You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by li...@apache.org on 2017/07/03 08:08:37 UTC
[22/27] kylin git commit: minor, refine acl
minor, refine acl
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/d91f5229
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/d91f5229
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/d91f5229
Branch: refs/heads/master
Commit: d91f522904424f59d817bbcde10c47cc68f04d9d
Parents: 3ae8ca7
Author: Roger Shi <ro...@hotmail.com>
Authored: Fri Jun 30 20:52:03 2017 +0800
Committer: Hongbin Ma <ma...@kyligence.io>
Committed: Fri Jun 30 20:57:18 2017 +0800
----------------------------------------------------------------------
.../hbase/ITAclTableMigrationToolTest.java | 10 ++--
.../rest/controller2/ProjectControllerV2.java | 4 ++
.../org/apache/kylin/rest/msg/CnMessage.java | 2 +-
.../java/org/apache/kylin/rest/msg/Message.java | 2 +-
.../apache/kylin/rest/security/ManagedUser.java | 54 +++++++++++++++++---
.../rest/service/AclTableMigrationTool.java | 2 +-
.../kylin/rest/service/ServiceTestBase.java | 10 ++--
tool-assembly/pom.xml | 1 +
tool/pom.xml | 12 +++++
9 files changed, 79 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/kylin-it/src/test/java/org/apache/kylin/storage/hbase/ITAclTableMigrationToolTest.java
----------------------------------------------------------------------
diff --git a/kylin-it/src/test/java/org/apache/kylin/storage/hbase/ITAclTableMigrationToolTest.java b/kylin-it/src/test/java/org/apache/kylin/storage/hbase/ITAclTableMigrationToolTest.java
index 2cb671e..05f437d 100644
--- a/kylin-it/src/test/java/org/apache/kylin/storage/hbase/ITAclTableMigrationToolTest.java
+++ b/kylin-it/src/test/java/org/apache/kylin/storage/hbase/ITAclTableMigrationToolTest.java
@@ -44,7 +44,6 @@ import org.apache.kylin.common.util.Pair;
import org.apache.kylin.rest.security.AclConstant;
import org.apache.kylin.rest.service.AclService;
import org.apache.kylin.rest.service.AclTableMigrationTool;
-import org.apache.kylin.rest.service.UserGrantedAuthority;
import org.apache.kylin.rest.service.UserService;
import org.apache.kylin.rest.util.Serializer;
import org.junit.After;
@@ -53,6 +52,7 @@ import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -70,7 +70,7 @@ public class ITAclTableMigrationToolTest extends HBaseMetadataTestCase {
private TableName userTable = TableName.valueOf(STORE_WITH_OLD_TABLE + AclConstant.USER_TABLE_NAME);
- private Serializer<UserGrantedAuthority[]> ugaSerializer = new Serializer<UserGrantedAuthority[]>(UserGrantedAuthority[].class);
+ private Serializer<SimpleGrantedAuthority[]> ugaSerializer = new Serializer<>(SimpleGrantedAuthority[].class);
private AclTableMigrationTool aclTableMigrationJob;
@@ -192,13 +192,13 @@ public class ITAclTableMigrationToolTest extends HBaseMetadataTestCase {
if (authorities == null)
authorities = Collections.emptyList();
- UserGrantedAuthority[] serializing = new UserGrantedAuthority[authorities.size() + 1];
+ SimpleGrantedAuthority[] serializing = new SimpleGrantedAuthority[authorities.size() + 1];
// password is stored as the [0] authority
- serializing[0] = new UserGrantedAuthority(AclConstant.PWD_PREFIX + "password");
+ serializing[0] = new SimpleGrantedAuthority(AclConstant.PWD_PREFIX + "password");
int i = 1;
for (GrantedAuthority a : authorities) {
- serializing[i++] = new UserGrantedAuthority(a.getAuthority());
+ serializing[i++] = new SimpleGrantedAuthority(a.getAuthority());
}
byte[] value = ugaSerializer.serialize(serializing);
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server-base/src/main/java/org/apache/kylin/rest/controller2/ProjectControllerV2.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/controller2/ProjectControllerV2.java b/server-base/src/main/java/org/apache/kylin/rest/controller2/ProjectControllerV2.java
index a25e5b1..d6ac8f2 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/controller2/ProjectControllerV2.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/controller2/ProjectControllerV2.java
@@ -142,6 +142,10 @@ public class ProjectControllerV2 extends BasicController {
if (projectDesc.getName().equals(currentProject.getName())) {
updatedProj = projectService.updateProject(projectDesc, currentProject);
} else {
+ if (!isProjectEmpty(formerProjectName)) {
+ throw new BadRequestException(msg.getDELETE_PROJECT_NOT_EMPTY());
+ }
+ // disable project rename
updatedProj = projectService.renameProject(projectDesc, currentProject);
}
return new EnvelopeResponse(ResponseCode.CODE_SUCCESS, updatedProj, "");
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server-base/src/main/java/org/apache/kylin/rest/msg/CnMessage.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/msg/CnMessage.java b/server-base/src/main/java/org/apache/kylin/rest/msg/CnMessage.java
