You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by du...@apache.org on 2023/06/22 05:12:29 UTC
[shardingsphere] branch master updated: Push down encryptor from encrypt rule to encrypt column (#26493)
This is an automated email from the ASF dual-hosted git repository.
duanzhengqiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 03d3fa8d195 Push down encryptor from encrypt rule to encrypt column (#26493)
03d3fa8d195 is described below
commit 03d3fa8d195f67f04b96763f7d33b844c7d02915
Author: Liang Zhang <zh...@apache.org>
AuthorDate: Thu Jun 22 13:12:22 2023 +0800
Push down encryptor from encrypt rule to encrypt column (#26493)
* Refactor CipherColumnItem
* Refactor CipherColumnItem
* Refactor CipherColumnItem
* Refactor EncryptColumnItem
* Refactor EncryptColumnItem
---
.../encrypt/merge/dql/EncryptMergedResult.java | 4 +-
.../EncryptAssignmentParameterRewriter.java | 22 ++++----
...OnDuplicateKeyUpdateValueParameterRewriter.java | 32 ++++-------
.../EncryptInsertValueParameterRewriter.java | 28 ++++-----
.../EncryptPredicateParameterRewriter.java | 18 +++---
.../generator/EncryptAssignmentTokenGenerator.java | 43 +++++++-------
.../EncryptPredicateRightValueTokenGenerator.java | 16 +++---
.../EncryptInsertOnUpdateTokenGenerator.java | 45 ++++++++-------
.../insert/EncryptInsertValuesTokenGenerator.java | 27 ++++++---
.../shardingsphere/encrypt/rule/EncryptRule.java | 35 +++---------
.../rule/column/item/AssistedQueryColumnItem.java | 47 ++++++++++++++-
.../encrypt/rule/column/item/CipherColumnItem.java | 66 +++++++++++++++++++++-
.../rule/column/item/LikeQueryColumnItem.java | 47 ++++++++++++++-
.../EncryptAssignmentTokenGeneratorTest.java | 2 +
.../EncryptInsertOnUpdateTokenGeneratorTest.java | 11 +++-
.../encrypt/rule/EncryptRuleTest.java | 30 ----------
16 files changed, 298 insertions(+), 175 deletions(-)
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
index 62976688fc1..038bfff8733 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
@@ -19,6 +19,7 @@ package org.apache.shardingsphere.encrypt.merge.dql;
import lombok.RequiredArgsConstructor;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.segment.select.projection.impl.ColumnProjection;
import org.apache.shardingsphere.infra.binder.segment.table.TablesContext;
import org.apache.shardingsphere.infra.binder.statement.dml.SelectStatementContext;
@@ -71,7 +72,8 @@ public final class EncryptMergedResult implements MergedResult {
return mergedResult.getValue(columnIndex, type);
}
Object cipherValue = mergedResult.getValue(columnIndex, Object.class);
- return encryptRule.decrypt(database.getName(), schemaName, tableName.get(), columnProjection.get().getName(), cipherValue);
+ EncryptColumn encryptColumn = encryptRule.getEncryptTable(tableName.get()).getEncryptColumn(columnProjection.get().getName());
+ return encryptColumn.getCipher().decrypt(database.getName(), schemaName, tableName.get(), columnProjection.get().getName(), cipherValue);
}
private Optional<String> findTableName(final ColumnProjection columnProjection, final Map<String, String> columnTableNames) {
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptAssignmentParameterRewriter.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptAssignmentParameterRewriter.java
index 26effa30224..bfe8702095d 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptAssignmentParameterRewriter.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptAssignmentParameterRewriter.java
@@ -22,7 +22,7 @@ import lombok.Setter;
import org.apache.shardingsphere.encrypt.rewrite.aware.DatabaseNameAware;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptRuleAware;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
-import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.UpdateStatementContext;
@@ -74,10 +74,11 @@ public final class EncryptAssignmentParameterRewriter implements ParameterRewrit
for (AssignmentSegment each : getSetAssignmentSegment(sqlStatementContext.getSqlStatement()).getAssignments()) {
String columnName = each.getColumns().get(0).getIdentifier().getValue();
if (each.getValue() instanceof ParameterMarkerExpressionSegment && encryptRule.findEncryptTable(tableName).map(optional -> optional.isEncryptColumn(columnName)).orElse(false)) {
+ EncryptColumn encryptColumn = encryptRule.getEncryptTable(tableName).getEncryptColumn(columnName);
StandardParameterBuilder standardParamBuilder = paramBuilder instanceof StandardParameterBuilder
? (StandardParameterBuilder) paramBuilder
: ((GroupedParameterBuilder) paramBuilder).getParameterBuilders().get(0);
- encryptParameters(standardParamBuilder, schemaName, tableName, each, params);
+ encryptParameters(standardParamBuilder, schemaName, tableName, encryptColumn, ((ParameterMarkerExpressionSegment) each.getValue()).getParameterMarkerIndex(), params);
}
}
}
@@ -92,19 +93,18 @@ public final class EncryptAssignmentParameterRewriter implements ParameterRewrit
}
private void encryptParameters(final StandardParameterBuilder paramBuilder, final String schemaName,
- final String tableName, final AssignmentSegment assignmentSegment, final List<Object> params) {
- String columnName = assignmentSegment.getColumns().get(0).getIdentifier().getValue();
- int parameterMarkerIndex = ((ParameterMarkerExpressionSegment) assignmentSegment.getValue()).getParameterMarkerIndex();
+ final String tableName, final EncryptColumn encryptColumn, final int parameterMarkerIndex, final List<Object> params) {
+ String columnName = encryptColumn.getName();
Object originalValue = params.get(parameterMarkerIndex);
- Object cipherValue = encryptRule.encrypt(databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next();
+ Object cipherValue = encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next();
paramBuilder.addReplacedParameters(parameterMarkerIndex, cipherValue);
Collection<Object> addedParams = new LinkedList<>();
- Optional<EncryptTable> encryptTable = encryptRule.findEncryptTable(tableName);
- if (encryptTable.isPresent() && encryptTable.get().findAssistedQueryColumn(columnName).isPresent()) {
- addedParams.add(encryptRule.getEncryptAssistedQueryValues(databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next());
+ if (encryptColumn.getAssistedQuery().isPresent()) {
+ addedParams.add(encryptColumn.getAssistedQuery().get().getEncryptAssistedQueryValues(
+ databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next());
}
- if (encryptTable.isPresent() && encryptTable.get().findLikeQueryColumn(columnName).isPresent()) {
- addedParams.add(encryptRule.getEncryptLikeQueryValues(databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next());
+ if (encryptColumn.getLikeQuery().isPresent()) {
+ addedParams.add(encryptColumn.getLikeQuery().get().getEncryptLikeQueryValues(databaseName, schemaName, tableName, columnName, Collections.singletonList(originalValue)).iterator().next());
}
if (!addedParams.isEmpty()) {
paramBuilder.addAddedParameters(parameterMarkerIndex, addedParams);
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter.java
index 5aec0da1cf9..37a000bb530 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter.java
@@ -17,12 +17,11 @@
package org.apache.shardingsphere.encrypt.rewrite.parameter.rewriter;
-import com.google.common.base.Preconditions;
import lombok.Setter;
import org.apache.shardingsphere.encrypt.rewrite.aware.DatabaseNameAware;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptRuleAware;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
-import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.segment.insert.values.OnDuplicateUpdateContext;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
@@ -34,10 +33,8 @@ import org.apache.shardingsphere.sql.parser.sql.common.segment.dml.expr.Function
import org.apache.shardingsphere.sql.parser.sql.dialect.handler.dml.InsertStatementHandler;
import java.util.Collection;
-import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
-import java.util.Optional;
/**
* Insert on duplicate key update parameter rewriter for encrypt.
