From ca05129fa1be933b308dec0786fb974feeec9100 Mon Sep 17 00:00:00 2001
From: zhangdong <493738387@qq.com>
Date: Thu, 21 Mar 2024 14:53:48 +0800
Subject: [PATCH] [fix](auth)node priv can login web ui (#32521)

---
 .../org/apache/doris/httpv2/controller/BaseController.java    | 4 ++--
 .../java/org/apache/doris/mysql/privilege/PrivPredicate.java  | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/fe/fe-core/src/main/java/org/apache/doris/httpv2/controller/BaseController.java b/fe/fe-core/src/main/java/org/apache/doris/httpv2/controller/BaseController.java
index e3d6d90ead..cd753a100b 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/httpv2/controller/BaseController.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/httpv2/controller/BaseController.java
@@ -68,7 +68,7 @@ public class BaseController {
             UserIdentity currentUser = checkPassword(authInfo);
 
             if (checkAuth) {
-                checkGlobalAuth(currentUser, PrivPredicate.ADMIN);
+                checkGlobalAuth(currentUser, PrivPredicate.ADMIN_OR_NODE);
             }
 
             SessionValue value = new SessionValue();
@@ -129,7 +129,7 @@ public class BaseController {
         }
 
         if (checkAuth && !Env.getCurrentEnv().getAccessManager().checkGlobalPriv(sessionValue.currentUser,
-                PrivPredicate.ADMIN)) {
+                PrivPredicate.ADMIN_OR_NODE)) {
             // need to check auth and check auth failed
             return null;
         }
diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PrivPredicate.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PrivPredicate.java
index 191d27cbdd..74f477b6c7 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PrivPredicate.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PrivPredicate.java
@@ -54,6 +54,10 @@ public class PrivPredicate {
     public static final PrivPredicate ADMIN = PrivPredicate.of(PrivBitSet.of(Privilege.ADMIN_PRIV),
             Operator.OR);
 
+    public static final PrivPredicate ADMIN_OR_NODE = PrivPredicate.of(
+            PrivBitSet.of(Privilege.ADMIN_PRIV, Privilege.NODE_PRIV),
+            Operator.OR);
+
     // load
     public static final PrivPredicate LOAD = PrivPredicate.of(PrivBitSet.of(Privilege.ADMIN_PRIV,
             Privilege.LOAD_PRIV),