You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dolphinscheduler.apache.org by ke...@apache.org on 2022/10/27 06:03:12 UTC
[dolphinscheduler] branch 3.1.1-prepare updated: cherry-pick [Bug] Set tenantDir permission #12486
This is an automated email from the ASF dual-hosted git repository.
kerwin pushed a commit to branch 3.1.1-prepare
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/3.1.1-prepare by this push:
new a5a849f615 cherry-pick [Bug] Set tenantDir permission #12486
a5a849f615 is described below
commit a5a849f615ea7aa97e22cda80bf3addaa6c52b9d
Author: Wenjun Ruan <we...@apache.org>
AuthorDate: Sun Oct 23 21:54:01 2022 +0800
cherry-pick [Bug] Set tenantDir permission
#12486
---
.../dolphinscheduler/common/utils/FileUtils.java | 33 +++++++++++--------
.../common/utils/FileUtilsTest.java | 5 +--
.../service/utils/ProcessUtils.java | 4 ++-
.../worker/utils/TaskExecutionCheckerUtils.java | 38 ++++++++++++++++++----
4 files changed, 58 insertions(+), 22 deletions(-)
diff --git a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
index 23e4b74b75..14a7511b0d 100644
--- a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
+++ b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
@@ -87,22 +87,29 @@ public class FileUtils {
/**
* directory of process execution
*
- * @param projectCode project code
- * @param processDefineCode process definition Code
+ * @param tenant tenant
+ * @param projectCode project code
+ * @param processDefineCode process definition Code
* @param processDefineVersion process definition version
- * @param processInstanceId process instance id
- * @param taskInstanceId task instance id
+ * @param processInstanceId process instance id
+ * @param taskInstanceId task instance id
* @return directory of process execution
*/
- public static String getProcessExecDir(long projectCode, long processDefineCode, int processDefineVersion, int processInstanceId, int taskInstanceId) {
- String fileName = String.format("%s/exec/process/%d/%s/%d/%d", DATA_BASEDIR,
- projectCode, processDefineCode + "_" + processDefineVersion, processInstanceId, taskInstanceId);
- File file = new File(fileName);
- if (!file.getParentFile().exists()) {
- file.getParentFile().mkdirs();
- }
-
- return fileName;
+ public static String getProcessExecDir(String tenant,
+ long projectCode,
+ long processDefineCode,
+ int processDefineVersion,
+ int processInstanceId,
+ int taskInstanceId) {
+ return String.format(
+ "%s/exec/process/%s/%d/%d_%d/%d/%d",
+ DATA_BASEDIR,
+ tenant,
+ projectCode,
+ processDefineCode,
+ processDefineVersion,
+ processInstanceId,
+ taskInstanceId);
}
/**
diff --git a/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java b/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
index fdcaccd697..256414fdb7 100644
--- a/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
+++ b/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
@@ -26,6 +26,7 @@ import java.io.FileNotFoundException;
import org.junit.Assert;
import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
import org.junit.runner.RunWith;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.core.classloader.annotations.PrepareForTest;
@@ -51,8 +52,8 @@ public class FileUtilsTest {
@Test
public void testGetProcessExecDir() {
- String dir = FileUtils.getProcessExecDir(1L, 2L, 1, 3, 4);
- Assert.assertEquals("/tmp/dolphinscheduler/exec/process/1/2_1/3/4", dir);
+ String dir = FileUtils.getProcessExecDir("test", 1L, 2L, 1, 3, 4);
+ Assertions.assertEquals("/tmp/dolphinscheduler/exec/process/test/1/2_1/3/4", dir);
}
@Test
diff --git a/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java b/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
index 32b077cb52..e684600bfb 100644
--- a/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
+++ b/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
@@ -198,7 +198,9 @@ public class ProcessUtils {
if (CollectionUtils.isNotEmpty(appIds)) {
