You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by pa...@apache.org on 2021/04/02 07:56:23 UTC
[shardingsphere] branch master updated: Add
GovernanceAuthenticationContext (#9915)
This is an automated email from the ASF dual-hosted git repository.
panjuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 76d9a4e Add GovernanceAuthenticationContext (#9915)
76d9a4e is described below
commit 76d9a4eba765734893732b596f3af580ff5a86f1
Author: Liang Zhang <te...@163.com>
AuthorDate: Fri Apr 2 15:55:50 2021 +0800
Add GovernanceAuthenticationContext (#9915)
---
.../auth/GovernanceAuthenticationContext.java | 123 +++++++++++++++++++++
.../metadata/GovernanceMetaDataContexts.java | 80 +++-----------
.../metadata/resource/ShardingSphereResource.java | 3 +-
.../infra/context/metadata/MetaDataContexts.java | 8 ++
.../GovernanceShardingSphereDataSource.java | 4 +-
.../impl/AbstractBootstrapInitializer.java | 2 +
6 files changed, 151 insertions(+), 69 deletions(-)
diff --git a/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/auth/GovernanceAuthenticationContext.java b/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/auth/GovernanceAuthenticationContext.java
new file mode 100644
index 0000000..121e912
--- /dev/null
+++ b/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/auth/GovernanceAuthenticationContext.java
@@ -0,0 +1,123 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shardingsphere.governance.context.auth;
+
+import com.google.common.base.Preconditions;
+import com.google.common.eventbus.Subscribe;
+import org.apache.shardingsphere.governance.core.event.model.auth.PrivilegeChangedEvent;
+import org.apache.shardingsphere.governance.core.event.model.auth.UserRuleChangedEvent;
+import org.apache.shardingsphere.infra.context.metadata.MetaDataContexts;
+import org.apache.shardingsphere.infra.eventbus.ShardingSphereEventBus;
+import org.apache.shardingsphere.infra.metadata.auth.Authentication;
+import org.apache.shardingsphere.infra.metadata.auth.AuthenticationContext;
+import org.apache.shardingsphere.infra.metadata.auth.builder.PrivilegeBuilder;
+import org.apache.shardingsphere.infra.metadata.auth.builder.loader.PrivilegeLoader;
+import org.apache.shardingsphere.infra.metadata.auth.builder.loader.PrivilegeLoaderEngine;
+import org.apache.shardingsphere.infra.metadata.auth.builtin.DefaultAuthentication;
+import org.apache.shardingsphere.infra.metadata.auth.model.privilege.ShardingSpherePrivilege;
+import org.apache.shardingsphere.infra.metadata.auth.model.user.ShardingSphereUser;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+/**
+ * Governance authentication context.
+ */
+public final class GovernanceAuthenticationContext {
+
+ private final MetaDataContexts metaDataContexts;
+
+ public GovernanceAuthenticationContext(final MetaDataContexts metaDataContexts) {
+ this.metaDataContexts = metaDataContexts;
+ ShardingSphereEventBus.getInstance().register(this);
+ }
+
+ /**
+ * Renew authentication.
+ *
+ * @param event user changed event
+ */
+ @Subscribe
+ public synchronized void renew(final UserRuleChangedEvent event) {
+ Authentication authentication = createAuthentication(event.getUsers());
+ AuthenticationContext.getInstance().init(authentication);
+ reloadPrivilege(event.getUsers());
+ }
+
+ /**
+ * Renew privilege.
