You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by tu...@apache.org on 2022/04/18 08:45:14 UTC
[shardingsphere] branch master updated: revise pr 15965 (#16893)
This is an automated email from the ASF dual-hosted git repository.
tuichenchuxin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 6b97a237a1b revise pr 15965 (#16893)
6b97a237a1b is described below
commit 6b97a237a1bb27327336ecf6b13f6866750ca200
Author: Zhengqiang Duan <du...@apache.org>
AuthorDate: Mon Apr 18 16:45:08 2022 +0800
revise pr 15965 (#16893)
* revise pr 15965
* fix unit test
---
.../context/EncryptSQLRewriteContextDecorator.java | 18 ++++++++++--------
.../rewrite/token/EncryptTokenGenerateBuilder.java | 4 +---
.../impl/EncryptSQLRewriteContextDecoratorTest.java | 7 +++++--
.../shardingsphere/infra/hint/SQLHintExtractor.java | 6 +++---
.../infra/hint/SQLHintPropertiesKey.java | 2 +-
.../case/query-with-cipher/dml/update/update.xml | 18 +++++++++---------
6 files changed, 29 insertions(+), 26 deletions(-)
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/context/EncryptSQLRewriteContextDecorator.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/context/EncryptSQLRewriteContextDecorator.java
index 6ef904a3c8d..6a00f50ad31 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/context/EncryptSQLRewriteContextDecorator.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/context/EncryptSQLRewriteContextDecorator.java
@@ -23,6 +23,7 @@ import org.apache.shardingsphere.encrypt.rewrite.condition.EncryptConditionEngin
import org.apache.shardingsphere.encrypt.rewrite.parameter.EncryptParameterRewriterBuilder;
import org.apache.shardingsphere.encrypt.rewrite.token.EncryptTokenGenerateBuilder;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
+import org.apache.shardingsphere.infra.binder.statement.CommonSQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.type.WhereAvailable;
import org.apache.shardingsphere.infra.config.props.ConfigurationProperties;
@@ -45,20 +46,21 @@ public final class EncryptSQLRewriteContextDecorator implements SQLRewriteContex
@SuppressWarnings("rawtypes")
@Override
public void decorate(final EncryptRule encryptRule, final ConfigurationProperties props, final SQLRewriteContext sqlRewriteContext, final RouteContext routeContext) {
- Collection<EncryptCondition> encryptConditions = getEncryptConditions(encryptRule, sqlRewriteContext);
SQLStatementContext<?> sqlStatementContext = sqlRewriteContext.getSqlStatementContext();
- boolean containsEncryptTable = containsEncryptTable(encryptRule, sqlStatementContext);
+ if (((CommonSQLStatementContext) sqlStatementContext).getSqlHintExtractor().isHintSkipEncryptRewrite()
+ || !containsEncryptTable(encryptRule, sqlStatementContext)) {
+ return;
+ }
+ Collection<EncryptCondition> encryptConditions = getEncryptConditions(encryptRule, sqlRewriteContext);
encryptRule.setUpEncryptorSchema(sqlRewriteContext.getSchema());
- if (containsEncryptTable && !sqlRewriteContext.getParameters().isEmpty()) {
+ if (!sqlRewriteContext.getParameters().isEmpty()) {
Collection<ParameterRewriter> parameterRewriters = new EncryptParameterRewriterBuilder(encryptRule,
sqlRewriteContext.getSchemaName(), sqlRewriteContext.getSchema(), sqlStatementContext, encryptConditions).getParameterRewriters();
rewriteParameters(sqlRewriteContext, parameterRewriters);
}
- if (containsEncryptTable) {
- Collection<SQLTokenGenerator> sqlTokenGenerators = new EncryptTokenGenerateBuilder(encryptRule,
- sqlStatementContext, encryptConditions, sqlRewriteContext.getSchemaName()).getSQLTokenGenerators();
- sqlRewriteContext.addSQLTokenGenerators(sqlTokenGenerators);
- }
+ Collection<SQLTokenGenerator> sqlTokenGenerators = new EncryptTokenGenerateBuilder(encryptRule,
+ sqlStatementContext, encryptConditions, sqlRewriteContext.getSchemaName()).getSQLTokenGenerators();
+ sqlRewriteContext.addSQLTokenGenerators(sqlTokenGenerators);
}
private Collection<EncryptCondition> getEncryptConditions(final EncryptRule encryptRule, final SQLRewriteContext sqlRewriteContext) {
