This is an automated email from the ASF dual-hosted git repository.
tanxinyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/master by this push:
new bcce61b [IOTDB-1385] Extract the super user and password to the
config (#3244)
bcce61b is described below
commit bcce61bfbc643fcb7ecaac5df29d92dd705f7912
Author: wangchao316 <[email protected]>
AuthorDate: Fri May 21 17:58:05 2021 +0800
[IOTDB-1385] Extract the super user and password to the config (#3244)
* [IOTDB-1385] Extract the super user and password to the config
Co-authored-by: Potato <[email protected]>
---
.../resources/conf/iotdb-engine.properties | 8 ++++++
.../org/apache/iotdb/db/auth/AuthorityChecker.java | 3 ++-
.../db/auth/authorizer/LocalFileAuthorizer.java | 3 +--
.../iotdb/db/auth/user/BasicUserManager.java | 10 +++++---
.../java/org/apache/iotdb/db/conf/IoTDBConfig.java | 22 +++++++++++++++-
.../org/apache/iotdb/db/conf/IoTDBConstant.java | 2 --
.../org/apache/iotdb/db/conf/IoTDBDescriptor.java | 30 ++++++++--------------
.../auth/authorizer/LocalFileAuthorizerTest.java | 4 +--
.../db/auth/user/LocalFileUserManagerTest.java | 4 +--
9 files changed, 52 insertions(+), 34 deletions(-)
diff --git a/server/src/assembly/resources/conf/iotdb-engine.properties
b/server/src/assembly/resources/conf/iotdb-engine.properties
index fb87a99..38f1455 100644
--- a/server/src/assembly/resources/conf/iotdb-engine.properties
+++ b/server/src/assembly/resources/conf/iotdb-engine.properties
@@ -831,3 +831,11 @@ timestamp_precision=ms
# time range for partitioning data inside each storage group, the unit is
second
# Datatype: long
# partition_interval=604800
+
+# admin username, default is root
+# Datatype: string
+# admin_name=root
+
+# admin password, default is root
+# Datatype: string
+# admin_password=root
diff --git
a/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
b/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
index 34766d1..4ea4a8e 100644
--- a/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
+++ b/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
@@ -22,6 +22,7 @@ import org.apache.iotdb.db.auth.authorizer.BasicAuthorizer;
import org.apache.iotdb.db.auth.authorizer.IAuthorizer;
import org.apache.iotdb.db.auth.entity.PrivilegeType;
import org.apache.iotdb.db.conf.IoTDBConstant;
+import org.apache.iotdb.db.conf.IoTDBDescriptor;
import org.apache.iotdb.db.metadata.PartialPath;
import org.apache.iotdb.db.qp.logical.Operator;
@@ -32,7 +33,7 @@ import java.util.List;
public class AuthorityChecker {
- private static final String SUPER_USER = IoTDBConstant.ADMIN_NAME;
+ private static final String SUPER_USER =
IoTDBDescriptor.getInstance().getConfig().getAdminName();
private static final Logger logger =
LoggerFactory.getLogger(AuthorityChecker.class);
private AuthorityChecker() {}
diff --git
a/server/src/main/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizer.java
b/server/src/main/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizer.java
index 3032d14..14629a4 100644
---
a/server/src/main/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizer.java
+++
b/server/src/main/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizer.java
@@ -22,7 +22,6 @@ import org.apache.iotdb.db.auth.AuthException;
import org.apache.iotdb.db.auth.role.LocalFileRoleManager;
import org.apache.iotdb.db.auth.user.LocalFileUserManager;
import org.apache.iotdb.db.conf.IoTDBConfig;
-import org.apache.iotdb.db.conf.IoTDBConstant;
import org.apache.iotdb.db.conf.IoTDBDescriptor;
import java.io.File;
@@ -39,6 +38,6 @@ public class LocalFileAuthorizer extends BasicAuthorizer {
@Override
boolean isAdmin(String username) {
- return IoTDBConstant.ADMIN_NAME.equals(username);
+ return config.getAdminName().equals(username);
}
}
diff --git
a/server/src/main/java/org/apache/iotdb/db/auth/user/BasicUserManager.java
b/server/src/main/java/org/apache/iotdb/db/auth/user/BasicUserManager.java
index cc3c372..9a5a261 100644
--- a/server/src/main/java/org/apache/iotdb/db/auth/user/BasicUserManager.java
+++ b/server/src/main/java/org/apache/iotdb/db/auth/user/BasicUserManager.java
@@ -21,7 +21,7 @@ package org.apache.iotdb.db.auth.user;
import org.apache.iotdb.db.auth.AuthException;
