You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by le...@apache.org on 2022/07/03 09:10:24 UTC
[dolphinscheduler] branch 2.0.6-prepare updated: [Cherry-pick] pick 8811/9020/9834 from dev to 206 (#10744)
This is an automated email from the ASF dual-hosted git repository.
leonbao pushed a commit to branch 2.0.6-prepare
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/2.0.6-prepare by this push:
new 51efcbffc0 [Cherry-pick] pick 8811/9020/9834 from dev to 206 (#10744)
51efcbffc0 is described below
commit 51efcbffc0ed339be75c12fae17aa593cba2782c
Author: JinYong Li <42...@users.noreply.github.com>
AuthorDate: Sun Jul 3 17:10:14 2022 +0800
[Cherry-pick] pick 8811/9020/9834 from dev to 206 (#10744)
* issue 8645 (#8811)
Co-authored-by: 北笙 <“zhanqian@cai-inc.com”>
Co-authored-by: zhanqian <zh...@cai-inc.com>
* [fix-8929][DAO]Description Failed to upload the file because the full name was too long (#9020)
* [fix-8929][DAO]Description Failed to upload the file because the full name was too long
* [DS-#8929][fix]Description Failed to upload the file because the full name was too long
* [DS-#8929][fix]Description Failed to upload the file because the full name was too long
* [DS-#8929][fix]Description Failed to upload the file because the full name was too long
Co-authored-by: houshuai <ho...@jiguang.cn>
* [BUG][ALERT-SERVER]validate script before alert script (#9834)
* validate script before alert script
* fix validate script before alert script
* pick 8811/9020/9834
Co-authored-by: zhanqian <36...@qq.com>
Co-authored-by: 北笙 <“zhanqian@cai-inc.com”>
Co-authored-by: zhanqian <zh...@cai-inc.com>
Co-authored-by: shuai hou <12...@qq.com>
Co-authored-by: houshuai <ho...@jiguang.cn>
Co-authored-by: Tq <ti...@gmail.com>
Co-authored-by: JinyLeeChina <ji...@foxmail.com>
---
.../plugin/alert/script/ScriptSender.java | 19 +++++++++-
.../service/impl/ProcessDefinitionServiceImpl.java | 10 +++--
.../src/main/resources/sql/dolphinscheduler_h2.sql | 2 +-
.../main/resources/sql/dolphinscheduler_mysql.sql | 2 +-
.../resources/sql/dolphinscheduler_postgresql.sql | 2 +-
.../2.0.6_schema/mysql/dolphinscheduler_ddl.sql | 38 +++++++++++++++++++
.../2.0.6_schema/mysql/dolphinscheduler_dml.sql | 16 ++++++++
.../postgresql/dolphinscheduler_ddl.sql | 44 ++++++++++++++++++++++
.../postgresql/dolphinscheduler_dml.sql | 17 +++++++++
script/dolphinscheduler-daemon.sh | 2 +-
10 files changed, 143 insertions(+), 9 deletions(-)
diff --git a/dolphinscheduler-alert/dolphinscheduler-alert-plugins/dolphinscheduler-alert-script/src/main/java/org/apache/dolphinscheduler/plugin/alert/script/ScriptSender.java b/dolphinscheduler-alert/dolphinscheduler-alert-plugins/dolphinscheduler-alert-script/src/main/java/org/apache/dolphinscheduler/plugin/alert/script/ScriptSender.java
index a4dbe1eabc..0d422f279b 100644
--- a/dolphinscheduler-alert/dolphinscheduler-alert-plugins/dolphinscheduler-alert-script/src/main/java/org/apache/dolphinscheduler/plugin/alert/script/ScriptSender.java
+++ b/dolphinscheduler-alert/dolphinscheduler-alert-plugins/dolphinscheduler-alert-script/src/main/java/org/apache/dolphinscheduler/plugin/alert/script/ScriptSender.java
@@ -18,11 +18,11 @@
package org.apache.dolphinscheduler.plugin.alert.script;
import org.apache.dolphinscheduler.alert.api.AlertResult;
+import org.slf4j.Logger;
+import java.io.File;
import java.util.Map;
-import org.slf4j.Logger;
-
public final class ScriptSender {
private static final Logger log = org.slf4j.LoggerFactory.getLogger(ScriptSender.class);
private static final String ALERT_TITLE_OPTION = " -t ";
@@ -53,6 +53,21 @@ public final class ScriptSender {
alertResult.setMessage("shell script not support windows os");
