You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by zh...@apache.org on 2022/06/09 08:12:34 UTC
[shardingsphere] branch master updated: support assistEncryptor for EncryptDistSQLStatement (#18179)
This is an automated email from the ASF dual-hosted git repository.
zhangliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 076269fd4be support assistEncryptor for EncryptDistSQLStatement (#18179)
076269fd4be is described below
commit 076269fd4be2ab52f7d04b21dce3a1de9ab47131
Author: cheese8 <yi...@163.com>
AuthorDate: Thu Jun 9 16:12:29 2022 +0800
support assistEncryptor for EncryptDistSQLStatement (#18179)
support assistEncryptor for EncryptDistSQLStatement
---
.../converter/EncryptRuleStatementConverter.java | 20 +++++++++++++++-----
.../converter/EncryptRuleStatementConverterTest.java | 3 ++-
.../update/AlterEncryptRuleStatementUpdaterTest.java | 6 ++++--
.../CreateEncryptRuleStatementUpdaterTest.java | 6 ++++--
.../segment/distsql/rdl/EncryptColumnAssert.java | 1 +
.../impl/distsql/rdl/ExpectedEncryptColumn.java | 5 ++++-
.../src/main/resources/case/rdl/alter.xml | 1 +
.../src/main/resources/case/rdl/create.xml | 1 +
.../src/main/resources/sql/supported/rdl/alter.xml | 2 +-
.../src/main/resources/sql/supported/rdl/create.xml | 2 +-
10 files changed, 34 insertions(+), 13 deletions(-)
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverter.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverter.java
index 18402b74bf0..00ad5f7fd72 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverter.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/main/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverter.java
@@ -28,7 +28,6 @@ import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.Map;
-import java.util.stream.Collectors;
/**
* Encrypt rule statement converter.
@@ -59,22 +58,33 @@ public final class EncryptRuleStatementConverter {
return new EncryptTableRuleConfiguration(ruleSegment.getTableName(), columns, ruleSegment.getQueryWithCipherColumn());
}
- // FIXME: support assistedEncryptorName on EncryptColumnSegment later
private static EncryptColumnRuleConfiguration createEncryptColumnRuleConfiguration(final String tableName, final EncryptColumnSegment columnSegment) {
return new EncryptColumnRuleConfiguration(columnSegment.getName(), columnSegment.getCipherColumn(), columnSegment.getAssistedQueryColumn(),
- columnSegment.getPlainColumn(), getEncryptorName(tableName, columnSegment.getName()), "", null);
+ columnSegment.getPlainColumn(), getEncryptorName(tableName, columnSegment.getName()), getAssistedQueryEncryptorName(tableName, columnSegment.getName()), null);
}
private static Map<String, ShardingSphereAlgorithmConfiguration> createEncryptorConfigurations(final EncryptRuleSegment ruleSegment) {
- return ruleSegment.getColumns().stream().collect(Collectors
- .toMap(each -> getEncryptorName(ruleSegment.getTableName(), each.getName()), EncryptRuleStatementConverter::createEncryptorConfiguration));
+ Map<String, ShardingSphereAlgorithmConfiguration> result = new HashMap<>();
+ for (EncryptColumnSegment each : ruleSegment.getColumns()) {
+ result.put(getEncryptorName(ruleSegment.getTableName(), each.getName()), createEncryptorConfiguration(each));
+ result.put(getAssistedQueryEncryptorName(ruleSegment.getTableName(), each.getName()), createAssistedQueryEncryptorConfiguration(each));
+ }
+ return result;
}
private static ShardingSphereAlgorithmConfiguration createEncryptorConfiguration(final EncryptColumnSegment columnSegment) {
return new ShardingSphereAlgorithmConfiguration(columnSegment.getEncryptor().getName(), columnSegment.getEncryptor().getProps());
}
+ private static ShardingSphereAlgorithmConfiguration createAssistedQueryEncryptorConfiguration(final EncryptColumnSegment columnSegment) {
+ return new ShardingSphereAlgorithmConfiguration(columnSegment.getAssistedQueryEncryptor().getName(), columnSegment.getAssistedQueryEncryptor().getProps());
+ }
+
private static String getEncryptorName(final String tableName, final String columnName) {