+ *
+ * @param event privilege changed event
+ */
+ @Subscribe
+ public synchronized void renew(final PrivilegeChangedEvent event) {
+ reloadPrivilege(event.getUsers());
+ }
+
+ private Authentication createAuthentication(final Collection<ShardingSphereUser> users) {
+ Authentication result = new DefaultAuthentication();
+ Collection<ShardingSphereUser> newUsers = getNewUsers(users);
+ Map<ShardingSphereUser, ShardingSpherePrivilege> modifiedUsers = getModifiedUsers(users);
+ for (ShardingSphereUser each : newUsers) {
+ modifiedUsers.put(each, new ShardingSpherePrivilege());
+ }
+ result.init(modifiedUsers);
+ return result;
+ }
+
+ private Collection<ShardingSphereUser> getNewUsers(final Collection<ShardingSphereUser> users) {
+ return users.stream().filter(each -> !AuthenticationContext.getInstance().getAuthentication().findUser(each.getGrantee()).isPresent()).collect(Collectors.toList());
+ }
+
+ private Map<ShardingSphereUser, ShardingSpherePrivilege> getModifiedUsers(final Collection<ShardingSphereUser> users) {
+ Map<ShardingSphereUser, ShardingSpherePrivilege> result = new HashMap<>(users.size(), 1);
+ for (ShardingSphereUser each : users) {
+ Optional<ShardingSphereUser> user = AuthenticationContext.getInstance().getAuthentication().findUser(each.getGrantee());
+ if (user.isPresent()) {
+ Optional<ShardingSpherePrivilege> privilege = AuthenticationContext.getInstance().getAuthentication().findPrivilege(user.get().getGrantee());
+ privilege.ifPresent(optional -> result.put(user.get(), optional));
+ }
+ }
+ return result;
+ }
+
+ private void reloadPrivilege(final Collection<ShardingSphereUser> users) {
+ Authentication authentication = AuthenticationContext.getInstance().getAuthentication();
+ Optional<PrivilegeLoader> loader = PrivilegeLoaderEngine.findPrivilegeLoader(metaDataContexts.getMetaDataMap().values().iterator().next().getResource().getDatabaseType());
+ if (loader.isPresent()) {
+ Map<ShardingSphereUser, ShardingSpherePrivilege> privileges = PrivilegeBuilder.build(metaDataContexts.getMetaDataMap().values(), users, metaDataContexts.getProps());
+ authentication.getAuthentication().putAll(getPrivilegesWithPassword(authentication, privileges));
+ }
+ AuthenticationContext.getInstance().init(authentication);
+ }
+
+ private Map<ShardingSphereUser, ShardingSpherePrivilege> getPrivilegesWithPassword(final Authentication authentication, final Map<ShardingSphereUser, ShardingSpherePrivilege> privileges) {
+ Map<ShardingSphereUser, ShardingSpherePrivilege> result = new HashMap<>(privileges.size(), 1);
+ for (Map.Entry<ShardingSphereUser, ShardingSpherePrivilege> entry : privileges.entrySet()) {
+ if (privileges.containsKey(entry.getKey())) {
+ Optional<ShardingSphereUser> user = authentication.findUser(entry.getKey().getGrantee());
+ Preconditions.checkState(user.isPresent());
+ result.put(user.get(), entry.getValue());
+ }
+ }
+ return result;
+ }
+}
diff --git a/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/metadata/GovernanceMetaDataContexts.java b/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/metadata/GovernanceMetaDataContexts.java
index 44f115d..3ff3268 100644
--- a/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/metadata/GovernanceMetaDataContexts.java
+++ b/shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/metadata/GovernanceMetaDataContexts.java
@@ -17,10 +17,8 @@
package org.apache.shardingsphere.governance.context.metadata;
-import com.google.common.base.Preconditions;
import com.google.common.collect.Maps;
import com.google.common.eventbus.Subscribe;
-import org.apache.shardingsphere.governance.core.event.model.auth.PrivilegeChangedEvent;
import org.apache.shardingsphere.governance.core.event.model.auth.UserRuleChangedEvent;
import org.apache.shardingsphere.governance.core.event.model.datasource.DataSourceChangeCompletedEvent;
import org.apache.shardingsphere.governance.core.event.model.datasource.DataSourceChangedEvent;
@@ -47,13 +45,6 @@ import org.apache.shardingsphere.infra.eventbus.ShardingSphereEventBus;
import org.apache.shardingsphere.infra.executor.kernel.ExecutorEngine;
import org.apache.shardingsphere.infra.lock.ShardingSphereLock;
import org.apache.shardingsphere.infra.metadata.ShardingSphereMetaData;
-import org.apache.shardingsphere.infra.metadata.auth.Authentication;
-import org.apache.shardingsphere.infra.metadata.auth.builder.PrivilegeBuilder;
-import org.apache.shardingsphere.infra.metadata.auth.builder.loader.PrivilegeLoader;
-import org.apache.shardingsphere.infra.metadata.auth.builder.loader.PrivilegeLoaderEngine;
-import org.apache.shardingsphere.infra.metadata.auth.builtin.DefaultAuthentication;
-import org.apache.shardingsphere.infra.metadata.auth.AuthenticationContext;
-import org.apache.shardingsphere.infra.metadata.auth.model.privilege.ShardingSpherePrivilege;
import org.apache.shardingsphere.infra.metadata.auth.model.user.ShardingSphereUser;
import org.apache.shardingsphere.infra.metadata.auth.model.user.ShardingSphereUsers;
import org.apache.shardingsphere.infra.metadata.schema.ShardingSphereSchema;
@@ -69,6 +60,7 @@ import java.sql.SQLException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.Map;
@@ -121,6 +113,11 @@ public final class GovernanceMetaDataContexts implements MetaDataContexts {
}
@Override
+ public Map<String, ShardingSphereMetaData> getMetaDataMap() {
+ return metaDataContexts.getMetaDataMap();
+ }
+
+ @Override
public ShardingSphereMetaData getMetaData(final String schemaName) {
return metaDataContexts.getMetaData(schemaName);
}
@@ -210,25 +207,13 @@ public final class GovernanceMetaDataContexts implements MetaDataContexts {
/**
* Renew authentication.