@@ -63,17 +60,18 @@ public final class EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter imple
OnDuplicateUpdateContext onDuplicateKeyUpdateValueContext = insertStatementContext.getOnDuplicateKeyUpdateValueContext();
String schemaName = sqlStatementContext.getTablesContext().getSchemaName().orElseGet(() -> DatabaseTypeEngine.getDefaultSchemaName(sqlStatementContext.getDatabaseType(), databaseName));
for (int index = 0; index < onDuplicateKeyUpdateValueContext.getValueExpressions().size(); index++) {
- String encryptLogicColumnName = onDuplicateKeyUpdateValueContext.getColumn(index).getIdentifier().getValue();
- if (!encryptRule.findEncryptTable(tableName).map(optional -> optional.isEncryptColumn(encryptLogicColumnName)).orElse(false)) {
+ String logicColumnName = onDuplicateKeyUpdateValueContext.getColumn(index).getIdentifier().getValue();
+ if (!encryptRule.findEncryptTable(tableName).map(optional -> optional.isEncryptColumn(logicColumnName)).orElse(false)) {
continue;
}
Object plainValue = onDuplicateKeyUpdateValueContext.getValue(index);
if (plainValue instanceof FunctionSegment && "VALUES".equalsIgnoreCase(((FunctionSegment) plainValue).getFunctionName())) {
return;
}
- Object cipherColumnValue = encryptRule.encrypt(databaseName, schemaName, tableName, encryptLogicColumnName, plainValue);
+ EncryptColumn encryptColumn = encryptRule.getEncryptTable(tableName).getEncryptColumn(logicColumnName);
+ Object cipherColumnValue = encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, logicColumnName, plainValue);
groupedParamBuilder.getGenericParameterBuilder().addReplacedParameters(index, cipherColumnValue);
- Collection<Object> addedParams = buildAddedParams(schemaName, tableName, encryptLogicColumnName, plainValue);
+ Collection<Object> addedParams = buildAddedParams(schemaName, tableName, encryptColumn, logicColumnName, plainValue);
if (!addedParams.isEmpty()) {
if (!groupedParamBuilder.getGenericParameterBuilder().getAddedIndexAndParameters().containsKey(index)) {
groupedParamBuilder.getGenericParameterBuilder().getAddedIndexAndParameters().put(index, new LinkedList<>());
@@ -83,21 +81,13 @@ public final class EncryptInsertOnDuplicateKeyUpdateValueParameterRewriter imple
}
}
- private Collection<Object> buildAddedParams(final String schemaName, final String tableName, final String logicColumnName, final Object plainValue) {
- Optional<EncryptTable> encryptTable = encryptRule.findEncryptTable(tableName);
- if (!encryptTable.isPresent()) {
- return Collections.emptyList();
- }
+ private Collection<Object> buildAddedParams(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final String logicColumnName, final Object plainValue) {
Collection<Object> result = new LinkedList<>();
- if (encryptTable.get().findAssistedQueryColumn(logicColumnName).isPresent()) {
- Optional<String> assistedColumnName = encryptTable.get().findAssistedQueryColumn(logicColumnName);
- Preconditions.checkArgument(assistedColumnName.isPresent(), "Can not find assisted query column name.");
- result.add(encryptRule.getEncryptAssistedQueryValue(databaseName, schemaName, tableName, logicColumnName, plainValue));
+ if (encryptColumn.getAssistedQuery().isPresent()) {
+ result.add(encryptColumn.getAssistedQuery().get().getEncryptAssistedQueryValue(databaseName, schemaName, tableName, logicColumnName, plainValue));
}
- if (encryptTable.get().findLikeQueryColumn(logicColumnName).isPresent()) {
- Optional<String> likeColumnName = encryptTable.get().findLikeQueryColumn(logicColumnName);
- Preconditions.checkArgument(likeColumnName.isPresent(), "Can not find assisted query column name.");
- result.add(encryptRule.getEncryptLikeQueryValue(databaseName, schemaName, tableName, logicColumnName, plainValue));
+ if (encryptColumn.getLikeQuery().isPresent()) {
+ result.add(encryptColumn.getLikeQuery().get().getEncryptLikeQueryValue(databaseName, schemaName, tableName, logicColumnName, plainValue));
}
return result;
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertValueParameterRewriter.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertValueParameterRewriter.java
index a1dbad22f9c..e398e11a8be 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertValueParameterRewriter.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptInsertValueParameterRewriter.java
@@ -22,6 +22,7 @@ import org.apache.shardingsphere.encrypt.rewrite.aware.DatabaseNameAware;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptRuleAware;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.database.type.DatabaseTypeEngine;
@@ -69,13 +70,14 @@ public final class EncryptInsertValueParameterRewriter implements ParameterRewri
while (descendingColumnNames.hasNext()) {
String columnName = descendingColumnNames.next();
if (encryptRule.findEncryptTable(tableName).map(optional -> optional.isEncryptColumn(columnName)).orElse(false)) {