return String.format("%s_%s", tableName, columnName);
}
+
+ private static String getAssistedQueryEncryptorName(final String tableName, final String columnName) {
+ return String.format("assist_%s_%s", tableName, columnName);
+ }
}
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverterTest.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverterTest.java
index d840edb6577..792b735dd62 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverterTest.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/converter/EncryptRuleStatementConverterTest.java
@@ -44,7 +44,8 @@ public final class EncryptRuleStatementConverterTest {
}
private Collection<EncryptColumnSegment> createColumns() {
- return Collections.singleton(new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column", new AlgorithmSegment("MD5", createProperties())));
+ return Collections.singleton(new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column",
+ new AlgorithmSegment("MD5", createProperties()), new AlgorithmSegment("MD5", createProperties())));
}
private Properties createProperties() {
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/AlterEncryptRuleStatementUpdaterTest.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/AlterEncryptRuleStatementUpdaterTest.java
index 387c3054132..d341964d2cc 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/AlterEncryptRuleStatementUpdaterTest.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/AlterEncryptRuleStatementUpdaterTest.java
@@ -64,14 +64,16 @@ public final class AlterEncryptRuleStatementUpdaterTest {
@Test(expected = InvalidRuleConfigurationException.class)
public void assertCheckSQLStatementWithIncompleteDataType() throws DistSQLException {
EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column",
- "int varchar(10)", null, null, null, new AlgorithmSegment("test", new Properties()));
+ "int varchar(10)", null, null, null, new AlgorithmSegment("test", new Properties()),
+ new AlgorithmSegment("test", new Properties()));
EncryptRuleSegment ruleSegment = new EncryptRuleSegment("t_encrypt", Collections.singleton(columnSegment), null);
AlterEncryptRuleStatement statement = new AlterEncryptRuleStatement(Collections.singleton(ruleSegment));
updater.checkSQLStatement(database, statement, createCurrentRuleConfiguration());
}
private AlterEncryptRuleStatement createSQLStatement(final String encryptorName) {
- EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column", new AlgorithmSegment(encryptorName, new Properties()));
+ EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column",
+ new AlgorithmSegment(encryptorName, new Properties()), new AlgorithmSegment("test", new Properties()));
EncryptRuleSegment ruleSegment = new EncryptRuleSegment("t_encrypt", Collections.singleton(columnSegment), null);
return new AlterEncryptRuleStatement(Collections.singleton(ruleSegment));
}
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdaterTest.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdaterTest.java
index b732a1d108c..ed352db2300 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdaterTest.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-distsql/shardingsphere-encrypt-distsql-handler/src/test/java/org/apache/shardingsphere/encrypt/distsql/handler/update/CreateEncryptRuleStatementUpdaterTest.java
@@ -58,14 +58,16 @@ public final class CreateEncryptRuleStatementUpdaterTest {
@Test(expected = InvalidRuleConfigurationException.class)
public void assertCheckSQLStatementWithIncompleteDataType() throws DistSQLException {
EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column",
- "int varchar(10)", null, null, null, new AlgorithmSegment("test", new Properties()));
+ "int varchar(10)", null, null, null, new AlgorithmSegment("test", new Properties()),
+ new AlgorithmSegment("test", new Properties()));
EncryptRuleSegment ruleSegment = new EncryptRuleSegment("t_encrypt", Collections.singleton(columnSegment), null);
