Problem
PermissionAspect only resolves Flink applications for @Permission checks. Spark application endpoints rely on Shiro role permissions but lack team-level isolation, allowing cross-team access when role permissions are broad.
Proposed solution
- Extend
PermissionAspect to resolve Spark applications when Flink lookup misses
- Add
@Permission annotations to SparkApplicationController mirroring FlinkApplicationController
Problem
PermissionAspectonly resolves Flink applications for@Permissionchecks. Spark application endpoints rely on Shiro role permissions but lack team-level isolation, allowing cross-team access when role permissions are broad.Proposed solution
PermissionAspectto resolve Spark applications when Flink lookup misses@Permissionannotations toSparkApplicationControllermirroringFlinkApplicationController