- encryptInsertValues(encryptTable.get(), (GroupedParameterBuilder) paramBuilder, insertStatementContext, schemaName, tableName, columnName);
+ encryptInsertValues((GroupedParameterBuilder) paramBuilder, insertStatementContext, schemaName, tableName, columnName);
}
}
}
- private void encryptInsertValues(final EncryptTable encryptTable, final GroupedParameterBuilder paramBuilder, final InsertStatementContext insertStatementContext,
+ private void encryptInsertValues(final GroupedParameterBuilder paramBuilder, final InsertStatementContext insertStatementContext,
final String schemaName, final String tableName, final String columnName) {
+ EncryptColumn encryptColumn = encryptRule.getEncryptTable(tableName).getEncryptColumn(columnName);
int columnIndex = getColumnIndex(paramBuilder, insertStatementContext, columnName);
int count = 0;
for (List<Object> each : insertStatementContext.getGroupedParameters()) {
@@ -84,9 +86,8 @@ public final class EncryptInsertValueParameterRewriter implements ParameterRewri
StandardParameterBuilder standardParamBuilder = paramBuilder.getParameterBuilders().get(count);
ExpressionSegment expressionSegment = insertStatementContext.getInsertValueContexts().get(count).getValueExpressions().get(columnIndex);
if (expressionSegment instanceof ParameterMarkerExpressionSegment) {
- Object literalValue = insertStatementContext.getInsertValueContexts().get(count).getLiteralValue(columnIndex)
- .orElse(null);
- encryptInsertValue(encryptTable, paramIndex, literalValue, standardParamBuilder, schemaName, tableName, columnName);
+ Object literalValue = insertStatementContext.getInsertValueContexts().get(count).getLiteralValue(columnIndex).orElse(null);
+ encryptInsertValue(encryptColumn, paramIndex, literalValue, standardParamBuilder, schemaName, tableName);
}
}
count++;
@@ -104,17 +105,16 @@ public final class EncryptInsertValueParameterRewriter implements ParameterRewri
return columnNames.indexOf(encryptLogicColumnName);
}
- private void encryptInsertValue(final EncryptTable encryptTable, final int paramIndex, final Object originalValue,
- final StandardParameterBuilder paramBuilder, final String schemaName, final String tableName, final String columnName) {
- paramBuilder.addReplacedParameters(paramIndex, encryptRule.encrypt(databaseName, schemaName, tableName, columnName, originalValue));
+ private void encryptInsertValue(final EncryptColumn encryptColumn, final int paramIndex, final Object originalValue,
+ final StandardParameterBuilder paramBuilder, final String schemaName, final String tableName) {
+ String columnName = encryptColumn.getName();
+ paramBuilder.addReplacedParameters(paramIndex, encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, columnName, originalValue));
Collection<Object> addedParams = new LinkedList<>();
- Optional<String> assistedColumnName = encryptTable.findAssistedQueryColumn(columnName);
- if (assistedColumnName.isPresent()) {
- addedParams.add(encryptRule.getEncryptAssistedQueryValue(databaseName, schemaName, tableName, columnName, originalValue));
+ if (encryptColumn.getAssistedQuery().isPresent()) {
+ addedParams.add(encryptColumn.getAssistedQuery().get().getEncryptAssistedQueryValue(databaseName, schemaName, tableName, columnName, originalValue));
}
- Optional<String> likeColumnName = encryptTable.findLikeQueryColumn(columnName);
- if (likeColumnName.isPresent()) {
- addedParams.add(encryptRule.getEncryptLikeQueryValue(databaseName, schemaName, tableName, columnName, originalValue));
+ if (encryptColumn.getLikeQuery().isPresent()) {
+ addedParams.add(encryptColumn.getLikeQuery().get().getEncryptLikeQueryValue(databaseName, schemaName, tableName, columnName, originalValue));
}
if (!addedParams.isEmpty()) {
if (!paramBuilder.getAddedIndexAndParameters().containsKey(paramIndex)) {
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptPredicateParameterRewriter.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptPredicateParameterRewriter.java
index b599f6c95c4..6c8ddea03a9 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptPredicateParameterRewriter.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/parameter/rewriter/EncryptPredicateParameterRewriter.java
@@ -17,7 +17,6 @@
package org.apache.shardingsphere.encrypt.rewrite.parameter.rewriter;
-import com.google.common.base.Preconditions;
import lombok.Setter;
import org.apache.shardingsphere.encrypt.rewrite.aware.DatabaseNameAware;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptConditionsAware;
@@ -26,6 +25,7 @@ import org.apache.shardingsphere.encrypt.rewrite.condition.EncryptCondition;
import org.apache.shardingsphere.encrypt.rewrite.condition.impl.EncryptBinaryCondition;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.type.WhereAvailable;
import org.apache.shardingsphere.infra.database.type.DatabaseTypeEngine;
@@ -37,7 +37,6 @@ import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
-import java.util.Optional;
/**
* Predicate parameter rewriter for encrypt.
