You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by zh...@apache.org on 2021/02/04 05:48:49 UTC
[shardingsphere] branch master updated: Fix unit tests for
authorizedSchemas configuration (#9312)
This is an automated email from the ASF dual-hosted git repository.
zhangyonglun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new b46bb28 Fix unit tests for authorizedSchemas configuration (#9312)
b46bb28 is described below
commit b46bb28d3bb56b2e1cd2a8483dcb3488d4466922
Author: Juan Pan(Trista) <pa...@apache.org>
AuthorDate: Thu Feb 4 13:48:21 2021 +0800
Fix unit tests for authorizedSchemas configuration (#9312)
* Delete authorizedSchemas configuration
* Fix unit tests
* Fix unit tests
---
.../infra/auth/privilege/data/DataPrivilege.java | 14 ++++++++------
.../infra/auth/privilege/data/SchemaPrivilege.java | 9 ++++++---
.../proxy/frontend/mysql/MySQLFrontendEngineTest.java | 4 +++-
.../mysql/auth/MySQLAuthenticationHandlerTest.java | 18 ++++++++++++++++--
.../auth/PostgreSQLAuthenticationEngineTest.java | 8 ++++----
5 files changed, 37 insertions(+), 16 deletions(-)
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
index 67d8656..c4fedb4 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/DataPrivilege.java
@@ -44,8 +44,7 @@ public final class DataPrivilege {
* @return has privileges or not
*/
public boolean hasPrivileges(final String schema, final Collection<PrivilegeType> privileges) {
- return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
- || hasPrivileges0(schema, privileges);
+ return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(schema, privileges);
}
/**
@@ -57,16 +56,19 @@ public final class DataPrivilege {
* @return has privileges or not
*/
public boolean hasPrivileges(final String schema, final String table, final Collection<PrivilegeType> privileges) {
- return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
- || hasPrivileges0(schema, table, privileges);
+ return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(schema, table, privileges);
}
- private boolean hasPrivileges0(final String schema, final Collection<PrivilegeType> privileges) {
+ private boolean hasGlobalPrivileges(final Collection<PrivilegeType> privileges) {
+ return globalPrivileges.contains(PrivilegeType.ALL) || !globalPrivileges.isEmpty() && globalPrivileges.containsAll(privileges);
+ }
+
+ private boolean hasSpecificPrivileges(final String schema, final Collection<PrivilegeType> privileges) {
Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
return specificPrivileges.containsKey(schema) && specificPrivileges.get(schema).hasPrivileges(targets);
}
- private boolean hasPrivileges0(final String schema, final String table, final Collection<PrivilegeType> privileges) {
+ private boolean hasSpecificPrivileges(final String schema, final String table, final Collection<PrivilegeType> privileges) {
Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
return specificPrivileges.containsKey(schema) && specificPrivileges.get(schema).hasPrivileges(table, targets);
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
index 9dd2e07..ea78ebd 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/privilege/data/SchemaPrivilege.java
@@ -58,11 +58,14 @@ public final class SchemaPrivilege {
* @return has privileges or not
*/
public boolean hasPrivileges(final String table, final Collection<PrivilegeType> privileges) {
- return globalPrivileges.contains(PrivilegeType.ALL) || globalPrivileges.containsAll(privileges)
- || hasPrivileges0(table, privileges);
+ return hasGlobalPrivileges(privileges) || hasSpecificPrivileges(table, privileges);
}
- private boolean hasPrivileges0(final String table, final Collection<PrivilegeType> privileges) {
+ private boolean hasGlobalPrivileges(final Collection<PrivilegeType> privileges) {
+ return globalPrivileges.contains(PrivilegeType.ALL) || !globalPrivileges.isEmpty() && globalPrivileges.containsAll(privileges);
+ }
+
+ private boolean hasSpecificPrivileges(final String table, final Collection<PrivilegeType> privileges) {
Collection<PrivilegeType> targets = privileges.stream().filter(each -> !globalPrivileges.contains(each)).collect(Collectors.toList());
return specificPrivileges.containsKey(table) && specificPrivileges.get(table).hasPrivileges(targets);
}
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
index 1247705..fa5c27b 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/MySQLFrontendEngineTest.java
@@ -151,7 +151,9 @@ public final class MySQLFrontendEngineTest {
