This is an automated email from the ASF dual-hosted git repository.
wenjun pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git
The following commit(s) were added to refs/heads/dev by this push:
new a0d37fc7ae Set tenantDir permission (#12486)
a0d37fc7ae is described below
commit a0d37fc7aea5e395f7f9b0515d866ce036b49505
Author: Wenjun Ruan <[email protected]>
AuthorDate: Sun Oct 23 21:54:01 2022 +0800
Set tenantDir permission (#12486)
---
.../dolphinscheduler/common/utils/FileUtils.java | 34 +++++++++++--------
.../common/utils/FileUtilsTest.java | 4 +--
.../service/utils/ProcessUtils.java | 4 ++-
.../worker/utils/TaskExecutionCheckerUtils.java | 38 ++++++++++++++++++----
4 files changed, 57 insertions(+), 23 deletions(-)
diff --git
a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
index 79990a4642..2d19f7fcf9 100644
---
a/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
+++
b/dolphinscheduler-common/src/main/java/org/apache/dolphinscheduler/common/utils/FileUtils.java
@@ -88,23 +88,29 @@ public class FileUtils {
/**
* directory of process execution
*
- * @param projectCode project code
- * @param processDefineCode process definition Code
+ * @param tenant tenant
+ * @param projectCode project code
+ * @param processDefineCode process definition Code
* @param processDefineVersion process definition version
- * @param processInstanceId process instance id
- * @param taskInstanceId task instance id
+ * @param processInstanceId process instance id
+ * @param taskInstanceId task instance id
* @return directory of process execution
*/
- public static String getProcessExecDir(long projectCode, long
processDefineCode, int processDefineVersion,
- int processInstanceId, int
taskInstanceId) {
- String fileName = String.format("%s/exec/process/%d/%s/%d/%d",
DATA_BASEDIR,
- projectCode, processDefineCode + "_" + processDefineVersion,
processInstanceId, taskInstanceId);
- File file = new File(fileName);
- if (!file.getParentFile().exists()) {
- file.getParentFile().mkdirs();
- }
-
- return fileName;
+ public static String getProcessExecDir(String tenant,
+ long projectCode,
+ long processDefineCode,
+ int processDefineVersion,
+ int processInstanceId,
+ int taskInstanceId) {
+ return String.format(
+ "%s/exec/process/%s/%d/%d_%d/%d/%d",
+ DATA_BASEDIR,
+ tenant,
+ projectCode,
+ processDefineCode,
+ processDefineVersion,
+ processInstanceId,
+ taskInstanceId);
}
/**
diff --git
a/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
b/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
index 7fcfc3b31b..e8a628ff08 100644
---
a/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
+++
b/dolphinscheduler-common/src/test/java/org/apache/dolphinscheduler/common/utils/FileUtilsTest.java
@@ -51,8 +51,8 @@ public class FileUtilsTest {
@Test
public void testGetProcessExecDir() {
- String dir = FileUtils.getProcessExecDir(1L, 2L, 1, 3, 4);
-
Assertions.assertEquals("/tmp/dolphinscheduler/exec/process/1/2_1/3/4", dir);
+ String dir = FileUtils.getProcessExecDir("test", 1L, 2L, 1, 3, 4);
+
Assertions.assertEquals("/tmp/dolphinscheduler/exec/process/test/1/2_1/3/4",
dir);
}
@Test
diff --git
a/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
b/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
index e324c94205..b20af9dc34 100644
---
a/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
+++
b/dolphinscheduler-service/src/main/java/org/apache/dolphinscheduler/service/utils/ProcessUtils.java
@@ -204,7 +204,9 @@ public class ProcessUtils {
if (CollectionUtils.isNotEmpty(appIds)) {
if
(StringUtils.isEmpty(taskExecutionContext.getExecutePath())) {
taskExecutionContext
-
.setExecutePath(FileUtils.getProcessExecDir(taskExecutionContext.getProjectCode(),
+ .setExecutePath(FileUtils.getProcessExecDir(
+ taskExecutionContext.getTenantCode(),