CreateEncryptRuleStatement statement = new CreateEncryptRuleStatement(Collections.singleton(ruleSegment));
updater.checkSQLStatement(database, statement, null);
}
private CreateEncryptRuleStatement createSQLStatement(final String encryptorName) {
- EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column", new AlgorithmSegment(encryptorName, new Properties()));
+ EncryptColumnSegment columnSegment = new EncryptColumnSegment("user_id", "user_cipher", "user_plain", "assisted_column",
+ new AlgorithmSegment(encryptorName, new Properties()), new AlgorithmSegment(encryptorName, new Properties()));
EncryptRuleSegment ruleSegment = new EncryptRuleSegment("t_encrypt", Collections.singleton(columnSegment), null);
return new CreateEncryptRuleStatement(Collections.singleton(ruleSegment));
}
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/segment/distsql/rdl/EncryptColumnAssert.java b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/segment/distsql/rdl/EncryptColumnAssert.java
index dc6ea026f21..7c36247b522 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/segment/distsql/rdl/EncryptColumnAssert.java
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/segment/distsql/rdl/EncryptColumnAssert.java
@@ -52,6 +52,7 @@ public final class EncryptColumnAssert {
assertThat(assertContext.getText(String.format("`%s`'s assertion error", actual.getClass().getSimpleName())), actual.getCipherColumn(), is(expected.getCipherColumn()));
assertThat(assertContext.getText(String.format("`%s`'s assertion error", actual.getClass().getSimpleName())), actual.getAssistedQueryColumn(), is(expected.getAssistedQueryColumn()));
AlgorithmAssert.assertIs(assertContext, actual.getEncryptor(), expected.getEncryptor());
+ AlgorithmAssert.assertIs(assertContext, actual.getAssistedQueryEncryptor(), expected.getAssistedQueryEncryptor());
}
}
}
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/segment/impl/distsql/rdl/ExpectedEncryptColumn.java b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/segment/impl/distsql/rdl/ExpectedEncryptColumn.java
index 7197172adf1..f15bcfb4257 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/segment/impl/distsql/rdl/ExpectedEncryptColumn.java
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/segment/impl/distsql/rdl/ExpectedEncryptColumn.java
@@ -41,6 +41,9 @@ public final class ExpectedEncryptColumn extends AbstractExpectedIdentifierSQLSe
@XmlAttribute(name = "assisted-query-column")
private String assistedQueryColumn;
- @XmlElement
+ @XmlElement(name = "encryptor")
private ExpectedAlgorithm encryptor;
+
+ @XmlElement(name = "assisted-query-encryptor")
+ private ExpectedAlgorithm assistedQueryEncryptor;
}
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/alter.xml b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/alter.xml
index d1a9c9d34ef..e8b9e3a3195 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/alter.xml
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/alter.xml
@@ -206,6 +206,7 @@
<property key="aes-key-value" value="123456abc" />
</properties>
</encryptor>
+ <assisted-query-encryptor algorithm-name="MD5" />
</column>
<column name="order_id" cipher-column="order_cipher">
<encryptor algorithm-name="MD5" />
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/create.xml b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/create.xml
index 7d8fd88bacf..7a8eab7b2ba 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/create.xml
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/rdl/create.xml
@@ -325,6 +325,7 @@
<property key="aes-key-value" value="123456abc"/>
</properties>
</encryptor>
+ <assisted-query-encryptor algorithm-name="MD5" />
</column>
<column name="order_id" cipher-column="order_cipher">
<encryptor algorithm-name="MD5"/>
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/alter.xml b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/alter.xml
index b7e846f73fe..b0fdec5b63d 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/alter.xml
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/alter.xml