@@ -67,15 +66,14 @@ public final class EncryptPredicateParameterRewriter implements ParameterRewrite
private List<Object> getEncryptedValues(final String schemaName, final EncryptCondition encryptCondition, final List<Object> originalValues) {
String tableName = encryptCondition.getTableName();
String columnName = encryptCondition.getColumnName();
- Optional<EncryptTable> encryptTable = encryptRule.findEncryptTable(tableName);
- Preconditions.checkState(encryptTable.isPresent());
- if (encryptCondition instanceof EncryptBinaryCondition && "LIKE".equals(((EncryptBinaryCondition) encryptCondition).getOperator())
- && encryptTable.get().findLikeQueryColumn(columnName).isPresent()) {
- return encryptRule.getEncryptLikeQueryValues(databaseName, schemaName, tableName, columnName, originalValues);
+ EncryptTable encryptTable = encryptRule.getEncryptTable(tableName);
+ EncryptColumn encryptColumn = encryptTable.getEncryptColumn(columnName);
+ if (encryptCondition instanceof EncryptBinaryCondition && "LIKE".equals(((EncryptBinaryCondition) encryptCondition).getOperator()) && encryptColumn.getLikeQuery().isPresent()) {
+ return encryptColumn.getLikeQuery().get().getEncryptLikeQueryValues(databaseName, schemaName, tableName, columnName, originalValues);
}
- return encryptTable.get().findAssistedQueryColumn(columnName).isPresent()
- ? encryptRule.getEncryptAssistedQueryValues(databaseName, schemaName, tableName, columnName, originalValues)
- : encryptRule.encrypt(databaseName, schemaName, tableName, columnName, originalValues);
+ return encryptColumn.getAssistedQuery().isPresent()
+ ? encryptColumn.getAssistedQuery().get().getEncryptAssistedQueryValues(databaseName, schemaName, tableName, columnName, originalValues)
+ : encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, columnName, originalValues);
}
private void encryptParameters(final ParameterBuilder paramBuilder, final Map<Integer, Integer> positionIndexes, final List<Object> encryptValues) {
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGenerator.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGenerator.java
index cca7acdeebd..4e7b0e3149a 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGenerator.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGenerator.java
@@ -26,6 +26,7 @@ import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptLiteralAssign
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptParameterAssignmentToken;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.UpdateStatementContext;
@@ -70,8 +71,10 @@ public final class EncryptAssignmentTokenGenerator implements CollectionSQLToken
EncryptTable encryptTable = encryptRule.getEncryptTable(tableName);
String schemaName = sqlStatementContext.getTablesContext().getSchemaName().orElseGet(() -> DatabaseTypeEngine.getDefaultSchemaName(sqlStatementContext.getDatabaseType(), databaseName));
for (AssignmentSegment each : getSetAssignmentSegment(sqlStatementContext.getSqlStatement()).getAssignments()) {
- if (encryptTable.isEncryptColumn(each.getColumns().get(0).getIdentifier().getValue())) {
- generateSQLToken(schemaName, encryptTable, each).ifPresent(result::add);
+ String columnName = each.getColumns().get(0).getIdentifier().getValue();
+ if (encryptTable.isEncryptColumn(columnName)) {
+ EncryptColumn encryptColumn = encryptTable.getEncryptColumn(columnName);
+ generateSQLToken(schemaName, encryptTable, encryptColumn, each).ifPresent(result::add);
}
}
return result;
@@ -86,12 +89,12 @@ public final class EncryptAssignmentTokenGenerator implements CollectionSQLToken
return ((UpdateStatement) sqlStatement).getSetAssignment();
}
- private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment) {
+ private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final EncryptTable encryptTable, final EncryptColumn encryptColumn, final AssignmentSegment assignmentSegment) {
if (assignmentSegment.getValue() instanceof ParameterMarkerExpressionSegment) {
return Optional.of(generateParameterSQLToken(encryptTable, assignmentSegment));
}
if (assignmentSegment.getValue() instanceof LiteralExpressionSegment) {
- return Optional.of(generateLiteralSQLToken(schemaName, encryptTable, assignmentSegment));
+ return Optional.of(generateLiteralSQLToken(schemaName, encryptTable, encryptColumn, assignmentSegment));
}
return Optional.empty();
}
@@ -105,39 +108,39 @@ public final class EncryptAssignmentTokenGenerator implements CollectionSQLToken
return result;
}
- private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment) {
+ private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final EncryptTable encryptTable, final EncryptColumn encryptColumn, final AssignmentSegment assignmentSegment) {
EncryptLiteralAssignmentToken result = new EncryptLiteralAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex());
- addCipherAssignment(schemaName, encryptTable, assignmentSegment, result);
- addAssistedQueryAssignment(schemaName, encryptTable, assignmentSegment, result);
- addLikeAssignment(schemaName, encryptTable, assignmentSegment, result);
+ addCipherAssignment(schemaName, encryptTable, encryptColumn, assignmentSegment, result);
+ addAssistedQueryAssignment(schemaName, encryptTable, encryptColumn, assignmentSegment, result);
+ addLikeAssignment(schemaName, encryptTable, encryptColumn, assignmentSegment, result);
return result;
}
- private void addCipherAssignment(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
+ private void addCipherAssignment(final String schemaName, final EncryptTable encryptTable,
+ final EncryptColumn encryptColumn, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Object cipherValue = encryptRule.encrypt(databaseName, schemaName, encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(),
+ Object cipherValue = encryptColumn.getCipher().encrypt(databaseName, schemaName, encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(),
Collections.singletonList(originalValue)).iterator().next();
token.addAssignment(encryptTable.getCipherColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue()), cipherValue);
}
- private void addAssistedQueryAssignment(final String schemaName, final EncryptTable encryptTable,
+ private void addAssistedQueryAssignment(final String schemaName, final EncryptTable encryptTable, final EncryptColumn encryptColumn,
final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Optional<String> assistedQueryColumn = encryptTable.findAssistedQueryColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue());
- if (assistedQueryColumn.isPresent()) {
- Object assistedQueryValue = encryptRule.getEncryptAssistedQueryValues(databaseName, schemaName,
+ if (encryptColumn.getAssistedQuery().isPresent()) {
+ Object assistedQueryValue = encryptColumn.getAssistedQuery().get().getEncryptAssistedQueryValues(databaseName, schemaName,
encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
- token.addAssignment(assistedQueryColumn.get(), assistedQueryValue);
+ token.addAssignment(encryptColumn.getAssistedQuery().get().getName(), assistedQueryValue);
}
}
- private void addLikeAssignment(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
+ private void addLikeAssignment(final String schemaName, final EncryptTable encryptTable, final EncryptColumn encryptColumn,
+ final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Optional<String> assistedQueryColumn = encryptTable.findLikeQueryColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue());
- if (assistedQueryColumn.isPresent()) {
- Object assistedQueryValue = encryptRule.getEncryptLikeQueryValues(databaseName, schemaName,
