You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by ch...@apache.org on 2023/06/15 18:57:18 UTC
[shardingsphere] branch master updated: Private EncryptRule.findStandardEncryptor() (#26378)
This is an automated email from the ASF dual-hosted git repository.
chengzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new fa9134e16c6 Private EncryptRule.findStandardEncryptor() (#26378)
fa9134e16c6 is described below
commit fa9134e16c69cd3d2846661f7ded993ff702c67b
Author: Liang Zhang <zh...@apache.org>
AuthorDate: Fri Jun 16 02:57:12 2023 +0800
Private EncryptRule.findStandardEncryptor() (#26378)
* Refactor EncryptAssignmentTokenGeneratorTest
* Refactor EncryptAlterTableTokenGenerator
* Private EncryptRule.findStandardEncryptor()
* Private EncryptRule.findStandardEncryptor()
---
.../BroadcastTableBroadcastRoutingEngine.java | 1 +
.../merge/dql/EncryptAlgorithmMetaData.java | 15 +------
.../encrypt/merge/dql/EncryptMergedResult.java | 12 +++---
.../generator/EncryptAlterTableTokenGenerator.java | 18 ++++-----
.../shardingsphere/encrypt/rule/EncryptRule.java | 46 +++++++++++++++-------
.../merge/dql/EncryptAlgorithmMetaDataTest.java | 18 ---------
.../EncryptAssignmentTokenGeneratorTest.java | 2 -
.../encrypt/rule/EncryptRuleTest.java | 11 ------
8 files changed, 47 insertions(+), 76 deletions(-)
diff --git a/features/broadcast/core/src/main/java/org/apache/shardingsphere/broadcast/route/engine/type/broadcast/BroadcastTableBroadcastRoutingEngine.java b/features/broadcast/core/src/main/java/org/apache/shardingsphere/broadcast/route/engine/type/broadcast/BroadcastTableBroadcastRoutingEngine.java
index 4de5cad21b4..9ea7b5339fd 100644
--- a/features/broadcast/core/src/main/java/org/apache/shardingsphere/broadcast/route/engine/type/broadcast/BroadcastTableBroadcastRoutingEngine.java
+++ b/features/broadcast/core/src/main/java/org/apache/shardingsphere/broadcast/route/engine/type/broadcast/BroadcastTableBroadcastRoutingEngine.java
@@ -33,6 +33,7 @@ import java.util.Collections;
*/
@RequiredArgsConstructor
public final class BroadcastTableBroadcastRoutingEngine implements BroadcastRouteEngine {
+
private final Collection<String> broadcastRuleTableNames;
@Override
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaData.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaData.java
index 9cbcf6e0d79..8583a32363e 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaData.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaData.java
@@ -17,9 +17,9 @@
package org.apache.shardingsphere.encrypt.merge.dql;
+import lombok.Getter;
import lombok.RequiredArgsConstructor;
import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
-import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
import org.apache.shardingsphere.encrypt.context.EncryptContextBuilder;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.infra.binder.segment.select.projection.Projection;
@@ -38,8 +38,8 @@ import java.util.Optional;
/**
* Encrypt algorithm meta data.
*/
-@SuppressWarnings("rawtypes")
@RequiredArgsConstructor
+@Getter
public final class EncryptAlgorithmMetaData {
private final ShardingSphereDatabase database;
@@ -48,17 +48,6 @@ public final class EncryptAlgorithmMetaData {
private final SelectStatementContext selectStatementContext;
- /**
- * Find standard encryptor.
- *
- * @param tableName table name
- * @param columnName column name
- * @return standard encryptor
- */
- public Optional<StandardEncryptAlgorithm> findStandardEncryptor(final String tableName, final String columnName) {
- return encryptRule.findStandardEncryptor(tableName, columnName);
- }
-
/**
* Find encrypt context.
