You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by pa...@apache.org on 2021/02/23 10:21:30 UTC
[shardingsphere] branch master updated: Issue 9416 (#9470)
This is an automated email from the ASF dual-hosted git repository.
panjuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 5702ddc Issue 9416 (#9470)
5702ddc is described below
commit 5702ddc8e6a848f388a6645e02af93514720f98a
Author: MingHao Li <lm...@163.com>
AuthorDate: Tue Feb 23 18:21:11 2021 +0800
Issue 9416 (#9470)
* # issue 9416
* # issue 9416
---
.../builtin/yaml/swapper/UserRuleYamlSwapper.java | 4 +-
.../auth/model/privilege/PrivilegeType.java | 2 +-
.../infra/metadata/auth/model/user/Grantee.java | 6 ++-
.../infra/auth/builtin/model/user/GranteeTest.java | 47 ++++++++++++++++++++++
.../src/main/resources/conf/server.yaml | 1 +
.../auth/PostgreSQLAuthenticationHandler.java | 3 +-
6 files changed, 58 insertions(+), 5 deletions(-)
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/builtin/yaml/swapper/UserRuleYamlSwapper.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/builtin/yaml/swapper/UserRuleYamlSwapper.java
index e64b569..b1082b2 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/builtin/yaml/swapper/UserRuleYamlSwapper.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/builtin/yaml/swapper/UserRuleYamlSwapper.java
@@ -19,6 +19,7 @@ package org.apache.shardingsphere.infra.metadata.auth.builtin.yaml.swapper;
import org.apache.shardingsphere.infra.metadata.auth.builtin.yaml.config.YamlUserConfiguration;
import org.apache.shardingsphere.infra.metadata.auth.builtin.yaml.config.YamlUserRuleConfiguration;
+import org.apache.shardingsphere.infra.metadata.auth.model.privilege.PrivilegeType;
import org.apache.shardingsphere.infra.metadata.auth.model.user.ShardingSphereUser;
import org.apache.shardingsphere.infra.yaml.swapper.YamlConfigurationSwapper;
@@ -64,6 +65,7 @@ public final class UserRuleYamlSwapper implements YamlConfigurationSwapper<YamlU
}
private ShardingSphereUser swapToObject(final String username, final YamlUserConfiguration yamlConfig) {
- return new ShardingSphereUser(username, yamlConfig.getPassword(), null == yamlConfig.getHostname() ? "" : yamlConfig.getHostname());
+ return new ShardingSphereUser(username, yamlConfig.getPassword(), (null == yamlConfig.getHostname()
+ || PrivilegeType.ALL_HOST_NAME.getName().equals(yamlConfig.getHostname())) ? "" : yamlConfig.getHostname());
}
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/privilege/PrivilegeType.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/privilege/PrivilegeType.java
index 872e43b..594748d 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/privilege/PrivilegeType.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/privilege/PrivilegeType.java
@@ -28,7 +28,7 @@ import lombok.RequiredArgsConstructor;
@Getter
public enum PrivilegeType {
- ALL("*"), SELECT("SELECT"), DELETE("DELETE"), UPDATE("UPDATE"), INSERT("INSERT");
+ ALL("*"), SELECT("SELECT"), DELETE("DELETE"), UPDATE("UPDATE"), INSERT("INSERT"), ALL_HOST_NAME("%");
private final String name;
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/user/Grantee.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/user/Grantee.java
index fc5f836..dc692aa 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/user/Grantee.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/auth/model/user/Grantee.java
@@ -21,6 +21,7 @@ import com.google.common.base.Objects;
import com.google.common.base.Strings;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.infra.metadata.auth.model.privilege.PrivilegeType;
/**
* Grantee.
@@ -37,14 +38,15 @@ public final class Grantee {
public boolean equals(final Object obj) {
if (obj instanceof Grantee) {
Grantee grantee = (Grantee) obj;
- return grantee.getUsername().equalsIgnoreCase(username) && (grantee.getHostname().equalsIgnoreCase(hostname) || Strings.isNullOrEmpty(hostname));
+ return grantee.getUsername().equalsIgnoreCase(username) && (grantee.getHostname().equalsIgnoreCase(hostname) || Strings.isNullOrEmpty(hostname)
+ || hostname.equals(PrivilegeType.ALL_HOST_NAME.getName()));
}
return false;
}
@Override
public int hashCode() {
- return Strings.isNullOrEmpty(hostname)
+ return (Strings.isNullOrEmpty(hostname) || hostname.equals(PrivilegeType.ALL_HOST_NAME.getName()))
? Objects.hashCode(username.toUpperCase()) : Objects.hashCode(username.toUpperCase(), hostname.toUpperCase());
}
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/builtin/model/user/GranteeTest.java b/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/builtin/model/user/GranteeTest.java
new file mode 100644
index 0000000..2f567ec
--- /dev/null
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/builtin/model/user/GranteeTest.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.infra.auth.builtin.model.user;
+
+import org.apache.shardingsphere.infra.metadata.auth.model.user.Grantee;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertThat;
+
+public final class GranteeTest {
+
+ @Test
+ public void assertEquals() {
+ Grantee grantee = new Grantee("name", "%");
+ Grantee grantee1 = new Grantee("name", "");
+ Grantee grantee2 = new Grantee("name", "127.0.0.1");
+ assertTrue(grantee.equals(grantee1));
+ assertTrue(grantee.equals(grantee2));
+ }
+
+ @Test
+ public void assertHashcode() {
+ Grantee grantee = new Grantee("name", "%");
+ Grantee grantee1 = new Grantee("name", "");
+ Grantee grantee2 = new Grantee("name", "127.0.0.1");
+ assertThat(grantee.hashCode(), is(grantee1.hashCode()));
+ assertFalse(grantee1.hashCode() == grantee2.hashCode());
+ }
+}
diff --git a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/resources/conf/server.yaml b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/resources/conf/server.yaml
index e29a828..8fbbc47 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/resources/conf/server.yaml
+++ b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/resources/conf/server.yaml
@@ -37,6 +37,7 @@
# users:
# root:
# password: root
+# hostname: %
# sharding:
# password: sharding
#
diff --git a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
index c28748f..d366995 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
@@ -23,6 +23,7 @@ import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLErrorCode;
import org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLPasswordMessagePacket;
+import org.apache.shardingsphere.infra.metadata.auth.model.privilege.PrivilegeType;
import org.apache.shardingsphere.infra.metadata.auth.model.user.Grantee;
import org.apache.shardingsphere.infra.metadata.auth.model.user.ShardingSphereUser;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
@@ -47,7 +48,7 @@ public final class PostgreSQLAuthenticationHandler {
* @return PostgreSQL login result
*/
public static PostgreSQLLoginResult loginWithMd5Password(final String username, final String databaseName, final byte[] md5Salt, final PostgreSQLPasswordMessagePacket passwordMessagePacket) {
- Optional<ShardingSphereUser> user = ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(new Grantee(username, ""));
+ Optional<ShardingSphereUser> user = ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(new Grantee(username, PrivilegeType.ALL_HOST_NAME.getName()));
if (!user.isPresent()) {
return new PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_AUTHORIZATION_SPECIFICATION, String.format("unknown username: %s", username));
}