*
- * @param event authentication changed event
+ * @param event User rule changed event
*/
@Subscribe
public synchronized void renew(final UserRuleChangedEvent event) {
- Authentication authentication = createAuthentication(event.getUsers());
- AuthenticationContext.getInstance().init(authentication);
- reloadPrivilege(event.getUsers());
- metaDataContexts = new StandardMetaDataContexts(
- metaDataContexts.getMetaDataMap(), metaDataContexts.getExecutorEngine(), new ShardingSphereUsers(authentication.getAllUsers()), metaDataContexts.getProps());
- }
-
- /**
- * Renew privilege.
- *
- * @param event privilege changed event
- */
- @Subscribe
- public synchronized void renew(final PrivilegeChangedEvent event) {
- reloadPrivilege(event.getUsers());
+ Collection<ShardingSphereUser> users = new HashSet<>(getNewUsers(event.getUsers()));
+ users.addAll(getModifiedUsers(event.getUsers()));
+ metaDataContexts = new StandardMetaDataContexts(metaDataContexts.getMetaDataMap(), metaDataContexts.getExecutorEngine(), new ShardingSphereUsers(users), metaDataContexts.getProps());
}
/**
@@ -337,51 +322,14 @@ public final class GovernanceMetaDataContexts implements MetaDataContexts {
return result;
}
- private Authentication createAuthentication(final Collection<ShardingSphereUser> users) {
- Authentication result = new DefaultAuthentication();
- Collection<ShardingSphereUser> newUsers = getNewUsers(users);
- Map<ShardingSphereUser, ShardingSpherePrivilege> modifiedUsers = getModifiedUsers(users);
- for (ShardingSphereUser each : newUsers) {
- modifiedUsers.put(each, new ShardingSpherePrivilege());
- }
- result.init(modifiedUsers);
- return result;
- }
-
private Collection<ShardingSphereUser> getNewUsers(final Collection<ShardingSphereUser> users) {
- return users.stream().filter(each -> !metaDataContexts.getUsers().findUser(each.getGrantee()).isPresent()).collect(Collectors.toList());
+ return users.stream().filter(each -> !metaDataContexts.getUsers().findUser(each.getGrantee()).isPresent()).collect(Collectors.toSet());
}
- private Map<ShardingSphereUser, ShardingSpherePrivilege> getModifiedUsers(final Collection<ShardingSphereUser> users) {
- Map<ShardingSphereUser, ShardingSpherePrivilege> result = new HashMap<>(users.size(), 1);
+ private Collection<ShardingSphereUser> getModifiedUsers(final Collection<ShardingSphereUser> users) {
+ Collection<ShardingSphereUser> result = new HashSet<>(users.size(), 1);
for (ShardingSphereUser each : users) {
- Optional<ShardingSphereUser> user = metaDataContexts.getUsers().findUser(each.getGrantee());
- if (user.isPresent()) {
- Optional<ShardingSpherePrivilege> privilege = AuthenticationContext.getInstance().getAuthentication().findPrivilege(user.get().getGrantee());
- privilege.ifPresent(optional -> result.put(user.get(), optional));
- }
- }
- return result;
- }
-
- private void reloadPrivilege(final Collection<ShardingSphereUser> users) {
- Authentication authentication = AuthenticationContext.getInstance().getAuthentication();
- Optional<PrivilegeLoader> loader = PrivilegeLoaderEngine.findPrivilegeLoader(metaDataContexts.getMetaDataMap().values().iterator().next().getResource().getDatabaseType());
