { - if (roleInfo.getRole().equals(NacosRoleServiceImpl.GLOBAL_ADMIN_ROLE)) { - user.setGlobalAdmin(true); - break; + if (roleInfoList != null) { + for (RoleInfo roleInfo : roleInfoList) { + if (roleInfo.getRole().equals(NacosRoleServiceImpl.GLOBAL_ADMIN_ROLE)) { + user.setGlobalAdmin(true); + break; + } } } + return user; } diff --git a/distribution/conf/nacos-mysql.sql b/distribution/conf/nacos-mysql.sql index 001928fbf..5e88447ad 100644 --- a/distribution/conf/nacos-mysql.sql +++ b/distribution/conf/nacos-mysql.sql @@ -192,12 +192,11 @@ CREATE TABLE `roles` ( CREATE TABLE `permissions` ( `role` varchar(50) NOT NULL, - `permission` varchar(512) NOT NULL, - `gmt_create` bigint NULL, - `gmt_modified` bigint NULL, -UNIQUE INDEX `idx_role_resource` (`role` ASC, `permission` ASC) USING BTREE + `resource` varchar(512) NOT NULL, + `action` varchar(8) NOT NULL, + UNIQUE INDEX `uk_role_permission` (`role`,`resource`,`action`) USING BTREE ); INSERT INTO users (username, password, enabled) VALUES ('nacos', '$2a$10$EuWPZHzz32dJN7jexM34MOeYirDdFAZm2kuWj7VEOJhhZkDrxfvUu', TRUE); -INSERT INTO roles (username, role) VALUES ('nacos', 'GLOBAL_ADMIN'); +INSERT INTO roles (username, role) VALUES ('nacos', 'ROLE_ADMIN'); diff --git a/distribution/conf/schema.sql b/distribution/conf/schema.sql index 5842a2267..f0a19931b 100644 --- a/distribution/conf/schema.sql +++ b/distribution/conf/schema.sql @@ -193,4 +193,4 @@ CREATE TABLE permissions ( INSERT INTO users (username, password, enabled) VALUES ('nacos', '$2a$10$EuWPZHzz32dJN7jexM34MOeYirDdFAZm2kuWj7VEOJhhZkDrxfvUu', TRUE); -INSERT INTO roles (username, role) VALUES ('nacos', 'GLOBAL_ADMIN'); +INSERT INTO roles (username, role) VALUES ('nacos', 'ROLE_ADMIN'); diff --git a/pom.xml b/pom.xml index 4f53d4f3b..9a13ec4a1 100644 --- a/pom.xml +++ b/pom.xml @@ -31,7 +31,6 @@ 3.2.5 - git@github.com:alibaba/nacos.git scm:git@github.com:alibaba/nacos.git