return alertResult;
}
+ //validate script path in case of injections
+ File shellScriptFile = new File(scriptPath);
+ //validate existence
+ if (!shellScriptFile.exists()) {
+ logger.error("shell script not exist : {}", scriptPath);
+ alertResult.setMessage("shell script not exist : " + scriptPath);
+ return alertResult;
+ }
+ //validate is file
+ if (!shellScriptFile.isFile()) {
+ logger.error("shell script is not a file : {}", scriptPath);
+ alertResult.setMessage("shell script is not a file : " + scriptPath);
+ return alertResult;
+ }
+
String[] cmd = {"/bin/sh", "-c", scriptPath + ALERT_TITLE_OPTION + "'" + title + "'" + ALERT_CONTENT_OPTION + "'" + content + "'" + ALERT_USER_PARAMS_OPTION + "'" + userParams + "'"};
int exitCode = ProcessUtils.executeScript(cmd);
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProcessDefinitionServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProcessDefinitionServiceImpl.java
index b5fd941c87..cc7a437eff 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProcessDefinitionServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/ProcessDefinitionServiceImpl.java
@@ -925,16 +925,20 @@ public class ProcessDefinitionServiceImpl extends BaseServiceImpl implements Pro
return false;
}
ProcessDefinition processDefinition = dagDataSchedule.getProcessDefinition();
+
+ // generate import processDefinitionName
+ String processDefinitionName = recursionProcessDefinitionName(projectCode, processDefinition.getName(), 1);
+ String importProcessDefinitionName = processDefinitionName + "_import_" + DateUtils.getCurrentTimeStamp();
+
//unique check
- Map<String, Object> checkResult = verifyProcessDefinitionName(loginUser, projectCode, processDefinition.getName());
+ Map<String, Object> checkResult = verifyProcessDefinitionName(loginUser, projectCode, importProcessDefinitionName);
if (Status.SUCCESS.equals(checkResult.get(Constants.STATUS))) {
putMsg(result, Status.SUCCESS);
} else {
result.putAll(checkResult);
return false;
}
- String processDefinitionName = recursionProcessDefinitionName(projectCode, processDefinition.getName(), 1);
- processDefinition.setName(processDefinitionName + "_import_" + DateUtils.getCurrentTimeStamp());
+ processDefinition.setName(importProcessDefinitionName);
processDefinition.setId(0);
processDefinition.setProjectCode(projectCode);
processDefinition.setUserId(loginUser.getId());
diff --git a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_h2.sql b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_h2.sql
index 66862e11d9..c75ad0313b 100644
--- a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_h2.sql
+++ b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_h2.sql
@@ -755,7 +755,7 @@ CREATE TABLE t_ds_resources
create_time datetime DEFAULT NULL,
update_time datetime DEFAULT NULL,
pid int(11) DEFAULT NULL,
- full_name varchar(64) DEFAULT NULL,
+ full_name varchar(128) DEFAULT NULL,
is_directory tinyint(4) DEFAULT NULL,
PRIMARY KEY (id),
UNIQUE KEY t_ds_resources_un (full_name, type)
diff --git a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_mysql.sql b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_mysql.sql
index 5f47551fc5..a58ac66dd6 100644
--- a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_mysql.sql
+++ b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_mysql.sql
@@ -749,7 +749,7 @@ CREATE TABLE `t_ds_resources` (
`create_time` datetime DEFAULT NULL COMMENT 'create time',
`update_time` datetime DEFAULT NULL COMMENT 'update time',
`pid` int(11) DEFAULT NULL,
- `full_name` varchar(64) DEFAULT NULL,
+ `full_name` varchar(128) DEFAULT NULL,
`is_directory` tinyint(4) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `t_ds_resources_un` (`full_name`,`type`)