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/EncryptTokenGenerateBuilder.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/EncryptTokenGenerateBuilder.java
index 52102b31691..9216100e39b 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/EncryptTokenGenerateBuilder.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/EncryptTokenGenerateBuilder.java
@@ -35,7 +35,6 @@ import org.apache.shardingsphere.encrypt.rewrite.token.generator.EncryptProjecti
import org.apache.shardingsphere.encrypt.rewrite.token.generator.InsertCipherNameTokenGenerator;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.aware.EncryptRuleAware;
-import org.apache.shardingsphere.infra.binder.statement.CommonSQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.rewrite.sql.token.generator.SQLTokenGenerator;
import org.apache.shardingsphere.infra.rewrite.sql.token.generator.builder.SQLTokenGeneratorBuilder;
@@ -76,8 +75,7 @@ public final class EncryptTokenGenerateBuilder implements SQLTokenGeneratorBuild
}
private void addSQLTokenGenerator(final Collection<SQLTokenGenerator> sqlTokenGenerators, final SQLTokenGenerator toBeAddedSQLTokenGenerator) {
- if (!((CommonSQLStatementContext) sqlStatementContext).getSqlHintExtractor().isHintEncryptRewriteNeeded()
- && toBeAddedSQLTokenGenerator.isGenerateSQLToken(sqlStatementContext)) {
+ if (toBeAddedSQLTokenGenerator.isGenerateSQLToken(sqlStatementContext)) {
setUpSQLTokenGenerator(toBeAddedSQLTokenGenerator);
sqlTokenGenerators.add(toBeAddedSQLTokenGenerator);
}
diff --git a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/impl/EncryptSQLRewriteContextDecoratorTest.java b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/impl/EncryptSQLRewriteContextDecoratorTest.java
index b6c252cc911..91bcabdb7e3 100644
--- a/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/impl/EncryptSQLRewriteContextDecoratorTest.java
+++ b/shardingsphere-features/shardingsphere-encrypt/shardingsphere-encrypt-core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/impl/EncryptSQLRewriteContextDecoratorTest.java
@@ -20,6 +20,7 @@ package org.apache.shardingsphere.encrypt.rewrite.impl;
import org.apache.shardingsphere.encrypt.constant.EncryptOrder;
import org.apache.shardingsphere.encrypt.rewrite.context.EncryptSQLRewriteContextDecorator;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
+import org.apache.shardingsphere.infra.binder.statement.CommonSQLStatementContext;
import org.apache.shardingsphere.infra.config.props.ConfigurationProperties;
import org.apache.shardingsphere.infra.rewrite.context.SQLRewriteContext;
import org.apache.shardingsphere.infra.route.context.RouteContext;
@@ -44,8 +45,10 @@ public final class EncryptSQLRewriteContextDecoratorTest {
public void assertDecorate() {
EncryptRule encryptRule = mock(EncryptRule.class);
ConfigurationProperties configurationProperties = mock(ConfigurationProperties.class);
- SQLRewriteContext sqlRewriteContext = mock(SQLRewriteContext.class, RETURNS_DEEP_STUBS);
- when(sqlRewriteContext.getSqlStatementContext().getTablesContext().getTableNames()).thenReturn(Collections.emptyList());
+ SQLRewriteContext sqlRewriteContext = mock(SQLRewriteContext.class);
+ CommonSQLStatementContext sqlStatementContext = mock(CommonSQLStatementContext.class, RETURNS_DEEP_STUBS);
+ when(sqlRewriteContext.getSqlStatementContext()).thenReturn(sqlStatementContext);
+ when(sqlStatementContext.getTablesContext().getTableNames()).thenReturn(Collections.emptyList());
RouteContext routeContext = mock(RouteContext.class);
encryptSQLRewriteContextDecorator.decorate(encryptRule, configurationProperties, sqlRewriteContext, routeContext);
assertTrue(Objects.nonNull(sqlRewriteContext.getSqlTokens()));
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintExtractor.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintExtractor.java
index 6118e935e47..cadd56a808e 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintExtractor.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintExtractor.java
@@ -68,11 +68,11 @@ public final class SQLHintExtractor {
}
/**
- * Judge whether is hint indicated encrypt rewrite needed or skip.
+ * Judge whether hint skip encrypt rewrite or not.