*
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
index 1f59aba4349..f205b23a332 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptMergedResult.java
@@ -18,7 +18,6 @@
package org.apache.shardingsphere.encrypt.merge.dql;
import lombok.RequiredArgsConstructor;
-import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
import org.apache.shardingsphere.infra.merge.result.MergedResult;
@@ -43,19 +42,18 @@ public final class EncryptMergedResult implements MergedResult {
return mergedResult.next();
}
- @SuppressWarnings({"rawtypes", "unchecked"})
@Override
public Object getValue(final int columnIndex, final Class<?> type) throws SQLException {
Optional<EncryptContext> encryptContext = metaData.findEncryptContext(columnIndex);
if (!encryptContext.isPresent()) {
return mergedResult.getValue(columnIndex, type);
}
- Optional<StandardEncryptAlgorithm> encryptAlgorithm = metaData.findStandardEncryptor(encryptContext.get().getTableName(), encryptContext.get().getColumnName());
- if (!encryptAlgorithm.isPresent()) {
- return mergedResult.getValue(columnIndex, type);
+ if (metaData.getEncryptRule().findEncryptTable(encryptContext.get().getTableName()).map(optional -> optional.isEncryptColumn(encryptContext.get().getColumnName())).orElse(false)) {
+ Object cipherValue = mergedResult.getValue(columnIndex, Object.class);
+ return metaData.getEncryptRule().decrypt(
+ encryptContext.get().getDatabaseName(), encryptContext.get().getSchemaName(), encryptContext.get().getTableName(), encryptContext.get().getColumnName(), cipherValue);
}
- Object cipherValue = mergedResult.getValue(columnIndex, Object.class);
- return null == cipherValue ? null : encryptAlgorithm.get().decrypt(cipherValue, encryptContext.get());
+ return mergedResult.getValue(columnIndex, type);
}
@Override
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAlterTableTokenGenerator.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAlterTableTokenGenerator.java
index b18a640eb76..f82606b06f3 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAlterTableTokenGenerator.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAlterTableTokenGenerator.java
@@ -18,7 +18,6 @@
package org.apache.shardingsphere.encrypt.rewrite.token.generator;
import lombok.Setter;
-import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
import org.apache.shardingsphere.encrypt.exception.metadata.EncryptColumnAlterException;
import org.apache.shardingsphere.encrypt.rewrite.aware.EncryptRuleAware;
import org.apache.shardingsphere.encrypt.rewrite.token.pojo.EncryptAlterTableToken;
@@ -32,6 +31,7 @@ import org.apache.shardingsphere.infra.rewrite.sql.token.generator.CollectionSQL
import org.apache.shardingsphere.infra.rewrite.sql.token.pojo.SQLToken;
import org.apache.shardingsphere.infra.rewrite.sql.token.pojo.Substitutable;
import org.apache.shardingsphere.infra.rewrite.sql.token.pojo.generic.RemoveToken;
+import org.apache.shardingsphere.infra.util.exception.ShardingSpherePreconditions;
import org.apache.shardingsphere.sql.parser.sql.common.segment.ddl.column.ColumnDefinitionSegment;
import org.apache.shardingsphere.sql.parser.sql.common.segment.ddl.column.alter.AddColumnDefinitionSegment;
import org.apache.shardingsphere.sql.parser.sql.common.segment.ddl.column.alter.ChangeColumnDefinitionSegment;
@@ -180,19 +180,15 @@ public final class EncryptAlterTableTokenGenerator implements CollectionSQLToken
return result;
}
- @SuppressWarnings("rawtypes")
private void isSameEncryptColumn(final EncryptTable encryptTable, final ChangeColumnDefinitionSegment segment) {
- Optional<StandardEncryptAlgorithm> previousAlgorithm = encryptRule.findStandardEncryptor(encryptTable.getTable(), segment.getPreviousColumn().getIdentifier().getValue());
- Optional<StandardEncryptAlgorithm> currentAlgorithm = encryptRule.findStandardEncryptor(encryptTable.getTable(), segment.getColumnDefinition().getColumnName().getIdentifier().getValue());
- if (!previousAlgorithm.isPresent() && !currentAlgorithm.isPresent()) {
+ Optional<String> previousEncryptorName = encryptTable.findEncryptorName(segment.getPreviousColumn().getIdentifier().getValue());
+ Optional<String> currentEncryptorName = encryptTable.findEncryptorName(segment.getColumnDefinition().getColumnName().getIdentifier().getValue());
+ if (!previousEncryptorName.isPresent() && !currentEncryptorName.isPresent()) {
return;
}
- if (previousAlgorithm.isPresent()
- && currentAlgorithm.isPresent() && previousAlgorithm.get().equals(currentAlgorithm.get()) && checkPreviousAndAfterHasSameColumnNumber(encryptTable, segment)) {
- return;
- }
- throw new EncryptColumnAlterException(
- encryptTable.getTable(), segment.getColumnDefinition().getColumnName().getIdentifier().getValue(), segment.getPreviousColumn().getIdentifier().getValue());
+ ShardingSpherePreconditions.checkState(previousEncryptorName.equals(currentEncryptorName) && checkPreviousAndAfterHasSameColumnNumber(encryptTable, segment),
+ () -> new EncryptColumnAlterException(
+ encryptTable.getTable(), segment.getColumnDefinition().getColumnName().getIdentifier().getValue(), segment.getPreviousColumn().getIdentifier().getValue()));
}
private boolean checkPreviousAndAfterHasSameColumnNumber(final EncryptTable encryptTable, final ChangeColumnDefinitionSegment changeColumnDefinitionSegment) {
diff --git a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
index 58e20061113..5aa9eceecf9 100644
--- a/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
+++ b/features/encrypt/core/src/main/java/org/apache/shardingsphere/encrypt/rule/EncryptRule.java
@@ -135,18 +135,6 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
return encryptTable.get();
}
- /**
- * Find standard encryptor.