index a828aa0..e086b68 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/msg/CnMessage.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/msg/CnMessage.java
@@ -246,7 +246,7 @@ public class CnMessage extends Message {
}
public String getDELETE_PROJECT_NOT_EMPTY() {
- return "不能删除该项目,如需要删除请先清空其中的Cube和Model";
+ return "不能修改该项目,如需要修改请先清空其中的Cube和Model";
}
public String getRENAME_PROJECT_NOT_EMPTY() {
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server-base/src/main/java/org/apache/kylin/rest/msg/Message.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/msg/Message.java b/server-base/src/main/java/org/apache/kylin/rest/msg/Message.java
index 45c1a65..f48a217 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/msg/Message.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/msg/Message.java
@@ -246,7 +246,7 @@ public class Message {
}
public String getDELETE_PROJECT_NOT_EMPTY() {
- return "Cannot delete non-empty project";
+ return "Cannot modify non-empty project";
}
// Table
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server-base/src/main/java/org/apache/kylin/rest/security/ManagedUser.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/security/ManagedUser.java b/server-base/src/main/java/org/apache/kylin/rest/security/ManagedUser.java
index 280339e..69326a7 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/security/ManagedUser.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/security/ManagedUser.java
@@ -18,6 +18,7 @@
package org.apache.kylin.rest.security;
+import java.io.IOException;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
@@ -25,10 +26,20 @@ import java.util.List;
import org.apache.kylin.common.persistence.RootPersistentEntity;
import org.apache.kylin.rest.service.UserGrantedAuthority;
import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.google.common.collect.Lists;
@SuppressWarnings("serial")
@@ -40,7 +51,9 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
@JsonProperty
private String password;
@JsonProperty
- private List<UserGrantedAuthority> authorities = Lists.newArrayList();
+ @JsonSerialize(using = SimpleGrantedAuthoritySerializer.class)
+ @JsonDeserialize(using = SimpleGrantedAuthorityDeserializer.class)
+ private List<SimpleGrantedAuthority> authorities = Lists.newArrayList();
@JsonProperty
private boolean disabled = false;
@JsonProperty
@@ -60,7 +73,7 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
}
public ManagedUser(@JsonProperty String username, @JsonProperty String password,
- @JsonProperty List<UserGrantedAuthority> authorities, @JsonProperty boolean disabled,
+ @JsonProperty List<SimpleGrantedAuthority> authorities, @JsonProperty boolean disabled,
@JsonProperty boolean defaultPassword, @JsonProperty boolean locked, @JsonProperty long lockedTime,
@JsonProperty int wrongTime) {
this.username = username;
@@ -82,7 +95,7 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
this.authorities = Lists.newArrayList();
for (String a : authoritiesStr) {
- authorities.add(new UserGrantedAuthority(a));
+ authorities.add(new SimpleGrantedAuthority(a));
}
caterLegacy();
@@ -116,7 +129,7 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
}
private void caterLegacy() {
- Iterator<UserGrantedAuthority> iterator = authorities.iterator();
+ Iterator<SimpleGrantedAuthority> iterator = authorities.iterator();
while (iterator.hasNext()) {
if (DISABLED_ROLE.equals(iterator.next().getAuthority())) {
iterator.remove();
@@ -125,14 +138,14 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
}
}
- public List<UserGrantedAuthority> getAuthorities() {
+ public List<SimpleGrantedAuthority> getAuthorities() {
return this.authorities;
}
public void setGrantedAuthorities(Collection<? extends GrantedAuthority> grantedAuthorities) {
this.authorities = Lists.newArrayList();
for (GrantedAuthority grantedAuthority : grantedAuthorities) {
- this.authorities.add(new UserGrantedAuthority(grantedAuthority.getAuthority()));
+ this.authorities.add(new SimpleGrantedAuthority(grantedAuthority.getAuthority()));
}
}
@@ -228,4 +241,33 @@ public class ManagedUser extends RootPersistentEntity implements UserDetails {
public String toString() {
return "ManagedUser [username=" + username + ", authorities=" + authorities + "]";
}
+
+ private static class SimpleGrantedAuthoritySerializer extends JsonSerializer<List<SimpleGrantedAuthority>> {
+
+ @Override
+ public void serialize(List<SimpleGrantedAuthority> value, JsonGenerator gen, SerializerProvider serializers)
+ throws IOException, JsonProcessingException {
+ List<UserGrantedAuthority> ugaList = Lists.newArrayList();
+ for (SimpleGrantedAuthority sga : value) {
+ ugaList.add(new UserGrantedAuthority(sga.getAuthority()));