import org.apache.iotdb.db.auth.entity.User;
import org.apache.iotdb.db.concurrent.HashLock;
-import org.apache.iotdb.db.conf.IoTDBConstant;
+import org.apache.iotdb.db.conf.IoTDBDescriptor;
import org.apache.iotdb.db.utils.AuthUtils;
import org.slf4j.Logger;
@@ -66,15 +66,17 @@ public abstract class BasicUserManager implements
IUserManager {
private void initAdmin() throws AuthException {
User admin;
try {
- admin = getUser(IoTDBConstant.ADMIN_NAME);
+ admin =
getUser(IoTDBDescriptor.getInstance().getConfig().getAdminName());
} catch (AuthException e) {
logger.warn("Cannot load admin, Creating a new one.", e);
admin = null;
}
if (admin == null) {
- createUser(IoTDBConstant.ADMIN_NAME, IoTDBConstant.ADMIN_PW);
- setUserUseWaterMark(IoTDBConstant.ADMIN_NAME, false);
+ createUser(
+ IoTDBDescriptor.getInstance().getConfig().getAdminName(),
+ IoTDBDescriptor.getInstance().getConfig().getAdminPassword());
+
setUserUseWaterMark(IoTDBDescriptor.getInstance().getConfig().getAdminName(),
false);
}
logger.info("Admin initialized");
}
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
index ee1b9d9..6f9498b 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
@@ -630,7 +630,7 @@ public class IoTDBConfig {
private boolean enablePartialInsert = true;
// Open ID Secret
- private String openIdProviderUrl = null;
+ private String openIdProviderUrl = "";
// the authorizer provider class which extends BasicAuthorizer
private String authorizerProvider =
"org.apache.iotdb.db.auth.authorizer.LocalFileAuthorizer";
@@ -683,6 +683,10 @@ public class IoTDBConfig {
/** the number of virtual storage groups per user-defined storage group */
private int virtualStorageGroupNum = 1;
+ private String adminName = "root";
+
+ private String adminPassword = "root";
+
public IoTDBConfig() {
// empty constructor
}
@@ -2162,4 +2166,20 @@ public class IoTDBConfig {
public void setIoTaskQueueSizeForFlushing(int ioTaskQueueSizeForFlushing) {
this.ioTaskQueueSizeForFlushing = ioTaskQueueSizeForFlushing;
}
+
+ public String getAdminName() {
+ return adminName;
+ }
+
+ public void setAdminName(String adminName) {
+ this.adminName = adminName;
+ }
+
+ public String getAdminPassword() {
+ return adminPassword;
+ }
+
+ public void setAdminPassword(String adminPassword) {
+ this.adminPassword = adminPassword;
+ }
}
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
index f5bba2e..a497437 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
@@ -50,8 +50,6 @@ public class IoTDBConstant {
public static final String PATH_ROOT = "root";
public static final char PATH_SEPARATOR = '.';
- public static final String ADMIN_NAME = "root";
- public static final String ADMIN_PW = "root";
public static final String PROFILE_SUFFIX = ".profile";
public static final String MAX_TIME = "max_time";
public static final String MIN_TIME = "min_time";
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
index cec1321..645a534 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
@@ -596,20 +596,6 @@ public class IoTDBDescriptor {
Long.parseLong(
properties.getProperty("default_ttl",
String.valueOf(conf.getDefaultTTL()))));
- // conf.setEnablePartition(Boolean.parseBoolean(
- // properties.getProperty("enable_partition",
- // String.valueOf(conf.isEnablePartition()))));
-
- // Time range for dividing storage group
- // conf.setPartitionInterval(Long.parseLong(properties
- // .getProperty("partition_interval",
- // String.valueOf(conf.getPartitionInterval()))));
-
- // the num of memtables in each storage group
- // conf.setConcurrentWritingTimePartition(
- //
Integer.parseInt(properties.getProperty("concurrent_writing_time_partition",
- //
String.valueOf(conf.getConcurrentWritingTimePartition()))));
-
conf.setTimeIndexLevel(
properties.getProperty("time_index_level",
String.valueOf(conf.getTimeIndexLevel())));
@@ -701,19 +687,23 @@ public class IoTDBDescriptor {
}
conf.setAuthorizerProvider(
- properties.getProperty(
- "authorizer_provider_class",
- "org.apache.iotdb.db.auth.authorizer.LocalFileAuthorizer"));
+ properties.getProperty("authorizer_provider_class",
conf.getAuthorizerProvider()));
// if using org.apache.iotdb.db.auth.authorizer.OpenIdAuthorizer,
openID_url is needed.