- if (loader.isPresent()) {
- Map<ShardingSphereUser, ShardingSpherePrivilege> privileges = PrivilegeBuilder.build(metaDataContexts.getMetaDataMap().values(), users, metaDataContexts.getProps());
- authentication.getAuthentication().putAll(getPrivilegesWithPassword(authentication, privileges));
- }
- AuthenticationContext.getInstance().init(authentication);
- }
-
- private Map<ShardingSphereUser, ShardingSpherePrivilege> getPrivilegesWithPassword(final Authentication authentication, final Map<ShardingSphereUser, ShardingSpherePrivilege> privileges) {
- Map<ShardingSphereUser, ShardingSpherePrivilege> result = new HashMap<>(privileges.size(), 1);
- for (Entry<ShardingSphereUser, ShardingSpherePrivilege> entry : privileges.entrySet()) {
- if (privileges.containsKey(entry.getKey())) {
- Optional<ShardingSphereUser> user = authentication.findUser(entry.getKey().getGrantee());
- Preconditions.checkState(user.isPresent());
- result.put(user.get(), entry.getValue());
- }
+ metaDataContexts.getUsers().findUser(each.getGrantee()).ifPresent(result::add);
}
return result;
}
diff --git a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/resource/ShardingSphereResource.java b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/resource/ShardingSphereResource.java
index 95d620b..7cff8af 100644
--- a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/resource/ShardingSphereResource.java
+++ b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/metadata/resource/ShardingSphereResource.java
@@ -48,8 +48,7 @@ public final class ShardingSphereResource {
* @return all instance data sources
*/
public Collection<DataSource> getAllInstanceDataSources() {
- return dataSources.entrySet().stream().filter(entry ->
- dataSourcesMetaData.getAllInstanceDataSourceNames().contains(entry.getKey())).map(Map.Entry::getValue).collect(Collectors.toSet());
+ return dataSources.entrySet().stream().filter(entry -> dataSourcesMetaData.getAllInstanceDataSourceNames().contains(entry.getKey())).map(Map.Entry::getValue).collect(Collectors.toSet());
}
/**
diff --git a/shardingsphere-infra/shardingsphere-infra-context/src/main/java/org/apache/shardingsphere/infra/context/metadata/MetaDataContexts.java b/shardingsphere-infra/shardingsphere-infra-context/src/main/java/org/apache/shardingsphere/infra/context/metadata/MetaDataContexts.java
index d5c1677..061a754 100644
--- a/shardingsphere-infra/shardingsphere-infra-context/src/main/java/org/apache/shardingsphere/infra/context/metadata/MetaDataContexts.java
+++ b/shardingsphere-infra/shardingsphere-infra-context/src/main/java/org/apache/shardingsphere/infra/context/metadata/MetaDataContexts.java
@@ -27,6 +27,7 @@ import org.apache.shardingsphere.infra.state.StateContext;
import java.io.Closeable;
import java.util.Collection;
+import java.util.Map;
import java.util.Optional;
/**
@@ -42,6 +43,13 @@ public interface MetaDataContexts extends Closeable {
Collection<String> getAllSchemaNames();
/**
+ * Get mata data map.
+ *
+ * @return mata data map
+ */
+ Map<String, ShardingSphereMetaData> getMetaDataMap();
+
+ /**
* Get mata data.
