This is an automated email from the ASF dual-hosted git repository. littlecui pushed a commit to branch mod in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
commit 84672a3dd52b3d9f40bf15aa6ca591acbc736581 Author: little-cui <[email protected]> AuthorDate: Thu Oct 27 18:44:12 2022 +0800 Change: allow batch create account without password --- go.mod | 3 ++- go.sum | 5 ++++- pkg/util/util.go | 25 +++++++++++++++++++++++++ pkg/util/util_test.go | 6 ++++++ server/service/rbac/account_service.go | 26 ++++++++++++++++++++++++++ server/service/rbac/account_service_test.go | 11 +++++++++-- test/test.go | 3 +-- 7 files changed, 73 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index acb41602..4a9e69e2 100644 --- a/go.mod +++ b/go.mod @@ -18,6 +18,7 @@ require ( github.com/apache/servicecomb-service-center/eventbase v0.0.0-20220120070230-26997eb876ca github.com/beego/beego/v2 v2.0.4 github.com/cheggaaa/pb v1.0.25 + github.com/cloudflare/gokey v0.1.2 github.com/deckarep/golang-set v1.8.0 github.com/elithrar/simple-scrypt v1.3.0 github.com/go-chassis/cari v0.9.0 @@ -58,7 +59,7 @@ require ( go.etcd.io/etcd/client/v3 v3.5.4 go.mongodb.org/mongo-driver v1.5.1 go.uber.org/zap v1.20.0 - golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 + golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba google.golang.org/grpc v1.46.0 google.golang.org/protobuf v1.28.0 diff --git a/go.sum b/go.sum index 01be0afa..397fef82 100644 --- a/go.sum +++ b/go.sum @@ -140,6 +140,8 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMn github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cloudflare/gokey v0.1.2 h1:RHPSa2V3zPAo8ovb3jydCWGbCYKiHcCYmdY0Z0M1nBs= +github.com/cloudflare/gokey v0.1.2/go.mod h1:IImo6Y1N4DFz7+bFWgOkUGXS/2xrdcGIrCCD9M7Dw54= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -909,8 +911,9 @@ golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 h1:71vQrMauZZhcTVK6KdYM+rklehEEwb3E+ZhaE5jrPrE= golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d h1:sK3txAijHtOK88l68nt020reeT1ZdKLIYetKl95FzVY= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= diff --git a/pkg/util/util.go b/pkg/util/util.go index 08b18d61..52551869 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -22,8 +22,21 @@ import ( "runtime" "strings" "unsafe" + + "github.com/cloudflare/gokey" ) +const TypePass = "pass" + +var passwordSpec = &gokey.PasswordSpec{ + Length: 8, + Upper: 1, + Lower: 1, + Digits: 1, + Special: 1, + AllowedSpecial: "-~!@#$%^&*()_=+|<>{}[]", +} + func SafeCloseChan(c chan struct{}) { if c == nil { return @@ -169,3 +182,15 @@ func ToSnake(name string) string { } return buffer.String() } + +func GeneratePassword() (string, error) { + seed, err := gokey.GenerateEncryptedKeySeed(TypePass) + if err != nil { + return "", err + } + pass, err := gokey.GetPass(TypePass, "", seed, passwordSpec) + if err != nil { + return "", err + } + return pass, nil +} diff --git a/pkg/util/util_test.go b/pkg/util/util_test.go index f2f08b69..4950ea5b 100644 --- a/pkg/util/util_test.go +++ b/pkg/util/util_test.go @@ -178,3 +178,9 @@ func TestToSnake(t *testing.T) { }) } } + +func TestGeneratePassword(t *testing.T) { + password, err := GeneratePassword() + assert.NoError(t, err) + assert.Equal(t, 8, len(password), password) +} diff --git a/server/service/rbac/account_service.go b/server/service/rbac/account_service.go index c0aad00f..24a609f0 100644 --- a/server/service/rbac/account_service.go +++ b/server/service/rbac/account_service.go @@ -228,6 +228,11 @@ func BatchCreateAccounts(ctx context.Context, req *rbacmodel.BatchCreateAccounts return nil, discovery.NewError(discovery.ErrInvalidParams, err.Error()) } + err = populateAccounts(req.Accounts) + if err != nil { + return nil, err + } + var resp rbacmodel.BatchCreateAccountsResponse var failed int for _, account := range req.Accounts { @@ -247,3 +252,24 @@ func BatchCreateAccounts(ctx context.Context, req *rbacmodel.BatchCreateAccounts log.Info(fmt.Sprintf("batch create accounts finish, succeed: %d, failed: %d", len(resp.Accounts)-failed, failed)) return &resp, nil } + +func populateAccounts(accounts []*rbacmodel.Account) error { + for _, account := range accounts { + err := populateAccount(account) + if err != nil { + return err + } + } + return nil +} + +func populateAccount(account *rbacmodel.Account) error { + var err error + if len(account.Password) == 0 { + account.Password, err = util.GeneratePassword() + if err != nil { + return discovery.NewError(discovery.ErrInternal, err.Error()) + } + } + return nil +} diff --git a/server/service/rbac/account_service_test.go b/server/service/rbac/account_service_test.go index 6c472c93..1b902375 100644 --- a/server/service/rbac/account_service_test.go +++ b/server/service/rbac/account_service_test.go @@ -257,18 +257,21 @@ func TestBatchCreateAccounts(t *testing.T) { a1 := newAccount("TestBatchCreateAccounts_account_1") a2 := newAccount("TestBatchCreateAccounts_account_no_pwd") a2.Password = "" + a3 := newAccount("TestBatchCreateAccounts_account_invalid_pwd") + a3.Password = "1" defer func() { rbacsvc.DeleteAccount(ctx, "TestBatchCreateAccounts_account_1") rbacsvc.DeleteAccount(ctx, "TestBatchCreateAccounts_account_no_pwd") + rbacsvc.DeleteAccount(ctx, "TestBatchCreateAccounts_account_invalid_pwd") }() resp, err := rbacsvc.BatchCreateAccounts(ctx, &rbac.BatchCreateAccountsRequest{ - Accounts: []*rbac.Account{a1, a2}, + Accounts: []*rbac.Account{a1, a2, a3}, }) assert.NotNil(t, resp) assert.NoError(t, err) - assert.Equal(t, 2, len(resp.Accounts)) + assert.Equal(t, 3, len(resp.Accounts)) item := resp.Accounts[0] assert.Equal(t, "TestBatchCreateAccounts_account_1", item.Name) @@ -276,6 +279,10 @@ func TestBatchCreateAccounts(t *testing.T) { item = resp.Accounts[1] assert.Equal(t, "TestBatchCreateAccounts_account_no_pwd", item.Name) + assert.Nil(t, item.Error) + + item = resp.Accounts[2] + assert.Equal(t, "TestBatchCreateAccounts_account_invalid_pwd", item.Name) assert.NotEmpty(t, item.Code) }) } diff --git a/test/test.go b/test/test.go index e0d04d40..d321ce78 100644 --- a/test/test.go +++ b/test/test.go @@ -22,9 +22,8 @@ import ( "context" "time" - _ "github.com/apache/servicecomb-service-center/syncer/init" - _ "github.com/apache/servicecomb-service-center/server/init" + _ "github.com/apache/servicecomb-service-center/syncer/init" _ "github.com/apache/servicecomb-service-center/syncer/bootstrap"