- conf.setOpenIdProviderUrl(properties.getProperty("openID_url", ""));
+ conf.setOpenIdProviderUrl(properties.getProperty("openID_url",
conf.getOpenIdProviderUrl()));
conf.setEnablePartition(
Boolean.parseBoolean(
- properties.getProperty("enable_partition",
conf.isEnablePartition() + "")));
+ properties.getProperty(
+ "enable_partition",
String.valueOf(conf.isEnablePartition()))));
conf.setPartitionInterval(
Long.parseLong(
- properties.getProperty("partition_interval",
conf.getPartitionInterval() + "")));
+ properties.getProperty(
+ "partition_interval",
String.valueOf(conf.getPartitionInterval()))));
+
+ conf.setAdminName(properties.getProperty("admin_name",
conf.getAdminName()));
+
+ conf.setAdminPassword(properties.getProperty("admin_password",
conf.getAdminPassword()));
// At the same time, set TSFileConfig
TSFileDescriptor.getInstance()
diff --git
a/server/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java
b/server/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java
index 5c91f53..237d329 100644
---
a/server/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java
+++
b/server/src/test/java/org/apache/iotdb/db/auth/authorizer/LocalFileAuthorizerTest.java
@@ -21,7 +21,7 @@ package org.apache.iotdb.db.auth.authorizer;
import org.apache.iotdb.db.auth.AuthException;
import org.apache.iotdb.db.auth.entity.Role;
import org.apache.iotdb.db.auth.entity.User;
-import org.apache.iotdb.db.conf.IoTDBConstant;
+import org.apache.iotdb.db.conf.IoTDBDescriptor;
import org.apache.iotdb.db.utils.EnvironmentUtils;
import org.junit.After;
@@ -254,7 +254,7 @@ public class LocalFileAuthorizerTest {
IAuthorizer authorizer = BasicAuthorizer.getInstance();
List<String> userList = authorizer.listAllUsers();
assertEquals(1, userList.size());
- assertEquals(IoTDBConstant.ADMIN_NAME, userList.get(0));
+ assertEquals(IoTDBDescriptor.getInstance().getConfig().getAdminName(),
userList.get(0));
int userCnt = 10;
for (int i = 0; i < userCnt; i++) {
diff --git
a/server/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserManagerTest.java
b/server/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserManagerTest.java
index c5f0bbf..32ef68f 100644
---
a/server/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserManagerTest.java
+++
b/server/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserManagerTest.java
@@ -21,7 +21,7 @@ package org.apache.iotdb.db.auth.user;
import org.apache.iotdb.db.auth.AuthException;
import org.apache.iotdb.db.auth.entity.PathPrivilege;
import org.apache.iotdb.db.auth.entity.User;
-import org.apache.iotdb.db.conf.IoTDBConstant;
+import org.apache.iotdb.db.conf.IoTDBDescriptor;
import org.apache.iotdb.db.constant.TestConstant;
import org.apache.iotdb.db.utils.AuthUtils;
import org.apache.iotdb.db.utils.EnvironmentUtils;
@@ -210,7 +210,7 @@ public class LocalFileUserManagerTest {
// list users
List<String> usernames = manager.listAllUsers();
usernames.sort(null);
- assertEquals(IoTDBConstant.ADMIN_NAME, usernames.get(0));
+ assertEquals(IoTDBDescriptor.getInstance().getConfig().getAdminName(),
usernames.get(0));
for (int i = 0; i < users.length - 1; i++) {
assertEquals(users[i].getName(), usernames.get(i + 1));
}