+ }
+
+ gen.writeObject(ugaList);
+ }
+ }
+
+ private static class SimpleGrantedAuthorityDeserializer extends JsonDeserializer<List<SimpleGrantedAuthority>> {
+
+ @Override
+ public List<SimpleGrantedAuthority> deserialize(JsonParser p, DeserializationContext ctxt)
+ throws IOException, JsonProcessingException {
+ UserGrantedAuthority[] ugaArray = p.readValueAs(UserGrantedAuthority[].class);
+ List<SimpleGrantedAuthority> sgaList = Lists.newArrayList();
+ for (UserGrantedAuthority uga : ugaArray) {
+ sgaList.add(new SimpleGrantedAuthority(uga.getAuthority()));
+ }
+
+ return sgaList;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server-base/src/main/java/org/apache/kylin/rest/service/AclTableMigrationTool.java
----------------------------------------------------------------------
diff --git a/server-base/src/main/java/org/apache/kylin/rest/service/AclTableMigrationTool.java b/server-base/src/main/java/org/apache/kylin/rest/service/AclTableMigrationTool.java
index 64bac23..029efdc 100644
--- a/server-base/src/main/java/org/apache/kylin/rest/service/AclTableMigrationTool.java
+++ b/server-base/src/main/java/org/apache/kylin/rest/service/AclTableMigrationTool.java
@@ -193,7 +193,7 @@ public class AclTableMigrationTool {
}
private DomainObjectInfo getDomainObjectInfoFromRs(Result result) {
- String type = String.valueOf(result.getValue(Bytes.toBytes(AclConstant.ACL_INFO_FAMILY),
+ String type = new String(result.getValue(Bytes.toBytes(AclConstant.ACL_INFO_FAMILY),
Bytes.toBytes(AclConstant.ACL_INFO_FAMILY_TYPE_COLUMN)));
String id = new String(result.getRow());
DomainObjectInfo newInfo = new DomainObjectInfo();
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/server/src/test/java/org/apache/kylin/rest/service/ServiceTestBase.java
----------------------------------------------------------------------
diff --git a/server/src/test/java/org/apache/kylin/rest/service/ServiceTestBase.java b/server/src/test/java/org/apache/kylin/rest/service/ServiceTestBase.java
index 1d60a53..e2f5258 100644
--- a/server/src/test/java/org/apache/kylin/rest/service/ServiceTestBase.java
+++ b/server/src/test/java/org/apache/kylin/rest/service/ServiceTestBase.java
@@ -35,6 +35,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.ContextConfiguration;
@@ -72,18 +73,19 @@ public class ServiceTestBase extends LocalFileMetadataTestCase {
if (!userService.userExists("ADMIN")) {
userService.createUser(new ManagedUser("ADMIN", "KYLIN", false, Arrays.asList(//
- new UserGrantedAuthority(Constant.ROLE_ADMIN), new UserGrantedAuthority(Constant.ROLE_ANALYST),
- new UserGrantedAuthority(Constant.ROLE_MODELER))));
+ new SimpleGrantedAuthority(Constant.ROLE_ADMIN), new SimpleGrantedAuthority(Constant.ROLE_ANALYST),
+ new SimpleGrantedAuthority(Constant.ROLE_MODELER))));
}
if (!userService.userExists("MODELER")) {
userService.createUser(new ManagedUser("MODELER", "MODELER", false, Arrays.asList(//
- new UserGrantedAuthority(Constant.ROLE_ANALYST), new UserGrantedAuthority(Constant.ROLE_MODELER))));
+ new SimpleGrantedAuthority(Constant.ROLE_ANALYST),
+ new SimpleGrantedAuthority(Constant.ROLE_MODELER))));
}
if (!userService.userExists("ANALYST")) {
userService.createUser(new ManagedUser("ANALYST", "ANALYST", false, Arrays.asList(//
- new UserGrantedAuthority(Constant.ROLE_ANALYST))));
+ new SimpleGrantedAuthority(Constant.ROLE_ANALYST))));
}
}
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/tool-assembly/pom.xml
----------------------------------------------------------------------
diff --git a/tool-assembly/pom.xml b/tool-assembly/pom.xml
index 0595bdd..df0725b 100644
--- a/tool-assembly/pom.xml
+++ b/tool-assembly/pom.xml
@@ -104,6 +104,7 @@
<include>org.apache.kylin:*</include>
<include>org.springframework.security:spring-security-core</include>
<include>org.springframework.security:spring-security-acl</include>
+ <include>org.springframework:spring-core</include>
</includes>
</artifactSet>
<relocations>
http://git-wip-us.apache.org/repos/asf/kylin/blob/d91f5229/tool/pom.xml
----------------------------------------------------------------------
diff --git a/tool/pom.xml b/tool/pom.xml
index cced5d2..06a7e5a 100644
--- a/tool/pom.xml
+++ b/tool/pom.xml
@@ -32,6 +32,10 @@
<version>2.1.0-SNAPSHOT</version>
</parent>
+ <properties>
+ <spring.framework.version>4.2.8.RELEASE</spring.framework.version>
+ </properties>
+
<dependencies>
<dependency>
<groupId>org.apache.kylin</groupId>
@@ -72,6 +76,14 @@
<scope>provided</scope>
</dependency>
+ <!--Spring-->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ <version>${spring.framework.version}</version>
+ <scope>compile</scope>
+ </dependency>
+
<!-- Env & Test -->
<dependency>
<groupId>org.apache.kylin</groupId>