[DG-1476] Fix QN check in datadomain and dataproduct create request flow

repository/src/main/java/org/apache/atlas/repository/store/graph/v2/AtlasEntityStoreV2.java

@@ -1529,7 +1529,8 @@ private EntityMutationResponse createOrUpdate(EntityStream entityStream, boolean
                         boolean skipAuthBaseConditions = diffEntity != null && MapUtils.isEmpty(diffEntity.getCustomAttributes()) && MapUtils.isEmpty(diffEntity.getBusinessAttributes()) && CollectionUtils.isEmpty(diffEntity.getClassifications()) && CollectionUtils.isEmpty(diffEntity.getLabels());
                         boolean skipAuthMeaningsUpdate = diffEntity != null && MapUtils.isNotEmpty(diffEntity.getRelationshipAttributes()) && diffEntity.getRelationshipAttributes().containsKey("meanings") && diffEntity.getRelationshipAttributes().size() == 1 && MapUtils.isEmpty(diffEntity.getAttributes());
                         boolean skipAuthStarredDetailsUpdate = diffEntity != null && MapUtils.isEmpty(diffEntity.getRelationshipAttributes()) && MapUtils.isNotEmpty(diffEntity.getAttributes()) && diffEntity.getAttributes().size() == 3 && diffEntity.getAttributes().containsKey(ATTR_STARRED_BY) && diffEntity.getAttributes().containsKey(ATTR_STARRED_COUNT) && diffEntity.getAttributes().containsKey(ATTR_STARRED_DETAILS_LIST);
-                        if (skipAuthBaseConditions && (skipAuthMeaningsUpdate || skipAuthStarredDetailsUpdate)) {
+                        boolean skipAuthCheck = PreProcessor.skipInitialAuthCheckTypesForMesh.contains(entity.getTypeName());
+                        if (skipAuthCheck || (skipAuthBaseConditions && (skipAuthMeaningsUpdate || skipAuthStarredDetailsUpdate))) {
                             //do nothing, only diff is relationshipAttributes.meanings or starred, allow update
                         } else {
                             AtlasAuthorizationUtils.verifyUpdateEntityAccess(typeRegistry, entityHeader,"update entity: type=" + entity.getTypeName());

repository/src/main/java/org/apache/atlas/repository/store/graph/v2/preprocessor/PreProcessor.java

@@ -23,6 +23,11 @@ public interface PreProcessor {
         add(DATA_PRODUCT_ENTITY_TYPE);
     }};
 
+    Set<String> skipInitialAuthCheckTypesForMesh = new HashSet<String>() {{
+        add(DATA_DOMAIN_ENTITY_TYPE);
+        add(DATA_PRODUCT_ENTITY_TYPE);
+    }};
+
     void processAttributes(AtlasStruct entity, EntityMutationContext context, EntityMutations.EntityOperation operation) throws AtlasBaseException;
 
     default void processDelete(AtlasVertex vertex) throws AtlasBaseException {

repository/src/main/java/org/apache/atlas/repository/store/graph/v2/preprocessor/datamesh/DataDomainPreProcessor.java

@@ -189,6 +189,9 @@ private void processUpdateDomain(AtlasEntity entity, AtlasVertex vertex) throws
             entity.setAttribute(QUALIFIED_NAME, vertexQnName);
         }
 
+        // Check if authorized to update entities
+        AtlasAuthorizationUtils.verifyUpdateEntityAccess(typeRegistry, new AtlasEntityHeader(entity),"update entity: type=" + entity.getTypeName());
+
         RequestContext.get().endMetricRecord(metricRecorder);
     }
 

repository/src/main/java/org/apache/atlas/repository/store/graph/v2/preprocessor/datamesh/DataProductPreProcessor.java

@@ -173,6 +173,9 @@ private void processUpdateProduct(AtlasEntity entity, AtlasVertex vertex) throws
             entity.setAttribute(QUALIFIED_NAME, vertexQnName);
         }
 
+        // Check if authorized to update entities
+        AtlasAuthorizationUtils.verifyUpdateEntityAccess(typeRegistry, new AtlasEntityHeader(entity),"update entity: type=" + entity.getTypeName());
+
         if (isDaapVisibilityChanged) {
             updateDaapVisibilityPolicy(entity, storedProduct);
         }