*
- * @return whether is hint indicated encrypt rewrite needed or skip
+ * @return whether hint skip encrypt rewrite or not
*/
- public boolean isHintEncryptRewriteNeeded() {
+ public boolean isHintSkipEncryptRewrite() {
return sqlHintProperties.getValue(SQLHintPropertiesKey.SKIP_ENCRYPT_REWRITE_KEY);
}
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintPropertiesKey.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintPropertiesKey.java
index cc16097bd71..087fe44947f 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintPropertiesKey.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/hint/SQLHintPropertiesKey.java
@@ -44,7 +44,7 @@ public enum SQLHintPropertiesKey implements TypedPropertyKey {
USE_TRAFFIC("useTraffic", String.valueOf(Boolean.FALSE), boolean.class),
/**
- * Whether hint indicate encrypt rewrite needed or skip.
+ * Whether hint skip encrypt rewrite or not.
*/
SKIP_ENCRYPT_REWRITE_KEY("skipEncryptRewrite", String.valueOf(Boolean.FALSE), boolean.class);
diff --git a/shardingsphere-test/shardingsphere-rewrite-test/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/update/update.xml b/shardingsphere-test/shardingsphere-rewrite-test/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/update/update.xml
index 32b824474fc..07cc980d9d7 100644
--- a/shardingsphere-test/shardingsphere-rewrite-test/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/update/update.xml
+++ b/shardingsphere-test/shardingsphere-rewrite-test/src/test/resources/scenario/encrypt/case/query-with-cipher/dml/update/update.xml
@@ -21,49 +21,49 @@
<input sql="UPDATE t_account SET account_id = ?, certificate_number = ?, password = ?, amount = ?, status = ? WHERE account_id = ? AND certificate_number = ? AND password = ? AND amount = ? AND status = ?" parameters="1, 111X, aaa, 1000, OK, 1, 111X, aaa, 1000, OK" />
<output sql="UPDATE t_account SET account_id = ?, cipher_certificate_number = ?, assisted_query_certificate_number = ?, cipher_password = ?, assisted_query_password = ?, cipher_amount = ?, status = ? WHERE account_id = ? AND assisted_query_certificate_number = ? AND assisted_query_password = ? AND cipher_amount = ? AND status = ?" parameters="1, encrypt_111X, assisted_query_111X, encrypt_aaa, assisted_query_aaa, encrypt_1000, OK, 1, assisted_query_111X, assisted_query_aaa, encryp [...]
</rewrite-assertion>
-
+
<rewrite-assertion id="update_for_literals" db-types="MySQL">
<input sql="UPDATE t_account SET account_id = 1, certificate_number = '111X', password = 'aaa', amount = 1000, status = 'OK' WHERE account_id = 1 AND certificate_number = '111X' AND password = 'aaa' AND amount = 1000 AND status = 'OK'" />
<output sql="UPDATE t_account SET account_id = 1, cipher_certificate_number = 'encrypt_111X', assisted_query_certificate_number = 'assisted_query_111X', cipher_password = 'encrypt_aaa', assisted_query_password = 'assisted_query_aaa', cipher_amount = 'encrypt_1000', status = 'OK' WHERE account_id = 1 AND assisted_query_certificate_number = 'assisted_query_111X' AND assisted_query_password = 'assisted_query_aaa' AND cipher_amount = 'encrypt_1000' AND status = 'OK'" />
</rewrite-assertion>
-
+
<!-- TODO FIX ME!-->
<!-- <rewrite-assertion id="update_plain_for_parameters" db-types="MySQL">-->
<!-- <input sql="UPDATE t_account_bak SET account_id = ?, certificate_number = ?, password = ?, amount = ?, status = ? WHERE account_id = ? AND certificate_number = ? AND password = ? AND amount = ? AND status = ?" parameters="1, 111X, aaa, 1000, OK, 1, 111X, aaa, 1000, OK" />-->
<!-- <output sql="UPDATE t_account_bak SET account_id = ?, cipher_certificate_number = ?, assisted_query_certificate_number = ?, plain_certificate_number = ?, cipher_password = ?, assisted_query_password = ?, plain_password = ?, cipher_amount = ?, plain_amount = ?, status = ? WHERE account_id = ? AND assisted_query_certificate_number = ? AND assisted_query_password = ? AND cipher_amount = ? AND status = ?" parameters="1, encrypt_111X, assisted_query_111X, 111X, encrypt_aaa, as [...]