- *
- * @param tableName table name
- * @param logicColumnName logic column name
- * @return standard encryptor
- */
- @SuppressWarnings("rawtypes")
- public Optional<StandardEncryptAlgorithm> findStandardEncryptor(final String tableName, final String logicColumnName) {
- return findEncryptTable(tableName).flatMap(optional -> optional.findEncryptorName(logicColumnName).map(standardEncryptors::get));
- }
-
/**
* Find assisted encryptor.
*
@@ -179,15 +167,18 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
* @param tableName table name
* @param logicColumnName logic column name
* @param originalValue original value
- * @return encrypted values
+ * @return encrypted value
*/
@SuppressWarnings("unchecked")
public Object encrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object originalValue) {
+ if (null == originalValue) {
+ return null;
+ }
@SuppressWarnings("rawtypes")
Optional<StandardEncryptAlgorithm> encryptor = findStandardEncryptor(tableName, logicColumnName);
ShardingSpherePreconditions.checkState(encryptor.isPresent(), () -> new MissingEncryptorException(tableName, logicColumnName, "STANDARD"));
EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
- return null == originalValue ? null : encryptor.get().encrypt(originalValue, context);
+ return encryptor.get().encrypt(originalValue, context);
}
/**
@@ -217,6 +208,33 @@ public final class EncryptRule implements DatabaseRule, TableContainedRule {
return result;
}
+ /**
+ * Decrypt.
+ *
+ * @param databaseName database name
+ * @param schemaName schema name
+ * @param tableName table name
+ * @param logicColumnName logic column name
+ * @param cipherValue cipher value
+ * @return decrypted value
+ */
+ @SuppressWarnings("unchecked")
+ public Object decrypt(final String databaseName, final String schemaName, final String tableName, final String logicColumnName, final Object cipherValue) {
+ if (null == cipherValue) {
+ return null;
+ }
+ @SuppressWarnings("rawtypes")
+ Optional<StandardEncryptAlgorithm> encryptor = findStandardEncryptor(tableName, logicColumnName);
+ ShardingSpherePreconditions.checkState(encryptor.isPresent(), () -> new MissingEncryptorException(tableName, logicColumnName, "STANDARD"));
+ EncryptContext context = EncryptContextBuilder.build(databaseName, schemaName, tableName, logicColumnName);
+ return encryptor.get().decrypt(cipherValue, context);
+ }
+
+ @SuppressWarnings("rawtypes")
+ private Optional<StandardEncryptAlgorithm> findStandardEncryptor(final String tableName, final String logicColumnName) {
+ return findEncryptTable(tableName).flatMap(optional -> optional.findEncryptorName(logicColumnName).map(standardEncryptors::get));
+ }
+
/**
* Get encrypt assisted query value.