*
* @param schemaName schema name
diff --git a/shardingsphere-jdbc/shardingsphere-jdbc-governance/src/main/java/org/apache/shardingsphere/driver/governance/internal/datasource/GovernanceShardingSphereDataSource.java b/shardingsphere-jdbc/shardingsphere-jdbc-governance/src/main/java/org/apache/shardingsphere/driver/governance/internal/datasource/GovernanceShardingSphereDataSource.java
index 3b0b54a..d1bfd76 100644
--- a/shardingsphere-jdbc/shardingsphere-jdbc-governance/src/main/java/org/apache/shardingsphere/driver/governance/internal/datasource/GovernanceShardingSphereDataSource.java
+++ b/shardingsphere-jdbc/shardingsphere-jdbc-governance/src/main/java/org/apache/shardingsphere/driver/governance/internal/datasource/GovernanceShardingSphereDataSource.java
@@ -20,6 +20,7 @@ package org.apache.shardingsphere.driver.governance.internal.datasource;
import lombok.Getter;
import org.apache.shardingsphere.driver.governance.internal.state.DriverStateContext;
import org.apache.shardingsphere.driver.jdbc.unsupported.AbstractUnsupportedOperationDataSource;
+import org.apache.shardingsphere.governance.context.auth.GovernanceAuthenticationContext;
import org.apache.shardingsphere.governance.context.metadata.GovernanceMetaDataContexts;
import org.apache.shardingsphere.governance.core.facade.GovernanceFacade;
import org.apache.shardingsphere.governance.core.registry.RegistryCenter;
@@ -42,7 +43,6 @@ import javax.sql.DataSource;
import java.lang.reflect.Method;
import java.sql.Connection;
import java.sql.SQLException;
-
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedList;
@@ -62,6 +62,7 @@ public final class GovernanceShardingSphereDataSource extends AbstractUnsupporte
public GovernanceShardingSphereDataSource(final GovernanceConfiguration governanceConfig) throws SQLException {
GovernanceFacade governanceFacade = createGovernanceFacade(governanceConfig);
metaDataContexts = new GovernanceMetaDataContexts(createMetaDataContexts(governanceFacade), governanceFacade);
+ new GovernanceAuthenticationContext(metaDataContexts);
String xaTransactionMangerType = metaDataContexts.getProps().getValue(ConfigurationPropertyKey.XA_TRANSACTION_MANAGER_TYPE);
transactionContexts = createTransactionContexts(metaDataContexts.getDefaultMetaData().getResource().getDatabaseType(),
metaDataContexts.getDefaultMetaData().getResource().getDataSources(), xaTransactionMangerType);
@@ -71,6 +72,7 @@ public final class GovernanceShardingSphereDataSource extends AbstractUnsupporte
final Properties props, final GovernanceConfiguration governanceConfig) throws SQLException {
GovernanceFacade governanceFacade = createGovernanceFacade(governanceConfig);
metaDataContexts = new GovernanceMetaDataContexts(createMetaDataContexts(dataSourceMap, ruleConfigs, props), governanceFacade);
+ new GovernanceAuthenticationContext(metaDataContexts);
String xaTransactionMangerType = metaDataContexts.getProps().getValue(ConfigurationPropertyKey.XA_TRANSACTION_MANAGER_TYPE);
transactionContexts = createTransactionContexts(metaDataContexts.getDefaultMetaData().getResource().getDatabaseType(),
metaDataContexts.getDefaultMetaData().getResource().getDataSources(), xaTransactionMangerType);
diff --git a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/java/org/apache/shardingsphere/proxy/initializer/impl/AbstractBootstrapInitializer.java b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/java/org/apache/shardingsphere/proxy/initializer/impl/AbstractBootstrapInitializer.java
index 9c2e5b4..8078a7d 100644
--- a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/java/org/apache/shardingsphere/proxy/initializer/impl/AbstractBootstrapInitializer.java
+++ b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/main/java/org/apache/shardingsphere/proxy/initializer/impl/AbstractBootstrapInitializer.java
@@ -19,6 +19,7 @@ package org.apache.shardingsphere.proxy.initializer.impl;
import lombok.extern.slf4j.Slf4j;
import org.apache.shardingsphere.db.protocol.mysql.constant.MySQLServerInfo;
+import org.apache.shardingsphere.governance.context.auth.GovernanceAuthenticationContext;
import org.apache.shardingsphere.infra.config.datasource.DataSourceParameter;
import org.apache.shardingsphere.infra.config.properties.ConfigurationPropertyKey;
import org.apache.shardingsphere.infra.context.metadata.MetaDataContexts;
@@ -57,6 +58,7 @@ public abstract class AbstractBootstrapInitializer implements BootstrapInitializ
public final void init(final YamlProxyConfiguration yamlConfig, final int port) throws SQLException {
ProxyConfiguration proxyConfig = getProxyConfiguration(yamlConfig);
MetaDataContexts metaDataContexts = decorateMetaDataContexts(createMetaDataContexts(proxyConfig));
+ new GovernanceAuthenticationContext(metaDataContexts);
String xaTransactionMangerType = metaDataContexts.getProps().getValue(ConfigurationPropertyKey.XA_TRANSACTION_MANAGER_TYPE);
TransactionContexts transactionContexts = decorateTransactionContexts(createTransactionContexts(metaDataContexts), xaTransactionMangerType);
ProxyContext.getInstance().init(metaDataContexts, transactionContexts);