<!-- </rewrite-assertion>-->
-
+
<rewrite-assertion id="update_plain_for_literals" db-types="MySQL">
<input sql="UPDATE t_account_bak SET account_id = 1, certificate_number = '111X', password = 'aaa', amount = 1000, status = 'OK' WHERE account_id = 1 AND certificate_number = '111X' AND password = 'aaa' AND amount = 1000 AND status = 'OK'" />
<output sql="UPDATE t_account_bak SET account_id = 1, cipher_certificate_number = 'encrypt_111X', assisted_query_certificate_number = 'assisted_query_111X', plain_certificate_number = '111X', cipher_password = 'encrypt_aaa', assisted_query_password = 'assisted_query_aaa', plain_password = 'aaa', cipher_amount = 'encrypt_1000', plain_amount = 1000, status = 'OK' WHERE account_id = 1 AND assisted_query_certificate_number = 'assisted_query_111X' AND assisted_query_password = 'assist [...]
</rewrite-assertion>
-
+
<!-- TODO FIX ME!-->
<!-- <rewrite-assertion id="update_multi_for_parameters" db-types="MySQL">-->
<!-- <input sql="UPDATE t_account_bak SET account_id = ?, password = ?, amount = ?, status = ? WHERE account_id = ? AND password = ? AND amount = ? AND status = ?" parameters="1, aaa, 1000, OK, 1, aaa, 1000, OK" />-->
<!-- <output sql="UPDATE t_account_bak SET account_id = ?, cipher_password = ?, assisted_query_password = ?, plain_password = ?, cipher_amount = ?, plain_amount = ?, status = ? WHERE account_id = ? AND assisted_query_password = ? AND cipher_amount = ? AND status = ?" parameters="1, encrypt_aaa, assisted_query_aaa, aaa, encrypt_1000, 1000, OK, 1, assisted_query_aaa, 1000, OK" />-->
<!-- </rewrite-assertion>-->
-
+
<rewrite-assertion id="update_plain_for_literals" db-types="MySQL">
<input sql="UPDATE t_account_bak SET account_id = 1, password = 'aaa', amount = 1000, status = 'OK' WHERE account_id = 1 AND password = 'aaa' AND amount = 1000 AND status = 'OK'" />
<output sql="UPDATE t_account_bak SET account_id = 1, cipher_password = 'encrypt_aaa', assisted_query_password = 'assisted_query_aaa', plain_password = 'aaa', cipher_amount = 'encrypt_1000', plain_amount = 1000, status = 'OK' WHERE account_id = 1 AND assisted_query_password = 'assisted_query_aaa' AND cipher_amount = 'encrypt_1000' AND status = 'OK'" />
</rewrite-assertion>
-
+
<rewrite-assertion id="update_blank_to_clear_plain_with_skip_encrypt_rewrite_true" db-types="MySQL">
<input sql="/*shardingsphere hint: skipEncryptRewrite=true*/UPDATE t_account_bak SET certificate_number = '', status = 'OK'" />
<output sql="/*shardingsphere hint: skipEncryptRewrite=true*/UPDATE t_account_bak SET certificate_number = '', status = 'OK'" />
</rewrite-assertion>
-
+
<rewrite-assertion id="update_blank_to_clear_plain_with_skip_encrypt_rewrite_false" db-types="MySQL">
<input sql="/*shardingsphere hint: skipEncryptRewrite=false*/UPDATE t_account_bak SET certificate_number = '', status = 'OK'" />
<output sql="/*shardingsphere hint: skipEncryptRewrite=false*/UPDATE t_account_bak SET cipher_certificate_number = 'encrypt_', assisted_query_certificate_number = 'assisted_query_', plain_certificate_number = '', status = 'OK'" />
</rewrite-assertion>
-
+
<rewrite-assertion id="update_blank_to_clear_plain_with_normal_skip_encrypt_rewrite_hint" db-types="MySQL">
<input sql="UPDATE t_account_bak SET certificate_number = '', status = 'OK'" />
<output sql="UPDATE t_account_bak SET cipher_certificate_number = 'encrypt_', assisted_query_certificate_number = 'assisted_query_', plain_certificate_number = '', status = 'OK'" />
</rewrite-assertion>
-
+
<rewrite-assertion id="update_null_to_clear_plain" db-types="MySQL">
<input sql="UPDATE t_account_bak SET certificate_number = null" />
<output sql="UPDATE t_account_bak SET certificate_number = null" />