+ taskExecutionContext.getProjectCode(),
taskExecutionContext.getProcessDefineCode(),
taskExecutionContext.getProcessDefineVersion(),
taskExecutionContext.getProcessInstanceId(),
diff --git
a/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
b/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
index 1aea96d9d8..ff08b6d09b 100644
---
a/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
+++
b/dolphinscheduler-worker/src/main/java/org/apache/dolphinscheduler/server/worker/utils/TaskExecutionCheckerUtils.java
@@ -33,8 +33,13 @@ import org.apache.commons.lang3.SystemUtils;
import org.apache.commons.lang3.tuple.Pair;
import java.io.File;
+import java.io.IOException;
+import java.nio.file.FileSystems;
import java.nio.file.Files;
+import java.nio.file.Path;
import java.nio.file.Paths;
+import java.nio.file.attribute.UserPrincipal;
+import java.nio.file.attribute.UserPrincipalLookupService;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -45,23 +50,24 @@ public class TaskExecutionCheckerUtils {
public static void checkTenantExist(WorkerConfig workerConfig,
TaskExecutionContext taskExecutionContext) {
try {
+ String tenantCode = taskExecutionContext.getTenantCode();
boolean osUserExistFlag;
// if Using distributed is true and Currently supported systems
are linux,Should not let it
// automatically
// create tenants,so TenantAutoCreate has no effect
if (workerConfig.isTenantDistributedUser() &&
SystemUtils.IS_OS_LINUX) {
// use the id command to judge in linux
- osUserExistFlag =
OSUtils.existTenantCodeInLinux(taskExecutionContext.getTenantCode());
+ osUserExistFlag = OSUtils.existTenantCodeInLinux(tenantCode);
} else if (OSUtils.isSudoEnable() &&
workerConfig.isTenantAutoCreate()) {
// if not exists this user, then create
-
OSUtils.createUserIfAbsent(taskExecutionContext.getTenantCode());
- osUserExistFlag =
OSUtils.getUserList().contains(taskExecutionContext.getTenantCode());
+ OSUtils.createUserIfAbsent(tenantCode);
+ osUserExistFlag = OSUtils.getUserList().contains(tenantCode);
} else {
- osUserExistFlag =
OSUtils.getUserList().contains(taskExecutionContext.getTenantCode());
+ osUserExistFlag = OSUtils.getUserList().contains(tenantCode);
}
if (!osUserExistFlag) {
throw new TaskException(
- String.format("TenantCode: %s doesn't exist",
taskExecutionContext.getTenantCode()));
+ String.format("TenantCode: %s doesn't exist",
tenantCode));
}
} catch (TaskException ex) {
throw ex;
@@ -75,13 +81,14 @@ public class TaskExecutionCheckerUtils {
try {
// local execute path
String execLocalPath = FileUtils.getProcessExecDir(
+ taskExecutionContext.getTenantCode(),
taskExecutionContext.getProjectCode(),
taskExecutionContext.getProcessDefineCode(),
taskExecutionContext.getProcessDefineVersion(),
taskExecutionContext.getProcessInstanceId(),
taskExecutionContext.getTaskInstanceId());
taskExecutionContext.setExecutePath(execLocalPath);
- FileUtils.createWorkDirIfAbsent(execLocalPath);
+ createDirectoryWithOwner(Paths.get(execLocalPath),
taskExecutionContext.getTenantCode());
} catch (Throwable ex) {
throw new TaskException("Cannot create process execute dir", ex);
}
@@ -131,4 +138,23 @@ public class TaskExecutionCheckerUtils {
}
}
}
+
+ private static void createDirectoryWithOwner(Path filePath, String tenant)
{
+ if (Files.exists(filePath)) {
+ return;
+ }
+ try {
+ Files.createDirectories(filePath);
+ if (!OSUtils.isSudoEnable()) {
+ // we need to open sudo, then we can change the owner.
+ return;
+ }
+ UserPrincipalLookupService userPrincipalLookupService =
+ FileSystems.getDefault().getUserPrincipalLookupService();
+ UserPrincipal tenantPrincipal =
userPrincipalLookupService.lookupPrincipalByName(tenant);
+ Files.setOwner(filePath, tenantPrincipal);
+ } catch (IOException e) {
+ throw new TaskException("Set tenant directory permission failed,
tenant: " + tenant, e);
+ }
+ }
}