*
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaDataTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaDataTest.java
index 20a8bbb2bfc..4545fdcfc00 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaDataTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/merge/dql/EncryptAlgorithmMetaDataTest.java
@@ -18,10 +18,8 @@
package org.apache.shardingsphere.encrypt.merge.dql;
import org.apache.shardingsphere.encrypt.api.context.EncryptContext;
-import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
-import org.apache.shardingsphere.encrypt.spi.EncryptAlgorithm;
import org.apache.shardingsphere.infra.binder.segment.select.projection.ProjectionsContext;
import org.apache.shardingsphere.infra.binder.segment.select.projection.impl.ColumnProjection;
import org.apache.shardingsphere.infra.binder.segment.select.projection.impl.DerivedProjection;
@@ -32,8 +30,6 @@ import org.apache.shardingsphere.infra.database.DefaultDatabase;
import org.apache.shardingsphere.infra.database.type.dialect.MySQLDatabaseType;
import org.apache.shardingsphere.infra.metadata.database.ShardingSphereDatabase;
import org.apache.shardingsphere.infra.metadata.database.schema.model.ShardingSphereSchema;
-import org.apache.shardingsphere.infra.util.spi.type.typed.TypedSPILoader;
-import org.apache.shardingsphere.test.util.PropertiesBuilder;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
@@ -81,8 +77,6 @@ class EncryptAlgorithmMetaDataTest {
@Mock
private ProjectionsContext projectionsContext;
- private StandardEncryptAlgorithm<?, ?> encryptAlgorithm;
-
@BeforeEach
void setUp() {
when(selectStatementContext.getProjectionsContext()).thenReturn(projectionsContext);
@@ -93,8 +87,6 @@ class EncryptAlgorithmMetaDataTest {
when(selectStatementContext.getDatabaseType()).thenReturn(new MySQLDatabaseType());
when(database.getName()).thenReturn(DefaultDatabase.LOGIC_NAME);
when(database.getSchema(DefaultDatabase.LOGIC_NAME)).thenReturn(schema);
- encryptAlgorithm =
- (StandardEncryptAlgorithm<?, ?>) TypedSPILoader.getService(EncryptAlgorithm.class, "AES", PropertiesBuilder.build(new PropertiesBuilder.Property("aes-key-value", "123456abc")));
}
@Test
@@ -148,14 +140,4 @@ class EncryptAlgorithmMetaDataTest {
Optional<EncryptContext> actual = encryptAlgorithmMetaData.findEncryptContext(1);
assertFalse(actual.isPresent());
}
-
- @SuppressWarnings("rawtypes")
- @Test
- void assertFindStandardEncryptor() {
- when(encryptRule.findStandardEncryptor("t_order", "id")).thenReturn(Optional.of(encryptAlgorithm));
- EncryptAlgorithmMetaData encryptAlgorithmMetaData = new EncryptAlgorithmMetaData(database, encryptRule, selectStatementContext);
- Optional<StandardEncryptAlgorithm> actualEncryptor = encryptAlgorithmMetaData.findStandardEncryptor("t_order", "id");
- assertTrue(actualEncryptor.isPresent());
- assertThat(actualEncryptor.get().getType(), is("AES"));
- }
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
index 42a4d5d2afa..48c531c67c3 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rewrite/token/generator/EncryptAssignmentTokenGeneratorTest.java
@@ -17,7 +17,6 @@
package org.apache.shardingsphere.encrypt.rewrite.token.generator;
-import org.apache.shardingsphere.encrypt.api.encrypt.standard.StandardEncryptAlgorithm;
import org.apache.shardingsphere.encrypt.rule.EncryptRule;
import org.apache.shardingsphere.encrypt.rule.EncryptTable;
import org.apache.shardingsphere.infra.binder.statement.dml.InsertStatementContext;
@@ -82,7 +81,6 @@ class EncryptAssignmentTokenGeneratorTest {
EncryptTable encryptTable = mock(EncryptTable.class);
when(encryptTable.isEncryptColumn("columns")).thenReturn(true);
when(result.getEncryptTable("table")).thenReturn(encryptTable);
- when(result.findStandardEncryptor("table", "columns")).thenReturn(Optional.of(mock(StandardEncryptAlgorithm.class)));
return result;
}
diff --git a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
index 84b5a551a6c..c8ecb924bee 100644
--- a/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
+++ b/features/encrypt/core/src/test/java/org/apache/shardingsphere/encrypt/rule/EncryptRuleTest.java
@@ -43,7 +43,6 @@ import java.util.stream.Stream;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
@@ -65,16 +64,6 @@ class EncryptRuleTest {
assertThrows(EncryptTableNotFoundException.class, () -> new EncryptRule(createEncryptRuleConfiguration()).getEncryptTable("not_existed_tbl"));
}
- @Test
- void assertFindStandardEncryptor() {
- assertTrue(new EncryptRule(createEncryptRuleConfiguration()).findStandardEncryptor("t_encrypt", "pwd").isPresent());
- }
-
- @Test
- void assertNotFindStandardEncryptor() {
- assertFalse(new EncryptRule(createEncryptRuleConfiguration()).findStandardEncryptor("t_encrypt", "other_column").isPresent());
- }
-
@Test
void assertGetEncryptValues() {
List<Object> encryptAssistedQueryValues = new EncryptRule(createEncryptRuleConfiguration())