+ if (encryptColumn.getLikeQuery().isPresent()) {
+ Object assistedQueryValue = encryptColumn.getLikeQuery().get().getEncryptLikeQueryValues(databaseName, schemaName,
encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
- token.addAssignment(assistedQueryColumn.get(), assistedQueryValue);
+ token.addAssignment(encryptColumn.getLikeQuery().get().getName(), assistedQueryValue);
}
}
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptPredicateRightValueTokenGenerator.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptPredicateRightValueTokenGenerator.java
index c651b5d6670..6a8483e3af2 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptPredicateRightValueTokenGenerator.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptPredicateRightValueTokenGenerator.java
@@ -30,6 +30,8 @@ import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptPredicateFunc
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptPredicateInRightValueToken;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
+import org.apache.shardingsphere.encrypt.rule.column.item.LikeQueryColumnItem;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.type.WhereAvailable;
import org.apache.shardingsphere.infra.database.type.DatabaseTypeEngine;
@@ -102,15 +104,15 @@ public final class EncryptPredicateRightValueTokenGenerator
}
private List<Object> getEncryptedValues(final String schemaName, final EncryptTable encryptTable, final EncryptCondition encryptCondition, final List<Object> originalValues) {
+ EncryptColumn encryptColumn = encryptTable.getEncryptColumn(encryptCondition.getColumnName());
if (encryptCondition instanceof EncryptBinaryCondition && "LIKE".equalsIgnoreCase(((EncryptBinaryCondition) encryptCondition).getOperator())) {
- Optional<String> likeQueryColumn = encryptTable.findLikeQueryColumn(encryptCondition.getColumnName());
- ShardingSpherePreconditions.checkState(likeQueryColumn.isPresent(), () -> new UnsupportedEncryptSQLException("LIKE"));
- return encryptRule.getEncryptLikeQueryValues(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues);
+ Optional<LikeQueryColumnItem> likeQueryColumnItem = encryptColumn.getLikeQuery();
+ ShardingSpherePreconditions.checkState(likeQueryColumnItem.isPresent(), () -> new UnsupportedEncryptSQLException("LIKE"));
+ return likeQueryColumnItem.get().getEncryptLikeQueryValues(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues);
}
- Optional<String> assistedQueryColumn = encryptTable.findAssistedQueryColumn(encryptCondition.getColumnName());
- return assistedQueryColumn.isPresent()
- ? encryptRule.getEncryptAssistedQueryValues(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues)
- : encryptRule.encrypt(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues);
+ return encryptColumn.getAssistedQuery()
+ .map(optional -> optional.getEncryptAssistedQueryValues(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues))
+ .orElseGet(() -> encryptColumn.getCipher().encrypt(databaseName, schemaName, encryptCondition.getTableName(), encryptCondition.getColumnName(), originalValues));
}
private Map<Integer, Object> getPositionValues(final Collection<Integer> valuePositions, final List<Object> encryptValues) {
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGenerator.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGenerator.java
index dcec58ee92e..200fad34fce 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGenerator.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGenerator.java
@@ -28,6 +28,7 @@ import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptLiteralAssign
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptParameterAssignmentToken;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.database.type.DatabaseTypeEngine;
@@ -88,12 +89,13 @@ public final class EncryptInsertOnUpdateTokenGenerator implements CollectionSQLT
if (!leftColumnIsEncrypt) {
continue;
}
- generateSQLToken(schemaName, encryptTable, each).ifPresent(result::add);
+ EncryptColumn encryptColumn = encryptTable.getEncryptColumn(each.getColumns().get(0).getIdentifier().getValue());
+ generateSQLToken(schemaName, encryptTable, encryptColumn, each).ifPresent(result::add);
}
return result;
}
- private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment) {
+ private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final EncryptTable encryptTable, final EncryptColumn encryptColumn, final AssignmentSegment assignmentSegment) {
if (assignmentSegment.getValue() instanceof ParameterMarkerExpressionSegment) {
return Optional.of(generateParameterSQLToken(encryptTable, assignmentSegment));
}
@@ -101,7 +103,7 @@ public final class EncryptInsertOnUpdateTokenGenerator implements CollectionSQLT
return Optional.of(generateValuesSQLToken(encryptTable, assignmentSegment, (FunctionSegment) assignmentSegment.getValue()));
}
if (assignmentSegment.getValue() instanceof LiteralExpressionSegment) {
- return Optional.of(generateLiteralSQLToken(schemaName, encryptTable, assignmentSegment));
+ return Optional.of(generateLiteralSQLToken(schemaName, encryptTable.getTable(), encryptColumn, assignmentSegment));
}
return Optional.empty();
}
@@ -115,11 +117,11 @@ public final class EncryptInsertOnUpdateTokenGenerator implements CollectionSQLT
return result;
}
- private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment) {
+ private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final AssignmentSegment assignmentSegment) {
EncryptLiteralAssignmentToken result = new EncryptLiteralAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex());
- addCipherAssignment(schemaName, encryptTable, assignmentSegment, result);
- addAssistedQueryAssignment(schemaName, encryptTable, assignmentSegment, result);
- addLikeAssignment(schemaName, encryptTable, assignmentSegment, result);
+ addCipherAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
+ addAssistedQueryAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
+ addLikeAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
return result;
}
@@ -159,28 +161,31 @@ public final class EncryptInsertOnUpdateTokenGenerator implements CollectionSQLT
return result;
}
- private void addCipherAssignment(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
+ private void addCipherAssignment(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
+ final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Object cipherValue = encryptRule.encrypt(databaseName, schemaName, encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(),
+ Object cipherValue = encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, assignmentSegment.getColumns().get(0).getIdentifier().getValue(),
Collections.singletonList(originalValue)).iterator().next();
- token.addAssignment(encryptTable.getCipherColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue()), cipherValue);
+ token.addAssignment(encryptColumn.getCipher().getName(), cipherValue);
}
- private void addAssistedQueryAssignment(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
- encryptTable.findAssistedQueryColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue()).ifPresent(optional -> {
+ private void addAssistedQueryAssignment(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
+ final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
+ encryptColumn.getAssistedQuery().ifPresent(optional -> {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Object assistedQueryValue = encryptRule.getEncryptAssistedQueryValues(
- databaseName, schemaName, encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