private void setAuthentication(final ShardingSphereUser user) {
DefaultAuthentication authentication = new DefaultAuthentication();
- authentication.getAuthentication().put(user, new ShardingSpherePrivilege());
+ ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+ privilege.setSuper();
+ authentication.getAuthentication().put(user, privilege);
initProxyContext(authentication);
}
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
index 8154006..bb86fa8 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandlerTest.java
@@ -21,6 +21,8 @@ import com.google.common.primitives.Bytes;
import lombok.SneakyThrows;
import org.apache.shardingsphere.db.protocol.mysql.constant.MySQLServerErrorCode;
import org.apache.shardingsphere.db.protocol.mysql.packet.handshake.MySQLAuthPluginData;
+import org.apache.shardingsphere.infra.auth.privilege.PrivilegeType;
+import org.apache.shardingsphere.infra.auth.privilege.data.SchemaPrivilege;
import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
import org.apache.shardingsphere.infra.auth.builtin.DefaultAuthentication;
import org.apache.shardingsphere.infra.auth.privilege.ShardingSpherePrivilege;
@@ -101,7 +103,7 @@ public final class MySQLAuthenticationHandlerTest {
@Test
public void assertLoginWithUnauthorizedSchema() {
- setAuthentication(new ShardingSphereUser("root", "root", ""));
+ setAuthenticationForDB(new ShardingSphereUser("root", "root", ""));
byte[] authResponse = {-27, 89, -20, -27, 65, -120, -64, -101, 86, -100, -108, -100, 6, -125, -37, 117, 14, -43, 95, -113};
assertThat(authenticationHandler.login("root", "", authResponse, "db2").orElse(null), is(MySQLServerErrorCode.ER_DBACCESS_DENIED_ERROR));
}
@@ -113,7 +115,19 @@ public final class MySQLAuthenticationHandlerTest {
private void setAuthentication(final ShardingSphereUser user) {
DefaultAuthentication authentication = new DefaultAuthentication();
- authentication.getAuthentication().put(user, new ShardingSpherePrivilege());
+ ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+ privilege.setSuper();
+ authentication.getAuthentication().put(user, privilege);
+ initProxyContext(authentication);
+ }
+
+ private void setAuthenticationForDB(final ShardingSphereUser user) {
+ DefaultAuthentication authentication = new DefaultAuthentication();
+ ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+ SchemaPrivilege schema = new SchemaPrivilege("db1");
+ schema.getGlobalPrivileges().add(PrivilegeType.ALL);
+ privilege.getDataPrivilege().getSpecificPrivileges().put("db1", schema);
+ authentication.getAuthentication().put(user, privilege);
initProxyContext(authentication);
}
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
index 62bf5fe..5619879 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationEngineTest.java
@@ -26,9 +26,8 @@ import org.apache.shardingsphere.db.protocol.payload.PacketPayload;
import org.apache.shardingsphere.db.protocol.postgresql.packet.command.query.binary.BinaryStatementRegistry;
import org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLAuthenticationMD5PasswordPacket;
import org.apache.shardingsphere.db.protocol.postgresql.payload.PostgreSQLPacketPayload;
-import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
-import org.apache.shardingsphere.infra.auth.builtin.DefaultAuthentication;
import org.apache.shardingsphere.infra.auth.privilege.ShardingSpherePrivilege;
+import org.apache.shardingsphere.infra.auth.user.ShardingSphereUser;
import org.apache.shardingsphere.infra.context.metadata.impl.StandardMetaDataContexts;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import org.apache.shardingsphere.proxy.frontend.auth.AuthenticationResult;
@@ -125,8 +124,9 @@ public final class PostgreSQLAuthenticationEngineTest {
payload.writeStringNul(md5Digest);
ProxyContext proxyContext = ProxyContext.getInstance();
StandardMetaDataContexts standardMetaDataContexts = new StandardMetaDataContexts();
- ((DefaultAuthentication) standardMetaDataContexts.getAuthentication()).getAuthentication().put(
- new ShardingSphereUser(username, password, ""), new ShardingSpherePrivilege());
+ ShardingSpherePrivilege privilege = new ShardingSpherePrivilege();
+ privilege.setSuper();
+ (standardMetaDataContexts.getAuthentication()).getAuthentication().put(new ShardingSphereUser(username, password, ""), privilege);
proxyContext.init(standardMetaDataContexts, mock(TransactionContexts.class));
actual = engine.auth(channelHandlerContext, payload);
assertThat(actual.isFinished(), is(password.equals(inputPassword)));