@@ -36,7 +36,7 @@
<distsql-case id="alter-database-discovery-heartbeat" value="ALTER DB_DISCOVERY HEARTBEAT mgr_heartbeat(PROPERTIES('keepAliveCron'='0/5 * * * * ?'))" />
<distsql-case id="alter-database-discovery-type" value="ALTER DB_DISCOVERY TYPE primary_replica_ds_mgr(TYPE(NAME=mgr,PROPERTIES('groupName'='92504d5b-6dec'))),primary_replica_ds_mgr_2(TYPE(NAME=mgr))" />
<distsql-case id="alter-encrypt-rule" value="ALTER ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc'))), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
- <distsql-case id="alter-encrypt-rule-with-assisted-query-column" value="ALTER ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,ASSISTED_QUERY_COLUMN=assisted_column, TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc'))), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
+ <distsql-case id="alter-encrypt-rule-with-assisted-query-column" value="ALTER ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,ASSISTED_QUERY_COLUMN=assisted_column, TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc')), TYPE(NAME=MD5)), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
<distsql-case id="alter-encrypt-rule-with-query-with-cipher-column" value="ALTER ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher, TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc'))), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))), QUERY_WITH_CIPHER_COLUMN=false)" />
<distsql-case id="alter-shadow-algorithm" value="ALTER SHADOW ALGORITHM (simple_hint_algorithm, TYPE(NAME=SIMPLE_HINT, PROPERTIES('shadow'='true', 'foo'='bar')))" />
<distsql-case id="alter-shadow-rule" value="ALTER SHADOW RULE shadow_rule(SOURCE=demo_ds,SHADOW=demo_ds_shadow,t_order((TYPE(NAME=REGEX_MATCH,PROPERTIES('operation'='insert','column'='user_id','regex'='[1]'))),(simple_hint_algorithm,TYPE(NAME=SIMPLE_HINT,PROPERTIES('shadow'='true',foo='bar')))))" />
diff --git a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/create.xml b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/create.xml
index 31667cf78b8..bd978169477 100644
--- a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/create.xml
+++ b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/rdl/create.xml
@@ -37,7 +37,7 @@
<distsql-case id="create-database-discovery-type" value="CREATE DB_DISCOVERY TYPE primary_replica_ds_mgr(TYPE(NAME=mgr,PROPERTIES('groupName'='92504d5b-6dec'))),primary_replica_ds_mgr_2(TYPE(NAME=mgr))" />
<distsql-case id="create-database-discovery-heartbeat" value="CREATE DB_DISCOVERY HEARTBEAT mgr_heartbeat(PROPERTIES('keepAliveCron'='0/5 * * * * ?'))" />
<distsql-case id="create-encrypt-rule" value="CREATE ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc'))), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
- <distsql-case id="create-encrypt-rule-with-assisted-query-column" value="CREATE ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,ASSISTED_QUERY_COLUMN=assisted_column, TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc'))), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
+ <distsql-case id="create-encrypt-rule-with-assisted-query-column" value="CREATE ENCRYPT RULE t_encrypt (RESOURCE=ds_1, COLUMNS((NAME=user_id,PLAIN=user_plain,CIPHER=user_cipher,ASSISTED_QUERY_COLUMN=assisted_column, TYPE(NAME=AES,PROPERTIES('aes-key-value'='123456abc')), TYPE(NAME=MD5)), (NAME=order_id, CIPHER =order_cipher,TYPE(NAME=MD5))))" />
<distsql-case id="create-shadow-rule" value="CREATE SHADOW RULE shadow_rule(SOURCE=demo_ds,SHADOW=demo_ds_shadow,t_order((TYPE(NAME=REGEX_MATCH,PROPERTIES('operation'='insert','column'='user_id','regex'='[1]'))),(simple_hint_algorithm,TYPE(NAME=SIMPLE_HINT,PROPERTIES('shadow'='true',foo='bar')))))" />
<distsql-case id="create-default-shadow-algorithm" value="CREATE DEFAULT SHADOW ALGORITHM NAME = simple_hint_algorithm ;" />
<distsql-case id="create-sharding-algorithm" value="CREATE SHARDING ALGORITHM algorithm_name(TYPE(NAME=hash_mod,PROPERTIES('algorithm-expression' = 't_order_${order_id % 2}')))" />