- token.addAssignment(optional, assistedQueryValue);
+ Object assistedQueryValue = optional.getEncryptAssistedQueryValues(
+ databaseName, schemaName, tableName, assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
+ token.addAssignment(optional.getName(), assistedQueryValue);
});
}
- private void addLikeAssignment(final String schemaName, final EncryptTable encryptTable, final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
- encryptTable.findLikeQueryColumn(assignmentSegment.getColumns().get(0).getIdentifier().getValue()).ifPresent(optional -> {
+ private void addLikeAssignment(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
+ final AssignmentSegment assignmentSegment, final EncryptLiteralAssignmentToken token) {
+ encryptColumn.getLikeQuery().ifPresent(optional -> {
Object originalValue = ((LiteralExpressionSegment) assignmentSegment.getValue()).getLiterals();
- Object likeValue = encryptRule.getEncryptLikeQueryValues(
- databaseName, schemaName, encryptTable.getTable(), assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
- token.addAssignment(optional, likeValue);
+ Object likeValue = optional.getEncryptLikeQueryValues(
+ databaseName, schemaName, tableName, assignmentSegment.getColumns().get(0).getIdentifier().getValue(), Collections.singletonList(originalValue)).iterator().next();
+ token.addAssignment(optional.getName(), likeValue);
});
}
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertValuesTokenGenerator.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertValuesTokenGenerator.java
index 2fdeb338b1f..ab3d4f2f36b 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertValuesTokenGenerator.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertValuesTokenGenerator.java
@@ -17,12 +17,16 @@
package org.apache.shardingsphere.encrypt.rewrite.token.generator.insert;
+import com.google.common.base.Preconditions;
import lombok.Setter;
import org.apache.shardingsphere.encrypt.rewrite.aware.DatabaseNameAware;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptRuleAware;
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptInsertValuesToken;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
+import org.apache.shardingsphere.encrypt.rule.column.item.AssistedQueryColumnItem;
+import org.apache.shardingsphere.encrypt.rule.column.item.LikeQueryColumnItem;
import org.apache.shardingsphere.infra.binder.segment.insert.values.InsertValueContext;
import org.apache.shardingsphere.infra.binder.segment.insert.values.expression.DerivedLiteralExpressionSegment;
import org.apache.shardingsphere.infra.binder.segment.insert.values.expression.DerivedParameterMarkerExpressionSegment;
@@ -133,38 +137,43 @@ public final class EncryptInsertValuesTokenGenerator implements OptionalSQLToken
if (!encryptTable.isEncryptColumn(columnName)) {
continue;
}
+ EncryptColumn encryptColumn = encryptRule.getEncryptTable(tableName).getEncryptColumn(columnName);
int columnIndex = useDefaultInsertColumnsToken
.map(optional -> ((UseDefaultInsertColumnsToken) optional).getColumns().indexOf(columnName)).orElseGet(() -> insertStatementContext.getColumnNames().indexOf(columnName));
Object originalValue = insertValueContext.getLiteralValue(columnIndex).orElse(null);
- setCipherColumn(schemaName, tableName, columnName, insertValueToken, insertValueContext.getValueExpressions().get(columnIndex), columnIndex, originalValue);
+ setCipherColumn(schemaName, tableName, encryptColumn, insertValueToken, insertValueContext.getValueExpressions().get(columnIndex), columnIndex, originalValue);
int indexDelta = 1;
if (encryptTable.findAssistedQueryColumn(columnName).isPresent()) {
- addAssistedQueryColumn(schemaName, tableName, columnName, insertValueContext, insertValueToken, columnIndex, indexDelta, originalValue);
+ addAssistedQueryColumn(schemaName, tableName, encryptColumn, insertValueContext, insertValueToken, columnIndex, indexDelta, originalValue);
indexDelta++;
}
if (encryptTable.findLikeQueryColumn(columnName).isPresent()) {
- addLikeQueryColumn(schemaName, tableName, columnName, insertValueContext, insertValueToken, columnIndex, indexDelta, originalValue);
+ addLikeQueryColumn(schemaName, tableName, encryptColumn, insertValueContext, insertValueToken, columnIndex, indexDelta, originalValue);
}
}
}
- private void setCipherColumn(final String schemaName, final String tableName, final String columnName,
+ private void setCipherColumn(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
final InsertValue insertValueToken, final ExpressionSegment valueExpression, final int columnIndex, final Object originalValue) {
if (valueExpression instanceof LiteralExpressionSegment) {
insertValueToken.getValues().set(columnIndex, new LiteralExpressionSegment(
- valueExpression.getStartIndex(), valueExpression.getStopIndex(), encryptRule.encrypt(databaseName, schemaName, tableName, columnName, originalValue)));
+ valueExpression.getStartIndex(), valueExpression.getStopIndex(), encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, encryptColumn.getName(), originalValue)));
}
}
- private void addAssistedQueryColumn(final String schemaName, final String tableName, final String columnName,
+ private void addAssistedQueryColumn(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
final InsertValueContext insertValueContext, final InsertValue insertValueToken, final int columnIndex, final int indexDelta, final Object originalValue) {
- Object derivedValue = encryptRule.getEncryptAssistedQueryValue(databaseName, schemaName, tableName, columnName, originalValue);
+ Optional<AssistedQueryColumnItem> assistedQueryColumnItem = encryptColumn.getAssistedQuery();
+ Preconditions.checkState(assistedQueryColumnItem.isPresent());
+ Object derivedValue = assistedQueryColumnItem.get().getEncryptAssistedQueryValue(databaseName, schemaName, tableName, encryptColumn.getName(), originalValue);
addDerivedColumn(insertValueContext, insertValueToken, columnIndex, indexDelta, derivedValue);
}
- private void addLikeQueryColumn(final String schemaName, final String tableName, final String columnName,
+ private void addLikeQueryColumn(final String schemaName, final String tableName, final EncryptColumn encryptColumn,
final InsertValueContext insertValueContext, final InsertValue insertValueToken, final int columnIndex, final int indexDelta, final Object originalValue) {
- Object derivedValue = encryptRule.getEncryptLikeQueryValue(databaseName, schemaName, tableName, columnName, originalValue);
+ Optional<LikeQueryColumnItem> likeQueryColumnItem = encryptColumn.getLikeQuery();
+ Preconditions.checkState(likeQueryColumnItem.isPresent());
+ Object derivedValue = likeQueryColumnItem.get().getEncryptLikeQueryValue(databaseName, schemaName, tableName, encryptColumn.getName(), originalValue);
addDerivedColumn(insertValueContext, insertValueToken, columnIndex, indexDelta, derivedValue);
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
index 371f82465e8..93f685e8bad 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
@@ -30,6 +30,7 @@ import org.apache.shardingsphere.encrypt.context.EncryptContextBuilder;
import org.apache.shardingsphere.encrypt.exception.algorithm.MismatchedEncryptAlgorithmTypeException;
import org.apache.shardingsphere.encrypt.exception.metadata.EncryptTableNotFoundException;
import org.apache.shardingsphere.encrypt.exception.metadata.MissingEncryptorException;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
import org.apache.shardingsphere.infra.config.rule.RuleConfiguration;
import org.apache.shardingsphere.infra.rule.identifier.scope.DatabaseRule;