diff --git a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_postgresql.sql b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_postgresql.sql
index 82bb412a6b..93c552f95e 100644
--- a/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_postgresql.sql
+++ b/dolphinscheduler-dao/src/main/resources/sql/dolphinscheduler_postgresql.sql
@@ -640,7 +640,7 @@ CREATE TABLE t_ds_resources (
create_time timestamp DEFAULT NULL ,
update_time timestamp DEFAULT NULL ,
pid int,
- full_name varchar(64),
+ full_name varchar(128),
is_directory boolean DEFAULT FALSE,
PRIMARY KEY (id),
CONSTRAINT t_ds_resources_un UNIQUE (full_name, type)
diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_ddl.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_ddl.sql
new file mode 100644
index 0000000000..45f8acd4da
--- /dev/null
+++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_ddl.sql
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+SET sql_mode=(SELECT REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
+
+-- uc_dolphin_T_t_ds_resources_R_full_name
+drop PROCEDURE if EXISTS uc_dolphin_T_t_ds_resources_R_full_name;
+delimiter d//
+CREATE PROCEDURE uc_dolphin_T_t_ds_resources_R_full_name()
+BEGIN
+ IF EXISTS (SELECT 1 FROM information_schema.COLUMNS
+ WHERE TABLE_NAME='t_ds_resources'
+ AND TABLE_SCHEMA=(SELECT DATABASE())
+ AND COLUMN_NAME ='full_name')
+ THEN
+ALTER TABLE t_ds_resources MODIFY COLUMN `full_name` varchar(128);
+END IF;
+END;
+
+d//
+
+delimiter ;
+CALL uc_dolphin_T_t_ds_resources_R_full_name;
+DROP PROCEDURE uc_dolphin_T_t_ds_resources_R_full_name;
diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_dml.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_dml.sql
new file mode 100644
index 0000000000..4a14f326b9
--- /dev/null
+++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/mysql/dolphinscheduler_dml.sql
@@ -0,0 +1,16 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_ddl.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_ddl.sql
new file mode 100644
index 0000000000..14a20fcd8e
--- /dev/null
+++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_ddl.sql
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+delimiter d//
+CREATE OR REPLACE FUNCTION public.dolphin_update_metadata(
+ )
+ RETURNS character varying
+ LANGUAGE 'plpgsql'
+ COST 100
+ VOLATILE PARALLEL UNSAFE
+AS $BODY$
+DECLARE
+ v_schema varchar;
+BEGIN
+ ---get schema name
+ v_schema =current_schema();
+
+ --- alter column
+ EXECUTE 'ALTER TABLE ' || quote_ident(v_schema) ||'.t_ds_resources ALTER COLUMN full_name Type varchar(128)';
+
+ return 'Success!';
+ exception when others then
+ ---Raise EXCEPTION '(%)',SQLERRM;
+ return SQLERRM;
+END;
+$BODY$;
+
+select dolphin_update_metadata();
+
+d//
\ No newline at end of file
diff --git a/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_dml.sql b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_dml.sql
new file mode 100644
index 0000000000..5f26e3515d
--- /dev/null
+++ b/dolphinscheduler-dao/src/main/resources/sql/upgrade/2.0.6_schema/postgresql/dolphinscheduler_dml.sql
@@ -0,0 +1,17 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
diff --git a/script/dolphinscheduler-daemon.sh b/script/dolphinscheduler-daemon.sh
index d26ec85c0c..c2823f04ea 100755
--- a/script/dolphinscheduler-daemon.sh
+++ b/script/dolphinscheduler-daemon.sh
@@ -35,7 +35,7 @@ BIN_DIR=`dirname $0`
BIN_DIR=`cd "$BIN_DIR"; pwd`
export DOLPHINSCHEDULER_HOME=`cd "$BIN_DIR/.."; pwd`
-chmod -R 700 ${DOLPHINSCHEDULER_HOME}/config
+chmod -R 700 ${DOLPHINSCHEDULER_HOME}/conf/config
source /etc/profile
set -a
source "${DOLPHINSCHEDULER_HOME}/conf/env/dolphinscheduler_env.sh"