if (StringUtils.isEmpty(taskExecutionContext.getExecutePath())) {
taskExecutionContext
- .setExecutePath(FileUtils.getProcessExecDir(taskExecutionContext.getProjectCode(),
+ .setExecutePath(FileUtils.getProcessExecDir(
+ taskExecutionContext.getTenantCode(),
+ taskExecutionContext.getProjectCode(),
taskExecutionContext.getProcessDefineCode(),
taskExecutionContext.getProcessDefineVersion(),
taskExecutionContext.getProcessInstanceId(),
diff --git a/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java b/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
index d0467a25dc..875db06dbb 100644
--- a/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
+++ b/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
@@ -33,8 +33,13 @@ import org.apache.commons.lang3.SystemUtils;
import org.apache.commons.lang3.tuple.Pair;
import java.io.File;
+import java.io.IOException;
+import java.nio.file.FileSystems;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
+import java.nio.file.attribute.UserPrincipal;
+import java.nio.file.attribute.UserPrincipalLookupService;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -45,23 +50,24 @@ public class TaskExecutionCheckerUtils {
public static void checkTenantExist(WorkerConfig workerConfig, TaskExecutionContext taskExecutionContext) {
try {
+ String tenantCode = taskExecutionContext.getTenantCode();
boolean osUserExistFlag;
// if Using distributed is true and Currently supported systems are linux,Should not let it
// automatically
// create tenants,so TenantAutoCreate has no effect
if (workerConfig.isTenantDistributedUser() && SystemUtils.IS_OS_LINUX) {
// use the id command to judge in linux
- osUserExistFlag = OSUtils.existTenantCodeInLinux(taskExecutionContext.getTenantCode());
+ osUserExistFlag = OSUtils.existTenantCodeInLinux(tenantCode);
} else if (OSUtils.isSudoEnable() && workerConfig.isTenantAutoCreate()) {
// if not exists this user, then create
- OSUtils.createUserIfAbsent(taskExecutionContext.getTenantCode());
- osUserExistFlag = OSUtils.getUserList().contains(taskExecutionContext.getTenantCode());
+ OSUtils.createUserIfAbsent(tenantCode);
+ osUserExistFlag = OSUtils.getUserList().contains(tenantCode);
} else {
- osUserExistFlag = OSUtils.getUserList().contains(taskExecutionContext.getTenantCode());
+ osUserExistFlag = OSUtils.getUserList().contains(tenantCode);
}
if (!osUserExistFlag) {
throw new TaskException(
- String.format("TenantCode: %s doesn't exist", taskExecutionContext.getTenantCode()));
+ String.format("TenantCode: %s doesn't exist", tenantCode));
}
} catch (TaskException ex) {
throw ex;
@@ -75,13 +81,14 @@ public class TaskExecutionCheckerUtils {
try {
// local execute path
String execLocalPath = FileUtils.getProcessExecDir(
+ taskExecutionContext.getTenantCode(),
taskExecutionContext.getProjectCode(),
taskExecutionContext.getProcessDefineCode(),
taskExecutionContext.getProcessDefineVersion(),
taskExecutionContext.getProcessInstanceId(),
taskExecutionContext.getTaskInstanceId());
taskExecutionContext.setExecutePath(execLocalPath);
- FileUtils.createWorkDirIfAbsent(execLocalPath);
+ createDirectoryWithOwner(Paths.get(execLocalPath), taskExecutionContext.getTenantCode());
} catch (Throwable ex) {
throw new TaskException("Cannot create process execute dir", ex);
}
@@ -131,4 +138,23 @@ public class TaskExecutionCheckerUtils {
}
}
}
+
+ private static void createDirectoryWithOwner(Path filePath, String tenant) {
+ if (Files.exists(filePath)) {
+ return;
+ }
+ try {
+ Files.createDirectories(filePath);
+ if (!OSUtils.isSudoEnable()) {
+ // we need to open sudo, then we can change the owner.
+ return;
+ }
+ UserPrincipalLookupService userPrincipalLookupService =
+ FileSystems.getDefault().getUserPrincipalLookupService();
+ UserPrincipal tenantPrincipal = userPrincipalLookupService.lookupPrincipalByName(tenant);
+ Files.setOwner(filePath, tenantPrincipal);
+ } catch (IOException e) {
+ throw new TaskException("Set tenant directory permission failed, tenant: " + tenant, e);
+ }
+ }
}