@@ -145,13 +146,9 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
* @param originalValue original value
* @return encrypted value
*/
- @SuppressWarnings("unchecked")
public Object encrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object originalValue) {
- if (null == originalValue) {
- return null;
- }
- EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
- return getStandardEncryptor(tableName, logicColumnName).encrypt(originalValue, context);
+ EncryptColumn encryptColumn = getEncryptTable(tableName).getEncryptColumn(logicColumnName);
+ return encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, logicColumnName, originalValue);
}
/**
@@ -165,17 +162,8 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
* @return encrypted values
*/
public List<Object> encrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final List<Object> originalValues) {
- EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
- return encrypt(getStandardEncryptor(tableName, logicColumnName), originalValues, context);
- }
-
- @SuppressWarnings("unchecked")
- private List<Object> encrypt(@SuppressWarnings("rawtypes") final StandardEncryptAlgorithm encryptor, final List<Object> originalValues, final EncryptContext context) {
- List<Object> result = new LinkedList<>();
- for (Object each : originalValues) {
- result.add(null == each ? null : encryptor.encrypt(each, context));
- }
- return result;
+ EncryptColumn encryptColumn = getEncryptTable(tableName).getEncryptColumn(logicColumnName);
+ return encryptColumn.getCipher().encrypt(databaseName, schemaName, tableName, logicColumnName, originalValues);
}
/**
@@ -188,18 +176,9 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
* @param cipherValue cipher value
* @return decrypted value
*/
- @SuppressWarnings("unchecked")
public Object decrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object cipherValue) {
- if (null == cipherValue) {
- return null;
- }
- EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
- return getStandardEncryptor(tableName, logicColumnName).decrypt(cipherValue, context);
- }
-
- @SuppressWarnings("rawtypes")
- private StandardEncryptAlgorithm getStandardEncryptor(final String tableName, final String logicColumnName) {
- return findEncryptTable(tableName).flatMap(optional -> optional.findEncryptor(logicColumnName)).orElseThrow(() -> new MissingEncryptorException(tableName, logicColumnName, "STANDARD"));
+ EncryptColumn encryptColumn = getEncryptTable(tableName).getEncryptColumn(logicColumnName);
+ return encryptColumn.getCipher().decrypt(databaseName, schemaName, tableName, logicColumnName, cipherValue);
}
/**
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/AssistedQueryColumnItem.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/AssistedQueryColumnItem.java
index 41bb6d21377..621167be01b 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/AssistedQueryColumnItem.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/AssistedQueryColumnItem.java
@@ -19,7 +19,12 @@ package org.apache.shardingsphere.encrypt.rule.column.item;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
import org.apache.shardingsphere.encrypt.api.encrypt.assisted.AssistedEncryptAlgorithm;
+import org.apache.shardingsphere.encrypt.context.EncryptContextBuilder;
+
+import java.util.LinkedList;
+import java.util.List;
/**
* Assisted query column item.
@@ -30,5 +35,45 @@ public final class AssistedQueryColumnItem {
private final String name;
- private final AssistedEncryptAlgorithm<?, ?> encryptor;
+ @SuppressWarnings("rawtypes")
+ private final AssistedEncryptAlgorithm encryptor;
+
+ /**
+ * Get encrypt assisted query value.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValue original value
+ * @return assisted query values
+ */
+ @SuppressWarnings("unchecked")
+ public Object getEncryptAssistedQueryValue(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object originalValue) {
+ if (null == originalValue) {
+ return null;
+ }
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ return encryptor.encrypt(originalValue, context);
+ }
+
+ /**
+ * Get encrypt assisted query values.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValues original values
+ * @return assisted query values
+ */
+ @SuppressWarnings("unchecked")
+ public List<Object> getEncryptAssistedQueryValues(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final List<Object> originalValues) {
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ List<Object> result = new LinkedList<>();
+ for (Object each : originalValues) {
+ result.add(null == each ? null : encryptor.encrypt(each, context));
+ }
+ return result;
+ }
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/CipherColumnItem.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/CipherColumnItem.java
index 4e59f4f9e66..fd2bc7ba9a2 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/CipherColumnItem.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/CipherColumnItem.java
@@ -19,7 +19,12 @@ package org.apache.shardingsphere.encrypt.rule.column.item;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
+import org.apache.shardingsphere.encrypt.context.EncryptContextBuilder;
+
+import java.util.LinkedList;
+import java.util.List;
/**
* Cipher column item.
@@ -30,5 +35,64 @@ public final class CipherColumnItem {
private final String name;
- private final StandardEncryptAlgorithm<?, ?> encryptor;
+ @SuppressWarnings("rawtypes")
+ private final StandardEncryptAlgorithm encryptor;
+
+ /**
+ * Encrypt.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValue original value
+ * @return encrypted value
+ */
+ @SuppressWarnings("unchecked")
+ public Object encrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object originalValue) {
+ if (null == originalValue) {
+ return null;
+ }
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ return encryptor.encrypt(originalValue, context);
+ }
+
+ /**
+ * Encrypt.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValues original values
+ * @return encrypted values
+ */
+ @SuppressWarnings("unchecked")
+ public List<Object> encrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final List<Object> originalValues) {
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ List<Object> result = new LinkedList<>();
+ for (Object each : originalValues) {
+ result.add(null == each ? null : encryptor.encrypt(each, context));
+ }
+ return result;
+ }
+
+ /**
+ * Decrypt.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param cipherValue cipher value
+ * @return decrypted value
+ */
+ @SuppressWarnings("unchecked")
+ public Object decrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object cipherValue) {
+ if (null == cipherValue) {
+ return null;
+ }
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ return encryptor.decrypt(cipherValue, context);
+ }
}
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/LikeQueryColumnItem.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/LikeQueryColumnItem.java
index 100cd50bec8..ecdc7190e00 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/LikeQueryColumnItem.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/column/item/LikeQueryColumnItem.java
@@ -19,7 +19,12 @@ package org.apache.shardingsphere.encrypt.rule.column.item;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
import org.apache.shardingsphere.encrypt.api.encrypt.like.LikeEncryptAlgorithm;
+import org.apache.shardingsphere.encrypt.context.EncryptContextBuilder;
+
+import java.util.LinkedList;
+import java.util.List;
/**
* Like query column item.
@@ -30,5 +35,45 @@ public final class LikeQueryColumnItem {
private final String name;
- private final LikeEncryptAlgorithm<?, ?> encryptor;
+ @SuppressWarnings("rawtypes")
+ private final LikeEncryptAlgorithm encryptor;
+
+ /**
+ * Get encrypt like query value.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValue original value
+ * @return like query values
+ */
+ @SuppressWarnings("unchecked")
+ public Object getEncryptLikeQueryValue(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object originalValue) {
+ if (null == originalValue) {
+ return null;
+ }
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ return encryptor.encrypt(originalValue, context);
+ }
+
+ /**
+ * Get encrypt like query values.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param originalValues original values
+ * @return like query values
+ */
+ @SuppressWarnings("unchecked")
+ public List<Object> getEncryptLikeQueryValues(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final List<Object> originalValues) {
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ List<Object> result = new LinkedList<>();
+ for (Object each : originalValues) {
+ result.add(null == each ? null : encryptor.encrypt(each, context));
+ }
+ return result;
+ }
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
index 48c531c67c3..69761c02e70 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
@@ -19,6 +19,7 @@ package org.apache.shardingsphere.encrypt.rewrite.token.generator;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.UpdateStatementContext;
import org.apache.shardingsphere.sql.parser.sql.common.segment.dml.assignment.AssignmentSegment;
@@ -80,6 +81,7 @@ class EncryptAssignmentTokenGeneratorTest {
EncryptRule result = mock(EncryptRule.class, RETURNS_DEEP_STUBS);
EncryptTable encryptTable = mock(EncryptTable.class);
when(encryptTable.isEncryptColumn("columns")).thenReturn(true);
+ when(encryptTable.getEncryptColumn("columns")).thenReturn(mock(EncryptColumn.class, RETURNS_DEEP_STUBS));
when(result.getEncryptTable("table")).thenReturn(encryptTable);
return result;
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGeneratorTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGeneratorTest.java
index 424ec3fa820..2a4e644d28d 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGeneratorTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGeneratorTest.java
@@ -20,6 +20,7 @@ package org.apache.shardingsphere.encrypt.rewrite.token.generator.insert;
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptAssignmentToken;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
+import org.apache.shardingsphere.encrypt.rule.column.EncryptColumn;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.binder.statement.dml.SelectStatementContext;
import org.apache.shardingsphere.infra.rewrite.sql.token.pojo.SQLToken;
@@ -62,9 +63,17 @@ class EncryptInsertOnUpdateTokenGeneratorTest {
private EncryptRule mockEncryptRule() {
EncryptRule result = mock(EncryptRule.class);
+ EncryptColumn encryptColumn = mockEncryptColumn();
EncryptTable encryptTable = mockEncryptTable();
+ when(encryptTable.getEncryptColumn("mobile")).thenReturn(encryptColumn);
when(result.getEncryptTable("t_user")).thenReturn(encryptTable);
- when(result.encrypt(null, "db_test", "t_user", "mobile", Collections.singletonList(0))).thenReturn(Collections.singletonList("encryptValue"));
+ return result;
+ }
+
+ private EncryptColumn mockEncryptColumn() {
+ EncryptColumn result = mock(EncryptColumn.class, RETURNS_DEEP_STUBS);
+ when(result.getCipher().getName()).thenReturn("cipher_mobile");
+ when(result.getCipher().encrypt(null, "db_test", "t_user", "mobile", Collections.singletonList(0))).thenReturn(Collections.singletonList("encryptValue"));
return result;
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
index c8ecb924bee..bc1b16c05e6 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
@@ -24,7 +24,6 @@ import org.apache.shardingsphere.encrypt.api.config.rule.EncryptTableRuleConfigu
import org.apache.shardingsphere.encrypt.exception.algorithm.MismatchedEncryptAlgorithmTypeException;
import org.apache.shardingsphere.encrypt.exception.metadata.EncryptTableNotFoundException;
import org.apache.shardingsphere.infra.config.algorithm.AlgorithmConfiguration;
-import org.apache.shardingsphere.infra.database.DefaultDatabase;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.junit.jupiter.params.ParameterizedTest;
@@ -36,14 +35,12 @@ import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedList;
-import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.stream.Stream;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -64,33 +61,6 @@ class EncryptRuleTest {
assertThrows(EncryptTableNotFoundException.class, () -> new EncryptRule(createEncryptRuleConfiguration()).getEncryptTable("not_existed_tbl"));
}
- @Test
- void assertGetEncryptValues() {
- List<Object> encryptAssistedQueryValues = new EncryptRule(createEncryptRuleConfiguration())
- .encrypt(DefaultDatabase.LOGIC_NAME, DefaultDatabase.LOGIC_NAME, "t_encrypt", "pwd", Collections.singletonList(null));
- for (Object each : encryptAssistedQueryValues) {
- assertNull(each);
- }
- }
-
- @Test
- void assertGetEncryptAssistedQueryValues() {
- List<Object> encryptAssistedQueryValues = new EncryptRule(createEncryptRuleConfiguration())
- .getEncryptAssistedQueryValues(DefaultDatabase.LOGIC_NAME, DefaultDatabase.LOGIC_NAME, "t_encrypt", "pwd", Collections.singletonList(null));
- for (Object each : encryptAssistedQueryValues) {
- assertNull(each);
- }
- }
-
- @Test
- void assertGetEncryptLikeQueryValues() {
- List<Object> encryptLikeQueryValues = new EncryptRule(createEncryptRuleConfiguration())
- .getEncryptLikeQueryValues(DefaultDatabase.LOGIC_NAME, DefaultDatabase.LOGIC_NAME, "t_encrypt", "pwd", Collections.singletonList(null));
- for (Object actual : encryptLikeQueryValues) {
- assertNull(actual);
- }
- }
-
@Test
void assertGetTables() {
assertThat(new LinkedList<>(new EncryptRule(createEncryptRuleConfiguration()).getLogicTableMapper().getTableNames()), is(Collections.singletonList("t_encrypt")));